I'm sorry for no subject in message - fixed
2016-09-30 0:41 GMT+02:00 Michał Skalski <[email protected]>: > Hello > > Attached patch allowing use of PKCS#11 smartcards/tokens which don't > support signing-with-hashing mechanisms. > > By default only plain CKM_RSA_PKCS (and if supported by token also > CKM_ECDSA) mechanism is now used, hashing is done using external > hasher. > > Old behaviour can be restored using > charon.plugins.pkcs11.use_sign_hasher option. > > Code may need tweaking. One possibility is to enable this behaviour > based on supported mechanisms returned by the token, but it seems > unnecessary, as all PKCS#11 tokens supporting signatures with hashing > support also non-hashing version of signature. > > Patch should be applied to the master branch. > > Comments and suggestions are welcome. > > Michał Skalski > > _______________________________________________ > Dev mailing list > [email protected] > https://lists.strongswan.org/mailman/listinfo/dev _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
