On Wed, Apr 10, 2019 at 12:59 PM Jan Just Keijser <janj...@nikhef.nl> wrote:
> On 10/04/19 17:58, Selva Nair wrote: > > Hi, > > This is more relevant to OpenVPN than OpenSSL, so copying to the > openvpn-devel list. > > On Wed, Apr 10, 2019 at 10:11 AM Francois Gelis <francois.ge...@gmail.com> > wrote: > >> Hi all, >> >> I have a working openvpn setup with client certificate and private key >> stored on my laptop. Then, I have loaded them into a smartcard (Yubico 5 >> NFC), and modified accordingly the openvpn client config. But running the >> openvpn client now fails with an error that seems to originate inside >> openssl. Here is a verbose openvpn log (only the portion that seems >> relevant for this error, but I have the full log if useful): >> >> Sat Apr 6 15:57:20 2019 us=467260 Incoming Ciphertext -> TLS >> Sat Apr 6 15:57:20 2019 us=467271 SSL state (connect): SSLv3/TLS read >> server hello >> Sat Apr 6 15:57:20 2019 us=467468 VERIFY OK: depth=1, CN=FG-CA >> Sat Apr 6 15:57:20 2019 us=467598 VERIFY KU OK >> Sat Apr 6 15:57:20 2019 us=467609 Validating certificate extended key >> usage >> Sat Apr 6 15:57:20 2019 us=467615 ++ Certificate has EKU (str) TLS Web >> Server Authentication, expects TLS Web Server Authentication >> Sat Apr 6 15:57:20 2019 us=467620 VERIFY EKU OK >> Sat Apr 6 15:57:20 2019 us=467625 VERIFY OK: depth=0, CN=tx2 >> Sat Apr 6 15:57:20 2019 us=467650 SSL state (connect): SSLv3/TLS read >> server certificate >> Sat Apr 6 15:57:20 2019 us=467735 SSL state (connect): SSLv3/TLS read >> server key exchange >> Sat Apr 6 15:57:20 2019 us=467763 SSL state (connect): SSLv3/TLS read >> server certificate request >> Sat Apr 6 15:57:20 2019 us=467771 SSL state (connect): SSLv3/TLS read >> server done >> Sat Apr 6 15:57:20 2019 us=467845 SSL state (connect): SSLv3/TLS write >> client certificate >> Sat Apr 6 15:57:20 2019 us=468012 SSL state (connect): SSLv3/TLS write >> client key exchange >> Sat Apr 6 15:57:20 2019 us=468053 PKCS#11: __pkcs11h_openssl_rsa_enc >> entered - flen=256, from=0x559d078d6e70, to=0x559d078d6bc0, >> rsa=0x559d078b3630, padding=3 >> Sat Apr 6 15:57:20 2019 us=468060 PKCS#11: __pkcs11h_openssl_rsa_enc - >> return rv=112-'CKR_MECHANISM_INVALID' >> Sat Apr 6 15:57:20 2019 us=468070 SSL alert (write): fatal: internal >> error >> Sat Apr 6 15:57:20 2019 us=468085 OpenSSL: error:141F0006:SSL >> routines:tls_construct_cert_verify:EVP lib >> Sat Apr 6 15:57:20 2019 us=468092 TLS_ERROR: BIO read tls_read_plaintext >> error >> Sat Apr 6 15:57:20 2019 us=468097 TLS Error: TLS object -> incoming >> plaintext read error >> Sat Apr 6 15:57:20 2019 us=468101 TLS Error: TLS handshake failed >> >> Somehow, it seems that __pkcs11h_openssl_rsa_enc was called with an >> unexpected padding. Any ideas on what might be the cause of this? >> >> > As I replied to the openssl-users list[*], pkcs11-helper only supports > PKCS1 signatures, not raw signature needed in this case. > > We have to either patch pkcs11-helper or switch to something else. > > > patching pkcs11-helper does not seem too difficult for this particular > case - but how can we test it? I have access to hw tokens but I don't know > how to trigger the "raw signature" bit. > If both server and client are built with OpenSSL 1.1.1 and TLS version is >= 1.2, PSS padding will get used and trigger this. OpenSSL does PSS padding internally and passes the padded data to the rsa_priv_enc calback for raw signature. This is based on my tests for our Windows cryptoapi and management-external-key patches for the same -- never tried this using pkcs11-helper, but I expect the same behaviour. Selva
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
