Hi Stephen, "Dr. Stephen Henson" <[EMAIL PROTECTED]> writes:
> Well RSA_private_encrypt() despite its name is a signing > operation. There is a PKCS#11 equivalent (C_Sign and the CKM_RSA_PKCS > mechanism) though some tokens don't support it fully but emulate it in > such a way that it only works for a fixed range of digests. Removing the length check in libp11 code that interfaces with OpenSSL corrects the issue, which seems to indicate that the hardware has no problem with the type of hash (i.e. does not verify it). I tested again with blobs of 4, 33 and 88 bytes with both tokens: no pb. > If a token supports it but the PKCS#11 ENGINE has no equivalent that's > an ENGINE implementation issue. I just took some minutes to look at the code and RSA_sign() implementation in libp11 (PKCS11_sign() in p11_ops.c) basically makes a direct PKCS#11 call (C_Sign and CKM_RSA_PKCS) after the hash length check and OID additions when OpenSSL call RSA_private_encrypt(). In libp11, the implementation of RSA_private_encrypt() is an empty shell that simply returns "Not supported". In the end, if I follow your first comment (C_Sign and the CKM_RSA_PKCS mechanism are the PKCS#11 equivalent of RSA_private_encrypt()), I don't see why the PKCS#11 call is not in the implementation of RSA_private_encrypt() in libp11, which would be called by RSA_sign(). I will check that with the libp11 developers and stop the noise on openssl-dev. I'll made a post here at the end of the story. > If the actual token doesn't fully support an RSA_private_encrypt() > equivalent then you are SOL. there is some hope, I think ;-) > Using RSA_sign() with NID_md5_sha1 had the problem that the length is > incorrect which is why you need to disable the length check. This has > some security implications: for example the well publicised exponent 3 > issue. That's what I thought. Thanks for your time and your comments, Cheers, a+ ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
