add path arg to sign

command_set.go

@@ -269,7 +269,21 @@ func (cs *CommandSet) SetPinlessPath(path string) error {
 }
 
 func (cs *CommandSet) Sign(data []byte) (*types.Signature, error) {
-	cmd, err := NewCommandSign(data, P1SignCurrentKey)
+	cmd, err := NewCommandSign(data, P1SignCurrentKey, "")
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := cs.sc.Send(cmd)
+	if err = cs.checkOK(resp, err); err != nil {
+		return nil, err
+	}
+
+	return types.ParseSignature(data, resp.Data)
+}
+
+func (cs *CommandSet) SignWithPath(data []byte, path string) (*types.Signature, error) {
+	cmd, err := NewCommandSign(data, P1SignDerive, path)
 	if err != nil {
 		return nil, err
 	}
@@ -283,7 +297,7 @@ func (cs *CommandSet) Sign(data []byte) (*types.Signature, error) {
 }
 
 func (cs *CommandSet) SignPinless(data []byte) (*types.Signature, error) {
-	cmd, err := NewCommandSign(data, P1SignPinless)
+	cmd, err := NewCommandSign(data, P1SignPinless, "")
 	if err != nil {
 		return nil, err
 	}

commands.go

@@ -270,11 +270,27 @@ func NewCommandSetPinlessPath(pathStr string) (*apdu.Command, error) {
 	), nil
 }
 
-func NewCommandSign(data []byte, p1 uint8) (*apdu.Command, error) {
+func NewCommandSign(data []byte, p1 uint8, pathStr string) (*apdu.Command, error) {
 	if len(data) != 32 {
 		return nil, fmt.Errorf("data length must be 32, got %d", len(data))
 	}
 
+	if p1 == P1SignDerive || p1 == P1SignDeriveAndMakeCurrent {
+		_, path, err := derivationpath.Decode(pathStr)
+		if err != nil {
+			return nil, err
+		}
+
+		pathData := new(bytes.Buffer)
+		for _, segment := range path {
+			if err := binary.Write(pathData, binary.BigEndian, segment); err != nil {
+				return nil, err
+			}
+		}
+
+		data = append(data, pathData.Bytes()...)
+	}
+
 	return apdu.NewCommand(
 		globalplatform.ClaGp,
 		InsSign,