Closed Bug 174806 Opened 23 years ago Closed 23 years ago

AES keys don't have CKA_VALUE_LEN

Categories

(NSS :: Libraries, defect, P1)

Product:
NSS
Component:
Libraries
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: jamie-bugzilla, Assigned: rrelyea)

Details

Attachments

(1 file)

Add CKA_VALUE_LEN to the attributes returned for token secret keys.
923 bytes, patch
Details | Diff | Splinter Review
AES keys should have the CKA_VALUE_LEN attribute to say how long they are, so that PK11_GetKeyLength and PK11_GetKeyStrength work properly. I think this should happen in pkcs11.c:validateSecretKey, where it happens for all the other variable-length secret key types.
I should point out I'm using a token symmetric key. Looking into this a little deeper, I see that pkcs11u.c:pk11_FindSecretKeyAttribute has no code to return the CKA_VALUE_LEN field. So the problem may be there instead.
Priority: -- → P1
Target Milestone: --- → 3.7
I'll add the code, though the NSS's use of CKA_VALUE_LEN appears to be a non-standard use. Longer term this should be raised with the pkcs #11 working group. bob
checked into tip.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: