24 Zář
2021
24 Zář
'21
2:12
I notice that knot 3.1 does not support EdDSA (22519 and 448) when using
softhsm as a PKCS #11 backend. Since this is supported by knot when using
the default cryptographic provider, and also by gnutls 3.6.0 (at least for
the 25519 version) for release 3.6.0 and later, my guess is that this a
limitation in softhsm itself. Could anybody in this forum with the
necessary savvy please confirm (or not) this?
24 Zář
24 Zář
8:46
Hi Luveh,
I just found this command (executed on Fedora 34):
# pkcs11-tool --modul /usr/lib64/pkcs11/libsofthsm2.so -M
Using slot 0 with a present token (0x5069fb60)
Supported mechanisms:
AES-CBC, keySize={16,32}, encrypt, decrypt, wrap
AES-CBC-ENCRYPT-DATA, derive
AES-CBC-PAD, keySize={16,32}, encrypt, decrypt
AES-CMAC, keySize={16,32}, sign, verify
AES-CTR, keySize={16,32}, encrypt, decrypt
AES-ECB, keySize={16,32}, encrypt, decrypt
AES-ECB-ENCRYPT-DATA, derive
AES-GCM, keySize={16,32}, encrypt, decrypt
AES-KEY-GEN, keySize={16,32}, generate
AES-KEY-WRAP, keySize={16,2147483648}, wrap, unwrap
mechtype-0x210A, keySize={1,2147483648}, wrap, unwrap
DES2-KEY-GEN, generate
DES3-CBC, encrypt, decrypt, wrap
DES3-CBC-ENCRYPT-DATA, derive
DES3-CBC-PAD, encrypt, decrypt
DES3-CMAC, sign, verify
DES3-ECB, encrypt, decrypt
DES3-ECB-ENCRYPT-DATA, derive
DES3-KEY-GEN, generate
DES-CBC, encrypt, decrypt, wrap
DES-CBC-ENCRYPT-DATA, derive
DES-CBC-PAD, encrypt, decrypt, wrap
DES-ECB, encrypt, decrypt, wrap
DES-ECB-ENCRYPT-DATA, derive
DES-KEY-GEN, generate
DH-PKCS-DERIVE, keySize={512,10000}, derive
DH-PKCS-KEY-PAIR-GEN, keySize={512,10000}, generate_key_pair
DH-PKCS-PARAMETER-GEN, keySize={512,10000}, generate
DSA, keySize={512,1024}, sign, verify
DSA-KEY-PAIR-GEN, keySize={512,1024}, generate_key_pair
DSA-PARAMETER-GEN, keySize={512,1024}, generate
DSA-SHA1, keySize={512,1024}, sign, verify
DSA-SHA224, keySize={512,1024}, sign, verify
DSA-SHA256, keySize={512,1024}, sign, verify
DSA-SHA384, keySize={512,1024}, sign, verify
DSA-SHA512, keySize={512,1024}, sign, verify
ECDH1-DERIVE, keySize={112,521}, derive
ECDSA, keySize={112,521}, sign, verify, EC F_P, EC OID, EC uncompressed
EC-EDWARDS-KEY-PAIR-GEN, keySize={256,456}, generate_key_pair
ECDSA-KEY-PAIR-GEN, keySize={112,521}, generate_key_pair, EC F_P, EC OID, EC
uncompressed
EDDSA, keySize={256,456}, sign, verify
GENERIC-SECRET-KEY-GEN, keySize={1,2147483648}, generate
MD5, digest
MD5-HMAC, keySize={16,512}, sign, verify
MD5-RSA-PKCS, keySize={512,16384}, sign, verify
RSA-PKCS, keySize={512,16384}, encrypt, decrypt, sign, verify, wrap, unwrap
RSA-PKCS-KEY-PAIR-GEN, keySize={512,16384}, generate_key_pair
RSA-PKCS-OAEP, keySize={512,16384}, encrypt, decrypt, wrap, unwrap
RSA-PKCS-PSS, keySize={512,16384}, sign, verify
RSA-X-509, keySize={512,16384}, encrypt, decrypt, sign, verify
SHA1-RSA-PKCS, keySize={512,16384}, sign, verify
SHA1-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA224, digest
SHA224-HMAC, keySize={28,512}, sign, verify
SHA224-RSA-PKCS, keySize={512,16384}, sign, verify
SHA224-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA256, digest
SHA256-HMAC, keySize={32,512}, sign, verify
SHA256-RSA-PKCS, keySize={512,16384}, sign, verify
SHA256-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA384, digest
SHA384-HMAC, keySize={48,512}, sign, verify
SHA384-RSA-PKCS, keySize={512,16384}, sign, verify
SHA384-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA512, digest
SHA512-HMAC, keySize={64,512}, sign, verify
SHA512-RSA-PKCS, keySize={512,16384}, sign, verify
SHA512-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA-1, digest
SHA-1-HMAC, keySize={20,512}, sign, verify
So it seems EdDSA is supported.
Daniel
On 24. 09. 21 2:12, Luveh Keraph wrote:
I notice that knot 3.1 does not support EdDSA (22519
and 448) when using softhsm as a PKCS #11 backend. Since this is supported by knot when
using the default cryptographic provider, and also by gnutls 3.6.0 (at least for the 25519
version) for release 3.6.0 and later, my guess is that this a limitation in softhsm
itself. Could anybody in this forum with the necessary savvy please confirm (or not)
this?
14:39
Well, the contents of this page:
https://www.knot-dns.cz/docs/3.1/singlehtml/index.html#compatible-pkcs-11-d…
say otherwise, and, when one tries to deal with either of the EdDSA
algorithms under knot 3.1 with softhsm, it does not work.
On Fri, Sep 24, 2021 at 12:46 AM Daniel Salzman <daniel.salzman(a)nic.cz>
wrote:
Hi Luveh,
I just found this command (executed on Fedora 34):
# pkcs11-tool --modul /usr/lib64/pkcs11/libsofthsm2.so -M
Using slot 0 with a present token (0x5069fb60)
Supported mechanisms:
AES-CBC, keySize={16,32}, encrypt, decrypt, wrap
AES-CBC-ENCRYPT-DATA, derive
AES-CBC-PAD, keySize={16,32}, encrypt, decrypt
AES-CMAC, keySize={16,32}, sign, verify
AES-CTR, keySize={16,32}, encrypt, decrypt
AES-ECB, keySize={16,32}, encrypt, decrypt
AES-ECB-ENCRYPT-DATA, derive
AES-GCM, keySize={16,32}, encrypt, decrypt
AES-KEY-GEN, keySize={16,32}, generate
AES-KEY-WRAP, keySize={16,2147483648}, wrap, unwrap
mechtype-0x210A, keySize={1,2147483648}, wrap, unwrap
DES2-KEY-GEN, generate
DES3-CBC, encrypt, decrypt, wrap
DES3-CBC-ENCRYPT-DATA, derive
DES3-CBC-PAD, encrypt, decrypt
DES3-CMAC, sign, verify
DES3-ECB, encrypt, decrypt
DES3-ECB-ENCRYPT-DATA, derive
DES3-KEY-GEN, generate
DES-CBC, encrypt, decrypt, wrap
DES-CBC-ENCRYPT-DATA, derive
DES-CBC-PAD, encrypt, decrypt, wrap
DES-ECB, encrypt, decrypt, wrap
DES-ECB-ENCRYPT-DATA, derive
DES-KEY-GEN, generate
DH-PKCS-DERIVE, keySize={512,10000}, derive
DH-PKCS-KEY-PAIR-GEN, keySize={512,10000}, generate_key_pair
DH-PKCS-PARAMETER-GEN, keySize={512,10000}, generate
DSA, keySize={512,1024}, sign, verify
DSA-KEY-PAIR-GEN, keySize={512,1024}, generate_key_pair
DSA-PARAMETER-GEN, keySize={512,1024}, generate
DSA-SHA1, keySize={512,1024}, sign, verify
DSA-SHA224, keySize={512,1024}, sign, verify
DSA-SHA256, keySize={512,1024}, sign, verify
DSA-SHA384, keySize={512,1024}, sign, verify
DSA-SHA512, keySize={512,1024}, sign, verify
ECDH1-DERIVE, keySize={112,521}, derive
ECDSA, keySize={112,521}, sign, verify, EC F_P, EC OID, EC uncompressed
EC-EDWARDS-KEY-PAIR-GEN, keySize={256,456}, generate_key_pair
ECDSA-KEY-PAIR-GEN, keySize={112,521}, generate_key_pair, EC F_P, EC
OID, EC uncompressed
EDDSA, keySize={256,456}, sign, verify
GENERIC-SECRET-KEY-GEN, keySize={1,2147483648}, generate
MD5, digest
MD5-HMAC, keySize={16,512}, sign, verify
MD5-RSA-PKCS, keySize={512,16384}, sign, verify
RSA-PKCS, keySize={512,16384}, encrypt, decrypt, sign, verify, wrap,
unwrap
RSA-PKCS-KEY-PAIR-GEN, keySize={512,16384}, generate_key_pair
RSA-PKCS-OAEP, keySize={512,16384}, encrypt, decrypt, wrap, unwrap
RSA-PKCS-PSS, keySize={512,16384}, sign, verify
RSA-X-509, keySize={512,16384}, encrypt, decrypt, sign, verify
SHA1-RSA-PKCS, keySize={512,16384}, sign, verify
SHA1-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA224, digest
SHA224-HMAC, keySize={28,512}, sign, verify
SHA224-RSA-PKCS, keySize={512,16384}, sign, verify
SHA224-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA256, digest
SHA256-HMAC, keySize={32,512}, sign, verify
SHA256-RSA-PKCS, keySize={512,16384}, sign, verify
SHA256-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA384, digest
SHA384-HMAC, keySize={48,512}, sign, verify
SHA384-RSA-PKCS, keySize={512,16384}, sign, verify
SHA384-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA512, digest
SHA512-HMAC, keySize={64,512}, sign, verify
SHA512-RSA-PKCS, keySize={512,16384}, sign, verify
SHA512-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA-1, digest
SHA-1-HMAC, keySize={20,512}, sign, verify
So it seems EdDSA is supported.
Daniel
On 24. 09. 21 2:12, Luveh Keraph wrote:
I notice that knot 3.1 does not support EdDSA
(22519 and 448) when using
softhsm as a PKCS #11 backend. Since this is supported
by knot when using
the default cryptographic provider, and also by gnutls 3.6.0 (at least for
the 25519 version) for release 3.6.0 and later, my guess is that this a
limitation in softhsm itself. Could anybody in this forum with the
necessary savvy please confirm (or not) this?
14:52
I expect the algorithm support in SoftHSM depends on the version of the cryptographic
library (OpenSSL). We will try to update the documentation.
Daniel
On 24. 09. 21 14:39, Luveh Keraph wrote:
Well, the contents of this page:
https://www.knot-dns.cz/docs/3.1/singlehtml/index.html#compatible-pkcs-11-d…
<https://www.knot-dns.cz/docs/3.1/singlehtml/index.html#compatible-pkcs-11-devices>
say otherwise, and, when one tries to deal with either of the EdDSA algorithms under
knot 3.1 with softhsm, it does not work.
On Fri, Sep 24, 2021 at 12:46 AM Daniel Salzman <daniel.salzman(a)nic.cz
<mailto:daniel.salzman@nic.cz>> wrote:
Hi Luveh,
I just found this command (executed on Fedora 34):
# pkcs11-tool --modul /usr/lib64/pkcs11/libsofthsm2.so -M
Using slot 0 with a present token (0x5069fb60)
Supported mechanisms:
AES-CBC, keySize={16,32}, encrypt, decrypt, wrap
AES-CBC-ENCRYPT-DATA, derive
AES-CBC-PAD, keySize={16,32}, encrypt, decrypt
AES-CMAC, keySize={16,32}, sign, verify
AES-CTR, keySize={16,32}, encrypt, decrypt
AES-ECB, keySize={16,32}, encrypt, decrypt
AES-ECB-ENCRYPT-DATA, derive
AES-GCM, keySize={16,32}, encrypt, decrypt
AES-KEY-GEN, keySize={16,32}, generate
AES-KEY-WRAP, keySize={16,2147483648}, wrap, unwrap
mechtype-0x210A, keySize={1,2147483648}, wrap, unwrap
DES2-KEY-GEN, generate
DES3-CBC, encrypt, decrypt, wrap
DES3-CBC-ENCRYPT-DATA, derive
DES3-CBC-PAD, encrypt, decrypt
DES3-CMAC, sign, verify
DES3-ECB, encrypt, decrypt
DES3-ECB-ENCRYPT-DATA, derive
DES3-KEY-GEN, generate
DES-CBC, encrypt, decrypt, wrap
DES-CBC-ENCRYPT-DATA, derive
DES-CBC-PAD, encrypt, decrypt, wrap
DES-ECB, encrypt, decrypt, wrap
DES-ECB-ENCRYPT-DATA, derive
DES-KEY-GEN, generate
DH-PKCS-DERIVE, keySize={512,10000}, derive
DH-PKCS-KEY-PAIR-GEN, keySize={512,10000}, generate_key_pair
DH-PKCS-PARAMETER-GEN, keySize={512,10000}, generate
DSA, keySize={512,1024}, sign, verify
DSA-KEY-PAIR-GEN, keySize={512,1024}, generate_key_pair
DSA-PARAMETER-GEN, keySize={512,1024}, generate
DSA-SHA1, keySize={512,1024}, sign, verify
DSA-SHA224, keySize={512,1024}, sign, verify
DSA-SHA256, keySize={512,1024}, sign, verify
DSA-SHA384, keySize={512,1024}, sign, verify
DSA-SHA512, keySize={512,1024}, sign, verify
ECDH1-DERIVE, keySize={112,521}, derive
ECDSA, keySize={112,521}, sign, verify, EC F_P, EC OID, EC uncompressed
EC-EDWARDS-KEY-PAIR-GEN, keySize={256,456}, generate_key_pair
ECDSA-KEY-PAIR-GEN, keySize={112,521}, generate_key_pair, EC F_P, EC OID, EC
uncompressed
EDDSA, keySize={256,456}, sign, verify
GENERIC-SECRET-KEY-GEN, keySize={1,2147483648}, generate
MD5, digest
MD5-HMAC, keySize={16,512}, sign, verify
MD5-RSA-PKCS, keySize={512,16384}, sign, verify
RSA-PKCS, keySize={512,16384}, encrypt, decrypt, sign, verify, wrap, unwrap
RSA-PKCS-KEY-PAIR-GEN, keySize={512,16384}, generate_key_pair
RSA-PKCS-OAEP, keySize={512,16384}, encrypt, decrypt, wrap, unwrap
RSA-PKCS-PSS, keySize={512,16384}, sign, verify
RSA-X-509, keySize={512,16384}, encrypt, decrypt, sign, verify
SHA1-RSA-PKCS, keySize={512,16384}, sign, verify
SHA1-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA224, digest
SHA224-HMAC, keySize={28,512}, sign, verify
SHA224-RSA-PKCS, keySize={512,16384}, sign, verify
SHA224-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA256, digest
SHA256-HMAC, keySize={32,512}, sign, verify
SHA256-RSA-PKCS, keySize={512,16384}, sign, verify
SHA256-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA384, digest
SHA384-HMAC, keySize={48,512}, sign, verify
SHA384-RSA-PKCS, keySize={512,16384}, sign, verify
SHA384-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA512, digest
SHA512-HMAC, keySize={64,512}, sign, verify
SHA512-RSA-PKCS, keySize={512,16384}, sign, verify
SHA512-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA-1, digest
SHA-1-HMAC, keySize={20,512}, sign, verify
So it seems EdDSA is supported.
Daniel
On 24. 09. 21 2:12, Luveh Keraph wrote:
I notice that knot 3.1 does not support EdDSA
(22519 and 448) when using softhsm as a PKCS #11 backend. Since this is supported by knot
when using the default cryptographic provider, and also by gnutls 3.6.0 (at least for the
25519 version) for release 3.6.0 and later, my guess is that this a limitation in softhsm
itself. Could anybody in this forum with the necessary savvy please confirm (or not)
this?
15:16
Thanks. The page that I mentioned does not say anything about openssl,
which may lead one to believe that it is a softhsm issue. Your
clarification on this would be much appreciated.
On Fri, Sep 24, 2021 at 6:52 AM Daniel Salzman <daniel.salzman(a)nic.cz>
wrote:
I expect the algorithm support in SoftHSM depends on
the version of the
cryptographic library (OpenSSL). We will try to update the documentation.
Daniel
On 24. 09. 21 14:39, Luveh Keraph wrote:
Well, the contents of this page:
https://www.knot-dns.cz/docs/3.1/singlehtml/index.html#compatible-pkcs-11-d…
<
https://www.knot-dns.cz/docs/3.1/singlehtml/index.html#compatible-pkcs-11-d…
say otherwise, and, when one tries to deal with either of the EdDSA
algorithms
under knot 3.1 with softhsm, it does not work.
On Fri, Sep 24, 2021 at 12:46 AM Daniel Salzman <daniel.salzman(a)nic.cz
<mailto:daniel.salzman@nic.cz>> wrote:
Hi Luveh,
I just found this command (executed on Fedora 34):
# pkcs11-tool --modul /usr/lib64/pkcs11/libsofthsm2.so -M
Using slot 0 with a present token (0x5069fb60)
Supported mechanisms:
AES-CBC, keySize={16,32}, encrypt, decrypt, wrap
AES-CBC-ENCRYPT-DATA, derive
AES-CBC-PAD, keySize={16,32}, encrypt, decrypt
AES-CMAC, keySize={16,32}, sign, verify
AES-CTR, keySize={16,32}, encrypt, decrypt
AES-ECB, keySize={16,32}, encrypt, decrypt
AES-ECB-ENCRYPT-DATA, derive
AES-GCM, keySize={16,32}, encrypt, decrypt
AES-KEY-GEN, keySize={16,32}, generate
AES-KEY-WRAP, keySize={16,2147483648}, wrap, unwrap
mechtype-0x210A, keySize={1,2147483648}, wrap, unwrap
DES2-KEY-GEN, generate
DES3-CBC, encrypt, decrypt, wrap
DES3-CBC-ENCRYPT-DATA, derive
DES3-CBC-PAD, encrypt, decrypt
DES3-CMAC, sign, verify
DES3-ECB, encrypt, decrypt
DES3-ECB-ENCRYPT-DATA, derive
DES3-KEY-GEN, generate
DES-CBC, encrypt, decrypt, wrap
DES-CBC-ENCRYPT-DATA, derive
DES-CBC-PAD, encrypt, decrypt, wrap
DES-ECB, encrypt, decrypt, wrap
DES-ECB-ENCRYPT-DATA, derive
DES-KEY-GEN, generate
DH-PKCS-DERIVE, keySize={512,10000}, derive
DH-PKCS-KEY-PAIR-GEN, keySize={512,10000}, generate_key_pair
DH-PKCS-PARAMETER-GEN, keySize={512,10000}, generate
DSA, keySize={512,1024}, sign, verify
DSA-KEY-PAIR-GEN, keySize={512,1024}, generate_key_pair
DSA-PARAMETER-GEN, keySize={512,1024}, generate
DSA-SHA1, keySize={512,1024}, sign, verify
DSA-SHA224, keySize={512,1024}, sign, verify
DSA-SHA256, keySize={512,1024}, sign, verify
DSA-SHA384, keySize={512,1024}, sign, verify
DSA-SHA512, keySize={512,1024}, sign, verify
ECDH1-DERIVE, keySize={112,521}, derive
ECDSA, keySize={112,521}, sign, verify, EC F_P, EC OID, EC
uncompressed
EC-EDWARDS-KEY-PAIR-GEN,
keySize={256,456}, generate_key_pair
ECDSA-KEY-PAIR-GEN, keySize={112,521}, generate_key_pair, EC
F_P, EC OID,
EC uncompressed
EDDSA, keySize={256,456}, sign, verify
GENERIC-SECRET-KEY-GEN, keySize={1,2147483648}, generate
MD5, digest
MD5-HMAC, keySize={16,512}, sign, verify
MD5-RSA-PKCS, keySize={512,16384}, sign, verify
RSA-PKCS, keySize={512,16384}, encrypt, decrypt, sign, verify,
wrap,
unwrap
RSA-PKCS-KEY-PAIR-GEN,
keySize={512,16384}, generate_key_pair
RSA-PKCS-OAEP, keySize={512,16384}, encrypt, decrypt, wrap,
unwrap
RSA-PKCS-PSS, keySize={512,16384}, sign,
verify
RSA-X-509, keySize={512,16384}, encrypt, decrypt, sign, verify
SHA1-RSA-PKCS, keySize={512,16384}, sign, verify
SHA1-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA224, digest
SHA224-HMAC, keySize={28,512}, sign, verify
SHA224-RSA-PKCS, keySize={512,16384}, sign, verify
SHA224-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA256, digest
SHA256-HMAC, keySize={32,512}, sign, verify
SHA256-RSA-PKCS, keySize={512,16384}, sign, verify
SHA256-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA384, digest
SHA384-HMAC, keySize={48,512}, sign, verify
SHA384-RSA-PKCS, keySize={512,16384}, sign, verify
SHA384-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA512, digest
SHA512-HMAC, keySize={64,512}, sign, verify
SHA512-RSA-PKCS, keySize={512,16384}, sign, verify
SHA512-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA-1, digest
SHA-1-HMAC, keySize={20,512}, sign, verify
So it seems EdDSA is supported.
Daniel
On 24. 09. 21 2:12, Luveh Keraph wrote:
> I notice that knot 3.1 does not support EdDSA (22519 and 448)
when using
softhsm as a PKCS #11 backend. Since this is supported by knot
when using the default cryptographic provider, and also by gnutls 3.6.0 (at
least for the 25519 version) for release 3.6.0 and later, my guess is that
this a limitation in softhsm itself. Could anybody in this forum with the
necessary savvy please confirm (or not) this?
15:27
Luveh,
Have you tried to execute the pkcs11-tool command? What is your OS (version)? For example,
EdDSA isn't available on Ubuntu 20.04.
Daniel
On 24. 09. 21 15:16, Luveh Keraph wrote:
Thanks. The page that I mentioned does not say
anything about openssl, which may lead one to believe that it is a softhsm issue. Your
clarification on this would be much appreciated.
On Fri, Sep 24, 2021 at 6:52 AM Daniel Salzman <daniel.salzman(a)nic.cz
<mailto:daniel.salzman@nic.cz>> wrote:
I expect the algorithm support in SoftHSM depends on the version of the cryptographic
library (OpenSSL). We will try to update the documentation.
Daniel
On 24. 09. 21 14:39, Luveh Keraph wrote:
Well, the contents of this page:
https://www.knot-dns.cz/docs/3.1/singlehtml/index.html#compatible-pkcs-11-d…
<https://www.knot-dns.cz/docs/3.1/singlehtml/index.html#compatible-pkcs-11-devices>
<https://www.knot-dns.cz/docs/3.1/singlehtml/index.html#compatible-pkcs-11-devices
<https://www.knot-dns.cz/docs/3.1/singlehtml/index.html#compatible-pkcs-11-devices>>
say otherwise, and, when one tries to deal with either of the EdDSA algorithms under
knot 3.1 with softhsm, it does not work.
On Fri, Sep 24, 2021 at 12:46 AM Daniel Salzman <daniel.salzman(a)nic.cz
<mailto:daniel.salzman@nic.cz> <mailto:daniel.salzman@nic.cz
<mailto:daniel.salzman@nic.cz>>> wrote:
Hi Luveh,
I just found this command (executed on Fedora 34):
# pkcs11-tool --modul /usr/lib64/pkcs11/libsofthsm2.so -M
Using slot 0 with a present token (0x5069fb60)
Supported mechanisms:
AES-CBC, keySize={16,32}, encrypt, decrypt, wrap
AES-CBC-ENCRYPT-DATA, derive
AES-CBC-PAD, keySize={16,32}, encrypt, decrypt
AES-CMAC, keySize={16,32}, sign, verify
AES-CTR, keySize={16,32}, encrypt, decrypt
AES-ECB, keySize={16,32}, encrypt, decrypt
AES-ECB-ENCRYPT-DATA, derive
AES-GCM, keySize={16,32}, encrypt, decrypt
AES-KEY-GEN, keySize={16,32}, generate
AES-KEY-WRAP, keySize={16,2147483648}, wrap, unwrap
mechtype-0x210A, keySize={1,2147483648}, wrap, unwrap
DES2-KEY-GEN, generate
DES3-CBC, encrypt, decrypt, wrap
DES3-CBC-ENCRYPT-DATA, derive
DES3-CBC-PAD, encrypt, decrypt
DES3-CMAC, sign, verify
DES3-ECB, encrypt, decrypt
DES3-ECB-ENCRYPT-DATA, derive
DES3-KEY-GEN, generate
DES-CBC, encrypt, decrypt, wrap
DES-CBC-ENCRYPT-DATA, derive
DES-CBC-PAD, encrypt, decrypt, wrap
DES-ECB, encrypt, decrypt, wrap
DES-ECB-ENCRYPT-DATA, derive
DES-KEY-GEN, generate
DH-PKCS-DERIVE, keySize={512,10000}, derive
DH-PKCS-KEY-PAIR-GEN, keySize={512,10000}, generate_key_pair
DH-PKCS-PARAMETER-GEN, keySize={512,10000}, generate
DSA, keySize={512,1024}, sign, verify
DSA-KEY-PAIR-GEN, keySize={512,1024}, generate_key_pair
DSA-PARAMETER-GEN, keySize={512,1024}, generate
DSA-SHA1, keySize={512,1024}, sign, verify
DSA-SHA224, keySize={512,1024}, sign, verify
DSA-SHA256, keySize={512,1024}, sign, verify
DSA-SHA384, keySize={512,1024}, sign, verify
DSA-SHA512, keySize={512,1024}, sign, verify
ECDH1-DERIVE, keySize={112,521}, derive
ECDSA, keySize={112,521}, sign, verify, EC F_P, EC OID, EC uncompressed
EC-EDWARDS-KEY-PAIR-GEN, keySize={256,456}, generate_key_pair
ECDSA-KEY-PAIR-GEN, keySize={112,521}, generate_key_pair, EC F_P, EC OID, EC
uncompressed
EDDSA, keySize={256,456}, sign, verify
GENERIC-SECRET-KEY-GEN, keySize={1,2147483648}, generate
MD5, digest
MD5-HMAC, keySize={16,512}, sign, verify
MD5-RSA-PKCS, keySize={512,16384}, sign, verify
RSA-PKCS, keySize={512,16384}, encrypt, decrypt, sign, verify, wrap, unwrap
RSA-PKCS-KEY-PAIR-GEN, keySize={512,16384}, generate_key_pair
RSA-PKCS-OAEP, keySize={512,16384}, encrypt, decrypt, wrap, unwrap
RSA-PKCS-PSS, keySize={512,16384}, sign, verify
RSA-X-509, keySize={512,16384}, encrypt, decrypt, sign, verify
SHA1-RSA-PKCS, keySize={512,16384}, sign, verify
SHA1-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA224, digest
SHA224-HMAC, keySize={28,512}, sign, verify
SHA224-RSA-PKCS, keySize={512,16384}, sign, verify
SHA224-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA256, digest
SHA256-HMAC, keySize={32,512}, sign, verify
SHA256-RSA-PKCS, keySize={512,16384}, sign, verify
SHA256-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA384, digest
SHA384-HMAC, keySize={48,512}, sign, verify
SHA384-RSA-PKCS, keySize={512,16384}, sign, verify
SHA384-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA512, digest
SHA512-HMAC, keySize={64,512}, sign, verify
SHA512-RSA-PKCS, keySize={512,16384}, sign, verify
SHA512-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
SHA-1, digest
SHA-1-HMAC, keySize={20,512}, sign, verify
So it seems EdDSA is supported.
Daniel
On 24. 09. 21 2:12, Luveh Keraph wrote:
I notice that knot 3.1 does not support EdDSA
(22519 and 448) when using softhsm as a PKCS #11 backend. Since this is supported by knot
when using the default cryptographic provider, and also by gnutls 3.6.0 (at least for the
25519 version) for release 3.6.0 and later, my guess is that this a limitation in softhsm
itself. Could anybody in this forum with the necessary savvy please confirm (or not)
this?
15:54
Running Slackware 14.2, which has OpenSSL 1.0.2u. It does indeed not have
support for EdDSA, which was added to OpenSSL in the 1.1.1 release. The
pkcs11-tool command that you mention confirms the lack of EdDSA support.
It would be nice if you guys could change the PKCS #11 compatibility notes
for 3.1 so that the softhsm column comes with the relevant caveats
concerning the version of the underlying OpenSSL library - as they
currently stand, those notes are misleading.
On Fri, Sep 24, 2021 at 7:27 AM Daniel Salzman <daniel.salzman(a)nic.cz>
wrote:
Luveh,
Have you tried to execute the pkcs11-tool command? What is your OS
(version)? For example, EdDSA isn't available on Ubuntu 20.04.
Daniel
On 24. 09. 21 15:16, Luveh Keraph wrote:
Thanks. The page that I mentioned does not say
anything about openssl,
which may lead one to believe that it is a softhsm issue.
Your
clarification on this would be much appreciated.
On Fri, Sep 24, 2021 at 6:52 AM Daniel Salzman <daniel.salzman(a)nic.cz
<mailto:daniel.salzman@nic.cz>> wrote:
I expect the algorithm support in SoftHSM depends on the version of
the
cryptographic library (OpenSSL). We will try to update the
documentation.
Daniel
On 24. 09. 21 14:39, Luveh Keraph wrote:
> Well, the contents of this page:
>
>
https://www.knot-dns.cz/docs/3.1/singlehtml/index.html#compatible-pkcs-11-d…
<
https://www.knot-dns.cz/docs/3.1/singlehtml/index.html#compatible-pkcs-11-d…
<
https://www.knot-dns.cz/docs/3.1/singlehtml/index.html#compatible-pkcs-11-d…
<
https://www.knot-dns.cz/docs/3.1/singlehtml/index.html#compatible-pkcs-11-d…
>
>
> say otherwise, and, when one tries to deal with either of the
EdDSA
algorithms under knot 3.1 with softhsm, it does not work.
>
>
> On Fri, Sep 24, 2021 at 12:46 AM Daniel Salzman <
daniel.salzman(a)nic.cz <mailto:daniel.salzman@nic.cz> <mailto:
daniel.salzman(a)nic.cz <mailto:daniel.salzman@nic.cz>>> wrote:
>
> Hi Luveh,
>
> I just found this command (executed on Fedora 34):
>
> # pkcs11-tool --modul /usr/lib64/pkcs11/libsofthsm2.so -M
> Using slot 0 with a present token (0x5069fb60)
> Supported mechanisms:
> AES-CBC, keySize={16,32}, encrypt, decrypt, wrap
> AES-CBC-ENCRYPT-DATA, derive
> AES-CBC-PAD, keySize={16,32}, encrypt, decrypt
> AES-CMAC, keySize={16,32}, sign, verify
> AES-CTR, keySize={16,32}, encrypt, decrypt
> AES-ECB, keySize={16,32}, encrypt, decrypt
> AES-ECB-ENCRYPT-DATA, derive
> AES-GCM, keySize={16,32}, encrypt, decrypt
> AES-KEY-GEN, keySize={16,32}, generate
> AES-KEY-WRAP, keySize={16,2147483648}, wrap, unwrap
> mechtype-0x210A, keySize={1,2147483648}, wrap, unwrap
> DES2-KEY-GEN, generate
> DES3-CBC, encrypt, decrypt, wrap
> DES3-CBC-ENCRYPT-DATA, derive
> DES3-CBC-PAD, encrypt, decrypt
> DES3-CMAC, sign, verify
> DES3-ECB, encrypt, decrypt
> DES3-ECB-ENCRYPT-DATA, derive
> DES3-KEY-GEN, generate
> DES-CBC, encrypt, decrypt, wrap
> DES-CBC-ENCRYPT-DATA, derive
> DES-CBC-PAD, encrypt, decrypt, wrap
> DES-ECB, encrypt, decrypt, wrap
> DES-ECB-ENCRYPT-DATA, derive
> DES-KEY-GEN, generate
> DH-PKCS-DERIVE, keySize={512,10000}, derive
> DH-PKCS-KEY-PAIR-GEN, keySize={512,10000},
generate_key_pair
> DH-PKCS-PARAMETER-GEN,
keySize={512,10000}, generate
> DSA, keySize={512,1024}, sign, verify
> DSA-KEY-PAIR-GEN, keySize={512,1024}, generate_key_pair
> DSA-PARAMETER-GEN, keySize={512,1024}, generate
> DSA-SHA1, keySize={512,1024}, sign, verify
> DSA-SHA224, keySize={512,1024}, sign, verify
> DSA-SHA256, keySize={512,1024}, sign, verify
> DSA-SHA384, keySize={512,1024}, sign, verify
> DSA-SHA512, keySize={512,1024}, sign, verify
> ECDH1-DERIVE, keySize={112,521}, derive
> ECDSA, keySize={112,521}, sign, verify, EC F_P, EC OID,
EC
uncompressed
> EC-EDWARDS-KEY-PAIR-GEN,
keySize={256,456},
generate_key_pair
> ECDSA-KEY-PAIR-GEN,
keySize={112,521}, generate_key_pair,
EC F_P, EC OID, EC uncompressed
> EDDSA, keySize={256,456}, sign,
verify
> GENERIC-SECRET-KEY-GEN, keySize={1,2147483648}, generate
> MD5, digest
> MD5-HMAC, keySize={16,512}, sign, verify
> MD5-RSA-PKCS, keySize={512,16384}, sign, verify
> RSA-PKCS, keySize={512,16384}, encrypt, decrypt, sign,
verify,
wrap, unwrap
> RSA-PKCS-KEY-PAIR-GEN,
keySize={512,16384},
generate_key_pair
> RSA-PKCS-OAEP,
keySize={512,16384}, encrypt, decrypt,
wrap, unwrap
> RSA-PKCS-PSS,
keySize={512,16384}, sign, verify
> RSA-X-509, keySize={512,16384}, encrypt, decrypt, sign,
verify
> SHA1-RSA-PKCS,
keySize={512,16384}, sign, verify
> SHA1-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
> SHA224, digest
> SHA224-HMAC, keySize={28,512}, sign, verify
> SHA224-RSA-PKCS, keySize={512,16384}, sign, verify
> SHA224-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
> SHA256, digest
> SHA256-HMAC, keySize={32,512}, sign, verify
> SHA256-RSA-PKCS, keySize={512,16384}, sign, verify
> SHA256-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
> SHA384, digest
> SHA384-HMAC, keySize={48,512}, sign, verify
> SHA384-RSA-PKCS, keySize={512,16384}, sign, verify
> SHA384-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
> SHA512, digest
> SHA512-HMAC, keySize={64,512}, sign, verify
> SHA512-RSA-PKCS, keySize={512,16384}, sign, verify
> SHA512-RSA-PKCS-PSS, keySize={512,16384}, sign, verify
> SHA-1, digest
> SHA-1-HMAC, keySize={20,512}, sign, verify
>
> So it seems EdDSA is supported.
>
> Daniel
>
> On 24. 09. 21 2:12, Luveh Keraph wrote:
> > I notice that knot 3.1 does not support EdDSA (22519 and
448)
when using softhsm as a PKCS #11 backend. Since this is supported by
knot when using the default cryptographic provider, and also by gnutls
3.6.0 (at least for the 25519 version) for release 3.6.0 and later, my
guess is that this a limitation in softhsm itself. Could anybody in this
forum with the necessary savvy please confirm (or not) this?
1185
days inactive
1185
days old
6 comments
2 participants
participants (2)
-
Daniel Salzman -
Luveh Keraph