Re: [opensc-devel] obtaining a CSR for a token-generated (and locked-on-token) keypair

2012-11-12 Thread Andreas Schwier 
Hi Anthony,

I've tried myself to get it working with openssl and engine-pkcs11.

Apparently engine-pkcs11 only implements functions to read certificates
and use keys for signing. There is no support to generate keys via
openssl using the -newkey option.

Because of that, you can not - within the same session - generate a key
pair and sign the CSR with that private key. If the key already has a
certificate, then it works because opensc extracts the public key object
from the certificate.

There are two options to fix this:

a) Add support for key generation to engine-pkcs11 or
b) Store newly generated public keys in the SmartCard-HSM between sessions

Option a) seems difficult to me, as I don't know the openssl code well
enough. Option b) scarifies a security principle of the SmartCard-HSM:
No untrusted information path.

Providing the plain public key in a (untrusted) PKCS#11 session is
already a trade-off, but maybe we also need a way to make the
unprotected public key available between sessions.

In the meantime I would suggest to use XCA or the simple CA setup from
the support scripts (demo/x509/issuecert.js).

Andreas



Am 11.11.2012 23:50, schrieb Anthony Foiani:
 Nikos --

 Thanks for the quick reply!

 On Sun, Nov 11, 2012 at 12:42 PM, Nikos Mavrogiannopoulos
 n.mavrogiannopou...@gmail.com wrote:

 Your question was on openssl,
 Apologies if it was off-topic; it got to the point where I couldn't
 tell which component was complaining.

 Also, my initial goal is to use the token to authenticate data from an
 embedded instrument; as such, I figured that was more in the opensc
 world than openssl.

 (Eventually I'd like to use the token to provide that instrument with
 a server-side HTTPS certificate as well, which would of course get me
 back to openssl or similar tool.  But that's further down the path.)

 but just in case someone is interested.
 If you have any recent version of gnutls you could simply do that by
 using the PKCS #11 URLs of the objects. That is:

 certtool --generate-request --outfile req.pem --load-privkey
 pkcs11:yyy --load-pubkey pkcs11:xxx

 should generate a request from the objects based on a smart card. The
 pkcs11: URLs are obtained using the p11tool --list-all --login command.
 Nice -- thank you for the pointer!

 Unfortunately, I don't think this can work with a keypair generated on
 the CC-HSM.

 First, the public key is only available during the same session that
 generates the pair; it disappears after the session disappears.  One
 can capture the public key at generation time using the instructions
 provided by CardContact here:

 http://www.opensc-project.org/opensc/wiki/SmartCardHsm#Generatekeypair

 This does work, but it leaves me with a public key in SPKI format, and
 I'm too ignorant to figure out how to turn that into something that
 OpenSSL can work with.

 Second, the private key is not extractable, so the certtool won't be
 able to load it from the card.  (Unless --load-privkey actually
 means use this privkey, but it's really just a reference to doing it
 on the token itself.)

 So far as I know, what I would really like the openssl req tool to do is:

 1. Read the public key from a given file on the regular OS filesystem
 [somehow dealing with the SPKI-whatever format issue];

 2. Prompt me for the X.509 request parameters;

 3. Construct the X.509 certificate request;

 4. Sign that request on the CC-HSM token using the private key on the card;

 5. Output the signed CSR onto the regular OS filesystem.

 But I have not yet figured out the correct incantation for that.

 Best regards,
 Anthony Foiani
 ___
 opensc-devel mailing list
 opensc-devel@lists.opensc-project.org
 http://www.opensc-project.org/mailman/listinfo/opensc-devel


-- 

-CardContact Software  System Consulting
   |.## ##.|   Andreas Schwier
   |#   #|   Schülerweg 38
   |#   #|   32429 Minden, Germany
   |'## ##'|   Phone +49 571 56149
-http://www.cardcontact.de
 http://www.tscons.de
 http://www.openscdp.org

___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] obtaining a CSR for a token-generated (and locked-on-token) keypair

2012-11-12 Thread Andreas Schwier 
Dear Anthony,

I've created a patch [1] that adds storing the internally generated
certificate signing request in place of the certificate. This makes the
public key available in subsequent sessions until the certificate
overwrites the CSR. I've tried it with engine-pkcs11 and got a signed
PKCS#10 request.

Please let me know if it works for you.

Andreas


[1]
https://github.com/CardContact/OpenSC/commit/9dec8c35c71b94742bc75c08f33b91616bb4c9cb


Am 12.11.2012 07:54, schrieb Anthony Foiani:
 Andreas --

 On Sun, Nov 11, 2012 at 6:31 AM, Andreas Schwier
 andreas.schw...@cardcontact.de wrote:

 The suggested way in the meantime is to generate the key pair, extract
 the public key and generate a CSR externally, signing it with the
 private key on the device.
 I haven't tried that precise sequence yet -- I tried it with openssl
 and it complained, I still need to try it with certtool as described
 by Nikos.

 I did try creating the keypair and certificate in software, then
 installing the resulting bits onto the token.

 I managed to install the certificate (which also provides the public key):

 $ echo $tool
 /usr/local/bin/pkcs11-tool --module /usr/local/lib/opensc-pkcs11.so
 --login --pin 648219

 $ LD_LIBRARY_PATH=/usr/local/lib $tool -O
 Using slot 1 with a present token (0x1)
 Certificate Object, type = X.509 cert
   label:  Foo
   ID: 10
 Public Key Object; RSA 2048 bits
   label:  Foo
   ID: 10
   Usage:  encrypt, verify

 Although the public key does not have the wrap usage flag set;
 compare with a keypair generated on the token:

 $ LD_LIBRARY_PATH=/usr/local/lib $tool \
   --keypairgen --key-type rsa:2048 --id 11 \
   --read-object --id 11 --type pubkey --output-file foobar.pub
 Using slot 1 with a present token (0x1)
 Key pair generated:
 Private Key Object; RSA
   label:  Private Key
   ID: 11
   Usage:  decrypt, sign, unwrap
 Public Key Object; RSA 2048 bits
   label:  Private Key
   ID: 11
   Usage:  encrypt, verify, wrap

 However, the bigger problem came when I tried to install the private key:

 $ LD_LIBRARY_PATH=/usr/local/lib $tool --write-object foo2a.key.der
 --id 11 --type privkey --label Foo
 Using slot 1 with a present token (0x1)
 error: PKCS11 function C_CreateObject failed: rv =
 CKR_ATTRIBUTE_VALUE_INVALID (0x13)
 Aborting.

 Turning on debugging (after making trivial repairs to the debug output
 code), it seems that these are the attributes that are getting
 stuffed:

 CKA_CLASS = CKO_PRIVATE_KEY
 CKA_TOKEN = TRUE
 CKA_PRIVATE = TRUE
 CKA_SENSITIVE = TRUE
 CKA_LABEL = Foo
 CKA_ID = 10
 CKA_KEY_TYPE = 0x7fff6d1c1175
 CKA_MODULUS = C770D5...
 CKA_PUBLIC_EXPONENT = 010001
 CKA_PRIVATE_EXPONENT = 97F798...
 CKA_PRIME_1 = EFE5AD...
 CKA_PRIME_2 = D4D3F6...
 CKA_EXPONENT_1 = 5815FD...
 CKA_EXPONENT_2 = 2DD24D...
 CKA_COEFFICIENT = 62BD2B...

 Looking for similar instances on the web, the recommendation seems to
 be: hack pkcs11-tool to remove individual attributes until you find
 which one the token is complaining about.

 With your visibility into the software on the token, I'm hoping that
 you can help us avoid that kind of trial and error.  :)

 Thanks very much for your help so far, and we're looking forward to
 hearing the results of your tests with openssl.

 Best regards,
 Anthony Foiani


-- 

-CardContact Software  System Consulting
   |.## ##.|   Andreas Schwier
   |#   #|   Schülerweg 38
   |#   #|   32429 Minden, Germany
   |'## ##'|   Phone +49 571 56149
-http://www.cardcontact.de
 http://www.tscons.de
 http://www.openscdp.org

___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel