CMS decryption of message with OAEP using Hardware security module

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I have the requirement to decrypt e-mails where RSA-OAEP padding is used. I
use the library openssl-1.0.2k and decrypt with CMS container (CMS_decrypt).
This works very well unless the private key is stored in a Hardware security
module and the cryptographic operation is performed via the PKCS11 engine
from openssl.

When decrypting an email which uses OAEP I got the error message:
  
47235129370352:error:06065064:digital envelope
routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:529:

To analyze the problem I encrypted an clear text using OAEP padding and
setup a decryption function using 
RSA_private_decrypt(). Here I use padding mode "RSA_NO_PADDING" and the
decryption also works with the PKCS11 engine. Unfortunately CMS does not
support setting the padding mode.

For any comments I would be very grateful 

Regards Rudy 



--
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux