Closed varder closed 1 year ago
Mechanism implementation: https://github.com/OP-TEE/optee_os/pull/5647
pkcs11-spec-v3.1-cs01 6.1.23 RSA AES KEY WRAP
The RSA AES key wrap mechanism based on the RSA public-key cryptosystem and the AES key wrap mechanism. It supports single-part key wrapping and key unwrapping.
How to use:
params := &pkcs11.RSAAESKeyWrapParams{ AESKeyBits: 256, OAEPParams: pkcs11.OAEPParams{ HashAlg: pkcs11.CKM_SHA256, MGF: pkcs11.CKG_MGF1_SHA256, SourceType: pkcs11.CKZ_DATA_SPECIFIED, }, } mechanism := []*pkcs11.Mechanism { pkcs11.NewMechanism(pkcs11.CKM_RSA_AES_KEY_WRAP, params) } unwrappedKey, err := ctx.UnwrapKey(session, mechanism, wrappingKeyObj, wrappedKey, unwrappedKeyAttributes)
Hi @miekg, Could you please have a look at the PR
some style stuff, otherwise lgtm
Mechanism implementation: https://github.com/OP-TEE/optee_os/pull/5647
pkcs11-spec-v3.1-cs01 6.1.23 RSA AES KEY WRAP
The RSA AES key wrap mechanism based on the RSA public-key cryptosystem and the AES key wrap mechanism. It supports single-part key wrapping and key unwrapping.
How to use: