This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

How to use cryptocell so sign data without a hash

In order to implement the standard RSA-PKCS, raw data must be signed with the private key without performing a hash.

All the CRYS functions wants either a HASH as input or want to comute a HASH inthe sign function.

How can I sign (actually encrypt) data with a private key without using a hash

Parents Reply Children
  • Hi,

    The API does not allow not hashing. However, you can try using CRYS_RSA_HASH_NO_HASH_mode or CRYS_RSA_After_HASH_NOT_KNOWN_mode. That is just intended for testing, though. See supported modes here (excluding MD5):

    /*! Defines the enum for the HASH operation mode. */
    typedef enum
    {
    	CRYS_RSA_HASH_MD5_mode  = 0,	/*!< For PKCS1 v1.5 only. The input data will be hashed with MD5 */
    	CRYS_RSA_HASH_SHA1_mode = 1,	/*!< The input data will be hashed with SHA1. */
    	CRYS_RSA_HASH_SHA224_mode = 2,  /*!< The input data will be hashed with SHA224. */
    	CRYS_RSA_HASH_SHA256_mode = 3,  /*!< The input data will be hashed with SHA256. */
    	CRYS_RSA_HASH_SHA384_mode = 4,  /*!< The input data will be hashed with SHA384. */
    	CRYS_RSA_HASH_SHA512_mode = 5,	/*!< The input data will be hashed with SHA512. */
    	CRYS_RSA_After_MD5_mode = 6,		/*!< For PKCS1 v1.5 only. The input data is a digest of MD5 and will not be hashed. */
    	CRYS_RSA_After_SHA1_mode = 7,	/*!< The input data is a digest of SHA1 and will not be hashed. */
    	CRYS_RSA_After_SHA224_mode = 8,	/*!< The input data is a digest of SHA224 and will not be hashed. */
    	CRYS_RSA_After_SHA256_mode = 9,	/*!< The input data is a digest of SHA256 and will not be hashed. */
    	CRYS_RSA_After_SHA384_mode = 10,	/*!< The input data is a digest of SHA384 and will not be hashed. */
    	CRYS_RSA_After_SHA512_mode = 11,	/*!< The input data is a digest of SHA512 and will not be hashed. */
    	CRYS_RSA_After_HASH_NOT_KNOWN_mode = 12,    /*!< \internal used only for PKCS#1 Ver 1.5 - possible to perform verify operation without hash mode input, 
    						the hash mode is derived from the signature.*/
    	CRYS_RSA_HASH_NO_HASH_mode = 13,	/*!< Used for PKCS1 v1.5 Encrypt and Decrypt.*/
    	CRYS_RSA_HASH_NumOfModes,		/*!< Maximal number of hash operations modes. */
    	
    	CRYS_RSA_HASH_OpModeLast  = 0x7FFFFFFF, /*! Reserved.*/
    
    }CRYS_RSA_HASH_OpMode_t;   

    By the way, since I have not seen this request before. Which part of PKCS requires raw data?

  • This is a mechanism from PKCS#11 CKM_RSA_PKCS. Currently it is an OpenSSL command that I am sending to the device.

    "The PKCS #1 v1.5 RSA mechanism, denoted CKM_RSA_PKCS, is a multi-purpose mechanism based on the RSA public-key cryptosystem and the block formats initially defined in PKCS #1 v1.5. It supports single-part encryption and decryption; single-part signatures and verification with and without message recovery; key wrapping; and key unwrapping. This mechanism corresponds only to the part of PKCS #1 v1.5 that involves RSA; it does not compute a message digest or a DigestInfo encoding as specified for the md2withRSAEncryption and md5withRSAEncryption algorithms in PKCS #1 v1.5 .

    This mechanism does not have a parameter.

    This mechanism can wrap and unwrap any secret key of appropriate length. Of course, a particular token may not be able to wrap/unwrap every appropriate-length secret key that it supports. For wrapping, the “input” to the encryption operation is the value of the CKA_VALUE attribute of the key that is wrapped; similarly for unwrapping. The mechanism does not wrap the key type or any other information about the key, except the key length; the application must convey these separately. In particular, the mechanism contributes only the CKA_CLASS and CKA_VALUE (and CKA_VALUE_LEN, if the key has it) attributes to the recovered key during unwrapping; other attributes must be specified in the template."

Related