Hi,
Is is possible to import a symmetric key such that it is persisted in the
database? I have tried the following.
unsigned char secret[] = {0xe8, 0xa7, 0x7c, 0xe2, 0x05, 0x63, 0x6a, 0x31};
SECItem key;
key.type = siBuffer;
key.data = secret;
key.len = sizeof(secret);
PK11SlotInfo *slot = PK11_GetInternalKeySlot();
// Import key.
PK11SymKey *symKey = PK11_ImportSymKey(slot, CKM_DES_CBC, PK11_OriginUnwrap,
CKA_ENCRYPT, &key, NULL);
if (!symKey)
{
cout << "Failed to import key" << endl;
goto shutdown;
}
// Assign nickname to key.
SECStatus rv = PK11_SetSymKeyNickname(symKey, "MySymKey");
if (rv != SECSuccess)
{
cout << "Couldn't set name on key" << endl;
PK11_DeleteTokenSymKey(symKey);
PK11_FreeSymKey(symKey);
goto shutdown;
}
// Check if key was imported.
if (PK11_ListFixedKeysInSlot(slot, "MySymKey", NULL) == NULL)
{
cout << "Failed to find key" << endl;
goto shutdown;
}
PK11_ListFixedKeysInSlot returns NULL and the timestamp on key4.db remains
unchanged, indicating the key was not imported into the database.
Thanks,
John
--
View this message in context:
http://mozilla.6506.n7.nabble.com/Importing-a-symmetic-key-into-NSS-database-tp286642.html
Sent from the Mozilla - Cryptography mailing list archive at Nabble.com.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
