Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support PKCS11 3.0 #183

Merged
merged 25 commits into from
Jun 19, 2024
Merged

Support PKCS11 3.0 #183

merged 25 commits into from
Jun 19, 2024

Conversation

qpernil
Copy link
Contributor

@qpernil qpernil commented Jun 18, 2021
edited
Loading

PKCS11 3.0 support, and also added ed25519 support, mechanisms for which were added in pkcs11 3.0

@qpernil qpernil force-pushed the pkcs11-3_0 branch 2 times, most recently from d1227c1 to 432dddc Compare June 18, 2021 11:06
@qpernil qpernil marked this pull request as ready for review June 22, 2021 09:20
@qpernil qpernil requested a review from aveenismail June 22, 2021 09:20
@qpernil qpernil self-assigned this Jun 22, 2021
@qpernil qpernil force-pushed the pkcs11-3_0 branch 3 times, most recently from b749973 to 78b71b8 Compare September 20, 2021 08:23
@qpernil qpernil force-pushed the pkcs11-3_0 branch 2 times, most recently from 11c58d9 to 913b3d9 Compare October 8, 2021 12:58
@qpernil qpernil marked this pull request as draft October 12, 2021 18:13
@qpernil
Copy link
Contributor Author

qpernil commented Jul 5, 2022

Adresses #270

@qpernil qpernil force-pushed the pkcs11-3_0 branch 6 times, most recently from 6f7b239 to 2b25889 Compare August 23, 2022 11:17
qpernil and others added 20 commits June 3, 2024 15:47
@qpernil @aveenismail
Added files to be installed
542aa52
@qpernil @aveenismail
Basic PKCS11 3.0 support
bf03494
@qpernil @aveenismail
Make function lists static
8c7d783
@qpernil @aveenismail
Make function lists const
7df7fd7
@qpernil @aveenismail
Refactored C_Login and C_LoginUser
b5ae5f3
@qpernil @aveenismail
Rebase fixes
d9bf622
@qpernil @aveenismail
Rebase changes
09ede45
@qpernil @aveenismail
Support ed25519
11949ee
@qpernil @aveenismail
Fix attributes for ed25519 keys
34526ae
@qpernil @aveenismail
ed25519 keys are considered 255 bits. Refactor getting CKA_EC_POINT s…
078a0ae 
…lightly
@qpernil @aveenismail
pkc11 3.1
6e79dd6
@marcwillert @aveenismail
fix buffer_length check for EdDSA in util_pkcs11.c (#390)
645928a 
Having problems signing with EdDSA on YubiHSM2 via PKCS11.
Getting an 
pkcs11:p11prov_Sign:The size of plaintext input data to a cryptographic operation is invalid (Out of range):interface.gen.c:679:Error returned by C_Sign
error

As I understand the PKCS11 v3.0 spec, the 1024 bit limit (note by "adma" in line 2228) applies only to "ECDSA without hashing" (CKM_ECDSA) as it only processes a hash value.

see: https://docs.oasis-open.org/pkcs11/pkcs11-curr/v3.0/os/pkcs11-curr-v3.0-os.html#_Toc30061189

EdDSA does not have this limit, so the size of "op_info->buffer" should be the limiting factor

see: https://docs.oasis-open.org/pkcs11/pkcs11-curr/v3.0/os/pkcs11-curr-v3.0-os.html#_Toc30061191
@aveenismail
PKCS11: Rebase on current master
ce3834e
@aveenismail
PKCS11: Fix include for older OSs. Githubactions: Fix OpenSSL install…
a8bd9aa 
…ation on MacOS runners
@aveenismail
PKCS11: Compile ED25519 code only when OpenSSL is higher than 1.0. Bu…
abab264 
…ild: Fix Redhat and MacOS builds
@aveenismail
PKCS11: Fix header inclusion in test
c19e753
@aveenismail
PKCS11: Update tests to use PKCS11_3 functionlist. Add test for PKCS1…
77ba6c7 
…1 interfaces
@aveenismail
PKCS11: Remove unnecessary KDF definitions
a676bb4
@aveenismail
PKCS11: Fix PKCS11 interfaces test
49fc533
@aveenismail
PKCS11_3: return CKR_PIN_INCORRECT when logging in with wrong password
ceb6dfa
@qpernil qpernil marked this pull request as ready for review June 19, 2024 13:36
@qpernil qpernil merged commit f17032b into master Jun 19, 2024
81 checks passed
@qpernil qpernil deleted the pkcs11-3_0 branch June 19, 2024 13:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aveenismail aveenismail aveenismail approved these changes

Assignees

@qpernil qpernil

Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@qpernil @aveenismail @marcwillert