<div dir="ltr">On Wed, Jun 25, 2014 at 1:54 PM, Petr Spacek <span dir="ltr"><<a href="mailto:pspacek@redhat.com" target="_blank">pspacek@redhat.com</a>></span> wrote:<div class="gmail_extra"><div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
My understanding is that for step 2 I need something like CKM_RSA_PKCS_OAEP, right?<br>
<br>
The problem is that C_WrapKey in SoftHSM v2 doesn't support any asymmetric algorithm for key wrapping. That is the reason why I asked for guidance while implementing it :-)<br>
<br>
Do you have any specific recommendation on that?<br></blockquote><div><br></div><div>Some guidance:</div><div><br></div><div>Add more flags to the algorithms:</div><div><a href="https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/SoftHSM.cpp#L794">https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/SoftHSM.cpp#L794</a><br>
</div><div><a href="https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/SoftHSM.cpp#L814">https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/SoftHSM.cpp#L814</a><br></div><div><br></div><div>Add the algorithms to the switch-statements and adjust the code to handle the different algorithms:</div>
<div><a href="https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/SoftHSM.cpp#L4792">https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/SoftHSM.cpp#L4792</a><br></div><div><a href="https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/SoftHSM.cpp#L5066">https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/SoftHSM.cpp#L5066</a><br>
</div><div><br></div><div>The AsymmetricAlgorithm class does not support key wrapping. The interface and the subclasses needs to extended. Compare with how it was implemented for SymmetricAlgorithm:</div><div><a href="https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/crypto/AsymmetricAlgorithm.h">https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/crypto/AsymmetricAlgorithm.h</a><br>
</div><div><a href="https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/crypto/SymmetricAlgorithm.h">https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/crypto/SymmetricAlgorithm.h</a><br></div><div><br>
</div><div>// Rickard</div></div></div></div>