[gnutls-devel] [PATCH 0/2] Support for DSA key pairs generating in PKCS #11
Nikos Mavrogiannopoulos
nmav at gnutls.org
Thu Feb 25 17:34:20 CET 2016
On Thu, Feb 25, 2016 at 3:21 PM, Jan Vcelak <jan.vcelak at nic.cz> wrote:
> Hello,
> this patch set adds support for generating DSA key pairs via PKCS#11.
> The former code was incorrectly passing CKA_MODULUS_BITS directy to the
> C_GenerateKeyPair function. However, according to the specification, the
> implementation expects CKA_PRIME, CKA_SUBPRIME, and CKA_BASE attributes.
> The new code uses CKM_DSA_PARAMETER_GEN mechanism for C_GenerateKey to generate
> the DSA parameters to be later used with C_GenerateKeyPair.
> The implementation has been tested with SoftHSM 2.0.
Thank you Jan,
Could you add that test in tests/suite along the other pkcs11 checks?
That would prevent a future breakage especially since DSA keys aren't
widely used.
regards,
Nikos
More information about the Gnutls-devel
mailing list