Extract CKA_Value from Key or data Object in PKCS11 - pkcs#11

I would like to read Key value from a KEY/Data object of PKCS11 into a local variable.
I observe that Key is stored in CKA_VALUE of Key object.
Which is the ideal function to be used to get this value to my local variable?
I have used C_GetAttributeValue it but doesn't help.
Please guide me.
Thanks
Harsha

Private keys of assymmetric algorithms and symmetric keys usually can not be extracted from the hardware device. This is a protection measure. That's why you can't get the value.
There exist exceptions (some implementations allow you to add the key and explicitly mark it as not protected, in which case the key can be read later) but this reduces security and other user benefits, so this not popular.

In some implementation, if you set the CKA.CKA_SENSITIVE to false, yes you can read the value.

If CKA_EXTRACTABLE is set to CK_FALSE on a key then the value cannot be extracted using PKCS#11.
IF CKA_SENSITIVE is set to CK_TRUE then a key cannot be extracted in plain text.
However,
If CKA_EXTRACTABLE is CK_TRUE, and CKA_SENSITIVE is CK_FALSE the key can be extracted using CKA_VALUE.
If CKA_EXTRACTABLE is CK_TRUE, and CKA_SENSITIVE is CK_TRUE the key can be extracted by wrapping the key using C_WrapKey, then unwrapping the wrapped key outside the unit.

Related

Disabling Key object usage in PKCS#11

I wanted to know if there is a way a disable a particular operation on a PKCS#11 Object. For instance, I create an Object (AES Key) using C_CreateObject. I would want to set some property in this object that pauses/ disables the use of this object for any encryption/ decryption use. Is this possible ? Can we set the CKA_DECRYPT value to CK_FALSE to disable Decrypt operations? Also can this be changed multiple times using C_SetAttributeValue
Theoretically PKCS#11 standard don't restrict your from changing values of properties.
Practically your possibility to change the values after object created dependent on your PKCS#11 provider.
My suggestion that this property is immutable.
Try to set this values during creation of key or change values during copying of key object using C_CopyObject.
Another solution is to implement your own PKCS#11 proxy library with custom logic inside of PKCS#11 exported functions.

Scoping of keys in vscode extension global scope

The context of a vscode extension provides access to globalState which is a Memento object with key/value pairs. My question is: does each extension get its own memento object, or is there one shared by all extensions? Just wondering whether I need to make my keys more specific (e.g., my.extension.foo), or if I can keep the keys simple (e.g., foo).
It's scoped to your extension, so you can keep them simple:
However, when an extension uses storage, it will always get it's data stored under 1 key (the extension name + extension ID). We never allow to write directly into storage under a key that could conflict with other keys.
(source)

How to hash in CFMX_COMPAT in c#

An existing coldfusion website is to be converted to dot net.
In the coldfusion code, the password is hashed using its hash() function with no algorithm:
SomePassword = '#hash(fldPassword)#'
I found this document, saying the default encryption is
CFMX_COMPAT: Generates a hash string identical to that generated by
ColdFusion MX and ColdFusion MX 6.1 (default).
There are some articles actually telling me how to decrypt.
According to Macromedia, The ColdFusion Encrypt function uses an
XOR-based algorithm that utilizes a pseudo random 32-bit key based on
a seed passed by the user as a parameter to the function. The
resulting data is UUencoded.
You'll need to uudecode the encoded value first
http://www.eggheadcafe.com/printsear...asp?linkid=351
and then XOR it using the key it was encrypted with.
http://www.java2s.com/Code/CSharp/La...deamessage.htm
If you dont have the key - your wasting yuor time.
But, how to make it work? I don't think there is any key. All I can see is '#hash(fldPassword)#'. Please help. Thanks.
There are some articles actually telling me how to decrypt.
Hashing and encryption are not the same thing. Encryption can be reversed. You can recover the original value if you have the right key, etectera. Whereas hashing is a one way trip. Once hashed, the original value cannot be recovered. (Well .. in theory. Some of the weaker hashing algorithms have been broken.) So you cannot "decrypt" a hashed value. But you can duplicate the obfuscated result string.
I found this document, saying the default encryption is CFMX_COMPAT
Actually it refers to the default algorithm. However, I am not so sure that description is correct. (Edit: As Rasmus correctly points out, it does say the default is MD5) However, CF9/7 default to MD5 anyway. Even when the algorithm is CFMX_COMPAT. So in either case, a simple MD5 hash in C# would give you the same result.
ie These all produce identical results ie 098F6BCD4621D373CADE4E832627B4F6.
#hash("test")#
#hash("test", "cfmx_compat")#
#hash("test", "md5")#
If I read the documentation correctly, CFMX_COMPAT hashing is just MD5.
So:
byte[] hash = MD5.Create().ComputeHash(fldPassword);
It should be easy to verify if you have access to a ColdFusion installation.

Returning wrong decryption text when using invalid key

I use following class to encrypt/decrypt my texts.
http://code.google.com/p/iphonebits/source/browse/trunk/src/Encryption/NSData-AES.m?r=2
This works perfectly. But when I decrypt the encrypted text with an invalid key (any one other than encryption key) this returns some text and its not in the actual length of the decrypted text. What can be the reason (is this supposed to return nil)? Is this the better way? Does libraries supposed to return errors for invalid decryption keys? Is it a must or not?
Thank you
Well, the algorithm will not know if the key that you are providing is the right one. To know if the key is right the algorithm would have to have it's copy, which is unsafe. Although it could have the copy of it's hash, but that would still apply that the encryption and decryption algorithms would work for only one key. Your current decryption accepts the key and put's it to work in the decoding algorithm. The result should reflect the original text but if the key was wrong it will give you the text generated according to the wrong key. It's all working properly.

Decrypt data using an RSA public key

First off, that is not a typo, I want to decrypt using a public key. The purpose for doing this is to challenge a third party to ensure they do, in fact, have the private key that corresponds to the public key. Basically, I would send some random data, they would encrypt it with their private key, I would decrypt it using the public key and compare the decrypted value to the random data that I sent. I believe this is a pretty standard procedure in public key crypto but for some reason decrypting with a public key seems to be taboo.
I am simply using the RSACryptoServiceProvider in .NET 2.0. However, when I call Decrypt it throws a CryptographicException with message Bad Key. The key is not bad (I can Encrypt with no problem), but it appears as though it will not let me decrypt with just the public key. What gives? This must be possible to do.
I think the recognized term is signing. They sign with the private key, and you verify with the public key. I admit I don't understand the low-level math as well as I should, but my understanding is signing is really just encrypting with the private key.
Use RSACryptoServiceProvider's sign and verify family of methods. In fact, SignHash actually says, "encrypting it with the private key."
These .Net classes should be a wrapper of the crypto API.
There are two types of keys in crypto API. Crypto API is a wrapper around PKCS#11. When you generate a key pair using Microsoft cryptographic service provider, you get AT_EXCHANGE AND AT_SIGNATURE keys. Every key is generated based on some attributes defined in PKCS#11 standard..
AT_EXCHANGE keys Attributes:
wrap/unwrap = true
sign/verify = true
encrypt/decrypt = false
AT_SIGNATURE keys Attributes:
wrap/unwrap = false
sign/verify = true
encrypt/decrypt = false
So basically, when you are exchaning data, you are essentially performing a wrapping/unwrapping function. This is what Microsoft calls it as AT_EXCHANGE. This is primarily used to exchange secrete/symmetric keys and not used to echange huge amounts of data.
So you need to go back and find out which key you chose to EITHER sign / wrap your dat.
Per Raj, the key you've been provided with probably isn't marked for exchange.
Ask the party who provided the public key how they generated it. If using makecert.exe, they'll need to specify "-sky Exchange". Without this, you can only use the key for signing and authentication, not encryption/decryption which is the use case you're implementing here.