In message <1f398e96-a7db-4389-94bd-7f1c1af99...@ll.mit.edu> on Thu, 13 Apr
2017 22:16:49 +, "Blumenthal, Uri - 0553 - MITLL" said:
uri> Does it mean that rsautl is pretty much deprecated, and pkeyutl superseded
it? Or is it still worth bringing it “up to snuff”?
In my very personal opinio
On 4/13/17, 5:58 PM, "openssl-dev on behalf of Richard Levitte"
wrote:
deengert> > uri> $ openssl rsautl -engine pkcs11 -keyform ENGINE -decrypt
-inkey
deengert> >
"pkcs11:manufacturer=piv_II;object=KEY%20MAN%20key;type=private" -oaep
deengert> > -in t256.dat.enc -out t256.dat.dec
In message <006b8116-8aad-18f6-8759-2696ebf38...@gmail.com> on Thu, 13 Apr 2017
16:41:35 -0500, Douglas E Engert said:
deengert>
deengert>
deengert> On 4/13/2017 4:18 PM, Richard Levitte wrote:
deengert> > In message <1ef605ec-d2dd-4d15-a27f-1e1ce7956...@ll.mit.edu> on Thu,
deengert> > 13 Apr
On 4/13/2017 4:18 PM, Richard Levitte wrote:
In message <1ef605ec-d2dd-4d15-a27f-1e1ce7956...@ll.mit.edu> on Thu, 13 Apr 2017 20:55:36
+, "Blumenthal, Uri - 0553 - MITLL" said:
uri> I am trying to use “openssl rsautl” to wrap/unwrap symmetric keys in a
script. Decryption (and encryption
On 4/13/17, 5:18 PM, "Richard Levitte" wrote:
uri> . . . . .
uri> libp11 does not know how to deal with OAEP padding, so it returns an
error.
uri>
uri> Desired solution: in case of “-oaep” pass “RSA_NO_PADDING” to the
engine (aka to libp11), and strip the padding using OpenSSL
In message <1ef605ec-d2dd-4d15-a27f-1e1ce7956...@ll.mit.edu> on Thu, 13 Apr
2017 20:55:36 +, "Blumenthal, Uri - 0553 - MITLL" said:
uri> I am trying to use “openssl rsautl” to wrap/unwrap symmetric keys in a
script. Decryption (and encryption too, but that isn’t relevant) is done using
a t
I am trying to use “openssl rsautl” to wrap/unwrap symmetric keys in a script.
Decryption (and encryption too, but that isn’t relevant) is done using a token
accessible via pkcs11 engine (libp11).
The problem is: “rsautl” appears to assume that if “-oaep” flag is given, then
the engine is going
