hi
i would like to be ablle to add my public key to the opttee via pkcs11. my motivation is that on installing the bsp i will also add public keys that cannot be modified only deleted. I created a public key with openssl
openssl genrsa -aes256 -passout pass:test -out package_update_2048_priv.pem 2048
then created the public key
openssl rsa -in package_update_2048_priv.pem -passin pass:test -pubout -out package_update_2048_pub.pem
but when i tried to add it with pkcs11-tool i get atribure error
pkcs11-tool --module /usr/lib/libckteec.so.0 --login --pin 12345678 --write-object /home/root/package_update_2048_pub.pem --type pubkey --id 12345 --label "My Pub Key 2" --slot 0
Created public key:
warning: PKCS11 function C_GetAttributeValue(MODULUS_BITS) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)
could someone point out what attribute i need to add/change to succeed in adding my public key
thanks
解決済! 解決策の投稿を見る。
thanks for the reply. the manual did not help with solving the problem but i created a certificate (that includes a public key) and the pkcs11-tool was able to write it to the optee. for now its sufficient but in the future i might debug loading a public key and understand what attribute is causing the error
thanks
Hi,
Would recommend to refer to the optee_os/ta/pkcs11/src/object.c at master · OP-TEE/optee_os · GitHub
Also, a reference to the p11tool from Linux User guide.
Regards
Harvey
thanks for the reply. the manual did not help with solving the problem but i created a certificate (that includes a public key) and the pkcs11-tool was able to write it to the optee. for now its sufficient but in the future i might debug loading a public key and understand what attribute is causing the error
thanks