search

trussed-dev / trussed

Modern Cryptographic Firmware
https://trussed.dev
Apache License 2.0
408 stars 26 forks source link

Support secp256k1 #172

Closed iameli-streams closed 5 days ago

iameli-streams commented 1 week ago

The NitroKey 3A NFC shop advertises support for Koblitz curves:

Elliptic curves: NIST P-256, P-384, P-521 (secp256r1/prime256v1, secp384r1/prime384v1, secp521r1/prime521v1), Ed25519/Curve25519, Koblitz (192-256 bit), brainpoolP256r1, brainpoolP384r1, brainpoolP512r1

But I bought one and it doesn't work.

pkcs15-init \
  --delete-objects privkey,pubkey \
    --id 01 \
    --store-private-key secp256k1.p12 \
    --format pkcs12 \
    --auth-id 3 \
    --verify-pin \
    --pin 12345678

Using reader with a card: Nitrokey Nitrokey 3 [CCID/ICCD Interface] 00 00
NOTE: couldn't find privkey 01 to delete
NOTE: couldn't find pubkey 01 to delete
Deleted 0 objects
Importing 1 certificates:
  0: /C=US/ST=CA/L=Somewhere/O=Aquareum/CN=Cert Testing
Failed to store private key: Key length/algorithm not supported by card

My understanding is that such support would have to be implemented in this repo, is that right? Could we get support so I don't have to return mine? <3

robin-nitrokey commented 5 days ago

Closing in favor of: https://github.com/Nitrokey/nitrokey-3-firmware/issues/531