CKM_DES3_X919_MAC_GENERAL (ANSI X9.19) support

Pkcs11Interop / Pkcs11Interop

Managed .NET wrapper for unmanaged PKCS#11 libraries

Apache License 2.0

260 stars 86 forks source link

CKM_DES3_X919_MAC_GENERAL (ANSI X9.19) support #203

Closed codedius closed 2 years ago

codedius commented 2 years ago

Hi @jariq !

I need to implement ANSI X9.19 (which is equivalent to ISO 9797 algorithm 3, pad method 1) sign/verify but as I see there's no CKM_DES3_X919_MAC_GENERAL (CKM_DES3_RETAIL_MAC) mechanism supported by your lib. Any plans to support that or or maybe you can suggest workarounds?

jariq commented 2 years ago

All methods in Pkcs11Interop API that accepts CKM have also overload that accepts ulong.
If you know ulong value of CKM_DES3_X919_MAC_GENERAL then you should be able to use it.

codedius commented 2 years ago

It works!

Found vendors' codes here (https://github.com/bentonstark/libhsm/blob/master/src/mechtype.cpp). We're using Utimaco CryptoServer Simulator so CKM_DES3_RETAIL_MAC == 0x80000135.

Thanks a lot!