Software - Desktop/Home side

[Ugljesa Jovanovic]

This thread should contain discussion about supporting software that
would reside on home computer, where the main wallet is kept. This
would preferably be implemented into official bitcoin client, so that
it can recognize, set up, and transfer funds to and from bitcoin card
(to and from the cards wallet actually). Also this software should
perform the card key backup.

[Ugljesa Jovanovic]

I'll start reading the bitcoin client code today, so i can familiarize
myself with it enough to participate in card-side development, but
mostly I will work on desktop side support for our bitcoin card

[Smartcard Guy]

It's very likely this ends up being hooking the client to be able to
use e OpenSSL and Pkcs11 module for the card. I strongly recommend
starting there.

I think this will involve making it possible to refer to a private key
stored outside of the wallet, that would probably be tracking atr,
p11driver, key container in the wallet.

[Ludwig Maes]

just waded through the specification of 2.30 and I see a constant
defined for ECDSA, and reference to SEC1 and SEC2 standard and the
short name EC for elliptic curve is defined in glossary, but further
nothing... in some obscure java page I see PCKS#11 ECDSA curves, but
the 256 bit one is definitely not secp256k1 (a=/=0)

to be honest I do not know if PCKS#11 requires some standard behaviour
on the part of the applet, if so I dont see how we will conditionally
sign while displaying the amount and adress

I have never programmed with PCKS#11 but I had the impression its more
of a suite of cryptographic protocols (in cryptography sense)
implemented with carefully verified padding etc, an out of the box
suite you can install and deploy on javacards such that a computer
knowing your public key can log you in if you enter your SC and PIN.
But really I dont know, just dont see ECDSA stuff, cant imagine myself
forcing me to use a (probably very good quality) crypto suite, if
bitcoin doesnt use the suite (full of its own idiosynchrancies, own
double hashing throw in some RIPEMD because we can, incoherent padding
etc) im not sure it would help. I *would* use this suit in projects
where I have to make/glue code to a PCKS#11 target... in our case we
cant change/dictate the bitcion client to accept PCKS#11 signatures,
so out with the suite. (for completely different project I intend to
use this or similar suite though)

[Smartcard Guy]

I used to run a P11 certification program, its been quite a while but I am confident you can do discrete crypto operations so as long as the card can do the math we need we can use it; I have found a card that meets our need, specifically one from Athena.

 

I have spoken to them about their http://www.athena-scs.com/product.asp?pid=33 card can do the appropriate curve and they have indicated they will likley help if changes are needed to their P11 library to make this work.

 

Even if we had a problem using their P11 library there isnt very much we want the card to do, write the wallet.dat to it and do the eccdsa sign; we could fairly easily construct an OpenSSL module that did that via crafting the right APDUs.

 

Ryan