Closed Bug 1474059 Opened 7 years ago Closed 6 years ago

RFE: NSS softokn to add/return CKA_EC_POINT attribute for EC private keys

Categories

(NSS :: Libraries, enhancement)

Product:
NSS
Component:
Libraries
Version:
3.38
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1473806

People

(Reporter: shihping.chan, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0 Build ID: 20180625102006 Steps to reproduce: softokn does not return CKA_EC_POINT from EC private keys This is not required of the standard but is an extremely useful attr to have SafeNet HSM is an example that does this. This RFE is for softokn to add CKA_EC_POINT to an EC private key object. Actual results: Testing the new -R -k <hex id> for orphan keys in 3.38 1. Works on RSA orphan keys 2. Fails on EC orphan keys - unable to get CKA_EC_POINT Expected results: -R can generate a request from an EC orphan key I think the root cause is this: -R with -k hex id attempts to get CKA_EC_POINT from the EC private key in order to generate the CSR, but softokn does not include that attribute in the CKO_PRIVATE_KEY object (which it is not required to do, BTW). But this behaviour would be sooooo nice and enable us to adopt orphan keys whether RSA or EC.
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
QA Contact: jjones
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.