When I try to unwrap AES key via JSS API, I get the following
exception:

cipher = Cipher.getInstance("RSA", jssProvider);
cipher.init(Cipher.UNWRAP_MODE, wrapKeyPair.getPrivate());
Key unwrappedKey = cipher.unwrap(wrappedData, "AES",
Cipher.SECRET_KEY);

org.mozilla.jss.util.AssertionException: assertion failure!
        at org.mozilla.jss.util.Assert._assert(Assert.java:58)
        at org.mozilla.jss.pkcs11.PK11KeyWrapper.algFromType
(PK11KeyWrapper.java:545)
        at org.mozilla.jss.pkcs11.PK11KeyWrapper.unwrapSymmetric
(PK11KeyWrapper.java:518)
        at org.mozilla.jss.pkcs11.PK11KeyWrapper.unwrapSymmetric
(PK11KeyWrapper.java:484)
        at
org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.engineUnwrapSecret
(JSSCipherSpi.java:484)
        at org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.engineUnwrap
(JSSCipherSpi.java:452)
        at javax.crypto.Cipher.unwrap(DashoA13*..)
        at EncryptionTest.main(EncryptionTest.java:86)

The exception comes from the following code (in PK11KeyWrapper) that
clearly misses AES case:

private static Algorithm
    algFromType(SymmetricKey.Type type) {
        if( type == SymmetricKey.DES ) {
            return EncryptionAlgorithm.DES_ECB;
        } else if( type == SymmetricKey.DES3 ) {
            return EncryptionAlgorithm.DES3_ECB;
        } else if( type == SymmetricKey.RC4 ) {
            return EncryptionAlgorithm.RC4;
        } else {
            Assert._assert( type == SymmetricKey.RC2 );
            return EncryptionAlgorithm.RC2_CBC;
        }
    }

I've seen other people complaining about a similar problem.
Is this done on purpose (lack of proper code in NSS/JSS)? Or is it
some minor bug in JSS that may be easily fixed?

Thank you in advance,
       Alex

alex.agra...@gmail.com wrote, On 2008-12-23 02:59:

Please file a bug in bugzilla.mozilla.org, product JSS, and put all
the above information into that bug.  If you prefer not to do that,
please let me know and I will file the bug.

oh?  This is the first report of this problem that I recall seeing.

It's just a bug.  If my recollection is correct, and no one else has
reported this assertion failure before this, then it tells us that
this feature is largely unused. :(

I wrote, On 2008-12-23 11:53:

Glen filed a bug based on this report. (Thanks, Glen)
See https://bugzilla.mozilla.org/show_bug.cgi?id=470982

Here is a similar report that I was referring to:
http://groups.google.com/group/mozilla.dev.tech.crypto/browse_thread/...

alex.agra...@gmail.com wrote, On 2008-12-24 11:32:

Hmm.  That message never received any replies.  Maybe our JSS guru was
on vacation that week. (?)  Thanks for pointing that out.

FYI - I submitted a patch that fixes the problem.
See https://bugzilla.mozilla.org/show_bug.cgi?id=470982 for details.

thank you. I put myself as reviewer. Note once you have a created a bug
you can keep communication in the bug.

-glen