-
Notifications
You must be signed in to change notification settings - Fork 337
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ECDSA P-521 support in SoftHSMv2 #205
Comments
I have not tested with P-521, but both Botan and OpenSSL should support it and thus also SoftHSM. Do you have more details from your tests? E.g error logs and library versions. |
I've run into this issue as well. The following diff adds a failing test for secp521r1: |
Running into this as well. Would be great to add support for secp521r1 |
The problem was in the OpenSSL crypto backend for SoftHSM. It could not handle EC points larger than 127 bytes when converting to ASN1 format. Fixed in #231 |
Issue #205: ECDSA P-521 support for OpenSSL and better test coverage.
I think this still an issue in the import key logic in softhsm-util. Agreed that this is not the best practice workflow, but the code is there and should probably either be removed or fixed. Reopen this issue or open another one? |
The issue about ECDSA P-521 via PKCS#11 has been resolved. Fixing ECDSA P-521 in softhsm2-util would be a new, but similar, issue. Could you create one? My guess is that we have to fix this: |
Filed #262! |
Thanks! |
I was testing SoftHSMv2 through PKCS#11 and I found it is working fine for ECDSA algorithms ES256 and ES384 but it is not working for the algorithm ES512 (curve P-521)
Are there any plans for ECDSA with EC P-521 support?
The text was updated successfully, but these errors were encountered: