Add ECDSA support, via updated OpenSC pkcs11 engine.

This works on Debian Jessie (8.8) with the jessie-backports version of libengine-pkcs11-openssl: cryptech-alpha 3.0.1496536286 libengine-pkcs11-openssl 0.4.3-1~bpo8+1 opensc 0.14.0-2 openssl 1.0.1t-1+deb8u6 Version dependencies between OpenSSL and OpenSC are an even worse swamp than usual at the moment, due to API changes in OpenSSL 1.1, so it's anybody's guess whether this works on any other platform. YMMV.
author: Rob Austein <sra@hactrn.net> 2017-06-07 15:36:51 -0400
committer: Rob Austein <sra@hactrn.net> 2017-06-07 15:36:51 -0400
commit: b208b2cab51c0fce3d98e8e462b14d07fa3fcc66 (patch)
tree: efcd482cb795a5c0accbb9b9849b7d9f5f35dc11 /README.md
parent: ae322afdec65e7d8c180fa761c0bbb3c682ef5c0 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/README.md b/README.md
index bc647a5..14b80a8 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,12 @@
 
 Packages you need (on Debian Jessie, anyway):
 
-    sudo apt-get install libengine-pkcs11-openssl opensc opensc-pkcs11 cryptech-alpha
+    sudo apt-get install opensc cryptech-alpha
+    sudo apt-get install -t jessie-backports libengine-pkcs11-openssl
+
+We're using the backported version of libengine-pkcs11-openssl because
+we want ECDSA support -- the ancient version that originally shipped
+with Jessie only supported RSA.
 
 General plan here is to use pkcs11-tool to create keys, then use the
 pkcs11 OpenSSL engine and OpenSSL command line tool to do vaguely
author	Rob Austein <sra@hactrn.net>	2017-06-07 15:36:51 -0400
committer	Rob Austein <sra@hactrn.net>	2017-06-07 15:36:51 -0400
commit	b208b2cab51c0fce3d98e8e462b14d07fa3fcc66 (patch)
tree	efcd482cb795a5c0accbb9b9849b7d9f5f35dc11 /README.md
parent	ae322afdec65e7d8c180fa761c0bbb3c682ef5c0 (diff)