Re: Assertion when using SEC_ASN1EncodeItem with subtemplate
On Mon, Jul 26, 2010 at 6:07 AM, Hanno Böck ha...@hboeck.de wrote:
Hi,
Just recently, the templates for decoding the RSA-PSS ASN1 parameters got
added to cvs head (in cryptohi/seckey.c).
Currently I'm working on implementing the creation of PSS signatures, so I
need them also to encode. My naive thought was that SEC_ASN1EncodeItem is used
pretty much the same as QuickDERDecodeItem, just the other way round.
For testing, I tested with a stripped-down version of the template containing
only the first entry. Though what I get is:
Assertion failure: theTemplate-sub != NULL, at secasn1u.c:93
From the error, I assume it has something to do with the subtemplate. If that
helps, by some try and error I found out that when removing SEC_ASN1_EXPLICIT,
no assertion appears (thouhg it'll obviously produce a wrong DER struct).
Is there something special I need to care about when doing encoding vs.
decoding ASN1?
The code looks like this:
SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
const SEC_ASN1Template MY_RSAPSSParamsTemplate[] =
{
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYRSAPSSParams) },
{ SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
SEC_ASN1_XTRN | SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 0,
offsetof(SECKEYRSAPSSParams, hashAlg),
SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
{ 0 }
};
Hanno,
I am not familiar with the ASN.1 templates in NSS.
I'm afraid that you'll need to run the code in a debugger
to understand what the ASN.1 encoder is doing and
why it doesn't like your template.
Another idea is to look at the ASN.1 templates in
NSS that are used for encoding. See if they have
something different from your template.
Wan-Teh
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Need help troubleshooting TLS Handshake error: CKR_ATTRIBUTE_VALUE_INVALID
On Tue, Jul 27, 2010 at 10:09 AM, Pat lync...@gmail.com wrote: Hello, Can anyone explain what is going wrong with the following scenario? Using NSPR 4.8, NSS 3.12.6, JSS 4.3.1 with JDK 1.6_21 on Windows XP Professional SP 3. FIPS mode is enabled. I'm trying to open an LDAP connection to an LDAP server (Apache Directory Server) running locally on the same system. Both SSL contexts (server and client) are configured to use the KeyManager (PKCS11 KeyStore), TrustManager and SecureRandom obtained from the SunPKCS11-NSS provider. I have enabled the debug logging for the TLS handshake and I can see that both sides are using the same certificate for identification and that this certificate as well as the appropriate CA certificates are being found in the NSS database. When executing the code with FIPS mode disabled, the handshake is successful. However, with FIPS mode enabled, the following stacktrace is produced: 2010-07-27 08:51:02,154;48156;ERROR;ds.DsServiceImplLiveTest; (main);Client: javax.net.ssl.SSLException: java.security.ProviderException: Could not generate premaster secret at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java: 190) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java: 1623) [...omitted...] Caused by: java.security.ProviderException: Could not generate premaster secret at sun.security.pkcs11.P11TlsRsaPremasterSecretGenerator.engineGenerateKey(P11TlsRsaPremasterSecretGenerator.java: 87) at javax.crypto.KeyGenerator.generateKey(DashoA13*..) at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.init(RSAClientKeyExchange.java: 91) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java: 673) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java: 230) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java: 529) [...omitted...] Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ATTRIBUTE_VALUE_INVALID at sun.security.pkcs11.wrapper.PKCS11.C_GenerateKey(Native Method) at sun.security.pkcs11.P11TlsRsaPremasterSecretGenerator.engineGenerateKey(P11TlsRsaPremasterSecretGenerator.java: 81) [...omitted...] The stack trace of the exception shows that the C_GenerateKey call used to generate the premaster secret failed with CKR_ATTRIBUTE_VALUE_INVALID. Since there is Sun Java code involved, I won't be able to fully debug this. I'll give you some hints on how I would debug this, and hopefully you can track this down. 1. Search in the NSS source tree for CKR_ATTRIBUTE_VALUE_INVALID to identify the places where CKR_ATTRIBUTE_VALUE_INVALID may be returned: http://mxr.mozilla.org/security/ident?i=CKR_ATTRIBUTE_VALUE_INVALIDfilter= Focus only on the files in security/nss/lib/softoken, as the SunPKCS11 provider is only using the softoken of NSS. 2. Since you get this error when the NSS softoken is in FIPS mode, security/nss/lib/softoken/fipstokn.c is worth a look. In FIPS mode, the PKCS #11 C_Foo function is mapped to the FC_Foo function in security/nss/lib/softoken/fipstokn.c. So C_GenerateKey becomes FC_GenerateKey: http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/softoken/fipstokn.crev=1.28mark=1292,1300-1307#1291 NSC_GenerateKey is the common implementation of C_GenerateKey between FIPS and non-FIPS mode. So you see clearly that FC_GenerateKey does some special checks for FIPS mode, and then invoke the common code. One of the special check is that the caller must specify that the new key be sensitive (CKA_SENSITIVE), which means the new key cannot be exported in unencrypted form. If this check fails, FC_GenerateKey returns CKR_ATTRIBUTE_VALUE_INVALID. Given the info you provided, this is most likely the place where the NSS softoken failed with CKR_ATTRIBUTE_VALUE_INVALID in FIPS mode. If so, I'm afraid that the fix is to modify sun.security.pkcs11 to be able to generate and use RSA premaster secrets with the CKA_SENSITIVE attribute set. If this is not the failure spot, then you can use the method I outlined above to track this down. Wan-Teh -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Assertion when using SEC_ASN1EncodeItem with subtemplate
On 2010-07-26 06:07 PDT, Hanno Böck wrote:
Hi,
Just recently, the templates for decoding the RSA-PSS ASN1 parameters got
added to cvs head (in cryptohi/seckey.c).
Currently I'm working on implementing the creation of PSS signatures, so I
need them also to encode. My naive thought was that SEC_ASN1EncodeItem is
used
pretty much the same as QuickDERDecodeItem, just the other way round.
For testing, I tested with a stripped-down version of the template containing
only the first entry. Though what I get is:
Assertion failure: theTemplate-sub != NULL, at secasn1u.c:93
From the error, I assume it has something to do with the subtemplate. If that
helps, by some try and error I found out that when removing
SEC_ASN1_EXPLICIT,
no assertion appears (thouhg it'll obviously produce a wrong DER struct).
Is there something special I need to care about when doing encoding vs.
decoding ASN1?
The code looks like this:
SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
const SEC_ASN1Template MY_RSAPSSParamsTemplate[] =
{
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYRSAPSSParams) },
{ SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
SEC_ASN1_XTRN | SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 0,
offsetof(SECKEYRSAPSSParams, hashAlg),
SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
{ 0 }
};
SECStatus
PSSU_EncodeDER(SECItem *dest, CK_RSA_PKCS_PSS_PARAMS *in)
{
SECKEYRSAPSSParams *pss_params;
PRArenaPool *arena;
SECItem *ret;
unsigned int i;
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
pss_params = PORT_ZAlloc(sizeof(pss_params));
That should be
pss_params = PORT_ZAlloc(sizeof(*pss_params));
or, even better
pss_params = PORT_ArenaZAlloc(arena, sizeof(*pss_params));
or, perhaps even better still
pss_params = PORT_ArenaZNew(arena, SECKEYRSAPSSParams);
pss_params-hashAlg = PORT_ZAlloc(sizeof(SECAlgorithmID));
SECOID_SetAlgorithmID(arena, pss_params-hashAlg, SEC_OID_SHA256, NULL);
ret = SEC_ASN1EncodeItem(arena, NULL, pss_params,
MY_RSAPSSParamsTemplate);
PORT_FreeArena(arena, PR_FALSE);
return SECSuccess;
}
--
/Nelson Bolyard
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Assertion when using SEC_ASN1EncodeItem with subtemplate
Am Donnerstag 29 Juli 2010 schrieb Nelson B Bolyard: That should be pss_params = PORT_ZAlloc(sizeof(*pss_params)); or, even better pss_params = PORT_ArenaZAlloc(arena, sizeof(*pss_params)); or, perhaps even better still pss_params = PORT_ArenaZNew(arena, SECKEYRSAPSSParams); You're right, but sadly that's not the problem, after that change I get the same error: Assertion failure: theTemplate-sub != NULL, at secasn1u.c:93 -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail:ha...@hboeck.de http://schokokeks.org - professional webhosting signature.asc Description: This is a digitally signed message part. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
cmsutil: deprecated class usage
Hello.
I'm trying to build package pki-utils-1.3.1. And it fails on building cmsutils:
pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java
at string:
org.mozilla.jss.crypto.KeyPairGeneratorSp[2^i.Usage[] usage_ops,
And at the class hierarchi on page
http://www.mozilla.org/projects/security/pki/jss/javadoc/org/mozilla/jss/crypto/package-tree.html
there is no such class.
So what should I do use another jss version or patch file
To build this file I've used this patch. It removes generateECCeyPair with
additional parameters
leaving only version without Usage class. And my second question is if it is a
normal patch and
how can I test if I have broked something or not.
diff -ur pki-util-1.3.1.old/src/com/netscape/cmsutil/crypto/CryptoUtil.java
pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java
--- pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java.orig
2009-08-25 16:41:02.0 +
+++ pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java
2010-07-24 01:51:45.0 +
@@ -18,6 +18,7 @@
package com.netscape.cmsutil.crypto;
+import com.sun.crypto.provider.JceKeyStore;
import java.net.*;
import java.io.*;
import java.util.*;
@@ -147,9 +148,16 @@
NoSuchTokenException,
NoSuchAlgorithmException,
TokenException {
-return generateECCKeyPair(token, keysize, null, null);
-}
+CryptoToken t = getTokenByName(token);
+KeyPairAlgorithm alg = KeyPairAlgorithm.EC;
+KeyPairGenerator g = t.getKeyPairGenerator(alg);
+
+g.initialize(keysize);
+KeyPair pair = g.genKeyPair();
+return pair;
+}
+/*
public static KeyPair generateECCKeyPair(String token, int keysize,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask)
@@ -166,7 +174,7 @@
KeyPair pair = g.genKeyPair();
return pair;
-}
+}*/
--
Best regards
Alexander V Vershilov
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Assertion when using SEC_ASN1EncodeItem with subtemplate
After digging down deeper into the code, it seems it fails somewhere here: http://mxr.mozilla.org/security/source/security/nss/lib/util/secasn1e.c#897 It gives state-theTemplate to the SEC_ASN1GetSubTemplate-function, while state-theTemplate points to SECOID_AlgorithmIDTemplate, which is already the subtemplate. I fail to really understand the asn1 decoding code at the moment, but I find it likely it's a bug in there. -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail:ha...@hboeck.de http://schokokeks.org - professional webhosting signature.asc Description: This is a digitally signed message part. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: cmsutil: deprecated class usage
If you have something that looks like '[2^i' in your source file, it
means that there's probably an 'esc' character in there as well, and it
looks like someone tried to use arrow keys on a VT102-akin terminal to
edit it.
Delete your current tree, download the package again, unpack it, and try
recompiling it. If it still shows the same error without you having
added any patches to it, it's a build-breaking bug and needs to be
reported in bugzilla. If it doesn't, then you broke it when you were
playing around with it. (The best part, though, is that nobody here
knows one way or the other -- and you don't have to tell us if you did
make a mistake.)
-Kyle H
On 7/29/10 6:35 PM, Alexander V Vershilov wrote:
Hello.
I'm trying to build package pki-utils-1.3.1. And it fails on building
cmsutils:
pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java
at string:
org.mozilla.jss.crypto.KeyPairGeneratorSp[2^i.Usage[] usage_ops,
And at the class hierarchi on page
http://www.mozilla.org/projects/security/pki/jss/javadoc/org/mozilla/jss/crypto/package-tree.html
there is no such class.
So what should I do use another jss version or patch file
To build this file I've used this patch. It removes generateECCeyPair with
additional parameters
leaving only version without Usage class. And my second question is if it is
a normal patch and
how can I test if I have broked something or not.
diff -ur pki-util-1.3.1.old/src/com/netscape/cmsutil/crypto/CryptoUtil.java
pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java
--- pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java.orig
2009-08-25 16:41:02.0 +
+++ pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java
2010-07-24 01:51:45.0 +
@@ -18,6 +18,7 @@
package com.netscape.cmsutil.crypto;
+import com.sun.crypto.provider.JceKeyStore;
import java.net.*;
import java.io.*;
import java.util.*;
@@ -147,9 +148,16 @@
NoSuchTokenException,
NoSuchAlgorithmException,
TokenException {
-return generateECCKeyPair(token, keysize, null, null);
-}
+CryptoToken t = getTokenByName(token);
+KeyPairAlgorithm alg = KeyPairAlgorithm.EC;
+KeyPairGenerator g = t.getKeyPairGenerator(alg);
+
+g.initialize(keysize);
+KeyPair pair = g.genKeyPair();
+return pair;
+}
+/*
public static KeyPair generateECCKeyPair(String token, int keysize,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask)
@@ -166,7 +174,7 @@
KeyPair pair = g.genKeyPair();
return pair;
-}
+}*/
--
Best regards
Alexander V Vershilov
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: cmsutil: deprecated class usage
Thanks. Thu, Jul 29, 2010 at 06:13:56PM -0700, Kyle Hamilton wrote If you have something that looks like '[2^i' in your source file, it means that there's probably an 'esc' character in there as well, and it looks like someone tried to use arrow keys on a VT102-akin terminal to edit it. I think, the error was when I C-P C-V pach to the mail. Delete your current tree, download the package again, unpack it, and try recompiling it. If it still shows the same error without you having added any patches to it, it's a build-breaking bug and needs to be reported in bugzilla. If it doesn't, then you broke it when you were playing around with it. (The best part, though, is that nobody here knows one way or the other -- and you don't have to tell us if you did make a mistake.) -Kyle H My problem was that that I should ask this question not this mail list Maybe I'll ask some more direct questions if I'll try to make fixes in dogtag package. -- Best regards, Alexander V Vershilov. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
