Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wrong constants #21

Open
s482dcaw opened this issue Sep 6, 2019 · 2 comments
Open

Wrong constants #21

s482dcaw opened this issue Sep 6, 2019 · 2 comments

Comments

@s482dcaw
Copy link

s482dcaw commented Sep 6, 2019

The constant values
use constant CKM_AES_KEY_WRAP => 0x00001090;
use constant CKM_AES_KEY_WRAP_PAD => 0x00001091;

are wrong. The right ones are:
CKM_AES_KEY_WRAP 0x00002109
CKM_AES_KEY_WRAP_PAD 0x0000210A
@jelu
Copy link
Member

jelu commented Sep 9, 2019

These constants are actually from the pkcs11t.h include file for PKCS #11 V 2.30 - draft 1 (original).

Are you referring to a newer version or do you have a source why these constants are wrong?

@s482dcaw
Copy link
Author

s482dcaw commented Sep 9, 2019

The file:
https://www.cryptsoft.com/pkcs11doc/STANDARD/include/v230/pkcs11t.h
has typos

AES_KEY_WRAP and CKM_BLOWFISH_KEY_GEN have the same value.
CKM_AES_KEY_WRAP_PAD and CKM_BLOWFISH_CBC have the same value.

That was fixed in v 2.40 :
#define CKM_AES_KEY_WRAP 0x00002109UL /* WAS: 0x00001090 /
#define CKM_AES_KEY_WRAP_PAD 0x0000210AUL / WAS: 0x00001091 */

The problem is that software like e.g. softhsm > 2.0 beta have fixed this bug, and Crypt-PKCS11 keeping compatibility with the bugged version, means it's incompatible with newer software.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jelu @s482dcaw