search

opendnssec / SoftHSMv2

SoftHSM version 2
http://www.softhsm.org/
Other
740 stars 335 forks source link

Import fails with RSA-PSS keys #721

Open lhazlewood opened 10 months ago

lhazlewood commented 10 months ago

Test:

$ softhsm2-util --version
2.6.1

$ openssl version
OpenSSL 3.1.2 1 Aug 2023 (Library: OpenSSL 3.1.2 1 Aug 2023)

$ softhsm2-util --init-token --free --label rsapsstest --so-pin 1234 --pin 1234
Slot 1 has a free/uninitialized token.
The token has been initialized and is reassigned to slot 456343862

$ openssl genpkey -algorithm RSA-PSS -pkeyopt rsa_keygen_bits:2048 -out rsapss2048.pkcs8.pem

$ softhsm2-util --so-pin 1234 --pin 1234 --token rsapsstest --import rsapss2048.pkcs8.pem --label rsapss2048 --id 0001
Found slot 456343862 with matching token label.
ERROR: Cannot handle this algorithm.

If it helps, I'm using homebrew's distribution on MacOS: https://formulae.brew.sh/formula/softhsm

lhazlewood commented 10 months ago

Same result on Ubuntu 22.0.4.3 LTS using SoftHSM 2.6.1 and OpenSSL 3.0.2.