[Softhsm-develop] SOFTHSM-112: PKCS#11 constants conflict for AES and BLOWFISH
Petr Spacek
pspacek at redhat.com
Wed Feb 11 12:24:55 UTC 2015
Hello,
SoftHSM's pkcs11.h has conflicting values for BLOWFISH and AES_KEY_WRAP
algorithms:
823 #define CKM_AES_KEY_WRAP (0x1090)
824 #define CKM_BLOWFISH_KEY_GEN (0x1090)
825 #define CKM_AES_KEY_WRAP_PAD (0x1091)
826 #define CKM_BLOWFISH_CBC (0x1091)
This is apparently a heritage from PKCS#11 2.30.
Current PKCS#11 v2.40 solved this problem by re-numbering AES_KEY_WRAP algorithms:
http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cs01/pkcs11-curr-v2.40-cs01.pdf
#define CKM_BLOWFISH_KEY_GEN 0x00001090
#define CKM_BLOWFISH_CBC 0x00001091
#define CKM_AES_KEY_WRAP 0x00002109
#define CKM_AES_KEY_WRAP_PAD 0x0000210A
Would it be possible to migrate SoftHSM v2 to PKCS#11 v2.40 and thus solve the
conflict by the same renumbering?
I have opened
https://issues.opendnssec.org/browse/SOFTHSM-112
to track this so we do not forget ...
Feel free to rename the issue in JIRA, I have accidentally send it before
filling proper summary/title.
Thank you for your time!
--
Petr Spacek @ Red Hat
More information about the Softhsm-develop
mailing list