Sebastian Mayer wrote: > Hi All, > > I have some problems in initializing a MAC-based signing operation. Here > is the code snippet (nothing special, mostly put together from the PKCS > spec samples): > > #define BLOCKSIZE 16; > > CK_ULONG ulMacLen=BLOCKSIZE; > CK_BYTE mac[ulMacLen]; > CK_BYTE data[] = {"aaaaaaaaaaaaaaa"}; > CK_ULONG datalen=BLOCKSIZE; > CK_OBJECT_HANDLE hKey; > > CK_MECHANISM keygenmecha = { > CKM_AES_KEY_GEN, NULL_PTR, 0 > }; > > CK_ULONG valueLen= BLOCKSIZE; > CK_ATTRIBUTE template[] = { > {CKA_TOKEN, &false, sizeof(false)}, > {CKA_SIGN, &true, sizeof(true)}, > {CKA_ENCRYPT, &false, sizeof(false)}, > {CKA_VALUE_LEN, &valueLen, sizeof(valueLen)}, > }; > > printf("C_GenerateKey\n"); > rv=pFunctionList->C_GenerateKey(hSession, &keygenmecha, > template,4,&hKey); > if (rv != CKR_OK) { > printf("error: %lx\n", rv); > } > > > > CK_MECHANISM macMecha = { > CKM_AES_MAC, NULL_PTR, 0 > }; > > printf("C_SignInit\n"); > rv =pFunctionList->C_SignInit(hSession, &macMecha, hKey); > if (rv != CKR_OK) { > printf("error: %lx\n", rv); > } > > C_SignInit returns CKR_MECHANISM_INVALID. > According to the PKCS11 list of mechanism capabilities, I should be able > to use this mechanism for signing and verification. I also checked the > MECHANISM_INFO structure which states 16 bytes min key size, 32 bytes > max key size, and the flags 0x2800 (sign and verify), so everything > seems green. > > I'm using NSS version 3.12 in FIPS-mode. > > Any help is appreciated. >
Solved - and this was again a "FIPS issue". The AES_MAC is not in the list of support mechanism in the fips-related security policy. I should read the policy more carefully ... -- Sebastian -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto