[openssl-users] How to override methods in EVP_PKEY_METHOD structure that is attached to a EVP_PKEY_CTX?

Stephan Mühlstrasser stm at pdflib.com
Fri Feb 17 15:21:21 UTC 2017

Am 17.02.17 um 16:09 schrieb Jakob Bohm:
> On 17/02/2017 15:25, Stephan Mühlstrasser wrote:
>> Hi,
>> we use OpenSSL 1.0.2 together with PKCS#11 tokens by plugging methods
>> into the RSA_METHOD structure that interface with the PKCS#11 token,
>> and this works fine so far. However, for creating RSA signatures with
>> PSS padding this strategy doesn't work anymore, because OpenSSL wants
>> to directly encrypt with the private key in this case, which is not
>> possible in PKCS#11.
> I believe some PKCS#11 tokens can do this by using CKM_RSA_X_509

How could that work? If I understand the PKCS#11 specification correctly 
it is not possible in principle to use private keys for encryption via 
the C_EncryptInit() and C_Encrypt() functions, for the following reasons:

1) Private keys are not allowed to have the CKA_ENCRYPT attribute (see 
"Table 30, Common Private Key Attributes" in the PKCS#11 specification, 
which does not list the CKA_ENCRYPT attribute).

2) For the C_EncryptInit() to succeed the key must have the attribute 

 From the PKCS#11 documentation of C_EncryptInit():

"The CKA_ENCRYPT attribute of the encryption key, which indicates 
whether the key supports encryption, must be CK_TRUE."


More information about the openssl-users mailing list