Sebastian Mayer wrote:
> Hi All,
>
> I have some problems in initializing a MAC-based signing operation. Here
> is the code snippet (nothing special, mostly put together from the PKCS
> spec samples):
>
> #define BLOCKSIZE 16;
>
> CK_ULONG ulMacLen=BLOCKSIZE;
> CK_BYTE mac[ulMacLen];
> CK_BYTE data[] = {"aaaaaaaaaaaaaaa"};
> CK_ULONG datalen=BLOCKSIZE;
> CK_OBJECT_HANDLE hKey;
>
> CK_MECHANISM keygenmecha = {
> CKM_AES_KEY_GEN, NULL_PTR, 0
> };
>
> CK_ULONG valueLen= BLOCKSIZE;
> CK_ATTRIBUTE template[] = {
> {CKA_TOKEN, &false, sizeof(false)},
> {CKA_SIGN, &true, sizeof(true)},
> {CKA_ENCRYPT, &false, sizeof(false)},
> {CKA_VALUE_LEN, &valueLen, sizeof(valueLen)},
> };
>
> printf("C_GenerateKey\n");
> rv=pFunctionList->C_GenerateKey(hSession, &keygenmecha,
> template,4,&hKey);
> if (rv != CKR_OK) {
> printf("error: %lx\n", rv);
> }
>
>
>
> CK_MECHANISM macMecha = {
> CKM_AES_MAC, NULL_PTR, 0
> };
>
> printf("C_SignInit\n");
> rv =pFunctionList->C_SignInit(hSession, &macMecha, hKey);
> if (rv != CKR_OK) {
> printf("error: %lx\n", rv);
> }
>
> C_SignInit returns CKR_MECHANISM_INVALID.
> According to the PKCS11 list of mechanism capabilities, I should be able
> to use this mechanism for signing and verification. I also checked the
> MECHANISM_INFO structure which states 16 bytes min key size, 32 bytes
> max key size, and the flags 0x2800 (sign and verify), so everything
> seems green.
>
> I'm using NSS version 3.12 in FIPS-mode.
>
> Any help is appreciated.
>
Solved - and this was again a "FIPS issue". The AES_MAC is not in the
list of support mechanism in the fips-related security policy. I should
read the policy more carefully ...
--
Sebastian
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
