Skip to content

Commit c323b5a

Browse files
aidangarskeaidangarske
committed
F-2368 - https://fenrir.wolfssl.com/finding/2368 - Default CKA_SENSITIVE=TRUE and CKA_EXTRACTABLE=FALSE for private keys
1 parent 4b10e56 commit c323b5a

2 files changed

Lines changed: 70 additions & 3 deletions

File tree

src/crypto.c

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -514,6 +514,9 @@ static CK_RV SetAttributeDefaults(WP11_Object* obj, CK_OBJECT_CLASS keyType,
514514
ulCount);
515515
break;
516516
case CKO_SECRET_KEY:
517+
if (ret == CKR_OK)
518+
ret = SetIfNotFound(obj, CKA_SENSITIVE, trueVal, pTemplate,
519+
ulCount);
517520
if (ret == CKR_OK)
518521
ret = SetIfNotFound(obj, CKA_EXTRACTABLE, trueVal, pTemplate,
519522
ulCount);
@@ -532,7 +535,10 @@ static CK_RV SetAttributeDefaults(WP11_Object* obj, CK_OBJECT_CLASS keyType,
532535
break;
533536
case CKO_PRIVATE_KEY:
534537
if (ret == CKR_OK)
535-
ret = SetIfNotFound(obj, CKA_EXTRACTABLE, trueVal, pTemplate,
538+
ret = SetIfNotFound(obj, CKA_SENSITIVE, trueVal, pTemplate,
539+
ulCount);
540+
if (ret == CKR_OK)
541+
ret = SetIfNotFound(obj, CKA_EXTRACTABLE, falseVal, pTemplate,
536542
ulCount);
537543
if (ret == CKR_OK)
538544
ret = SetIfNotFound(obj, CKA_DECRYPT, encrypt, pTemplate,

tests/pkcs11test.c

Lines changed: 63 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -89,9 +89,7 @@ static CK_OBJECT_CLASS secretKeyClass = CKO_SECRET_KEY;
8989
static CK_OBJECT_CLASS certificateClass = CKO_CERTIFICATE;
9090
static CK_OBJECT_CLASS dataClass = CKO_DATA;
9191

92-
#if defined(HAVE_ECC) || !defined(NO_DH)
9392
static CK_BBOOL ckFalse = CK_FALSE;
94-
#endif
9593
static CK_BBOOL ckTrue = CK_TRUE;
9694

9795
#ifndef NO_RSA
@@ -2236,6 +2234,7 @@ static CK_RV test_copy_object_deep_copy(void* args)
22362234
{ CKA_VALUE, keyData, sizeof(keyData) },
22372235
{ CKA_ID, keyId, sizeof(keyId) },
22382236
{ CKA_LABEL, label, sizeof(label)-1 },
2237+
{ CKA_SENSITIVE, &ckFalse, sizeof(ckFalse) },
22392238
{ CKA_EXTRACTABLE, &ckTrue, sizeof(ckTrue) },
22402239
{ CKA_ENCRYPT, &ckTrue, sizeof(ckTrue) },
22412240
{ CKA_DECRYPT, &ckTrue, sizeof(ckTrue) },
@@ -3215,6 +3214,7 @@ static CK_RV test_attribute(void* args)
32153214
CK_ATTRIBUTE tmpl[] = {
32163215
{ CKA_CLASS, &privKeyClass, sizeof(privKeyClass) },
32173216
{ CKA_KEY_TYPE, &genericKeyType, sizeof(genericKeyType) },
3217+
{ CKA_SENSITIVE, &ckFalse, sizeof(ckFalse) },
32183218
{ CKA_EXTRACTABLE, &ckTrue, sizeof(ckTrue) },
32193219
{ CKA_VALUE, keyData, sizeof(keyData) },
32203220
};
@@ -4302,6 +4302,7 @@ static CK_RV get_generic_key(CK_SESSION_HANDLE session, unsigned char* data,
43024302
CK_ATTRIBUTE generic_key[] = {
43034303
{ CKA_CLASS, &secretKeyClass, sizeof(secretKeyClass) },
43044304
{ CKA_KEY_TYPE, &genericKeyType, sizeof(genericKeyType) },
4305+
{ CKA_SENSITIVE, &ckFalse, sizeof(ckFalse) },
43054306
{ CKA_EXTRACTABLE, &extractable, sizeof(CK_BBOOL) },
43064307
{ CKA_SIGN, &ckTrue, sizeof(ckTrue) },
43074308
{ CKA_VERIFY, &ckTrue, sizeof(ckTrue) },
@@ -6007,6 +6008,60 @@ static CK_RV test_generate_key_pair(void* args)
60076008

60086009
return ret;
60096010
}
6011+
6012+
static CK_RV test_private_key_secure_defaults(void* args)
6013+
{
6014+
CK_SESSION_HANDLE session = *(CK_SESSION_HANDLE*)args;
6015+
CK_RV ret;
6016+
CK_ULONG bits = 2048;
6017+
CK_OBJECT_HANDLE priv = CK_INVALID_HANDLE;
6018+
CK_OBJECT_HANDLE pub = CK_INVALID_HANDLE;
6019+
CK_MECHANISM mech;
6020+
CK_BBOOL sensitive = CK_FALSE;
6021+
CK_BBOOL extractable = CK_TRUE;
6022+
CK_ATTRIBUTE pubKeyTmpl[] = {
6023+
{ CKA_MODULUS_BITS, &bits, sizeof(bits) },
6024+
{ CKA_PUBLIC_EXPONENT, rsa_2048_pub_exp, sizeof(rsa_2048_pub_exp) }
6025+
};
6026+
int pubTmplCnt = sizeof(pubKeyTmpl)/sizeof(*pubKeyTmpl);
6027+
/* No CKA_SENSITIVE or CKA_EXTRACTABLE — rely on defaults */
6028+
CK_ATTRIBUTE privKeyTmpl[] = {
6029+
{ CKA_DECRYPT, &ckTrue, sizeof(ckTrue) },
6030+
{ CKA_SIGN, &ckTrue, sizeof(ckTrue) },
6031+
};
6032+
int privTmplCnt = sizeof(privKeyTmpl)/sizeof(*privKeyTmpl);
6033+
CK_ATTRIBUTE getSensitive = { CKA_SENSITIVE, &sensitive, sizeof(sensitive) };
6034+
CK_ATTRIBUTE getExtract = { CKA_EXTRACTABLE, &extractable,
6035+
sizeof(extractable) };
6036+
6037+
mech.mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN;
6038+
mech.ulParameterLen = 0;
6039+
mech.pParameter = NULL;
6040+
6041+
ret = funcList->C_GenerateKeyPair(session, &mech, pubKeyTmpl, pubTmplCnt,
6042+
privKeyTmpl, privTmplCnt, &pub, &priv);
6043+
CHECK_CKR(ret, "Generate RSA key pair for default check");
6044+
6045+
if (ret == CKR_OK) {
6046+
ret = funcList->C_GetAttributeValue(session, priv, &getSensitive, 1);
6047+
CHECK_CKR(ret, "Get CKA_SENSITIVE");
6048+
}
6049+
if (ret == CKR_OK) {
6050+
CHECK_COND(sensitive == CK_TRUE, ret,
6051+
"Private key CKA_SENSITIVE should default to TRUE");
6052+
}
6053+
6054+
if (ret == CKR_OK) {
6055+
ret = funcList->C_GetAttributeValue(session, priv, &getExtract, 1);
6056+
CHECK_CKR(ret, "Get CKA_EXTRACTABLE");
6057+
}
6058+
if (ret == CKR_OK) {
6059+
CHECK_COND(extractable == CK_FALSE, ret,
6060+
"Private key CKA_EXTRACTABLE should default to FALSE");
6061+
}
6062+
6063+
return ret;
6064+
}
60106065
#endif
60116066

60126067
#if defined(HAVE_AES_KEYWRAP) && !defined(WOLFPKCS11_NO_STORE)
@@ -6480,6 +6535,7 @@ static CK_RV get_rsa_priv_key(CK_SESSION_HANDLE session, unsigned char* privId,
64806535
{ CKA_EXPONENT_2, rsa_2048_dQ, sizeof(rsa_2048_dQ) },
64816536
{ CKA_COEFFICIENT, rsa_2048_u, sizeof(rsa_2048_u) },
64826537
{ CKA_PUBLIC_EXPONENT, rsa_2048_pub_exp, sizeof(rsa_2048_pub_exp) },
6538+
{ CKA_SENSITIVE, &ckFalse, sizeof(ckFalse) },
64836539
{ CKA_EXTRACTABLE, &extractable, sizeof(CK_BBOOL) },
64846540
{ CKA_TOKEN, &ckTrue, sizeof(ckTrue) },
64856541
{ CKA_ID, privId, privIdLen },
@@ -8560,6 +8616,7 @@ static CK_OBJECT_HANDLE get_ecc_priv_key(CK_SESSION_HANDLE session,
85608616
CK_ATTRIBUTE ecc_p256_priv_key[] = {
85618617
{ CKA_CLASS, &privKeyClass, sizeof(privKeyClass) },
85628618
{ CKA_KEY_TYPE, &eccKeyType, sizeof(eccKeyType) },
8619+
{ CKA_SENSITIVE, &ckFalse, sizeof(ckFalse) },
85638620
{ CKA_EXTRACTABLE, &extractable, sizeof(CK_BBOOL) },
85648621
{ CKA_VERIFY, &ckTrue, sizeof(ckTrue) },
85658622
{ CKA_EC_PARAMS, ecc_p256_params, sizeof(ecc_p256_params) },
@@ -9219,6 +9276,8 @@ static CK_RV test_ecc_key_erase_bug(void* args)
92199276
CK_ATTRIBUTE ecc_p256_priv_key[] = {
92209277
{ CKA_CLASS, &privKeyClass, sizeof(privKeyClass) },
92219278
{ CKA_KEY_TYPE, &eccKeyType, sizeof(eccKeyType) },
9279+
{ CKA_SENSITIVE, &ckFalse, sizeof(ckFalse) },
9280+
{ CKA_EXTRACTABLE, &ckTrue, sizeof(ckTrue) },
92229281
{ CKA_VERIFY, &ckTrue, sizeof(ckTrue) },
92239282
{ CKA_EC_PARAMS, ecc_p256_params, sizeof(ecc_p256_params) },
92249283
{ CKA_VALUE, ecc_p256_priv, sizeof(ecc_p256_priv) },
@@ -9642,6 +9701,7 @@ static CK_OBJECT_HANDLE get_dh_priv_key(CK_SESSION_HANDLE session,
96429701
CK_ATTRIBUTE dh_2048_priv_key[] = {
96439702
{ CKA_CLASS, &privKeyClass, sizeof(privKeyClass) },
96449703
{ CKA_KEY_TYPE, &dhKeyType, sizeof(dhKeyType) },
9704+
{ CKA_SENSITIVE, &ckFalse, sizeof(ckFalse) },
96459705
{ CKA_EXTRACTABLE, &extractable, sizeof(CK_BBOOL) },
96469706
{ CKA_DERIVE, &ckTrue, sizeof(ckTrue) },
96479707
{ CKA_PRIME, dh_ffdhe2048_p, sizeof(dh_ffdhe2048_p) },
@@ -16955,6 +17015,7 @@ static TEST_FUNC testFunc[] = {
1695517015
PKCS11TEST_FUNC_SESS_DECL(test_generate_key),
1695617016
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
1695717017
PKCS11TEST_FUNC_SESS_DECL(test_generate_key_pair),
17018+
PKCS11TEST_FUNC_SESS_DECL(test_private_key_secure_defaults),
1695817019
#endif
1695917020
#if defined(HAVE_AES_KEYWRAP) && !defined(WOLFPKCS11_NO_STORE)
1696017021
PKCS11TEST_FUNC_SESS_DECL(test_aes_wrap_unwrap_key),

0 commit comments

Comments
 (0)