Wrong encoding of CKA_EC_POINT for Edwards curve kyes using OpenSSL

When exporting a public key that was generated using softhsm, the output data of the attribute CKA_EC_POINT is 34 Bytes instead of 32 Bytes,
The first two bytes seem to correspond to the encoding used for DER encoded `OCTET STRING`.  The pkcs11 spec states:

Attribute | Data type | Meaning
-- | -- | --
CKA_EC_PARAMS1,3 | Byte array | DER-encoding of a Parameters value as defined above
CKA_EC_POINT1,4 | Byte array | DER-encoding of the b-bit public key value in little endian order as defined in RFC 8032

RFC 8032 does not mention a DER encoded `OCTET STRING` but uses the wording octet string to mean a string of octets.

Furthermore, softhsm does not validate the attribute when creating a public key with `C_CreateObject`. Only when using the key to verify a signature, the verification fails.




Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Wrong encoding of CKA_EC_POINT for Edwards curve kyes using OpenSSL #824

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Attribute	Data type	Meaning
CKA_EC_PARAMS1,3	Byte array	DER-encoding of a Parameters value as defined above
CKA_EC_POINT1,4	Byte array	DER-encoding of the b-bit public key value in little endian order as defined in RFC 8032

Wrong encoding of CKA_EC_POINT for Edwards curve kyes using OpenSSL #824

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions