OpenSC pkcs11-tool fails to sign

[mouse07410]

Problem Description

pkcs11-tool from the current OpenSC master by default chooses ECDSA as the signature algorithm, regardless of the presented key type. To make things worse, it refuses parameters like -M RSA-X-509 or -M RSA-PKCS.

Proposed Resolution

Ideally, make do_sign() actually look at the key type and decide upon the signature algorithm accordingly. As a minimum - pkcs11-tool must accept -M RSA-XXX parameter together with -s.

Steps to reproduce

1. Insert a PIV token with RSA keys.
2. Attempt any of the following:

• $ pkcs11-tool -s -M RSA-X-509 -i t2048.dat -o t2048.dat.sig
• $ pkcs11-tool -s -M RSA-PKCS -i t2048.dat -o t2048.dat.sig
• $ OPENSC_DEBUG=9 pkcs11-tool -s -i t2048.dat -o t2048.dat.sig

3. Observe the failure, as shown below.

Note that adding --id 02 did not help.

Logs

$ pkcs11-tool -M
Using slot 0 with a present token (0x0)
Supported mechanisms:
  SHA-1, digest
  SHA256, digest
  SHA384, digest
  SHA512, digest
  MD5, digest
  RIPEMD160, digest
  GOSTR3411, digest
  ECDSA, keySize={256,384}, hw, sign, other flags=0x1800000
  ECDH1-COFACTOR-DERIVE, keySize={256,384}, hw, derive, other flags=0x1800000
  ECDH1-DERIVE, keySize={256,384}, hw, derive, other flags=0x1800000
  RSA-X-509, keySize={1024,3072}, hw, decrypt, sign, verify
  RSA-PKCS, keySize={1024,3072}, hw, decrypt, sign, verify
  SHA1-RSA-PKCS, keySize={1024,3072}, sign, verify
  SHA256-RSA-PKCS, keySize={1024,3072}, sign, verify
  SHA384-RSA-PKCS, keySize={1024,3072}, sign, verify
  SHA512-RSA-PKCS, keySize={1024,3072}, sign, verify
  MD5-RSA-PKCS, keySize={1024,3072}, sign, verify
  RIPEMD160-RSA-PKCS, keySize={1024,3072}, sign, verify
$ pkcs11-tool -l -M RSA-PKCS -s -i t2048.dat -o t2048.dat.sig
error: invalid option(s) given
Aborting.
$ pkcs11-tool -s -M RSA-PKCS -i t2048.dat -o t2048.dat.sig
error: invalid option(s) given
Aborting.
$ pkcs11-tool -s -M SHA256-RSA-PKCS -i t2048.dat -o t2048.dat.sig
error: invalid option(s) given
Aborting.
$ pkcs11-tool -s -M RSA-X-509 -i t2048.dat -o t2048.dat.sig
error: invalid option(s) given
Aborting.
$ OPENSC_DEBUG=9 pkcs11-tool -s -M RSA-X-509 -i t2048.dat -o t2048.dat.sig
error: invalid option(s) given
Aborting.
$ OPENSC_DEBUG=9 pkcs11-tool -s -i t2048.dat -o t2048.dat.sig
Using slot 0 with a present token (0x0)
Logging in to "PIV Card Holder pin (PIV_II)".
Please enter User PIN: 
Using signature algorithm ECDSA
error: PKCS11 function C_SignInit failed: rv = CKR_KEY_TYPE_INCONSISTENT (0x63)
Aborting.
$ 

Update
My fault: should've used -m XXX instead of -M.

[Radhika205-byte]

Hi.. I trying to execute the below command with pkcs11-tool. But i am getting below error.: Can you suggest me how this can be fixed.

XRX9C934E1D4E1D:/usr/local/bin <43> OPENSC_CONF="etc/opensc.conf" /usr/local/bin/pkcs11-tool --module /usr/local/lib/opensc-pkcs11.so -l -t
Using slot 1 with a present token (0x1)
Logging in to "PIV_II (PIV Card Holder pin)".
Please enter User PIN:
C_SeedRandom() and C_GenerateRandom():
seeding (C_SeedRandom) not supported
ERR: C_GenerateRandom failed: CKR_DATA_INVALID (0x20)
Digests:
all 4 digest functions seem to work
MD5: OK
SHA-1: OK
RIPEMD160: OK
Signatures (currently only RSA signatures)
testing key 0 (PIV AUTH key)
error: PKCS11 function C_SignInit failed: rv = CKR_KEY_TYPE_INCONSISTENT (0x63)

Aborting.

[dengert]

"ERR: C_GenerateRandom failed: CKR_DATA_INVALID (0x20)" is expected as not all PIV/CAC cards support using its RNG.

From discussion on #1964 I also see that the older version of OpenSC only supported SHA-1 that should not be used. https://www.cac.mil/Portals/53/Documents/DoD%20Token%20utilziation%20and%20variation%20matrix%20v2_06_17October2019.docx?ver=2019-10-18-102519-120

Not clear where CKR_KEY_TYPE_INCONSISTENT (0x63) came from. Please update OpenSC to newer version.