[Cryptech Core] libhal / PKCS #11 status
Leif Johansson
leifj at sunet.se
Tue Jun 23 19:32:07 UTC 2015
On 2015-06-23 21:19, Rob Austein wrote:
> Brief update on current status, for those who have not been able to
> infer it from the commit history.
>
> libhal has (apparently, somewhat tested) working implementations of
> AES keywrap, PBKDF2, RSA, HMAC, and the usual hash functions, as well
> as an interface to our CSPRNG. Software bignum support (where needed,
> currently only in the RSA code) comes from libtfm (an aggressively
> open-source package written by Tom St Denis, somewhat easier to read
> than the Eric Young bignum code used by OpenSSL and Cryptlib).
>
> I've rewritten my pkcs11 code to use libhal, and, as of last night,
> the result passes the same basic DNSSEC signer test as the earlier
> (Cryptlib-based) version did.
This sounds to me like a major milestone for us! Really cool!!!
>
> I ended up not using any of Cryptlib's code for libhal, not because
> I've given up on Cryptlib (I haven't) but because the relevant bits of
> Cryptlib are fairly tightly integrated into the rest of Cryptlib (no
> surprise, no blame, that's the mission they were designed to support)
> and it turned out to be simpler get the job I needed done via a
> different path. Will revisit this decision when I get back to
> Cryptlib support (read: when I have time to work on the RPKI signer).
>
> The RSA implementation can use either the ModExp core or the
> equivalent software implementation from libtfm. Obviously we'd prefer
> the former, but the most recent version I have (about a month old) is
> unusably slow with large keys at the moment and I was wasting too much
> time waiting for test runs to complete.
>
> That's where things stand today. There are a few missing bits around
> the edges (eg, the out-of-band code to set initial PINs -- right now
> I'm just whacking magic values directly into the database).
>
> No ECDSA support yet, sorry.
>
> Next step for me unless somebody has a better suggestion is to get
> this code to survive testing by hsmbully. Right now it doesn't get
> very far for silly reasons (C_GetMechanismInfo() NIY), so I'll be
> working on that unless somebody has a better idea.
> _______________________________________________
> Core mailing list
> Core at cryptech.is
> https://lists.cryptech.is/listinfo/core
>
More information about the Core
mailing list