Hi All,
We were able to build NSS-3.49 on Windows and reproduce the issue with the
sample testclient:
java.lang.Exception: Failed to generate RSA key pair on token:
CKR_GENERAL_ERROR
at GenerateKeyPair.main(GenerateKeyPair.java:274)
Caused by: iaik.pkcs.pkcs11.wrapper.PKCS11Exception: CKR_GENERAL_ERROR
at
iaik.pkcs.pkcs11.wrapper.PKCS11Implementation.C_GetAttributeValue(Native
Method)
at
iaik.pkcs.pkcs11.objects.Object.getAttributeValue(Object.java:716)
at iaik.pkcs.pkcs11.objects.Key.readAttributes(Key.java:622)
at
iaik.pkcs.pkcs11.objects.PublicKey.readAttributes(PublicKey.java:398)
at
iaik.pkcs.pkcs11.objects.RSAPublicKey.readAttributes(RSAPublicKey.java:242)
at iaik.pkcs.pkcs11.objects.Object.<init>(Object.java:223)
at iaik.pkcs.pkcs11.objects.Storage.<init>(Storage.java:105)
at iaik.pkcs.pkcs11.objects.Key.<init>(Key.java:321)
at iaik.pkcs.pkcs11.objects.PublicKey.<init>(PublicKey.java:119)
at
iaik.pkcs.pkcs11.objects.RSAPublicKey.<init>(RSAPublicKey.java:96)
at
iaik.pkcs.pkcs11.objects.RSAPublicKey.getInstance(RSAPublicKey.java:118)
at
iaik.pkcs.pkcs11.objects.PublicKey.getInstance(PublicKey.java:156)
at iaik.pkcs.pkcs11.objects.Object.getInstance(Object.java:262)
at iaik.pkcs.pkcs11.Session.generateKeyPair(Session.java:1260)
at demo.pkcs.pkcs11.GenerateKeyPair.main(GenerateKeyPair.java:269)
################################################################################
Below is an excerpt of the sample client that connects to NSS via IAIK
PKCS#11 Wrapper :
public static void main(String[] args) {
String pkcs11NSSPropertiesFilePath = args[0];
Module pkcs11Module = null;
Session session = null;
try {
Properties config = loadKeyPkcs11Config(
pkcs11NSSPropertiesFilePath );
pkcs11Module = initializeModule( config );
session = getSession( config, pkcs11Module );
System.out.println("################################################################################");
System.out.println("Generating new 2048 bit RSA key-pair... ");
String component = "KMRootCA";
int keySize = 2048;
Mechanism keyPairGenerationMechanism =
Mechanism.get(PKCS11Constants.CKM_RSA_PKCS_KEY_PAIR_GEN);
RSAPublicKey rsaPublicKeyTemplate = new RSAPublicKey();
RSAPrivateKey rsaPrivateKeyTemplate = new RSAPrivateKey();
String id = generateId();
rsaPublicKeyTemplate.getId().setByteArrayValue(id.getBytes(StandardCharsets.UTF_8));
rsaPrivateKeyTemplate.getId().setByteArrayValue(id.getBytes(StandardCharsets.UTF_8));
// set the general attributes for the public key
rsaPublicKeyTemplate.getModulusBits().setLongValue(new
Long(keySize));
byte[] publicExponentBytes = { (byte)0x01, (byte)0x00, (byte)0x01
};
rsaPublicKeyTemplate.getPublicExponent().setByteArrayValue(publicExponentBytes);
rsaPublicKeyTemplate.getToken().setBooleanValue(Boolean.TRUE);
rsaPublicKeyTemplate.getLabel().setValue(component.toCharArray());
rsaPublicKeyTemplate.getEncrypt().setBooleanValue(Boolean.TRUE);
rsaPublicKeyTemplate.getWrap().setBooleanValue(Boolean.TRUE);
rsaPublicKeyTemplate.getVerify().setBooleanValue(Boolean.TRUE);
// set the general attributes for the private key
//
rsaPrivateKeyTemplate.getSensitive().setBooleanValue(Boolean.TRUE);
rsaPrivateKeyTemplate.getToken().setBooleanValue(Boolean.TRUE);
rsaPrivateKeyTemplate.getPrivate().setBooleanValue(Boolean.FALSE);
rsaPrivateKeyTemplate.getLabel().setValue(component.toCharArray());
rsaPrivateKeyTemplate.getDecrypt().setBooleanValue(Boolean.TRUE);
rsaPrivateKeyTemplate.getUnwrap().setBooleanValue(Boolean.TRUE);
rsaPrivateKeyTemplate.getSign().setBooleanValue(Boolean.TRUE);
KeyPair generatedKeyPair;
try
{
generatedKeyPair =
session.generateKeyPair(keyPairGenerationMechanism,rsaPublicKeyTemplate,
rsaPrivateKeyTemplate);
}
catch (TokenException e)
{
String msg = "Failed to generate RSA key pair on token: " +
e.getMessage();
throw new Exception( msg, e );
}
......
It looks like when we create token objects as highlighted above, we see the
exception. But, if we modify the code to not create token objects ( as
shown below ) everything looks good. Please note this was not an issue in
3.42.1 NSS version.
rsaPublicKeyTemplate.getToken().setBooleanValue(Boolean.TRUE);
....
rsaPrivateKeyTemplate.getToken().setBooleanValue(Boolean.TRUE);
Output :
################################################################################
Information of Token:
Label: NSS Certificate DB
Manufacturer ID: Mozilla Foundation
Model: NSS 3
Serial Number: 0000000000000000
Random Number Generator: true
Write protected: false
Login required: true
User PIN initialized: true
Restore Key not needed: false
Clock on Token: false
Protected Authentication Path: false
Dual Crypto Operations: true
Token initialized: true
Secondary Authentication: false
User PIN-Count low: false
User PIN final Try: false
User PIN locked: false
User PIN to be changed: false
Security Officer PIN-Count low: false
Security Officer PIN final Try: false
Security Officer PIN locked: false
Security Officer PIN to be changed: false
Maximum Session Count: <effectively infinite>
Session Count: 0
Maximum Read/Write Session Count: <effectively infinite>
Read/Write Session Count: 0
Maximum PIN Length: 500
Minimum PIN Length: 0
Total Public Memory: 1
Free Public Memory: 1
Total Private Memory: 1
Free Private Memory: 1
Hardware Version: 0.00
Firmware Version: 0.00
Time: Sat Nov 29 18:00:00 CST 2
################################################################################
PKCS#11 session login successful
################################################################################
Generating new 2048 bit RSA key-pair...
################################################################################
Output KeyPair...
The public key is
_______________________________________________________________________________
Object Class: Public Key
Token: false
Private: false
Modifiable: true
Label: KMRootCA
Key Type: RSA
ID:
39616130393234332d643635312d343835662d613430632d6164613936343365323434653b31353739353437363034343534
Start Date: <NULL_PTR>
End Date: <NULL_PTR>
Derive: false
Local: false
Key Generation Mechanism: <Attribute not present>
Allowed Mechanisms: <Attribute not present>
Subject (DER, hex): <NULL_PTR>
Encrypt: true
Verify: true
Verify Recover: true
Wrap: true
Trusted: <Attribute not present>
Wrap Template: <Attribute not present>
Modulus (hex):
d5a3c3265e3fa3be258565fab165ac9f694dab04b79eee4e749870a6e0b9251267855fe72aa8bd21fac910336a07cf710a533a7681657e25869260bee261b3b67c7a7706fdb43a50d311213e48a488958c8d77873889fbfa8cbf0b4476ed7cee78aebd195b241da986750f4099d6849b872e2d08953a4ba4c1583ebfcbde614e8601d99c31d384c7ea9735e986f913cf9691b2e6868031999ac01e6a85712a9af94ac589c6c79e7e8246ff8aed45eb46d14c916549a35299a0a7621f45a94d54b0d1fdee80972a514216063aef6f59326a27bf0695f01592a1c7382d1beadf8c81dde13d20b18324ddce62627baa95028a04ddd1a4928cc5a5b4bf0db15fc3d7
Public Exponent (hex): 010001
Modulus Bits (dec): <Attribute not present>
_______________________________________________________________________________
The private key is
_______________________________________________________________________________
Object Class: Private Key
Token: false
Private: true
Modifiable: true
Label: KMRootCA
Key Type: RSA
ID:
39616130393234332d643635312d343835662d613430632d6164613936343365323434653b31353739353437363034343534
Start Date: <NULL_PTR>
End Date: <NULL_PTR>
Derive: false
Local: false
Key Generation Mechanism: <Attribute not present>
Allowed Mechanisms: <Attribute not present>
Subject (DER, hex): <NULL_PTR>
Sensitive: true
Secondary Authentication: <Attribute not present>
Secondary Authentication PIN Flags: <Attribute not present>
Decrypt: true
Sign: true
Sign Recover: true
Unwrap: true
Extractable: true
Always Sensitive: true
Never Extractable: false
Wrap With Trusted: <Attribute not present>
Unwrap Template: <Attribute not present>
Always Authenticate: <Attribute not present>
Modulus (hex):
d5a3c3265e3fa3be258565fab165ac9f694dab04b79eee4e749870a6e0b9251267855fe72aa8bd21fac910336a07cf710a533a7681657e25869260bee261b3b67c7a7706fdb43a50d311213e48a488958c8d77873889fbfa8cbf0b4476ed7cee78aebd195b241da986750f4099d6849b872e2d08953a4ba4c1583ebfcbde614e8601d99c31d384c7ea9735e986f913cf9691b2e6868031999ac01e6a85712a9af94ac589c6c79e7e8246ff8aed45eb46d14c916549a35299a0a7621f45a94d54b0d1fdee80972a514216063aef6f59326a27bf0695f01592a1c7382d1beadf8c81dde13d20b18324ddce62627baa95028a04ddd1a4928cc5a5b4bf0db15fc3d7
Public Exponent (hex): 010001
Private Exponent (hex): <Value is sensitive>
Prime 1 (hex): <Value is sensitive>
Prime 2 (hex): <Value is sensitive>
Exponent 1 (hex): <Value is sensitive>
Exponent 2 (hex): <Value is sensitive>
Coefficient (hex): <Value is sensitive>
_____________________________________________
Would appreciate help ...
Thanks..
Usha
On Tue, Dec 17, 2019 at 11:34 AM <[email protected]> wrote:
> On Monday, December 9, 2019 at 2:58:23 PM UTC-7, Usha Nayak wrote:
> > Any help greatly appreciated.
>
> Hi Usha,
>
> We've talked about this a couple times now and two of us have searched our
> change history without finding any obvious culprits. I think we're going to
> need a minimal case we can run locally to reproduce the issue, and then
> attach a debugger to make any progress. Is that possible to do?
>
> Thanks,
> J.C.
> _______________________________________________
> dev-security mailing list
> [email protected]
> https://lists.mozilla.org/listinfo/dev-security
>
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
