[Softhsm-develop] CKA_SENSITIVE and CKA_EXTRACTABLE handling
pspacek at redhat.com
Thu Jul 17 12:38:01 CEST 2014
I'm working on CKM_RSA_PKCS support for C_WrapKey (as I promised earlier).
I have found out that SoftHSM allows me to *wrap* key if and only if this key
has CKA_SENSITIVE=FALSE and CKA_EXTRACTABLE=TRUE.
Unfortunately, this combination of flags also means that I'm able to get
plaintext values from the token (using C_GetAttributeValue for CKA_VALUE or so).
I think that SoftHSM should allow key wrapping in case where
CKA_EXTRACTABLE=TRUE and CKA_SENSITIVE=TRUE. In that case C_GetAttributeValue
with CKA_VALUE should fail but C_WrapKey should work.
IMHO this is allowed behavior, see  page 83:
If the CKA_SENSITIVE attribute is CK_TRUE, or if the CKA_EXTRACTABLE attribute
is CK_FALSE, then certain attributes of the secret key cannot be revealed in
plaintext outside the token. Which attributes these are is specified for each
type of secret key in the attribute table in the section describing that type
This text talks only about plain text values, not about key wrapping. I think
that this is in line with CKA_EXTRACTABLE and CKA_SENSITIVE definitions:
CKA_EXTRACTABLE in  on page 79:
CK_TRUE if key is extractable and can be wrapped.
CKA_SENSITIVE in  on page 79:
CK_TRUE if key is sensitive
My personal translation to natural language is:
CKA_EXTRACTABLE defines if user is allowed to get "any" values (plaintext or
CKA_SENSITIVE defines if user is allowed to get plaintext values.
Do you agree? Would you accept patch which will modify attribute handling to
follow logic explained above?
Thank you for your time!
Petr Spacek @ Red Hat
More information about the Softhsm-develop