search

PeculiarVentures / pvpkcs11

pvpkcs11 consists of a input validation library and a set of PKCS#11 implementations that wrap operating system and browser cryptographic implementations.
MIT License
32 stars 7 forks source link

AES padding #11

Closed microshine closed 7 years ago

microshine commented 7 years ago

PKCS#11 has 2 mechanisms CKM_AES_CBC and CKM_AES_CBC_PAD. 1st mechanism doesn't use padding and incoming must be multiple to BLOCK LENGTH (16), otherwise throw CKR_DATA_LEN_RANGE error.

I've got this error for CKM_AES_ECB mechanism with SoftHSM in node-webcrypto-p11. I can resolve this error on webcrypto layer.

node-webcrypto-ossl and webcrypto-liner use padding.

@rmhrisk What should I do for pvpkcs11? Current AES-ECB implementation supports padding and I use CKM_AES-ECB mechanism. Should I add vendor mechanism CKM_AES_ECB_PAD for it?

CKM_AES_ECB_PAD

rmhrisk commented 7 years ago

I think so.

rmhrisk commented 7 years ago

@microshine is this resolved?

microshine commented 7 years ago

yes