hi Robert and others, See the attachment for more complete test case of generating and reading a key. I found if I set the "isPerm" parameter to be PR_FALSE (see line 78 of the test case), the private key is not sensitive. If I set the "isPerm" parameter to be PR_TRUE, then not mater the "IsSensitive" (the next parameter after "isPerm") is PR_TRUE or PR_FALSE, the private key always sensitive. Is it a feature?
Thanks and Best Regards, Weizhong Qiang
On Jan 28, 2012, at 4:16 PM, weizhong qiang wrote: > hi, > > On Jan 27, 2012, at 6:52 PM, Robert Relyea wrote: > >> On 01/26/2012 11:53 PM, weizhong qiang wrote: >>> hi, >>> I did found that the CKA_SENSITIVE is "true" by using the following code: >>> rv = PK11_ReadRawAttribute(PK11_TypePrivKey, privKey, >>> CKA_SENSITIVE,&value); >>> if (rv != SECSuccess) { >>> NSSUtilLogger.msg(ERROR, "Failed to read CKA_SENSITIVE attribute >>> from private key."); >>> } >>> if ((value.len == 1)&& (value.data != NULL)) >>> std::cout<< !!(*(CK_BBOOL*)value.data)<<std::endl; >>> >>> But I did set sensitive parameter to be PR_FALSE when generate the key >>> pair, see the following: >>> *privk = PK11_GenerateKeyPair(slot, CKM_RSA_PKCS_KEY_PAIR_GEN,&rsaParams, >>> pubk, PR_FALSE, PR_FALSE, NULL); >>> >>> How could the key still be sensitive? Is there anywhere that I should set? >> Hmm, your right, that doesn't seem right. Do you have a simple test case >> that reproduces this? > > Yes, Please see the following attachment for the test case. If you would > help, you need to change the path of nss db, and certname, password etc. > > > <mail_about_privatekey.rtf> >> >> Also which version of NSS are you running? > > Name: NSS > Description: Mozilla Network Security Services > Version: 3.12.9+ckbi-1.82 > > >> Are you sure that slot points to the internal token? > > Yes, you can see the code of test case, I explicitly point to the internal > token. > >> Are you in FIPS mode? (in which case you don't have a choice on sensitive or >> not). > > I did not enable FIPS mode. I suppose FIPS will not be enabled by default? > > Best Regard, > Weizhong Qiang > >> >> NSS uses exactly this method to generate a key it's going to load into a >> token that doesn't support CKM_RSA_PKCS_KEY_PAIR_GEN. >> >> bob >> >>> >>> Best Regards >>> Weizhong Qiang >>> >>> >>> On Jan 26, 2012, at 6:57 PM, Robert Relyea wrote: >>> >>>> On 01/26/2012 07:55 AM, weizhong qiang wrote: >>>>> On Jan 26, 2012, at 4:44 PM, helpcrypto helpcrypto wrote: >>>>> >>>>>> AFAIK, returning or not the attributes from an object, depends on the >>>>>> token. >>>>> Everything I am operating is on the nss internal softoken. >>>> Right softoken enforces good hygiene. >>>> In truth, access to those attributes are controlled through a couple of >>>> other attributes: >>>> >>>> CKA_PRIVATE - access to the object requires authentication. >>>> >>>> CKA_SENSITIVE - direct access to the sensitive/private attributes of this >>>> object is prohibitted. >>>> >>>> CKA_EXTRACTABLE - this object can be extracted from the token. >>>> >>>> If Private is set, then you need to log in to do any of the actions below. >>>> >>>> If both Sensitve and Extractable is set, then you can extract the object >>>> by wrapping it, but you can't access the unencrypted attributes. >>>> >>>> If Senstive is FALSE and Extractable is TRUE, you can either extract the >>>> object by wrapping it, or by reading the attributes directly. >>>> >>>> If Extractable is FALSE, then you can't extract the object at all (either >>>> by wrapping it or by reading the attributes directly). >>>> >>>> Most tokens set Extratable to FALSE. >>>> >>>> bob >>>> >>>>> >>>>>> I recommend you reading about CKO_PRIVATE_KEY on PKCS#11 standard to >>>>>> understand what can be happening. >>>>>> For example if token=card, CKA_PRIME_1 *musnt* be on the card, as far >>>>>> is not *needed* to do cryptographic operations. >>>>>> >>>>>> El día 26 de enero de 2012 14:08, weizhong qiang >>>>>> <weizhongqi...@gmail.com> escribió: >>>>>>> hi, >>>>>>> Is there a fact that nss does not permit the reading of the attribute >>>>>>> CKA_PRIVATE_EXPONENT, CKA_PRIME_1, etc.? >>>>>>> Because with all of the eight attributes, it is possible to compose the >>>>>>> content of the private key, but the outputting of private key is not >>>>>>> allowed in nss? >>>>>>> >>>>>>> Thanks and Best Regards, >>>>>>> Weizhong Qiang >>>>>>> >>>>>>> On Jan 26, 2012, at 9:43 AM, helpcrypto helpcrypto wrote: >>>>>>> >>>>>>>> Is eny error shown at NSSUtilLogger.msg(ERROR, "Failed to read >>>>>>>> attribute %x from private key.", type); ? >>>>>>>> >>>>>>>> El día 25 de enero de 2012 17:04, weizhong qiang >>>>>>>> <weizhongqi...@gmail.com> escribió: >>>>>>>>> hi all, >>>>>>>>> I tried to get the attributes from a private key (see the following >>>>>>>>> code piece). But only the CKA_MODULUS and CKA_PUBLIC_EXPONENT can be >>>>>>>>> got, others (CKA_PRIVATE_EXPONENT etc.) can not be got. >>>>>>>>> Could you tell me how to solve it? >>>>>>>>> By the way, I generate rsa key pair without "sensitive" >>>>>>>>> (PK11_GenerateKeyPair(slot, CKM_RSA_PKCS_KEY_PAIR_GEN,&rsaParams, >>>>>>>>> pubk, PR_TRUE, PR_FALSE, NULL); ), so I suppose the private key is >>>>>>>>> not protected by password, and can be output? >>>>>>>>> >>>>>>>>> Best Regards, >>>>>>>>> Weizhong Qiang >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> /****************/ >>>>>>>>> static bool ReadPrivKeyAttribute(SECKEYPrivateKey* key, >>>>>>>>> CK_ATTRIBUTE_TYPE type, std::vector<uint8>* output) { >>>>>>>>> SECItem item; >>>>>>>>> SECStatus rv; >>>>>>>>> rv = PK11_ReadRawAttribute(PK11_TypePrivKey, key, type,&item); >>>>>>>>> if (rv != SECSuccess) { >>>>>>>>> NSSUtilLogger.msg(ERROR, "Failed to read attribute %x from >>>>>>>>> private key.", type); >>>>>>>>> return false; >>>>>>>>> } >>>>>>>>> output->assign(item.data, item.data + item.len); >>>>>>>>> SECITEM_FreeItem(&item, PR_FALSE); >>>>>>>>> return true; >>>>>>>>> } >>>>>>>>> >>>>>>>>> static bool ExportPrivateKey(SECKEYPrivateKey* key, >>>>>>>>> std::vector<uint8>* output) { >>>>>>>>> PrivateKeyInfoCodec private_key_info(true); >>>>>>>>> >>>>>>>>> // Manually read the component attributes of the private key and >>>>>>>>> build up >>>>>>>>> // the PrivateKeyInfo. >>>>>>>>> if (!ReadPrivKeyAttribute(key, CKA_MODULUS, >>>>>>>>> private_key_info.modulus()) || >>>>>>>>> !ReadPrivKeyAttribute(key, CKA_PUBLIC_EXPONENT, >>>>>>>>> private_key_info.public_exponent()) || >>>>>>>>> !ReadPrivKeyAttribute(key, CKA_PRIVATE_EXPONENT, >>>>>>>>> private_key_info.private_exponent()) || >>>>>>>>> !ReadPrivKeyAttribute(key, CKA_PRIME_1, >>>>>>>>> private_key_info.prime1()) || >>>>>>>>> !ReadPrivKeyAttribute(key, CKA_PRIME_2, >>>>>>>>> private_key_info.prime2()) || >>>>>>>>> !ReadPrivKeyAttribute(key, CKA_EXPONENT_1, >>>>>>>>> private_key_info.exponent1()) || >>>>>>>>> !ReadPrivKeyAttribute(key, CKA_EXPONENT_2, >>>>>>>>> private_key_info.exponent2()) || >>>>>>>>> !ReadPrivKeyAttribute(key, CKA_COEFFICIENT, >>>>>>>>> private_key_info.coefficient())) { >>>>>>>>> return false; >>>>>>>>> } >>>>>>>>> >>>>>>>>> return private_key_info.Export(output); >>>>>>>>> } >>>>>>>>> >>>>>>>>> -- >>>>>>>>> dev-tech-crypto mailing list >>>>>>>>> dev-tech-crypto@lists.mozilla.org >>>>>>>>> https://lists.mozilla.org/listinfo/dev-tech-crypto >>>>>>>> -- >>>>>>>> dev-tech-crypto mailing list >>>>>>>> dev-tech-crypto@lists.mozilla.org >>>>>>>> https://lists.mozilla.org/listinfo/dev-tech-crypto >>>>>>> -- >>>>>>> dev-tech-crypto mailing list >>>>>>> dev-tech-crypto@lists.mozilla.org >>>>>>> https://lists.mozilla.org/listinfo/dev-tech-crypto >>>>>> -- >>>>>> dev-tech-crypto mailing list >>>>>> dev-tech-crypto@lists.mozilla.org >>>>>> https://lists.mozilla.org/listinfo/dev-tech-crypto >>>> >>>> -- >>>> dev-tech-crypto mailing list >>>> dev-tech-crypto@lists.mozilla.org >>>> https://lists.mozilla.org/listinfo/dev-tech-crypto >> >> >> -- >> dev-tech-crypto mailing list >> dev-tech-crypto@lists.mozilla.org >> https://lists.mozilla.org/listinfo/dev-tech-crypto >
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto