hi Robert and others,
See the attachment for more complete test case of generating and reading a key.
I found if I set the "isPerm" parameter to be PR_FALSE (see line 78 of the test
case), the private key is not sensitive.
If I set the "isPerm" parameter to be PR_TRUE, then not mater the "IsSensitive"
(the next parameter after "isPerm") is PR_TRUE or PR_FALSE, the private key
always sensitive.
Is it a feature?
Thanks and Best Regards,
Weizhong Qiang
On Jan 28, 2012, at 4:16 PM, weizhong qiang wrote:
> hi,
>
> On Jan 27, 2012, at 6:52 PM, Robert Relyea wrote:
>
>> On 01/26/2012 11:53 PM, weizhong qiang wrote:
>>> hi,
>>> I did found that the CKA_SENSITIVE is "true" by using the following code:
>>> rv = PK11_ReadRawAttribute(PK11_TypePrivKey, privKey,
>>> CKA_SENSITIVE,&value);
>>> if (rv != SECSuccess) {
>>> NSSUtilLogger.msg(ERROR, "Failed to read CKA_SENSITIVE attribute
>>> from private key.");
>>> }
>>> if ((value.len == 1)&& (value.data != NULL))
>>> std::cout<< !!(*(CK_BBOOL*)value.data)<<std::endl;
>>>
>>> But I did set sensitive parameter to be PR_FALSE when generate the key
>>> pair, see the following:
>>> *privk = PK11_GenerateKeyPair(slot, CKM_RSA_PKCS_KEY_PAIR_GEN,&rsaParams,
>>> pubk, PR_FALSE, PR_FALSE, NULL);
>>>
>>> How could the key still be sensitive? Is there anywhere that I should set?
>> Hmm, your right, that doesn't seem right. Do you have a simple test case
>> that reproduces this?
>
> Yes, Please see the following attachment for the test case. If you would
> help, you need to change the path of nss db, and certname, password etc.
>
>
> <mail_about_privatekey.rtf>
>>
>> Also which version of NSS are you running?
>
> Name: NSS
> Description: Mozilla Network Security Services
> Version: 3.12.9+ckbi-1.82
>
>
>> Are you sure that slot points to the internal token?
>
> Yes, you can see the code of test case, I explicitly point to the internal
> token.
>
>> Are you in FIPS mode? (in which case you don't have a choice on sensitive or
>> not).
>
> I did not enable FIPS mode. I suppose FIPS will not be enabled by default?
>
> Best Regard,
> Weizhong Qiang
>
>>
>> NSS uses exactly this method to generate a key it's going to load into a
>> token that doesn't support CKM_RSA_PKCS_KEY_PAIR_GEN.
>>
>> bob
>>
>>>
>>> Best Regards
>>> Weizhong Qiang
>>>
>>>
>>> On Jan 26, 2012, at 6:57 PM, Robert Relyea wrote:
>>>
>>>> On 01/26/2012 07:55 AM, weizhong qiang wrote:
>>>>> On Jan 26, 2012, at 4:44 PM, helpcrypto helpcrypto wrote:
>>>>>
>>>>>> AFAIK, returning or not the attributes from an object, depends on the
>>>>>> token.
>>>>> Everything I am operating is on the nss internal softoken.
>>>> Right softoken enforces good hygiene.
>>>> In truth, access to those attributes are controlled through a couple of
>>>> other attributes:
>>>>
>>>> CKA_PRIVATE - access to the object requires authentication.
>>>>
>>>> CKA_SENSITIVE - direct access to the sensitive/private attributes of this
>>>> object is prohibitted.
>>>>
>>>> CKA_EXTRACTABLE - this object can be extracted from the token.
>>>>
>>>> If Private is set, then you need to log in to do any of the actions below.
>>>>
>>>> If both Sensitve and Extractable is set, then you can extract the object
>>>> by wrapping it, but you can't access the unencrypted attributes.
>>>>
>>>> If Senstive is FALSE and Extractable is TRUE, you can either extract the
>>>> object by wrapping it, or by reading the attributes directly.
>>>>
>>>> If Extractable is FALSE, then you can't extract the object at all (either
>>>> by wrapping it or by reading the attributes directly).
>>>>
>>>> Most tokens set Extratable to FALSE.
>>>>
>>>> bob
>>>>
>>>>>
>>>>>> I recommend you reading about CKO_PRIVATE_KEY on PKCS#11 standard to
>>>>>> understand what can be happening.
>>>>>> For example if token=card, CKA_PRIME_1 *musnt* be on the card, as far
>>>>>> is not *needed* to do cryptographic operations.
>>>>>>
>>>>>> El día 26 de enero de 2012 14:08, weizhong qiang
>>>>>> <[email protected]> escribió:
>>>>>>> hi,
>>>>>>> Is there a fact that nss does not permit the reading of the attribute
>>>>>>> CKA_PRIVATE_EXPONENT, CKA_PRIME_1, etc.?
>>>>>>> Because with all of the eight attributes, it is possible to compose the
>>>>>>> content of the private key, but the outputting of private key is not
>>>>>>> allowed in nss?
>>>>>>>
>>>>>>> Thanks and Best Regards,
>>>>>>> Weizhong Qiang
>>>>>>>
>>>>>>> On Jan 26, 2012, at 9:43 AM, helpcrypto helpcrypto wrote:
>>>>>>>
>>>>>>>> Is eny error shown at NSSUtilLogger.msg(ERROR, "Failed to read
>>>>>>>> attribute %x from private key.", type); ?
>>>>>>>>
>>>>>>>> El día 25 de enero de 2012 17:04, weizhong qiang
>>>>>>>> <[email protected]> escribió:
>>>>>>>>> hi all,
>>>>>>>>> I tried to get the attributes from a private key (see the following
>>>>>>>>> code piece). But only the CKA_MODULUS and CKA_PUBLIC_EXPONENT can be
>>>>>>>>> got, others (CKA_PRIVATE_EXPONENT etc.) can not be got.
>>>>>>>>> Could you tell me how to solve it?
>>>>>>>>> By the way, I generate rsa key pair without "sensitive"
>>>>>>>>> (PK11_GenerateKeyPair(slot, CKM_RSA_PKCS_KEY_PAIR_GEN,&rsaParams,
>>>>>>>>> pubk, PR_TRUE, PR_FALSE, NULL); ), so I suppose the private key is
>>>>>>>>> not protected by password, and can be output?
>>>>>>>>>
>>>>>>>>> Best Regards,
>>>>>>>>> Weizhong Qiang
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> /****************/
>>>>>>>>> static bool ReadPrivKeyAttribute(SECKEYPrivateKey* key,
>>>>>>>>> CK_ATTRIBUTE_TYPE type, std::vector<uint8>* output) {
>>>>>>>>> SECItem item;
>>>>>>>>> SECStatus rv;
>>>>>>>>> rv = PK11_ReadRawAttribute(PK11_TypePrivKey, key, type,&item);
>>>>>>>>> if (rv != SECSuccess) {
>>>>>>>>> NSSUtilLogger.msg(ERROR, "Failed to read attribute %x from
>>>>>>>>> private key.", type);
>>>>>>>>> return false;
>>>>>>>>> }
>>>>>>>>> output->assign(item.data, item.data + item.len);
>>>>>>>>> SECITEM_FreeItem(&item, PR_FALSE);
>>>>>>>>> return true;
>>>>>>>>> }
>>>>>>>>>
>>>>>>>>> static bool ExportPrivateKey(SECKEYPrivateKey* key,
>>>>>>>>> std::vector<uint8>* output) {
>>>>>>>>> PrivateKeyInfoCodec private_key_info(true);
>>>>>>>>>
>>>>>>>>> // Manually read the component attributes of the private key and
>>>>>>>>> build up
>>>>>>>>> // the PrivateKeyInfo.
>>>>>>>>> if (!ReadPrivKeyAttribute(key, CKA_MODULUS,
>>>>>>>>> private_key_info.modulus()) ||
>>>>>>>>> !ReadPrivKeyAttribute(key, CKA_PUBLIC_EXPONENT,
>>>>>>>>> private_key_info.public_exponent()) ||
>>>>>>>>> !ReadPrivKeyAttribute(key, CKA_PRIVATE_EXPONENT,
>>>>>>>>> private_key_info.private_exponent()) ||
>>>>>>>>> !ReadPrivKeyAttribute(key, CKA_PRIME_1,
>>>>>>>>> private_key_info.prime1()) ||
>>>>>>>>> !ReadPrivKeyAttribute(key, CKA_PRIME_2,
>>>>>>>>> private_key_info.prime2()) ||
>>>>>>>>> !ReadPrivKeyAttribute(key, CKA_EXPONENT_1,
>>>>>>>>> private_key_info.exponent1()) ||
>>>>>>>>> !ReadPrivKeyAttribute(key, CKA_EXPONENT_2,
>>>>>>>>> private_key_info.exponent2()) ||
>>>>>>>>> !ReadPrivKeyAttribute(key, CKA_COEFFICIENT,
>>>>>>>>> private_key_info.coefficient())) {
>>>>>>>>> return false;
>>>>>>>>> }
>>>>>>>>>
>>>>>>>>> return private_key_info.Export(output);
>>>>>>>>> }
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> dev-tech-crypto mailing list
>>>>>>>>> [email protected]
>>>>>>>>> https://lists.mozilla.org/listinfo/dev-tech-crypto
>>>>>>>> --
>>>>>>>> dev-tech-crypto mailing list
>>>>>>>> [email protected]
>>>>>>>> https://lists.mozilla.org/listinfo/dev-tech-crypto
>>>>>>> --
>>>>>>> dev-tech-crypto mailing list
>>>>>>> [email protected]
>>>>>>> https://lists.mozilla.org/listinfo/dev-tech-crypto
>>>>>> --
>>>>>> dev-tech-crypto mailing list
>>>>>> [email protected]
>>>>>> https://lists.mozilla.org/listinfo/dev-tech-crypto
>>>>
>>>> --
>>>> dev-tech-crypto mailing list
>>>> [email protected]
>>>> https://lists.mozilla.org/listinfo/dev-tech-crypto
>>
>>
>> --
>> dev-tech-crypto mailing list
>> [email protected]
>> https://lists.mozilla.org/listinfo/dev-tech-crypto
>
--
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto
