Re: Assertion when using SEC_ASN1EncodeItem with subtemplate
On Mon, Jul 26, 2010 at 6:07 AM, Hanno Böck ha...@hboeck.de wrote: Hi, Just recently, the templates for decoding the RSA-PSS ASN1 parameters got added to cvs head (in cryptohi/seckey.c). Currently I'm working on implementing the creation of PSS signatures, so I need them also to encode. My naive thought was that SEC_ASN1EncodeItem is used pretty much the same as QuickDERDecodeItem, just the other way round. For testing, I tested with a stripped-down version of the template containing only the first entry. Though what I get is: Assertion failure: theTemplate-sub != NULL, at secasn1u.c:93 From the error, I assume it has something to do with the subtemplate. If that helps, by some try and error I found out that when removing SEC_ASN1_EXPLICIT, no assertion appears (thouhg it'll obviously produce a wrong DER struct). Is there something special I need to care about when doing encoding vs. decoding ASN1? The code looks like this: SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) const SEC_ASN1Template MY_RSAPSSParamsTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYRSAPSSParams) }, { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | SEC_ASN1_XTRN | SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 0, offsetof(SECKEYRSAPSSParams, hashAlg), SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { 0 } }; Hanno, I am not familiar with the ASN.1 templates in NSS. I'm afraid that you'll need to run the code in a debugger to understand what the ASN.1 encoder is doing and why it doesn't like your template. Another idea is to look at the ASN.1 templates in NSS that are used for encoding. See if they have something different from your template. Wan-Teh -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Need help troubleshooting TLS Handshake error: CKR_ATTRIBUTE_VALUE_INVALID
On Tue, Jul 27, 2010 at 10:09 AM, Pat lync...@gmail.com wrote: Hello, Can anyone explain what is going wrong with the following scenario? Using NSPR 4.8, NSS 3.12.6, JSS 4.3.1 with JDK 1.6_21 on Windows XP Professional SP 3. FIPS mode is enabled. I'm trying to open an LDAP connection to an LDAP server (Apache Directory Server) running locally on the same system. Both SSL contexts (server and client) are configured to use the KeyManager (PKCS11 KeyStore), TrustManager and SecureRandom obtained from the SunPKCS11-NSS provider. I have enabled the debug logging for the TLS handshake and I can see that both sides are using the same certificate for identification and that this certificate as well as the appropriate CA certificates are being found in the NSS database. When executing the code with FIPS mode disabled, the handshake is successful. However, with FIPS mode enabled, the following stacktrace is produced: 2010-07-27 08:51:02,154;48156;ERROR;ds.DsServiceImplLiveTest; (main);Client: javax.net.ssl.SSLException: java.security.ProviderException: Could not generate premaster secret at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java: 190) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java: 1623) [...omitted...] Caused by: java.security.ProviderException: Could not generate premaster secret at sun.security.pkcs11.P11TlsRsaPremasterSecretGenerator.engineGenerateKey(P11TlsRsaPremasterSecretGenerator.java: 87) at javax.crypto.KeyGenerator.generateKey(DashoA13*..) at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.init(RSAClientKeyExchange.java: 91) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java: 673) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java: 230) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java: 529) [...omitted...] Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ATTRIBUTE_VALUE_INVALID at sun.security.pkcs11.wrapper.PKCS11.C_GenerateKey(Native Method) at sun.security.pkcs11.P11TlsRsaPremasterSecretGenerator.engineGenerateKey(P11TlsRsaPremasterSecretGenerator.java: 81) [...omitted...] The stack trace of the exception shows that the C_GenerateKey call used to generate the premaster secret failed with CKR_ATTRIBUTE_VALUE_INVALID. Since there is Sun Java code involved, I won't be able to fully debug this. I'll give you some hints on how I would debug this, and hopefully you can track this down. 1. Search in the NSS source tree for CKR_ATTRIBUTE_VALUE_INVALID to identify the places where CKR_ATTRIBUTE_VALUE_INVALID may be returned: http://mxr.mozilla.org/security/ident?i=CKR_ATTRIBUTE_VALUE_INVALIDfilter= Focus only on the files in security/nss/lib/softoken, as the SunPKCS11 provider is only using the softoken of NSS. 2. Since you get this error when the NSS softoken is in FIPS mode, security/nss/lib/softoken/fipstokn.c is worth a look. In FIPS mode, the PKCS #11 C_Foo function is mapped to the FC_Foo function in security/nss/lib/softoken/fipstokn.c. So C_GenerateKey becomes FC_GenerateKey: http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/softoken/fipstokn.crev=1.28mark=1292,1300-1307#1291 NSC_GenerateKey is the common implementation of C_GenerateKey between FIPS and non-FIPS mode. So you see clearly that FC_GenerateKey does some special checks for FIPS mode, and then invoke the common code. One of the special check is that the caller must specify that the new key be sensitive (CKA_SENSITIVE), which means the new key cannot be exported in unencrypted form. If this check fails, FC_GenerateKey returns CKR_ATTRIBUTE_VALUE_INVALID. Given the info you provided, this is most likely the place where the NSS softoken failed with CKR_ATTRIBUTE_VALUE_INVALID in FIPS mode. If so, I'm afraid that the fix is to modify sun.security.pkcs11 to be able to generate and use RSA premaster secrets with the CKA_SENSITIVE attribute set. If this is not the failure spot, then you can use the method I outlined above to track this down. Wan-Teh -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Assertion when using SEC_ASN1EncodeItem with subtemplate
On 2010-07-26 06:07 PDT, Hanno Böck wrote: Hi, Just recently, the templates for decoding the RSA-PSS ASN1 parameters got added to cvs head (in cryptohi/seckey.c). Currently I'm working on implementing the creation of PSS signatures, so I need them also to encode. My naive thought was that SEC_ASN1EncodeItem is used pretty much the same as QuickDERDecodeItem, just the other way round. For testing, I tested with a stripped-down version of the template containing only the first entry. Though what I get is: Assertion failure: theTemplate-sub != NULL, at secasn1u.c:93 From the error, I assume it has something to do with the subtemplate. If that helps, by some try and error I found out that when removing SEC_ASN1_EXPLICIT, no assertion appears (thouhg it'll obviously produce a wrong DER struct). Is there something special I need to care about when doing encoding vs. decoding ASN1? The code looks like this: SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) const SEC_ASN1Template MY_RSAPSSParamsTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYRSAPSSParams) }, { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | SEC_ASN1_XTRN | SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 0, offsetof(SECKEYRSAPSSParams, hashAlg), SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, { 0 } }; SECStatus PSSU_EncodeDER(SECItem *dest, CK_RSA_PKCS_PSS_PARAMS *in) { SECKEYRSAPSSParams *pss_params; PRArenaPool *arena; SECItem *ret; unsigned int i; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); pss_params = PORT_ZAlloc(sizeof(pss_params)); That should be pss_params = PORT_ZAlloc(sizeof(*pss_params)); or, even better pss_params = PORT_ArenaZAlloc(arena, sizeof(*pss_params)); or, perhaps even better still pss_params = PORT_ArenaZNew(arena, SECKEYRSAPSSParams); pss_params-hashAlg = PORT_ZAlloc(sizeof(SECAlgorithmID)); SECOID_SetAlgorithmID(arena, pss_params-hashAlg, SEC_OID_SHA256, NULL); ret = SEC_ASN1EncodeItem(arena, NULL, pss_params, MY_RSAPSSParamsTemplate); PORT_FreeArena(arena, PR_FALSE); return SECSuccess; } -- /Nelson Bolyard -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Assertion when using SEC_ASN1EncodeItem with subtemplate
Am Donnerstag 29 Juli 2010 schrieb Nelson B Bolyard: That should be pss_params = PORT_ZAlloc(sizeof(*pss_params)); or, even better pss_params = PORT_ArenaZAlloc(arena, sizeof(*pss_params)); or, perhaps even better still pss_params = PORT_ArenaZNew(arena, SECKEYRSAPSSParams); You're right, but sadly that's not the problem, after that change I get the same error: Assertion failure: theTemplate-sub != NULL, at secasn1u.c:93 -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail:ha...@hboeck.de http://schokokeks.org - professional webhosting signature.asc Description: This is a digitally signed message part. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
cmsutil: deprecated class usage
Hello. I'm trying to build package pki-utils-1.3.1. And it fails on building cmsutils: pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java at string: org.mozilla.jss.crypto.KeyPairGeneratorSp[2^i.Usage[] usage_ops, And at the class hierarchi on page http://www.mozilla.org/projects/security/pki/jss/javadoc/org/mozilla/jss/crypto/package-tree.html there is no such class. So what should I do use another jss version or patch file To build this file I've used this patch. It removes generateECCeyPair with additional parameters leaving only version without Usage class. And my second question is if it is a normal patch and how can I test if I have broked something or not. diff -ur pki-util-1.3.1.old/src/com/netscape/cmsutil/crypto/CryptoUtil.java pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java --- pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java.orig 2009-08-25 16:41:02.0 + +++ pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java 2010-07-24 01:51:45.0 + @@ -18,6 +18,7 @@ package com.netscape.cmsutil.crypto; +import com.sun.crypto.provider.JceKeyStore; import java.net.*; import java.io.*; import java.util.*; @@ -147,9 +148,16 @@ NoSuchTokenException, NoSuchAlgorithmException, TokenException { -return generateECCKeyPair(token, keysize, null, null); -} +CryptoToken t = getTokenByName(token); +KeyPairAlgorithm alg = KeyPairAlgorithm.EC; +KeyPairGenerator g = t.getKeyPairGenerator(alg); + +g.initialize(keysize); +KeyPair pair = g.genKeyPair(); +return pair; +} +/* public static KeyPair generateECCKeyPair(String token, int keysize, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask) @@ -166,7 +174,7 @@ KeyPair pair = g.genKeyPair(); return pair; -} +}*/ -- Best regards Alexander V Vershilov -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Assertion when using SEC_ASN1EncodeItem with subtemplate
After digging down deeper into the code, it seems it fails somewhere here: http://mxr.mozilla.org/security/source/security/nss/lib/util/secasn1e.c#897 It gives state-theTemplate to the SEC_ASN1GetSubTemplate-function, while state-theTemplate points to SECOID_AlgorithmIDTemplate, which is already the subtemplate. I fail to really understand the asn1 decoding code at the moment, but I find it likely it's a bug in there. -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail:ha...@hboeck.de http://schokokeks.org - professional webhosting signature.asc Description: This is a digitally signed message part. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: cmsutil: deprecated class usage
If you have something that looks like '[2^i' in your source file, it means that there's probably an 'esc' character in there as well, and it looks like someone tried to use arrow keys on a VT102-akin terminal to edit it. Delete your current tree, download the package again, unpack it, and try recompiling it. If it still shows the same error without you having added any patches to it, it's a build-breaking bug and needs to be reported in bugzilla. If it doesn't, then you broke it when you were playing around with it. (The best part, though, is that nobody here knows one way or the other -- and you don't have to tell us if you did make a mistake.) -Kyle H On 7/29/10 6:35 PM, Alexander V Vershilov wrote: Hello. I'm trying to build package pki-utils-1.3.1. And it fails on building cmsutils: pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java at string: org.mozilla.jss.crypto.KeyPairGeneratorSp[2^i.Usage[] usage_ops, And at the class hierarchi on page http://www.mozilla.org/projects/security/pki/jss/javadoc/org/mozilla/jss/crypto/package-tree.html there is no such class. So what should I do use another jss version or patch file To build this file I've used this patch. It removes generateECCeyPair with additional parameters leaving only version without Usage class. And my second question is if it is a normal patch and how can I test if I have broked something or not. diff -ur pki-util-1.3.1.old/src/com/netscape/cmsutil/crypto/CryptoUtil.java pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java --- pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java.orig 2009-08-25 16:41:02.0 + +++ pki-util-1.3.1/src/com/netscape/cmsutil/crypto/CryptoUtil.java 2010-07-24 01:51:45.0 + @@ -18,6 +18,7 @@ package com.netscape.cmsutil.crypto; +import com.sun.crypto.provider.JceKeyStore; import java.net.*; import java.io.*; import java.util.*; @@ -147,9 +148,16 @@ NoSuchTokenException, NoSuchAlgorithmException, TokenException { -return generateECCKeyPair(token, keysize, null, null); -} +CryptoToken t = getTokenByName(token); +KeyPairAlgorithm alg = KeyPairAlgorithm.EC; +KeyPairGenerator g = t.getKeyPairGenerator(alg); + +g.initialize(keysize); +KeyPair pair = g.genKeyPair(); +return pair; +} +/* public static KeyPair generateECCKeyPair(String token, int keysize, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask) @@ -166,7 +174,7 @@ KeyPair pair = g.genKeyPair(); return pair; -} +}*/ -- Best regards Alexander V Vershilov -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: cmsutil: deprecated class usage
Thanks. Thu, Jul 29, 2010 at 06:13:56PM -0700, Kyle Hamilton wrote If you have something that looks like '[2^i' in your source file, it means that there's probably an 'esc' character in there as well, and it looks like someone tried to use arrow keys on a VT102-akin terminal to edit it. I think, the error was when I C-P C-V pach to the mail. Delete your current tree, download the package again, unpack it, and try recompiling it. If it still shows the same error without you having added any patches to it, it's a build-breaking bug and needs to be reported in bugzilla. If it doesn't, then you broke it when you were playing around with it. (The best part, though, is that nobody here knows one way or the other -- and you don't have to tell us if you did make a mistake.) -Kyle H My problem was that that I should ask this question not this mail list Maybe I'll ask some more direct questions if I'll try to make fixes in dogtag package. -- Best regards, Alexander V Vershilov. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto