[Softhsm-develop] SOFTHSM-112: PKCS#11 constants conflict for AES and BLOWFISH

Petr Spacek pspacek at redhat.com
Wed Feb 11 12:24:55 UTC 2015


SoftHSM's pkcs11.h has conflicting values for BLOWFISH and AES_KEY_WRAP
823 #define CKM_AES_KEY_WRAP (0x1090)
824 #define CKM_BLOWFISH_KEY_GEN (0x1090)
825 #define CKM_AES_KEY_WRAP_PAD (0x1091)
826 #define CKM_BLOWFISH_CBC (0x1091)

This is apparently a heritage from PKCS#11 2.30.

Current PKCS#11 v2.40 solved this problem by re-numbering AES_KEY_WRAP algorithms:

#define CKM_BLOWFISH_KEY_GEN 0x00001090
#define CKM_BLOWFISH_CBC 0x00001091
#define CKM_AES_KEY_WRAP 0x00002109
#define CKM_AES_KEY_WRAP_PAD 0x0000210A

Would it be possible to migrate SoftHSM v2 to PKCS#11 v2.40 and thus solve the
conflict by the same renumbering?

I have opened
to track this so we do not forget ...

Feel free to rename the issue in JIRA, I have accidentally send it before
filling proper summary/title.

Thank you for your time!

Petr Spacek  @  Red Hat

More information about the Softhsm-develop mailing list