Hi Mike, On Wed, Apr 21, 2021 at 4:55 PM mike tancsa <m...@sentex.net> wrote:
> On 4/21/2021 12:05 PM, Selva Nair wrote: > > I think that patch is still not applied upstream. I tested softhsm > > using your instructions and it works for TlS 1.3 and PSS -- softhsm2 > > gets request to sign pre-padded PSS data as Raw RSA and it seems to > > handle that. > > > > I can understand some hardware tokens may refuse to sign pre-padded > > data, so we need to find a fix for this. > > > If it would help development efforts, I am happy to donate a couple of > keys to the project. I have an assortment of old (CardOS based) and > new (SafeNet5110 which supports ECC). I would be mailing from Canada, > so ideally anyone close by, but happy to send internationally too. > Thanks for the offer, this could help. Tokens I have are some fairly ancient one's that do not support RSA-PSS nor ECC. Would be good to have some newer tokens. Domestic mail would work for me. Selva
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
