mirrors/pico-hsm
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-hsm.git synced 2026-01-17 09:28:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
pico-hsm/doc/asymmetric-ciphering.md
Pol Henarejos 693c890663
Update asymmetric-ciphering.md 
Added OAEP encryption and decryption examples.
2022-03-16 15:13:23 +01:00

2.5 KiB
Raw Blame History

Asymmetric encryption and decryption

Pico HSM supports in place decryption with the following algorithms:

  • RSA-PKCS
  • RSA-X-509
  • RSA-PKCS-OAEP

First, we generate the data:

$ echo "This is a test string. Be safe, be secure." > data

Obtain the public key and convert it to PEM format:

$ pkcs11-tool --read-object --pin 648219 --id 1 --type pubkey > 1.der
$ openssl rsa -inform DER -outform PEM -in 1.der -pubin > 1.pub

At this moment, you are able to verify with the public key in 1.pub. The signature is computed inside the Pico HSM with the private key. It never leaves the device.

RSA-PKCS

This algorithm uses the PKCSv1.5 padding. It is considered deprecated and insecure. First, we encrypt the data with the public key:

$ openssl rsautl -encrypt -inkey 1.pub -in data -pubin -out data.crypt

Then, we decrypt with the private key inside the Pico HSM:

$ pkcs11-tool --id 1 --pin 648219 --decrypt --mechanism RSA-PKCS -i data.crypt
Using slot 0 with a present token (0x0)
Using decrypt algorithm RSA-PKCS
This is a test string. Be safe, be secure.

RSA-X-509

In this algorithm, the data must be padded with a length equal to the size of private key (128, 256, 512 bytes for RSA-1024, RSA-2048 and RSA-4096, respectively).

First, we pad the data. The original data file occupies 29 bytes. Thus, for a 2048 bits key, a padding of 227 bytes is needed:

$ cp data data_pad
$ dd if=/dev/zero bs=1 count=227 >> data_pad

we encrypt the data with the public key:

$ openssl rsautl -encrypt -inkey 1.pub -in data_pad -pubin -out data.crypt -raw

Then, we decrypt with the private key inside the Pico HSM:

$ cat data.crypt|pkcs11-tool --id 4 --pin 648219 --decrypt --mechanism RSA-X-509 
Using slot 0 with a present token (0x0)
Using decrypt algorithm RSA-X-509
This is a test string. Be safe, be secure.

RSA-PKCS-OAEP

This algorithm is defined as PKCSv2.1 and it includes a padding mechanism to avoid garbage. Currently it only supports SHA256.

To encrypt the data:

$ openssl pkeyutl -encrypt -inkey 1.pub -pubin -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 -pkeyopt rsa_mgf1_md:sha256 -in data -out data.crypt

To decrypt with the private key inside the Pico HSM:

$ pkcs11-tool --id 1 --pin 648219 --decrypt --mechanism RSA-PKCS-OAEP -i data.crypt
Using slot 0 with a present token (0x0)
Using decrypt algorithm RSA-PKCS-OAEP
OAEP parameters: hashAlg=SHA256, mgf=MGF1-SHA256, source_type=0, source_ptr=0x0, source_len=0
This is a test string. Be safe, be secure.