error: argument of type 'CK_RSA_PKCS_PSS_PARAMS' is not iterable

ThalesGroup / pycryptoki

Python interface to SafeNet's PKCS11 library implementation

Apache License 2.0

60 stars 23 forks source link

Closed rosennej closed 1 year ago

rosennej commented 1 year ago

I am trying to use CKM_RSA_PKCS_PSS to sign a message, and get an error argument of type 'CK_RSA_PKCS_PSS_PARAMS' is not iterable.

The code: p = CK_RSA_PKCS_PSS_PARAMS(CKM_SHA256, CKG_MGF1_SHA256, 32) mechanism = Mechanism(mech_type=CKM_RSA_PKCS_PSS, params=p)

    rv, signature = c_sign(session_handle, h_key, buff_to_sign, mechanism)

astraw38 commented 1 year ago

Hi @rosennej - we use native python types as the 'params' to the mechanism here. You can use those like:

mech = Mechanism(mech_type=CKM_RSA_PKCS_PSS, params={"hashAlg": CKM_SHA256, "mgf": CKG_MGF1_SHA256, "usSaltLen": 32})

Alternatively, you can create the mechanism struct manually (and set CK_MECHANISM fields explicitly to p), and pass that into the c_sign call.

rosennej commented 1 year ago

Thanks.