r the public key.
Valerie
-Original Message-
From: Wei-Jun Wang
Sent: Monday, December 9, 2024 5:07 AM
To: security-dev@openjdk.org
Cc: Valerie Peng ; Martin Balao ;
Daniel Jeliński
Subject: How to get public key from private key in PKCS #11
Hi PKCS #11 gurus,
DHKEM [1] requires a fun
The KEM API has always been using only the private key on the decapsulator side:
Decapsulation, [{\displaystyle k':=\operatorname {Decap} ({\mathit {sk}},c')}] ,
OQS_STATUS (*decaps)(uint8_t *shared_secret, const uint8_t *ciphertext, const
uint8_t *secret_key);
Decap(enc, skR)
int crypto_kem_d
Hi Weijun,
I didn't read the entire RFC, but it looks to me that the Decap
function is run on the receiver side, and needs the receiver's private
and public key, both of which are generated by the receiver. Couldn't
our implementation of Decap take the key pair instead of taking the
secret key alon
BTW, while I still cannot find a PKCS #11 function to get the public key, I
have a workaround now inside JDK. Please confirm if this is correct.
It looks like there are 3 cases in SunPKCS11 where a P11PrivateKey is created:
1. As a part of a newly generated key pair
2. Read from a PKCS11 KeyStor
Hi Martin,
That’s how DH works. Unfortunately, DHKEM is not simply exposing DH in KEM API.
Its decapsulation function is defined as [1]
def Decap(enc, skR):
pkE = DeserializePublicKey(enc)
dh = DH(skR, pkE)
pkRm = SerializePublicKey(pk(skR))
kem_context = concat(enc, pkRm)
shared_se
Hi Weijun,
I am not familiar to this algorithm but the typical key-exchange APIs
let you generate a key pair first and, when you invoke the secret
encapsulation mechanism, you use your private key + your counter-part
public key. Do you think this could be the case here?
Regards,
Martin.-
O
So are you suggesting there is no such a way?
I do notice that in NSS’s own HPKE implementation, the receiver needs to
provide both keys [1]:
SECStatus PK11_HPKE_SetupR(HpkeContext *cx, const SECKEYPublicKey *pkR,
SECKEYPrivateKey *skR,
const SECItem *enc, const SECIt
Hi Wei-Jun,
As far as I know, public and private keys are different PKCS#11 objects,
each one with a different CK_OBJECT_HANDLE. See for example how
C_GenerateKeyPair [1] has two output parameters: CK_OBJECT_HANDLE_PTR
phPublicKey amd CK_OBJECT_HANDLE_PTR phPrivateKey.
NSS uses CKA_PUBLIC_KEY_
Daniel suggested CKA_PUBLIC_KEY_INFO but it’s not available in NSS 3.101.
On Dec 9, 2024, at 08:07, Wei-Jun Wang wrote:
Hi PKCS #11 gurus,
DHKEM [1] requires a function
Pk(skX): The KEM public key corresponding to the KEM private key skX.
"The notation pk(skX), depending on its use and the K
Hi PKCS #11 gurus,
DHKEM [1] requires a function
Pk(skX): The KEM public key corresponding to the KEM private key skX.
"The notation pk(skX), depending on its use and the KEM and its implementation,
is either the computation of the public key using the private key, or just
syntax expressing
10 matches
Mail list logo
