PKCS#11 RSA allows choosing software EME

[reneme]

When enabling set_use_software_padding(bool) the PKCS#11 module won't perform the unpadding. Instead, we let it decrypt a blinded ciphertext in Raw-mode and strip the EME in software afterwards.

Hence, the PKCS#11 module (and all middleware on the way) won't gain knowledge of the decrypted secret value. Note that this might require some refactoring.

@weberph2, does that roughly address your issue? (See #3008)

[codecov-commenter]

Codecov Report

Merging #3034 (ba35a90) into master (7ba63f9) will increase coverage by 0.00%. The diff coverage is 90.47%.

@@           Coverage Diff           @@
##           master    #3034   +/-   ##
=======================================
  Coverage   92.59%   92.59%           
=======================================
  Files         596      596           
  Lines       69791    69805   +14     
  Branches     6616     6617    +1     
=======================================
+ Hits        64623    64638   +15     
+ Misses       5135     5134    -1     
  Partials       33       33           

Impacted Files	Coverage Δ
src/lib/prov/pkcs11/p11_rsa.cpp	91.66% <85.71%> (-0.70%)	:arrow_down:
src/tests/test_pkcs11_high_level.cpp	98.30% <100.00%> (+<0.01%)	:arrow_up:
src/lib/utils/thread_utils/semaphore.cpp	69.23% <0.00%> (-30.77%)	:arrow_down:
src/lib/pubkey/mce/mceliece_key.cpp	84.29% <0.00%> (+1.04%)	:arrow_up:
src/lib/misc/cryptobox/cryptobox.cpp	95.89% <0.00%> (+1.36%)	:arrow_up:
src/lib/asn1/der_enc.cpp	86.33% <0.00%> (+2.48%)	:arrow_up:

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[weberph2]

@reneme Yes, thank you. This would resolve the issue described in #3008.

[neusdan]

Is this pull request still WIP or ready for review? :)

[randombit]

:+1: