Re: [opensc-devel] obtaining a CSR for a token-generated (and locked-on-token) keypair
Hi Anthony, I've tried myself to get it working with openssl and engine-pkcs11. Apparently engine-pkcs11 only implements functions to read certificates and use keys for signing. There is no support to generate keys via openssl using the -newkey option. Because of that, you can not - within the same session - generate a key pair and sign the CSR with that private key. If the key already has a certificate, then it works because opensc extracts the public key object from the certificate. There are two options to fix this: a) Add support for key generation to engine-pkcs11 or b) Store newly generated public keys in the SmartCard-HSM between sessions Option a) seems difficult to me, as I don't know the openssl code well enough. Option b) scarifies a security principle of the SmartCard-HSM: No untrusted information path. Providing the plain public key in a (untrusted) PKCS#11 session is already a trade-off, but maybe we also need a way to make the unprotected public key available between sessions. In the meantime I would suggest to use XCA or the simple CA setup from the support scripts (demo/x509/issuecert.js). Andreas Am 11.11.2012 23:50, schrieb Anthony Foiani: Nikos -- Thanks for the quick reply! On Sun, Nov 11, 2012 at 12:42 PM, Nikos Mavrogiannopoulos n.mavrogiannopou...@gmail.com wrote: Your question was on openssl, Apologies if it was off-topic; it got to the point where I couldn't tell which component was complaining. Also, my initial goal is to use the token to authenticate data from an embedded instrument; as such, I figured that was more in the opensc world than openssl. (Eventually I'd like to use the token to provide that instrument with a server-side HTTPS certificate as well, which would of course get me back to openssl or similar tool. But that's further down the path.) but just in case someone is interested. If you have any recent version of gnutls you could simply do that by using the PKCS #11 URLs of the objects. That is: certtool --generate-request --outfile req.pem --load-privkey pkcs11:yyy --load-pubkey pkcs11:xxx should generate a request from the objects based on a smart card. The pkcs11: URLs are obtained using the p11tool --list-all --login command. Nice -- thank you for the pointer! Unfortunately, I don't think this can work with a keypair generated on the CC-HSM. First, the public key is only available during the same session that generates the pair; it disappears after the session disappears. One can capture the public key at generation time using the instructions provided by CardContact here: http://www.opensc-project.org/opensc/wiki/SmartCardHsm#Generatekeypair This does work, but it leaves me with a public key in SPKI format, and I'm too ignorant to figure out how to turn that into something that OpenSSL can work with. Second, the private key is not extractable, so the certtool won't be able to load it from the card. (Unless --load-privkey actually means use this privkey, but it's really just a reference to doing it on the token itself.) So far as I know, what I would really like the openssl req tool to do is: 1. Read the public key from a given file on the regular OS filesystem [somehow dealing with the SPKI-whatever format issue]; 2. Prompt me for the X.509 request parameters; 3. Construct the X.509 certificate request; 4. Sign that request on the CC-HSM token using the private key on the card; 5. Output the signed CSR onto the regular OS filesystem. But I have not yet figured out the correct incantation for that. Best regards, Anthony Foiani ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel -- -CardContact Software System Consulting |.## ##.| Andreas Schwier |# #| Schülerweg 38 |# #| 32429 Minden, Germany |'## ##'| Phone +49 571 56149 -http://www.cardcontact.de http://www.tscons.de http://www.openscdp.org ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] obtaining a CSR for a token-generated (and locked-on-token) keypair
Dear Anthony, I've created a patch [1] that adds storing the internally generated certificate signing request in place of the certificate. This makes the public key available in subsequent sessions until the certificate overwrites the CSR. I've tried it with engine-pkcs11 and got a signed PKCS#10 request. Please let me know if it works for you. Andreas [1] https://github.com/CardContact/OpenSC/commit/9dec8c35c71b94742bc75c08f33b91616bb4c9cb Am 12.11.2012 07:54, schrieb Anthony Foiani: Andreas -- On Sun, Nov 11, 2012 at 6:31 AM, Andreas Schwier andreas.schw...@cardcontact.de wrote: The suggested way in the meantime is to generate the key pair, extract the public key and generate a CSR externally, signing it with the private key on the device. I haven't tried that precise sequence yet -- I tried it with openssl and it complained, I still need to try it with certtool as described by Nikos. I did try creating the keypair and certificate in software, then installing the resulting bits onto the token. I managed to install the certificate (which also provides the public key): $ echo $tool /usr/local/bin/pkcs11-tool --module /usr/local/lib/opensc-pkcs11.so --login --pin 648219 $ LD_LIBRARY_PATH=/usr/local/lib $tool -O Using slot 1 with a present token (0x1) Certificate Object, type = X.509 cert label: Foo ID: 10 Public Key Object; RSA 2048 bits label: Foo ID: 10 Usage: encrypt, verify Although the public key does not have the wrap usage flag set; compare with a keypair generated on the token: $ LD_LIBRARY_PATH=/usr/local/lib $tool \ --keypairgen --key-type rsa:2048 --id 11 \ --read-object --id 11 --type pubkey --output-file foobar.pub Using slot 1 with a present token (0x1) Key pair generated: Private Key Object; RSA label: Private Key ID: 11 Usage: decrypt, sign, unwrap Public Key Object; RSA 2048 bits label: Private Key ID: 11 Usage: encrypt, verify, wrap However, the bigger problem came when I tried to install the private key: $ LD_LIBRARY_PATH=/usr/local/lib $tool --write-object foo2a.key.der --id 11 --type privkey --label Foo Using slot 1 with a present token (0x1) error: PKCS11 function C_CreateObject failed: rv = CKR_ATTRIBUTE_VALUE_INVALID (0x13) Aborting. Turning on debugging (after making trivial repairs to the debug output code), it seems that these are the attributes that are getting stuffed: CKA_CLASS = CKO_PRIVATE_KEY CKA_TOKEN = TRUE CKA_PRIVATE = TRUE CKA_SENSITIVE = TRUE CKA_LABEL = Foo CKA_ID = 10 CKA_KEY_TYPE = 0x7fff6d1c1175 CKA_MODULUS = C770D5... CKA_PUBLIC_EXPONENT = 010001 CKA_PRIVATE_EXPONENT = 97F798... CKA_PRIME_1 = EFE5AD... CKA_PRIME_2 = D4D3F6... CKA_EXPONENT_1 = 5815FD... CKA_EXPONENT_2 = 2DD24D... CKA_COEFFICIENT = 62BD2B... Looking for similar instances on the web, the recommendation seems to be: hack pkcs11-tool to remove individual attributes until you find which one the token is complaining about. With your visibility into the software on the token, I'm hoping that you can help us avoid that kind of trial and error. :) Thanks very much for your help so far, and we're looking forward to hearing the results of your tests with openssl. Best regards, Anthony Foiani -- -CardContact Software System Consulting |.## ##.| Andreas Schwier |# #| Schülerweg 38 |# #| 32429 Minden, Germany |'## ##'| Phone +49 571 56149 -http://www.cardcontact.de http://www.tscons.de http://www.openscdp.org ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] obtaining a CSR for a token-generated (and locked-on-token) keypair
Dear Anthony, I have to admit, that I never tried this with openssl engine. I will give it a shot tomorrow. As for the internally generated CSR: This is actually a CSR using the format defined in TR-03110 Part 3, chapter C.2 [1]. This format can be used directly in PKIs for Extended Access Control, which are commonly used to protect access to biometric data on passports. To use this format for X.509 PKIs, the RA would need to understand the CSR format and extract the public key. In the current version of OpenSC, the CSR is not exposed at the interface, as PKCS#11 does not provide a mechanism to handle device generated certificate signing requests. In a later version we will try to make the CSR available as a session based data object. The suggested way in the meantime is to generate the key pair, extract the public key and generate a CSR externally, signing it with the private key on the device. Andreas [1] https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TR03110/TR-03110_v2.1_P3pdf.pdf Am 11.11.2012 03:24, schrieb Anthony Foiani: Greetings. I'm working with a CardContact HSM, and would like to generate a keypair on the token, then get a certificate based on that key. I'm using CardContact's branch of OpenSC (https://github.com/CardContact/OpenSC rev a4c3d4ec2436) and openssl 1.0.1c; I'm currently experimenting on an up-to-date Fedora 17 x86-64 box, but am hoping to deploy portions of this toolchain onto an embedded platform (linux ppc32). Just in case, I updated to the latest releases of libp11 (0.2.8) and engine_pkcs11 (0.1.8). I can successfully generate the keypair and extract the public key at the same time: $ d=/usr/local/opensc $ tool=$d/bin/pkcs11-tool --module $d/lib/opensc-pkcs11.so $ $tool --login --pin 648219 \ --keypairgen --key-type rsa:2048 --id 10 \ --read-object --id 10 --type pubkey --output-file pub.spki Using slot 1 with a present token (0x1) Key pair generated: Private Key Object; RSA label: Private Key ID: 10 Usage: decrypt, sign, unwrap Public Key Object; RSA 2048 bits label: Private Key ID: 10 Usage: encrypt, verify, wrap $ ls -al pub.spki -rw-rw-r--. 1 tony tony 270 Nov 9 22:20 pub.spki $ hexdump -C pub.spki 30 82 01 0a 02 82 01 01 00 95 42 87 7a 04 82 ab |0.B.z...| 0010 89 7f b2 07 9f 25 e3 c2 47 e7 0a 53 2e 8c a9 0b |.%..G..S| ... 00f0 71 a7 17 18 f6 69 99 eb 5d d1 cb 18 33 60 29 c0 |qi..]...3`).| 0100 c5 22 28 5b 31 7d 3e 6d 99 02 03 01 00 01|.([1}m..| However, I haven't managed to find the right incantation to force openssl to use the (available) public key, but to sign with the private key on the token. I think I finally got the engine configured correctly: openssl_conf = openssl_def [openssl_def] engines = engine_section [engine_section] pkcs11 = pkcs11_section [pkcs11_section] engine_id = pkcs11 dynamic_path = /usr/local/lib/engines/engine_pkcs11.so MODULE_PATH = /usr/local/lib/opensc-pkcs11.so init = 0 But when I try to do the signing operation, it looks like openssl is trying to read the private key off the token, instead of asking the token to sign on the token: LD_LIBRARY_PATH=/usr/local/lib:/usr/local/lib/engines \ /usr/local/bin/openssl req -verbose \ -config ./token.conf -engine pkcs11 \ -key slot_1-id_10 -keyform engine -out foo.req Using configuration from ./token.conf engine pkcs11 set. PKCS#11 token PIN: 648219 PKCS11_get_private_key returned NULL cannot load Private Key from engine 140416681797312:error:80028012:PKCS11 library:PKCS11_get_attribute:Attribute type invalid:p11_attr.c:53: 140416681797312:error:26096080:engine routines:ENGINE_load_private_key:failed loading private key:eng_pkey.c:126: unable to load Private Key On the wiki for the HSM (http://www.opensc-project.org/opensc/wiki/SmartCardHsm#Generatekeypair), there is a curious phrase: The SmartCard-HSM does not permanently store public keys, but generates the required PKCS#11 public key object from certificates stored on the device. As newly generated key pairs don't have a certificate initially, the public key is extracted from the card generated certificate signing request instead and made available for the duration of the session. To save the generated public key in Subject Public Key Information format as per RF3280 use the following command If I'm reading that correctly, then it seems that the HSM is creating a CSR internally -- but I don't see any way to retrieve that CSR (let alone specify the typical certificate properties like email address, DN, CN, etc.) There's the moz-test flag to the pkcs11-tool, which invokes test_kpgen_certwrite; this seems very close to what I'm trying to do -- but it's not exposed
Re: [opensc-devel] obtaining a CSR for a token-generated (and locked-on-token) keypair
On 11/11/2012 03:24 AM, Anthony Foiani wrote: Greetings. I'm working with a CardContact HSM, and would like to generate a keypair on the token, then get a certificate based on that key. Hello, Your question was on openssl, but just in case someone is interested. If you have any recent version of gnutls you could simply do that by using the PKCS #11 URLs of the objects. That is: certtool --generate-request --outfile req.pem --load-privkey pkcs11:yyy --load-pubkey pkcs11:xxx should generate a request from the objects based on a smart card. The pkcs11: URLs are obtained using the p11tool --list-all --login command. regards, Nikos ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] obtaining a CSR for a token-generated (and locked-on-token) keypair
Andreas -- Many thanks for the very quick response! On Sun, Nov 11, 2012 at 6:31 AM, Andreas Schwier andreas.schw...@cardcontact.de wrote: In the current version of OpenSC, the CSR is not exposed at the interface, as PKCS#11 does not provide a mechanism to handle device generated certificate signing requests. In a later version we will try to make the CSR available as a session based data object. Ok, good to know I'm not going crazy. The suggested way in the meantime is to generate the key pair, extract the public key and generate a CSR externally, signing it with the private key on the device. That's where I was going next, although I'm having issues with openssl. I'll give it another shot later today. If you happen to have an example session that shows that sequence of activities, it would be very helpful. Thanks again! Best regards, Anthony Foiani ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] obtaining a CSR for a token-generated (and locked-on-token) keypair
Nikos -- Thanks for the quick reply! On Sun, Nov 11, 2012 at 12:42 PM, Nikos Mavrogiannopoulos n.mavrogiannopou...@gmail.com wrote: Your question was on openssl, Apologies if it was off-topic; it got to the point where I couldn't tell which component was complaining. Also, my initial goal is to use the token to authenticate data from an embedded instrument; as such, I figured that was more in the opensc world than openssl. (Eventually I'd like to use the token to provide that instrument with a server-side HTTPS certificate as well, which would of course get me back to openssl or similar tool. But that's further down the path.) but just in case someone is interested. If you have any recent version of gnutls you could simply do that by using the PKCS #11 URLs of the objects. That is: certtool --generate-request --outfile req.pem --load-privkey pkcs11:yyy --load-pubkey pkcs11:xxx should generate a request from the objects based on a smart card. The pkcs11: URLs are obtained using the p11tool --list-all --login command. Nice -- thank you for the pointer! Unfortunately, I don't think this can work with a keypair generated on the CC-HSM. First, the public key is only available during the same session that generates the pair; it disappears after the session disappears. One can capture the public key at generation time using the instructions provided by CardContact here: http://www.opensc-project.org/opensc/wiki/SmartCardHsm#Generatekeypair This does work, but it leaves me with a public key in SPKI format, and I'm too ignorant to figure out how to turn that into something that OpenSSL can work with. Second, the private key is not extractable, so the certtool won't be able to load it from the card. (Unless --load-privkey actually means use this privkey, but it's really just a reference to doing it on the token itself.) So far as I know, what I would really like the openssl req tool to do is: 1. Read the public key from a given file on the regular OS filesystem [somehow dealing with the SPKI-whatever format issue]; 2. Prompt me for the X.509 request parameters; 3. Construct the X.509 certificate request; 4. Sign that request on the CC-HSM token using the private key on the card; 5. Output the signed CSR onto the regular OS filesystem. But I have not yet figured out the correct incantation for that. Best regards, Anthony Foiani ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] obtaining a CSR for a token-generated (and locked-on-token) keypair
On 11/11/2012 11:50 PM, Anthony Foiani wrote: certtool --generate-request --outfile req.pem --load-privkey pkcs11:yyy --load-pubkey pkcs11:xxx should generate a request from the objects based on a smart card. The pkcs11: URLs are obtained using the p11tool --list-all --login command. Nice -- thank you for the pointer! Unfortunately, I don't think this can work with a keypair generated on the CC-HSM. First, the public key is only available during the same session that generates the pair; it disappears after the session disappears. One can capture the public key at generation time using the instructions provided by CardContact here: http://www.opensc-project.org/opensc/wiki/SmartCardHsm#Generatekeypair Ouch. In that case it can be a problem. I'm not aware of a PKCS #11 way to extract the public key from a private key, after its generation. However, with the process use can use the spki file in the command I send before in place of pkcs11:xxx. You may need to use the --inder option if it is in DER format. Second, the private key is not extractable, so the certtool won't be able to load it from the card. (Unless --load-privkey actually means use this privkey, but it's really just a reference to doing it on the token itself.) --load-privkey does not really load the key. It only uses the private key to sign the request without extracting it. regards, Nikos ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] obtaining a CSR for a token-generated (and locked-on-token) keypair
Andreas -- On Sun, Nov 11, 2012 at 6:31 AM, Andreas Schwier andreas.schw...@cardcontact.de wrote: The suggested way in the meantime is to generate the key pair, extract the public key and generate a CSR externally, signing it with the private key on the device. I haven't tried that precise sequence yet -- I tried it with openssl and it complained, I still need to try it with certtool as described by Nikos. I did try creating the keypair and certificate in software, then installing the resulting bits onto the token. I managed to install the certificate (which also provides the public key): $ echo $tool /usr/local/bin/pkcs11-tool --module /usr/local/lib/opensc-pkcs11.so --login --pin 648219 $ LD_LIBRARY_PATH=/usr/local/lib $tool -O Using slot 1 with a present token (0x1) Certificate Object, type = X.509 cert label: Foo ID: 10 Public Key Object; RSA 2048 bits label: Foo ID: 10 Usage: encrypt, verify Although the public key does not have the wrap usage flag set; compare with a keypair generated on the token: $ LD_LIBRARY_PATH=/usr/local/lib $tool \ --keypairgen --key-type rsa:2048 --id 11 \ --read-object --id 11 --type pubkey --output-file foobar.pub Using slot 1 with a present token (0x1) Key pair generated: Private Key Object; RSA label: Private Key ID: 11 Usage: decrypt, sign, unwrap Public Key Object; RSA 2048 bits label: Private Key ID: 11 Usage: encrypt, verify, wrap However, the bigger problem came when I tried to install the private key: $ LD_LIBRARY_PATH=/usr/local/lib $tool --write-object foo2a.key.der --id 11 --type privkey --label Foo Using slot 1 with a present token (0x1) error: PKCS11 function C_CreateObject failed: rv = CKR_ATTRIBUTE_VALUE_INVALID (0x13) Aborting. Turning on debugging (after making trivial repairs to the debug output code), it seems that these are the attributes that are getting stuffed: CKA_CLASS = CKO_PRIVATE_KEY CKA_TOKEN = TRUE CKA_PRIVATE = TRUE CKA_SENSITIVE = TRUE CKA_LABEL = Foo CKA_ID = 10 CKA_KEY_TYPE = 0x7fff6d1c1175 CKA_MODULUS = C770D5... CKA_PUBLIC_EXPONENT = 010001 CKA_PRIVATE_EXPONENT = 97F798... CKA_PRIME_1 = EFE5AD... CKA_PRIME_2 = D4D3F6... CKA_EXPONENT_1 = 5815FD... CKA_EXPONENT_2 = 2DD24D... CKA_COEFFICIENT = 62BD2B... Looking for similar instances on the web, the recommendation seems to be: hack pkcs11-tool to remove individual attributes until you find which one the token is complaining about. With your visibility into the software on the token, I'm hoping that you can help us avoid that kind of trial and error. :) Thanks very much for your help so far, and we're looking forward to hearing the results of your tests with openssl. Best regards, Anthony Foiani ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] obtaining a CSR for a token-generated (and locked-on-token) keypair
Dear Anthony, you can not import an externally generated private key. For security reasons, the SmartCard-HSM only supports keys generated internally. We've tested with XCA which uses OpenSSL and the engine mechanism, so I'm quite confident it should work with the command line as well. Let me come back after I tried it. Andreas Am 12.11.2012 07:54, schrieb Anthony Foiani: Andreas -- On Sun, Nov 11, 2012 at 6:31 AM, Andreas Schwier andreas.schw...@cardcontact.de wrote: The suggested way in the meantime is to generate the key pair, extract the public key and generate a CSR externally, signing it with the private key on the device. I haven't tried that precise sequence yet -- I tried it with openssl and it complained, I still need to try it with certtool as described by Nikos. I did try creating the keypair and certificate in software, then installing the resulting bits onto the token. I managed to install the certificate (which also provides the public key): $ echo $tool /usr/local/bin/pkcs11-tool --module /usr/local/lib/opensc-pkcs11.so --login --pin 648219 $ LD_LIBRARY_PATH=/usr/local/lib $tool -O Using slot 1 with a present token (0x1) Certificate Object, type = X.509 cert label: Foo ID: 10 Public Key Object; RSA 2048 bits label: Foo ID: 10 Usage: encrypt, verify Although the public key does not have the wrap usage flag set; compare with a keypair generated on the token: $ LD_LIBRARY_PATH=/usr/local/lib $tool \ --keypairgen --key-type rsa:2048 --id 11 \ --read-object --id 11 --type pubkey --output-file foobar.pub Using slot 1 with a present token (0x1) Key pair generated: Private Key Object; RSA label: Private Key ID: 11 Usage: decrypt, sign, unwrap Public Key Object; RSA 2048 bits label: Private Key ID: 11 Usage: encrypt, verify, wrap However, the bigger problem came when I tried to install the private key: $ LD_LIBRARY_PATH=/usr/local/lib $tool --write-object foo2a.key.der --id 11 --type privkey --label Foo Using slot 1 with a present token (0x1) error: PKCS11 function C_CreateObject failed: rv = CKR_ATTRIBUTE_VALUE_INVALID (0x13) Aborting. Turning on debugging (after making trivial repairs to the debug output code), it seems that these are the attributes that are getting stuffed: CKA_CLASS = CKO_PRIVATE_KEY CKA_TOKEN = TRUE CKA_PRIVATE = TRUE CKA_SENSITIVE = TRUE CKA_LABEL = Foo CKA_ID = 10 CKA_KEY_TYPE = 0x7fff6d1c1175 CKA_MODULUS = C770D5... CKA_PUBLIC_EXPONENT = 010001 CKA_PRIVATE_EXPONENT = 97F798... CKA_PRIME_1 = EFE5AD... CKA_PRIME_2 = D4D3F6... CKA_EXPONENT_1 = 5815FD... CKA_EXPONENT_2 = 2DD24D... CKA_COEFFICIENT = 62BD2B... Looking for similar instances on the web, the recommendation seems to be: hack pkcs11-tool to remove individual attributes until you find which one the token is complaining about. With your visibility into the software on the token, I'm hoping that you can help us avoid that kind of trial and error. :) Thanks very much for your help so far, and we're looking forward to hearing the results of your tests with openssl. Best regards, Anthony Foiani -- -CardContact Software System Consulting |.## ##.| Andreas Schwier |# #| Schülerweg 38 |# #| 32429 Minden, Germany |'## ##'| Phone +49 571 56149 -http://www.cardcontact.de http://www.tscons.de http://www.openscdp.org ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
[opensc-devel] obtaining a CSR for a token-generated (and locked-on-token) keypair
Greetings. I'm working with a CardContact HSM, and would like to generate a keypair on the token, then get a certificate based on that key. I'm using CardContact's branch of OpenSC (https://github.com/CardContact/OpenSC rev a4c3d4ec2436) and openssl 1.0.1c; I'm currently experimenting on an up-to-date Fedora 17 x86-64 box, but am hoping to deploy portions of this toolchain onto an embedded platform (linux ppc32). Just in case, I updated to the latest releases of libp11 (0.2.8) and engine_pkcs11 (0.1.8). I can successfully generate the keypair and extract the public key at the same time: $ d=/usr/local/opensc $ tool=$d/bin/pkcs11-tool --module $d/lib/opensc-pkcs11.so $ $tool --login --pin 648219 \ --keypairgen --key-type rsa:2048 --id 10 \ --read-object --id 10 --type pubkey --output-file pub.spki Using slot 1 with a present token (0x1) Key pair generated: Private Key Object; RSA label: Private Key ID: 10 Usage: decrypt, sign, unwrap Public Key Object; RSA 2048 bits label: Private Key ID: 10 Usage: encrypt, verify, wrap $ ls -al pub.spki -rw-rw-r--. 1 tony tony 270 Nov 9 22:20 pub.spki $ hexdump -C pub.spki 30 82 01 0a 02 82 01 01 00 95 42 87 7a 04 82 ab |0.B.z...| 0010 89 7f b2 07 9f 25 e3 c2 47 e7 0a 53 2e 8c a9 0b |.%..G..S| ... 00f0 71 a7 17 18 f6 69 99 eb 5d d1 cb 18 33 60 29 c0 |qi..]...3`).| 0100 c5 22 28 5b 31 7d 3e 6d 99 02 03 01 00 01|.([1}m..| However, I haven't managed to find the right incantation to force openssl to use the (available) public key, but to sign with the private key on the token. I think I finally got the engine configured correctly: openssl_conf = openssl_def [openssl_def] engines = engine_section [engine_section] pkcs11 = pkcs11_section [pkcs11_section] engine_id = pkcs11 dynamic_path = /usr/local/lib/engines/engine_pkcs11.so MODULE_PATH = /usr/local/lib/opensc-pkcs11.so init = 0 But when I try to do the signing operation, it looks like openssl is trying to read the private key off the token, instead of asking the token to sign on the token: LD_LIBRARY_PATH=/usr/local/lib:/usr/local/lib/engines \ /usr/local/bin/openssl req -verbose \ -config ./token.conf -engine pkcs11 \ -key slot_1-id_10 -keyform engine -out foo.req Using configuration from ./token.conf engine pkcs11 set. PKCS#11 token PIN: 648219 PKCS11_get_private_key returned NULL cannot load Private Key from engine 140416681797312:error:80028012:PKCS11 library:PKCS11_get_attribute:Attribute type invalid:p11_attr.c:53: 140416681797312:error:26096080:engine routines:ENGINE_load_private_key:failed loading private key:eng_pkey.c:126: unable to load Private Key On the wiki for the HSM (http://www.opensc-project.org/opensc/wiki/SmartCardHsm#Generatekeypair), there is a curious phrase: The SmartCard-HSM does not permanently store public keys, but generates the required PKCS#11 public key object from certificates stored on the device. As newly generated key pairs don't have a certificate initially, the public key is extracted from the card generated certificate signing request instead and made available for the duration of the session. To save the generated public key in Subject Public Key Information format as per RF3280 use the following command If I'm reading that correctly, then it seems that the HSM is creating a CSR internally -- but I don't see any way to retrieve that CSR (let alone specify the typical certificate properties like email address, DN, CN, etc.) There's the moz-test flag to the pkcs11-tool, which invokes test_kpgen_certwrite; this seems very close to what I'm trying to do -- but it's not exposed very clearly through the options (if at all). For the moment, I guess I'll just generate keys, CSRs, and certs in software, and use the HSM just for storage. I would love to figure out what I'm doing wrong, though. Best regards, Anthony Foiani ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel