This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 1465566 - Fix HmacTest code for AES encrypt/unwrap
Fix HmacTest code for AES encrypt/unwrap
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: jss (Show other bugs)
All Linux
urgent Severity urgent
: rc
: ---
Assigned To: Jack Magne
: ZStream
Depends On: 1465565
Blocks: 1488846
  Show dependency treegraph
Reported: 2017-06-27 12:14 EDT by Matthew Harmsen
Modified: 2017-09-27 23:29 EDT (History)
13 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1465565
: 1488846 (view as bug list)
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
TKS debug log when nist is set to true (196.83 KB, text/plain)
2017-09-12 10:00 EDT, Roshni
no flags Details

External Trackers
Tracker ID Priority Status Summary Last Updated
Mozilla Foundation 1373824 None None None 2017-06-27 12:14 EDT

  None (edit)
Description Matthew Harmsen 2017-06-27 12:14:00 EDT
+++ This bug was initially created as a clone of Bug #1465565 +++

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.104 Safari/537.36

Steps to reproduce:

HmacTest code shows importing an HMAC-SHA1 key via an AES encrypt and AES unwrap call.  It works prior to change 2163 (or if I revert PK11MessageDigest.c).

Actual results:

After changeset 2163 (particularly change to PK11MessageDigest.c), it fails.
The failure is caused because PK11_CreateContextBySymKey(mech, CKA_SIGN,
newKey, &param) returns null.

[root@VTPFWSMUXG ~]# java -cp $CLASS_PATH:. HmacTest
mac: javax.crypto.Mac@126097b, Mozilla-JSS version 4.4
key: org.mozilla.jss.crypto.SecretKeyFacade@1468bd9
Exception in thread "main" DigestException: Unable to initialize digest context
	at org.mozilla.jss.provider.javax.crypto.JSSMacSpi.engineInit(
	at org.mozilla.jss.provider.javax.crypto.JSSMacSpi$HmacSHA1.engineInit(
	at javax.crypto.Mac.init(
	at HmacTest.main(

Expected results:

Prior to changeset 2163, importing an HMAC-SHA1 key via encryption and then
unwrap worked.

[root@VTPFWSMUXG ~]# java -cp $CLASS_PATH:. HmacTest
mac: javax.crypto.Mac@30f1c0, Mozilla-JSS version 4.4
key: org.mozilla.jss.crypto.SecretKeyFacade@c77c2e
Comment 2 Jack Magne 2017-09-01 19:49:23 EDT
Upstream checkin:

changeset:   2197:eec15518fd61
tag:         tip
user:        Jack Magne <>
date:        Fri Sep 01 16:15:54 2017 -0700
files:       org/mozilla/jss/pkcs11/ org/mozilla/jss/pkcs11/PK11MessageDigest.c org/mozilla/jss/tests/ org/mozilla/jss/tests/
unwrapping of HMAC-SHA1 secret keys using AES wrapping and unwrapping
cfu on behalf of jmagne
Comment 3 Jack Magne 2017-09-01 19:52:50 EDT
QE Testing instructions:

We want to make sure this fix allows TPS to continue to function normally under the following circumstances.

1. General TPS sanity testing, can we do simple format and enrollments using the software token.

2. The following is one specific case that we want to verify which is the following:

  a) We must exercise the scenario where we are using the SP800 key derivation function while using a master key on the hsm of type HMAC. We should already have a test case for that. This as we recall requires generating the given HMAC master key on the hsm using the build in commands. Once we have verified that the HMAC master key on the HSM work properly, we should be good to go.
Comment 5 Roshni 2017-09-12 09:59:10 EDT
Noticed the attached TKS debug log messages and the following TKS audit messages when trying to test with tks.defKeySet.nistSP800-108KdfOnKeyVersion=0
tks.defKeySet.nistSP800-108KdfUseCuidAsKdd=true in TKS CS.cfg.

0.http-bio-23443-exec-23 - [12/Sep/2017:09:30:22 EDT] [14] [6] [AuditEvent=COMPUTE_SESSION_KEY_REQUEST][CUID_encoded=#40#90#61#45#75#C1#24#0E#03#27][KDD_encoded=#00#00#41#06#24#0E#03#27#75#C1][Outcome=Success][] TKS Compute session key request
0.http-bio-23443-exec-23 - [12/Sep/2017:09:30:23 EDT] [14] [6] [AuditEvent=COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS][CUID_decoded=4090614575C1240E0327][KDD_decoded=00004106240E032775C1][Outcome=Success][status=0][][IsCryptoValidate=true][IsServerSideKeygen=true][SelectedToken=NHSM-RPATTATH-SOFTCARD][KeyNickName=hsm-master-scp01][TKSKeyset=defKeySet][KeyInfo_KeyVersion=0x2][NistSP800_108KdfOnKeyVersion=0x0][NistSP800_108KdfUseCuidAsKdd=false] TKS Compute session key request processed successfully

Key change operation was successful though. I am not sure if the error messages in the TKS debug log and the audit message indicating NistSP800_108KdfUseCuidAsKdd=false when it is actually set to true is related to this bug or if it has anything to do with FIPS.
Comment 6 Roshni 2017-09-12 10:00 EDT
Created attachment 1324904 [details]
TKS debug log when nist is set to true
Comment 7 Roshni 2017-09-14 15:53:35 EDT
Please ignore, the previous comment, noticed i had updated the wrong param in TKS CS.cfg.

Note You need to log in before you can comment on or make changes to this bug.