On Tue, Jun 4, 2019 at 4:01 PM Martin Townsend <mtownsend1973@xxxxxxxxx> wrote:
>
> Hi,
>
> I'm hoping that someone with knowledge of evmctl is on this list and
> can help. I want to modify evmctl to use a HSM to perform the
> signature generation side of things. My first attempt, which is the
> easiest option, was to just replace
>
> len = RSA_private_encrypt(sizeof(sighash), sighash, sig + sizeof(*hdr)
> + 2, key, RSA_PKCS1_PADDING);
>
> in sign_hash_v2 with a call to C_Encrypt from the Cryptoki API but
> sadly this failed as I think the private key has been marked as not
> being able to encrypt. The call returns
> CKR_KEY_FUNCTION_NOT_PERMITTED. If I try the public key it's encrypts
> happily. I tried setting CKA_ENCRYPT on the private key but, and
> quite rightly, it wouldn't let me.
>
> So the next option is to try and perform the signature generation in
> the HSM which is a bit more involved. Before attempting, I was
> wondering whether this is possible or there is something in the way
> the signatures are generated that means that this just isn't going to
> work? I ask as I see that it prepends the ASN1 encoded message of what
> hash function was used to the actual hash. Would the HSM sign function
> do exactly the same if I use RSA_PKCS1_PADDING?
>
> Many Thanks in advance,
> Martin.
I now have it working. In case anyone else stumbles across this and
wants to do the same thing you can call C_Sign() in the Cryptoki API
and use the CKM_RSA_PKCS mechanism
CK_MECHANISM rsa_mech = {
.mechanism = CKM_RSA_PKCS,
.pParameter = NULL_PTR,
.ulParameterLen = 0
};
With this mechanism the HSM will perform the Padding and encryption
part of the signing but not perform any hash function so in effect
performing the the same as the RSA_private_encrypt call.
-Martin
