I think I just had a light bulb go off.
The hKey value isn't a key like a symmetric key. The hKey value
is an object on the card, that is the private key. Is this right?
The hKey value is found in Mozilla with
a FindObjectsInit using the pTemplate[2]:
[in] pTemplate[2]: CKA_ID
[size : 0x1 (1)] 00 CKA_CLASS
CKO_PRIVATE_KEY
The object that matches is returned
and used in the SignInit function.
In heimdal pkinit it looks like it sends
the FindObjectsInit with just the CKA_CLASS for the Private key. Can
I add the CKA_ID for 00 in the FindObjectsInit?
"Douglas E. Engert"
<deengert@anl.gov> Sent by: owner-heimdal-discuss@sics.se
> Thanks for the response. Complely new to these low level points
with the
> Smart Card so I've been looking up some terms, I appreciate the advice.
>
> I looked at the PKCS11-tool output first:
> pkcs11-tool --module /usr/local/acgold/lib/libpkcs11.so -M Supported
> mechanisms:
I am not sure what the other flags are, but I would expect the
RSA-PKCS would have sign, verify, wrap, unwrap, and maybe decrypt.
Note it did not say sign, which is the operation you are trying to do.
The available mechanisum from PKCS11 are a combinatiuon of what can be
done
in the software and the smartcard. For example the SHA1 hash might be done
by sending the data to the card, or could be done by the pkcs11 software
to produce the hash.
I am suprised if it can do SHA1_RSA_PKCS sign, it can't do
RSA_PKCS as this just skips the hash set.
> The length of the destination buffer is 128 bytes. The length
of the
> signature in pData is 35 bytes. Is the CKM_RSA_X_509 mechanism
a tool of
> the Card? Should/could the pData for signature be padded to
128 with a
> method external to the card?
A sign with RSA_PKCS says take the input and pad with PKCS padding 01 then
do an RSA encrypt using the private key. The data must be less then
keysize-11 so normally the data sent is a hash of the data you really want
to sign.
A sign with SHA1_RSA_PKCS says pass the data (any length) to the C_Sign
or
(C_SignUpdate...+C_SignFinal) then do the padding and encrypt with RSA.
So as Love pointed out, the Heimdal applicaiton could send the data
pre hashed data to the PKCS11 using SHA1_RSA_PKCS.
>
>
>
>
>
> "Douglas E. Engert" <deengert@anl.gov>
> Sent by: owner-heimdal-discuss@sics.se
> 08/31/2006 01:41 PM
>
> To
> malexander@kcp.com
> cc
> heimdal-discuss@sics.se
> Subject
> Re: pkinit integration with smart card
>
>
>
>
>
>
> I have gotten the Heimdal to work with other OpenSC supported cards.
>
> It could be that the card says it has the CKM_RSA_PKCS but really
does
> not or the pkcs11 lib is simulating CKM_RSA_PKCS and is having problems
> doing the padding. It might be possible to use the CKM_RSA_X_509
(raw)
> mechanisum, by doing the PKCS padding first, then calling the C_Sign
> functions.
>
> Could also be that the pkcs11 is expecting the pSignature and
> pSignatureLen
> to be set correctly, i.e. for a 1024 key, to a 128 byte buffer, and
it is
> returing the wrong error code.
>
> If you can use the OpenSC spy, can you use the pkcs11-tool as well
> pointing it at your PKCS11( -module <sharedlib>)? What mechanisums
does
> it say it has?
>
>
>
> malexander@kcp.com wrote:
>
>
>>Any idea as to why I would receive a CKR_FUNCTION_FAILED error
on the
>>C_Sign operation from PKCS11 module?
>>
>>I'm getting to the signature operation on the smart card for PKINIT
when
>
>
>>the kinit segment faults. I used the pkcs11 spy library from
OpenSC and
>
>
>>the final operations it records with the card are:
>>33: C_OpenSession
>>[in] slotID = 0x1
>>[in] flags = 0x4
>>pApplication=(nil)
>>Notify=(nil)
>>[out] *phSession = 0x806b860
>>Returned: 0 CKR_OK
>>
>>
>>34: C_SignInit
>>[in] hSession = 0x806b860
>>pMechanism->type=CKM_RSA_PKCS
>>[in] hKey = 0x8052508
>>Returned: 0 CKR_OK
>>
>>
>>35: C_Sign
>>[in] hSession = 0x806b860
>>[in] pData[ulDataLen] [size : 0x23 (35)]
>> 30213009 06052B0E 03021A05 00041496 9A0A7A5A 74DA942D
CA0160DF
>>CEABACB2
>> EB2E3F
>>Returned: 6 CKR_FUNCTION_FAILED
>>
>>I've been trying to get the pkinit functionality to work with the
>>ActivCard Gold middleware product. They provide the pkcs11
module;
>
> using
>
>>this module I'm able to get it to work with SSH using a patch,
but I
>
> have
>
>>not had success with heimdal.
>>
>>The module does not implement the CKA_PUBLIC_EXPONENT class. Originally,
>
>
>>the kinit aborts due to the missing exponent and so that's manually
>>inserted to the value from the certificates on the Smart Card in
the
>>ks_p11.c.
>>
>>rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT);
>>if (rsa->e == NULL)
>> BN_dec2bn(&rsa->e, "65537");
>>if (rsa->e == NULL)
>> _hx509_abort("CKA_PUBLIC_EXPONENT
missing");
>>
>>I've also changed the rsa->e to any number with the same results,
so I'm
>
>
>>wondering if I'm doing it right.
>>
>
>
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444