-
-
Notifications
You must be signed in to change notification settings - Fork 34
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CKR_DATA_LEN_RANGE when trying to sign with ECDSA #111
Comments
@chern042 https://github.com/PeculiarVentures/graphene/blob/master/src/crypto/sign.ts#L35-L37 |
I'm using the enum provided:
I'm not exactly sure what you mean by what HSM I use, if it helps I know I am using a SafetNet HSM. |
Have you seen node-webcrypto-p11 module? It's based on |
|
SoftHSM supports CKM_ECDSA only https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/SoftHSM.cpp#L4166 try this code const digest = crypto.session.createDigest("sha256");
digest.update(data);
const hash = digest.final();
// or (depends on message size)
const hash2 = crypto.session.createDigest("sha256").once(data);
const signature = session.createSign(alg,privObj).once(hash); // or hash2 |
I see. It's expecting a 32-byte hashed value. Just a few days ago it would work fine with any data inputted into the sign.update Is there a reason this randomly changed? |
I've got const signer = session.createSign("ECDSA", keys.items(0));
signer.update(Buffer.from("1234567890"));
const signature = signer.final(); But it works with the wrong data (length less than 20 bytes) if I'm using const signature = crypto.session.createSign("ECDSA", keys.items(0)).once("1234567890"); |
Weird, when i set it up like you have it: |
I had some code that would succesfully sign data from an HSM, but for some reason randomly started giving the "CKR_DATA_LEN_RANGE" error on sign.final() even when I switched to a previously working copy.
This crashes when trying to complete sign.final(), giving the error:
The length function returns a length of 8 for this specific hex string when converted to a buffer.
The text was updated successfully, but these errors were encountered: