[openssl-dev] Bug: digest parameter is rejected
Douglas E Engert
deengert at gmail.com
Mon Sep 18 18:50:11 UTC 2017
Can you also add -pkeyopt rsa_oaep_md:sah256
See crypto/rsa/rsa_pmeth.c pkey_rsa_ctrl_str for the options.
There is also rsa_oaep_label
On 9/18/2017 10:46 AM, Blumenthal, Uri - 0553 - MITLL wrote:
> OpenSSL implementation of OAEP wrongly refuses to set the hash algorithm, preventing one from using SHA-2 family:
>
>
> You'll probably need to pick up master and its -rsa_mgf1_md argument to pkeyutl.
>
> *Thank you – better with “**-pkeyopt rsa_mgf1_md:sha256**”. But still broken – as it affects only the MGF1 setting, but _not_ the hash setting. I’d say it still needs to allow “**-pkeyutl
> digest:xxx**” parameter.***
>
> $ ~/openssl-1.1/bin/openssl version
>
> OpenSSL 1.1.1-dev xx XXX xxxx
>
> $ ~/openssl-1.1/bin/openssl pkeyutl -encrypt -in t1264.dat -out t1264.dat.enc2.oaep -keyform DER -pubin -inkey rsa3072pub.der -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_mgf1_md:sha256
>
> $ yhsm2-tool --decrypt -m RSA-PKCS-OAEP --id 0301 -i t1264.dat.enc2.oaep -o t1264.dat.dec2 --hash-algorithm SHA256
>
> Using slot 0 with a present token (0x0)
>
> Logging in to "YubiHSM".
>
> Please enter User PIN:
>
> Using decrypt algorithm RSA-PKCS-OAEP
>
> *OAEP parameters: hashAlg=SHA256, mgf=MGF1-SHA256*, source_type=0, source_ptr=0x0, source_len=0
>
> *error*: PKCS11 function C_Decrypt failed: rv = CKR_FUNCTION_FAILED (0x6)
>
> Aborting.
>
> $ yhsm2-tool --decrypt -m RSA-PKCS-OAEP --id 0301 -i t1264.dat.enc2.oaep -o t1264.dat.dec2 *--hash-algorithm SHA-1* --mgf MGF1-SHA256
>
> Using slot 0 with a present token (0x0)
>
> Logging in to "YubiHSM".
>
> Please enter User PIN:
>
> Using decrypt algorithm RSA-PKCS-OAEP
>
> *OAEP parameters: hashAlg=SHA-1, mgf=MGF1-SHA256*, source_type=0, source_ptr=0x0, source_len=0
>
> $ cmp t1264.dat t1264.dat.dec2
>
> $
>
>
>
--
Douglas E. Engert <DEEngert at gmail.com>
More information about the openssl-dev
mailing list