CKM_EC_MONTGOMERY_KEY_PAIR_GEN for CKK_EC_MONTGOMERY fails
Categories
(NSS :: Libraries, defect)
Tracking
(firefox-esr115 unaffected, firefox-esr128 unaffected, firefox130 wontfix, firefox131 wontfix, firefox132 fixed)
Tracking | Status | |
---|---|---|
firefox-esr115 | --- | unaffected |
firefox-esr128 | --- | unaffected |
firefox130 | --- | wontfix |
firefox131 | --- | wontfix |
firefox132 | --- | fixed |
People
(Reporter: joachim, Assigned: joachim)
References
(Regression)
Details
(Keywords: regression)
Attachments
(1 file)
Steps to reproduce:
C_GenerateKeyPair with a CKM_EC_MONTGOMERY_KEY_PAIR_GEN mechanism with a CKK_EC_MONTGOMERY key type.
Actual results:
Key pair fails to generate due to a failure in pair-wise consistency test (PCT). PCT fails because CKA_SIGN attribute is erroneously set to CK_TRUE for the generated private key, even though CKK_EC_MONTGOMERY cannot be used for signature generation / verification This results in canSignVerify = true
and switch (keyType) {
ending up in the default case. CKA_SIGN is erroneously set to CK_TRUE in sftk_handlePrivateKeyObject because CKK_EC, CKK_EC_EDWARDS, and CKK_EC_MONTGOMERY are all handled in the same switch case. (Note that CKA_VERIFY is also set to CK_TRUE in
Expected results:
Key pair generation succeeds
(Note: this bug is almost identical to 1890069, so its solution will be as well)
Part of the text in the report was cut off, it should read "(Note that CKA_VERIFY is also set to CK_TRUE in sftk_handlePublicKeyObject)"
Comment 3•3 months ago
|
||
:anna.weine, since you are the author of the regressor, bug 1900416, could you take a look? Also, could you set the severity field?
For more information, please visit BugBot documentation.
Comment 4•3 months ago
|
||
https://hg.mozilla.org/projects/nss/rev/9869cf0fc6b52096083dc8ee071e2a85f06058c6
P.s. feel free to re-open the bug if any problems :)
Updated•3 months ago
|
Description
•