diff --git a/command_set.go b/command_set.go index 234f55f..5fbd5b2 100644 --- a/command_set.go +++ b/command_set.go @@ -269,7 +269,21 @@ func (cs *CommandSet) SetPinlessPath(path string) error { } func (cs *CommandSet) Sign(data []byte) (*types.Signature, error) { - cmd, err := NewCommandSign(data, P1SignCurrentKey) + cmd, err := NewCommandSign(data, P1SignCurrentKey, "") + if err != nil { + return nil, err + } + + resp, err := cs.sc.Send(cmd) + if err = cs.checkOK(resp, err); err != nil { + return nil, err + } + + return types.ParseSignature(data, resp.Data) +} + +func (cs *CommandSet) SignWithPath(data []byte, path string) (*types.Signature, error) { + cmd, err := NewCommandSign(data, P1SignDerive, path) if err != nil { return nil, err } @@ -283,7 +297,7 @@ func (cs *CommandSet) Sign(data []byte) (*types.Signature, error) { } func (cs *CommandSet) SignPinless(data []byte) (*types.Signature, error) { - cmd, err := NewCommandSign(data, P1SignPinless) + cmd, err := NewCommandSign(data, P1SignPinless, "") if err != nil { return nil, err } diff --git a/commands.go b/commands.go index 0ed3584..4d5e432 100644 --- a/commands.go +++ b/commands.go @@ -270,11 +270,27 @@ func NewCommandSetPinlessPath(pathStr string) (*apdu.Command, error) { ), nil } -func NewCommandSign(data []byte, p1 uint8) (*apdu.Command, error) { +func NewCommandSign(data []byte, p1 uint8, pathStr string) (*apdu.Command, error) { if len(data) != 32 { return nil, fmt.Errorf("data length must be 32, got %d", len(data)) } + if p1 == P1SignDerive || p1 == P1SignDeriveAndMakeCurrent { + _, path, err := derivationpath.Decode(pathStr) + if err != nil { + return nil, err + } + + pathData := new(bytes.Buffer) + for _, segment := range path { + if err := binary.Write(pathData, binary.BigEndian, segment); err != nil { + return nil, err + } + } + + data = append(data, pathData.Bytes()...) + } + return apdu.NewCommand( globalplatform.ClaGp, InsSign,