On 17/02/2017 15:25, Stephan Mühlstrasser wrote:
Hi,
we use OpenSSL 1.0.2 together with PKCS#11 tokens by plugging methods
into the RSA_METHOD structure that interface with the PKCS#11 token,
and this works fine so far. However, for creating RSA signatures with
PSS padding this strategy doesn't work anymore, because OpenSSL wants
to directly encrypt with the private key in this case, which is not
possible in PKCS#11.
I believe some PKCS#11 tokens can do this by using CKM_RSA_X_509
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
