When I try to unwrap AES key via JSS API, I get the following
exception:
cipher = Cipher.getInstance("RSA", jssProvider);
cipher.init(Cipher.UNWRAP_MODE, wrapKeyPair.getPrivate());
Key unwrappedKey = cipher.unwrap(wrappedData, "AES",
Cipher.SECRET_KEY);
org.mozilla.jss.util.AssertionException: assertion failure!
at org.mozilla.jss.util.Assert._assert(Assert.java:58)
at org.mozilla.jss.pkcs11.PK11KeyWrapper.algFromType
(PK11KeyWrapper.java:545)
at org.mozilla.jss.pkcs11.PK11KeyWrapper.unwrapSymmetric
(PK11KeyWrapper.java:518)
at org.mozilla.jss.pkcs11.PK11KeyWrapper.unwrapSymmetric
(PK11KeyWrapper.java:484)
at
org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.engineUnwrapSecret
(JSSCipherSpi.java:484)
at org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.engineUnwrap
(JSSCipherSpi.java:452)
at javax.crypto.Cipher.unwrap(DashoA13*..)
at EncryptionTest.main(EncryptionTest.java:86)
The exception comes from the following code (in PK11KeyWrapper) that
clearly misses AES case:
private static Algorithm
algFromType(SymmetricKey.Type type) {
if( type == SymmetricKey.DES ) {
return EncryptionAlgorithm.DES_ECB;
} else if( type == SymmetricKey.DES3 ) {
return EncryptionAlgorithm.DES3_ECB;
} else if( type == SymmetricKey.RC4 ) {
return EncryptionAlgorithm.RC4;
} else {
Assert._assert( type == SymmetricKey.RC2 );
return EncryptionAlgorithm.RC2_CBC;
}
}
I've seen other people complaining about a similar problem.
Is this done on purpose (lack of proper code in NSS/JSS)? Or is it
some minor bug in JSS that may be easily fixed?
Thank you in advance,
Alex
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
