Hi Glen,
I finally got all the other problems solved, and ran into this problem
when trying to run your code
I have some doubts that you're running my exact code sample and instead
have changed the code
sample which would mean the code is no longer mine and is yours. Doubts,
only of course, I freely
admit to haven written some buggy code in my day.
My code sample creates an "128 bit AES" key.
I expect that you change the sample and are trying to create say a
DESede key?
not sure, but if yes then please review
http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html
http://java.sun.com/javase/6/docs/technotes/guides/security/p11guide.html
Also, please try to provide detailed info such as version number of the
software you're using, and which OS.
Meaning state "I am using NSPR ver, NSS ver, Java ver, on OS, with
FIPSMODE ON/OFF".
You also might want to consider using JSS, as I believe it should be easier
than using NSS-SunPKCS11 bridge.
https://developer.mozilla.org/En/JSS
http://mxr.mozilla.org/security/source/security/jss/org/mozilla/jss/tests/JCASymKeyGen.java
hope this helps,
glen
When attempting to actually generate the key, I get this exception:
java.security.ProviderException: Could not generate key
at sun.security.pkcs11.P11KeyGenerator.engineGenerateKey
(P11KeyGenerator.java:260)
http://hg.openjdk.java.net/jdk7/jsn/jdk/file/66c2b0cfc896/src/share/classes/sun/security/pkcs11/P11KeyGenerator.java
at javax.crypto.KeyGenerator.generateKey(DashoA13*..)
at test.SunPKCS11NSS.main(SunPKCS11NSS.java:53)
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception:
CKR_ATTRIBUTE_VALUE_INVALID
at sun.security.pkcs11.wrapper.PKCS11.C_GenerateKey(Native Method)
at sun.security.pkcs11.P11KeyGenerator.engineGenerateKey
(P11KeyGenerator.java:255)
... 2 more
Anyway, thanks very much for all your help so far.
Kevin Oberlies
Student Software Developer
CDM Technologies, Inc. (http://www.cdmtech.com)
--
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto
