mirror of
https://salsa.debian.org/gnuk-team/gnuk/gnuk.git
synced 2024-09-20 02:40:08 +00:00
3c715bb580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
47 lines
2.0 KiB
Python
47 lines
2.0 KiB
Python
FACTORY_PASSPHRASE_PW1=b"123456"
|
|
FACTORY_PASSPHRASE_PW3=b"12345678"
|
|
KEY_ATTRIBUTES_RSA4K=b"\x01\x10\x00\x00\x20\x00"
|
|
KEY_ATTRIBUTES_RSA2K=b"\x01\x08\x00\x00\x20\x00"
|
|
KEY_ATTRIBUTES_RSA2K_ALT=b"\x01\x08\x00\x00\x11\x00"
|
|
KEY_ATTRIBUTES_ECDH_NISTP256R1=b"\x12\x2a\x86\x48\xce\x3d\x03\x01\x07"
|
|
KEY_ATTRIBUTES_ECDH_NISTP384R1=b"\x12\x2b\x81\x04\x00\x22"
|
|
KEY_ATTRIBUTES_ECDH_NISTP521R1=b"\x12\x2b\x81\x04\x00\x23"
|
|
KEY_ATTRIBUTES_ECDH_BRAINPOOLP256R1=b"\x12\x2b\x24\x03\x03\x02\x08\x01\x01\x07"
|
|
KEY_ATTRIBUTES_ECDH_BRAINPOOLP384R1=b"\x12\x2b\x24\x03\x03\x02\x08\x01\x01\x0b"
|
|
KEY_ATTRIBUTES_ECDH_BRAINPOOLP512R1=b"\x12\x2b\x24\x03\x03\x02\x08\x01\x01\x0d"
|
|
KEY_ATTRIBUTES_ECDSA_NISTP256R1=b"\x13\x2a\x86\x48\xce\x3d\x03\x01\x07"
|
|
KEY_ATTRIBUTES_ECDSA_NISTP384R1=b"\x13\x2b\x81\x04\x00\x22"
|
|
KEY_ATTRIBUTES_ECDSA_NISTP521R1=b"\x13\x2b\x81\x04\x00\x23"
|
|
KEY_ATTRIBUTES_ECDSA_BRAINPOOLP256R1=b"\x13\x2b\x24\x03\x03\x02\x08\x01\x01\x07"
|
|
KEY_ATTRIBUTES_ECDSA_BRAINPOOLP384R1=b"\x13\x2b\x24\x03\x03\x02\x08\x01\x01\x0b"
|
|
KEY_ATTRIBUTES_ECDSA_BRAINPOOLP512R1=b"\x13\x2b\x24\x03\x03\x02\x08\x01\x01\x0d"
|
|
KEY_ATTRIBUTES_CV25519=b"\x12\x2b\x06\x01\x04\x01\x97\x55\x01\x05\x01"
|
|
KEY_ATTRIBUTES_ED25519=b"\x16\x2b\x06\x01\x04\x01\xda\x47\x0f\x01"
|
|
KEY_ATTRIBUTES_ECDH_SECP256K1=b"\x12\x2b\x81\x04\x00\x0a"
|
|
KEY_ATTRIBUTES_ECDSA_SECP256K1=b"\x13\x2b\x81\x04\x00\x0a"
|
|
|
|
def default_key(card, is_for_encr):
|
|
if card.is_gnuk:
|
|
if is_for_encr:
|
|
return KEY_ATTRIBUTES_CV25519
|
|
else:
|
|
return KEY_ATTRIBUTES_ED25519
|
|
else:
|
|
# if is_for_encr:
|
|
# return KEY_ATTRIBUTES_ECDH_BRAINPOOLP512R1
|
|
# else:
|
|
# return KEY_ATTRIBUTES_ECDSA_BRAINPOOLP512R1
|
|
return KEY_ATTRIBUTES_RSA2K
|
|
|
|
def alt_key(card, is_for_encr):
|
|
if card.is_gnuk or card.is_yubikey:
|
|
if is_for_encr:
|
|
return KEY_ATTRIBUTES_ECDH_SECP256K1
|
|
else:
|
|
return KEY_ATTRIBUTES_ECDSA_SECP256K1
|
|
else:
|
|
if is_for_encr:
|
|
return KEY_ATTRIBUTES_ECDH_BRAINPOOLP256R1
|
|
else:
|
|
return KEY_ATTRIBUTES_ECDSA_BRAINPOOLP256R1
|