Open MartijnKooij opened 5 years ago
BramvanPelt
commented
4 years ago Hi all, I have had word that this change is pushed back to december 2020. I have updated my code to switch between modes based on the OIN. Please check that out and update your code.
MartijnKooij
commented
4 years ago Looks like I finally have some time to start on this in the coming weeks. Do you have any updated sample/test data @BramvanPelt so I can add some unit tests to see if this actually works?
MartijnKooij
commented
4 years ago Actually I already found some time to implement it. Could you perhaps have a look at especially the new signature verification implementation in the EcSdsaSignature class @BramvanPelt ? I think it was a pretty straightforward port from your Java implementation but without any test data I am not really confident.
The complete PR is here: #4 the class I could use an extra pair of eyes on is: EcSdsaSignature
MartijnKooij
commented
11 months ago A user of this project just reached out to me indicating that Logius, the company behind the Dutch implementation, is now making a push to actually switch to ECSDSA (users should have switched on Oct 1st already actually).
The final plan appears to be that it's a breaking change, the 2 signatures are not supposed to work side-by-side so the implementation needs some changes and I will bump the major version to indicate this break.
Not sure how many companies are using this, but I'm on it! If anyone has test data (still hoping for you @BramvanPelt ) then please let me know so I can fix the unit tests which I will now have to disable...
FYI this is the reason they cannot co-exist, they gave both implementations the same signature?
MartijnKooij
commented
11 months ago The PR #4 has been updated and it was possible to keep supporting both signatures side-by-side.
BramvanPelt
commented
11 months ago Hello Martijn,
Please note that Logius did more than switch the ECSDSA signature. I have had a patch in the works that also implements this kind of signature, which does not work as there are more changes added to the polymorphic structure. Logius is planning on making this new structure protected source, so I do not have access to any test data. The desired solution by logius is to switch all software to their decryption component which will be updated with new releases and functionality. You can request access to this component using the following web page: https://www.logius.nl/domeinen/toegang/bsnk-pp/documentatie .
Kind Regards
MartijnKooij
commented
11 months ago Thanks for the info Bram.
I do have one user that has provided me with some info and who is testing the feature branch on their acceptance environment. Last I heard is that that was looking good.
Is is correct that / do you know if, Logius still only provides a Java component for decryption? Maybe I'll just ask them what their plans are.
EC-SDSA support is probably required by the end of October. Bram has already implemented this in the Java library.