Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pkcs11-tool -l -O -y secrkey: Secret sym. key listing fails #1805

Closed
carblue opened this issue Sep 23, 2019 · 8 comments · Fixed by #1807
Closed

pkcs11-tool -l -O -y secrkey: Secret sym. key listing fails #1805

carblue opened this issue Sep 23, 2019 · 8 comments · Fixed by #1807

Comments

@carblue
Copy link
Contributor

carblue commented Sep 23, 2019
edited

Problem Description

With OpenSC-0.20.0-rc1 or any more recent github master:
In the log below, at least "connecting" a secret sym. key with RSA modulus bits is wrong.
Also everything below "Usage: encrypt, decrypt" is wrong.
I checked the successful parsing of sc_pkcs15_decode_skdf_entry for this (genericSecretKey AES) key with debug=6, e.g.

[opensc-pkcs11] asn1.c:1616:asn1_decode: Looking for 'accessFlags', tag 0x3, OPTIONAL
[opensc-pkcs11] asn1.c:1407:asn1_decode_entry:    decoding 'accessFlags', raw data:03B8
that is, sensitive(yes), extractable(no), alwaysSensitive(yes), neverExtractable(yes), local(yes)

[opensc-pkcs11] asn1.c:1616:asn1_decode: Looking for 'algReference', tag 0x21000001, OPTIONAL
[opensc-pkcs11] asn1.c:1407:asn1_decode_entry:    decoding 'algReference', raw data:0202108102021082
[opensc-pkcs11] asn1.c:1592:asn1_decode:     called, left=8, depth 4
[opensc-pkcs11] asn1.c:1616:asn1_decode: Looking for 'algorithmReference', tag 0x2, OPTIONAL
[opensc-pkcs11] asn1.c:1407:asn1_decode_entry:     decoding 'algorithmReference', raw data:1081
[opensc-pkcs11] asn1.c:1433:asn1_decode_entry:     decoding 'algorithmReference' returned 4225
[opensc-pkcs11] asn1.c:1616:asn1_decode: Looking for 'algorithmReference', tag 0x2, OPTIONAL
[opensc-pkcs11] asn1.c:1407:asn1_decode_entry:     decoding 'algorithmReference', raw data:1082
[opensc-pkcs11] asn1.c:1433:asn1_decode_entry:     decoding 'algorithmReference' returned 4226

Proposed Resolution

The fix for the modulus bits is easily done in pkcs11-tool.c:show_key by correcting the setting of variable pub. But for whatever reason, I always receive a key_type with value 0 (CKK_RSA), thus this didn't help much. key_type never get's set to CKK_AES. Even if I manipulate that setting to be of key_type==CKK_AES, the errors in output don't change (except AES instead of RSA get's printed; maybe, because I didn't set supportedAlgorithms in EF.TokenInfo?) But this is known:

$ pkcs11-tool --list-mechanisms
Using slot 0 with a present token (0x0)
Supported mechanisms:
  SHA-1, digest
  SHA224, digest
  SHA256, digest
  SHA384, digest
  SHA512, digest
  MD5, digest
  RIPEMD160, digest
  GOSTR3411, digest
  RSA-PKCS, keySize={512,4096}, hw, decrypt, sign, verify, wrap, unwrap
  SHA1-RSA-PKCS, keySize={512,4096}, sign, verify
  SHA224-RSA-PKCS, keySize={512,4096}, sign, verify
  SHA256-RSA-PKCS, keySize={512,4096}, sign, verify
  SHA384-RSA-PKCS, keySize={512,4096}, sign, verify
  SHA512-RSA-PKCS, keySize={512,4096}, sign, verify
  MD5-RSA-PKCS, keySize={512,4096}, sign, verify
  RIPEMD160-RSA-PKCS, keySize={512,4096}, sign, verify
  RSA-PKCS-KEY-PAIR-GEN, keySize={512,4096}, generate_key_pair
  AES-ECB, keySize={128,256}, encrypt, decrypt, wrap, unwrap
  AES-CBC, keySize={128,256}, encrypt, decrypt, wrap, unwrap
  AES-CBC-PAD, keySize={128,256}, encrypt, decrypt, wrap, unwrap

Steps to reproduce

Have an EF.SKDF with at least 1 secret sym. key (e.g. AES) defined on card and invoke
pkcs11-tool --login --list-objects --type secrkey -p ********

Logs

$ pkcs11-tool -l -O -y secrkey  -p 12345678
Using slot 0 with a present token (0x0)
warning: PKCS11 function C_GetAttributeValue(MODULUS_BITS) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

Secret Key Object; RSA 0 bits
  label:      Key3
  ID:         07
  Usage:      encrypt, decrypt
warning: PKCS11 function C_GetAttributeValue(SENSITIVE) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(ALWAYS_SENSITIVE) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(NEVER_EXTRACTABLE) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(LOCAL) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

  Access:     extractable
@carblue carblue mentioned this issue Sep 24, 2019
Open
@frankmorgner
Copy link
Member

Hmm, I don't get the problem...

Can you do git bisect to get the commit that introduces the problem? Can you suggest a fix in a PR?

@popovec
Copy link
Member

popovec commented Sep 24, 2019

MyEID driver/OsEID simulation, after unwrap OP pkcs15-tool -D

Secret Generic Key [Secret Key]
	Object Flags   : [0x03], private, modifiable
	Usage          : [0x03], encrypt, decrypt
	Access Flags   : [0x02], extract
	Size           : 176 bits
	ID             : 67656e207365637265742032
	Native         : yes
	Key ref        : 3 (0x03)
	Path           : 3f0050154d03
	GUID           : c3546dd9-9fc2-898b-c5e3-566ff7a3e5a2

commit 2600f1a

$ pkcs11-tool -l --list-object --type secrkey
Using slot 0 with a present token (0x0)
Logging in to "MyEID".
Please enter User PIN:
warning: PKCS11 function C_GetAttributeValue(MODULUS_BITS) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

Secret Key Object; RSA 0 bits
  label:      Secret Key
  ID:         67656e207365637265742032
  Usage:      encrypt, decrypt`

commit 4614beb

$ pkcs11-tool -l --list-object --type secrkey
Using slot 0 with a present token (0x0)
Logging in to "MyEID".
Please enter User PIN:
warning: PKCS11 function C_GetAttributeValue(MODULUS_BITS) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

Secret Key Object; RSA 0 bits
  label:      Secret Key
  ID:         67656e207365637265742032
  Usage:      encrypt, decrypt
warning: PKCS11 function C_GetAttributeValue(SENSITIVE) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(ALWAYS_SENSITIVE) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(NEVER_EXTRACTABLE) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(LOCAL) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

  Access:     extractable

blank initialized card, two AES keys and two DES keys uploaded into card:

# pkcs11-tool -l --list-object --type secrkey
Using slot 0 with a present token (0x0)
Secret Key Object; AES
  VALUE:      
  label:      Secret Key
  ID:         85
  Usage:      encrypt, decrypt
warning: PKCS11 function C_GetAttributeValue(SENSITIVE) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(ALWAYS_SENSITIVE) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(NEVER_EXTRACTABLE) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(LOCAL) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

  Access:     extractable
Secret Key Object; AES
  VALUE:      
  label:      Secret Key
  ID:         87
  Usage:      encrypt, decrypt
warning: PKCS11 function C_GetAttributeValue(SENSITIVE) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(ALWAYS_SENSITIVE) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(NEVER_EXTRACTABLE) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

warning: PKCS11 function C_GetAttributeValue(LOCAL) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

  Access:     extractable

@frankmorgner

This comment has been minimized.

Sign in to view
@frankmorgner
Copy link
Member

or better:

diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
index 3c845a71b..527c1b14a 100644
--- a/src/pkcs11/framework-pkcs15.c
+++ b/src/pkcs11/framework-pkcs15.c
@@ -4948,6 +4948,22 @@ pkcs15_skey_get_attribute(struct sc_pkcs11_session *session,
                                        && (skey->base.p15_object->flags & SC_PKCS15_PRKEY_ACCESS_NEVEREXTRACTABLE) == 0
                                        && (skey->base.p15_object->flags & SC_PKCS15_PRKEY_ACCESS_ALWAYSSENSITIVE) == 0) ? CK_TRUE : CK_FALSE;
                break;
+       case CKA_ALWAYS_SENSITIVE:
+               check_attribute_buffer(attr, sizeof(CK_BBOOL));
+               *(CK_BBOOL*)attr->pValue = (skey->info->access_flags & SC_PKCS15_PRKEY_ACCESS_ALWAYSSENSITIVE) != 0;
+               break;
+       case CKA_NEVER_EXTRACTABLE:
+               check_attribute_buffer(attr, sizeof(CK_BBOOL));
+               *(CK_BBOOL*)attr->pValue = (skey->info->access_flags & SC_PKCS15_PRKEY_ACCESS_NEVEREXTRACTABLE) != 0;
+               break;
+       case CKA_SENSITIVE:
+               check_attribute_buffer(attr, sizeof(CK_BBOOL));
+               *(CK_BBOOL*)attr->pValue = (skey->info->access_flags & SC_PKCS15_PRKEY_ACCESS_SENSITIVE) != 0;
+               break;
+       case CKA_LOCAL:
+               check_attribute_buffer(attr, sizeof(CK_BBOOL));
+               *(CK_BBOOL*)attr->pValue = (skey->info->access_flags & SC_PKCS15_PRKEY_ACCESS_LOCAL) != 0;
+               break;
        case CKA_OPENSC_ALWAYS_AUTH_ANY_OBJECT:
                check_attribute_buffer(attr, sizeof(CK_BBOOL));
                *(CK_BBOOL*)attr->pValue = skey->base.p15_object->user_consent >= 1 ? CK_TRUE : CK_FALSE;
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
index 4a99c76bc..810af4d98 100644
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@@ -3886,11 +3886,13 @@ show_key(CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj)
 
        switch (key_type) {
        case CKK_RSA:
-               if (pub)
-                       printf("; RSA %lu bits\n",
-                               (unsigned long) getMODULUS_BITS(sess, obj));
-               else
-                       printf("; RSA \n");
+               if (!sec) {
+                       if (pub)
+                               printf("; RSA %lu bits\n",
+                                               (unsigned long) getMODULUS_BITS(sess, obj));
+                       else
+                               printf("; RSA \n");
+               }
                break;
        case CKK_GOSTR3410:
        case CKK_GOSTR3410_512:

@carblue
Copy link
Contributor Author

carblue commented Sep 25, 2019
edited

Your patch almost solves the problem for AES (as the software part of the solution)! And I get this result for my AES key, where extractable still is wrong:

$ pkcs11-tool -l -O -y secrkey  -p 12345678
Using slot 0 with a present token (0x0)
Secret Key Object  label:      Key3
  ID:         07
  Usage:      encrypt, decrypt
  Access:     sensitive, always sensitive, extractable, never extractable, local

The other part of the solution is, that the missed setting of the key_type=CKK_AES must/should? be ensured. It will be set in src/libopensc/pkcs15-skey.c:sc_pkcs15_decode_skdf_entry only if:

Key's EF.SKDF entry has commonKeyAttributes.algReference(es) set with value(s), one of which is listed in EF.TokenInfo as supportedAlgorithms.reference and that supported algo is of type AES, declared by mandatory OID entry.
Then the result is this:

$ pkcs11-tool -l -O -y secrkey  -p 12345678
Using slot 0 with a present token (0x0)
Secret Key Object; AES
  VALUE:      
  label:      Key3
  ID:         07
  Usage:      encrypt, decrypt
  Access:     sensitive, always sensitive, extractable, never extractable, local

I suspect there are still problems with other sym. algorithms, I don't see a key_type setting there.
I'll check that later.

@carblue
Copy link
Contributor Author

carblue commented Sep 25, 2019

I forgot to mention, that there was no problem listing keys with pkcs15-tool:

pkcs15-tool --list-secret-keys
Using reader with a card: ACS CryptoMate64 00 00
Secret 3DES Key [SM1]
        Object Flags   : [0x03], private, modifiable
        Usage          : [0x03], encrypt, decrypt
        Access Flags   : [0x0D], sensitive, alwaysSensitive, neverExtract
        Size           : 192 bits
        ID             : 01
        Native         : yes
        Key ref        : 129 (0x81)
        Path           : 3f0041004102
        GUID           : 5634094c-734a-8edc-bfdd-5821c5ff4bd4

Secret 3DES Key [SM2]
        Object Flags   : [0x03], private, modifiable
        Usage          : [0x03], encrypt, decrypt
        Access Flags   : [0x0D], sensitive, alwaysSensitive, neverExtract
        Size           : 192 bits
        ID             : 02
        Native         : yes
        Key ref        : 130 (0x82)
        Path           : 3f0041004102
        GUID           : c6f43ca6-8e88-1d7d-71e5-5de4c0a7ddb1

Secret Generic Key [Key3]
        Object Flags   : [0x03], private, modifiable
        Usage          : [0x03], encrypt, decrypt
        Access Flags   : [0x1D], sensitive, alwaysSensitive, neverExtract, local
        Size           : 256 bits
        ID             : 07
        Native         : yes
        Key ref        : 131 (0x83)
        Path           : 3f0041004102
        GUID           : 87c5eff4-81aa-68d3-4221-40b9dc77931c

frankmorgner added a commit to frankmorgner/OpenSC that referenced this issue Sep 25, 2019
@frankmorgner
pkcs11-tool: fixed displaying secret key attributes
0875496 
fixes OpenSC#1805
@frankmorgner frankmorgner mentioned this issue Sep 25, 2019
Merged
1 task
@carblue carblue mentioned this issue Sep 25, 2019
Merged
@carblue
Copy link
Contributor Author

carblue commented Sep 30, 2019

What about this patch to fix CKA_EXTRACTABLE as well:

diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
index e9f6b63b..c3a2d24a 100644
--- a/src/pkcs11/framework-pkcs15.c
+++ b/src/pkcs11/framework-pkcs15.c
@@ -4946,7 +4946,9 @@ pkcs15_skey_get_attribute(struct sc_pkcs11_session *session,
                check_attribute_buffer(attr, sizeof(CK_BBOOL));
                *(CK_BBOOL*)attr->pValue = (((skey->base.p15_object->flags & SC_PKCS15_PRKEY_ACCESS_EXTRACTABLE) == SC_PKCS15_PRKEY_ACCESS_EXTRACTABLE)
                                        && (skey->base.p15_object->flags & SC_PKCS15_PRKEY_ACCESS_NEVEREXTRACTABLE) == 0
-                                       && (skey->base.p15_object->flags & SC_PKCS15_PRKEY_ACCESS_ALWAYSSENSITIVE) == 0) ? CK_TRUE : CK_FALSE;
+                                       && (skey->base.p15_object->flags & SC_PKCS15_PRKEY_ACCESS_ALWAYSSENSITIVE) == 0
+                                       && (skey->info->access_flags & SC_PKCS15_PRKEY_ACCESS_NEVEREXTRACTABLE) == 0
+                                       && (skey->info->access_flags & SC_PKCS15_PRKEY_ACCESS_ALWAYSSENSITIVE) == 0) ? CK_TRUE : CK_FALSE;
                break;
        case CKA_ALWAYS_SENSITIVE:
                check_attribute_buffer(attr, sizeof(CK_BBOOL));

frankmorgner added a commit that referenced this issue Oct 1, 2019
@frankmorgner
pkcs11-tool: fixed displaying secret key attributes (#1807)
e2491a7 
fixes #1805
@carblue
Copy link
Contributor Author

carblue commented Oct 1, 2019

@frankmorgner
Please reopen this issue
As mentioned already, the extractable attribute still gets detected with wrong value by pkcs11-tool, whereas pkcs15-tool always got it right. Rechecked, based on 53ff718

$ pkcs11-tool -l -O -y secrkey  -p 12345678
Using slot 0 with a present token (0x0)
Secret Key Object; AES
  VALUE:      
  label:      Key3
  ID:         07
  Usage:      encrypt, decrypt
  Access:     sensitive, always sensitive, extractable, never extractable, local

@carblue carblue mentioned this issue Dec 7, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

pkcs11-tool: fixed displaying secret key attributes frankmorgner/OpenSC
3 participants
@frankmorgner @carblue @popovec