[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [pkcs11] OAEP/PSS and SHA-2
Jakub, Thanks. Yes, the mechanism parameters are my concern. For example does the token support SHA-2 for the mask generation function in OAEP or PSS? The only way to tell is to generate a key pair and call C_SignInit/C_DecryptInit with the value in question and see if it works. Sincerely, Jonathan -----Original Message----- From: pkcs11@lists.oasis-open.org <pkcs11@lists.oasis-open.org> On Behalf Of Jakub Jelen Sent: Tuesday, July 7, 2020 4:38 AM To: Jonathan Schulze-Hewett <schulze-hewett@infoseccorp.com>; pkcs11@lists.oasis-open.org Subject: Re: [pkcs11] OAEP/PSS and SHA-2 On Mon, 2020-07-06 at 18:00 +0000, Jonathan Schulze-Hewett wrote: > I can't find a way to query a token to see if it supports OAEP or PSS > with SHA-2. Am I missing something or is this an item that we should > look at addressing? I see the following mechanism in version 2.4 [1] (and other SHA2 around): CKM_SHA256_RSA_PKCS_PSS There are no corresponding mechanisms for OAEP. But as OAEP is encryption, the pre-hashing does not make sense. On the other hand, if you talk about mechanism parameters, I do not think there is any discovery mechanism at this moment. [1] http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cs01/pkcs11-curr-v2.40-cs01.html#_Toc399398853 Regards, -- Jakub Jelen Senior Software Engineer Security Technologies Red Hat, Inc. --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]