Am 17.02.17 um 16:09 schrieb Jakob Bohm:
On 17/02/2017 15:25, Stephan Mühlstrasser wrote:
Hi,
we use OpenSSL 1.0.2 together with PKCS#11 tokens by plugging methods
into the RSA_METHOD structure that interface with the PKCS#11 token,
and this works fine so far. However, for creating RSA signatures with
PSS padding this strategy doesn't work anymore, because OpenSSL wants
to directly encrypt with the private key in this case, which is not
possible in PKCS#11.
I believe some PKCS#11 tokens can do this by using CKM_RSA_X_509
How could that work? If I understand the PKCS#11 specification correctly
it is not possible in principle to use private keys for encryption via
the C_EncryptInit() and C_Encrypt() functions, for the following reasons:
1) Private keys are not allowed to have the CKA_ENCRYPT attribute (see
"Table 30, Common Private Key Attributes" in the PKCS#11 specification,
which does not list the CKA_ENCRYPT attribute).
2) For the C_EncryptInit() to succeed the key must have the attribute
CKA_ENCRYPT=true.
From the PKCS#11 documentation of C_EncryptInit():
"The CKA_ENCRYPT attribute of the encryption key, which indicates
whether the key supports encryption, must be CK_TRUE."
--
Stephan
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
