On Monday, January 20, 2020 at 4:22:19 PM UTC-6, Usha Nayak wrote:
> Hi All,
>
> We were able to build NSS-3.49 on Windows and reproduce the issue with the
> sample testclient:
>
> java.lang.Exception: Failed to generate RSA key pair on token:
> CKR_GENERAL_ERROR
>
> at GenerateKeyPair.main(GenerateKeyPair.java:274)
>
> Caused by: iaik.pkcs.pkcs11.wrapper.PKCS11Exception: CKR_GENERAL_ERROR
>
> at
> iaik.pkcs.pkcs11.wrapper.PKCS11Implementation.C_GetAttributeValue(Native
> Method)
>
> at
> iaik.pkcs.pkcs11.objects.Object.getAttributeValue(Object.java:716)
>
> at iaik.pkcs.pkcs11.objects.Key.readAttributes(Key.java:622)
>
> at
> iaik.pkcs.pkcs11.objects.PublicKey.readAttributes(PublicKey.java:398)
>
> at
> iaik.pkcs.pkcs11.objects.RSAPublicKey.readAttributes(RSAPublicKey.java:242)
>
> at iaik.pkcs.pkcs11.objects.Object.<init>(Object.java:223)
>
> at iaik.pkcs.pkcs11.objects.Storage.<init>(Storage.java:105)
>
> at iaik.pkcs.pkcs11.objects.Key.<init>(Key.java:321)
>
> at iaik.pkcs.pkcs11.objects.PublicKey.<init>(PublicKey.java:119)
>
> at
> iaik.pkcs.pkcs11.objects.RSAPublicKey.<init>(RSAPublicKey.java:96)
>
> at
> iaik.pkcs.pkcs11.objects.RSAPublicKey.getInstance(RSAPublicKey.java:118)
>
> at
> iaik.pkcs.pkcs11.objects.PublicKey.getInstance(PublicKey.java:156)
>
> at iaik.pkcs.pkcs11.objects.Object.getInstance(Object.java:262)
>
> at iaik.pkcs.pkcs11.Session.generateKeyPair(Session.java:1260)
>
> at demo.pkcs.pkcs11.GenerateKeyPair.main(GenerateKeyPair.java:269)
>
> ################################################################################
>
>
>
> Below is an excerpt of the sample client that connects to NSS via IAIK
> PKCS#11 Wrapper :
>
>
> public static void main(String[] args) {
>
>
> String pkcs11NSSPropertiesFilePath = args[0];
>
> Module pkcs11Module = null;
> Session session = null;
>
> try {
>
> Properties config = loadKeyPkcs11Config(
> pkcs11NSSPropertiesFilePath );
> pkcs11Module = initializeModule( config );
> session = getSession( config, pkcs11Module );
>
>
>
> System.out.println("################################################################################");
> System.out.println("Generating new 2048 bit RSA key-pair... ");
>
> String component = "KMRootCA";
> int keySize = 2048;
>
> Mechanism keyPairGenerationMechanism =
> Mechanism.get(PKCS11Constants.CKM_RSA_PKCS_KEY_PAIR_GEN);
>
> RSAPublicKey rsaPublicKeyTemplate = new RSAPublicKey();
> RSAPrivateKey rsaPrivateKeyTemplate = new RSAPrivateKey();
>
> String id = generateId();
>
> rsaPublicKeyTemplate.getId().setByteArrayValue(id.getBytes(StandardCharsets.UTF_8));
>
> rsaPrivateKeyTemplate.getId().setByteArrayValue(id.getBytes(StandardCharsets.UTF_8));
>
> // set the general attributes for the public key
> rsaPublicKeyTemplate.getModulusBits().setLongValue(new
> Long(keySize));
> byte[] publicExponentBytes = { (byte)0x01, (byte)0x00, (byte)0x01
> };
>
> rsaPublicKeyTemplate.getPublicExponent().setByteArrayValue(publicExponentBytes);
> rsaPublicKeyTemplate.getToken().setBooleanValue(Boolean.TRUE);
> rsaPublicKeyTemplate.getLabel().setValue(component.toCharArray());
> rsaPublicKeyTemplate.getEncrypt().setBooleanValue(Boolean.TRUE);
> rsaPublicKeyTemplate.getWrap().setBooleanValue(Boolean.TRUE);
> rsaPublicKeyTemplate.getVerify().setBooleanValue(Boolean.TRUE);
>
> // set the general attributes for the private key
> //
> rsaPrivateKeyTemplate.getSensitive().setBooleanValue(Boolean.TRUE);
> rsaPrivateKeyTemplate.getToken().setBooleanValue(Boolean.TRUE);
> rsaPrivateKeyTemplate.getPrivate().setBooleanValue(Boolean.FALSE);
> rsaPrivateKeyTemplate.getLabel().setValue(component.toCharArray());
> rsaPrivateKeyTemplate.getDecrypt().setBooleanValue(Boolean.TRUE);
> rsaPrivateKeyTemplate.getUnwrap().setBooleanValue(Boolean.TRUE);
> rsaPrivateKeyTemplate.getSign().setBooleanValue(Boolean.TRUE);
>
> KeyPair generatedKeyPair;
> try
> {
> generatedKeyPair =
> session.generateKeyPair(keyPairGenerationMechanism,rsaPublicKeyTemplate,
> rsaPrivateKeyTemplate);
> }
> catch (TokenException e)
> {
> String msg = "Failed to generate RSA key pair on token: " +
> e.getMessage();
> throw new Exception( msg, e );
> }
>
> ......
>
> It looks like when we create token objects as highlighted above, we see the
> exception. But, if we modify the code to not create token objects ( as
> shown below ) everything looks good. Please note this was not an issue in
> 3.42.1 NSS version.
>
> rsaPublicKeyTemplate.getToken().setBooleanValue(Boolean.TRUE);
> ....
> rsaPrivateKeyTemplate.getToken().setBooleanValue(Boolean.TRUE);
>
>
> Output :
> ################################################################################
> Information of Token:
> Label: NSS Certificate DB
> Manufacturer ID: Mozilla Foundation
> Model: NSS 3
> Serial Number: 0000000000000000
> Random Number Generator: true
> Write protected: false
> Login required: true
> User PIN initialized: true
> Restore Key not needed: false
> Clock on Token: false
> Protected Authentication Path: false
> Dual Crypto Operations: true
> Token initialized: true
> Secondary Authentication: false
> User PIN-Count low: false
> User PIN final Try: false
> User PIN locked: false
> User PIN to be changed: false
> Security Officer PIN-Count low: false
> Security Officer PIN final Try: false
> Security Officer PIN locked: false
> Security Officer PIN to be changed: false
> Maximum Session Count: <effectively infinite>
> Session Count: 0
> Maximum Read/Write Session Count: <effectively infinite>
> Read/Write Session Count: 0
> Maximum PIN Length: 500
> Minimum PIN Length: 0
> Total Public Memory: 1
> Free Public Memory: 1
> Total Private Memory: 1
> Free Private Memory: 1
> Hardware Version: 0.00
> Firmware Version: 0.00
> Time: Sat Nov 29 18:00:00 CST 2
> ################################################################################
> PKCS#11 session login successful
> ################################################################################
> Generating new 2048 bit RSA key-pair...
> ################################################################################
> Output KeyPair...
> The public key is
> _______________________________________________________________________________
> Object Class: Public Key
> Token: false
> Private: false
> Modifiable: true
> Label: KMRootCA
> Key Type: RSA
> ID:
> 39616130393234332d643635312d343835662d613430632d6164613936343365323434653b31353739353437363034343534
> Start Date: <NULL_PTR>
> End Date: <NULL_PTR>
> Derive: false
> Local: false
> Key Generation Mechanism: <Attribute not present>
> Allowed Mechanisms: <Attribute not present>
> Subject (DER, hex): <NULL_PTR>
> Encrypt: true
> Verify: true
> Verify Recover: true
> Wrap: true
> Trusted: <Attribute not present>
> Wrap Template: <Attribute not present>
> Modulus (hex):
> d5a3c3265e3fa3be258565fab165ac9f694dab04b79eee4e749870a6e0b9251267855fe72aa8bd21fac910336a07cf710a533a7681657e25869260bee261b3b67c7a7706fdb43a50d311213e48a488958c8d77873889fbfa8cbf0b4476ed7cee78aebd195b241da986750f4099d6849b872e2d08953a4ba4c1583ebfcbde614e8601d99c31d384c7ea9735e986f913cf9691b2e6868031999ac01e6a85712a9af94ac589c6c79e7e8246ff8aed45eb46d14c916549a35299a0a7621f45a94d54b0d1fdee80972a514216063aef6f59326a27bf0695f01592a1c7382d1beadf8c81dde13d20b18324ddce62627baa95028a04ddd1a4928cc5a5b4bf0db15fc3d7
> Public Exponent (hex): 010001
> Modulus Bits (dec): <Attribute not present>
> _______________________________________________________________________________
> The private key is
> _______________________________________________________________________________
> Object Class: Private Key
> Token: false
> Private: true
> Modifiable: true
> Label: KMRootCA
> Key Type: RSA
> ID:
> 39616130393234332d643635312d343835662d613430632d6164613936343365323434653b31353739353437363034343534
> Start Date: <NULL_PTR>
> End Date: <NULL_PTR>
> Derive: false
> Local: false
> Key Generation Mechanism: <Attribute not present>
> Allowed Mechanisms: <Attribute not present>
> Subject (DER, hex): <NULL_PTR>
> Sensitive: true
> Secondary Authentication: <Attribute not present>
> Secondary Authentication PIN Flags: <Attribute not present>
> Decrypt: true
> Sign: true
> Sign Recover: true
> Unwrap: true
> Extractable: true
> Always Sensitive: true
> Never Extractable: false
> Wrap With Trusted: <Attribute not present>
> Unwrap Template: <Attribute not present>
> Always Authenticate: <Attribute not present>
> Modulus (hex):
> d5a3c3265e3fa3be258565fab165ac9f694dab04b79eee4e749870a6e0b9251267855fe72aa8bd21fac910336a07cf710a533a7681657e25869260bee261b3b67c7a7706fdb43a50d311213e48a488958c8d77873889fbfa8cbf0b4476ed7cee78aebd195b241da986750f4099d6849b872e2d08953a4ba4c1583ebfcbde614e8601d99c31d384c7ea9735e986f913cf9691b2e6868031999ac01e6a85712a9af94ac589c6c79e7e8246ff8aed45eb46d14c916549a35299a0a7621f45a94d54b0d1fdee80972a514216063aef6f59326a27bf0695f01592a1c7382d1beadf8c81dde13d20b18324ddce62627baa95028a04ddd1a4928cc5a5b4bf0db15fc3d7
> Public Exponent (hex): 010001
> Private Exponent (hex): <Value is sensitive>
> Prime 1 (hex): <Value is sensitive>
> Prime 2 (hex): <Value is sensitive>
> Exponent 1 (hex): <Value is sensitive>
> Exponent 2 (hex): <Value is sensitive>
> Coefficient (hex): <Value is sensitive>
> _____________________________________________
>
>
> Would appreciate help ...
>
> Thanks..
> Usha
>
>
>
> On Tue, Dec 17, 2019 at 11:34 AM <[email protected]> wrote:
>
> > On Monday, December 9, 2019 at 2:58:23 PM UTC-7, Usha Nayak wrote:
> > > Any help greatly appreciated.
> >
> > Hi Usha,
> >
> > We've talked about this a couple times now and two of us have searched our
> > change history without finding any obvious culprits. I think we're going to
> > need a minimal case we can run locally to reproduce the issue, and then
> > attach a debugger to make any progress. Is that possible to do?
> >
> > Thanks,
> > J.C.
> > _______________________________________________
> > dev-security mailing list
> > [email protected]
> > https://lists.mozilla.org/listinfo/dev-security
> >
Correction ...
Client executes succcessfully if public/private keypairs are created as session
objects :
rsaPublicKeyTemplate.getToken().setBooleanValue(Boolean.FALSE);
....
rsaPrivateKeyTemplate.getToken().setBooleanValue(Boolean.FALSE);
Exception occurs if they are created as token objects:
rsaPublicKeyTemplate.getToken().setBooleanValue(Boolean.TRUE);
....
rsaPrivateKeyTemplate.getToken().setBooleanValue(Boolean.TRUE);
NOTE: This issue started to occur after we upgraded NSS from 3.42.1 to 3.47.1.
Sample client was using NSS 3.49 ( same behavior ) .
Thanks..
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
