On Wed, Jun 25, 2014 at 1:54 PM, Petr Spacek <[email protected]> wrote:
> My understanding is that for step 2 I need something like > CKM_RSA_PKCS_OAEP, right? > > The problem is that C_WrapKey in SoftHSM v2 doesn't support any asymmetric > algorithm for key wrapping. That is the reason why I asked for guidance > while implementing it :-) > > Do you have any specific recommendation on that? > Some guidance: Add more flags to the algorithms: https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/SoftHSM.cpp#L794 https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/SoftHSM.cpp#L814 Add the algorithms to the switch-statements and adjust the code to handle the different algorithms: https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/SoftHSM.cpp#L4792 https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/SoftHSM.cpp#L5066 The AsymmetricAlgorithm class does not support key wrapping. The interface and the subclasses needs to extended. Compare with how it was implemented for SymmetricAlgorithm: https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/crypto/AsymmetricAlgorithm.h https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/crypto/SymmetricAlgorithm.h // Rickard
_______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
