Closed balsingh1991 closed 2 years ago
LudovicRousseau
commented
2 years ago Maybe you should finish the work in https://github.com/LudovicRousseau/PyKCS11/pull/93/commits/0137992440443823a6cdd48c6c2b0816bcf008a4 (i.e. add tests) and add only deriveKey() in a first patch.
balsingh1991
commented
2 years ago @LudovicRousseau Can you please help with build issues? A test is failing with CKR_MECHANISM_INVALID with SoftHSMv2. It was working earlier.
LudovicRousseau
commented
2 years ago As I already wrote I will not accept a change using CKM_VENDOR_DEFINED mechanisms.
I propose you to start with a simpler PR with only the addition of deriveKey():
deriveKey() (and the low level modifications) but without DUKPT & ECIEStest/test_derive.pyor something like that.
balsingh1991
commented
2 years ago As I already wrote I will not accept a change using
CKM_VENDOR_DEFINEDmechanisms.I propose you to start with a simpler PR with only the addition of
deriveKey():
- 1 patch to add
deriveKey()(and the low level modifications) but without DUKPT & ECIES- 1 patch to add ECDH key derivation (if not included in the 1st patch)
- 1 patch to add tests in
test/test_derive.pyor something like that.
Fair enough. I'll submit 1 patch of derivekey with ecdh and test. They all should go together. (minus anything vendor defined)
Adds C_DeriveKey() PKCS#11 Support Adds handling of CK_ECDH1_DERIVE_PARAMS struct Adds handling of CK_KEY_DERIVATION_STRING_DATA struct Adds handling of CK_ECIES_PARAMS struct void* parameters such as pSourceData of CK_RSA_PKCS_OAEP_PARAMS
Allows user defined mechanism parameters. void in pParameter can accomodate any type. checking isinstance in deriveKey() is an example how a user can leverage LowLevel.CK_MECHANISM for arbitrary parameters as void here translates to Ckbytelist
Adds test for CKM_ECDH1_DERIVE Adds test for CKM_CONCATENATE_BASE_AND_DATA
Contributors: balsingh baljindersingh.kpt@gmail.com Michał Skalski mskalski@enigma.com.pl