Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sign with RSA_NO_PADDING gets error #485

Open
latal-1 opened this issue Dec 5, 2024 · 1 comment
Open

Sign with RSA_NO_PADDING gets error #485

latal-1 opened this issue Dec 5, 2024 · 1 comment

Comments

@latal-1
Copy link

latal-1 commented Dec 5, 2024

Describe the bug
Missing result = CKR_OK in case CKM_RSA_X_509 in p11prov_sig_set_mechanism. This mechanism does not have a parameter

To Reproduce

EVP_PKEY* keyPair;
EVP_PKEY_CTX *ctx;
unsigned char* data = ...;
size_t dataLen = ...;
unsigned char* signature;
size_t signatureLen;

ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", "provider=pkcs11");
EVP_PKEY_keygen_init(ctx);
EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 1024);
EVP_PKEY_generate(ctx, keyPair);

ctx = EVP_PKEY_CTX_new_from_pkey(NULL, keyPair, "provider=pkcs11");
EVP_PKEY_sign_init(ctx);
EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING);
EVP_PKEY_sign(ctx, signature, &signatureLen, data, dataLen); // ERROR
@simo5
Copy link
Member

simo5 commented Dec 10, 2024

I think we do not support raw RSA operations yet, we should do this and we should also emulate other RSA operations by using the raw RSA op if the token does not support all RSA related mechanisms (like RSA PSS).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants