Doug Engert
Doug Engert
@frankmorgner this could be your problem too. OK, so the logprintf(pCardData, 7, "SubjectPublicKeyInfo:\n"); may be the wrong comment. It is possible Microsoft may have store a certificate in its cert...
@ugochirico I have submitted a PR #3262 that may fix this problem. You can find the MSI files under the "Checks" look for "continuous-integration/appveyor/pr" and click on details, then under...
In a certificate a pubkey is encoded as a SubjectPublicKeyInfo SPKI, but it looks like in Windows, they strip off the DER and but include the 04|X|Y It looks like...
@ugochirico @frankmorgner I wonder if using EC keys on windows is a policy issue. https://learn.microsoft.com/en-us/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings "Allow ECC certificates to be used for logon and authentication" From 10/29/2024. Running the following...
Running on Windows 10, but this time using the OpenSC minidriver, which produces a md.log and opensc.debug.log. for each of these tests, the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\OpenSC-IDEMIA ID-One PIV/CIV on V8 Device was...
@ugochirico are you making changes to the OpenSC minidriver? Is the BCRYPT_ECCKEY_BLOB code above in the minidriver? I don't see where that is needed in the minidriver. One of the...
BCRYPT_ECCKEY_BLOB https://stackoverflow.com/questions/24251336/import-a-public-key-from-somewhere-else-to-cngkey/45350235#45350235 says: ``` ECCPublicKeyBlob is formatted (for P256) as follows [KEY TYPE (4 bytes)][KEY LENGTH (4 bytes)][PUBLIC KEY (64 bytes)] KEY TYPE in HEX is 45-43-53-31 KEY LENGTH in...
(Minor issue, no space between "CERTIFICATE -----" on both BEGIN and END.) with that OpenSSL parses the certificate, and says: ``` X509v3 Key Usage: critical Digital Signature, Key Encipherment ```...
@ugochirico have a look at https://github.com/OpenSC/OpenSC/issues/3244#issuecomment-2480886802 which may fix your problem, but may need a change if your key actually has both "Digital Signature", "Key Encipherment" rather then having two...
@ugochirico Please see https://github.com/OpenSC/OpenSC/issues/3264 You have only one key and certificate, with `X509v3 Key Usage: critical: Digital Signature, Key Encipherment" "Encipherment" is encryption. ECC keys can not do encryption. ECC...