The flow looks good.
Since you know you are using the same key, and since you've decrypted several blocks without getting anything 'legible', you know the problem isn't in the IV (a bad IV would only destroy the first block on decryption), then the problem is likely in your implementation of the algorithm. The most likely guess is in the key schedule (RC2 doesn't use just a 40 bit key, it processes that
40 bit key in a well defined way to use more 'bits' in the actual algorithm). The reason for this is before NSS will use your module,
it tries to test your encryption mechanism. It will generate a random key, iv, and data and test that your module correctly implements the algorithm. RC2_CBC is one of the algorithms it checkes, but if check RC2_CBC with 128 bit key. So my belief is the base RC2 implementation you provide works, but you aren't expanding the 40 bit key correctly.
You can fetch a copy of nss from *ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/ *. There are several test directories in under mozilla/security/nss/cmd that you can use to check out your RC2 implementation.
bob
Antonio Andr�s wrote:
Hi everybody. I'm developing a pkcs11 module, and I'm having some problems when I try to decrypt a s/mime mail with thunderbird. My pkcs11 offer support for RC2 mechanism (I initialize the CK_RC2_CBC_PARAMS param correctly I think), but thunderbird don't show the message decrypted. The trace i obatain is:
C_UnwrapKey.
--> pMechanism: CKM_RSA_PKCS
--> hUnwrappingKey: 49398942,
--> ulWrappedKeyLen: 128
--> Wrapped key: <a5> <f3> <26>......(128 bytes)....<18>
--> Template unwrapped key:
-->Type = 0, Length = 4, Value = <4> <0> <0> <0> (Creating SecretKey) -->Type = 256, Length = 4, Value = <11> <0> <0> <0> (CKK_RC2)
-->Type = 261, Length = 1, Value = <1> (CKA_ENCRYPT)
--> Unwrapped key length: 5
--> Unwrapped key: <d3> <5f> <ff> <2d> <56>
--> Handle new object: 47028462
END C_UnWrapKey.
C_DecryptInit. --> pMechanism: CKM_RC2_CBC --> hKey: 47028462 --> IV Vector: <9c> <f7> <fb> <5e> <6a> <af> <eb> <f7> --> Effective key length: 40 END C_DecryptInit.
C_DecryptUpdate.
--> Input Data (24 bytes): <34> <a3> <31> <8d> <75> <68> <b4> <6> <10> <58> <43> <19> <a9> <5d> <0> <95> <8b> <b1> <8a> <1e> <3b> <83> <c5> <55>
--> Decrypted Data (24 bytes): <90> <8c> <7d> <6f> <aa> <f2> <c1> <a6> <d7> <67> <c1> <d6> <4> <6> <22> <1c> <df> <db> <ca> <b1> <96> <a6> <c2> <b8>
END C_DecryptUpdate.
.....
C_DecryptUpdate.
--> Input Data (8 bytes): <19> <53> <24> <8f> <9d> <45> <b3> <6f>
--> Decrypted Data (8 bytes): <5d> <1c> <37> <47> <fa> <a6> <db> <91>
END C_DecryptUpdate.
The content it decrypts doesn't seems legible data. However, if I dont offer the CKM_RC2_MECHANISM, thunderbird obtain the 5 bytes of the RC2 key (using the CKM_RSA_PKCS mechanism to decryp the key)and itself decrypts the message correctly but without take part my pkcs11.
Is there something I' having bad with RC2?.
Thanks in advance.
Regards, Antonio.
_______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
smime.p7s
Description: S/MIME Cryptographic Signature
