I have a 256 bits HMAC secret injected:
root@raspberrypi:~ # ssscli se05x readidlist
sss :INFO :atr (Len=35)
01 A0 00 00 03 96 04 03 E8 00 FE 02 0B 03 E8 00
01 00 00 00 00 64 13 88 0A 00 65 53 45 30 35 31
00 00 00
sss :WARN :nxEnsure:'ret == SM_OK' failed. At Line:6971 Function:sss_se05x_TXn
sss :WARN :Error in Se05x_API_ReadType. Further use of object may fail
sss :WARN :nxEnsure:'ret == SM_OK' failed. At Line:6971 Function:sss_se05x_TXn
Key-Id: 0Xa12 HMAC Size(Bits): 256
It won't work:
root@raspberrypi:~ # ssscli sign --hashalgo SHA256 a12 input hmac
sss :INFO :atr (Len=35)
01 A0 00 00 03 96 04 03 E8 00 FE 02 0B 03 E8 00
01 00 00 00 00 64 13 88 0A 00 65 53 45 30 35 31
00 00 00
sss :WARN :nxEnsure:'macOperation != kSE05x_MACAlgo_NA' failed. At Line:6489 Function:sss_se05x_mac_one_go
ERROR:sss.symmetric:sss_mac_one_go FAILED
ERROR:sss.sign:Received signature data is empty
ERROR! Could not Sign from KeyID 0x00000A12
the input file:
root@raspberrypi:~ # cat input
1672057238
how do we fix it?
Solved! Go to Solution.
Hi @psvz ,
Looks like ssscli tool just supports HMAC-SHA512 by default, you may refer to the demo of ex_sss_hmac instead.
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
Hi @psvz ,
Please kindly make sure the input file has correct format as required.
Hope that makes sense,
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
@Kan_Li - yes, I can confirm the input file is of binary format:
root@raspberrypi:~ # xxd input
00000000: 3136 3732 3035 3732 3338 0a
Hi @psvz ,
Looks like ssscli tool just supports HMAC-SHA512 by default, you may refer to the demo of ex_sss_hmac instead.
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------