[xmlsec] nss updates
tejbiz at aol.com
Mon Jul 28 10:12:32 PDT 2003
Here's the response to your questions on a case by case basis:
1) DES3 wrapping:
The Encryption spec defines the wrap/unwrap procecure
which treats the key to be wrapped as common data.
See 5.6.2 CMS Triple DES Key Wrap in the XML Encryption spec.
Aleksey has faithfully implemented that specification in
xmlsec-openssl, and xmlsec-nss reflects that.
2) AES wrapping:
a) The spec clearly states that the the information to be
wrapped NEED NOT BE A KEY. See 5.6.3 AES KeyWrap in the
b) Why CKM_NETSCAPE_AES_KEY_WRAP?. As far as I know, there
is no standard OID for AES WRAP defined by the PKCS11 spec.
The CKM_NETSCAPE_AES_KEY_WRAP mechanism is only implemented
by NSS's softtoken.
That is the the ONLY AES wrap mechanism available to me in NSS.
3) RSA wrapping:
The encryption spec (see 5.4 Key Transport) allows for 2 possibilities:
a) the encrypted data is a key
b) the encrypted data is not a key
However, there is distinction between the two cases.
In case (a) the type of the key being wrapped is specified
by the ALGORITHM attribute of ENCRYPTIONMETHOD element under
I'm not sure this distinction is visible in the
Transform Klass that does the RSA wrapping. Aleksey?.
In order for me to use PK11_PubWrapSymKey instead of
PK11_PubEncryptRaw, I need to know the type of the
key I'm wrapping.
Andrew Fan wrote:
> Hi Tej,
> I have a look at your implementation of symmetric key wrap and
> transport. I find that you treated symmetric key as a common data when
> wraping or transporting, and use the the interfaces: PK11_CipherOp,
> PK11_PubEncryptRaw, and PK11_PubDecryptRaw. To my knowledge, PKCS11 has
> a function named C_WrapKey do the things like key wrap and key
> transport, it is designed following some standards, such as PKCS1 and
> KEK, there is a little defference for wrap a key comparing with
> encrypting a block data. I search the NSS, and find some functions like
> C_WrapKey, such as PK11_WrapSymKey/PK11_UnwrapSymKey and
> PK11_PubWrapSymKey/PK11_PubUnwrapSymKey. I wander why you do not use
> these functions? I do not carefully check NSS sources, so I don't know
> whether you're right or not. Are you sure you had got the right result?
> Anyhow, I suggest use the C_WrapKey like functions because it is the
> default ones, which will ensure you get the correct result, I think.
> BTW, I also notice that you use a crypto mechanism named
> CKM_NETSCAPE_AES_KEY_WRAP, which will result you depending NSS internal
> PKCS11 implementation, as will refuse you useing third party pkcs11
> devices, such as smart card.
More information about the xmlsec