Discussion:
pkinit integration with smart card
m***@kcp.com
2006-08-31 15:57:33 UTC
Permalink
Any idea as to why I would receive a CKR_FUNCTION_FAILED error on the
C_Sign operation from PKCS11 module?

I'm getting to the signature operation on the smart card for PKINIT when
the kinit segment faults. I used the pkcs11 spy library from OpenSC and
the final operations it records with the card are:
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806b860
Returned: 0 CKR_OK


34: C_SignInit
[in] hSession = 0x806b860
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052508
Returned: 0 CKR_OK


35: C_Sign
[in] hSession = 0x806b860
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 00041496 9A0A7A5A 74DA942D CA0160DF
CEABACB2
EB2E3F
Returned: 6 CKR_FUNCTION_FAILED

I've been trying to get the pkinit functionality to work with the
ActivCard Gold middleware product. They provide the pkcs11 module; using
this module I'm able to get it to work with SSH using a patch, but I have
not had success with heimdal.

The module does not implement the CKA_PUBLIC_EXPONENT class. Originally,
the kinit aborts due to the missing exponent and so that's manually
inserted to the value from the certificates on the Smart Card in the
ks_p11.c.

rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT);
if (rsa->e == NULL)
BN_dec2bn(&rsa->e, "65537");
if (rsa->e == NULL)
_hx509_abort("CKA_PUBLIC_EXPONENT missing");

I've also changed the rsa->e to any number with the same results, so I'm
wondering if I'm doing it right.
Douglas E. Engert
2006-08-31 18:41:48 UTC
Permalink
I have gotten the Heimdal to work with other OpenSC supported cards.

It could be that the card says it has the CKM_RSA_PKCS but really does
not or the pkcs11 lib is simulating CKM_RSA_PKCS and is having problems
doing the padding. It might be possible to use the CKM_RSA_X_509 (raw)
mechanisum, by doing the PKCS padding first, then calling the C_Sign
functions.

Could also be that the pkcs11 is expecting the pSignature and pSignatureLen
to be set correctly, i.e. for a 1024 key, to a 128 byte buffer, and it is
returing the wrong error code.

If you can use the OpenSC spy, can you use the pkcs11-tool as well
pointing it at your PKCS11( -module <sharedlib>)? What mechanisums does
it say it has?
Post by m***@kcp.com
Any idea as to why I would receive a CKR_FUNCTION_FAILED error on the
C_Sign operation from PKCS11 module?
I'm getting to the signature operation on the smart card for PKINIT when
the kinit segment faults. I used the pkcs11 spy library from OpenSC and
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806b860
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806b860
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052508
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806b860
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 00041496 9A0A7A5A 74DA942D CA0160DF
CEABACB2
EB2E3F
Returned: 6 CKR_FUNCTION_FAILED
I've been trying to get the pkinit functionality to work with the
ActivCard Gold middleware product. They provide the pkcs11 module; using
this module I'm able to get it to work with SSH using a patch, but I have
not had success with heimdal.
The module does not implement the CKA_PUBLIC_EXPONENT class. Originally,
the kinit aborts due to the missing exponent and so that's manually
inserted to the value from the certificates on the Smart Card in the
ks_p11.c.
rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT);
if (rsa->e == NULL)
BN_dec2bn(&rsa->e, "65537");
if (rsa->e == NULL)
_hx509_abort("CKA_PUBLIC_EXPONENT missing");
I've also changed the rsa->e to any number with the same results, so I'm
wondering if I'm doing it right.
--
Douglas E. Engert <***@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
m***@kcp.com
2006-08-31 21:12:18 UTC
Permalink
Thanks for the response. Complely new to these low level points with the
Smart Card so I've been looking up some terms, I appreciate the advice.

I looked at the PKCS11-tool output first:
pkcs11-tool --module /usr/local/acgold/lib/libpkcs11.so -M Supported
mechanisms:
RSA-PKCS, wrap, unwrap, other flags=0x20000
SHA1-RSA-PKCS, sign, verify, wrap, unwrap, encrypt, decrypt, keypairgen,
other flags=0x2d000

The length of the destination buffer is 128 bytes. The length of the
signature in pData is 35 bytes. Is the CKM_RSA_X_509 mechanism a tool of
the Card? Should/could the pData for signature be padded to 128 with a
method external to the card?





"Douglas E. Engert" <***@anl.gov>
Sent by: owner-heimdal-***@sics.se
08/31/2006 01:41 PM

To
***@kcp.com
cc
heimdal-***@sics.se
Subject
Re: pkinit integration with smart card






I have gotten the Heimdal to work with other OpenSC supported cards.

It could be that the card says it has the CKM_RSA_PKCS but really does
not or the pkcs11 lib is simulating CKM_RSA_PKCS and is having problems
doing the padding. It might be possible to use the CKM_RSA_X_509 (raw)
mechanisum, by doing the PKCS padding first, then calling the C_Sign
functions.

Could also be that the pkcs11 is expecting the pSignature and
pSignatureLen
to be set correctly, i.e. for a 1024 key, to a 128 byte buffer, and it is
returing the wrong error code.

If you can use the OpenSC spy, can you use the pkcs11-tool as well
pointing it at your PKCS11( -module <sharedlib>)? What mechanisums does
it say it has?
Post by m***@kcp.com
Any idea as to why I would receive a CKR_FUNCTION_FAILED error on the
C_Sign operation from PKCS11 module?
I'm getting to the signature operation on the smart card for PKINIT when
the kinit segment faults. I used the pkcs11 spy library from OpenSC and
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806b860
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806b860
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052508
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806b860
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 00041496 9A0A7A5A 74DA942D CA0160DF
CEABACB2
EB2E3F
Returned: 6 CKR_FUNCTION_FAILED
I've been trying to get the pkinit functionality to work with the
ActivCard Gold middleware product. They provide the pkcs11 module; using
this module I'm able to get it to work with SSH using a patch, but I have
not had success with heimdal.
The module does not implement the CKA_PUBLIC_EXPONENT class. Originally,
the kinit aborts due to the missing exponent and so that's manually
inserted to the value from the certificates on the Smart Card in the
ks_p11.c.
rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT);
if (rsa->e == NULL)
BN_dec2bn(&rsa->e, "65537");
if (rsa->e == NULL)
_hx509_abort("CKA_PUBLIC_EXPONENT missing");
I've also changed the rsa->e to any number with the same results, so I'm
wondering if I'm doing it right.
--
Douglas E. Engert <***@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Douglas E. Engert
2006-09-01 15:44:20 UTC
Permalink
Post by m***@kcp.com
Thanks for the response. Complely new to these low level points with the
Smart Card so I've been looking up some terms, I appreciate the advice.
pkcs11-tool --module /usr/local/acgold/lib/libpkcs11.so -M Supported
I am not sure what the other flags are, but I would expect the
RSA-PKCS would have sign, verify, wrap, unwrap, and maybe decrypt.
Note it did not say sign, which is the operation you are trying to do.
Post by m***@kcp.com
RSA-PKCS, wrap, unwrap, other flags=0x20000
SHA1-RSA-PKCS, sign, verify, wrap, unwrap, encrypt, decrypt, keypairgen,
other flags=0x2d000
The available mechanisum from PKCS11 are a combinatiuon of what can be done
in the software and the smartcard. For example the SHA1 hash might be done
by sending the data to the card, or could be done by the pkcs11 software
to produce the hash.

I am suprised if it can do SHA1_RSA_PKCS sign, it can't do
RSA_PKCS as this just skips the hash set.
Post by m***@kcp.com
The length of the destination buffer is 128 bytes. The length of the
signature in pData is 35 bytes. Is the CKM_RSA_X_509 mechanism a tool of
the Card? Should/could the pData for signature be padded to 128 with a
method external to the card?
A sign with RSA_PKCS says take the input and pad with PKCS padding 01 then
do an RSA encrypt using the private key. The data must be less then
keysize-11 so normally the data sent is a hash of the data you really want
to sign.

A sign with SHA1_RSA_PKCS says pass the data (any length) to the C_Sign or
(C_SignUpdate...+C_SignFinal) then do the padding and encrypt with RSA.

So as Love pointed out, the Heimdal applicaiton could send the data
pre hashed data to the PKCS11 using SHA1_RSA_PKCS.
Post by m***@kcp.com
08/31/2006 01:41 PM
To
cc
Subject
Re: pkinit integration with smart card
I have gotten the Heimdal to work with other OpenSC supported cards.
It could be that the card says it has the CKM_RSA_PKCS but really does
not or the pkcs11 lib is simulating CKM_RSA_PKCS and is having problems
doing the padding. It might be possible to use the CKM_RSA_X_509 (raw)
mechanisum, by doing the PKCS padding first, then calling the C_Sign
functions.
Could also be that the pkcs11 is expecting the pSignature and
pSignatureLen
to be set correctly, i.e. for a 1024 key, to a 128 byte buffer, and it is
returing the wrong error code.
If you can use the OpenSC spy, can you use the pkcs11-tool as well
pointing it at your PKCS11( -module <sharedlib>)? What mechanisums does
it say it has?
Post by m***@kcp.com
Any idea as to why I would receive a CKR_FUNCTION_FAILED error on the
C_Sign operation from PKCS11 module?
I'm getting to the signature operation on the smart card for PKINIT when
the kinit segment faults. I used the pkcs11 spy library from OpenSC and
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806b860
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806b860
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052508
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806b860
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 00041496 9A0A7A5A 74DA942D CA0160DF
CEABACB2
EB2E3F
Returned: 6 CKR_FUNCTION_FAILED
I've been trying to get the pkinit functionality to work with the
ActivCard Gold middleware product. They provide the pkcs11 module;
using
Post by m***@kcp.com
this module I'm able to get it to work with SSH using a patch, but I
have
Post by m***@kcp.com
not had success with heimdal.
The module does not implement the CKA_PUBLIC_EXPONENT class. Originally,
the kinit aborts due to the missing exponent and so that's manually
inserted to the value from the certificates on the Smart Card in the
ks_p11.c.
rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT);
if (rsa->e == NULL)
BN_dec2bn(&rsa->e, "65537");
if (rsa->e == NULL)
_hx509_abort("CKA_PUBLIC_EXPONENT missing");
I've also changed the rsa->e to any number with the same results, so I'm
wondering if I'm doing it right.
--
Douglas E. Engert <***@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
m***@kcp.com
2006-09-01 18:26:42 UTC
Permalink
I didn't see until Love's email that the pkcs11-tool did not show the Sign
function supported within the mechanism. I don't know why pkcs11-tool
only shows the unwrap and wrap functions for the RSA-PKCS mechanism. I
sent an email to the technical contact for ActivIdentity to see what their
response will be.

I loaded the PKCS11 library on Linux in the Mozilla security devices and
can authenticate to an Apache web server using client verification in SSL.
Setting the library path to the PKCS11-Spy module, I can see the SignInit
and Sign functions. From the OpenSSH patch and in th Mozilla PKCS11 spy
output I can also see the CKM_RSA_PKCS mechanism in the SignInit passwd as
the parameter for pMechanism. In input hKey values are output hex and the
same length as the Heimdal pkinit hKey.

Prior to SignInit both OpenSSH and Mozilla (and Heimdal pkinit) use the
OpenSession function for slotID 0x1 and with the flags for 0x4. For all
three the SignInit function uses the session from the OpenSession output
and the input key value. In the Sign function, the inputs Data lenth is
35 bytes for OpenSSH and Heimdal pkinit and 36 bytes for Mozilla.

Can the key parameter in the SignInit affect the output of the Sign
function?






"Douglas E. Engert" <***@anl.gov>
Sent by: owner-heimdal-***@sics.se
09/01/2006 10:44 AM

To
***@kcp.com
cc
heimdal-***@sics.se, owner-heimdal-***@sics.se
Subject
Re: pkinit integration with smart card
Post by m***@kcp.com
Thanks for the response. Complely new to these low level points with the
Smart Card so I've been looking up some terms, I appreciate the advice.
pkcs11-tool --module /usr/local/acgold/lib/libpkcs11.so -M Supported
I am not sure what the other flags are, but I would expect the
RSA-PKCS would have sign, verify, wrap, unwrap, and maybe decrypt.
Note it did not say sign, which is the operation you are trying to do.
Post by m***@kcp.com
RSA-PKCS, wrap, unwrap, other flags=0x20000
SHA1-RSA-PKCS, sign, verify, wrap, unwrap, encrypt, decrypt,
keypairgen,
Post by m***@kcp.com
other flags=0x2d000
The available mechanisum from PKCS11 are a combinatiuon of what can be
done
in the software and the smartcard. For example the SHA1 hash might be done
by sending the data to the card, or could be done by the pkcs11 software
to produce the hash.

I am suprised if it can do SHA1_RSA_PKCS sign, it can't do
RSA_PKCS as this just skips the hash set.
Post by m***@kcp.com
The length of the destination buffer is 128 bytes. The length of the
signature in pData is 35 bytes. Is the CKM_RSA_X_509 mechanism a tool of
the Card? Should/could the pData for signature be padded to 128 with a
method external to the card?
A sign with RSA_PKCS says take the input and pad with PKCS padding 01 then
do an RSA encrypt using the private key. The data must be less then
keysize-11 so normally the data sent is a hash of the data you really want
to sign.

A sign with SHA1_RSA_PKCS says pass the data (any length) to the C_Sign or
(C_SignUpdate...+C_SignFinal) then do the padding and encrypt with RSA.

So as Love pointed out, the Heimdal applicaiton could send the data
pre hashed data to the PKCS11 using SHA1_RSA_PKCS.
Post by m***@kcp.com
08/31/2006 01:41 PM
To
cc
Subject
Re: pkinit integration with smart card
I have gotten the Heimdal to work with other OpenSC supported cards.
It could be that the card says it has the CKM_RSA_PKCS but really does
not or the pkcs11 lib is simulating CKM_RSA_PKCS and is having problems
doing the padding. It might be possible to use the CKM_RSA_X_509 (raw)
mechanisum, by doing the PKCS padding first, then calling the C_Sign
functions.
Could also be that the pkcs11 is expecting the pSignature and
pSignatureLen
to be set correctly, i.e. for a 1024 key, to a 128 byte buffer, and it is
returing the wrong error code.
If you can use the OpenSC spy, can you use the pkcs11-tool as well
pointing it at your PKCS11( -module <sharedlib>)? What mechanisums does
it say it has?
Post by m***@kcp.com
Any idea as to why I would receive a CKR_FUNCTION_FAILED error on the
C_Sign operation from PKCS11 module?
I'm getting to the signature operation on the smart card for PKINIT when
the kinit segment faults. I used the pkcs11 spy library from OpenSC and
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806b860
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806b860
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052508
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806b860
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 00041496 9A0A7A5A 74DA942D CA0160DF
CEABACB2
EB2E3F
Returned: 6 CKR_FUNCTION_FAILED
I've been trying to get the pkinit functionality to work with the
ActivCard Gold middleware product. They provide the pkcs11 module;
using
Post by m***@kcp.com
this module I'm able to get it to work with SSH using a patch, but I
have
Post by m***@kcp.com
not had success with heimdal.
The module does not implement the CKA_PUBLIC_EXPONENT class. Originally,
the kinit aborts due to the missing exponent and so that's manually
inserted to the value from the certificates on the Smart Card in the
ks_p11.c.
rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT);
if (rsa->e == NULL)
BN_dec2bn(&rsa->e, "65537");
if (rsa->e == NULL)
_hx509_abort("CKA_PUBLIC_EXPONENT missing");
I've also changed the rsa->e to any number with the same results, so I'm
wondering if I'm doing it right.
--
Douglas E. Engert <***@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
m***@kcp.com
2006-09-01 18:56:34 UTC
Permalink
I think I just had a light bulb go off. The hKey value isn't a key like a
symmetric key. The hKey value is an object on the card, that is the
private key. Is this right?

The hKey value is found in Mozilla with a FindObjectsInit using the
pTemplate[2]:
[in] pTemplate[2]:
CKA_ID [size : 0x1 (1)]
00
CKA_CLASS CKO_PRIVATE_KEY

The object that matches is returned and used in the SignInit function.

In heimdal pkinit it looks like it sends the FindObjectsInit with just the
CKA_CLASS for the Private key. Can I add the CKA_ID for 00 in the
FindObjectsInit?



"Douglas E. Engert" <***@anl.gov>
Sent by: owner-heimdal-***@sics.se
09/01/2006 10:44 AM

To
***@kcp.com
cc
heimdal-***@sics.se, owner-heimdal-***@sics.se
Subject
Re: pkinit integration with smart card
Post by m***@kcp.com
Thanks for the response. Complely new to these low level points with the
Smart Card so I've been looking up some terms, I appreciate the advice.
pkcs11-tool --module /usr/local/acgold/lib/libpkcs11.so -M Supported
I am not sure what the other flags are, but I would expect the
RSA-PKCS would have sign, verify, wrap, unwrap, and maybe decrypt.
Note it did not say sign, which is the operation you are trying to do.
Post by m***@kcp.com
RSA-PKCS, wrap, unwrap, other flags=0x20000
SHA1-RSA-PKCS, sign, verify, wrap, unwrap, encrypt, decrypt,
keypairgen,
Post by m***@kcp.com
other flags=0x2d000
The available mechanisum from PKCS11 are a combinatiuon of what can be
done
in the software and the smartcard. For example the SHA1 hash might be done
by sending the data to the card, or could be done by the pkcs11 software
to produce the hash.

I am suprised if it can do SHA1_RSA_PKCS sign, it can't do
RSA_PKCS as this just skips the hash set.
Post by m***@kcp.com
The length of the destination buffer is 128 bytes. The length of the
signature in pData is 35 bytes. Is the CKM_RSA_X_509 mechanism a tool of
the Card? Should/could the pData for signature be padded to 128 with a
method external to the card?
A sign with RSA_PKCS says take the input and pad with PKCS padding 01 then
do an RSA encrypt using the private key. The data must be less then
keysize-11 so normally the data sent is a hash of the data you really want
to sign.

A sign with SHA1_RSA_PKCS says pass the data (any length) to the C_Sign or
(C_SignUpdate...+C_SignFinal) then do the padding and encrypt with RSA.

So as Love pointed out, the Heimdal applicaiton could send the data
pre hashed data to the PKCS11 using SHA1_RSA_PKCS.
Post by m***@kcp.com
08/31/2006 01:41 PM
To
cc
Subject
Re: pkinit integration with smart card
I have gotten the Heimdal to work with other OpenSC supported cards.
It could be that the card says it has the CKM_RSA_PKCS but really does
not or the pkcs11 lib is simulating CKM_RSA_PKCS and is having problems
doing the padding. It might be possible to use the CKM_RSA_X_509 (raw)
mechanisum, by doing the PKCS padding first, then calling the C_Sign
functions.
Could also be that the pkcs11 is expecting the pSignature and
pSignatureLen
to be set correctly, i.e. for a 1024 key, to a 128 byte buffer, and it is
returing the wrong error code.
If you can use the OpenSC spy, can you use the pkcs11-tool as well
pointing it at your PKCS11( -module <sharedlib>)? What mechanisums does
it say it has?
Post by m***@kcp.com
Any idea as to why I would receive a CKR_FUNCTION_FAILED error on the
C_Sign operation from PKCS11 module?
I'm getting to the signature operation on the smart card for PKINIT when
the kinit segment faults. I used the pkcs11 spy library from OpenSC and
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806b860
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806b860
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052508
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806b860
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 00041496 9A0A7A5A 74DA942D CA0160DF
CEABACB2
EB2E3F
Returned: 6 CKR_FUNCTION_FAILED
I've been trying to get the pkinit functionality to work with the
ActivCard Gold middleware product. They provide the pkcs11 module;
using
Post by m***@kcp.com
this module I'm able to get it to work with SSH using a patch, but I
have
Post by m***@kcp.com
not had success with heimdal.
The module does not implement the CKA_PUBLIC_EXPONENT class. Originally,
the kinit aborts due to the missing exponent and so that's manually
inserted to the value from the certificates on the Smart Card in the
ks_p11.c.
rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT);
if (rsa->e == NULL)
BN_dec2bn(&rsa->e, "65537");
if (rsa->e == NULL)
_hx509_abort("CKA_PUBLIC_EXPONENT missing");
I've also changed the rsa->e to any number with the same results, so I'm
wondering if I'm doing it right.
--
Douglas E. Engert <***@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Douglas E. Engert
2006-09-01 20:38:52 UTC
Permalink
Post by m***@kcp.com
I think I just had a light bulb go off. The hKey value isn't a key like a
symmetric key. The hKey value is an object on the card, that is the
private key. Is this right?
Sort of. Its a handle to pass to the PKCS#11 that it uses to find the
key on the card.
Post by m***@kcp.com
The hKey value is found in Mozilla with a FindObjectsInit using the
CKA_ID [size : 0x1 (1)]
00
CKA_CLASS CKO_PRIVATE_KEY
The object that matches is returned and used in the SignInit function.
In heimdal pkinit it looks like it sends the FindObjectsInit with just the
CKA_CLASS for the Private key.
And what does the FindObject return? Just one key, or many keys.
Are the calls to the FindObject... and C_Sign all in the same session?
Are there any other calls between the two that would cause the PKCS#11
to get confused about what hKey was to be used with trhe C_Sign.
Post by m***@kcp.com
Can I add the CKA_ID for 00 in the FindObjectsInit?
Maybe. But this may depend on how many keys are on the card,
and you need to use the key that matches the certificate.
The certificate should have a CKA_ID that can be used to find the
matching key. So the apliucation code should use this when it
is trying to find the key object.


Do you have a copy of the PKCS#11 douument? It can be found at
http://www.rsasecurity.com/rsalabs/node.asp?id=2133
or Google for RSA PKCS#11 it "must" reading when debuging PKCS#11.
Post by m***@kcp.com
09/01/2006 10:44 AM
To
cc
Subject
Re: pkinit integration with smart card
Post by m***@kcp.com
Thanks for the response. Complely new to these low level points with
the
Post by m***@kcp.com
Smart Card so I've been looking up some terms, I appreciate the advice.
pkcs11-tool --module /usr/local/acgold/lib/libpkcs11.so -M Supported
I am not sure what the other flags are, but I would expect the
RSA-PKCS would have sign, verify, wrap, unwrap, and maybe decrypt.
Note it did not say sign, which is the operation you are trying to do.
Post by m***@kcp.com
RSA-PKCS, wrap, unwrap, other flags=0x20000
SHA1-RSA-PKCS, sign, verify, wrap, unwrap, encrypt, decrypt,
keypairgen,
Post by m***@kcp.com
other flags=0x2d000
The available mechanisum from PKCS11 are a combinatiuon of what can be
done
in the software and the smartcard. For example the SHA1 hash might be done
by sending the data to the card, or could be done by the pkcs11 software
to produce the hash.
I am suprised if it can do SHA1_RSA_PKCS sign, it can't do
RSA_PKCS as this just skips the hash set.
Post by m***@kcp.com
The length of the destination buffer is 128 bytes. The length of the
signature in pData is 35 bytes. Is the CKM_RSA_X_509 mechanism a tool
of
Post by m***@kcp.com
the Card? Should/could the pData for signature be padded to 128 with a
method external to the card?
A sign with RSA_PKCS says take the input and pad with PKCS padding 01 then
do an RSA encrypt using the private key. The data must be less then
keysize-11 so normally the data sent is a hash of the data you really want
to sign.
A sign with SHA1_RSA_PKCS says pass the data (any length) to the C_Sign or
(C_SignUpdate...+C_SignFinal) then do the padding and encrypt with RSA.
So as Love pointed out, the Heimdal applicaiton could send the data
pre hashed data to the PKCS11 using SHA1_RSA_PKCS.
Post by m***@kcp.com
08/31/2006 01:41 PM
To
cc
Subject
Re: pkinit integration with smart card
I have gotten the Heimdal to work with other OpenSC supported cards.
It could be that the card says it has the CKM_RSA_PKCS but really does
not or the pkcs11 lib is simulating CKM_RSA_PKCS and is having problems
doing the padding. It might be possible to use the CKM_RSA_X_509 (raw)
mechanisum, by doing the PKCS padding first, then calling the C_Sign
functions.
Could also be that the pkcs11 is expecting the pSignature and
pSignatureLen
to be set correctly, i.e. for a 1024 key, to a 128 byte buffer, and it
is
Post by m***@kcp.com
returing the wrong error code.
If you can use the OpenSC spy, can you use the pkcs11-tool as well
pointing it at your PKCS11( -module <sharedlib>)? What mechanisums does
it say it has?
Post by m***@kcp.com
Any idea as to why I would receive a CKR_FUNCTION_FAILED error on the
C_Sign operation from PKCS11 module?
I'm getting to the signature operation on the smart card for PKINIT when
the kinit segment faults. I used the pkcs11 spy library from OpenSC and
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806b860
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806b860
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052508
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806b860
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 00041496 9A0A7A5A 74DA942D CA0160DF
CEABACB2
EB2E3F
Returned: 6 CKR_FUNCTION_FAILED
I've been trying to get the pkinit functionality to work with the
ActivCard Gold middleware product. They provide the pkcs11 module;
using
Post by m***@kcp.com
this module I'm able to get it to work with SSH using a patch, but I
have
Post by m***@kcp.com
not had success with heimdal.
The module does not implement the CKA_PUBLIC_EXPONENT class. Originally,
the kinit aborts due to the missing exponent and so that's manually
inserted to the value from the certificates on the Smart Card in the
ks_p11.c.
rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT);
if (rsa->e == NULL)
BN_dec2bn(&rsa->e, "65537");
if (rsa->e == NULL)
_hx509_abort("CKA_PUBLIC_EXPONENT missing");
I've also changed the rsa->e to any number with the same results, so I'm
wondering if I'm doing it right.
--
Douglas E. Engert <***@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
m***@kcp.com
2006-09-01 21:14:06 UTC
Permalink
p11_list_keys() cycles through the classes. and uses the
iterate_entries() method is used to find the objects.

First i opens a session for login the uses that session to search:
8: C_FindObjectsInit
[in] hSession = 0x8052438
[in] pTemplate[1]:
CKA_CLASS CKO_PRIVATE_KEY
Returned: 0 CKR_OK

That finds 1 object then that object has GetAttributeValue run through
CKA_ID/CKA_VALUE, CKA_MODULUS, CKA_PUBLIC_EXPONENT (fails, note below
manually populated the rsa->e value with the exponent from the
certficate). All the values are reqeusted with a 0 buffer to get the
size, then with a second request with the proper buffer allocations.
Another FindObjects is called, this returns an objects and the
GetAttributeValues are run through as before. This is the object that is
used for the hKey value in CKA_SignInit later.
Then the FindObjectsFinal is sent.

The FindObjectsInit is sent again;
23: C_FindObjectsInit
[in] hSession = 0x8052438
[in] pTemplate[1]:
CKA_CLASS CKO_CERTIFICATE
Returned: 0 CKR_OK

That finds 1 object and then the GetAttributevalues are run same as before
for CKA_ID/CKA_VALUE,
then FindObjects is called again, a different objects matches and
GetAttributes are called for CKA_ID/CKA_VALUE
FindObjects is called again, with no returned and findObjectsFinal, then
the session is closed.

Next the applications Opens a new session and does the C_SignInit with the
hkey value of from the second object found in the PRIVATE_KEY search. Then
the C_Sign function fails.

I copied the PKCS11-spy module output below in case I read this wrong:
*************** OpenSC PKCS#11 spy *****************
Loaded: "/usr/local/acgold/lib/libpkcs11.so"


0: C_GetFunctionList
Returned: 0 CKR_OK


1: C_Initialize
Returned: 0 CKR_OK


2: C_GetSlotList
[in] tokenPresent = 0x0
[out] pSlotList:
Count is 1
[out] *pulCount = 0x1
Returned: 0 CKR_OK


3: C_GetSlotList
[in] tokenPresent = 0x0
[out] pSlotList:
Slot 1
[out] *pulCount = 0x1
Returned: 0 CKR_OK


4: C_GetSlotInfo
[in] slotID = 0x1
[out] pInfo:
slotDescription: 'ActivCard USB Reader 2.0 (60102D'
'27) 00 00 '
manufacturerID: 'Unknown MFR '
hardwareVersion: 1.0
firmwareVersion: 1.0
flags: 7
CKF_TOKEN_PRESENT
CKF_REMOVABLE_DEVICE
CKF_HW_SLOT
Returned: 0 CKR_OK


5: C_GetTokenInfo
[in] slotID = 0x1
[out] pInfo:
label: 'ActivIdentity Smart Card '
manufacturerID: 'Unknown MFR '
model: 'Unknown Model '
serialNumber: '1 '
ulMaxSessionCount: 0
ulSessionCount: 0
ulMaxRwSessionCount: 0
ulRwSessionCount: 0
ulMaxPinLen: 8
ulMinPinLen: 8
ulTotalPublicMemory: 0
ulFreePublicMemory: 0
ulTotalPrivateMemory: 0
ulFreePrivateMemory: 0
hardwareVersion: 255.0
firmwareVersion: 255.0
time: '0000000000000000'
flags: 40d
CKF_RNG
CKF_LOGIN_REQUIRED
CKF_USER_PIN_INITIALIZED
CKF_TOKEN_INITIALIZED
Returned: 0 CKR_OK


6: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x8052438
Returned: 0 CKR_OK


7: C_Login
[in] hSession = 0x8052438
[in] userType = CKU_USER
[in] pPin[ulPinLen] [size : 0x6 (6)]
36353431 3233
Returned: 0 CKR_OK


8: C_FindObjectsInit
[in] hSession = 0x8052438
[in] pTemplate[1]:
CKA_CLASS CKO_PRIVATE_KEY
Returned: 0 CKR_OK


9: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134612592 Matches
Returned: 0 CKR_OK


10: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
[in] pTemplate[1]:
CKA_ID requested with 0 buffer
[out] pTemplate[1]:
CKA_ID has size 1
Returned: 0 CKR_OK


11: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
[in] pTemplate[1]:
CKA_ID requested with 1 buffer
[out] pTemplate[1]:
CKA_ID [size : 0x1 (1)]
01
Returned: 0 CKR_OK


12: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
[in] pTemplate[1]:
CKA_MODULUS requested with 0 buffer
[out] pTemplate[1]:
CKA_MODULUS has size 128
Returned: 0 CKR_OK


13: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
[in] pTemplate[1]:
CKA_MODULUS requested with 128 buffer
[out] pTemplate[1]:
CKA_MODULUS [size : 0x80 (128)]
9DA6B972 1C10BFF8 C5D762E2 3439468F B907EDB0 CC9303CA B4F2C5B4
9A9D30A3
9DD7D36E 4020E756 A947A48C 59176B6E 70F58A84 CD4282BC 0996A561
4496FA47
6B03DE82 FF56A682 03517E8F D0D7D322 15346B06 2B1A39F0 C3202FC8
A12C3043
81F44F5E 5E074D17 62899B4B 9CF10374 FD484A3A F815166A 02D43C0D
9BB22387
Returned: 0 CKR_OK


14: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
[in] pTemplate[1]:
CKA_PUBLIC_EXPONENT requested with 0 buffer
[out] pTemplate[1]:
CKA_PUBLIC_EXPONENT has size -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID


15: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134555168 Matches
Returned: 0 CKR_OK


16: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
[in] pTemplate[1]:
CKA_ID requested with 1 buffer
[out] pTemplate[1]:
CKA_ID has size 1
Returned: 0 CKR_OK


17: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
[in] pTemplate[1]:
CKA_ID requested with 1 buffer
[out] pTemplate[1]:
CKA_ID [size : 0x1 (1)]
00
Returned: 0 CKR_OK


18: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
[in] pTemplate[1]:
CKA_MODULUS requested with 0 buffer
[out] pTemplate[1]:
CKA_MODULUS has size 128
Returned: 0 CKR_OK


19: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
[in] pTemplate[1]:
CKA_MODULUS requested with 128 buffer
[out] pTemplate[1]:
CKA_MODULUS [size : 0x80 (128)]
89E42655 C26A3DD8 58349968 A5A32FAE 2FF199EE 0D334E2D E24AA53F
AFD5AAF9
0D9EEACE 7224BB09 D2F4739F 8A678433 7E9F8892 71B4A7F5 27C278A7
71C6BD0C
FB4DA725 19934967 8A4CBD9D 36FB8518 F0A81FDB D7F57B55 1912A2C8
8AA9859C
732CD522 8E95A9D0 70A79522 ABC3E0F1 4C374FA8 E1799B48 54668406
042FFF23
Returned: 0 CKR_OK


20: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
[in] pTemplate[1]:
CKA_PUBLIC_EXPONENT requested with 0 buffer
[out] pTemplate[1]:
CKA_PUBLIC_EXPONENT has size -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID


21: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK


22: C_FindObjectsFinal
[in] hSession = 0x8052438
Returned: 0 CKR_OK


23: C_FindObjectsInit
[in] hSession = 0x8052438
[in] pTemplate[1]:
CKA_CLASS CKO_CERTIFICATE
Returned: 0 CKR_OK


24: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134630568 Matches
Returned: 0 CKR_OK


25: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8064ca8
[in] pTemplate[2]:
CKA_ID requested with 1 buffer
CKA_VALUE requested with 0 buffer
[out] pTemplate[2]:
CKA_ID has size 1
CKA_VALUE has size 1351
Returned: 0 CKR_OK


26: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8064ca8
[in] pTemplate[2]:
CKA_ID requested with 1 buffer
CKA_VALUE requested with 1351 buffer
[out] pTemplate[2]:
CKA_ID [size : 0x1 (1)]
01
CKA_VALUE [size : 0x547 (1351)]
30820543 308204AC A0030201 0202043E CA423A30 0D06092A 864886F7
0D010105
0500306F 310B3009 06035504 06130255 53311830 16060355 040A130F
552E532E
20476F76 65726E6D 656E7431 1D301B06 0355040B 13144465 70617274
6D656E74
206F6620 456E6572 6779311A 30180603 55040B13 114B616E 73617320
43697479
20506C61 6E74310B 30090603 55040B13 02434130 1E170D30 36303732
36313733
3134305A 170D3039 30373236 31383031 34305A30 81B1310B 30090603
55040613
02555331 18301606 0355040A 130F552E 532E2047 6F766572 6E6D656E
74311D30
1B060355 040B1314 44657061 72746D65 6E74206F 6620456E 65726779
311A3018
06035504 0B13114B 616E7361 73204369 74792050 6C616E74 310F300D
06035504
0B130670 6572736F 6E310E30 0C060355 040B1305 6C6F6361 6C312C30
0D060355
04051306 75363032 3637301B 06035504 0313144D 69636861 656C2042
2E20416C
6578616E 64657230 819F300D 06092A86 4886F70D 01010105 0003818D
00308189
02818100 9DA6B972 1C10BFF8 C5D762E2 3439468F B907EDB0 CC9303CA
B4F2C5B4
9A9D30A3 9DD7D36E 4020E756 A947A48C 59176B6E 70F58A84 CD4282BC
0996A561
4496FA47 6B03DE82 FF56A682 03517E8F D0D7D322 15346B06 2B1A39F0
C3202FC8
A12C3043 81F44F5E 5E074D17 62899B4B 9CF10374 FD484A3A F815166A
02D43C0D
9BB22387 02030100 01A38202 A7308202 A3301706 03551D20 0410300E
300C060A
60864801 65030201 0A043040 0603551D 11043930 3781126D 616C6578
616E6465
72406B63 702E636F 6DA02106 0A2B0601 04018237 140203A0 130C1175
36303236
37406164 2E6B6370 2E636F6D 301B0603 551D0904 14301230 1006092A
864886F6
7D07441D 31030201 11308201 B4060355 1D1F0482 01AB3082 01A73081
8AA08187
A08184A4 8181307F 310B3009 06035504 06130255 53311830 16060355
040A130F
552E532E 20476F76 65726E6D 656E7431 1D301B06 0355040B 13144465
70617274
6D656E74 206F6620 456E6572 6779311A 30180603 55040B13 114B616E
73617320
43697479 20506C61 6E74310B 30090603 55040B13 02434131 0E300C06
03550403
13054352 4C313730 820116A0 820112A0 82010E86 81836C64 61703A2F
2F656E74
72757374 6469722E 6B63702E 636F6D2F 636E3D57 696E436F 6D62696E
6564312C
6F753D43 412C6F75 3D4B616E 73617325 32304369 74792532 30506C61
6E742C6F
753D4465 70617274 6D656E74 2532306F 66253230 456E6572 67792C6F
3D552E53
2E253230 476F7665 726E6D65 6E742C63 3D55533F 3F626173 65868185
6C646170
3A2F2F2F 434E3D43 41312C43 4E3D4341 53657276 65722C43 4E3D4344
502C434E
3D507562 6C696320 4B657920 53657276 69636573 2C434E3D 53657276
69636573
2C434E3D 436F6E66 69677572 6174696F 6E2C4443 3D726F6F 742C4443
3D6B6370
2C44433D 636F6D3F 63657274 69666963 61746552 65766F63 6174696F
6E4C6973
74300B06 03551D0F 04040302 0520301F 0603551D 23041830 168014D8
9483D59A
6B2F737D A2F1CA82 6BD1ABC4 06C7BE30 1D060355 1D0E0416 0414BCF1
13E31D54
1BA07348 2C30AE2B 69A0D7CE 4E5D3009 0603551D 13040230 00301906
092A8648
86F67D07 4100040C 300A1B04 56372E31 03020490 300D0609 2A864886
F70D0101
05050003 81810050 75D4AEE3 CF0D112B A1D0B610 93158141 E892E3D2
7E9F07C0
67A8CB64 33725D41 440DFBF3 FE3C6DDB F1C972B3 EBFD90E9 854FB862
BD03513C
DD71CD72 752FD7EA 7972B908 31C11686 295CE116 4BD6A17B A37EB8CB
E5B59085
560D0A7A A509D152 186FD599 E2119CCE A30F87C6 5048CA9E BEF5A3A3
82BC7CA4
EEFCF7AA 057CC9
Returned: 0 CKR_OK


27: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134613664 Matches
Returned: 0 CKR_OK


28: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060aa0
[in] pTemplate[2]:
CKA_ID requested with 1 buffer
CKA_VALUE requested with 1351 buffer
[out] pTemplate[2]:
CKA_ID has size 1
CKA_VALUE has size 1429
Returned: 0 CKR_OK


29: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060aa0
[in] pTemplate[2]:
CKA_ID requested with 1 buffer
CKA_VALUE requested with 1429 buffer
[out] pTemplate[2]:
CKA_ID [size : 0x1 (1)]
00
CKA_VALUE [size : 0x595 (1429)]
30820591 308204FA A0030201 0202043E CA43DB30 0D06092A 864886F7
0D010105
0500306F 310B3009 06035504 06130255 53311830 16060355 040A130F
552E532E
20476F76 65726E6D 656E7431 1D301B06 0355040B 13144465 70617274
6D656E74
206F6620 456E6572 6779311A 30180603 55040B13 114B616E 73617320
43697479
20506C61 6E74310B 30090603 55040B13 02434130 1E170D30 36303830
33313630
3735305A 170D3039 30383033 31363337 35305A30 81B1310B 30090603
55040613
02555331 18301606 0355040A 130F552E 532E2047 6F766572 6E6D656E
74311D30
1B060355 040B1314 44657061 72746D65 6E74206F 6620456E 65726779
311A3018
06035504 0B13114B 616E7361 73204369 74792050 6C616E74 310F300D
06035504
0B130670 6572736F 6E310E30 0C060355 040B1305 6C6F6361 6C312C30
0D060355
04051306 75363032 3637301B 06035504 0313144D 69636861 656C2042
2E20416C
6578616E 64657230 819F300D 06092A86 4886F70D 01010105 0003818D
00308189
02818100 89E42655 C26A3DD8 58349968 A5A32FAE 2FF199EE 0D334E2D
E24AA53F
AFD5AAF9 0D9EEACE 7224BB09 D2F4739F 8A678433 7E9F8892 71B4A7F5
27C278A7
71C6BD0C FB4DA725 19934967 8A4CBD9D 36FB8518 F0A81FDB D7F57B55
1912A2C8
8AA9859C 732CD522 8E95A9D0 70A79522 ABC3E0F1 4C374FA8 E1799B48
54668406
042FFF23 02030100 01A38202 F5308202 F1300B06 03551D0F 04040302
0780302B
0603551D 10042430 22800F32 30303630 38303331 36303735 305A810F
32303038
30393038 32303337 35305A30 1F060355 1D250418 30160608 2B060105
05070302
060A2B06 01040182 37140202 30170603 551D2004 10300E30 0C060A60
86480165
0302010A 04304006 03551D11 04393037 81126D61 6C657861 6E646572
406B6370
2E636F6D A021060A 2B060104 01823714 0203A013 0C117536 30323637
4061642E
6B63702E 636F6D30 1B060355 1D090414 30123010 06092A86 4886F67D
07441D31
03020111 308201B4 0603551D 1F048201 AB308201 A730818A A08187A0
8184A481
81307F31 0B300906 03550406 13025553 31183016 06035504 0A130F55
2E532E20
476F7665 726E6D65 6E74311D 301B0603 55040B13 14446570 6172746D
656E7420
6F662045 6E657267 79311A30 18060355 040B1311 4B616E73 61732043
69747920
506C616E 74310B30 09060355 040B1302 4341310E 300C0603 55040313
0543524C
31373082 0116A082 0112A082 010E8681 836C6461 703A2F2F 656E7472
75737464
69722E6B 63702E63 6F6D2F63 6E3D5769 6E436F6D 62696E65 64312C6F
753D4341
2C6F753D 4B616E73 61732532 30436974 79253230 506C616E 742C6F75
3D446570
6172746D 656E7425 32306F66 25323045 6E657267 792C6F3D 552E532E
25323047
6F766572 6E6D656E 742C633D 55533F3F 62617365 8681856C 6461703A
2F2F2F43
4E3D4341 312C434E 3D434153 65727665 722C434E 3D434450 2C434E3D
5075626C
6963204B 65792053 65727669 6365732C 434E3D53 65727669 6365732C
434E3D43
6F6E6669 67757261 74696F6E 2C44433D 726F6F74 2C44433D 6B63702C
44433D63
6F6D3F63 65727469 66696361 74655265 766F6361 74696F6E 4C697374
301F0603
551D2304 18301680 14D89483 D59A6B2F 737DA2F1 CA826BD1 ABC406C7
BE301D06
03551D0E 04160414 29704371 70BCFD33 E6DDA186 60E3CD45 A09EE354
30090603
551D1304 02300030 1906092A 864886F6 7D074100 040C300A 1B045637
2E310302
04B0300D 06092A86 4886F70D 01010505 00038181 0042F9C0 B1607678
6EF1E5FF
E90C23FD C2BDAC68 A7DCEC63 F541AA3B F3EA9D9D 36115A54 14B74B0C
769E3487
F5B60080 F3C23E9E BE908AD8 18380393 F333DFCC 794782C4 8B159D4B
DE0E9C9B
7BF4ACCE 0F586AA7 2E0EC60A E36B3B55 992F8B3B 0AE156A8 3F95C10C
D8E40860
931BFC39 D2DBF130 FF53CD62 18294EEB FE7A5318 71
Returned: 0 CKR_OK


30: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK


31: C_FindObjectsFinal
[in] hSession = 0x8052438
Returned: 0 CKR_OK


32: C_CloseSession
[in] hSession = 0x8052438
Returned: 0 CKR_OK


33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806f8c0
Returned: 0 CKR_OK


34: C_SignInit
[in] hSession = 0x806f8c0
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052620
Returned: 0 CKR_OK


35: C_Sign
[in] hSession = 0x806f8c0
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 000414C5 89CD9A75 43934015 0D224CD1
3E5BE1F8
6B9145
Returned: 6 CKR_FUNCTION_FAILED






"Douglas E. Engert" <***@anl.gov>
09/01/2006 03:38 PM

To
***@kcp.com
cc
heimdal-***@sics.se
Subject
Re: pkinit integration with smart card
Post by m***@kcp.com
I think I just had a light bulb go off. The hKey value isn't a key like a
symmetric key. The hKey value is an object on the card, that is the
private key. Is this right?
Sort of. Its a handle to pass to the PKCS#11 that it uses to find the
key on the card.
Post by m***@kcp.com
The hKey value is found in Mozilla with a FindObjectsInit using the
CKA_ID [size : 0x1 (1)]
00
CKA_CLASS CKO_PRIVATE_KEY
The object that matches is returned and used in the SignInit function.
In heimdal pkinit it looks like it sends the FindObjectsInit with just the
CKA_CLASS for the Private key.
And what does the FindObject return? Just one key, or many keys.
Are the calls to the FindObject... and C_Sign all in the same session?
Are there any other calls between the two that would cause the PKCS#11
to get confused about what hKey was to be used with trhe C_Sign.
Post by m***@kcp.com
Can I add the CKA_ID for 00 in the FindObjectsInit?
Maybe. But this may depend on how many keys are on the card,
and you need to use the key that matches the certificate.
The certificate should have a CKA_ID that can be used to find the
matching key. So the apliucation code should use this when it
is trying to find the key object.


Do you have a copy of the PKCS#11 douument? It can be found at
http://www.rsasecurity.com/rsalabs/node.asp?id=2133
or Google for RSA PKCS#11 it "must" reading when debuging PKCS#11.
Post by m***@kcp.com
09/01/2006 10:44 AM
To
cc
Subject
Re: pkinit integration with smart card
Post by m***@kcp.com
Thanks for the response. Complely new to these low level points with
the
Post by m***@kcp.com
Smart Card so I've been looking up some terms, I appreciate the advice.
pkcs11-tool --module /usr/local/acgold/lib/libpkcs11.so -M Supported
I am not sure what the other flags are, but I would expect the
RSA-PKCS would have sign, verify, wrap, unwrap, and maybe decrypt.
Note it did not say sign, which is the operation you are trying to do.
Post by m***@kcp.com
RSA-PKCS, wrap, unwrap, other flags=0x20000
SHA1-RSA-PKCS, sign, verify, wrap, unwrap, encrypt, decrypt,
keypairgen,
Post by m***@kcp.com
other flags=0x2d000
The available mechanisum from PKCS11 are a combinatiuon of what can be
done
in the software and the smartcard. For example the SHA1 hash might be done
by sending the data to the card, or could be done by the pkcs11 software
to produce the hash.
I am suprised if it can do SHA1_RSA_PKCS sign, it can't do
RSA_PKCS as this just skips the hash set.
Post by m***@kcp.com
The length of the destination buffer is 128 bytes. The length of the
signature in pData is 35 bytes. Is the CKM_RSA_X_509 mechanism a tool
of
Post by m***@kcp.com
the Card? Should/could the pData for signature be padded to 128 with a
method external to the card?
A sign with RSA_PKCS says take the input and pad with PKCS padding 01 then
do an RSA encrypt using the private key. The data must be less then
keysize-11 so normally the data sent is a hash of the data you really want
to sign.
A sign with SHA1_RSA_PKCS says pass the data (any length) to the C_Sign or
(C_SignUpdate...+C_SignFinal) then do the padding and encrypt with RSA.
So as Love pointed out, the Heimdal applicaiton could send the data
pre hashed data to the PKCS11 using SHA1_RSA_PKCS.
Post by m***@kcp.com
08/31/2006 01:41 PM
To
cc
Subject
Re: pkinit integration with smart card
I have gotten the Heimdal to work with other OpenSC supported cards.
It could be that the card says it has the CKM_RSA_PKCS but really does
not or the pkcs11 lib is simulating CKM_RSA_PKCS and is having problems
doing the padding. It might be possible to use the CKM_RSA_X_509 (raw)
mechanisum, by doing the PKCS padding first, then calling the C_Sign
functions.
Could also be that the pkcs11 is expecting the pSignature and
pSignatureLen
to be set correctly, i.e. for a 1024 key, to a 128 byte buffer, and it
is
Post by m***@kcp.com
returing the wrong error code.
If you can use the OpenSC spy, can you use the pkcs11-tool as well
pointing it at your PKCS11( -module <sharedlib>)? What mechanisums does
it say it has?
Post by m***@kcp.com
Any idea as to why I would receive a CKR_FUNCTION_FAILED error on the
C_Sign operation from PKCS11 module?
I'm getting to the signature operation on the smart card for PKINIT when
the kinit segment faults. I used the pkcs11 spy library from OpenSC and
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806b860
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806b860
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052508
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806b860
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 00041496 9A0A7A5A 74DA942D CA0160DF
CEABACB2
EB2E3F
Returned: 6 CKR_FUNCTION_FAILED
I've been trying to get the pkinit functionality to work with the
ActivCard Gold middleware product. They provide the pkcs11 module;
using
Post by m***@kcp.com
this module I'm able to get it to work with SSH using a patch, but I
have
Post by m***@kcp.com
not had success with heimdal.
The module does not implement the CKA_PUBLIC_EXPONENT class.
Originally,
Post by m***@kcp.com
Post by m***@kcp.com
Post by m***@kcp.com
the kinit aborts due to the missing exponent and so that's manually
inserted to the value from the certificates on the Smart Card in the
ks_p11.c.
rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT);
if (rsa->e == NULL)
BN_dec2bn(&rsa->e, "65537");
if (rsa->e == NULL)
_hx509_abort("CKA_PUBLIC_EXPONENT missing");
I've also changed the rsa->e to any number with the same results, so I'm
wondering if I'm doing it right.
--
Douglas E. Engert <***@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Love Hörnquist Åstrand
2006-09-02 14:28:14 UTC
Permalink
Hello Malexander,

Can you provide me with a pkcs11-spy logs from pkcs11-openssl and
mozilla, you can send it
privately to me if it get every long.

I don't understand why pkcs11-openssl work but hx509 doesn't, both
uses the
CKM_RSA_PKCS mechamism.

Love
Post by m***@kcp.com
p11_list_keys() cycles through the classes. and uses the
iterate_entries() method is used to find the objects.
8: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_PRIVATE_KEY
Returned: 0 CKR_OK
That finds 1 object then that object has GetAttributeValue run
through CKA_ID/CKA_VALUE, CKA_MODULUS, CKA_PUBLIC_EXPONENT (fails,
note below manually populated the rsa->e value with the exponent
from the certficate). All the values are reqeusted with a 0 buffer
to get the size, then with a second request with the proper buffer
allocations.
Another FindObjects is called, this returns an objects and the
GetAttributeValues are run through as before. This is the object
that is used for the hKey value in CKA_SignInit later.
Then the FindObjectsFinal is sent.
The FindObjectsInit is sent again;
23: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_CERTIFICATE
Returned: 0 CKR_OK
That finds 1 object and then the GetAttributevalues are run same as
before for CKA_ID/CKA_VALUE,
then FindObjects is called again, a different objects matches and
GetAttributes are called for CKA_ID/CKA_VALUE
FindObjects is called again, with no returned and findObjectsFinal,
then the session is closed.
Next the applications Opens a new session and does the C_SignInit
with the hkey value of from the second object found in the
PRIVATE_KEY search. Then the C_Sign function fails.
*************** OpenSC PKCS#11 spy *****************
Loaded: "/usr/local/acgold/lib/libpkcs11.so"
0: C_GetFunctionList
Returned: 0 CKR_OK
1: C_Initialize
Returned: 0 CKR_OK
2: C_GetSlotList
[in] tokenPresent = 0x0
Count is 1
[out] *pulCount = 0x1
Returned: 0 CKR_OK
3: C_GetSlotList
[in] tokenPresent = 0x0
Slot 1
[out] *pulCount = 0x1
Returned: 0 CKR_OK
4: C_GetSlotInfo
[in] slotID = 0x1
slotDescription: 'ActivCard USB Reader 2.0 (60102D'
'27) 00 00 '
manufacturerID: 'Unknown MFR '
hardwareVersion: 1.0
firmwareVersion: 1.0
flags: 7
CKF_TOKEN_PRESENT
CKF_REMOVABLE_DEVICE
CKF_HW_SLOT
Returned: 0 CKR_OK
5: C_GetTokenInfo
[in] slotID = 0x1
label: 'ActivIdentity Smart Card '
manufacturerID: 'Unknown MFR '
model: 'Unknown Model '
serialNumber: '1 '
ulMaxSessionCount: 0
ulSessionCount: 0
ulMaxRwSessionCount: 0
ulRwSessionCount: 0
ulMaxPinLen: 8
ulMinPinLen: 8
ulTotalPublicMemory: 0
ulFreePublicMemory: 0
ulTotalPrivateMemory: 0
ulFreePrivateMemory: 0
hardwareVersion: 255.0
firmwareVersion: 255.0
time: '0000000000000000'
flags: 40d
CKF_RNG
CKF_LOGIN_REQUIRED
CKF_USER_PIN_INITIALIZED
CKF_TOKEN_INITIALIZED
Returned: 0 CKR_OK
6: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x8052438
Returned: 0 CKR_OK
7: C_Login
[in] hSession = 0x8052438
[in] userType = CKU_USER
[in] pPin[ulPinLen] [size : 0x6 (6)]
36353431 3233
Returned: 0 CKR_OK
8: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_PRIVATE_KEY
Returned: 0 CKR_OK
9: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134612592 Matches
Returned: 0 CKR_OK
10: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_ID requested with 0 buffer
CKA_ID has size 1
Returned: 0 CKR_OK
11: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_ID requested with 1 buffer
CKA_ID [size : 0x1 (1)]
01
Returned: 0 CKR_OK
12: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_MODULUS requested with 0 buffer
CKA_MODULUS has size 128
Returned: 0 CKR_OK
13: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_MODULUS requested with 128 buffer
CKA_MODULUS [size : 0x80 (128)]
9DA6B972 1C10BFF8 C5D762E2 3439468F B907EDB0 CC9303CA B4F2C5B4
9A9D30A3
9DD7D36E 4020E756 A947A48C 59176B6E 70F58A84 CD4282BC 0996A561
4496FA47
6B03DE82 FF56A682 03517E8F D0D7D322 15346B06 2B1A39F0 C3202FC8
A12C3043
81F44F5E 5E074D17 62899B4B 9CF10374 FD484A3A F815166A 02D43C0D
9BB22387
Returned: 0 CKR_OK
14: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_PUBLIC_EXPONENT requested with 0 buffer
CKA_PUBLIC_EXPONENT has size -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID
15: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134555168 Matches
Returned: 0 CKR_OK
16: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_ID requested with 1 buffer
CKA_ID has size 1
Returned: 0 CKR_OK
17: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_ID requested with 1 buffer
CKA_ID [size : 0x1 (1)]
00
Returned: 0 CKR_OK
18: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_MODULUS requested with 0 buffer
CKA_MODULUS has size 128
Returned: 0 CKR_OK
19: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_MODULUS requested with 128 buffer
CKA_MODULUS [size : 0x80 (128)]
89E42655 C26A3DD8 58349968 A5A32FAE 2FF199EE 0D334E2D E24AA53F
AFD5AAF9
0D9EEACE 7224BB09 D2F4739F 8A678433 7E9F8892 71B4A7F5 27C278A7
71C6BD0C
FB4DA725 19934967 8A4CBD9D 36FB8518 F0A81FDB D7F57B55 1912A2C8
8AA9859C
732CD522 8E95A9D0 70A79522 ABC3E0F1 4C374FA8 E1799B48 54668406
042FFF23
Returned: 0 CKR_OK
20: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_PUBLIC_EXPONENT requested with 0 buffer
CKA_PUBLIC_EXPONENT has size -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID
21: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK
22: C_FindObjectsFinal
[in] hSession = 0x8052438
Returned: 0 CKR_OK
23: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_CERTIFICATE
Returned: 0 CKR_OK
24: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134630568 Matches
Returned: 0 CKR_OK
25: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8064ca8
CKA_ID requested with 1 buffer
CKA_VALUE requested with 0 buffer
CKA_ID has size 1
CKA_VALUE has size 1351
Returned: 0 CKR_OK
26: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8064ca8
CKA_ID requested with 1 buffer
CKA_VALUE requested with 1351 buffer
CKA_ID [size : 0x1 (1)]
01
CKA_VALUE [size : 0x547 (1351)]
30820543 308204AC A0030201 0202043E CA423A30 0D06092A 864886F7
0D010105
0500306F 310B3009 06035504 06130255 53311830 16060355 040A130F
552E532E
20476F76 65726E6D 656E7431 1D301B06 0355040B 13144465 70617274
6D656E74
206F6620 456E6572 6779311A 30180603 55040B13 114B616E 73617320
43697479
20506C61 6E74310B 30090603 55040B13 02434130 1E170D30 36303732
36313733
3134305A 170D3039 30373236 31383031 34305A30 81B1310B 30090603
55040613
02555331 18301606 0355040A 130F552E 532E2047 6F766572 6E6D656E
74311D30
1B060355 040B1314 44657061 72746D65 6E74206F 6620456E 65726779
311A3018
06035504 0B13114B 616E7361 73204369 74792050 6C616E74 310F300D
06035504
0B130670 6572736F 6E310E30 0C060355 040B1305 6C6F6361 6C312C30
0D060355
04051306 75363032 3637301B 06035504 0313144D 69636861 656C2042
2E20416C
6578616E 64657230 819F300D 06092A86 4886F70D 01010105 0003818D
00308189
02818100 9DA6B972 1C10BFF8 C5D762E2 3439468F B907EDB0 CC9303CA
B4F2C5B4
9A9D30A3 9DD7D36E 4020E756 A947A48C 59176B6E 70F58A84 CD4282BC
0996A561
4496FA47 6B03DE82 FF56A682 03517E8F D0D7D322 15346B06 2B1A39F0
C3202FC8
A12C3043 81F44F5E 5E074D17 62899B4B 9CF10374 FD484A3A F815166A
02D43C0D
9BB22387 02030100 01A38202 A7308202 A3301706 03551D20 0410300E
300C060A
60864801 65030201 0A043040 0603551D 11043930 3781126D 616C6578
616E6465
72406B63 702E636F 6DA02106 0A2B0601 04018237 140203A0 130C1175
36303236
37406164 2E6B6370 2E636F6D 301B0603 551D0904 14301230 1006092A
864886F6
7D07441D 31030201 11308201 B4060355 1D1F0482 01AB3082 01A73081
8AA08187
A08184A4 8181307F 310B3009 06035504 06130255 53311830 16060355
040A130F
552E532E 20476F76 65726E6D 656E7431 1D301B06 0355040B 13144465
70617274
6D656E74 206F6620 456E6572 6779311A 30180603 55040B13 114B616E
73617320
43697479 20506C61 6E74310B 30090603 55040B13 02434131 0E300C06
03550403
13054352 4C313730 820116A0 820112A0 82010E86 81836C64 61703A2F
2F656E74
72757374 6469722E 6B63702E 636F6D2F 636E3D57 696E436F 6D62696E
6564312C
6F753D43 412C6F75 3D4B616E 73617325 32304369 74792532 30506C61
6E742C6F
753D4465 70617274 6D656E74 2532306F 66253230 456E6572 67792C6F
3D552E53
2E253230 476F7665 726E6D65 6E742C63 3D55533F 3F626173 65868185
6C646170
3A2F2F2F 434E3D43 41312C43 4E3D4341 53657276 65722C43 4E3D4344
502C434E
3D507562 6C696320 4B657920 53657276 69636573 2C434E3D 53657276
69636573
2C434E3D 436F6E66 69677572 6174696F 6E2C4443 3D726F6F 742C4443
3D6B6370
2C44433D 636F6D3F 63657274 69666963 61746552 65766F63 6174696F
6E4C6973
74300B06 03551D0F 04040302 0520301F 0603551D 23041830 168014D8
9483D59A
6B2F737D A2F1CA82 6BD1ABC4 06C7BE30 1D060355 1D0E0416 0414BCF1
13E31D54
1BA07348 2C30AE2B 69A0D7CE 4E5D3009 0603551D 13040230 00301906
092A8648
86F67D07 4100040C 300A1B04 56372E31 03020490 300D0609 2A864886
F70D0101
05050003 81810050 75D4AEE3 CF0D112B A1D0B610 93158141 E892E3D2
7E9F07C0
67A8CB64 33725D41 440DFBF3 FE3C6DDB F1C972B3 EBFD90E9 854FB862
BD03513C
DD71CD72 752FD7EA 7972B908 31C11686 295CE116 4BD6A17B A37EB8CB
E5B59085
560D0A7A A509D152 186FD599 E2119CCE A30F87C6 5048CA9E BEF5A3A3
82BC7CA4
EEFCF7AA 057CC9
Returned: 0 CKR_OK
27: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134613664 Matches
Returned: 0 CKR_OK
28: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060aa0
CKA_ID requested with 1 buffer
CKA_VALUE requested with 1351 buffer
CKA_ID has size 1
CKA_VALUE has size 1429
Returned: 0 CKR_OK
29: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060aa0
CKA_ID requested with 1 buffer
CKA_VALUE requested with 1429 buffer
CKA_ID [size : 0x1 (1)]
00
CKA_VALUE [size : 0x595 (1429)]
30820591 308204FA A0030201 0202043E CA43DB30 0D06092A 864886F7
0D010105
0500306F 310B3009 06035504 06130255 53311830 16060355 040A130F
552E532E
20476F76 65726E6D 656E7431 1D301B06 0355040B 13144465 70617274
6D656E74
206F6620 456E6572 6779311A 30180603 55040B13 114B616E 73617320
43697479
20506C61 6E74310B 30090603 55040B13 02434130 1E170D30 36303830
33313630
3735305A 170D3039 30383033 31363337 35305A30 81B1310B 30090603
55040613
02555331 18301606 0355040A 130F552E 532E2047 6F766572 6E6D656E
74311D30
1B060355 040B1314 44657061 72746D65 6E74206F 6620456E 65726779
311A3018
06035504 0B13114B 616E7361 73204369 74792050 6C616E74 310F300D
06035504
0B130670 6572736F 6E310E30 0C060355 040B1305 6C6F6361 6C312C30
0D060355
04051306 75363032 3637301B 06035504 0313144D 69636861 656C2042
2E20416C
6578616E 64657230 819F300D 06092A86 4886F70D 01010105 0003818D
00308189
02818100 89E42655 C26A3DD8 58349968 A5A32FAE 2FF199EE 0D334E2D
E24AA53F
AFD5AAF9 0D9EEACE 7224BB09 D2F4739F 8A678433 7E9F8892 71B4A7F5
27C278A7
71C6BD0C FB4DA725 19934967 8A4CBD9D 36FB8518 F0A81FDB D7F57B55
1912A2C8
8AA9859C 732CD522 8E95A9D0 70A79522 ABC3E0F1 4C374FA8 E1799B48
54668406
042FFF23 02030100 01A38202 F5308202 F1300B06 03551D0F 04040302
0780302B
0603551D 10042430 22800F32 30303630 38303331 36303735 305A810F
32303038
30393038 32303337 35305A30 1F060355 1D250418 30160608 2B060105
05070302
060A2B06 01040182 37140202 30170603 551D2004 10300E30 0C060A60
86480165
0302010A 04304006 03551D11 04393037 81126D61 6C657861 6E646572
406B6370
2E636F6D A021060A 2B060104 01823714 0203A013 0C117536 30323637
4061642E
6B63702E 636F6D30 1B060355 1D090414 30123010 06092A86 4886F67D
07441D31
03020111 308201B4 0603551D 1F048201 AB308201 A730818A A08187A0
8184A481
81307F31 0B300906 03550406 13025553 31183016 06035504 0A130F55
2E532E20
476F7665 726E6D65 6E74311D 301B0603 55040B13 14446570 6172746D
656E7420
6F662045 6E657267 79311A30 18060355 040B1311 4B616E73 61732043
69747920
506C616E 74310B30 09060355 040B1302 4341310E 300C0603 55040313
0543524C
31373082 0116A082 0112A082 010E8681 836C6461 703A2F2F 656E7472
75737464
69722E6B 63702E63 6F6D2F63 6E3D5769 6E436F6D 62696E65 64312C6F
753D4341
2C6F753D 4B616E73 61732532 30436974 79253230 506C616E 742C6F75
3D446570
6172746D 656E7425 32306F66 25323045 6E657267 792C6F3D 552E532E
25323047
6F766572 6E6D656E 742C633D 55533F3F 62617365 8681856C 6461703A
2F2F2F43
4E3D4341 312C434E 3D434153 65727665 722C434E 3D434450 2C434E3D
5075626C
6963204B 65792053 65727669 6365732C 434E3D53 65727669 6365732C
434E3D43
6F6E6669 67757261 74696F6E 2C44433D 726F6F74 2C44433D 6B63702C
44433D63
6F6D3F63 65727469 66696361 74655265 766F6361 74696F6E 4C697374
301F0603
551D2304 18301680 14D89483 D59A6B2F 737DA2F1 CA826BD1 ABC406C7
BE301D06
03551D0E 04160414 29704371 70BCFD33 E6DDA186 60E3CD45 A09EE354
30090603
551D1304 02300030 1906092A 864886F6 7D074100 040C300A 1B045637
2E310302
04B0300D 06092A86 4886F70D 01010505 00038181 0042F9C0 B1607678
6EF1E5FF
E90C23FD C2BDAC68 A7DCEC63 F541AA3B F3EA9D9D 36115A54 14B74B0C
769E3487
F5B60080 F3C23E9E BE908AD8 18380393 F333DFCC 794782C4 8B159D4B
DE0E9C9B
7BF4ACCE 0F586AA7 2E0EC60A E36B3B55 992F8B3B 0AE156A8 3F95C10C
D8E40860
931BFC39 D2DBF130 FF53CD62 18294EEB FE7A5318 71
Returned: 0 CKR_OK
30: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK
31: C_FindObjectsFinal
[in] hSession = 0x8052438
Returned: 0 CKR_OK
32: C_CloseSession
[in] hSession = 0x8052438
Returned: 0 CKR_OK
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806f8c0
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806f8c0
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052620
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806f8c0
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 000414C5 89CD9A75 43934015 0D224CD1
3E5BE1F8
6B9145
Returned: 6 CKR_FUNCTION_FAILED
09/01/2006 03:38 PM
To
cc
Subject
Re: pkinit integration with smart card
Post by m***@kcp.com
I think I just had a light bulb go off. The hKey value isn't a
key like a
Post by m***@kcp.com
symmetric key. The hKey value is an object on the card, that is the
private key. Is this right?
Sort of. Its a handle to pass to the PKCS#11 that it uses to find the
key on the card.
Post by m***@kcp.com
The hKey value is found in Mozilla with a FindObjectsInit using the
CKA_ID [size : 0x1 (1)]
00
CKA_CLASS CKO_PRIVATE_KEY
The object that matches is returned and used in the SignInit
function.
Post by m***@kcp.com
In heimdal pkinit it looks like it sends the FindObjectsInit with
just the
Post by m***@kcp.com
CKA_CLASS for the Private key.
And what does the FindObject return? Just one key, or many keys.
Are the calls to the FindObject... and C_Sign all in the same session?
Are there any other calls between the two that would cause the PKCS#11
to get confused about what hKey was to be used with trhe C_Sign.
Post by m***@kcp.com
Can I add the CKA_ID for 00 in the FindObjectsInit?
Maybe. But this may depend on how many keys are on the card,
and you need to use the key that matches the certificate.
The certificate should have a CKA_ID that can be used to find the
matching key. So the apliucation code should use this when it
is trying to find the key object.
Do you have a copy of the PKCS#11 douument? It can be found at
http://www.rsasecurity.com/rsalabs/node.asp?id=2133
or Google for RSA PKCS#11 it "must" reading when debuging PKCS#11.
Post by m***@kcp.com
09/01/2006 10:44 AM
To
cc
Subject
Re: pkinit integration with smart card
Post by m***@kcp.com
Thanks for the response. Complely new to these low level points
with
Post by m***@kcp.com
the
Post by m***@kcp.com
Smart Card so I've been looking up some terms, I appreciate the
advice.
Post by m***@kcp.com
Post by m***@kcp.com
pkcs11-tool --module /usr/local/acgold/lib/libpkcs11.so -M
Supported
Post by m***@kcp.com
I am not sure what the other flags are, but I would expect the
RSA-PKCS would have sign, verify, wrap, unwrap, and maybe decrypt.
Note it did not say sign, which is the operation you are trying
to do.
Post by m***@kcp.com
Post by m***@kcp.com
RSA-PKCS, wrap, unwrap, other flags=0x20000
SHA1-RSA-PKCS, sign, verify, wrap, unwrap, encrypt, decrypt,
keypairgen,
Post by m***@kcp.com
other flags=0x2d000
The available mechanisum from PKCS11 are a combinatiuon of what
can be
Post by m***@kcp.com
done
in the software and the smartcard. For example the SHA1 hash
might be done
Post by m***@kcp.com
by sending the data to the card, or could be done by the pkcs11
software
Post by m***@kcp.com
to produce the hash.
I am suprised if it can do SHA1_RSA_PKCS sign, it can't do
RSA_PKCS as this just skips the hash set.
Post by m***@kcp.com
The length of the destination buffer is 128 bytes. The length of
the
Post by m***@kcp.com
Post by m***@kcp.com
signature in pData is 35 bytes. Is the CKM_RSA_X_509 mechanism a
tool
Post by m***@kcp.com
of
Post by m***@kcp.com
the Card? Should/could the pData for signature be padded to 128
with a
Post by m***@kcp.com
Post by m***@kcp.com
method external to the card?
A sign with RSA_PKCS says take the input and pad with PKCS
padding 01 then
Post by m***@kcp.com
do an RSA encrypt using the private key. The data must be less then
keysize-11 so normally the data sent is a hash of the data you
really want
Post by m***@kcp.com
to sign.
A sign with SHA1_RSA_PKCS says pass the data (any length) to the
C_Sign or
Post by m***@kcp.com
(C_SignUpdate...+C_SignFinal) then do the padding and encrypt
with RSA.
Post by m***@kcp.com
So as Love pointed out, the Heimdal applicaiton could send the data
pre hashed data to the PKCS11 using SHA1_RSA_PKCS.
Post by m***@kcp.com
08/31/2006 01:41 PM
To
cc
Subject
Re: pkinit integration with smart card
I have gotten the Heimdal to work with other OpenSC supported cards.
It could be that the card says it has the CKM_RSA_PKCS but really
does
Post by m***@kcp.com
Post by m***@kcp.com
not or the pkcs11 lib is simulating CKM_RSA_PKCS and is having
problems
Post by m***@kcp.com
Post by m***@kcp.com
doing the padding. It might be possible to use the CKM_RSA_X_509
(raw)
Post by m***@kcp.com
Post by m***@kcp.com
mechanisum, by doing the PKCS padding first, then calling the C_Sign
functions.
Could also be that the pkcs11 is expecting the pSignature and
pSignatureLen
to be set correctly, i.e. for a 1024 key, to a 128 byte buffer,
and it
Post by m***@kcp.com
is
Post by m***@kcp.com
returing the wrong error code.
If you can use the OpenSC spy, can you use the pkcs11-tool as well
pointing it at your PKCS11( -module <sharedlib>)? What
mechanisums does
Post by m***@kcp.com
Post by m***@kcp.com
it say it has?
Post by m***@kcp.com
Any idea as to why I would receive a CKR_FUNCTION_FAILED error
on the
Post by m***@kcp.com
Post by m***@kcp.com
Post by m***@kcp.com
C_Sign operation from PKCS11 module?
I'm getting to the signature operation on the smart card for
PKINIT when
Post by m***@kcp.com
Post by m***@kcp.com
Post by m***@kcp.com
the kinit segment faults. I used the pkcs11 spy library from
OpenSC and
Post by m***@kcp.com
Post by m***@kcp.com
Post by m***@kcp.com
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806b860
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806b860
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052508
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806b860
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 00041496 9A0A7A5A 74DA942D CA0160DF
CEABACB2
EB2E3F
Returned: 6 CKR_FUNCTION_FAILED
I've been trying to get the pkinit functionality to work with the
ActivCard Gold middleware product. They provide the pkcs11 module;
using
Post by m***@kcp.com
this module I'm able to get it to work with SSH using a patch,
but I
Post by m***@kcp.com
Post by m***@kcp.com
have
Post by m***@kcp.com
not had success with heimdal.
The module does not implement the CKA_PUBLIC_EXPONENT class.
Originally,
Post by m***@kcp.com
Post by m***@kcp.com
Post by m***@kcp.com
the kinit aborts due to the missing exponent and so that's manually
inserted to the value from the certificates on the Smart Card in
the
Post by m***@kcp.com
Post by m***@kcp.com
Post by m***@kcp.com
ks_p11.c.
rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT);
if (rsa->e == NULL)
BN_dec2bn(&rsa->e, "65537");
if (rsa->e == NULL)
_hx509_abort("CKA_PUBLIC_EXPONENT missing");
I've also changed the rsa->e to any number with the same
results, so I'm
Post by m***@kcp.com
Post by m***@kcp.com
Post by m***@kcp.com
wondering if I'm doing it right.
--
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Douglas E. Engert
2006-09-05 19:42:53 UTC
Permalink
One thing I do see in this trace is this sequence:

6 C_OpenSesion
7 C_Login CKU_USER
32 C_CloseSesion
33 C_OpenSession
34 C_SignInit
35 C_Sign --- fail

It is not clear why the application clooses one session then opens
and a new session without the C_Login to do the do the C_Sign.

It is also not clear if you can close a sesion and expect the
hanldes to objects found under that session to still be valid
and usable be another sesion.

The library may be sending a close or reset to the card, when the
session is closed, thus the C_Sign will fail because the card will
not allow it.

Your card and PKCS#11 maybe working as expected, and it might be the
application code that needs to be changed to use use a single session.

With some other cards, the PKCS#11 implentation may not be enforcing
this behavior and card as it should and the second sesion has access
to the crypto on the card.
Post by m***@kcp.com
p11_list_keys() cycles through the classes. and uses the
iterate_entries() method is used to find the objects.
8: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_PRIVATE_KEY
Returned: 0 CKR_OK
That finds 1 object then that object has GetAttributeValue run through
CKA_ID/CKA_VALUE, CKA_MODULUS, CKA_PUBLIC_EXPONENT (fails, note below
manually populated the rsa->e value with the exponent from the
certficate). All the values are reqeusted with a 0 buffer to get the
size, then with a second request with the proper buffer allocations.
Another FindObjects is called, this returns an objects and the
GetAttributeValues are run through as before. This is the object that is
used for the hKey value in CKA_SignInit later.
Then the FindObjectsFinal is sent.
The FindObjectsInit is sent again;
23: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_CERTIFICATE
Returned: 0 CKR_OK
That finds 1 object and then the GetAttributevalues are run same as before
for CKA_ID/CKA_VALUE,
then FindObjects is called again, a different objects matches and
GetAttributes are called for CKA_ID/CKA_VALUE
FindObjects is called again, with no returned and findObjectsFinal, then
the session is closed.
Next the applications Opens a new session and does the C_SignInit with the
hkey value of from the second object found in the PRIVATE_KEY search. Then
the C_Sign function fails.
*************** OpenSC PKCS#11 spy *****************
Loaded: "/usr/local/acgold/lib/libpkcs11.so"
0: C_GetFunctionList
Returned: 0 CKR_OK
1: C_Initialize
Returned: 0 CKR_OK
2: C_GetSlotList
[in] tokenPresent = 0x0
Count is 1
[out] *pulCount = 0x1
Returned: 0 CKR_OK
3: C_GetSlotList
[in] tokenPresent = 0x0
Slot 1
[out] *pulCount = 0x1
Returned: 0 CKR_OK
4: C_GetSlotInfo
[in] slotID = 0x1
slotDescription: 'ActivCard USB Reader 2.0 (60102D'
'27) 00 00 '
manufacturerID: 'Unknown MFR '
hardwareVersion: 1.0
firmwareVersion: 1.0
flags: 7
CKF_TOKEN_PRESENT
CKF_REMOVABLE_DEVICE
CKF_HW_SLOT
Returned: 0 CKR_OK
5: C_GetTokenInfo
[in] slotID = 0x1
label: 'ActivIdentity Smart Card '
manufacturerID: 'Unknown MFR '
model: 'Unknown Model '
serialNumber: '1 '
ulMaxSessionCount: 0
ulSessionCount: 0
ulMaxRwSessionCount: 0
ulRwSessionCount: 0
ulMaxPinLen: 8
ulMinPinLen: 8
ulTotalPublicMemory: 0
ulFreePublicMemory: 0
ulTotalPrivateMemory: 0
ulFreePrivateMemory: 0
hardwareVersion: 255.0
firmwareVersion: 255.0
time: '0000000000000000'
flags: 40d
CKF_RNG
CKF_LOGIN_REQUIRED
CKF_USER_PIN_INITIALIZED
CKF_TOKEN_INITIALIZED
Returned: 0 CKR_OK
6: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x8052438
Returned: 0 CKR_OK
7: C_Login
[in] hSession = 0x8052438
[in] userType = CKU_USER
[in] pPin[ulPinLen] [size : 0x6 (6)]
36353431 3233
Returned: 0 CKR_OK
8: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_PRIVATE_KEY
Returned: 0 CKR_OK
9: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134612592 Matches
Returned: 0 CKR_OK
10: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_ID requested with 0 buffer
CKA_ID has size 1
Returned: 0 CKR_OK
11: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_ID requested with 1 buffer
CKA_ID [size : 0x1 (1)]
01
Returned: 0 CKR_OK
12: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_MODULUS requested with 0 buffer
CKA_MODULUS has size 128
Returned: 0 CKR_OK
13: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_MODULUS requested with 128 buffer
CKA_MODULUS [size : 0x80 (128)]
9DA6B972 1C10BFF8 C5D762E2 3439468F B907EDB0 CC9303CA B4F2C5B4
9A9D30A3
9DD7D36E 4020E756 A947A48C 59176B6E 70F58A84 CD4282BC 0996A561
4496FA47
6B03DE82 FF56A682 03517E8F D0D7D322 15346B06 2B1A39F0 C3202FC8
A12C3043
81F44F5E 5E074D17 62899B4B 9CF10374 FD484A3A F815166A 02D43C0D
9BB22387
Returned: 0 CKR_OK
14: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_PUBLIC_EXPONENT requested with 0 buffer
CKA_PUBLIC_EXPONENT has size -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID
15: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134555168 Matches
Returned: 0 CKR_OK
16: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_ID requested with 1 buffer
CKA_ID has size 1
Returned: 0 CKR_OK
17: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_ID requested with 1 buffer
CKA_ID [size : 0x1 (1)]
00
Returned: 0 CKR_OK
18: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_MODULUS requested with 0 buffer
CKA_MODULUS has size 128
Returned: 0 CKR_OK
19: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_MODULUS requested with 128 buffer
CKA_MODULUS [size : 0x80 (128)]
89E42655 C26A3DD8 58349968 A5A32FAE 2FF199EE 0D334E2D E24AA53F
AFD5AAF9
0D9EEACE 7224BB09 D2F4739F 8A678433 7E9F8892 71B4A7F5 27C278A7
71C6BD0C
FB4DA725 19934967 8A4CBD9D 36FB8518 F0A81FDB D7F57B55 1912A2C8
8AA9859C
732CD522 8E95A9D0 70A79522 ABC3E0F1 4C374FA8 E1799B48 54668406
042FFF23
Returned: 0 CKR_OK
20: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_PUBLIC_EXPONENT requested with 0 buffer
CKA_PUBLIC_EXPONENT has size -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID
21: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK
22: C_FindObjectsFinal
[in] hSession = 0x8052438
Returned: 0 CKR_OK
23: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_CERTIFICATE
Returned: 0 CKR_OK
24: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134630568 Matches
Returned: 0 CKR_OK
25: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8064ca8
CKA_ID requested with 1 buffer
CKA_VALUE requested with 0 buffer
CKA_ID has size 1
CKA_VALUE has size 1351
Returned: 0 CKR_OK
26: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8064ca8
CKA_ID requested with 1 buffer
CKA_VALUE requested with 1351 buffer
CKA_ID [size : 0x1 (1)]
01
CKA_VALUE [size : 0x547 (1351)]
30820543 308204AC A0030201 0202043E CA423A30 0D06092A 864886F7
0D010105
0500306F 310B3009 06035504 06130255 53311830 16060355 040A130F
552E532E
20476F76 65726E6D 656E7431 1D301B06 0355040B 13144465 70617274
6D656E74
206F6620 456E6572 6779311A 30180603 55040B13 114B616E 73617320
43697479
20506C61 6E74310B 30090603 55040B13 02434130 1E170D30 36303732
36313733
3134305A 170D3039 30373236 31383031 34305A30 81B1310B 30090603
55040613
02555331 18301606 0355040A 130F552E 532E2047 6F766572 6E6D656E
74311D30
1B060355 040B1314 44657061 72746D65 6E74206F 6620456E 65726779
311A3018
06035504 0B13114B 616E7361 73204369 74792050 6C616E74 310F300D
06035504
0B130670 6572736F 6E310E30 0C060355 040B1305 6C6F6361 6C312C30
0D060355
04051306 75363032 3637301B 06035504 0313144D 69636861 656C2042
2E20416C
6578616E 64657230 819F300D 06092A86 4886F70D 01010105 0003818D
00308189
02818100 9DA6B972 1C10BFF8 C5D762E2 3439468F B907EDB0 CC9303CA
B4F2C5B4
9A9D30A3 9DD7D36E 4020E756 A947A48C 59176B6E 70F58A84 CD4282BC
0996A561
4496FA47 6B03DE82 FF56A682 03517E8F D0D7D322 15346B06 2B1A39F0
C3202FC8
A12C3043 81F44F5E 5E074D17 62899B4B 9CF10374 FD484A3A F815166A
02D43C0D
9BB22387 02030100 01A38202 A7308202 A3301706 03551D20 0410300E
300C060A
60864801 65030201 0A043040 0603551D 11043930 3781126D 616C6578
616E6465
72406B63 702E636F 6DA02106 0A2B0601 04018237 140203A0 130C1175
36303236
37406164 2E6B6370 2E636F6D 301B0603 551D0904 14301230 1006092A
864886F6
7D07441D 31030201 11308201 B4060355 1D1F0482 01AB3082 01A73081
8AA08187
A08184A4 8181307F 310B3009 06035504 06130255 53311830 16060355
040A130F
552E532E 20476F76 65726E6D 656E7431 1D301B06 0355040B 13144465
70617274
6D656E74 206F6620 456E6572 6779311A 30180603 55040B13 114B616E
73617320
43697479 20506C61 6E74310B 30090603 55040B13 02434131 0E300C06
03550403
13054352 4C313730 820116A0 820112A0 82010E86 81836C64 61703A2F
2F656E74
72757374 6469722E 6B63702E 636F6D2F 636E3D57 696E436F 6D62696E
6564312C
6F753D43 412C6F75 3D4B616E 73617325 32304369 74792532 30506C61
6E742C6F
753D4465 70617274 6D656E74 2532306F 66253230 456E6572 67792C6F
3D552E53
2E253230 476F7665 726E6D65 6E742C63 3D55533F 3F626173 65868185
6C646170
3A2F2F2F 434E3D43 41312C43 4E3D4341 53657276 65722C43 4E3D4344
502C434E
3D507562 6C696320 4B657920 53657276 69636573 2C434E3D 53657276
69636573
2C434E3D 436F6E66 69677572 6174696F 6E2C4443 3D726F6F 742C4443
3D6B6370
2C44433D 636F6D3F 63657274 69666963 61746552 65766F63 6174696F
6E4C6973
74300B06 03551D0F 04040302 0520301F 0603551D 23041830 168014D8
9483D59A
6B2F737D A2F1CA82 6BD1ABC4 06C7BE30 1D060355 1D0E0416 0414BCF1
13E31D54
1BA07348 2C30AE2B 69A0D7CE 4E5D3009 0603551D 13040230 00301906
092A8648
86F67D07 4100040C 300A1B04 56372E31 03020490 300D0609 2A864886
F70D0101
05050003 81810050 75D4AEE3 CF0D112B A1D0B610 93158141 E892E3D2
7E9F07C0
67A8CB64 33725D41 440DFBF3 FE3C6DDB F1C972B3 EBFD90E9 854FB862
BD03513C
DD71CD72 752FD7EA 7972B908 31C11686 295CE116 4BD6A17B A37EB8CB
E5B59085
560D0A7A A509D152 186FD599 E2119CCE A30F87C6 5048CA9E BEF5A3A3
82BC7CA4
EEFCF7AA 057CC9
Returned: 0 CKR_OK
27: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134613664 Matches
Returned: 0 CKR_OK
28: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060aa0
CKA_ID requested with 1 buffer
CKA_VALUE requested with 1351 buffer
CKA_ID has size 1
CKA_VALUE has size 1429
Returned: 0 CKR_OK
29: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060aa0
CKA_ID requested with 1 buffer
CKA_VALUE requested with 1429 buffer
CKA_ID [size : 0x1 (1)]
00
CKA_VALUE [size : 0x595 (1429)]
30820591 308204FA A0030201 0202043E CA43DB30 0D06092A 864886F7
0D010105
0500306F 310B3009 06035504 06130255 53311830 16060355 040A130F
552E532E
20476F76 65726E6D 656E7431 1D301B06 0355040B 13144465 70617274
6D656E74
206F6620 456E6572 6779311A 30180603 55040B13 114B616E 73617320
43697479
20506C61 6E74310B 30090603 55040B13 02434130 1E170D30 36303830
33313630
3735305A 170D3039 30383033 31363337 35305A30 81B1310B 30090603
55040613
02555331 18301606 0355040A 130F552E 532E2047 6F766572 6E6D656E
74311D30
1B060355 040B1314 44657061 72746D65 6E74206F 6620456E 65726779
311A3018
06035504 0B13114B 616E7361 73204369 74792050 6C616E74 310F300D
06035504
0B130670 6572736F 6E310E30 0C060355 040B1305 6C6F6361 6C312C30
0D060355
04051306 75363032 3637301B 06035504 0313144D 69636861 656C2042
2E20416C
6578616E 64657230 819F300D 06092A86 4886F70D 01010105 0003818D
00308189
02818100 89E42655 C26A3DD8 58349968 A5A32FAE 2FF199EE 0D334E2D
E24AA53F
AFD5AAF9 0D9EEACE 7224BB09 D2F4739F 8A678433 7E9F8892 71B4A7F5
27C278A7
71C6BD0C FB4DA725 19934967 8A4CBD9D 36FB8518 F0A81FDB D7F57B55
1912A2C8
8AA9859C 732CD522 8E95A9D0 70A79522 ABC3E0F1 4C374FA8 E1799B48
54668406
042FFF23 02030100 01A38202 F5308202 F1300B06 03551D0F 04040302
0780302B
0603551D 10042430 22800F32 30303630 38303331 36303735 305A810F
32303038
30393038 32303337 35305A30 1F060355 1D250418 30160608 2B060105
05070302
060A2B06 01040182 37140202 30170603 551D2004 10300E30 0C060A60
86480165
0302010A 04304006 03551D11 04393037 81126D61 6C657861 6E646572
406B6370
2E636F6D A021060A 2B060104 01823714 0203A013 0C117536 30323637
4061642E
6B63702E 636F6D30 1B060355 1D090414 30123010 06092A86 4886F67D
07441D31
03020111 308201B4 0603551D 1F048201 AB308201 A730818A A08187A0
8184A481
81307F31 0B300906 03550406 13025553 31183016 06035504 0A130F55
2E532E20
476F7665 726E6D65 6E74311D 301B0603 55040B13 14446570 6172746D
656E7420
6F662045 6E657267 79311A30 18060355 040B1311 4B616E73 61732043
69747920
506C616E 74310B30 09060355 040B1302 4341310E 300C0603 55040313
0543524C
31373082 0116A082 0112A082 010E8681 836C6461 703A2F2F 656E7472
75737464
69722E6B 63702E63 6F6D2F63 6E3D5769 6E436F6D 62696E65 64312C6F
753D4341
2C6F753D 4B616E73 61732532 30436974 79253230 506C616E 742C6F75
3D446570
6172746D 656E7425 32306F66 25323045 6E657267 792C6F3D 552E532E
25323047
6F766572 6E6D656E 742C633D 55533F3F 62617365 8681856C 6461703A
2F2F2F43
4E3D4341 312C434E 3D434153 65727665 722C434E 3D434450 2C434E3D
5075626C
6963204B 65792053 65727669 6365732C 434E3D53 65727669 6365732C
434E3D43
6F6E6669 67757261 74696F6E 2C44433D 726F6F74 2C44433D 6B63702C
44433D63
6F6D3F63 65727469 66696361 74655265 766F6361 74696F6E 4C697374
301F0603
551D2304 18301680 14D89483 D59A6B2F 737DA2F1 CA826BD1 ABC406C7
BE301D06
03551D0E 04160414 29704371 70BCFD33 E6DDA186 60E3CD45 A09EE354
30090603
551D1304 02300030 1906092A 864886F6 7D074100 040C300A 1B045637
2E310302
04B0300D 06092A86 4886F70D 01010505 00038181 0042F9C0 B1607678
6EF1E5FF
E90C23FD C2BDAC68 A7DCEC63 F541AA3B F3EA9D9D 36115A54 14B74B0C
769E3487
F5B60080 F3C23E9E BE908AD8 18380393 F333DFCC 794782C4 8B159D4B
DE0E9C9B
7BF4ACCE 0F586AA7 2E0EC60A E36B3B55 992F8B3B 0AE156A8 3F95C10C
D8E40860
931BFC39 D2DBF130 FF53CD62 18294EEB FE7A5318 71
Returned: 0 CKR_OK
30: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK
31: C_FindObjectsFinal
[in] hSession = 0x8052438
Returned: 0 CKR_OK
32: C_CloseSession
[in] hSession = 0x8052438
Returned: 0 CKR_OK
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806f8c0
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806f8c0
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052620
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806f8c0
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 000414C5 89CD9A75 43934015 0D224CD1
3E5BE1F8
6B9145
Returned: 6 CKR_FUNCTION_FAILED
09/01/2006 03:38 PM
To
cc
Subject
Re: pkinit integration with smart card
Post by m***@kcp.com
I think I just had a light bulb go off. The hKey value isn't a key like
a
Post by m***@kcp.com
symmetric key. The hKey value is an object on the card, that is the
private key. Is this right?
Sort of. Its a handle to pass to the PKCS#11 that it uses to find the
key on the card.
Post by m***@kcp.com
The hKey value is found in Mozilla with a FindObjectsInit using the
CKA_ID [size : 0x1 (1)]
00
CKA_CLASS CKO_PRIVATE_KEY
The object that matches is returned and used in the SignInit function.
In heimdal pkinit it looks like it sends the FindObjectsInit with just
the
Post by m***@kcp.com
CKA_CLASS for the Private key.
And what does the FindObject return? Just one key, or many keys.
Are the calls to the FindObject... and C_Sign all in the same session?
Are there any other calls between the two that would cause the PKCS#11
to get confused about what hKey was to be used with trhe C_Sign.
Post by m***@kcp.com
Can I add the CKA_ID for 00 in the FindObjectsInit?
Maybe. But this may depend on how many keys are on the card,
and you need to use the key that matches the certificate.
The certificate should have a CKA_ID that can be used to find the
matching key. So the apliucation code should use this when it
is trying to find the key object.
Do you have a copy of the PKCS#11 douument? It can be found at
http://www.rsasecurity.com/rsalabs/node.asp?id=2133
or Google for RSA PKCS#11 it "must" reading when debuging PKCS#11.
Post by m***@kcp.com
09/01/2006 10:44 AM
To
cc
Subject
Re: pkinit integration with smart card
Post by m***@kcp.com
Thanks for the response. Complely new to these low level points with
the
Post by m***@kcp.com
Smart Card so I've been looking up some terms, I appreciate the advice.
pkcs11-tool --module /usr/local/acgold/lib/libpkcs11.so -M Supported
I am not sure what the other flags are, but I would expect the
RSA-PKCS would have sign, verify, wrap, unwrap, and maybe decrypt.
Note it did not say sign, which is the operation you are trying to do.
Post by m***@kcp.com
RSA-PKCS, wrap, unwrap, other flags=0x20000
SHA1-RSA-PKCS, sign, verify, wrap, unwrap, encrypt, decrypt,
keypairgen,
Post by m***@kcp.com
other flags=0x2d000
The available mechanisum from PKCS11 are a combinatiuon of what can be
done
in the software and the smartcard. For example the SHA1 hash might be
done
Post by m***@kcp.com
by sending the data to the card, or could be done by the pkcs11 software
to produce the hash.
I am suprised if it can do SHA1_RSA_PKCS sign, it can't do
RSA_PKCS as this just skips the hash set.
Post by m***@kcp.com
The length of the destination buffer is 128 bytes. The length of the
signature in pData is 35 bytes. Is the CKM_RSA_X_509 mechanism a tool
of
Post by m***@kcp.com
the Card? Should/could the pData for signature be padded to 128 with a
method external to the card?
A sign with RSA_PKCS says take the input and pad with PKCS padding 01
then
Post by m***@kcp.com
do an RSA encrypt using the private key. The data must be less then
keysize-11 so normally the data sent is a hash of the data you really
want
Post by m***@kcp.com
to sign.
A sign with SHA1_RSA_PKCS says pass the data (any length) to the C_Sign
or
Post by m***@kcp.com
(C_SignUpdate...+C_SignFinal) then do the padding and encrypt with RSA.
So as Love pointed out, the Heimdal applicaiton could send the data
pre hashed data to the PKCS11 using SHA1_RSA_PKCS.
Post by m***@kcp.com
08/31/2006 01:41 PM
To
cc
Subject
Re: pkinit integration with smart card
I have gotten the Heimdal to work with other OpenSC supported cards.
It could be that the card says it has the CKM_RSA_PKCS but really does
not or the pkcs11 lib is simulating CKM_RSA_PKCS and is having problems
doing the padding. It might be possible to use the CKM_RSA_X_509 (raw)
mechanisum, by doing the PKCS padding first, then calling the C_Sign
functions.
Could also be that the pkcs11 is expecting the pSignature and
pSignatureLen
to be set correctly, i.e. for a 1024 key, to a 128 byte buffer, and it
is
Post by m***@kcp.com
returing the wrong error code.
If you can use the OpenSC spy, can you use the pkcs11-tool as well
pointing it at your PKCS11( -module <sharedlib>)? What mechanisums does
it say it has?
Post by m***@kcp.com
Any idea as to why I would receive a CKR_FUNCTION_FAILED error on the
C_Sign operation from PKCS11 module?
I'm getting to the signature operation on the smart card for PKINIT
when
Post by m***@kcp.com
Post by m***@kcp.com
Post by m***@kcp.com
the kinit segment faults. I used the pkcs11 spy library from OpenSC
and
Post by m***@kcp.com
Post by m***@kcp.com
Post by m***@kcp.com
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806b860
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806b860
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052508
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806b860
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 00041496 9A0A7A5A 74DA942D CA0160DF
CEABACB2
EB2E3F
Returned: 6 CKR_FUNCTION_FAILED
I've been trying to get the pkinit functionality to work with the
ActivCard Gold middleware product. They provide the pkcs11 module;
using
Post by m***@kcp.com
this module I'm able to get it to work with SSH using a patch, but I
have
Post by m***@kcp.com
not had success with heimdal.
The module does not implement the CKA_PUBLIC_EXPONENT class.
Originally,
Post by m***@kcp.com
Post by m***@kcp.com
Post by m***@kcp.com
the kinit aborts due to the missing exponent and so that's manually
inserted to the value from the certificates on the Smart Card in the
ks_p11.c.
rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT);
if (rsa->e == NULL)
BN_dec2bn(&rsa->e, "65537");
if (rsa->e == NULL)
_hx509_abort("CKA_PUBLIC_EXPONENT missing");
I've also changed the rsa->e to any number with the same results, so
I'm
Post by m***@kcp.com
Post by m***@kcp.com
Post by m***@kcp.com
wondering if I'm doing it right.
--
Douglas E. Engert <***@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Love Hörnquist Åstrand
2006-09-05 20:57:12 UTC
Permalink
The standard say one login is enough for all session since they all
share
the same loginstate.

That said, I can belive you that this is the case, I've commited code
that should
deal with by keeping the session around. See next snapshot generated in
a couple of hours.

Love
Post by Douglas E. Engert
6 C_OpenSesion
7 C_Login CKU_USER
32 C_CloseSesion
33 C_OpenSession
34 C_SignInit
35 C_Sign --- fail
It is not clear why the application clooses one session then opens
and a new session without the C_Login to do the do the C_Sign.
It is also not clear if you can close a sesion and expect the
hanldes to objects found under that session to still be valid
and usable be another sesion.
The library may be sending a close or reset to the card, when the
session is closed, thus the C_Sign will fail because the card will
not allow it.
Your card and PKCS#11 maybe working as expected, and it might be the
application code that needs to be changed to use use a single session.
With some other cards, the PKCS#11 implentation may not be enforcing
this behavior and card as it should and the second sesion has access
to the crypto on the card.
Post by m***@kcp.com
p11_list_keys() cycles through the classes. and uses the
iterate_entries() method is used to find the objects. First i
8: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_PRIVATE_KEY
Returned: 0 CKR_OK
That finds 1 object then that object has GetAttributeValue run
through CKA_ID/CKA_VALUE, CKA_MODULUS, CKA_PUBLIC_EXPONENT (fails,
note below manually populated the rsa->e value with the exponent
from the certficate). All the values are reqeusted with a 0
buffer to get the size, then with a second request with the proper
buffer allocations. Another FindObjects is called, this returns an
objects and the GetAttributeValues are run through as before.
This is the object that is used for the hKey value in CKA_SignInit
later.
Then the FindObjectsFinal is sent. The FindObjectsInit is sent again;
23: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_CERTIFICATE
Returned: 0 CKR_OK
That finds 1 object and then the GetAttributevalues are run same
as before for CKA_ID/CKA_VALUE, then FindObjects is called again,
a different objects matches and GetAttributes are called for
CKA_ID/CKA_VALUE
FindObjects is called again, with no returned and
findObjectsFinal, then the session is closed.
Next the applications Opens a new session and does the C_SignInit
with the hkey value of from the second object found in the
PRIVATE_KEY search. Then the C_Sign function fails.
*************** OpenSC PKCS#11 spy *****************
Loaded: "/usr/local/acgold/lib/libpkcs11.so"
0: C_GetFunctionList
Returned: 0 CKR_OK
1: C_Initialize
Returned: 0 CKR_OK
2: C_GetSlotList
[in] tokenPresent = 0x0
Count is 1
[out] *pulCount = 0x1
Returned: 0 CKR_OK
3: C_GetSlotList
[in] tokenPresent = 0x0
Slot 1
[out] *pulCount = 0x1
Returned: 0 CKR_OK
4: C_GetSlotInfo
[in] slotID = 0x1
slotDescription: 'ActivCard USB Reader 2.0 (60102D'
'27) 00 00 '
manufacturerID: 'Unknown MFR '
hardwareVersion: 1.0
firmwareVersion: 1.0
flags: 7
CKF_TOKEN_PRESENT
CKF_REMOVABLE_DEVICE
CKF_HW_SLOT
Returned: 0 CKR_OK
5: C_GetTokenInfo
[in] slotID = 0x1
label: 'ActivIdentity Smart Card '
manufacturerID: 'Unknown MFR '
model: 'Unknown Model '
serialNumber: '1 '
ulMaxSessionCount: 0
ulSessionCount: 0
ulMaxRwSessionCount: 0
ulRwSessionCount: 0
ulMaxPinLen: 8
ulMinPinLen: 8
ulTotalPublicMemory: 0
ulFreePublicMemory: 0
ulTotalPrivateMemory: 0
ulFreePrivateMemory: 0
hardwareVersion: 255.0
firmwareVersion: 255.0
time: '0000000000000000'
flags: 40d
CKF_RNG
CKF_LOGIN_REQUIRED
CKF_USER_PIN_INITIALIZED
CKF_TOKEN_INITIALIZED
Returned: 0 CKR_OK
6: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x8052438
Returned: 0 CKR_OK
7: C_Login
[in] hSession = 0x8052438
[in] userType = CKU_USER
[in] pPin[ulPinLen] [size : 0x6 (6)]
36353431 3233
Returned: 0 CKR_OK
8: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_PRIVATE_KEY
Returned: 0 CKR_OK
9: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134612592 Matches
Returned: 0 CKR_OK
10: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_ID requested with 0 buffer
CKA_ID has size 1
Returned: 0 CKR_OK
11: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_ID requested with 1 buffer
CKA_ID [size : 0x1 (1)]
01
Returned: 0 CKR_OK
12: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_MODULUS requested with 0 buffer
CKA_MODULUS has size 128
Returned: 0 CKR_OK
13: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_MODULUS requested with 128 buffer
CKA_MODULUS [size : 0x80 (128)]
9DA6B972 1C10BFF8 C5D762E2 3439468F B907EDB0 CC9303CA B4F2C5B4
9A9D30A3
9DD7D36E 4020E756 A947A48C 59176B6E 70F58A84 CD4282BC 0996A561
4496FA47
6B03DE82 FF56A682 03517E8F D0D7D322 15346B06 2B1A39F0 C3202FC8
A12C3043
81F44F5E 5E074D17 62899B4B 9CF10374 FD484A3A F815166A 02D43C0D
9BB22387
Returned: 0 CKR_OK
14: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_PUBLIC_EXPONENT requested with 0 buffer
CKA_PUBLIC_EXPONENT has size -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID
15: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134555168 Matches
Returned: 0 CKR_OK
16: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_ID requested with 1 buffer
CKA_ID has size 1
Returned: 0 CKR_OK
17: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_ID requested with 1 buffer
CKA_ID [size : 0x1 (1)]
00
Returned: 0 CKR_OK
18: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_MODULUS requested with 0 buffer
CKA_MODULUS has size 128
Returned: 0 CKR_OK
19: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_MODULUS requested with 128 buffer
CKA_MODULUS [size : 0x80 (128)]
89E42655 C26A3DD8 58349968 A5A32FAE 2FF199EE 0D334E2D E24AA53F
AFD5AAF9
0D9EEACE 7224BB09 D2F4739F 8A678433 7E9F8892 71B4A7F5 27C278A7
71C6BD0C
FB4DA725 19934967 8A4CBD9D 36FB8518 F0A81FDB D7F57B55 1912A2C8
8AA9859C
732CD522 8E95A9D0 70A79522 ABC3E0F1 4C374FA8 E1799B48 54668406
042FFF23
Returned: 0 CKR_OK
20: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_PUBLIC_EXPONENT requested with 0 buffer
CKA_PUBLIC_EXPONENT has size -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID
21: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK
22: C_FindObjectsFinal
[in] hSession = 0x8052438
Returned: 0 CKR_OK
23: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_CERTIFICATE
Returned: 0 CKR_OK
24: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134630568 Matches
Returned: 0 CKR_OK
25: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8064ca8
CKA_ID requested with 1 buffer
CKA_VALUE requested with 0 buffer
CKA_ID has size 1
CKA_VALUE has size 1351
Returned: 0 CKR_OK
26: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8064ca8
CKA_ID requested with 1 buffer
CKA_VALUE requested with 1351 buffer
CKA_ID [size : 0x1 (1)]
01
CKA_VALUE [size : 0x547 (1351)]
30820543 308204AC A0030201 0202043E CA423A30 0D06092A 864886F7
0D010105
0500306F 310B3009 06035504 06130255 53311830 16060355 040A130F
552E532E
20476F76 65726E6D 656E7431 1D301B06 0355040B 13144465 70617274
6D656E74
206F6620 456E6572 6779311A 30180603 55040B13 114B616E 73617320
43697479
20506C61 6E74310B 30090603 55040B13 02434130 1E170D30 36303732
36313733
3134305A 170D3039 30373236 31383031 34305A30 81B1310B 30090603
55040613
02555331 18301606 0355040A 130F552E 532E2047 6F766572 6E6D656E
74311D30
1B060355 040B1314 44657061 72746D65 6E74206F 6620456E 65726779
311A3018
06035504 0B13114B 616E7361 73204369 74792050 6C616E74 310F300D
06035504
0B130670 6572736F 6E310E30 0C060355 040B1305 6C6F6361 6C312C30
0D060355
04051306 75363032 3637301B 06035504 0313144D 69636861 656C2042
2E20416C
6578616E 64657230 819F300D 06092A86 4886F70D 01010105 0003818D
00308189
02818100 9DA6B972 1C10BFF8 C5D762E2 3439468F B907EDB0 CC9303CA
B4F2C5B4
9A9D30A3 9DD7D36E 4020E756 A947A48C 59176B6E 70F58A84 CD4282BC
0996A561
4496FA47 6B03DE82 FF56A682 03517E8F D0D7D322 15346B06 2B1A39F0
C3202FC8
A12C3043 81F44F5E 5E074D17 62899B4B 9CF10374 FD484A3A F815166A
02D43C0D
9BB22387 02030100 01A38202 A7308202 A3301706 03551D20 0410300E
300C060A
60864801 65030201 0A043040 0603551D 11043930 3781126D 616C6578
616E6465
72406B63 702E636F 6DA02106 0A2B0601 04018237 140203A0 130C1175
36303236
37406164 2E6B6370 2E636F6D 301B0603 551D0904 14301230 1006092A
864886F6
7D07441D 31030201 11308201 B4060355 1D1F0482 01AB3082 01A73081
8AA08187
A08184A4 8181307F 310B3009 06035504 06130255 53311830 16060355
040A130F
552E532E 20476F76 65726E6D 656E7431 1D301B06 0355040B 13144465
70617274
6D656E74 206F6620 456E6572 6779311A 30180603 55040B13 114B616E
73617320
43697479 20506C61 6E74310B 30090603 55040B13 02434131 0E300C06
03550403
13054352 4C313730 820116A0 820112A0 82010E86 81836C64 61703A2F
2F656E74
72757374 6469722E 6B63702E 636F6D2F 636E3D57 696E436F 6D62696E
6564312C
6F753D43 412C6F75 3D4B616E 73617325 32304369 74792532 30506C61
6E742C6F
753D4465 70617274 6D656E74 2532306F 66253230 456E6572 67792C6F
3D552E53
2E253230 476F7665 726E6D65 6E742C63 3D55533F 3F626173 65868185
6C646170
3A2F2F2F 434E3D43 41312C43 4E3D4341 53657276 65722C43 4E3D4344
502C434E
3D507562 6C696320 4B657920 53657276 69636573 2C434E3D 53657276
69636573
2C434E3D 436F6E66 69677572 6174696F 6E2C4443 3D726F6F 742C4443
3D6B6370
2C44433D 636F6D3F 63657274 69666963 61746552 65766F63 6174696F
6E4C6973
74300B06 03551D0F 04040302 0520301F 0603551D 23041830 168014D8
9483D59A
6B2F737D A2F1CA82 6BD1ABC4 06C7BE30 1D060355 1D0E0416 0414BCF1
13E31D54
1BA07348 2C30AE2B 69A0D7CE 4E5D3009 0603551D 13040230 00301906
092A8648
86F67D07 4100040C 300A1B04 56372E31 03020490 300D0609 2A864886
F70D0101
05050003 81810050 75D4AEE3 CF0D112B A1D0B610 93158141 E892E3D2
7E9F07C0
67A8CB64 33725D41 440DFBF3 FE3C6DDB F1C972B3 EBFD90E9 854FB862
BD03513C
DD71CD72 752FD7EA 7972B908 31C11686 295CE116 4BD6A17B A37EB8CB
E5B59085
560D0A7A A509D152 186FD599 E2119CCE A30F87C6 5048CA9E BEF5A3A3
82BC7CA4
EEFCF7AA 057CC9
Returned: 0 CKR_OK
27: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134613664 Matches
Returned: 0 CKR_OK
28: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060aa0
CKA_ID requested with 1 buffer
CKA_VALUE requested with 1351 buffer
CKA_ID has size 1
CKA_VALUE has size 1429
Returned: 0 CKR_OK
29: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060aa0
CKA_ID requested with 1 buffer
CKA_VALUE requested with 1429 buffer
CKA_ID [size : 0x1 (1)]
00
CKA_VALUE [size : 0x595 (1429)]
30820591 308204FA A0030201 0202043E CA43DB30 0D06092A 864886F7
0D010105
0500306F 310B3009 06035504 06130255 53311830 16060355 040A130F
552E532E
20476F76 65726E6D 656E7431 1D301B06 0355040B 13144465 70617274
6D656E74
206F6620 456E6572 6779311A 30180603 55040B13 114B616E 73617320
43697479
20506C61 6E74310B 30090603 55040B13 02434130 1E170D30 36303830
33313630
3735305A 170D3039 30383033 31363337 35305A30 81B1310B 30090603
55040613
02555331 18301606 0355040A 130F552E 532E2047 6F766572 6E6D656E
74311D30
1B060355 040B1314 44657061 72746D65 6E74206F 6620456E 65726779
311A3018
06035504 0B13114B 616E7361 73204369 74792050 6C616E74 310F300D
06035504
0B130670 6572736F 6E310E30 0C060355 040B1305 6C6F6361 6C312C30
0D060355
04051306 75363032 3637301B 06035504 0313144D 69636861 656C2042
2E20416C
6578616E 64657230 819F300D 06092A86 4886F70D 01010105 0003818D
00308189
02818100 89E42655 C26A3DD8 58349968 A5A32FAE 2FF199EE 0D334E2D
E24AA53F
AFD5AAF9 0D9EEACE 7224BB09 D2F4739F 8A678433 7E9F8892 71B4A7F5
27C278A7
71C6BD0C FB4DA725 19934967 8A4CBD9D 36FB8518 F0A81FDB D7F57B55
1912A2C8
8AA9859C 732CD522 8E95A9D0 70A79522 ABC3E0F1 4C374FA8 E1799B48
54668406
042FFF23 02030100 01A38202 F5308202 F1300B06 03551D0F 04040302
0780302B
0603551D 10042430 22800F32 30303630 38303331 36303735 305A810F
32303038
30393038 32303337 35305A30 1F060355 1D250418 30160608 2B060105
05070302
060A2B06 01040182 37140202 30170603 551D2004 10300E30 0C060A60
86480165
0302010A 04304006 03551D11 04393037 81126D61 6C657861 6E646572
406B6370
2E636F6D A021060A 2B060104 01823714 0203A013 0C117536 30323637
4061642E
6B63702E 636F6D30 1B060355 1D090414 30123010 06092A86 4886F67D
07441D31
03020111 308201B4 0603551D 1F048201 AB308201 A730818A A08187A0
8184A481
81307F31 0B300906 03550406 13025553 31183016 06035504 0A130F55
2E532E20
476F7665 726E6D65 6E74311D 301B0603 55040B13 14446570 6172746D
656E7420
6F662045 6E657267 79311A30 18060355 040B1311 4B616E73 61732043
69747920
506C616E 74310B30 09060355 040B1302 4341310E 300C0603 55040313
0543524C
31373082 0116A082 0112A082 010E8681 836C6461 703A2F2F 656E7472
75737464
69722E6B 63702E63 6F6D2F63 6E3D5769 6E436F6D 62696E65 64312C6F
753D4341
2C6F753D 4B616E73 61732532 30436974 79253230 506C616E 742C6F75
3D446570
6172746D 656E7425 32306F66 25323045 6E657267 792C6F3D 552E532E
25323047
6F766572 6E6D656E 742C633D 55533F3F 62617365 8681856C 6461703A
2F2F2F43
4E3D4341 312C434E 3D434153 65727665 722C434E 3D434450 2C434E3D
5075626C
6963204B 65792053 65727669 6365732C 434E3D53 65727669 6365732C
434E3D43
6F6E6669 67757261 74696F6E 2C44433D 726F6F74 2C44433D 6B63702C
44433D63
6F6D3F63 65727469 66696361 74655265 766F6361 74696F6E 4C697374
301F0603
551D2304 18301680 14D89483 D59A6B2F 737DA2F1 CA826BD1 ABC406C7
BE301D06
03551D0E 04160414 29704371 70BCFD33 E6DDA186 60E3CD45 A09EE354
30090603
551D1304 02300030 1906092A 864886F6 7D074100 040C300A 1B045637
2E310302
04B0300D 06092A86 4886F70D 01010505 00038181 0042F9C0 B1607678
6EF1E5FF
E90C23FD C2BDAC68 A7DCEC63 F541AA3B F3EA9D9D 36115A54 14B74B0C
769E3487
F5B60080 F3C23E9E BE908AD8 18380393 F333DFCC 794782C4 8B159D4B
DE0E9C9B
7BF4ACCE 0F586AA7 2E0EC60A E36B3B55 992F8B3B 0AE156A8 3F95C10C
D8E40860
931BFC39 D2DBF130 FF53CD62 18294EEB FE7A5318 71
Returned: 0 CKR_OK
30: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK
31: C_FindObjectsFinal
[in] hSession = 0x8052438
Returned: 0 CKR_OK
32: C_CloseSession
[in] hSession = 0x8052438
Returned: 0 CKR_OK
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806f8c0
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806f8c0
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052620
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806f8c0
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 000414C5 89CD9A75 43934015 0D224CD1
3E5BE1F8
6B9145
Returned: 6 CKR_FUNCTION_FAILED
To
cc
Subject
Re: pkinit integration with smart card
Post by m***@kcp.com
I think I just had a light bulb go off. The hKey value isn't a key like
a
Post by m***@kcp.com
symmetric key. The hKey value is an object on the card, that is
the private key. Is this right?
Sort of. Its a handle to pass to the PKCS#11 that it uses to find the
key on the card.
Post by m***@kcp.com
The hKey value is found in Mozilla with a FindObjectsInit using
[in] pTemplate[2]: CKA_ID [size : 0x1 (1)]
00
CKA_CLASS CKO_PRIVATE_KEY
The object that matches is returned and used in the SignInit
function.
In heimdal pkinit it looks like it sends the FindObjectsInit with just
the
Post by m***@kcp.com
CKA_CLASS for the Private key.
And what does the FindObject return? Just one key, or many keys.
Are the calls to the FindObject... and C_Sign all in the same
session?
Are there any other calls between the two that would cause the PKCS#11
to get confused about what hKey was to be used with trhe C_Sign.
Post by m***@kcp.com
Can I add the CKA_ID for 00 in the FindObjectsInit?
Maybe. But this may depend on how many keys are on the card,
and you need to use the key that matches the certificate.
The certificate should have a CKA_ID that can be used to find the
matching key. So the apliucation code should use this when it
is trying to find the key object.
Do you have a copy of the PKCS#11 douument? It can be found at
http://www.rsasecurity.com/rsalabs/node.asp?id=2133
or Google for RSA PKCS#11 it "must" reading when debuging PKCS#11.
Post by m***@kcp.com
09/01/2006 10:44 AM
To
cc
Subject
Re: pkinit integration with smart card
Post by m***@kcp.com
Thanks for the response. Complely new to these low level points with
the
Post by m***@kcp.com
Smart Card so I've been looking up some terms, I appreciate the advice.
pkcs11-tool --module /usr/local/acgold/lib/libpkcs11.so -M
I am not sure what the other flags are, but I would expect the
RSA-PKCS would have sign, verify, wrap, unwrap, and maybe decrypt.
Note it did not say sign, which is the operation you are trying to do.
Post by m***@kcp.com
RSA-PKCS, wrap, unwrap, other flags=0x20000
SHA1-RSA-PKCS, sign, verify, wrap, unwrap, encrypt, decrypt,
keypairgen,
Post by m***@kcp.com
other flags=0x2d000
The available mechanisum from PKCS11 are a combinatiuon of what
can be done
in the software and the smartcard. For example the SHA1 hash
might be
done
Post by m***@kcp.com
by sending the data to the card, or could be done by the pkcs11 software
to produce the hash.
I am suprised if it can do SHA1_RSA_PKCS sign, it can't do
RSA_PKCS as this just skips the hash set.
Post by m***@kcp.com
The length of the destination buffer is 128 bytes. The length
of the signature in pData is 35 bytes. Is the CKM_RSA_X_509
mechanism a tool
of
Post by m***@kcp.com
the Card? Should/could the pData for signature be padded to 128
with a method external to the card?
A sign with RSA_PKCS says take the input and pad with PKCS
padding 01
then
Post by m***@kcp.com
do an RSA encrypt using the private key. The data must be less then
keysize-11 so normally the data sent is a hash of the data you really
want
Post by m***@kcp.com
to sign.
A sign with SHA1_RSA_PKCS says pass the data (any length) to the C_Sign
or
Post by m***@kcp.com
(C_SignUpdate...+C_SignFinal) then do the padding and encrypt with RSA.
So as Love pointed out, the Heimdal applicaiton could send the data
pre hashed data to the PKCS11 using SHA1_RSA_PKCS.
Post by m***@kcp.com
08/31/2006 01:41 PM
To
cc
Subject
Re: pkinit integration with smart card
I have gotten the Heimdal to work with other OpenSC supported cards.
It could be that the card says it has the CKM_RSA_PKCS but
really does
not or the pkcs11 lib is simulating CKM_RSA_PKCS and is having problems
doing the padding. It might be possible to use the
CKM_RSA_X_509 (raw)
mechanisum, by doing the PKCS padding first, then calling the C_Sign
functions.
Could also be that the pkcs11 is expecting the pSignature and
pSignatureLen
to be set correctly, i.e. for a 1024 key, to a 128 byte buffer, and it
is
Post by m***@kcp.com
returing the wrong error code.
If you can use the OpenSC spy, can you use the pkcs11-tool as well
pointing it at your PKCS11( -module <sharedlib>)? What
mechanisums does
it say it has?
Post by m***@kcp.com
Any idea as to why I would receive a CKR_FUNCTION_FAILED error
on the C_Sign operation from PKCS11 module?
I'm getting to the signature operation on the smart card for PKINIT
when
Post by m***@kcp.com
Post by m***@kcp.com
Post by m***@kcp.com
the kinit segment faults. I used the pkcs11 spy library from OpenSC
and
Post by m***@kcp.com
Post by m***@kcp.com
Post by m***@kcp.com
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806b860
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806b860
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052508
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806b860
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 00041496 9A0A7A5A 74DA942D CA0160DF
CEABACB2
EB2E3F
Returned: 6 CKR_FUNCTION_FAILED
I've been trying to get the pkinit functionality to work with
the ActivCard Gold middleware product. They provide the pkcs11
module;
using
Post by m***@kcp.com
this module I'm able to get it to work with SSH using a patch, but I
have
Post by m***@kcp.com
not had success with heimdal.
The module does not implement the CKA_PUBLIC_EXPONENT class.
Originally,
Post by m***@kcp.com
Post by m***@kcp.com
Post by m***@kcp.com
the kinit aborts due to the missing exponent and so that's
manually inserted to the value from the certificates on the
Smart Card in the ks_p11.c.
rsa->e = getattr_bn(p, slot, session, object,
CKA_PUBLIC_EXPONENT);
if (rsa->e == NULL)
BN_dec2bn(&rsa->e, "65537");
if (rsa->e == NULL)
_hx509_abort("CKA_PUBLIC_EXPONENT missing");
I've also changed the rsa->e to any number with the same
results, so
I'm
Post by m***@kcp.com
Post by m***@kcp.com
Post by m***@kcp.com
wondering if I'm doing it right.
--
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Douglas E. Engert
2006-09-05 22:04:35 UTC
Permalink
The standard say one login is enough for all session since they all share
the same loginstate.
That said, I can belive you that this is the case, I've commited code
that should
deal with by keeping the session around. See next snapshot generated in
a couple of hours.
Version 2.01 C_CloseSesion says: "When a sesion is closed, all session
objects created by the sesion are destroyed automaticly, even if the
application has other sessions "using" the objects".

I would infer that this may be the problem with the hKey object,
as it was found using one session then was trying to be used in the
other session, and the two sesisons where no open at the same time
either.

Sounds like you change should address this problem, and I hope .
Love
Post by Douglas E. Engert
6 C_OpenSesion
7 C_Login CKU_USER
32 C_CloseSesion
33 C_OpenSession
34 C_SignInit
35 C_Sign --- fail
It is not clear why the application clooses one session then opens
and a new session without the C_Login to do the do the C_Sign.
It is also not clear if you can close a sesion and expect the
hanldes to objects found under that session to still be valid
and usable be another sesion.
The library may be sending a close or reset to the card, when the
session is closed, thus the C_Sign will fail because the card will
not allow it.
Your card and PKCS#11 maybe working as expected, and it might be the
application code that needs to be changed to use use a single session.
With some other cards, the PKCS#11 implentation may not be enforcing
this behavior and card as it should and the second sesion has access
to the crypto on the card.
Post by m***@kcp.com
p11_list_keys() cycles through the classes. and uses the
iterate_entries() method is used to find the objects. First i opens
8: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_PRIVATE_KEY
Returned: 0 CKR_OK
That finds 1 object then that object has GetAttributeValue run
through CKA_ID/CKA_VALUE, CKA_MODULUS, CKA_PUBLIC_EXPONENT (fails,
note below manually populated the rsa->e value with the exponent
from the certficate). All the values are reqeusted with a 0 buffer
to get the size, then with a second request with the proper buffer
allocations. Another FindObjects is called, this returns an objects
and the GetAttributeValues are run through as before. This is the
object that is used for the hKey value in CKA_SignInit later.
Then the FindObjectsFinal is sent. The FindObjectsInit is sent again;
23: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_CERTIFICATE
Returned: 0 CKR_OK
That finds 1 object and then the GetAttributevalues are run same as
before for CKA_ID/CKA_VALUE, then FindObjects is called again, a
different objects matches and GetAttributes are called for
CKA_ID/CKA_VALUE
FindObjects is called again, with no returned and findObjectsFinal,
then the session is closed.
Next the applications Opens a new session and does the C_SignInit
with the hkey value of from the second object found in the
PRIVATE_KEY search. Then the C_Sign function fails.
*************** OpenSC PKCS#11 spy *****************
Loaded: "/usr/local/acgold/lib/libpkcs11.so"
0: C_GetFunctionList
Returned: 0 CKR_OK
1: C_Initialize
Returned: 0 CKR_OK
2: C_GetSlotList
[in] tokenPresent = 0x0
Count is 1
[out] *pulCount = 0x1
Returned: 0 CKR_OK
3: C_GetSlotList
[in] tokenPresent = 0x0
Slot 1
[out] *pulCount = 0x1
Returned: 0 CKR_OK
4: C_GetSlotInfo
[in] slotID = 0x1
slotDescription: 'ActivCard USB Reader 2.0 (60102D'
'27) 00 00 '
manufacturerID: 'Unknown MFR '
hardwareVersion: 1.0
firmwareVersion: 1.0
flags: 7
CKF_TOKEN_PRESENT
CKF_REMOVABLE_DEVICE
CKF_HW_SLOT
Returned: 0 CKR_OK
5: C_GetTokenInfo
[in] slotID = 0x1
label: 'ActivIdentity Smart Card '
manufacturerID: 'Unknown MFR '
model: 'Unknown Model '
serialNumber: '1 '
ulMaxSessionCount: 0
ulSessionCount: 0
ulMaxRwSessionCount: 0
ulRwSessionCount: 0
ulMaxPinLen: 8
ulMinPinLen: 8
ulTotalPublicMemory: 0
ulFreePublicMemory: 0
ulTotalPrivateMemory: 0
ulFreePrivateMemory: 0
hardwareVersion: 255.0
firmwareVersion: 255.0
time: '0000000000000000'
flags: 40d
CKF_RNG
CKF_LOGIN_REQUIRED
CKF_USER_PIN_INITIALIZED
CKF_TOKEN_INITIALIZED
Returned: 0 CKR_OK
6: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x8052438
Returned: 0 CKR_OK
7: C_Login
[in] hSession = 0x8052438
[in] userType = CKU_USER
[in] pPin[ulPinLen] [size : 0x6 (6)]
36353431 3233
Returned: 0 CKR_OK
8: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_PRIVATE_KEY
Returned: 0 CKR_OK
9: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134612592 Matches
Returned: 0 CKR_OK
10: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_ID requested with 0 buffer
CKA_ID has size 1
Returned: 0 CKR_OK
11: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_ID requested with 1 buffer
CKA_ID [size : 0x1 (1)]
01
Returned: 0 CKR_OK
12: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_MODULUS requested with 0 buffer
CKA_MODULUS has size 128
Returned: 0 CKR_OK
13: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_MODULUS requested with 128 buffer
CKA_MODULUS [size : 0x80 (128)]
9DA6B972 1C10BFF8 C5D762E2 3439468F B907EDB0 CC9303CA B4F2C5B4
9A9D30A3
9DD7D36E 4020E756 A947A48C 59176B6E 70F58A84 CD4282BC 0996A561
4496FA47
6B03DE82 FF56A682 03517E8F D0D7D322 15346B06 2B1A39F0 C3202FC8
A12C3043
81F44F5E 5E074D17 62899B4B 9CF10374 FD484A3A F815166A 02D43C0D
9BB22387
Returned: 0 CKR_OK
14: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060670
CKA_PUBLIC_EXPONENT requested with 0 buffer
CKA_PUBLIC_EXPONENT has size -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID
15: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134555168 Matches
Returned: 0 CKR_OK
16: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_ID requested with 1 buffer
CKA_ID has size 1
Returned: 0 CKR_OK
17: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_ID requested with 1 buffer
CKA_ID [size : 0x1 (1)]
00
Returned: 0 CKR_OK
18: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_MODULUS requested with 0 buffer
CKA_MODULUS has size 128
Returned: 0 CKR_OK
19: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_MODULUS requested with 128 buffer
CKA_MODULUS [size : 0x80 (128)]
89E42655 C26A3DD8 58349968 A5A32FAE 2FF199EE 0D334E2D E24AA53F
AFD5AAF9
0D9EEACE 7224BB09 D2F4739F 8A678433 7E9F8892 71B4A7F5 27C278A7
71C6BD0C
FB4DA725 19934967 8A4CBD9D 36FB8518 F0A81FDB D7F57B55 1912A2C8
8AA9859C
732CD522 8E95A9D0 70A79522 ABC3E0F1 4C374FA8 E1799B48 54668406
042FFF23
Returned: 0 CKR_OK
20: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8052620
CKA_PUBLIC_EXPONENT requested with 0 buffer
CKA_PUBLIC_EXPONENT has size -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID
21: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK
22: C_FindObjectsFinal
[in] hSession = 0x8052438
Returned: 0 CKR_OK
23: C_FindObjectsInit
[in] hSession = 0x8052438
CKA_CLASS CKO_CERTIFICATE
Returned: 0 CKR_OK
24: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134630568 Matches
Returned: 0 CKR_OK
25: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8064ca8
CKA_ID requested with 1 buffer
CKA_VALUE requested with 0 buffer
CKA_ID has size 1
CKA_VALUE has size 1351
Returned: 0 CKR_OK
26: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8064ca8
CKA_ID requested with 1 buffer
CKA_VALUE requested with 1351 buffer
CKA_ID [size : 0x1 (1)]
01
CKA_VALUE [size : 0x547 (1351)]
30820543 308204AC A0030201 0202043E CA423A30 0D06092A 864886F7
0D010105
0500306F 310B3009 06035504 06130255 53311830 16060355 040A130F
552E532E
20476F76 65726E6D 656E7431 1D301B06 0355040B 13144465 70617274
6D656E74
206F6620 456E6572 6779311A 30180603 55040B13 114B616E 73617320
43697479
20506C61 6E74310B 30090603 55040B13 02434130 1E170D30 36303732
36313733
3134305A 170D3039 30373236 31383031 34305A30 81B1310B 30090603
55040613
02555331 18301606 0355040A 130F552E 532E2047 6F766572 6E6D656E
74311D30
1B060355 040B1314 44657061 72746D65 6E74206F 6620456E 65726779
311A3018
06035504 0B13114B 616E7361 73204369 74792050 6C616E74 310F300D
06035504
0B130670 6572736F 6E310E30 0C060355 040B1305 6C6F6361 6C312C30
0D060355
04051306 75363032 3637301B 06035504 0313144D 69636861 656C2042
2E20416C
6578616E 64657230 819F300D 06092A86 4886F70D 01010105 0003818D
00308189
02818100 9DA6B972 1C10BFF8 C5D762E2 3439468F B907EDB0 CC9303CA
B4F2C5B4
9A9D30A3 9DD7D36E 4020E756 A947A48C 59176B6E 70F58A84 CD4282BC
0996A561
4496FA47 6B03DE82 FF56A682 03517E8F D0D7D322 15346B06 2B1A39F0
C3202FC8
A12C3043 81F44F5E 5E074D17 62899B4B 9CF10374 FD484A3A F815166A
02D43C0D
9BB22387 02030100 01A38202 A7308202 A3301706 03551D20 0410300E
300C060A
60864801 65030201 0A043040 0603551D 11043930 3781126D 616C6578
616E6465
72406B63 702E636F 6DA02106 0A2B0601 04018237 140203A0 130C1175
36303236
37406164 2E6B6370 2E636F6D 301B0603 551D0904 14301230 1006092A
864886F6
7D07441D 31030201 11308201 B4060355 1D1F0482 01AB3082 01A73081
8AA08187
A08184A4 8181307F 310B3009 06035504 06130255 53311830 16060355
040A130F
552E532E 20476F76 65726E6D 656E7431 1D301B06 0355040B 13144465
70617274
6D656E74 206F6620 456E6572 6779311A 30180603 55040B13 114B616E
73617320
43697479 20506C61 6E74310B 30090603 55040B13 02434131 0E300C06
03550403
13054352 4C313730 820116A0 820112A0 82010E86 81836C64 61703A2F
2F656E74
72757374 6469722E 6B63702E 636F6D2F 636E3D57 696E436F 6D62696E
6564312C
6F753D43 412C6F75 3D4B616E 73617325 32304369 74792532 30506C61
6E742C6F
753D4465 70617274 6D656E74 2532306F 66253230 456E6572 67792C6F
3D552E53
2E253230 476F7665 726E6D65 6E742C63 3D55533F 3F626173 65868185
6C646170
3A2F2F2F 434E3D43 41312C43 4E3D4341 53657276 65722C43 4E3D4344
502C434E
3D507562 6C696320 4B657920 53657276 69636573 2C434E3D 53657276
69636573
2C434E3D 436F6E66 69677572 6174696F 6E2C4443 3D726F6F 742C4443
3D6B6370
2C44433D 636F6D3F 63657274 69666963 61746552 65766F63 6174696F
6E4C6973
74300B06 03551D0F 04040302 0520301F 0603551D 23041830 168014D8
9483D59A
6B2F737D A2F1CA82 6BD1ABC4 06C7BE30 1D060355 1D0E0416 0414BCF1
13E31D54
1BA07348 2C30AE2B 69A0D7CE 4E5D3009 0603551D 13040230 00301906
092A8648
86F67D07 4100040C 300A1B04 56372E31 03020490 300D0609 2A864886
F70D0101
05050003 81810050 75D4AEE3 CF0D112B A1D0B610 93158141 E892E3D2
7E9F07C0
67A8CB64 33725D41 440DFBF3 FE3C6DDB F1C972B3 EBFD90E9 854FB862
BD03513C
DD71CD72 752FD7EA 7972B908 31C11686 295CE116 4BD6A17B A37EB8CB
E5B59085
560D0A7A A509D152 186FD599 E2119CCE A30F87C6 5048CA9E BEF5A3A3
82BC7CA4
EEFCF7AA 057CC9
Returned: 0 CKR_OK
27: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 134613664 Matches
Returned: 0 CKR_OK
28: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060aa0
CKA_ID requested with 1 buffer
CKA_VALUE requested with 1351 buffer
CKA_ID has size 1
CKA_VALUE has size 1429
Returned: 0 CKR_OK
29: C_GetAttributeValue
[in] hSession = 0x8052438
[in] hObject = 0x8060aa0
CKA_ID requested with 1 buffer
CKA_VALUE requested with 1429 buffer
CKA_ID [size : 0x1 (1)]
00
CKA_VALUE [size : 0x595 (1429)]
30820591 308204FA A0030201 0202043E CA43DB30 0D06092A 864886F7
0D010105
0500306F 310B3009 06035504 06130255 53311830 16060355 040A130F
552E532E
20476F76 65726E6D 656E7431 1D301B06 0355040B 13144465 70617274
6D656E74
206F6620 456E6572 6779311A 30180603 55040B13 114B616E 73617320
43697479
20506C61 6E74310B 30090603 55040B13 02434130 1E170D30 36303830
33313630
3735305A 170D3039 30383033 31363337 35305A30 81B1310B 30090603
55040613
02555331 18301606 0355040A 130F552E 532E2047 6F766572 6E6D656E
74311D30
1B060355 040B1314 44657061 72746D65 6E74206F 6620456E 65726779
311A3018
06035504 0B13114B 616E7361 73204369 74792050 6C616E74 310F300D
06035504
0B130670 6572736F 6E310E30 0C060355 040B1305 6C6F6361 6C312C30
0D060355
04051306 75363032 3637301B 06035504 0313144D 69636861 656C2042
2E20416C
6578616E 64657230 819F300D 06092A86 4886F70D 01010105 0003818D
00308189
02818100 89E42655 C26A3DD8 58349968 A5A32FAE 2FF199EE 0D334E2D
E24AA53F
AFD5AAF9 0D9EEACE 7224BB09 D2F4739F 8A678433 7E9F8892 71B4A7F5
27C278A7
71C6BD0C FB4DA725 19934967 8A4CBD9D 36FB8518 F0A81FDB D7F57B55
1912A2C8
8AA9859C 732CD522 8E95A9D0 70A79522 ABC3E0F1 4C374FA8 E1799B48
54668406
042FFF23 02030100 01A38202 F5308202 F1300B06 03551D0F 04040302
0780302B
0603551D 10042430 22800F32 30303630 38303331 36303735 305A810F
32303038
30393038 32303337 35305A30 1F060355 1D250418 30160608 2B060105
05070302
060A2B06 01040182 37140202 30170603 551D2004 10300E30 0C060A60
86480165
0302010A 04304006 03551D11 04393037 81126D61 6C657861 6E646572
406B6370
2E636F6D A021060A 2B060104 01823714 0203A013 0C117536 30323637
4061642E
6B63702E 636F6D30 1B060355 1D090414 30123010 06092A86 4886F67D
07441D31
03020111 308201B4 0603551D 1F048201 AB308201 A730818A A08187A0
8184A481
81307F31 0B300906 03550406 13025553 31183016 06035504 0A130F55
2E532E20
476F7665 726E6D65 6E74311D 301B0603 55040B13 14446570 6172746D
656E7420
6F662045 6E657267 79311A30 18060355 040B1311 4B616E73 61732043
69747920
506C616E 74310B30 09060355 040B1302 4341310E 300C0603 55040313
0543524C
31373082 0116A082 0112A082 010E8681 836C6461 703A2F2F 656E7472
75737464
69722E6B 63702E63 6F6D2F63 6E3D5769 6E436F6D 62696E65 64312C6F
753D4341
2C6F753D 4B616E73 61732532 30436974 79253230 506C616E 742C6F75
3D446570
6172746D 656E7425 32306F66 25323045 6E657267 792C6F3D 552E532E
25323047
6F766572 6E6D656E 742C633D 55533F3F 62617365 8681856C 6461703A
2F2F2F43
4E3D4341 312C434E 3D434153 65727665 722C434E 3D434450 2C434E3D
5075626C
6963204B 65792053 65727669 6365732C 434E3D53 65727669 6365732C
434E3D43
6F6E6669 67757261 74696F6E 2C44433D 726F6F74 2C44433D 6B63702C
44433D63
6F6D3F63 65727469 66696361 74655265 766F6361 74696F6E 4C697374
301F0603
551D2304 18301680 14D89483 D59A6B2F 737DA2F1 CA826BD1 ABC406C7
BE301D06
03551D0E 04160414 29704371 70BCFD33 E6DDA186 60E3CD45 A09EE354
30090603
551D1304 02300030 1906092A 864886F6 7D074100 040C300A 1B045637
2E310302
04B0300D 06092A86 4886F70D 01010505 00038181 0042F9C0 B1607678
6EF1E5FF
E90C23FD C2BDAC68 A7DCEC63 F541AA3B F3EA9D9D 36115A54 14B74B0C
769E3487
F5B60080 F3C23E9E BE908AD8 18380393 F333DFCC 794782C4 8B159D4B
DE0E9C9B
7BF4ACCE 0F586AA7 2E0EC60A E36B3B55 992F8B3B 0AE156A8 3F95C10C
D8E40860
931BFC39 D2DBF130 FF53CD62 18294EEB FE7A5318 71
Returned: 0 CKR_OK
30: C_FindObjects
[in] hSession = 0x8052438
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK
31: C_FindObjectsFinal
[in] hSession = 0x8052438
Returned: 0 CKR_OK
32: C_CloseSession
[in] hSession = 0x8052438
Returned: 0 CKR_OK
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806f8c0
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806f8c0
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052620
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806f8c0
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 000414C5 89CD9A75 43934015 0D224CD1
3E5BE1F8
6B9145
Returned: 6 CKR_FUNCTION_FAILED
To
cc
Subject
Re: pkinit integration with smart card
I think I just had a light bulb go off. The hKey value isn't a key
like
a
symmetric key. The hKey value is an object on the card, that is
the private key. Is this right?
Sort of. Its a handle to pass to the PKCS#11 that it uses to find the
key on the card.
The hKey value is found in Mozilla with a FindObjectsInit using the
[in] pTemplate[2]: CKA_ID [size : 0x1 (1)]
00
CKA_CLASS CKO_PRIVATE_KEY
The object that matches is returned and used in the SignInit function.
In heimdal pkinit it looks like it sends the FindObjectsInit with just
the
CKA_CLASS for the Private key.
And what does the FindObject return? Just one key, or many keys.
Are the calls to the FindObject... and C_Sign all in the same session?
Are there any other calls between the two that would cause the PKCS#11
to get confused about what hKey was to be used with trhe C_Sign.
Can I add the CKA_ID for 00 in the FindObjectsInit?
Maybe. But this may depend on how many keys are on the card,
and you need to use the key that matches the certificate.
The certificate should have a CKA_ID that can be used to find the
matching key. So the apliucation code should use this when it
is trying to find the key object.
Do you have a copy of the PKCS#11 douument? It can be found at
http://www.rsasecurity.com/rsalabs/node.asp?id=2133
or Google for RSA PKCS#11 it "must" reading when debuging PKCS#11.
09/01/2006 10:44 AM
To
cc
Subject
Re: pkinit integration with smart card
Thanks for the response. Complely new to these low level points with
the
Smart Card so I've been looking up some terms, I appreciate the advice.
pkcs11-tool --module /usr/local/acgold/lib/libpkcs11.so -M
I am not sure what the other flags are, but I would expect the
RSA-PKCS would have sign, verify, wrap, unwrap, and maybe decrypt.
Note it did not say sign, which is the operation you are trying to do.
RSA-PKCS, wrap, unwrap, other flags=0x20000
SHA1-RSA-PKCS, sign, verify, wrap, unwrap, encrypt, decrypt,
keypairgen,
other flags=0x2d000
The available mechanisum from PKCS11 are a combinatiuon of what can
be done
in the software and the smartcard. For example the SHA1 hash might be
done
by sending the data to the card, or could be done by the pkcs11 software
to produce the hash.
I am suprised if it can do SHA1_RSA_PKCS sign, it can't do
RSA_PKCS as this just skips the hash set.
The length of the destination buffer is 128 bytes. The length of
the signature in pData is 35 bytes. Is the CKM_RSA_X_509
mechanism a tool
of
the Card? Should/could the pData for signature be padded to 128
with a method external to the card?
A sign with RSA_PKCS says take the input and pad with PKCS padding 01
then
do an RSA encrypt using the private key. The data must be less then
keysize-11 so normally the data sent is a hash of the data you really
want
to sign.
A sign with SHA1_RSA_PKCS says pass the data (any length) to the C_Sign
or
(C_SignUpdate...+C_SignFinal) then do the padding and encrypt with
RSA.
So as Love pointed out, the Heimdal applicaiton could send the data
pre hashed data to the PKCS11 using SHA1_RSA_PKCS.
08/31/2006 01:41 PM
To
cc
Subject
Re: pkinit integration with smart card
I have gotten the Heimdal to work with other OpenSC supported cards.
It could be that the card says it has the CKM_RSA_PKCS but really
does
not or the pkcs11 lib is simulating CKM_RSA_PKCS and is having problems
doing the padding. It might be possible to use the CKM_RSA_X_509
(raw)
mechanisum, by doing the PKCS padding first, then calling the C_Sign
functions.
Could also be that the pkcs11 is expecting the pSignature and
pSignatureLen
to be set correctly, i.e. for a 1024 key, to a 128 byte buffer, and it
is
returing the wrong error code.
If you can use the OpenSC spy, can you use the pkcs11-tool as well
pointing it at your PKCS11( -module <sharedlib>)? What mechanisums
does
it say it has?
Any idea as to why I would receive a CKR_FUNCTION_FAILED error on
the C_Sign operation from PKCS11 module?
I'm getting to the signature operation on the smart card for PKINIT
when
the kinit segment faults. I used the pkcs11 spy library from OpenSC
and
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806b860
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806b860
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052508
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806b860
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 00041496 9A0A7A5A 74DA942D CA0160DF
CEABACB2
EB2E3F
Returned: 6 CKR_FUNCTION_FAILED
I've been trying to get the pkinit functionality to work with the
ActivCard Gold middleware product. They provide the pkcs11 module;
using
this module I'm able to get it to work with SSH using a patch, but I
have
not had success with heimdal.
The module does not implement the CKA_PUBLIC_EXPONENT class.
Originally,
the kinit aborts due to the missing exponent and so that's
manually inserted to the value from the certificates on the Smart
Card in the ks_p11.c.
rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT);
if (rsa->e == NULL)
BN_dec2bn(&rsa->e, "65537");
if (rsa->e == NULL)
_hx509_abort("CKA_PUBLIC_EXPONENT missing");
I've also changed the rsa->e to any number with the same results, so
I'm
wondering if I'm doing it right.
--
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
--
Douglas E. Engert <***@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Love Hörnquist Åstrand
2006-09-06 10:02:49 UTC
Permalink
Post by Douglas E. Engert
The standard say one login is enough for all session since they all share
the same loginstate.
That said, I can belive you that this is the case, I've commited
code that should
deal with by keeping the session around. See next snapshot
generated in
a couple of hours.
Version 2.01 C_CloseSesion says: "When a sesion is closed, all session
objects created by the sesion are destroyed automaticly, even if the
application has other sessions "using" the objects".
I was more thinking about the login state, ever relised that closeing of
session change the objects too.
Post by Douglas E. Engert
I would infer that this may be the problem with the hKey object,
as it was found using one session then was trying to be used in the
other session, and the two sesisons where no open at the same time
either.
Sounds like you change should address this problem, and I hope .
I would guess so to, I changed the soft-pkcs11 to have
the close-session-invalidates-object behavior and with the simple
testing I did the new code worked.

Thanks,
Love
m***@kcp.com
2006-09-06 15:12:49 UTC
Permalink
Progress! Thanks, Love and Doug! I get output from according to the p11
logs for the signature. That's great!

$ kinit -C PKCS11:/usr/lib/pkcs11-spy.so
PIN code for ActivCard USB Reader 2.0 (60102D27) 00 00:
( Wrap Unwrap )
( Encrypt Decrypt Sign SigRecov Verify VerRecov Generate KeyPair Wrap
Unwrap )
kinit: krb5_get_init_creds: Unknown error 569894

So that's a big hurdle gotten past. I need to see where I'm hanging up on
now, but I ran a quick packet capture and packets are getting sent the the
domain controller.






Love Hörnquist Åstrand <***@kth.se>
Sent by: owner-heimdal-***@sics.se
09/06/2006 05:02 AM

To
"Douglas E. Engert" <***@anl.gov>
cc
***@kcp.com, heimdal-***@sics.se
Subject
Re: pkinit integration with smart card
Post by Douglas E. Engert
The standard say one login is enough for all session since they all share
the same loginstate.
That said, I can belive you that this is the case, I've commited
code that should
deal with by keeping the session around. See next snapshot
generated in
a couple of hours.
Version 2.01 C_CloseSesion says: "When a sesion is closed, all session
objects created by the sesion are destroyed automaticly, even if the
application has other sessions "using" the objects".
I was more thinking about the login state, ever relised that closeing of
session change the objects too.
Post by Douglas E. Engert
I would infer that this may be the problem with the hKey object,
as it was found using one session then was trying to be used in the
other session, and the two sesisons where no open at the same time
either.
Sounds like you change should address this problem, and I hope .
I would guess so to, I changed the soft-pkcs11 to have
the close-session-invalidates-object behavior and with the simple
testing I did the new code worked.

Thanks,
Love
Love Hörnquist Åstrand
2006-09-03 19:04:15 UTC
Permalink
Post by m***@kcp.com
Thanks for the response. Complely new to these low level points
with the Smart Card so I've been looking up some terms, I
appreciate the advice.
pkcs11-tool --module /usr/local/acgold/lib/libpkcs11.so -M
RSA-PKCS, wrap, unwrap, other flags=0x20000
SHA1-RSA-PKCS, sign, verify, wrap, unwrap, encrypt, decrypt,
keypairgen, other flags=0x2d000
This part is very strange.

The SHA1-RSA-PKCS mechaism can only support sign and verify.
Either the pkcs11 tool is broken and prints the wrong thing or the
card is pulling your leg.

Love
Love Hörnquist Åstrand
2006-09-04 08:34:28 UTC
Permalink
Post by Love Hörnquist Åstrand
Post by m***@kcp.com
Thanks for the response. Complely new to these low level points
with the Smart Card so I've been looking up some terms, I
appreciate the advice.
pkcs11-tool --module /usr/local/acgold/lib/libpkcs11.so -M
RSA-PKCS, wrap, unwrap, other flags=0x20000
SHA1-RSA-PKCS, sign, verify, wrap, unwrap, encrypt, decrypt,
keypairgen, other flags=0x2d000
This part is very strange.
The SHA1-RSA-PKCS mechaism can only support sign and verify.
Either the pkcs11 tool is broken and prints the wrong thing or the
card is pulling your leg.
So if you use hxtool from the snapshot that will be generated tonight
you can see what heimdal thinks
about the pkcs11 module.

Love

$ hxtool print --info PKCS11:/Users/lha/pkcs11/lib/soft-pkcs11.so
pkcs11 driver with 1 slot
slot 0: id: 1 name: SoftToken (slot) flags: 00000004
number of supported mechanisms: 3
rsa-x-509(3) flags: (0x00062b01) unwrap, wrap, verify, sign,
decrypt, encrypt, hw
rsa-pkcs(1) flags: (0x00062b01) unwrap, wrap, verify, sign,
decrypt, encrypt, hw
sha1-rsa-pkcs(6) flags: (0x00002801) verify, sign, hw
cert: 0 (have private key)
issuer: "CN=Stockholm University CA,O=Stockholms universitet,C=SE"
subject: "UID=lha,CN=Love Hornquist Astrand,O=Stockholm
universitet,C=SE"
cert: 1
issuer: "CN=SwUPKI Policy CA,2.5.4.11=SwUPKI-PCA,O=Umea
University,C=SE"
subject: "CN=Stockholm University CA,O=Stockholms universitet,C=SE"
cert: 2
issuer: "CN=SwUPKI Policy CA,2.5.4.11=SwUPKI-PCA,O=Umea
University,C=SE"
subject: "CN=SwUPKI Policy CA,2.5.4.11=SwUPKI-PCA,O=Umea
University,C=SE"
m***@kcp.com
2006-09-05 15:51:44 UTC
Permalink
I ran the hxtool (thanks for adding that), but didn't see the results as
in Love's output. I'll give it the old college try to see if I can debug
more with the ActivIdentity P11 module.

$ hxtool print --info PKCS11:/usr/local/acgold/lib/libpkcs11.so
hxtool: hx509_certs_init: Failed to get session PKCS11 slot 0

In the output from pkcstool listing the objects I lots of warnings, and
other unknown output:

$ pkcs11-tool --module=/usr/local/acgold/lib/libpkcs11.so --list-objects
warning: PKCS11 function C_GetAttributeValue(KEY_TYPE) failed: rv =
CKR_ATTRIBUTE_TYPE_INVALID (0x12)

Public Key Object; unknown key algorithm 3221222308
warning: PKCS11 function C_GetAttributeValue(LABEL) failed: rv =
CKR_ATTRIBUTE_TYPE_INVALID (0x12)

ID: 01
warning: PKCS11 function C_GetAttributeValue(ENCRYPT) failed: rv =
CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(VERIFY) failed: rv =
CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(WRAP) failed: rv =
CKR_ATTRIBUTE_TYPE_INVALID (0x12)

Usage: encrypt, verify, wrap
Certificate Object, type = X.509 cert
label: Certificate2
ID: 01
warning: PKCS11 function C_GetAttributeValue(KEY_TYPE) failed: rv =
CKR_ATTRIBUTE_TYPE_INVALID (0x12)

Public Key Object; unknown key algorithm 3221222308
warning: PKCS11 function C_GetAttributeValue(LABEL) failed: rv =
CKR_ATTRIBUTE_TYPE_INVALID (0x12)

ID: 00
warning: PKCS11 function C_GetAttributeValue(ENCRYPT) failed: rv =
CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(VERIFY) failed: rv =
CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(WRAP) failed: rv =
CKR_ATTRIBUTE_TYPE_INVALID (0x12)

Usage: encrypt, verify, wrap
Certificate Object, type = X.509 cert
label: Certificate1
ID: 00
Private Key Object; RSA
warning: PKCS11 function C_GetAttributeValue(LABEL) failed: rv =
CKR_ATTRIBUTE_TYPE_INVALID (0x12)

ID: 01
Usage: decrypt, sign, unwrap
Private Key Object; RSA
warning: PKCS11 function C_GetAttributeValue(LABEL) failed: rv =
CKR_ATTRIBUTE_TYPE_INVALID (0x12)

ID: 00
Usage: decrypt, sign, unwrap



Love Hörnquist Åstrand <***@kth.se>
09/04/2006 03:34 AM

To
Love Hörnquist Åstrand <***@kth.se>
cc
***@kcp.com, "Douglas E. Engert" <***@anl.gov>,
heimdal-***@sics.se
Subject
Re: pkinit integration with smart card
Post by Love Hörnquist Åstrand
Post by m***@kcp.com
Thanks for the response. Complely new to these low level points
with the Smart Card so I've been looking up some terms, I
appreciate the advice.
pkcs11-tool --module /usr/local/acgold/lib/libpkcs11.so -M
RSA-PKCS, wrap, unwrap, other flags=0x20000
SHA1-RSA-PKCS, sign, verify, wrap, unwrap, encrypt, decrypt,
keypairgen, other flags=0x2d000
This part is very strange.
The SHA1-RSA-PKCS mechaism can only support sign and verify.
Either the pkcs11 tool is broken and prints the wrong thing or the
card is pulling your leg.
So if you use hxtool from the snapshot that will be generated tonight
you can see what heimdal thinks
about the pkcs11 module.

Love

$ hxtool print --info PKCS11:/Users/lha/pkcs11/lib/soft-pkcs11.so
pkcs11 driver with 1 slot
slot 0: id: 1 name: SoftToken (slot) flags: 00000004
number of supported mechanisms: 3
rsa-x-509(3) flags: (0x00062b01) unwrap, wrap, verify, sign,
decrypt, encrypt, hw
rsa-pkcs(1) flags: (0x00062b01) unwrap, wrap, verify, sign,
decrypt, encrypt, hw
sha1-rsa-pkcs(6) flags: (0x00002801) verify, sign, hw
cert: 0 (have private key)
issuer: "CN=Stockholm University CA,O=Stockholms universitet,C=SE"
subject: "UID=lha,CN=Love Hornquist Astrand,O=Stockholm
universitet,C=SE"
cert: 1
issuer: "CN=SwUPKI Policy CA,2.5.4.11=SwUPKI-PCA,O=Umea
University,C=SE"
subject: "CN=Stockholm University CA,O=Stockholms universitet,C=SE"
cert: 2
issuer: "CN=SwUPKI Policy CA,2.5.4.11=SwUPKI-PCA,O=Umea
University,C=SE"
subject: "CN=SwUPKI Policy CA,2.5.4.11=SwUPKI-PCA,O=Umea
University,C=SE"
Love Hörnquist Åstrand
2006-09-05 17:36:13 UTC
Permalink
Post by m***@kcp.com
I ran the hxtool (thanks for adding that), but didn't see the
results as in Love's output. I'll give it the old college try to
see if I can debug more with the ActivIdentity P11 module.
$ hxtool print --info PKCS11:/usr/local/acgold/lib/libpkcs11.so
hxtool: hx509_certs_init: Failed to get session PKCS11 slot 0
Ok, so I write error message like a, well, something. Here is a patch
that will make
it return something more interesting

http://people.su.se/~lha/patches/heimdal/pkcs11-session.patch

You probably want to login to the smartcard. Here is how you do that.

hxtool print --pass=PROMPT --info PKCS11:/Users/.....

$ hxtool print --pass=PROMPT --info PKCS11:/Users/lha/pkcs11/lib/soft-
pkcs11.so
PIN code for SoftToken (slot):
pkcs11 driver with 1 slot
slot 0: id: 1 name: SoftToken (slot) flags: 00000006



Love
m***@kcp.com
2006-09-05 18:44:48 UTC
Permalink
I did not have the PROMPT setup for the password input before; that for
sure affected the result, so my fault. Running that (with my pass
parameter set) does yield some results.

$ hxtool print --pass=PROMPT --info PKCS11:/usr/lib/pkcs11-spy.so
PIN code for ActivCard USB Reader 2.0 (60102D27) 00 00:
( Wrap Unwrap )
( Encrypt Decrypt Sign SigRecov Verify VerRecov Generate KeyPair Wrap
Unwrap )
pkcs11 driver with 1 slot
slot 0: id: 1 name: ActivCard USB Reader 2.0 (60102D27) 00 00 flags:
00000006
number of supported mechanisms: 2
rsa-pkcs: unwrap, wrap
sha1-rsa-pkcs: unwrap, wrap, genereate-key-pair, generate,
verify-recover, verify, sign-recover, sign, decrypt, encrypt
cert: 0 (have private key)
issuer: "OU=CA,OU=Kansas City Plant,OU=Department of Energy,O=U.S.
Government,C=US"
subject: "2.5.4.5=u60267+CN=Michael B.
Alexander,OU=local,OU=person,OU=Kansas City Plant,OU=Department of
Energy,O=U.S. Government,C=US"
cert: 1 (have private key)
issuer: "OU=CA,OU=Kansas City Plant,OU=Department of Energy,O=U.S.
Government,C=US"
subject: "2.5.4.5=u60267+CN=Michael B.
Alexander,OU=local,OU=person,OU=Kansas City Plant,OU=Department of
Energy,O=U.S. Government,C=US"

When I run the kinit with the options I see:

$ kinit -C PKCS11:/usr/lib/pkcs11-spy.so
PIN code for ActivCard USB Reader 2.0 (60102D27) 00 00:
( Wrap Unwrap )
( Encrypt Decrypt Sign SigRecov Verify VerRecov Generate KeyPair Wrap
Unwrap )
kinit: krb5_get_init_creds: Unknown error 569888



Love Hörnquist Åstrand <***@kth.se>
Sent by: owner-heimdal-***@sics.se
09/05/2006 12:36 PM

To
***@kcp.com
cc
"Douglas E. Engert" <***@anl.gov>, heimdal-***@sics.se
Subject
Re: pkinit integration with smart card







5 sep 2006 kl. 17.51 skrev ***@kcp.com:

I ran the hxtool (thanks for adding that), but didn't see the results as
in Love's output. I'll give it the old college try to see if I can debug
more with the ActivIdentity P11 module.

$ hxtool print --info PKCS11:/usr/local/acgold/lib/libpkcs11.so
hxtool: hx509_certs_init: Failed to get session PKCS11 slot 0

Ok, so I write error message like a, well, something. Here is a patch that
will make
it return something more interesting

http://people.su.se/~lha/patches/heimdal/pkcs11-session.patch

You probably want to login to the smartcard. Here is how you do that.

hxtool print --pass=PROMPT --info PKCS11:/Users/.....

$ hxtool print --pass=PROMPT --info
PKCS11:/Users/lha/pkcs11/lib/soft-pkcs11.so
PIN code for SoftToken (slot):
pkcs11 driver with 1 slot
slot 0: id: 1 name: SoftToken (slot) flags: 00000006



Love
Love Hörnquist Åstrand
2006-09-05 18:58:19 UTC
Permalink
Post by m***@kcp.com
number of supported mechanisms: 2
rsa-pkcs: unwrap, wrap
sha1-rsa-pkcs: unwrap, wrap, genereate-key-pair, generate, verify-
recover, verify, sign-recover, sign, decrypt, encrypt
This part show the the card is broken and lies though it teeth.
Post by m***@kcp.com
cert: 0 (have private key)
issuer: "OU=CA,OU=Kansas City Plant,OU=Department of
Energy,O=U.S. Government,C=US"
subject: "2.5.4.5=u60267+CN=Michael B.
Alexander,OU=local,OU=person,OU=Kansas City Plant,OU=Department of
Energy,O=U.S. Government,C=US"
cert: 1 (have private key)
issuer: "OU=CA,OU=Kansas City Plant,OU=Department of
Energy,O=U.S. Government,C=US"
subject: "2.5.4.5=u60267+CN=Michael B.
Alexander,OU=local,OU=person,OU=Kansas City Plant,OU=Department of
Energy,O=U.S. Government,C=US"
And here it the real problem, you have two cert/public key/private
key triplets on the card
and the code that is supposed to select the signing certificate
somehow failes to do the
right thing, it chooses the encryption only cert/key, and after that,
everything goes bad.

I'll try to add certs like that to the regression tests.

Neat to see that multivalue rdn printing code works....

Love
Love Hörnquist Åstrand
2006-09-05 19:46:59 UTC
Permalink
Post by Love Hörnquist Åstrand
Post by Love Hörnquist Åstrand
cert: 0 (have private key)
issuer: "OU=CA,OU=Kansas City Plant,OU=Department of
Energy,O=U.S. Government,C=US"
subject: "2.5.4.5=u60267+CN=Michael B.
Alexander,OU=local,OU=person,OU=Kansas City Plant,OU=Department of
Energy,O=U.S. Government,C=US"
cert: 1 (have private key)
issuer: "OU=CA,OU=Kansas City Plant,OU=Department of
Energy,O=U.S. Government,C=US"
subject: "2.5.4.5=u60267+CN=Michael B.
Alexander,OU=local,OU=person,OU=Kansas City Plant,OU=Department of
Energy,O=U.S. Government,C=US"
And here it the real problem, you have two cert/public key/private
key triplets on the card
and the code that is supposed to select the signing certificate
somehow failes to do the
right thing, it chooses the encryption only cert/key, and after
that, everything goes bad.
I'll try to add certs like that to the regression tests.
I apperenty already had those kind of certificates, but just not
support in hxtool to
use them, pk-init should use them.

With the patch below you can test if the selection code works for
your certificates.

$ for a in "" "-ke-only" "-ds-only" ; do ./hxtool query --digitalSig
--print \ FILE:$HOME/src/heimdal/lib/hx509/data/test$a.crt ; done
match found
private key: no
issuer: "C=SE,CN=hx509 Test Root CA"
subject: "CN=Test cert,C=SE"
no match found (569873)
match found
private key: no
issuer: "C=SE,CN=hx509 Test Root CA"
subject: "CN=Test cert DigitalSignature,C=SE"


http://people.su.se/~lha/patches/heimdal/hxtool-query-flag-print.patch


Love
m***@kcp.com
2006-09-05 23:04:59 UTC
Permalink
I eagerly will await the snapshot tonight, thanks for doing that so
quickly. Here is the output form the hxquery tool (with
PKCS11SPY=/usr/local/acgold/lib/libpkcs11.so), if that's useful.

$ hxtool query --pass=PROMPT --digitalSignature --print
PKCS11:/usr/lib/pkcs11-spy.so
PIN code for ActivCard USB Reader 2.0 (60102D27) 00 00:
( Wrap Unwrap )
( Encrypt Decrypt Sign SigRecov Verify VerRecov Generate KeyPair Wrap
Unwrap )
match found
(have private key)
issuer: "OU=CA,OU=Kansas City Plant,OU=Department of Energy,O=U.S.
Government,C=US"
subject: "2.5.4.5=u60267+CN=Michael B.
Alexander,OU=local,OU=person,OU=Kansas City Plant,OU=Department of
Energy,O=U.S. Government,C=US"
From what I understand, the hxtool is querying the smart card in the same
mechanism that pk-init will. The hxquery tool has correctly identified
the signing key on the card, and so should pk-init. Tonight, the snapshot
that includes leaves the session open after the FindObjects locates the
object later used in the hKey value, will be assembled. I'll give that a
try when it is available.

Mike
.




Love Hörnquist Åstrand <***@kth.se>
09/05/2006 02:46 PM

To
***@kcp.com
cc
"Douglas E. Engert" <***@anl.gov>, heimdal-***@sics.se
Subject
Re: pkinit integration with smart card







5 sep 2006 kl. 20.58 skrev Love Hörnquist Åstrand:

cert: 0 (have private key)
issuer: "OU=CA,OU=Kansas City Plant,OU=Department of Energy,O=U.S.
Government,C=US"
subject: "2.5.4.5=u60267+CN=Michael B.
Alexander,OU=local,OU=person,OU=Kansas City Plant,OU=Department of
Energy,O=U.S. Government,C=US"
cert: 1 (have private key)
issuer: "OU=CA,OU=Kansas City Plant,OU=Department of Energy,O=U.S.
Government,C=US"
subject: "2.5.4.5=u60267+CN=Michael B.
Alexander,OU=local,OU=person,OU=Kansas City Plant,OU=Department of
Energy,O=U.S. Government,C=US"

And here it the real problem, you have two cert/public key/private key
triplets on the card
and the code that is supposed to select the signing certificate somehow
failes to do the
right thing, it chooses the encryption only cert/key, and after that,
everything goes bad.

I'll try to add certs like that to the regression tests.

I apperenty already had those kind of certificates, but just not support
in hxtool to
use them, pk-init should use them.

With the patch below you can test if the selection code works for your
certificates.

$ for a in "" "-ke-only" "-ds-only" ; do ./hxtool query --digitalSig
--print \ FILE:$HOME/src/heimdal/lib/hx509/data/test$a.crt ; done
match found
private key: no
issuer: "C=SE,CN=hx509 Test Root CA"
subject: "CN=Test cert,C=SE"
no match found (569873)
match found
private key: no
issuer: "C=SE,CN=hx509 Test Root CA"
subject: "CN=Test cert DigitalSignature,C=SE"


http://people.su.se/~lha/patches/heimdal/hxtool-query-flag-print.patch


Love
m***@kcp.com
2006-08-31 21:21:44 UTC
Permalink
Interestingly when I use the patch for OpenSSH
(http://alon.barlev.googlepages.com/openssh-pkcs11) that enables PKCS11 it
does work.

The in data for both heimdal pkinit and SSH are a lenght of 35 bytes. The
last two entries from the PKCS11 Spy output are:
37: C_SignInit
[in] hSession = 0x812c988
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x814c998
Returned: 0 CKR_OK


38: C_Sign
[in] hSession = 0x812c988
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 00041477 B815C0A7 F509B19F E6F409FD
6F04DBE3
9BDEAE
[out] pSignature[*pulSignatureLen] [size : 0x80 (128)]
85DAB1D8 8D06583C 91E4B1F4 6E51C720 CFEA95FD 6F437335 E7AC180B
559AAFAB
444E8B3D 6CC78BB4 0C992D5D 69FBAA9E 70FC77B0 7A7F64CC E20B562B
8EEB19D0
03F1CC37 CE1AEBBA B724313F 350048CB DF152A4E A91B6AEB 72839AB6
C38D2F79
3B5A4AEF FA66E363 54AEADA0 C1C0622E 20270162 F92AFDAA A794E56D
2CB4C7E9
Returned: 0 CKR_OK




"Douglas E. Engert" <***@anl.gov>
Sent by: owner-heimdal-***@sics.se
08/31/2006 01:41 PM

To
***@kcp.com
cc
heimdal-***@sics.se
Subject
Re: pkinit integration with smart card






I have gotten the Heimdal to work with other OpenSC supported cards.

It could be that the card says it has the CKM_RSA_PKCS but really does
not or the pkcs11 lib is simulating CKM_RSA_PKCS and is having problems
doing the padding. It might be possible to use the CKM_RSA_X_509 (raw)
mechanisum, by doing the PKCS padding first, then calling the C_Sign
functions.

Could also be that the pkcs11 is expecting the pSignature and
pSignatureLen
to be set correctly, i.e. for a 1024 key, to a 128 byte buffer, and it is
returing the wrong error code.

If you can use the OpenSC spy, can you use the pkcs11-tool as well
pointing it at your PKCS11( -module <sharedlib>)? What mechanisums does
it say it has?
Post by m***@kcp.com
Any idea as to why I would receive a CKR_FUNCTION_FAILED error on the
C_Sign operation from PKCS11 module?
I'm getting to the signature operation on the smart card for PKINIT when
the kinit segment faults. I used the pkcs11 spy library from OpenSC and
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806b860
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806b860
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052508
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806b860
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 00041496 9A0A7A5A 74DA942D CA0160DF
CEABACB2
EB2E3F
Returned: 6 CKR_FUNCTION_FAILED
I've been trying to get the pkinit functionality to work with the
ActivCard Gold middleware product. They provide the pkcs11 module; using
this module I'm able to get it to work with SSH using a patch, but I have
not had success with heimdal.
The module does not implement the CKA_PUBLIC_EXPONENT class. Originally,
the kinit aborts due to the missing exponent and so that's manually
inserted to the value from the certificates on the Smart Card in the
ks_p11.c.
rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT);
if (rsa->e == NULL)
BN_dec2bn(&rsa->e, "65537");
if (rsa->e == NULL)
_hx509_abort("CKA_PUBLIC_EXPONENT missing");
I've also changed the rsa->e to any number with the same results, so I'm
wondering if I'm doing it right.
--
Douglas E. Engert <***@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Love Hörnquist Åstrand
2006-09-01 13:16:06 UTC
Permalink
Datum: fredag 1 sep 2006 15.15.41 GMT+02:00
Ämne: Re: pkinit integration with smart card
The pkcs11 code in heimdal assumes that the library supports
CKM_RSA_PKCS,
I guess I'm quite wrong in that assumption is generally true.
I hope this isn't a smartcard with a slow cpu or slow pipe,
otherwise it going to suck
to push over the data to sign to the card. It might be so that we
have some luck
in the Kerberos PK-INIT profile mandates signedAttrs, and that will
cut down the data
to 100-200byte from multi KB.
The crypto glue in hx509 needs some refactoring if you can't get
your card to do CKM_RSA_PKCS11.
Love
Post by m***@kcp.com
Thanks for the response. Complely new to these low level points
with the Smart Card so I've been looking up some terms, I
appreciate the advice.
pkcs11-tool --module /usr/local/acgold/lib/libpkcs11.so -M
RSA-PKCS, wrap, unwrap, other flags=0x20000
SHA1-RSA-PKCS, sign, verify, wrap, unwrap, encrypt, decrypt,
keypairgen, other flags=0x2d000
The length of the destination buffer is 128 bytes. The length of
the signature in pData is 35 bytes. Is the CKM_RSA_X_509
mechanism a tool of the Card? Should/could the pData for
signature be padded to 128 with a method external to the card?
08/31/2006 01:41 PM
To
cc
Subject
Re: pkinit integration with smart card
I have gotten the Heimdal to work with other OpenSC supported cards.
It could be that the card says it has the CKM_RSA_PKCS but really
does
not or the pkcs11 lib is simulating CKM_RSA_PKCS and is having
problems
doing the padding. It might be possible to use the CKM_RSA_X_509
(raw)
mechanisum, by doing the PKCS padding first, then calling the C_Sign
functions.
Could also be that the pkcs11 is expecting the pSignature and
pSignatureLen
to be set correctly, i.e. for a 1024 key, to a 128 byte buffer,
and it is
returing the wrong error code.
If you can use the OpenSC spy, can you use the pkcs11-tool as well
pointing it at your PKCS11( -module <sharedlib>)? What mechanisums
does
it say it has?
Post by m***@kcp.com
Any idea as to why I would receive a CKR_FUNCTION_FAILED error
on the
Post by m***@kcp.com
C_Sign operation from PKCS11 module?
I'm getting to the signature operation on the smart card for
PKINIT when
Post by m***@kcp.com
the kinit segment faults. I used the pkcs11 spy library from
OpenSC and
Post by m***@kcp.com
33: C_OpenSession
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x806b860
Returned: 0 CKR_OK
34: C_SignInit
[in] hSession = 0x806b860
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x8052508
Returned: 0 CKR_OK
35: C_Sign
[in] hSession = 0x806b860
[in] pData[ulDataLen] [size : 0x23 (35)]
30213009 06052B0E 03021A05 00041496 9A0A7A5A 74DA942D CA0160DF
CEABACB2
EB2E3F
Returned: 6 CKR_FUNCTION_FAILED
I've been trying to get the pkinit functionality to work with the
ActivCard Gold middleware product. They provide the pkcs11
module; using
Post by m***@kcp.com
this module I'm able to get it to work with SSH using a patch,
but I have
Post by m***@kcp.com
not had success with heimdal.
The module does not implement the CKA_PUBLIC_EXPONENT class.
Originally,
Post by m***@kcp.com
the kinit aborts due to the missing exponent and so that's manually
inserted to the value from the certificates on the Smart Card in
the
Post by m***@kcp.com
ks_p11.c.
rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT);
if (rsa->e == NULL)
BN_dec2bn(&rsa->e, "65537");
if (rsa->e == NULL)
_hx509_abort("CKA_PUBLIC_EXPONENT missing");
I've also changed the rsa->e to any number with the same
results, so I'm
Post by m***@kcp.com
wondering if I'm doing it right.
--
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Love Hörnquist Åstrand
2006-09-06 15:28:31 UTC
Permalink
Progress! Thanks, Love and Doug! I get output from according to
the p11 logs for the signature. That's great!
$ kinit -C PKCS11:/usr/lib/pkcs11-spy.so
( Wrap Unwrap )
( Encrypt Decrypt Sign SigRecov Verify VerRecov Generate KeyPair
Wrap Unwrap )
kinit: krb5_get_init_creds: Unknown error 569894
So that's a big hurdle gotten past. I need to see where I'm
hanging up on now, but I ran a quick packet capture and packets are
getting sent the the domain controller.
that error is HX509_CMS_NO_RECIPIENT_CERTIFICATE and it means that the
CMS lib doesn't find the certificate that made the signature/
encryption. I assume
DH is used, so that would be signature then.

I need to add more debug message to figure out, but inf you can run
gdb on kinit
and try to figure out why find_CMSIdentifier() doesn't find the
certificate (if its even passed
back from the KDC).

Love
Love Hörnquist Åstrand
2006-09-06 19:09:54 UTC
Permalink
Post by Love Hörnquist Åstrand
that error is HX509_CMS_NO_RECIPIENT_CERTIFICATE and it means that the
CMS lib doesn't find the certificate that made the signature/
encryption. I assume
DH is used, so that would be signature then.
I need to add more debug message to figure out, but inf you can run
gdb on kinit
and try to figure out why find_CMSIdentifier() doesn't find the
certificate (if its even passed
back from the KDC).
I've sprinked some more error message, tonight snapshot will
hopefully tell you whats missing
if I got the bridge between hx509 and krb5 libs right. hxtool now
tells me this on the same type
of failure:

$ hxtool cms-verify-sd .... test-signed-data-noattr-nocerts sd.data.out
hxtool: hx509_cms_verify_signed: Failed to find cert issued by
C=SE,CN=hx509 Test Root CA with serial number 02

Love

Douglas E. Engert
2006-09-06 16:05:12 UTC
Permalink
Progress! Thanks, Love and Doug! I get output from according to the p11
logs for the signature. That's great!
$ kinit -C PKCS11:/usr/lib/pkcs11-spy.so
( Wrap Unwrap )
( Encrypt Decrypt Sign SigRecov Verify VerRecov Generate KeyPair Wrap
Unwrap )
kinit: krb5_get_init_creds: Unknown error 569894
So that's a big hurdle gotten past. I need to see where I'm hanging up on
now, but I ran a quick packet capture and packets are getting sent the the
domain controller.
Did you get the CA certificate copied to the trusted cert directory?
and add the win2k_pkinit = yes and other pkinit_* options to the realm
section of the krb5.conf?

Also who generated the certificate on the card? I believe for Windows login,
the certificate has to have the Smartcard Login attribute, and the UPN. Thus it
must be a certificate generated by the Windows Enterprise CA.
09/06/2006 05:02 AM
To
cc
Subject
Re: pkinit integration with smart card
Post by Douglas E. Engert
Post by Love Hörnquist Åstrand
The standard say one login is enough for all session since they
all share
the same loginstate.
That said, I can belive you that this is the case, I've commited
code that should
deal with by keeping the session around. See next snapshot
generated in
a couple of hours.
Version 2.01 C_CloseSesion says: "When a sesion is closed, all session
objects created by the sesion are destroyed automaticly, even if the
application has other sessions "using" the objects".
I was more thinking about the login state, ever relised that closeing of
session change the objects too.
Post by Douglas E. Engert
I would infer that this may be the problem with the hKey object,
as it was found using one session then was trying to be used in the
other session, and the two sesisons where no open at the same time
either.
Sounds like you change should address this problem, and I hope .
I would guess so to, I changed the soft-pkcs11 to have
the close-session-invalidates-object behavior and with the simple
testing I did the new code worked.
Thanks,
Love
--
Douglas E. Engert <***@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
m***@kcp.com
2006-09-06 17:26:17 UTC
Permalink
I included the krb5.conf file from my client. I was trying to
authenticate with an AD server. The CA is from Entrust, not a Windows
Enterprise CA. we have the SubjAltName populated with the UPN, e.g.
***@ad.kcp.com. I can use this Smart Card to authenticate with Active
Directory through a Windows client on XP or 2000 with the ActivClient
libraries loaded. I dumped the certificates on the card from Entrust with
what I think is the EKU for the Smart Card.

$ pkcs11-tool --module /usr/local/acgold/lib//libpkcs11.so \
--read-object CKO_CERTIFICATE --type cert \
--label Certificate1 | openssl x509 -inform DER -noout -text
<snip certificate output>
X509v3 Private Key Usage Period:
Not Before: Aug 3 16:07:50 2006 GMT, Not After: Sep 8
20:37:50 2008 GMT
X509v3 Extended Key Usage:
TLS Web Client Authentication, Microsoft Smartcardlogin
X509v3 Certificate Policies:
Policy: 2.16.840.1.101.3.2.1.10.4
<snip certificate output>

The pkinit-anchors under appdefaults points to the certificate for the CA,
the CA that issues the certificates on my Smart Card, other options
win2k_pkini is yes, win2k_pkinit_require_binding is no and the
pkinit_require_eku and pkinit_require_krbtgt_otherName are both set to
false.

I'm going to reconfigure my client to try to authenticate with a Heimdal
KDC using pk-init through PKCS11 with the Smart Card to see if it's the
interaction between Windows and the pkinit where the break down is
occuring.

[libdefaults]
ticket_lifetime = 600
default_realm = AD.KCP.COM
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
#default_etypes = des-cbc-md5

[appdefaults]
#pkinit-anchors =
OPENSSL-ANCHOR-DIR:/usr/local/acgold/certificates
pkinit-anchors = FILE:/home/u60267/ad_test/kcpca1.pem
win2k_pkinit = yes

[realms]
AD.KCP.COM = {
kdc = dc1.ad.kcp.com:88
#admin_server = kerberos.example.com:749
win2k_pkinit = yes
win2k_pkinit_require_binding = no
pkinit_require_eku = false
pkinit_require_krbtgt_otherName = false
}

TEST.KCP.COM = {
kdc = tdc3.test.kcp.com:88
#pkinit_require_eku = true
#pkinit_require_krbtgt_otherName = true
win2k_pkinit = yes
#win2k_pkinit_require_binding = yes
}

HTEST.KCP.COM = {
kdc = pc9290.ad.kcp.com:88
#pkinit_require_eku = true
#pkinit_require_krbtgt_otherName = true
win2k_pkinit = yes
#win2k_pkinit_require_binding = yes
}

[domain_realm]
.ad.kcp.com = AD.KCP.COM
ad.kcp.com = AD.KCP.COM
.test.kcp.com = TEST.KCP.COM
test.kcp.com = TEST.KCP.COM
.htest.kcp.com = HTEST.KCP.COM
htest.kcp.com = HTEST.KCP.COM
pc31216 = AD.KCP.COM

[kdc]
profile = /etc/krb5kdc/kdc.conf
#pkinit-anchors =
OPENSSL-ANCHOR-DIR:/usr/local/acgold/certificates
pkinit-anchors = FILE:/home/u60267/ad_test/kcpca1.pem



[logging]
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmin.log
default = FILE:/var/log/krb5lib.log



"Douglas E. Engert" <***@anl.gov>
09/06/2006 11:05 AM

To
***@kcp.com
cc
Love Hörnquist Åstrand <***@kth.se>, heimdal-***@sics.se
Subject
Re: pkinit integration with smart card
Progress! Thanks, Love and Doug! I get output from according to the p11
logs for the signature. That's great!
$ kinit -C PKCS11:/usr/lib/pkcs11-spy.so
( Wrap Unwrap )
( Encrypt Decrypt Sign SigRecov Verify VerRecov Generate KeyPair Wrap
Unwrap )
kinit: krb5_get_init_creds: Unknown error 569894
So that's a big hurdle gotten past. I need to see where I'm hanging up on
now, but I ran a quick packet capture and packets are getting sent the the
domain controller.
Did you get the CA certificate copied to the trusted cert directory?
and add the win2k_pkinit = yes and other pkinit_* options to the realm
section of the krb5.conf?

Also who generated the certificate on the card? I believe for Windows
login,
the certificate has to have the Smartcard Login attribute, and the UPN.
Thus it
must be a certificate generated by the Windows Enterprise CA.
09/06/2006 05:02 AM
To
cc
Subject
Re: pkinit integration with smart card
Post by Douglas E. Engert
Post by Love Hörnquist Åstrand
The standard say one login is enough for all session since they
all share
the same loginstate.
That said, I can belive you that this is the case, I've commited
code that should
deal with by keeping the session around. See next snapshot
generated in
a couple of hours.
Version 2.01 C_CloseSesion says: "When a sesion is closed, all session
objects created by the sesion are destroyed automaticly, even if the
application has other sessions "using" the objects".
I was more thinking about the login state, ever relised that closeing of
session change the objects too.
Post by Douglas E. Engert
I would infer that this may be the problem with the hKey object,
as it was found using one session then was trying to be used in the
other session, and the two sesisons where no open at the same time
either.
Sounds like you change should address this problem, and I hope .
I would guess so to, I changed the soft-pkcs11 to have
the close-session-invalidates-object behavior and with the simple
testing I did the new code worked.
Thanks,
Love
--
Douglas E. Engert <***@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Loading...