No, it’s the EncryptedPrivateKeyInfo format and internally the data is PKCS8. I
can unwrap it with a cipher from SunJCE.
BTW, I made a mistake in my first mail. The config needn’t be sensitive. Then I
am able to use the key to init a SunJCE cipher.
—Weijun
> On Dec 18, 2024, at 22:02, Mike StJohns <mstjo...@comcast.net> wrote:
>
> If I had to make a wild guess, I’d guess that the wrapped key doesn’t include
> the curve info. If the length of the wrapped data is only 40 bytes, then all
> you have is the x from the private key. I’m wondering if the algorithm has
> to include the curve info.
>
> Something like “EC/secp256r1”?
>
> If it’s longer than 40 bytes (or 8 plus the length of the private key data
> for a given curve) then something besides the bare private key has been
> wrapped.
>
> For some unknown reason, the format of the key material being wrapped was not
> specified by PKCS11.
>
> Mike
>
> Sent from my iPad
>
>> On Dec 18, 2024, at 19:23, Wei-Jun Wang <weijun.w...@oracle.com> wrote:
>>
>> Hi, PKCS #11 gurus,
>>
>> var sp = KeyPairGenerator.getInstance("EC",
>> p).generateKeyPair().getPrivate();
>> var k = KeyGenerator.getInstance("AES", p).generateKey();
>>
>> var cipher = Cipher.getInstance("AES/KW/PKCS5Padding", p);
>> cipher.init(Cipher.WRAP_MODE, k);
>> var wrapped = cipher.wrap(sp);
>> cipher.init(Cipher.UNWRAP_MODE, k);
>> cipher.unwrap(wrapped, "EC", Cipher.PRIVATE_KEY);
>>
>> Here, p is SunPKCS11-NSS using sensitive config, and the last unwrap method
>> reports an CKR_TEMPLATE_INCOMPLETE error. It runs fine with RSA.
>>
>> Thanks,
>> Weijun
>>
>>
>
