Basic secp256r1 signature using PRO2


My project is to distribute one ECC private key in a PRO2 token to different users.
The users will be able to sign random data with this private key.
I have the private keys in openssl format

I have 2 main tasks

  • writing the key to a slot and setting pin
  • passing a hash and a pin to key and get a signature

both in windows environnement
writing can be done in command line but signing is C code

I’ve been playing around for a few months, but I could not reach that alone an need help.

How can I write an openssl secp256r1 private key in the token ?
What library can I use in C to sign a hash ?
What parameters from key writing are needed for signing (i.e. slot Id) ?

Thank you for any unblocking clue

Hi Tom!

I would use OpenSC and OpenSC-OpenPGP library/tools for that. Could you tell what have you tried already? Have you seen our documentation, e.g. following link?