[Softhsm-develop] CK_RSA_PKCS_OAEP_PARAMS.source question
Petr Spacek
pspacek at redhat.com
Thu Oct 2 12:06:26 UTC 2014
On 28.9.2014 21:33, Rickard Bellgrim wrote:
> On Wed, Sep 24, 2014 at 2:20 PM, Petr Spacek <pspacek at redhat.com> wrote:
>
>> Hello,
>>
>> I'm working on a patch with PKCS #1 RSA OAEP support and I have a question
>> regarding "source" member in CK_RSA_PKCS_OAEP_PARAMS structure.
>>
>> IMHO CK_RSA_PKCS_OAEP_PARAMS.source should always be set to
>> CKZ_DATA_SPECIFIED, i.e. to 0x00000001.
>>
>> Is this correct (I'm looking into pkcs-11v2-30m1-d7.doc page 26)?
>>
>> I'm asking because current code ignores this value completely so I'm
>> trying to determine if it is a bug or intentional decision.
>>
>> Thank you for clarification!
>
>
> Yes, that is correct. I believe that this field was not checked because the
> parameter is not used by the function. If we want to be strict then source
> == CKZ_DATA_SPECIFIED, pSourceData == NULL_PTR, and ulSourceDataLen == 0
> must be set.
Thank you for answer!
I have implemented RSA PKCS OAEP key un/wrapping:
https://github.com/opendnssec/SoftHSMv2/pull/90
This code strictly checks all parameters to prevent confusion in future. The
patch set contains couple new tests for invalid parameter handling so we can
be reasonably sure that it works.
Patch set with support for new OpenSSL AES key un/wrapping APIs will follow.
--
Petr Spacek @ Red Hat
More information about the Softhsm-develop
mailing list