Unable to wrap with RSA key #92
Assignees
Comments
|
There is graphene-pk11 module. It wraps import * as graphene from "graphene-pk11";
const softHsm = graphene.Module.load("/usr/local/lib/softhsm/libsofthsm2.so");
softHsm.initialize();
try {
const slot = softHsm.getSlots(0, true);
const session = slot.open(graphene.SessionFlag.SERIAL_SESSION);
session.login("12345");
// Find the RSA public key
const objects = session.find({
class: graphene.ObjectClass.PUBLIC_KEY,
keyType: graphene.KeyType.RSA,
encrypt: true,
});
if (!objects.length) {
throw new Error("Cannot get RSA public key");
}
const rsaPubKey = objects.items(0).toType<graphene.PublicKey>();
// Generate AES key
const aesKey = session.generateKey(graphene.KeyGenMechanism.AES, {
valueLen: 256 >> 3, // 256bits
encrypt: true,
decrypt: true,
extractable: true, // Should be extractable for wrapping
});
// OAEP params
const rsaOaepMech = {
name: "RSA_PKCS_OAEP",
params: new graphene.RsaOaepParams(graphene.MechanismEnum.SHA1, graphene.RsaMgf.MGF1_SHA1),
}
// Encrypt AES raw data
const enc = session.createCipher(rsaOaepMech, rsaPubKey).once(aesKey.get("value"), Buffer.alloc(4096));
console.log("AES(encrypted):", enc.toString("hex"));
// Wrap AES key
const wrappedKey = session.wrapKey(rsaOaepMech, rsaPubKey, aesKey)
console.log("AES(wrapped):", wrappedKey.toString("hex"));
console.log("success");
} catch (e) {
softHsm.finalize();
softHsm.close();
throw e;
}
softHsm.finalize();
softHsm.close(); |
|
Thanks, that's sorted it - fantastic speedy response! |
|
Unfortunately 'sorted' was short lived. I don't seem able to create anything other than a |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Using SoftHSM I can wrap an AES key using an RSA key using https://github.com/Mastercard/pkcs11-tools e.g:
p11wrap -a pkcs1 -i "5555_AES" -w WrappingOnly
Using pkcs11js (despite iterating over all available Mechanisms) I've been unable to wrap this same key.
The text was updated successfully, but these errors were encountered: