Re: how to get CKA_PRIVATE_EXPONENT attribute from a private key?

Thu, 26 Jan 2012 00:43:55 -0800 

Is eny error shown at NSSUtilLogger.msg(ERROR, "Failed to read
attribute %x from private key.", type); ?

El día 25 de enero de 2012 17:04, weizhong qiang
<weizhongqi...@gmail.com> escribió:
> hi all,
> I tried to get the attributes from a private key (see the following code 
> piece). But only the CKA_MODULUS and CKA_PUBLIC_EXPONENT can be got, others 
> (CKA_PRIVATE_EXPONENT etc.) can not be got.
> Could you tell me how to solve it?
> By the way, I generate rsa key pair without "sensitive" 
> (PK11_GenerateKeyPair(slot, CKM_RSA_PKCS_KEY_PAIR_GEN, &rsaParams, pubk, 
> PR_TRUE, PR_FALSE, NULL); ), so I suppose the private key is not protected by 
> password, and can be output?
>
> Best Regards,
> Weizhong Qiang
>
>
>
>
> /****************/
>  static bool ReadPrivKeyAttribute(SECKEYPrivateKey* key, CK_ATTRIBUTE_TYPE 
> type, std::vector<uint8>* output) {
>    SECItem item;
>    SECStatus rv;
>    rv = PK11_ReadRawAttribute(PK11_TypePrivKey, key, type, &item);
>    if (rv != SECSuccess) {
>      NSSUtilLogger.msg(ERROR, "Failed to read attribute %x from private 
> key.", type);
>      return false;
>    }
>    output->assign(item.data, item.data + item.len);
>    SECITEM_FreeItem(&item, PR_FALSE);
>    return true;
>  }
>
>  static bool ExportPrivateKey(SECKEYPrivateKey* key, std::vector<uint8>* 
> output) {
>    PrivateKeyInfoCodec private_key_info(true);
>
>    // Manually read the component attributes of the private key and build up
>    // the PrivateKeyInfo.
>    if (!ReadPrivKeyAttribute(key, CKA_MODULUS, private_key_info.modulus()) ||
>      !ReadPrivKeyAttribute(key, CKA_PUBLIC_EXPONENT, 
> private_key_info.public_exponent()) ||
>      !ReadPrivKeyAttribute(key, CKA_PRIVATE_EXPONENT, 
> private_key_info.private_exponent()) ||
>      !ReadPrivKeyAttribute(key, CKA_PRIME_1, private_key_info.prime1()) ||
>      !ReadPrivKeyAttribute(key, CKA_PRIME_2, private_key_info.prime2()) ||
>      !ReadPrivKeyAttribute(key, CKA_EXPONENT_1, private_key_info.exponent1()) 
> ||
>      !ReadPrivKeyAttribute(key, CKA_EXPONENT_2, private_key_info.exponent2()) 
> ||
>      !ReadPrivKeyAttribute(key, CKA_COEFFICIENT, 
> private_key_info.coefficient())) {
>      return false;
>    }
>
>    return private_key_info.Export(output);
>  }
>
> --
> dev-tech-crypto mailing list
> dev-tech-crypto@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-tech-crypto
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to