On 4/21/2021 12:05 PM, Selva Nair wrote: > I think that patch is still not applied upstream. I tested softhsm > using your instructions and it works for TlS 1.3 and PSS -- softhsm2 > gets request to sign pre-padded PSS data as Raw RSA and it seems to > handle that. > > I can understand some hardware tokens may refuse to sign pre-padded > data, so we need to find a fix for this. > If it would help development efforts, I am happy to donate a couple of keys to the project. I have an assortment of old (CardOS based) and new (SafeNet5110 which supports ECC). I would be mailing from Canada, so ideally anyone close by, but happy to send internationally too.
---Mike _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
