* [tpm2] Re: OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
@ 2020-01-24 21:11 David Woodhouse
0 siblings, 0 replies; 13+ messages in thread
From: David Woodhouse @ 2020-01-24 21:11 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 1307 bytes --]
On Fri, 2020-01-24 at 18:10 +0100, Emmanuel Deloget wrote:
>
> In my experience this is mostly true - the key word in that sentence
> being "mostly". The PKCS#11 is fairly big (
> http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html
> ) and while it fully describes the interface between the
> cryptographic system and its user, it does very little to describe
> how is shall be used. That's where the experience comes in handy:
> different softwares use different workflows. So given a specific
> PKCS#11 engine, you may be able to have it work with (for example)
> OpenVPN, but not with wget (though the PKCS#11 engine for OpenSSL).
> This will only be true if the specific PKCS#11 engine you use for
> your device implements everything in the spec.
FWIW much of this *shouldn't* be true, at least for basic key storage
for TLS and similar purposes.
If you have a properly functioning PKCS#11 provider which is correctly
registered with p11-kit on a Linux system, then any application which
accepts certificates+keys in a PEM or PKCS#12 or similar file SHOULD
also accept a PKCS#11 URI as defined by RFC7512.
At least in Fedora, if you find an application for which that *isn't*
true, please file a bug and Cc me.
On other distributions, YMMV.
[-- Attachment #2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 5174 bytes --]
^ permalink raw reply [flat|nested] 13+ messages in thread
* [tpm2] Re: OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
@ 2020-04-07 20:59 David Woodhouse
0 siblings, 0 replies; 13+ messages in thread
From: David Woodhouse @ 2020-04-07 20:59 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 613 bytes --]
Looks like NM added a second empty ;pin-value=?
On 7 April 2020 21:40:30 BST, nicolasoliver03(a)gmail.com wrote:
>Hi David!
>
>wpa_supplicant is now working in F32 with tpm2-pkcs11 1.2.0
>Network Manager is having problems. I posted a bug an Cc you in
>https://bugzilla.redhat.com/show_bug.cgi?id=1821924
>
>Thanks!
>_______________________________________________
>tpm2 mailing list -- tpm2(a)lists.01.org
>To unsubscribe send an email to tpm2-leave(a)lists.01.org
>%(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 873 bytes --]
^ permalink raw reply [flat|nested] 13+ messages in thread
* [tpm2] Re: OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
@ 2020-04-07 20:40 nicolasoliver03
0 siblings, 0 replies; 13+ messages in thread
From: nicolasoliver03 @ 2020-04-07 20:40 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 200 bytes --]
Hi David!
wpa_supplicant is now working in F32 with tpm2-pkcs11 1.2.0
Network Manager is having problems. I posted a bug an Cc you in https://bugzilla.redhat.com/show_bug.cgi?id=1821924
Thanks!
^ permalink raw reply [flat|nested] 13+ messages in thread
* [tpm2] Re: OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
@ 2020-01-25 1:51 Roberts, William C
0 siblings, 0 replies; 13+ messages in thread
From: Roberts, William C @ 2020-01-25 1:51 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 10697 bytes --]
Here's a somewhat proper fix:
https://github.com/tpm2-software/tpm2-pkcs11/pull/397
> -----Original Message-----
> From: Roberts, William C
> Sent: Friday, January 24, 2020 7:16 PM
> To: Jaureguiberry, IgnacioX <ignaciox.jaureguiberry(a)intel.com>;
> tpm2(a)lists.01.org
> Subject: RE: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on newer
> versions
>
> I was able to reproduce this by commenting out all the support for other
> algorithms:
> https://github.com/williamcroberts/tpm2-pkcs11/tree/force-raw-rsa
>
> It dawned on my while eating dinner, that it was likely something where we
> needed to flip the RSA operations.
> The TPM adheres to the true definitions of RSA Encrypt and RSA Decrypt, and
> when you specify a C_Encrypt() call with A private key object, the code calls
> TPM2_RSA_Encrypt() which is the RSA operation with the public key. Which the
> TPM Doesn't throw an error because the handle going to the TPM maps to the
> keypair and the TPM just does the right thing.
>
> After doing the initial setup, if you swap the RSA encrypt/decrypt calls, it works
> (see patch below).
>
> We likely need to track and call the proper TPM RSA routines on what the
> operation is when it is RSA X509:
>
> Key Class Interface Operation
> CKO_PRIVATE C_Decrypt tpm_decrypt
> CKO_PUBLIC C_Decrypt tpm_encrypt
> CKO_PRIVATE C_Encrypt tpm_decrypt
> CKO_PUBLIC C_Encrypt tpm_encrypt
>
> We'll need to get proper support in for this and a regression test performing one
> half in the TPM and the other half With OpenSSL. Theirs already tests for
> CKM_RSA_X_509 in pkcs-crypt.int.c, so we likely just need to expand on those.
>
> diff --git a/src/lib/tpm.c b/src/lib/tpm.c index f906ffbc584e..735151f016a7 100644
> --- a/src/lib/tpm.c
> +++ b/src/lib/tpm.c
> @@ -1836,7 +1836,7 @@ CK_RV tpm_encrypt(crypto_op_data *opdata,
> tpm_encrypt_data *tpm_enc_data = opdata->tpm_enc_data;
>
> if (tpm_enc_data->is_rsa) {
> - return tpm_rsa_encrypt(tpm_enc_data, ptext, ptextlen, ctext, ctextlen);
> + return tpm_rsa_decrypt(tpm_enc_data, ptext, ptextlen, ctext,
> + ctextlen);
> }
>
> tpm_ctx *ctx = tpm_enc_data->ctx;
> @@ -1857,7 +1857,7 @@ CK_RV tpm_decrypt(crypto_op_data *opdata,
> tpm_encrypt_data *tpm_enc_data = opdata->tpm_enc_data;
>
> if (tpm_enc_data->is_rsa) {
> - return tpm_rsa_decrypt(tpm_enc_data, ctext, ctextlen, ptext, ptextlen);
> + return tpm_rsa_encrypt(tpm_enc_data, ctext, ctextlen, ptext,
> + ptextlen);
> }
>
> tpm_ctx *ctx = tpm_enc_data->ctx;
>
> > -----Original Message-----
> > From: Jaureguiberry, IgnacioX
> > Sent: Thursday, January 23, 2020 2:30 PM
> > To: Roberts, William C <william.c.roberts(a)intel.com>;
> > tpm2(a)lists.01.org
> > Subject: RE: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on
> > newer versions
> >
> > I'm using tpm2-pkcs11 tag 1.0 because latest version requires python
> > 3.7 for the tpm2_ptool to work. This is a bit of work in both Ubuntu 16.04 and
> 18.04.
> >
> > I've upgraded to python3.7 in the Ubuntu 18.04 setup and then
> > installed tpm2-
> > pkcs11 to HEAD of master and it still shows the same error: C_SignInit
> > with mechanism CKM_RSA_X_509 returns
> CKR_KEY_FUNCTION_NOT_PERMITTED.
> >
> > -----Original Message-----
> > From: Roberts, William C
> > Sent: Thursday, January 23, 2020 4:33 PM
> > To: Jaureguiberry, IgnacioX <ignaciox.jaureguiberry(a)intel.com>;
> > tpm2(a)lists.01.org
> > Subject: RE: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on
> > newer versions
> >
> > Backing up your TPM2_PKCS11_STORE, what happens if you bump
> > tpm2-pkcs11 to current master HEAD?
> >
> > Still fail?
> >
> > Bill
> >
> > > -----Original Message-----
> > > From: Jaureguiberry, IgnacioX
> > > Sent: Thursday, January 23, 2020 1:16 PM
> > > To: Roberts, William C <william.c.roberts(a)intel.com>;
> > > tpm2(a)lists.01.org
> > > Subject: RE: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on
> > > newer versions
> > >
> > > These are the software versions on each setup. For the Ubuntu
> > > packages I'm putting the Ubuntu package and version, and also de
> > > project with its
> > version.
> > >
> > > On the Ubuntu 16.04:
> > > Bundled with Ubuntu:
> > > * libssl1.0.0 [1.0.2g-1] - openssl [1.0.2g]
> > > * libp11-2 [0.3.1-1] - libp11 [0.3.1]
> > > * libengine-pkcs11-openssl [0.2.1-1] - engine_pkcs11 [0.2.1]
> > >
> > > Tpm2 project libraries, built from sources:
> > > * tpm2-tss [ git sha: eedaf1a - tag 2.3.2 ]
> > > * tpm2-abrmd [ git sha: e275930 - tag 2.3.1 ]
> > > * tpm2-tools [ git sha: c971982 - master ]
> > > * tpm2-pkcs11 [ git sha: 7af62a4 - tag 1.0 ]
> > >
> > > On the Ubuntu 18.04 setup:
> > > Bundled with Ubuntu:
> > > * libssl1.1 [1.1.1-1ubuntu2.1] - openssl [1.1.1]
> > > * libengine-pkcs11-openssl [0.4.7-3] - libp11 [0.4.7]
> > > * opensc-pkcs11 [0.17.0-3] - opensc [0.17.0]
> > > * p11-kit-modules [0.23.9-2] - p11-kit [0.23.9]
> > >
> > > Tpm2 project libraries, built from sources:
> > > * tpm2-tss [ git sha: eedaf1a - tag 2.3.2 ]
> > > * tpm2-tools [ git sha: c971982 - master ]
> > > * tpm2-pkcs11 [ git sha: 7af62a4 - tag 1.0 ]
> > >
> > > I'm sending the logs and function calls captured with pkcs11spy for each
> setup.
> > > The different mechanism in C_SignInit can be seen on them.
> > >
> > >
> > > -----Original Message-----
> > > From: Roberts, William C
> > > Sent: Thursday, January 23, 2020 11:44 AM
> > > To: Jaureguiberry, IgnacioX <ignaciox.jaureguiberry(a)intel.com>;
> > > tpm2(a)lists.01.org
> > > Subject: RE: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on
> > > newer versions
> > >
> > >
> > >
> > > > -----Original Message-----
> > > > From: Ignacio Jaureguiberry
> > > > [mailto:ignaciox.jaureguiberry(a)intel.com]
> > > > Sent: Wednesday, January 22, 2020 12:36 PM
> > > > To: tpm2(a)lists.01.org
> > > > Subject: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on
> > > > newer versions
> > > >
> > > > I was trying to make wpa_supplicant use a tpm2-pkcs11 stored
> > > > private key to authenticate against a RADIUS server, I mentioned
> > > > about it on this
> > > discussion:
> > > > https://lists.01.org/hyperkitty/list/tpm2(a)lists.01.org/message/AYU
> > > > BC
> > > > AF
> > > > CCXITEV
> > > > SWA4IFC466LYS6ZIYX/
> > > >
> > > > With some fixes on tpm2-pkcs11, TLS is working and there is an
> > > > integration test for that here:
> > > > https://github.com/tpm2-software/tpm2-
> > > > pkcs11/blob/master/test/integration/tls-tests.sh
> > > >
> > > > I wasn't able to reproduce this on Ubuntu 18, and noted that the
> > > > test cases ran on top of an Ubuntu 16.04 image. I tried Ubuntu
> > > > 16.04 and TLS works as in the integration test. I also checked
> > > > that using latest version of wpa_supplicant, it does work with
> > > > tpm2-pkcs11 and creates an EAP-
> > > TLS connection using the TPM.
> > >
> > > Increasing our distro coverage is definitely something I need/want
> > > to do for tpm2-pkcs11.
> > > I already did this for many of the other tpm2 projects like
> > > tpm2-tools and tpm2- tss.
> > >
> > > >
> > > > I've debugged a bit in both OS versions and found that openssl is
> > > > calling pkey_rsa_sign with different padding modes:
> > > > RSA_PKCS1_PADDING in Ubuntu 16, and RSA_PKCS1_PSS_PADDING in
> > Ubuntu
> > > > 18. The consequence is that in
> > >
> > > This seems like a good change, IIUC PKCS1 padding has some known
> > > issues, so changing To PSS is a good move.
> > >
> > > > tpm2-pkcs11, sign_init is being called using CKM_RSA_PKCS as
> > > > mechanism on Ubuntu 16, but in Ubuntu 18 it is being called with
> > > > CKM_RSA_X_509, which is not supported.
> > >
> > > CKM_RSA_X_509 is supported, it's raw RSA encryption and AFAICT it's
> > > been supported since release 1.0. If it's signing with raw RSA, It
> > > must apply the PSS padding separately. Which it does looking at OSSL
> > > 1_1_1
> > code:
> > >
> > > -- code ---
> > > } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
> > > if (!setup_tbuf(rctx, ctx))
> > > return -1;
> > > if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa,
> > > rctx->tbuf, tbs,
> > > rctx->md, rctx->mgf1md,
> > > rctx->saltlen))
> > > return -1;
> > > ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
> > > sig, rsa, RSA_NO_PADDING);
> > > ---
> > >
> > > So this makes sense to what you're seeing hitting the pkey_rsa_sign
> > > versus the calls hitting
> > > pkcs11 C_SignInit.
> > >
> > > >
> > > > I think I have to file a bug to OpenSSL, but I don't know too much
> > > > about the
> > > > PKCS11 specs to support the claims. I'd appreciate any help to
> > > > file a decent
> > > issue.
> > > > Also, any workaround is welcome, as replacing OpenSSL in any
> > > > distribution is very hard given all the software that depends on it.
> > >
> > > Probably not, it's probably something we need to fix in the pkcs11
> > > library which is very much an under development project. We should
> > > try and replicate the bug first, and deduce that it is their bug
> > > before we file. We don't want to cry wolf here.
> > >
> > > I would capture the parameters going into the C_SignInit and
> > > subsequent C_Sign calls and create a test in
> > > test/integration/pkcs-crypt.int.c that reproduces the error.
> > >
> > > If you get me the inputs soon, I can develop this test and get a fix
> > > out. I am out all next week Jan 27-Jan31.
> > >
> > > Another great way to debug deeper is both pkcs11spy and setting the
> > > env variable "export TPM2_PKCS11_DEBUG_LOG=2" to get verbose logs
> > > out of the
> > > tpm2-pkcs11 Library. You can find the pkcs11spy project at:
> > > https://github.com/OpenSC/OpenSC/wiki/Using-OpenSC
> > >
> > > Also, specifying versions of OSSL and tpm2-pkcs11 as well as more
> > > logs and specific error messages you share, the easier it will be for us to help
> debug.
> > >
> > > Thanks,
> > > Bill
> > >
> > > > _______________________________________________
> > > > tpm2 mailing list -- tpm2(a)lists.01.org To unsubscribe send an
> > > > email to tpm2-leave(a)lists.01.org
> > > > %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
^ permalink raw reply [flat|nested] 13+ messages in thread
* [tpm2] Re: OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
@ 2020-01-25 1:15 Roberts, William C
0 siblings, 0 replies; 13+ messages in thread
From: Roberts, William C @ 2020-01-25 1:15 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 9803 bytes --]
I was able to reproduce this by commenting out all the support for other algorithms:
https://github.com/williamcroberts/tpm2-pkcs11/tree/force-raw-rsa
It dawned on my while eating dinner, that it was likely something where we needed to flip the RSA operations.
The TPM adheres to the true definitions of RSA Encrypt and RSA Decrypt, and when you specify a C_Encrypt() call with
A private key object, the code calls TPM2_RSA_Encrypt() which is the RSA operation with the public key. Which the TPM
Doesn't throw an error because the handle going to the TPM maps to the keypair and the TPM just does the right thing.
After doing the initial setup, if you swap the RSA encrypt/decrypt calls, it works (see patch below).
We likely need to track and call the proper TPM RSA routines on what the operation is when it is RSA X509:
Key Class Interface Operation
CKO_PRIVATE C_Decrypt tpm_decrypt
CKO_PUBLIC C_Decrypt tpm_encrypt
CKO_PRIVATE C_Encrypt tpm_decrypt
CKO_PUBLIC C_Encrypt tpm_encrypt
We'll need to get proper support in for this and a regression test performing one half in the TPM and the other half
With OpenSSL. Theirs already tests for CKM_RSA_X_509 in pkcs-crypt.int.c, so we likely just need to expand on those.
diff --git a/src/lib/tpm.c b/src/lib/tpm.c
index f906ffbc584e..735151f016a7 100644
--- a/src/lib/tpm.c
+++ b/src/lib/tpm.c
@@ -1836,7 +1836,7 @@ CK_RV tpm_encrypt(crypto_op_data *opdata,
tpm_encrypt_data *tpm_enc_data = opdata->tpm_enc_data;
if (tpm_enc_data->is_rsa) {
- return tpm_rsa_encrypt(tpm_enc_data, ptext, ptextlen, ctext, ctextlen);
+ return tpm_rsa_decrypt(tpm_enc_data, ptext, ptextlen, ctext, ctextlen);
}
tpm_ctx *ctx = tpm_enc_data->ctx;
@@ -1857,7 +1857,7 @@ CK_RV tpm_decrypt(crypto_op_data *opdata,
tpm_encrypt_data *tpm_enc_data = opdata->tpm_enc_data;
if (tpm_enc_data->is_rsa) {
- return tpm_rsa_decrypt(tpm_enc_data, ctext, ctextlen, ptext, ptextlen);
+ return tpm_rsa_encrypt(tpm_enc_data, ctext, ctextlen, ptext, ptextlen);
}
tpm_ctx *ctx = tpm_enc_data->ctx;
> -----Original Message-----
> From: Jaureguiberry, IgnacioX
> Sent: Thursday, January 23, 2020 2:30 PM
> To: Roberts, William C <william.c.roberts(a)intel.com>; tpm2(a)lists.01.org
> Subject: RE: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on newer
> versions
>
> I'm using tpm2-pkcs11 tag 1.0 because latest version requires python 3.7 for the
> tpm2_ptool to work. This is a bit of work in both Ubuntu 16.04 and 18.04.
>
> I've upgraded to python3.7 in the Ubuntu 18.04 setup and then installed tpm2-
> pkcs11 to HEAD of master and it still shows the same error: C_SignInit with
> mechanism CKM_RSA_X_509 returns CKR_KEY_FUNCTION_NOT_PERMITTED.
>
> -----Original Message-----
> From: Roberts, William C
> Sent: Thursday, January 23, 2020 4:33 PM
> To: Jaureguiberry, IgnacioX <ignaciox.jaureguiberry(a)intel.com>;
> tpm2(a)lists.01.org
> Subject: RE: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on newer
> versions
>
> Backing up your TPM2_PKCS11_STORE, what happens if you bump tpm2-pkcs11
> to current master HEAD?
>
> Still fail?
>
> Bill
>
> > -----Original Message-----
> > From: Jaureguiberry, IgnacioX
> > Sent: Thursday, January 23, 2020 1:16 PM
> > To: Roberts, William C <william.c.roberts(a)intel.com>;
> > tpm2(a)lists.01.org
> > Subject: RE: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on
> > newer versions
> >
> > These are the software versions on each setup. For the Ubuntu packages
> > I'm putting the Ubuntu package and version, and also de project with its
> version.
> >
> > On the Ubuntu 16.04:
> > Bundled with Ubuntu:
> > * libssl1.0.0 [1.0.2g-1] - openssl [1.0.2g]
> > * libp11-2 [0.3.1-1] - libp11 [0.3.1]
> > * libengine-pkcs11-openssl [0.2.1-1] - engine_pkcs11 [0.2.1]
> >
> > Tpm2 project libraries, built from sources:
> > * tpm2-tss [ git sha: eedaf1a - tag 2.3.2 ]
> > * tpm2-abrmd [ git sha: e275930 - tag 2.3.1 ]
> > * tpm2-tools [ git sha: c971982 - master ]
> > * tpm2-pkcs11 [ git sha: 7af62a4 - tag 1.0 ]
> >
> > On the Ubuntu 18.04 setup:
> > Bundled with Ubuntu:
> > * libssl1.1 [1.1.1-1ubuntu2.1] - openssl [1.1.1]
> > * libengine-pkcs11-openssl [0.4.7-3] - libp11 [0.4.7]
> > * opensc-pkcs11 [0.17.0-3] - opensc [0.17.0]
> > * p11-kit-modules [0.23.9-2] - p11-kit [0.23.9]
> >
> > Tpm2 project libraries, built from sources:
> > * tpm2-tss [ git sha: eedaf1a - tag 2.3.2 ]
> > * tpm2-tools [ git sha: c971982 - master ]
> > * tpm2-pkcs11 [ git sha: 7af62a4 - tag 1.0 ]
> >
> > I'm sending the logs and function calls captured with pkcs11spy for each setup.
> > The different mechanism in C_SignInit can be seen on them.
> >
> >
> > -----Original Message-----
> > From: Roberts, William C
> > Sent: Thursday, January 23, 2020 11:44 AM
> > To: Jaureguiberry, IgnacioX <ignaciox.jaureguiberry(a)intel.com>;
> > tpm2(a)lists.01.org
> > Subject: RE: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on
> > newer versions
> >
> >
> >
> > > -----Original Message-----
> > > From: Ignacio Jaureguiberry
> > > [mailto:ignaciox.jaureguiberry(a)intel.com]
> > > Sent: Wednesday, January 22, 2020 12:36 PM
> > > To: tpm2(a)lists.01.org
> > > Subject: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on newer
> > > versions
> > >
> > > I was trying to make wpa_supplicant use a tpm2-pkcs11 stored private
> > > key to authenticate against a RADIUS server, I mentioned about it on
> > > this
> > discussion:
> > > https://lists.01.org/hyperkitty/list/tpm2(a)lists.01.org/message/AYUBC
> > > AF
> > > CCXITEV
> > > SWA4IFC466LYS6ZIYX/
> > >
> > > With some fixes on tpm2-pkcs11, TLS is working and there is an
> > > integration test for that here:
> > > https://github.com/tpm2-software/tpm2-
> > > pkcs11/blob/master/test/integration/tls-tests.sh
> > >
> > > I wasn't able to reproduce this on Ubuntu 18, and noted that the
> > > test cases ran on top of an Ubuntu 16.04 image. I tried Ubuntu 16.04
> > > and TLS works as in the integration test. I also checked that using
> > > latest version of wpa_supplicant, it does work with tpm2-pkcs11 and
> > > creates an EAP-
> > TLS connection using the TPM.
> >
> > Increasing our distro coverage is definitely something I need/want to
> > do for tpm2-pkcs11.
> > I already did this for many of the other tpm2 projects like tpm2-tools
> > and tpm2- tss.
> >
> > >
> > > I've debugged a bit in both OS versions and found that openssl is
> > > calling pkey_rsa_sign with different padding modes:
> > > RSA_PKCS1_PADDING in Ubuntu 16, and RSA_PKCS1_PSS_PADDING in
> Ubuntu
> > > 18. The consequence is that in
> >
> > This seems like a good change, IIUC PKCS1 padding has some known
> > issues, so changing To PSS is a good move.
> >
> > > tpm2-pkcs11, sign_init is being called using CKM_RSA_PKCS as
> > > mechanism on Ubuntu 16, but in Ubuntu 18 it is being called with
> > > CKM_RSA_X_509, which is not supported.
> >
> > CKM_RSA_X_509 is supported, it's raw RSA encryption and AFAICT it's
> > been supported since release 1.0. If it's signing with raw RSA, It
> > must apply the PSS padding separately. Which it does looking at OSSL 1_1_1
> code:
> >
> > -- code ---
> > } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
> > if (!setup_tbuf(rctx, ctx))
> > return -1;
> > if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa,
> > rctx->tbuf, tbs,
> > rctx->md, rctx->mgf1md,
> > rctx->saltlen))
> > return -1;
> > ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
> > sig, rsa, RSA_NO_PADDING);
> > ---
> >
> > So this makes sense to what you're seeing hitting the pkey_rsa_sign
> > versus the calls hitting
> > pkcs11 C_SignInit.
> >
> > >
> > > I think I have to file a bug to OpenSSL, but I don't know too much
> > > about the
> > > PKCS11 specs to support the claims. I'd appreciate any help to file
> > > a decent
> > issue.
> > > Also, any workaround is welcome, as replacing OpenSSL in any
> > > distribution is very hard given all the software that depends on it.
> >
> > Probably not, it's probably something we need to fix in the pkcs11
> > library which is very much an under development project. We should try
> > and replicate the bug first, and deduce that it is their bug before we
> > file. We don't want to cry wolf here.
> >
> > I would capture the parameters going into the C_SignInit and
> > subsequent C_Sign calls and create a test in
> > test/integration/pkcs-crypt.int.c that reproduces the error.
> >
> > If you get me the inputs soon, I can develop this test and get a fix
> > out. I am out all next week Jan 27-Jan31.
> >
> > Another great way to debug deeper is both pkcs11spy and setting the
> > env variable "export TPM2_PKCS11_DEBUG_LOG=2" to get verbose logs out
> > of the
> > tpm2-pkcs11 Library. You can find the pkcs11spy project at:
> > https://github.com/OpenSC/OpenSC/wiki/Using-OpenSC
> >
> > Also, specifying versions of OSSL and tpm2-pkcs11 as well as more logs
> > and specific error messages you share, the easier it will be for us to help debug.
> >
> > Thanks,
> > Bill
> >
> > > _______________________________________________
> > > tpm2 mailing list -- tpm2(a)lists.01.org To unsubscribe send an email
> > > to tpm2-leave(a)lists.01.org
> > > %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [tpm2] Re: OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
@ 2020-01-24 17:10 Emmanuel Deloget
0 siblings, 0 replies; 13+ messages in thread
From: Emmanuel Deloget @ 2020-01-24 17:10 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 2372 bytes --]
Hello,
On Fri, Jan 24, 2020 at 4:52 PM <nicolasoliver03(a)gmail.com> wrote:
>
> Our assumption is that, if we make the PKCS#11 module work for
> wpa_supplicant, we will also enable any software that wants to use the TPM
> by just using the PKCS#11 standard, which is much more easier than
> implementing specific logic to talk with the TPM in specific platforms
> (standards are good
>
>
In my experience this is mostly true - the key word in that sentence being
"mostly". The PKCS#11 is fairly big (
http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html)
and while it fully describes the interface between the cryptographic system
and its user, it does very little to describe how is shall be used. That's
where the experience comes in handy: different softwares use different
workflows. So given a specific PKCS#11 engine, you may be able to have it
work with (for example) OpenVPN, but not with wget (though the PKCS#11
engine for OpenSSL). This will only be true if the specific PKCS#11 engine
you use for your device implements everything in the spec.
Additionally, to have this widely available, we need to make this packages
> available in the target distros (Fedora and Ubuntu for now).
> There is a tpm2-pkcs11 package available in Fedora as today:
> https://pkgs.org/download/tpm2-pkcs11.
> I just found that there is a tpm2-pk11 package in Ubuntu as well, that
> also uses tpm2-tss here
> https://zoomadmin.com/HowToInstall/UbuntuPackage/tpm2-pk11.
>
I haven't worked with tpm2-pkcs11 yet so I cannot say much about it (this
is planed but I have to find some time to do so ; my goal is to use it over
tpm2-pk11 but then I have a specific version where the public certificates
are stored as DER in the nvram of the TPM2 instead of being stored in a
specific directory). tpm2-pk11 was missing things when I started to use it
and I had to add what was missing for my own use case (we have used it for
2 years with OpenVPN, OpenSSL and a handful of other programs).
> As regards the tpm2-tss-engine, there is no package for Ubuntu. There is
> an rpm for Fedora being assembled here
> https://bugzilla.redhat.com/show_bug.cgi?id=1773855 though.
>
> So I hope that all this exercise makes the process more stable for
> everybody!
>
Thanks :)
Best regards,
--
Emmanuel Deloget
[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 4161 bytes --]
^ permalink raw reply [flat|nested] 13+ messages in thread
* [tpm2] Re: OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
@ 2020-01-24 15:52 nicolasoliver03
0 siblings, 0 replies; 13+ messages in thread
From: nicolasoliver03 @ 2020-01-24 15:52 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 1447 bytes --]
Will definitively take a look at it once the tpm2-pkcs11 approach works!
Are you talking about this commit in master branch of wpa_supplicant? https://w1.fi/cgit/hostap/commit/?id=18780c6d6706ee90c98eb5f27454c1bcf7b4e1bc
The reason why we moved forward with the pkcs11 approach is mostly because it has the PKCS standard in the package name, (..."The PKCS #11 standard defines a platform-independent API to cryptographic tokens, such as hardware security modules (HSM) and smart cards"..).
Our assumption is that, if we make the PKCS#11 module work for wpa_supplicant, we will also enable any software that wants to use the TPM by just using the PKCS#11 standard, which is much more easier than implementing specific logic to talk with the TPM in specific platforms (standards are good
Additionally, to have this widely available, we need to make this packages available in the target distros (Fedora and Ubuntu for now).
There is a tpm2-pkcs11 package available in Fedora as today: https://pkgs.org/download/tpm2-pkcs11.
I just found that there is a tpm2-pk11 package in Ubuntu as well, that also uses tpm2-tss here https://zoomadmin.com/HowToInstall/UbuntuPackage/tpm2-pk11.
As regards the tpm2-tss-engine, there is no package for Ubuntu. There is an rpm for Fedora being assembled here https://bugzilla.redhat.com/show_bug.cgi?id=1773855 though.
So I hope that all this exercise makes the process more stable for everybody!
^ permalink raw reply [flat|nested] 13+ messages in thread
* [tpm2] Re: OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
@ 2020-01-24 8:53 Steffen Schwebel
0 siblings, 0 replies; 13+ messages in thread
From: Steffen Schwebel @ 2020-01-24 8:53 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 3057 bytes --]
Hello,
another way to get this working would be to avoid tpm2-pkcs11 entirely.
Both wpa_supplicant and NetworkManager have versions working with
tpm2-tss-engine already.
For NetworkManager that should be any version > 1.20 and for
wpa_supplicant, its in the current development branch.
Although that might be no fun at all as well with older Ubuntu versions.
regards,
Steffen
On 1/22/20 7:35 PM, Ignacio Jaureguiberry wrote:
> I was trying to make wpa_supplicant use a tpm2-pkcs11 stored private key to authenticate against a RADIUS server, I mentioned about it on this discussion: https://lists.01.org/hyperkitty/list/tpm2(a)lists.01.org/message/AYUBCAFCCXITEVSWA4IFC466LYS6ZIYX/
>
> With some fixes on tpm2-pkcs11, TLS is working and there is an integration test for that here: https://github.com/tpm2-software/tpm2-pkcs11/blob/master/test/integration/tls-tests.sh
>
> I wasn't able to reproduce this on Ubuntu 18, and noted that the test cases ran on top of an Ubuntu 16.04 image. I tried Ubuntu 16.04 and TLS works as in the integration test. I also checked that using latest version of wpa_supplicant, it does work with tpm2-pkcs11 and creates an EAP-TLS connection using the TPM.
>
> I've debugged a bit in both OS versions and found that openssl is calling pkey_rsa_sign with different padding modes: RSA_PKCS1_PADDING in Ubuntu 16, and RSA_PKCS1_PSS_PADDING in Ubuntu 18. The consequence is that in tpm2-pkcs11, sign_init is being called using CKM_RSA_PKCS as mechanism on Ubuntu 16, but in Ubuntu 18 it is being called with CKM_RSA_X_509, which is not supported.
>
> I think I have to file a bug to OpenSSL, but I don't know too much about the PKCS11 specs to support the claims. I'd appreciate any help to file a decent issue. Also, any workaround is welcome, as replacing OpenSSL in any distribution is very hard given all the software that depends on it.
> _______________________________________________
> tpm2 mailing list -- tpm2(a)lists.01.org
> To unsubscribe send an email to tpm2-leave(a)lists.01.org
> %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
--
Steffen Schwebel
Mail: s.schwebel(a)uvensys.de
uvensys GmbH
Firmensitz und Sitz der Gesellschaft:
uvensys GmbH
Robert-Bosch-Straße 4b
35440 Linden
HRB: AG Friedberg, 7780
USt-Id: DE282879294
Geschäftsführer:
Dr. Thomas Licht, t.licht(a)uvensys.de
Volker Lieder, v.lieder(a)uvensys.de
Mail: info(a)uvensys.de
Internet: www.uvensys.de
Durchwahl: 06403 - 789 3622
Hotline: 06403 - 789 3688
Zentrale: 06403- 789 360
Fax: 06403 - 789 3699
==========================================================
Jegliche Stellungnahmen und Meinungen dieser E-Mail sind
alleine die des Autors und nicht notwendigerweise die der
Firma. Falls erforderlich, können Sie eine gesonderte
schriftliche Bestätigung anfordern.
Any views or opinions presented in this email are solely
those of the author and do not necessarily represent those
of the company. If verification is required please request
a hard-copy version.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [tpm2] Re: OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
@ 2020-01-23 20:30 Jaureguiberry, IgnacioX
0 siblings, 0 replies; 13+ messages in thread
From: Jaureguiberry, IgnacioX @ 2020-01-23 20:30 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 7026 bytes --]
I'm using tpm2-pkcs11 tag 1.0 because latest version requires python 3.7 for the tpm2_ptool to work. This is a bit of work in both Ubuntu 16.04 and 18.04.
I've upgraded to python3.7 in the Ubuntu 18.04 setup and then installed tpm2-pkcs11 to HEAD of master and it still shows the same error: C_SignInit with mechanism CKM_RSA_X_509 returns CKR_KEY_FUNCTION_NOT_PERMITTED.
-----Original Message-----
From: Roberts, William C
Sent: Thursday, January 23, 2020 4:33 PM
To: Jaureguiberry, IgnacioX <ignaciox.jaureguiberry(a)intel.com>; tpm2(a)lists.01.org
Subject: RE: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
Backing up your TPM2_PKCS11_STORE, what happens if you bump tpm2-pkcs11 to current master HEAD?
Still fail?
Bill
> -----Original Message-----
> From: Jaureguiberry, IgnacioX
> Sent: Thursday, January 23, 2020 1:16 PM
> To: Roberts, William C <william.c.roberts(a)intel.com>;
> tpm2(a)lists.01.org
> Subject: RE: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on
> newer versions
>
> These are the software versions on each setup. For the Ubuntu packages
> I'm putting the Ubuntu package and version, and also de project with its version.
>
> On the Ubuntu 16.04:
> Bundled with Ubuntu:
> * libssl1.0.0 [1.0.2g-1] - openssl [1.0.2g]
> * libp11-2 [0.3.1-1] - libp11 [0.3.1]
> * libengine-pkcs11-openssl [0.2.1-1] - engine_pkcs11 [0.2.1]
>
> Tpm2 project libraries, built from sources:
> * tpm2-tss [ git sha: eedaf1a - tag 2.3.2 ]
> * tpm2-abrmd [ git sha: e275930 - tag 2.3.1 ]
> * tpm2-tools [ git sha: c971982 - master ]
> * tpm2-pkcs11 [ git sha: 7af62a4 - tag 1.0 ]
>
> On the Ubuntu 18.04 setup:
> Bundled with Ubuntu:
> * libssl1.1 [1.1.1-1ubuntu2.1] - openssl [1.1.1]
> * libengine-pkcs11-openssl [0.4.7-3] - libp11 [0.4.7]
> * opensc-pkcs11 [0.17.0-3] - opensc [0.17.0]
> * p11-kit-modules [0.23.9-2] - p11-kit [0.23.9]
>
> Tpm2 project libraries, built from sources:
> * tpm2-tss [ git sha: eedaf1a - tag 2.3.2 ]
> * tpm2-tools [ git sha: c971982 - master ]
> * tpm2-pkcs11 [ git sha: 7af62a4 - tag 1.0 ]
>
> I'm sending the logs and function calls captured with pkcs11spy for each setup.
> The different mechanism in C_SignInit can be seen on them.
>
>
> -----Original Message-----
> From: Roberts, William C
> Sent: Thursday, January 23, 2020 11:44 AM
> To: Jaureguiberry, IgnacioX <ignaciox.jaureguiberry(a)intel.com>;
> tpm2(a)lists.01.org
> Subject: RE: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on
> newer versions
>
>
>
> > -----Original Message-----
> > From: Ignacio Jaureguiberry
> > [mailto:ignaciox.jaureguiberry(a)intel.com]
> > Sent: Wednesday, January 22, 2020 12:36 PM
> > To: tpm2(a)lists.01.org
> > Subject: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on newer
> > versions
> >
> > I was trying to make wpa_supplicant use a tpm2-pkcs11 stored private
> > key to authenticate against a RADIUS server, I mentioned about it on
> > this
> discussion:
> > https://lists.01.org/hyperkitty/list/tpm2(a)lists.01.org/message/AYUBC
> > AF
> > CCXITEV
> > SWA4IFC466LYS6ZIYX/
> >
> > With some fixes on tpm2-pkcs11, TLS is working and there is an
> > integration test for that here:
> > https://github.com/tpm2-software/tpm2-
> > pkcs11/blob/master/test/integration/tls-tests.sh
> >
> > I wasn't able to reproduce this on Ubuntu 18, and noted that the
> > test cases ran on top of an Ubuntu 16.04 image. I tried Ubuntu 16.04
> > and TLS works as in the integration test. I also checked that using
> > latest version of wpa_supplicant, it does work with tpm2-pkcs11 and
> > creates an EAP-
> TLS connection using the TPM.
>
> Increasing our distro coverage is definitely something I need/want to
> do for tpm2-pkcs11.
> I already did this for many of the other tpm2 projects like tpm2-tools
> and tpm2- tss.
>
> >
> > I've debugged a bit in both OS versions and found that openssl is
> > calling pkey_rsa_sign with different padding modes:
> > RSA_PKCS1_PADDING in Ubuntu 16, and RSA_PKCS1_PSS_PADDING in Ubuntu
> > 18. The consequence is that in
>
> This seems like a good change, IIUC PKCS1 padding has some known
> issues, so changing To PSS is a good move.
>
> > tpm2-pkcs11, sign_init is being called using CKM_RSA_PKCS as
> > mechanism on Ubuntu 16, but in Ubuntu 18 it is being called with
> > CKM_RSA_X_509, which is not supported.
>
> CKM_RSA_X_509 is supported, it's raw RSA encryption and AFAICT it's
> been supported since release 1.0. If it's signing with raw RSA, It
> must apply the PSS padding separately. Which it does looking at OSSL 1_1_1 code:
>
> -- code ---
> } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
> if (!setup_tbuf(rctx, ctx))
> return -1;
> if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa,
> rctx->tbuf, tbs,
> rctx->md, rctx->mgf1md,
> rctx->saltlen))
> return -1;
> ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
> sig, rsa, RSA_NO_PADDING);
> ---
>
> So this makes sense to what you're seeing hitting the pkey_rsa_sign
> versus the calls hitting
> pkcs11 C_SignInit.
>
> >
> > I think I have to file a bug to OpenSSL, but I don't know too much
> > about the
> > PKCS11 specs to support the claims. I'd appreciate any help to file
> > a decent
> issue.
> > Also, any workaround is welcome, as replacing OpenSSL in any
> > distribution is very hard given all the software that depends on it.
>
> Probably not, it's probably something we need to fix in the pkcs11
> library which is very much an under development project. We should try
> and replicate the bug first, and deduce that it is their bug before we
> file. We don't want to cry wolf here.
>
> I would capture the parameters going into the C_SignInit and
> subsequent C_Sign calls and create a test in
> test/integration/pkcs-crypt.int.c that reproduces the error.
>
> If you get me the inputs soon, I can develop this test and get a fix
> out. I am out all next week Jan 27-Jan31.
>
> Another great way to debug deeper is both pkcs11spy and setting the
> env variable "export TPM2_PKCS11_DEBUG_LOG=2" to get verbose logs out
> of the
> tpm2-pkcs11 Library. You can find the pkcs11spy project at:
> https://github.com/OpenSC/OpenSC/wiki/Using-OpenSC
>
> Also, specifying versions of OSSL and tpm2-pkcs11 as well as more logs
> and specific error messages you share, the easier it will be for us to help debug.
>
> Thanks,
> Bill
>
> > _______________________________________________
> > tpm2 mailing list -- tpm2(a)lists.01.org To unsubscribe send an email
> > to tpm2-leave(a)lists.01.org
> > %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
^ permalink raw reply [flat|nested] 13+ messages in thread
* [tpm2] Re: OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
@ 2020-01-23 19:35 nicolasoliver03
0 siblings, 0 replies; 13+ messages in thread
From: nicolasoliver03 @ 2020-01-23 19:35 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 2464 bytes --]
I have the same problem in Fedora 30, this are my versions:
1. tpm2-tss(a)2.3.0
2. tpm2-tools(a)4.0.1
3. tpm2-pkcs11(a)1.0
4. openssl(a)1.1
The radius log reports the same issue as Ignacio:
(13) eap_tls: TLS_accept: SSLv3/TLS read client certificate
(13) eap_tls: <<< recv TLS 1.2 [length 0046]
(13) eap_tls: TLS_accept: SSLv3/TLS read client key exchange
(13) eap_tls: <<< recv TLS 1.2 [length 0108]
(13) eap_tls: >>> send TLS 1.2 [length 0002]
(13) eap_tls: ERROR: TLS Alert write:fatal:decrypt error
tls: TLS_accept: Error in error
(13) eap_tls: ERROR: Failed in __FUNCTION__ (SSL_read)
(13) eap_tls: ERROR: error:0407E088:rsa routines:RSA_verify_PKCS1_PSS_mgf1:salt length check failed
(13) eap_tls: ERROR: error:1417B07B:SSL routines:tls_process_cert_verify:bad signature
(13) eap_tls: ERROR: System call (I/O) error (-1)
(13) eap_tls: ERROR: TLS receive handshake failed during operation
(13) eap_tls: ERROR: [eaptls process] = fail
(13) eap: ERROR: Failed continuing EAP TLS (13) session. EAP sub-module failed
(13) eap: Sending EAP Failure (code 4) ID 6 length 4
(13) eap: Failed in EAP select
(13) [eap] = invalid
(13) } # authenticate = invalid
(13) Failed to authenticate the user
My tpm2_pkcs11 ldd output is
[root(a)localhost ~]# ldd /usr/lib64/pkcs11/libtpm2_pkcs11.so
linux-vdso.so.1 (0x00007ffe2f3e7000)
libtss2-esys.so.0 => /usr/local/lib/libtss2-esys.so.0 (0x00007f95a2714000)
libtss2-sys.so.0 => /usr/local/lib/libtss2-sys.so.0 (0x00007f95a26eb000)
libtss2-mu.so.0 => /usr/local/lib/libtss2-mu.so.0 (0x00007f95a26a3000)
libtss2-tctildr.so.0 => /usr/local/lib/libtss2-tctildr.so.0 (0x00007f95a269a000)
libtss2-rc.so.0 => /usr/local/lib/libtss2-rc.so.0 (0x00007f95a2690000)
libsqlite3.so.0 => /lib64/libsqlite3.so.0 (0x00007f95a2571000)
libcrypto.so.1.1 => /lib64/libcrypto.so.1.1 (0x00007f95a228f000)
libyaml-0.so.2 => /lib64/libyaml-0.so.2 (0x00007f95a226d000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f95a2267000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f95a2246000)
libc.so.6 => /lib64/libc.so.6 (0x00007f95a2080000)
/lib64/ld-linux-x86-64.so.2 (0x00007f95a27d5000)
libm.so.6 => /lib64/libm.so.6 (0x00007f95a1f3a000)
libz.so.1 => /lib64/libz.so.1 (0x00007f95a1f1e000)
Could this be confirmed by compiling the tpm2_pkcs11 module with openssl 1.0.2?
^ permalink raw reply [flat|nested] 13+ messages in thread
* [tpm2] Re: OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
@ 2020-01-23 19:32 Roberts, William C
0 siblings, 0 replies; 13+ messages in thread
From: Roberts, William C @ 2020-01-23 19:32 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 6304 bytes --]
Backing up your TPM2_PKCS11_STORE, what happens if you bump tpm2-pkcs11 to current master HEAD?
Still fail?
Bill
> -----Original Message-----
> From: Jaureguiberry, IgnacioX
> Sent: Thursday, January 23, 2020 1:16 PM
> To: Roberts, William C <william.c.roberts(a)intel.com>; tpm2(a)lists.01.org
> Subject: RE: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on newer
> versions
>
> These are the software versions on each setup. For the Ubuntu packages I'm
> putting the Ubuntu package and version, and also de project with its version.
>
> On the Ubuntu 16.04:
> Bundled with Ubuntu:
> * libssl1.0.0 [1.0.2g-1] - openssl [1.0.2g]
> * libp11-2 [0.3.1-1] - libp11 [0.3.1]
> * libengine-pkcs11-openssl [0.2.1-1] - engine_pkcs11 [0.2.1]
>
> Tpm2 project libraries, built from sources:
> * tpm2-tss [ git sha: eedaf1a - tag 2.3.2 ]
> * tpm2-abrmd [ git sha: e275930 - tag 2.3.1 ]
> * tpm2-tools [ git sha: c971982 - master ]
> * tpm2-pkcs11 [ git sha: 7af62a4 - tag 1.0 ]
>
> On the Ubuntu 18.04 setup:
> Bundled with Ubuntu:
> * libssl1.1 [1.1.1-1ubuntu2.1] - openssl [1.1.1]
> * libengine-pkcs11-openssl [0.4.7-3] - libp11 [0.4.7]
> * opensc-pkcs11 [0.17.0-3] - opensc [0.17.0]
> * p11-kit-modules [0.23.9-2] - p11-kit [0.23.9]
>
> Tpm2 project libraries, built from sources:
> * tpm2-tss [ git sha: eedaf1a - tag 2.3.2 ]
> * tpm2-tools [ git sha: c971982 - master ]
> * tpm2-pkcs11 [ git sha: 7af62a4 - tag 1.0 ]
>
> I'm sending the logs and function calls captured with pkcs11spy for each setup.
> The different mechanism in C_SignInit can be seen on them.
>
>
> -----Original Message-----
> From: Roberts, William C
> Sent: Thursday, January 23, 2020 11:44 AM
> To: Jaureguiberry, IgnacioX <ignaciox.jaureguiberry(a)intel.com>;
> tpm2(a)lists.01.org
> Subject: RE: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on newer
> versions
>
>
>
> > -----Original Message-----
> > From: Ignacio Jaureguiberry [mailto:ignaciox.jaureguiberry(a)intel.com]
> > Sent: Wednesday, January 22, 2020 12:36 PM
> > To: tpm2(a)lists.01.org
> > Subject: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on newer
> > versions
> >
> > I was trying to make wpa_supplicant use a tpm2-pkcs11 stored private
> > key to authenticate against a RADIUS server, I mentioned about it on this
> discussion:
> > https://lists.01.org/hyperkitty/list/tpm2(a)lists.01.org/message/AYUBCAF
> > CCXITEV
> > SWA4IFC466LYS6ZIYX/
> >
> > With some fixes on tpm2-pkcs11, TLS is working and there is an
> > integration test for that here: https://github.com/tpm2-software/tpm2-
> > pkcs11/blob/master/test/integration/tls-tests.sh
> >
> > I wasn't able to reproduce this on Ubuntu 18, and noted that the test
> > cases ran on top of an Ubuntu 16.04 image. I tried Ubuntu 16.04 and
> > TLS works as in the integration test. I also checked that using latest
> > version of wpa_supplicant, it does work with tpm2-pkcs11 and creates an EAP-
> TLS connection using the TPM.
>
> Increasing our distro coverage is definitely something I need/want to do for
> tpm2-pkcs11.
> I already did this for many of the other tpm2 projects like tpm2-tools and tpm2-
> tss.
>
> >
> > I've debugged a bit in both OS versions and found that openssl is
> > calling pkey_rsa_sign with different padding modes: RSA_PKCS1_PADDING
> > in Ubuntu 16, and RSA_PKCS1_PSS_PADDING in Ubuntu 18. The consequence
> > is that in
>
> This seems like a good change, IIUC PKCS1 padding has some known issues, so
> changing To PSS is a good move.
>
> > tpm2-pkcs11, sign_init is being called using CKM_RSA_PKCS as mechanism
> > on Ubuntu 16, but in Ubuntu 18 it is being called with CKM_RSA_X_509,
> > which is not supported.
>
> CKM_RSA_X_509 is supported, it's raw RSA encryption and AFAICT it's been
> supported since release 1.0. If it's signing with raw RSA, It must apply the PSS
> padding separately. Which it does looking at OSSL 1_1_1 code:
>
> -- code ---
> } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
> if (!setup_tbuf(rctx, ctx))
> return -1;
> if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa,
> rctx->tbuf, tbs,
> rctx->md, rctx->mgf1md,
> rctx->saltlen))
> return -1;
> ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
> sig, rsa, RSA_NO_PADDING);
> ---
>
> So this makes sense to what you're seeing hitting the pkey_rsa_sign versus the
> calls hitting
> pkcs11 C_SignInit.
>
> >
> > I think I have to file a bug to OpenSSL, but I don't know too much
> > about the
> > PKCS11 specs to support the claims. I'd appreciate any help to file a decent
> issue.
> > Also, any workaround is welcome, as replacing OpenSSL in any
> > distribution is very hard given all the software that depends on it.
>
> Probably not, it's probably something we need to fix in the pkcs11 library which is
> very much an under development project. We should try and replicate the bug
> first, and deduce that it is their bug before we file. We don't want to cry wolf
> here.
>
> I would capture the parameters going into the C_SignInit and subsequent C_Sign
> calls and create a test in test/integration/pkcs-crypt.int.c that reproduces the
> error.
>
> If you get me the inputs soon, I can develop this test and get a fix out. I am out all
> next week Jan 27-Jan31.
>
> Another great way to debug deeper is both pkcs11spy and setting the env
> variable "export TPM2_PKCS11_DEBUG_LOG=2" to get verbose logs out of the
> tpm2-pkcs11 Library. You can find the pkcs11spy project at:
> https://github.com/OpenSC/OpenSC/wiki/Using-OpenSC
>
> Also, specifying versions of OSSL and tpm2-pkcs11 as well as more logs and
> specific error messages you share, the easier it will be for us to help debug.
>
> Thanks,
> Bill
>
> > _______________________________________________
> > tpm2 mailing list -- tpm2(a)lists.01.org To unsubscribe send an email to
> > tpm2-leave(a)lists.01.org
> > %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
^ permalink raw reply [flat|nested] 13+ messages in thread
* [tpm2] Re: OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
@ 2020-01-23 19:16 Jaureguiberry, IgnacioX
0 siblings, 0 replies; 13+ messages in thread
From: Jaureguiberry, IgnacioX @ 2020-01-23 19:16 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 5626 bytes --]
These are the software versions on each setup. For the Ubuntu packages I'm putting the Ubuntu package and version, and also de project with its version.
On the Ubuntu 16.04:
Bundled with Ubuntu:
* libssl1.0.0 [1.0.2g-1] - openssl [1.0.2g]
* libp11-2 [0.3.1-1] - libp11 [0.3.1]
* libengine-pkcs11-openssl [0.2.1-1] - engine_pkcs11 [0.2.1]
Tpm2 project libraries, built from sources:
* tpm2-tss [ git sha: eedaf1a - tag 2.3.2 ]
* tpm2-abrmd [ git sha: e275930 - tag 2.3.1 ]
* tpm2-tools [ git sha: c971982 - master ]
* tpm2-pkcs11 [ git sha: 7af62a4 - tag 1.0 ]
On the Ubuntu 18.04 setup:
Bundled with Ubuntu:
* libssl1.1 [1.1.1-1ubuntu2.1] - openssl [1.1.1]
* libengine-pkcs11-openssl [0.4.7-3] - libp11 [0.4.7]
* opensc-pkcs11 [0.17.0-3] - opensc [0.17.0]
* p11-kit-modules [0.23.9-2] - p11-kit [0.23.9]
Tpm2 project libraries, built from sources:
* tpm2-tss [ git sha: eedaf1a - tag 2.3.2 ]
* tpm2-tools [ git sha: c971982 - master ]
* tpm2-pkcs11 [ git sha: 7af62a4 - tag 1.0 ]
I'm sending the logs and function calls captured with pkcs11spy for each setup. The different mechanism in C_SignInit can be seen on them.
-----Original Message-----
From: Roberts, William C
Sent: Thursday, January 23, 2020 11:44 AM
To: Jaureguiberry, IgnacioX <ignaciox.jaureguiberry(a)intel.com>; tpm2(a)lists.01.org
Subject: RE: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
> -----Original Message-----
> From: Ignacio Jaureguiberry [mailto:ignaciox.jaureguiberry(a)intel.com]
> Sent: Wednesday, January 22, 2020 12:36 PM
> To: tpm2(a)lists.01.org
> Subject: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on newer
> versions
>
> I was trying to make wpa_supplicant use a tpm2-pkcs11 stored private
> key to authenticate against a RADIUS server, I mentioned about it on this discussion:
> https://lists.01.org/hyperkitty/list/tpm2(a)lists.01.org/message/AYUBCAF
> CCXITEV
> SWA4IFC466LYS6ZIYX/
>
> With some fixes on tpm2-pkcs11, TLS is working and there is an
> integration test for that here: https://github.com/tpm2-software/tpm2-
> pkcs11/blob/master/test/integration/tls-tests.sh
>
> I wasn't able to reproduce this on Ubuntu 18, and noted that the test
> cases ran on top of an Ubuntu 16.04 image. I tried Ubuntu 16.04 and
> TLS works as in the integration test. I also checked that using latest
> version of wpa_supplicant, it does work with tpm2-pkcs11 and creates an EAP-TLS connection using the TPM.
Increasing our distro coverage is definitely something I need/want to do for tpm2-pkcs11.
I already did this for many of the other tpm2 projects like tpm2-tools and tpm2-tss.
>
> I've debugged a bit in both OS versions and found that openssl is
> calling pkey_rsa_sign with different padding modes: RSA_PKCS1_PADDING
> in Ubuntu 16, and RSA_PKCS1_PSS_PADDING in Ubuntu 18. The consequence
> is that in
This seems like a good change, IIUC PKCS1 padding has some known issues, so changing To PSS is a good move.
> tpm2-pkcs11, sign_init is being called using CKM_RSA_PKCS as mechanism
> on Ubuntu 16, but in Ubuntu 18 it is being called with CKM_RSA_X_509,
> which is not supported.
CKM_RSA_X_509 is supported, it's raw RSA encryption and AFAICT it's been supported since release 1.0. If it's signing with raw RSA, It must apply the PSS padding separately. Which it does looking at OSSL 1_1_1 code:
-- code ---
} else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
if (!setup_tbuf(rctx, ctx))
return -1;
if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa,
rctx->tbuf, tbs,
rctx->md, rctx->mgf1md,
rctx->saltlen))
return -1;
ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
sig, rsa, RSA_NO_PADDING);
---
So this makes sense to what you're seeing hitting the pkey_rsa_sign versus the calls hitting
pkcs11 C_SignInit.
>
> I think I have to file a bug to OpenSSL, but I don't know too much
> about the
> PKCS11 specs to support the claims. I'd appreciate any help to file a decent issue.
> Also, any workaround is welcome, as replacing OpenSSL in any
> distribution is very hard given all the software that depends on it.
Probably not, it's probably something we need to fix in the pkcs11 library which is very much an under development project. We should try and replicate the bug first, and deduce that it is their bug before we file. We don't want to cry wolf here.
I would capture the parameters going into the C_SignInit and subsequent C_Sign calls and create a test in test/integration/pkcs-crypt.int.c that reproduces the error.
If you get me the inputs soon, I can develop this test and get a fix out. I am out all next week Jan 27-Jan31.
Another great way to debug deeper is both pkcs11spy and setting the env variable "export TPM2_PKCS11_DEBUG_LOG=2" to get verbose logs out of the tpm2-pkcs11 Library. You can find the pkcs11spy project at:
https://github.com/OpenSC/OpenSC/wiki/Using-OpenSC
Also, specifying versions of OSSL and tpm2-pkcs11 as well as more logs and specific error messages you share, the easier it will be for us to help debug.
Thanks,
Bill
> _______________________________________________
> tpm2 mailing list -- tpm2(a)lists.01.org To unsubscribe send an email to
> tpm2-leave(a)lists.01.org
> %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
[-- Attachment #2: openssl_tls_pkcs11_ubuntu16.04.txt --]
[-- Type: text/plain, Size: 22766 bytes --]
PKCS11SPY=/usr/lib/x86_64-linux-gnu/pkcs11/libtpm2_pkcs11.so openssl s_client -engine pkcs11 -keyform engine -key "$PKCS11_KEY" -CAfile "ca.pem" -cert client_tpm.pem -connect 192.168.160.42:4433
*************** OpenSC PKCS#11 spy *****************
Loaded: "/usr/lib/x86_64-linux-gnu/pkcs11/libtpm2_pkcs11.so"
0: C_GetFunctionList
2020-01-23 14:58:34.532
Returned: 0 CKR_OK
1: C_Initialize
2020-01-23 14:58:34.532
[in] pInitArgs = (nil)
openssl (lock_dbg_cb): already locked (mode=9, type=30) at eng_list.c:265
Returned: 0 CKR_OK
2: C_GetInfo
2020-01-23 14:58:34.544
[out] pInfo:
cryptokiVersion: 2.40
manufacturerID: 'tpm2-software.github.io '
flags: 0
libraryDescription: 'TPM2.0 Cryptoki '
libraryVersion: 1.0
Returned: 0 CKR_OK
openssl (lock_dbg_cb): not locked (mode=10, type=30) at eng_table.c:187
engine "pkcs11" set.
3: C_GetSlotList
2020-01-23 14:58:34.544
[in] tokenPresent = 0x0
[out] pSlotList:
Count is 1
[out] *pulCount = 0x1
Returned: 0 CKR_OK
4: C_GetSlotList
2020-01-23 14:58:34.544
[in] tokenPresent = 0x0
[out] pSlotList:
Slot 1
[out] *pulCount = 0x1
Returned: 0 CKR_OK
5: C_GetSlotInfo
2020-01-23 14:58:34.544
[in] slotID = 0x1
[out] pInfo:
slotDescription: 'label '
'Intel '
manufacturerID: 'Intel '
hardwareVersion: 1.16
firmwareVersion: 45.9
flags: 5
CKF_TOKEN_PRESENT
CKF_HW_SLOT
Returned: 0 CKR_OK
6: C_GetTokenInfo
2020-01-23 14:58:34.561
[in] slotID = 0x1
[out] pInfo:
label: 'label '
manufacturerID: 'Intel '
model: 'Intel '
serialNumber: '0000000000000000'
ulMaxSessionCount: 1024
ulSessionCount: 0
ulMaxRwSessionCount: 1024
ulRwSessionCount: 0
ulMaxPinLen: 128
ulMinPinLen: 0
ulTotalPublicMemory: -1
ulFreePublicMemory: -1
ulTotalPrivateMemory: -1
ulFreePrivateMemory: -1
hardwareVersion: 1.16
firmwareVersion: 45.9
time: '2020012317583400'
flags: 40d
CKF_RNG
CKF_LOGIN_REQUIRED
CKF_USER_PIN_INITIALIZED
CKF_TOKEN_INITIALIZED
Returned: 0 CKR_OK
7: C_OpenSession
2020-01-23 14:58:34.562
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x100000000000000
Returned: 0 CKR_OK
8: C_FindObjectsInit
2020-01-23 14:58:34.562
[in] hSession = 0x100000000000000
[in] pTemplate[1]:
CKA_CLASS CKO_CERTIFICATE
Returned: 0 CKR_OK
9: C_FindObjects
2020-01-23 14:58:34.562
[in] hSession = 0x100000000000000
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK
10: C_FindObjectsFinal
2020-01-23 14:58:34.562
[in] hSession = 0x100000000000000
Returned: 0 CKR_OK
11: C_Login
2020-01-23 14:58:34.562
[in] hSession = 0x100000000000000
[in] userType = CKU_USER
[in] pPin[ulPinLen] 0000000001b9c470 / 9
00000000 6D 79 75 73 65 72 70 69 6E myuserpin
Returned: 0 CKR_OK
12: C_FindObjectsInit
2020-01-23 14:58:34.952
[in] hSession = 0x100000000000000
[in] pTemplate[1]:
CKA_CLASS CKO_PRIVATE_KEY
Returned: 0 CKR_OK
13: C_FindObjects
2020-01-23 14:58:34.952
[in] hSession = 0x100000000000000
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 0x1 matches
Returned: 0 CKR_OK
14: C_GetAttributeValue
2020-01-23 14:58:34.952
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_KEY_TYPE 00007fff631b6f80 / 8
[out] pTemplate[1]:
CKA_KEY_TYPE CKK_RSA
Returned: 0 CKR_OK
15: C_GetAttributeValue
2020-01-23 14:58:34.952
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_LABEL 00007fff631b6f90 / 256
[out] pTemplate[1]:
CKA_LABEL 00007fff631b6f90 / 0
Returned: 0 CKR_OK
16: C_GetAttributeValue
2020-01-23 14:58:34.952
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_ID 00007fff631b7090 / 256
[out] pTemplate[1]:
CKA_ID 00007fff631b7090 / 16
00000000 36 33 30 38 32 33 30 38 37 65 65 31 39 65 35 38 630823087ee19e58
Returned: 0 CKR_OK
17: C_GetAttributeValue
2020-01-23 14:58:34.952
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_ID 0000000001bb0520 / 255
[out] pTemplate[1]:
CKA_ID 0000000001bb0520 / 16
00000000 36 33 30 38 32 33 30 38 37 65 65 31 39 65 35 38 630823087ee19e58
Returned: 0 CKR_OK
18: C_FindObjects
2020-01-23 14:58:34.952
[in] hSession = 0x100000000000000
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK
19: C_FindObjectsFinal
2020-01-23 14:58:34.952
[in] hSession = 0x100000000000000
Returned: 0 CKR_OK
20: C_GetAttributeValue
2020-01-23 14:58:34.952
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_MODULUS 0000000000000000 / 0
[out] pTemplate[1]:
CKA_MODULUS 0000000000000000 / 256
Returned: 0 CKR_OK
21: C_GetAttributeValue
2020-01-23 14:58:34.952
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_MODULUS 0000000001baf030 / 256
[out] pTemplate[1]:
CKA_MODULUS 0000000001baf030 / 256
00000000 C1 B0 B1 01 3F 87 6B 91 D0 B2 5B C4 E6 B7 7E E3 ....?.k...[...~.
00000010 12 BD 56 86 3A CB 9B 75 A6 FC 40 6C 40 CF 9B 7A ..V.:..u..@l@..z
00000020 5E 6C 2B 57 0A E0 22 EF C4 EC 35 07 EF 69 CE 56 ^l+W.."...5..i.V
00000030 7B 73 A6 09 32 01 31 DF 2B 2D 7D D7 5D 20 B0 96 {s..2.1.+-}.] ..
00000040 DB 88 DA E9 12 59 0F E6 8A 7B E1 28 23 F0 DD EB .....Y...{.(#...
00000050 38 FC 89 D3 86 C4 12 69 2F 18 25 BA 0C C0 03 CE 8......i/.%.....
00000060 A1 93 66 A5 57 C9 2A 62 0D 4D FA 83 B9 57 EC B3 ..f.W.*b.M...W..
00000070 03 2D F3 44 0B E6 26 EB 09 C2 11 2B FC 12 C5 ED .-.D..&....+....
00000080 AA E1 DD 55 53 D1 0F 9D 20 00 C2 48 A3 5A BC 3A ...US... ..H.Z.:
00000090 0E AC 7D 21 BF D5 BF FA 39 6D 34 8C 74 5E EE F2 ..}!....9m4.t^..
000000A0 F1 CC 21 49 DD 3A 53 F1 FD F6 BE CA 73 61 A3 11 ..!I.:S.....sa..
000000B0 43 3D D4 0B 47 95 3E D6 14 6E FC 75 BD D8 D5 08 C=..G.>..n.u....
000000C0 1C B4 95 77 C2 C6 7C EC F7 09 7F 1E 70 EE 83 E9 ...w..|....p...
000000D0 EB FA FD B4 FD F1 FD 89 63 99 24 4F EA 81 E4 29 ........c.$O...)
000000E0 2A A3 98 9F 0E 28 DE 1B 13 5B 40 E0 22 F8 18 4A *....(...[@."..J
000000F0 DC 6F 1E AC 1B 9C DD 9E CF 35 2F 44 4B 62 42 C3 .o.......5/DKbB.
Returned: 0 CKR_OK
22: C_GetAttributeValue
2020-01-23 14:58:34.953
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_PUBLIC_EXPONENT 0000000000000000 / 0
[out] pTemplate[1]:
CKA_PUBLIC_EXPONENT 0000000000000000 / 3
Returned: 0 CKR_OK
23: C_GetAttributeValue
2020-01-23 14:58:34.953
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_PUBLIC_EXPONENT 0000000001bb0b70 / 3
[out] pTemplate[1]:
CKA_PUBLIC_EXPONENT 0000000001bb0b70 / 3
00000000 01 00 01 ...
Returned: 0 CKR_OK
CONNECTED(00000009)
depth=1 C = FR, ST = Radius, L = Somewhere, O = Example Inc., emailAddress = admin@example.org, CN = Example Certificate Authority
verify return:1
depth=0 C = FR, ST = Radius, O = Example Inc., CN = Example Server Certificate, emailAddress = admin@example.org
verify return:1
24: C_GetAttributeValue
2020-01-23 14:58:34.966
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_MODULUS 0000000000000000 / 0
[out] pTemplate[1]:
CKA_MODULUS 0000000000000000 / 256
Returned: 0 CKR_OK
25: C_GetAttributeValue
2020-01-23 14:58:34.966
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_MODULUS 0000000001c113b0 / 256
[out] pTemplate[1]:
CKA_MODULUS 0000000001c113b0 / 256
00000000 C1 B0 B1 01 3F 87 6B 91 D0 B2 5B C4 E6 B7 7E E3 ....?.k...[...~.
00000010 12 BD 56 86 3A CB 9B 75 A6 FC 40 6C 40 CF 9B 7A ..V.:..u..@l@..z
00000020 5E 6C 2B 57 0A E0 22 EF C4 EC 35 07 EF 69 CE 56 ^l+W.."...5..i.V
00000030 7B 73 A6 09 32 01 31 DF 2B 2D 7D D7 5D 20 B0 96 {s..2.1.+-}.] ..
00000040 DB 88 DA E9 12 59 0F E6 8A 7B E1 28 23 F0 DD EB .....Y...{.(#...
00000050 38 FC 89 D3 86 C4 12 69 2F 18 25 BA 0C C0 03 CE 8......i/.%.....
00000060 A1 93 66 A5 57 C9 2A 62 0D 4D FA 83 B9 57 EC B3 ..f.W.*b.M...W..
00000070 03 2D F3 44 0B E6 26 EB 09 C2 11 2B FC 12 C5 ED .-.D..&....+....
00000080 AA E1 DD 55 53 D1 0F 9D 20 00 C2 48 A3 5A BC 3A ...US... ..H.Z.:
00000090 0E AC 7D 21 BF D5 BF FA 39 6D 34 8C 74 5E EE F2 ..}!....9m4.t^..
000000A0 F1 CC 21 49 DD 3A 53 F1 FD F6 BE CA 73 61 A3 11 ..!I.:S.....sa..
000000B0 43 3D D4 0B 47 95 3E D6 14 6E FC 75 BD D8 D5 08 C=..G.>..n.u....
000000C0 1C B4 95 77 C2 C6 7C EC F7 09 7F 1E 70 EE 83 E9 ...w..|....p...
000000D0 EB FA FD B4 FD F1 FD 89 63 99 24 4F EA 81 E4 29 ........c.$O...)
000000E0 2A A3 98 9F 0E 28 DE 1B 13 5B 40 E0 22 F8 18 4A *....(...[@."..J
000000F0 DC 6F 1E AC 1B 9C DD 9E CF 35 2F 44 4B 62 42 C3 .o.......5/DKbB.
Returned: 0 CKR_OK
26: C_GetAttributeValue
2020-01-23 14:58:34.967
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_MODULUS 0000000000000000 / 0
[out] pTemplate[1]:
CKA_MODULUS 0000000000000000 / 256
Returned: 0 CKR_OK
27: C_GetAttributeValue
2020-01-23 14:58:34.967
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_MODULUS 0000000001c10da0 / 256
[out] pTemplate[1]:
CKA_MODULUS 0000000001c10da0 / 256
00000000 C1 B0 B1 01 3F 87 6B 91 D0 B2 5B C4 E6 B7 7E E3 ....?.k...[...~.
00000010 12 BD 56 86 3A CB 9B 75 A6 FC 40 6C 40 CF 9B 7A ..V.:..u..@l@..z
00000020 5E 6C 2B 57 0A E0 22 EF C4 EC 35 07 EF 69 CE 56 ^l+W.."...5..i.V
00000030 7B 73 A6 09 32 01 31 DF 2B 2D 7D D7 5D 20 B0 96 {s..2.1.+-}.] ..
00000040 DB 88 DA E9 12 59 0F E6 8A 7B E1 28 23 F0 DD EB .....Y...{.(#...
00000050 38 FC 89 D3 86 C4 12 69 2F 18 25 BA 0C C0 03 CE 8......i/.%.....
00000060 A1 93 66 A5 57 C9 2A 62 0D 4D FA 83 B9 57 EC B3 ..f.W.*b.M...W..
00000070 03 2D F3 44 0B E6 26 EB 09 C2 11 2B FC 12 C5 ED .-.D..&....+....
00000080 AA E1 DD 55 53 D1 0F 9D 20 00 C2 48 A3 5A BC 3A ...US... ..H.Z.:
00000090 0E AC 7D 21 BF D5 BF FA 39 6D 34 8C 74 5E EE F2 ..}!....9m4.t^..
000000A0 F1 CC 21 49 DD 3A 53 F1 FD F6 BE CA 73 61 A3 11 ..!I.:S.....sa..
000000B0 43 3D D4 0B 47 95 3E D6 14 6E FC 75 BD D8 D5 08 C=..G.>..n.u....
000000C0 1C B4 95 77 C2 C6 7C EC F7 09 7F 1E 70 EE 83 E9 ...w..|....p...
000000D0 EB FA FD B4 FD F1 FD 89 63 99 24 4F EA 81 E4 29 ........c.$O...)
000000E0 2A A3 98 9F 0E 28 DE 1B 13 5B 40 E0 22 F8 18 4A *....(...[@."..J
000000F0 DC 6F 1E AC 1B 9C DD 9E CF 35 2F 44 4B 62 42 C3 .o.......5/DKbB.
Returned: 0 CKR_OK
28: C_SignInit
2020-01-23 14:58:34.967
[in] hSession = 0x100000000000000
pMechanism->type=CKM_RSA_PKCS
[in] hKey = 0x1
Returned: 0 CKR_OK
29: C_Sign
2020-01-23 14:58:34.995
[in] hSession = 0x100000000000000
[in] pData[ulDataLen] 0000000001c113b0 / 51
00000000 30 31 30 0D 06 09 60 86 48 01 65 03 04 02 01 05 010...`.H.e.....
00000010 00 04 20 86 83 C4 BC 33 59 6A DD 84 8F F0 07 AC .. ....3Yj......
00000020 6F 9E B4 BF 56 07 E7 A5 30 AF CE EC A1 B1 75 19 o...V...0.....u.
00000030 C8 32 CC .2.
[out] pSignature[*pulSignatureLen] 0000000001c05c38 / 256
00000000 94 99 23 F5 D0 34 4C 67 B7 FE A9 57 0A F0 9F EB ..#..4Lg...W....
00000010 22 90 BA 35 B7 78 15 0E C7 E0 D9 EC B5 7C B8 D5 "..5.x.......|..
00000020 38 32 0F 2B 79 25 B6 5D FE 16 8A 65 E9 3F E0 91 82.+y%.]...e.?..
00000030 26 9A 8A AD 37 DE 4E 84 85 19 6B 73 1C 6C 4C 93 &...7.N...ks.lL.
00000040 25 98 05 58 59 D1 E3 65 EE 37 CE 92 A2 86 74 E6 %..XY..e.7....t.
00000050 B4 52 7D 3F 8C E4 40 BC A4 3C E8 F1 8F AC 2F 30 .R}?..@..<..../0
00000060 64 16 B3 5F CC 6B 33 C4 B5 5F FB 87 3F 9B B4 28 d.._.k3.._..?..(
00000070 88 97 9B 6A 00 0E 76 B7 5D DC AE 34 E1 70 12 F1 ...j..v.]..4.p..
00000080 EB 45 CA E4 0B 52 8F 93 4E 58 56 AF 37 4C B7 21 .E...R..NXV.7L.!
00000090 C7 D4 AF 00 AC 84 8C 2F 87 49 43 5E 70 37 CA 63 ......./.IC^p7.c
000000A0 1D 70 1E 61 66 97 DF FE 3D B1 4C C8 B7 18 43 8B .p.af...=.L...C.
000000B0 AD 88 2B 0E E2 F8 D8 BD EF 11 69 D8 49 F0 7B 63 ..+.......i.I.{c
000000C0 A2 F4 08 16 CD 02 FF E5 DA D7 44 A9 AF F4 79 EF ..........D...y.
000000D0 5F 78 0F 70 E7 9F 3D 08 F7 3E 4B C9 B8 42 1A B2 _x.p..=..>K..B..
000000E0 3A A5 00 63 CB 12 E7 37 72 DD 9C BB 47 24 8E 5E :..c...7r...G$.^
000000F0 33 25 AF B7 0A 04 47 0C 4B B4 5B 30 C0 80 A9 90 3%....G.K.[0....
Returned: 0 CKR_OK
---
Certificate chain
0 s:/C=FR/ST=Radius/O=Example Inc./CN=Example Server Certificate/emailAddress=admin@example.org
i:/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.org/CN=Example Certificate Authority
1 s:/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.org/CN=Example Certificate Authority
i:/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.org/CN=Example Certificate Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIID2jCCAsKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBkzELMAkGA1UEBhMCRlIx
DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRUwEwYDVQQKDAxF
eGFtcGxlIEluYy4xIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUub3JnMSYw
JAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0yMDAxMTUy
MTI5NDFaFw0yMDAzMTUyMTI5NDFaMHwxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZS
YWRpdXMxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEjMCEGA1UEAwwaRXhhbXBsZSBT
ZXJ2ZXIgQ2VydGlmaWNhdGUxIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUu
b3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoSmxkYfh/XPMxcN
WFCJMk/GqIxAKdWKOYMefG/r0+s+uHwAcvSxHnz+duVosCckdAaNfnM5IjYLjIdi
JwoBrtFT5PDFWd0ykytzo2kIqKeredX8GuEfRs/xPkDFhDGx4xXsLOrYjLgNrzuJ
d5bP/SNUF6OJzRqilfQ4oSQrzX3VFCODTj5uy9BNHqT7poy4zrF7YfLzcZJEE/Xc
qLEsgaUB9K6/um9XouC/+Hs/3XUPe1st1U9HAvEpzOifOzW+4q8qvrJNOOtakXJb
DhSkpNgR9KnY2ZRvwrURTUF9POFjApbgqGw6yP7SQsrgFRWunzUkY5mMyxdmqTdh
1YOkTwIDAQABo08wTTATBgNVHSUEDDAKBggrBgEFBQcDATA2BgNVHR8ELzAtMCug
KaAnhiVodHRwOi8vd3d3LmV4YW1wbGUuY29tL2V4YW1wbGVfY2EuY3JsMA0GCSqG
SIb3DQEBCwUAA4IBAQAXXXA4MZb+heCjmN/cwZFm9eoFGfWnmIsG2ZglukJX1Kbw
XYQAhQXRGaYq3xsbTL7rFo7Rb3D6Z7yncCKSOb/+BrMgM15jEP5qThrBX9zKMNem
mTU3qjVp/JE1FCZWDKHngInVxzbxp1T5xJcMHziTNKavwr0ArVabA9pvp7q/lGU2
1r5kr+cHJc4y0Whq4MeXKg0ukrEZ4rBVYti9BkLetspyl6vvllocCeNFgesOwZta
Ahfh0O1VaHAGP5668R7FKlA1FIjFoZ6c707EoLkf8M8M9E+0ZJP2Kxj9a1AC8vOS
ZWCbqIHQU2YVkyYGy8Uxi7V3TfuL4txEQ7xZoZHH
-----END CERTIFICATE-----
subject=/C=FR/ST=Radius/O=Example Inc./CN=Example Server Certificate/emailAddress=admin@example.org
issuer=/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.org/CN=Example Certificate Authority
---
Acceptable client certificate CA names
/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.org/CN=Example Certificate Authority
Client Certificate Types: RSA sign, DSA sign, ECDSA sign
Requested Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:0x07+0x08:0x08+0x08:0x09+0x08:0x0A+0x08:0x0B+0x08:0x04+0x08:0x05+0x08:0x06+0x08:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:ECDSA+SHA1:RSA+SHA224:RSA+SHA1:DSA+SHA224:DSA+SHA1:DSA+SHA256:DSA+SHA384:DSA+SHA512
Shared Requested Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:ECDSA+SHA1:RSA+SHA224:RSA+SHA1:DSA+SHA224:DSA+SHA1:DSA+SHA256:DSA+SHA384:DSA+SHA512
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 4116 bytes and written 2965 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: FC09748B44F27A2B0C847AA00EE2497F89222AC22FCD19C0709AEF3E48A9F48D
Session-ID-ctx:
Master-Key: 089ACC3034A7060C63E966EF86AEC7B767FE5D2BD637E770D2F18928554D17B258BCA5CFFABAB094E11B43634CBE5C01
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - b4 3e cf f1 0e 2f 6e 10-27 24 89 d5 e9 f3 0d a1 .>.../n.'$......
0010 - 8d 94 a7 0b 20 7b bb ed-5d 5e dc 58 3c 21 32 08 .... {..]^.X<!2.
0020 - 8f a6 67 6a 38 67 4b e8-77 81 74 52 90 98 4f 61 ..gj8gK.w.tR..Oa
0030 - 1f d9 8a b7 7b 8a 6f 35-b0 2e 40 1c 53 e4 8f d8 ....{.o5..@.S...
0040 - ee 34 61 e3 72 df 66 96-ac 01 49 86 4e 8a e0 24 .4a.r.f...I.N..$
0050 - 1d a8 3c d3 5a 66 2b ea-8f 96 5e 5c e3 38 fb 26 ..<.Zf+...^\.8.&
0060 - 6f 81 88 62 23 70 fb 6f-d1 89 fa b8 95 de 87 9c o..b#p.o........
0070 - b3 22 d0 c7 e1 00 63 b5-7b 51 13 3b 9c a5 11 1e ."....c.{Q.;....
0080 - 5a e6 88 68 89 48 e2 2d-a6 ba 44 f7 cf 9c 7d 3d Z..h.H.-..D...}=
0090 - af cf 41 29 ae eb 88 f4-03 f0 76 9f 31 21 af b7 ..A)......v.1!..
00a0 - 9a ac 4b 7f 15 f6 9c 14-67 a2 8c d6 0d 8a 8d 0e ..K.....g.......
00b0 - 3c a5 86 60 bd 61 11 9f-e4 04 15 99 9a ee 10 b4 <..`.a..........
00c0 - 89 eb 3a 50 8d 52 d3 32-14 35 08 93 49 60 b9 64 ..:P.R.2.5..I`.d
00d0 - f2 7a e9 41 ee 84 de 39-40 ae 13 7f dd 8e 3e f2 .z.A...9@.....>.
00e0 - 66 2f 90 8d 64 fa 46 d7-a7 6a c8 65 b5 7b 4b 2b f/..d.F..j.e.{K+
00f0 - b2 93 d4 27 28 68 36 df-fd c5 e1 af e2 51 55 94 ...'(h6......QU.
0100 - 8a b8 52 cc a9 bf c6 f4-24 f7 f8 c3 6e 1f 3e 9e ..R.....$...n.>.
0110 - 7c fc 0f 94 26 73 c0 af-7e a3 3d 44 b0 71 af a0 |...&s..~.=D.q..
0120 - 1c 34 d9 a1 40 3d 47 34-7a 3e a5 3c a4 56 d8 01 .4..@=G4z>.<.V..
0130 - 14 d0 b8 5f 97 ea cc 5c-a7 aa 4f 73 52 f6 37 ee ..._...\..OsR.7.
0140 - bd 15 71 53 63 4b 3c 85-b0 35 e0 9b fe 4d 76 2b ..qScK<..5...Mv+
0150 - 31 8d 9f a9 36 61 48 9f-5e d5 a7 26 ad dd cf 2c 1...6aH.^..&...,
0160 - da d0 a3 8f 71 25 85 ca-2d 33 7c 99 18 7f 12 2b ....q%..-3|....+
0170 - d5 5b 5d 40 f8 ca d1 6d-5c 26 f2 9a 44 cd 19 96 .[]@...m\&..D...
0180 - 98 b3 9c cd 92 cf 4e 54-ec 79 50 18 bb b1 61 53 ......NT.yP...aS
0190 - b2 19 90 d5 35 62 70 25-ce c7 54 5f eb d5 19 b5 ....5bp%..T_....
01a0 - 5b 8a a2 60 4f 58 af 19-4b 70 31 a8 16 2c a0 e6 [..`OX..Kp1..,..
01b0 - 00 53 fb 99 bd df 29 c6-72 d4 7c 85 38 e0 0a 72 .S....).r.|.8..r
01c0 - 6a cc b4 98 7d 09 cb f9-db c5 c3 dd 18 7e fd 00 j...}........~..
01d0 - 43 9f 3c 26 15 e1 be f6-4c db 29 8a 93 81 c3 84 C.<&....L.).....
01e0 - f2 9d db 6c 3d 64 42 4f-34 8d 52 b9 a4 c8 b1 8b ...l=dBO4.R.....
01f0 - c3 ce 38 1a af 11 cf f4-1e 80 a5 11 4f e0 cf d8 ..8.........O...
0200 - b3 d4 3f b8 3f cf 7c 18-53 49 d1 d5 07 ba 1e f8 ..?.?.|.SI......
0210 - f3 37 3f e0 eb d2 09 c6-2b 6c 70 ca 36 68 05 f8 .7?.....+lp.6h..
0220 - 63 e5 1b c5 8e 9a 5c f1-d4 f8 a7 07 e9 d8 d9 55 c.....\........U
0230 - 06 22 90 95 44 62 dc bb-8b 28 44 74 15 77 a8 5f ."..Db...(Dt.w._
0240 - 70 04 2b 09 89 de 5c 1d-65 9d 54 7c 82 5d 36 1a p.+...\.e.T|.]6.
0250 - 80 4e 15 d9 ca 08 17 01-98 98 d4 e7 82 30 74 46 .N...........0tF
0260 - 7c 32 f1 78 f5 6a 25 08-a0 cf 07 48 84 e6 94 bb |2.x.j%....H....
0270 - 51 ee cb b0 bd e6 2c 3c-e9 e2 39 a7 ea 8f ae 1d Q.....,<..9.....
0280 - 6f 82 f7 06 62 25 6f 18-8f f6 94 06 35 a9 ad 3b o...b%o.....5..;
0290 - 91 78 ad ab 41 c3 6f d4-f7 5e 1e 59 fc 81 dd ff .x..A.o..^.Y....
02a0 - 18 a6 b2 3e d7 ae 1d 81-87 96 3a c4 aa 44 3a 7c ...>......:..D:|
02b0 - 56 e9 72 81 9b 2e 5a ba-0b 93 7c ea a5 8a 1c 06 V.r...Z...|.....
02c0 - 1f b0 b0 bf 2e 98 94 b9-ed 1e 5a 46 28 09 ef 5e ..........ZF(..^
02d0 - f4 d1 93 d8 40 22 08 42-22 82 d1 e8 92 6d ab 6d ....@".B"....m.m
02e0 - b9 2e 45 65 7e cc 31 9a-91 ed d6 62 c3 e5 43 68 ..Ee~.1....b..Ch
02f0 - 1e bb e8 ba d5 08 d8 7e-de 7b 43 26 b2 14 43 f0 .......~.{C&..C.
0300 - 41 a6 a6 3e f5 be f9 57-0a 1d 04 dc 44 06 2b 8a A..>...W....D.+.
0310 - f8 d8 1d 6c 1f f3 7b e7-d2 85 84 3a b9 47 41 08 ...l..{....:.GA.
0320 - 42 23 ef 66 db 38 7f 90-c1 2b 32 03 50 03 d7 97 B#.f.8...+2.P...
0330 - a8 3a 43 54 ff 73 f1 07-91 55 c2 14 88 8e 44 d9 .:CT.s...U....D.
0340 - 98 8b 01 12 ae 83 47 0a-8a 2c 42 b2 38 65 74 b5 ......G..,B.8et.
0350 - a8 66 2e b9 59 e0 87 4b-d3 71 9a 37 4a 8d aa 84 .f..Y..K.q.7J...
0360 - 78 12 9b d9 ff bb f0 a4-64 0f 5b f6 d2 64 8c 8a x.......d.[..d..
0370 - bf ca 9a 89 79 2f 3e 26-ab 85 4f 79 b1 db 73 f4 ....y/>&..Oy..s.
0380 - 09 16 5a 34 43 04 fb 4e-93 c9 d7 98 6f 5c 4b 87 ..Z4C..N....o\K.
0390 - a5 af be 31 df 96 c8 40-ee 7e 21 13 61 40 99 67 ...1...@.~!.a@.g
03a0 - ff 37 58 da 3e 7b 16 56-d5 d7 41 3b d6 77 c4 f1 .7X.>{.V..A;.w..
03b0 - 44 b3 70 18 0e 70 68 36-2d 45 17 58 b4 b7 ee 31 D.p..ph6-E.X...1
03c0 - 4d 37 57 dd 4c e2 6e 0b-cb 1a b4 af 82 af 16 28 M7W.L.n........(
03d0 - 2d a4 a1 81 fa 09 9c 34-48 8c c5 f5 40 a6 37 4b -......4H...@.7K
03e0 - dc 4f 19 6c aa 20 fa e7-c1 ce 79 86 8b 06 c3 20 .O.l. ....y....
03f0 - 87 86 44 95 2a 41 9a 1b-81 58 f0 ac ea fd 44 7d ..D.*A...X....D}
0400 - 8a 2f 2c ef de b9 ed 3e-50 56 9e 00 46 0c 20 34 ./,....>PV..F. 4
0410 - de 26 a4 92 8e 85 61 d6-32 1a 11 64 ce 37 9b 3f .&....a.2..d.7.?
0420 - b3 8f 65 fc aa f7 87 b6-57 34 d5 e5 1c 4a 64 62 ..e.....W4...Jdb
0430 - 8f a4 3e f9 40 ee 1e 2f-74 c3 1a d8 de 96 92 fc ..>.@../t.......
0440 - 8f 99 db f4 85 43 62 8e-60 69 14 ad af 6b 07 c3 .....Cb.`i...k..
0450 - 85 74 ad 93 e4 e0 88 f7-8e 7a 50 ea 19 60 cb a3 .t.......zP..`..
0460 - 62 2b cc 6a 25 48 de 85-ec d6 44 fd 2e ef 3c f7 b+.j%H....D...<.
Start Time: 1579802314
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
DONE
30: C_Finalize
2020-01-23 14:58:36.501
Returned: 0 CKR_OK
[-- Attachment #3: openssl_tls_pkcs11_ubuntu18.04.txt --]
[-- Type: text/plain, Size: 16338 bytes --]
PKCS11SPY=/usr/lib/x86_64-linux-gnu/pkcs11/libtpm2_pkcs11.so openssl s_client -engine pkcs11 -keyform engine -key "$PKCS11_KEY" -CAfile "ca.pem" -cert client_tpm.pem -connect 192.168.160.42:4433
engine "pkcs11" set.
*************** OpenSC PKCS#11 spy *****************
Loaded: "/usr/lib/x86_64-linux-gnu/pkcs11/libtpm2_pkcs11.so"
0: C_GetFunctionList
2020-01-23 17:35:08.998
Returned: 0 CKR_OK
1: C_Initialize
2020-01-23 17:35:08.998
[in] pInitArgs = 0x7ffc50133960
flags: 2
CKF_OS_LOCKING_OK
Returned: 0 CKR_OK
2: C_GetInfo
2020-01-23 17:35:09.000
[out] pInfo:
cryptokiVersion: 2.40
manufacturerID: 'tpm2-software.github.io '
flags: 0
libraryDescription: 'TPM2.0 Cryptoki '
libraryVersion: 1.0
Returned: 0 CKR_OK
3: C_GetSlotList
2020-01-23 17:35:09.000
[in] tokenPresent = 0x0
[out] pSlotList:
Count is 1
[out] *pulCount = 0x1
Returned: 0 CKR_OK
4: C_GetSlotList
2020-01-23 17:35:09.000
[in] tokenPresent = 0x0
[out] pSlotList:
Slot 1
[out] *pulCount = 0x1
Returned: 0 CKR_OK
5: C_GetSlotInfo
2020-01-23 17:35:09.000
[in] slotID = 0x1
[out] pInfo:
slotDescription: 'label '
'Intel '
manufacturerID: 'Intel '
hardwareVersion: 1.16
firmwareVersion: 45.9
flags: 5
CKF_TOKEN_PRESENT
CKF_HW_SLOT
Returned: 0 CKR_OK
6: C_GetTokenInfo
2020-01-23 17:35:09.017
[in] slotID = 0x1
[out] pInfo:
label: 'label '
manufacturerID: 'Intel '
model: 'Intel '
serialNumber: '0000000000000000'
ulMaxSessionCount: 1024
ulSessionCount: 0
ulMaxRwSessionCount: 1024
ulRwSessionCount: 0
ulMaxPinLen: 128
ulMinPinLen: 0
ulTotalPublicMemory: -1
ulFreePublicMemory: -1
ulTotalPrivateMemory: -1
ulFreePrivateMemory: -1
hardwareVersion: 1.16
firmwareVersion: 45.9
time: '2020012317350900'
flags: 40d
CKF_RNG
CKF_LOGIN_REQUIRED
CKF_USER_PIN_INITIALIZED
CKF_TOKEN_INITIALIZED
Returned: 0 CKR_OK
7: C_OpenSession
2020-01-23 17:35:09.017
[in] slotID = 0x1
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x100000000000000
Returned: 0 CKR_OK
8: C_FindObjectsInit
2020-01-23 17:35:09.018
[in] hSession = 0x100000000000000
[in] pTemplate[1]:
CKA_CLASS CKO_CERTIFICATE
Returned: 0 CKR_OK
9: C_FindObjects
2020-01-23 17:35:09.018
[in] hSession = 0x100000000000000
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK
10: C_FindObjectsFinal
2020-01-23 17:35:09.018
[in] hSession = 0x100000000000000
Returned: 0 CKR_OK
11: C_FindObjectsInit
2020-01-23 17:35:09.018
[in] hSession = 0x100000000000000
[in] pTemplate[1]:
CKA_CLASS CKO_PRIVATE_KEY
Returned: 0 CKR_OK
12: C_FindObjects
2020-01-23 17:35:09.018
[in] hSession = 0x100000000000000
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK
13: C_FindObjectsFinal
2020-01-23 17:35:09.018
[in] hSession = 0x100000000000000
Returned: 0 CKR_OK
14: C_FindObjectsInit
2020-01-23 17:35:09.018
[in] hSession = 0x100000000000000
[in] pTemplate[1]:
CKA_CLASS CKO_CERTIFICATE
Returned: 0 CKR_OK
15: C_FindObjects
2020-01-23 17:35:09.018
[in] hSession = 0x100000000000000
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK
16: C_FindObjectsFinal
2020-01-23 17:35:09.018
[in] hSession = 0x100000000000000
Returned: 0 CKR_OK
17: C_GetSessionInfo
2020-01-23 17:35:09.018
[in] hSession = 0x100000000000000
[out] pInfo:
slotID: 1
state: ' CKS_RO_PUBLIC_SESSION'
flags: 4
CKF_SERIAL_SESSION
ulDeviceError: 0
Returned: 0 CKR_OK
18: C_Login
2020-01-23 17:35:09.018
[in] hSession = 0x100000000000000
[in] userType = CKU_USER
[in] pPin[ulPinLen] 000055e1007b59c0 / 9
00000000 6D 79 75 73 65 72 70 69 6E myuserpin
Returned: 0 CKR_OK
19: C_FindObjectsInit
2020-01-23 17:35:09.394
[in] hSession = 0x100000000000000
[in] pTemplate[1]:
CKA_CLASS CKO_PRIVATE_KEY
Returned: 0 CKR_OK
20: C_FindObjects
2020-01-23 17:35:09.395
[in] hSession = 0x100000000000000
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 0x1 matches
Returned: 0 CKR_OK
21: C_GetAttributeValue
2020-01-23 17:35:09.395
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_KEY_TYPE 00007ffc50133938 / 8
[out] pTemplate[1]:
CKA_KEY_TYPE CKK_RSA
Returned: 0 CKR_OK
22: C_GetAttributeValue
2020-01-23 17:35:09.395
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_LABEL 0000000000000000 / 0
[out] pTemplate[1]:
CKA_LABEL 0000000000000000 / 0
Returned: 0 CKR_OK
23: C_GetAttributeValue
2020-01-23 17:35:09.395
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_LABEL 000055e1007e8410 / 0
[out] pTemplate[1]:
CKA_LABEL 000055e1007e8410 / 0
Returned: 0 CKR_OK
24: C_GetAttributeValue
2020-01-23 17:35:09.395
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_ID 0000000000000000 / 0
[out] pTemplate[1]:
CKA_ID 0000000000000000 / 16
Returned: 0 CKR_OK
25: C_GetAttributeValue
2020-01-23 17:35:09.395
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_ID 000055e1007e94f0 / 16
[out] pTemplate[1]:
CKA_ID 000055e1007e94f0 / 16
00000000 33 30 31 64 62 61 36 65 62 33 65 35 34 35 38 37 301dba6eb3e54587
Returned: 0 CKR_OK
26: C_GetAttributeValue
2020-01-23 17:35:09.395
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_ID 000055e1007c7751 / 255
[out] pTemplate[1]:
CKA_ID 000055e1007c7751 / 16
00000000 33 30 31 64 62 61 36 65 62 33 65 35 34 35 38 37 301dba6eb3e54587
Returned: 0 CKR_OK
27: C_FindObjects
2020-01-23 17:35:09.395
[in] hSession = 0x100000000000000
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x0
Returned: 0 CKR_OK
28: C_FindObjectsFinal
2020-01-23 17:35:09.395
[in] hSession = 0x100000000000000
Returned: 0 CKR_OK
29: C_GetAttributeValue
2020-01-23 17:35:09.395
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_MODULUS 0000000000000000 / 0
[out] pTemplate[1]:
CKA_MODULUS 0000000000000000 / 256
Returned: 0 CKR_OK
30: C_GetAttributeValue
2020-01-23 17:35:09.396
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_MODULUS 000055e1007e8a40 / 256
[out] pTemplate[1]:
CKA_MODULUS 000055e1007e8a40 / 256
00000000 A6 D6 06 1B 19 AC 28 28 23 FD 98 39 98 60 65 81 ......((#..9.`e.
00000010 E2 42 FE 32 4F E2 F9 08 20 2E DC 57 B0 90 42 3A .B.2O... ..W..B:
00000020 8B 23 81 AD 5B C1 2B A1 D7 87 E8 D3 BF A3 32 92 .#..[.+.......2.
00000030 80 7C 8C D0 F4 BA F2 D3 99 62 DA 9E D9 6B 5E 09 .|.......b...k^.
00000040 67 44 D9 C1 53 17 7B F7 1B 7D 31 95 B6 F9 95 ED gD..S.{..}1.....
00000050 E9 D7 83 9D 3B 2E 78 61 0E 91 58 B5 CE F7 AD 84 ....;.xa..X.....
00000060 6A A9 91 15 32 8E 88 1A 63 C3 01 A9 E5 67 6F B8 j...2...c....go.
00000070 16 30 00 F5 08 97 87 7D 37 57 F3 20 B7 CC 6F 46 .0.....}7W. ..oF
00000080 74 AE 32 80 86 29 9C B3 A3 EA 4A C4 1E 4A 84 03 t.2..)....J..J..
00000090 1C 14 28 72 24 7D 36 E9 EC 9F 64 22 FD 9D 61 4B ..(r$}6...d"..aK
000000A0 12 85 D7 0F EE F4 6F F7 6C 01 0D 07 C3 57 9E B0 ......o.l....W..
000000B0 1B 0C EE 9F DF 40 0F 36 46 CC 62 F6 AB 61 96 36 .....@.6F.b..a.6
000000C0 31 A4 06 A3 72 55 CA 7E AE A2 EF 54 49 6B D5 D4 1...rU.~...TIk..
000000D0 0C BB 8E AE E4 41 5E F8 C9 4A D0 77 3C 47 C9 C5 .....A^..J.w<G..
000000E0 51 0F A5 5C 2D C4 B9 50 DF 42 4F E8 5B 5A B1 76 Q..\-..P.BO.[Z.v
000000F0 67 B5 F7 35 34 07 32 C3 26 96 9D 1C C7 1F 36 5D g..54.2.&.....6]
Returned: 0 CKR_OK
31: C_GetAttributeValue
2020-01-23 17:35:09.396
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_PUBLIC_EXPONENT 0000000000000000 / 0
[out] pTemplate[1]:
CKA_PUBLIC_EXPONENT 0000000000000000 / 3
Returned: 0 CKR_OK
32: C_GetAttributeValue
2020-01-23 17:35:09.396
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_PUBLIC_EXPONENT 000055e1007e8430 / 3
[out] pTemplate[1]:
CKA_PUBLIC_EXPONENT 000055e1007e8430 / 3
00000000 01 00 01 ...
Returned: 0 CKR_OK
33: C_GetAttributeValue
2020-01-23 17:35:09.396
[in] hSession = 0x100000000000000
[in] hObject = 0x1
[in] pTemplate[1]:
CKA_ALWAYS_AUTHENTICATE 000055e1007c7750 / 1
[out] pTemplate[1]:
CKA_ALWAYS_AUTHENTICATE False
Returned: 0 CKR_OK
CONNECTED(00000007)
depth=1 C = FR, ST = Radius, L = Somewhere, O = Example Inc., emailAddress = admin@example.org, CN = Example Certificate Authority
verify return:1
depth=0 C = FR, ST = Radius, O = Example Inc., CN = Example Server Certificate, emailAddress = admin@example.org
verify return:1
34: C_SignInit
2020-01-23 17:35:09.410
[in] hSession = 0x100000000000000
pMechanism->type=CKM_RSA_X_509
[in] hKey = 0x1
Returned: 104 CKR_KEY_FUNCTION_NOT_PERMITTED
35: C_EncryptInit
2020-01-23 17:35:09.484
[in] hSession = 0x100000000000000
pMechanism->type=CKM_RSA_X_509
[in] hKey = 0x1
Returned: 0 CKR_OK
36: C_Encrypt
2020-01-23 17:35:09.484
[in] hSession = 0x100000000000000
[in] pData[ulDataLen] 000055e10080d2f0 / 256
00000000 24 45 AB D3 5E 28 FF 5D C3 17 6F F2 1A 1B 82 8E $E..^(.]..o.....
00000010 00 B0 CE FF 75 24 DE 54 E4 21 07 83 2A 00 28 EC ....u$.T.!..*.(.
00000020 80 D0 0C E5 35 35 27 CA D9 0A F3 A8 9A 9E CB 27 ....55'........'
00000030 41 73 4C 98 15 41 AB 53 23 10 96 B1 9B 55 2F 37 AsL..A.S#....U/7
00000040 D2 35 3D 37 77 8C C5 9F CF 2E 3E 33 E5 76 97 EA .5=7w.....>3.v..
00000050 BC B6 1A 01 F2 F6 69 66 EA 84 61 D2 33 47 15 EF ......if..a.3G..
00000060 23 5C 92 33 9D 39 D4 DD B7 26 A9 BD 87 85 F7 40 #\.3.9...&.....@
00000070 64 08 EE D6 9C 6A CC 73 50 7F DB E6 90 83 6D 68 d....j.sP....mh
00000080 96 B1 00 4E 69 E5 3F 48 BC AD B5 1A 6F 49 EE 9D ...Ni.?H....oI..
00000090 B0 E3 91 B2 F4 0E A4 65 17 57 58 31 05 1B 52 E8 .......e.WX1..R.
000000A0 F7 16 63 2B 97 8C 9B 1F B5 3E FB 2B 87 60 81 EF ..c+.....>.+.`..
000000B0 9F F1 69 CC 1D B4 DB 09 D2 7B 9D 59 F2 A6 99 B9 ..i......{.Y....
000000C0 02 C3 DF AA A7 AD B1 C9 1C D0 8D 45 56 A2 18 74 ...........EV..t
000000D0 46 64 17 65 B0 3A AF 05 94 0F 16 B0 D8 01 35 0C Fd.e.:........5.
000000E0 49 62 F4 67 A6 4F E3 B1 A8 BC 4F 5C F3 A0 75 15 Ib.g.O....O\..u.
000000F0 7B 62 98 AD A8 AA C5 41 66 60 92 1E 93 9C BC BC {b.....Af`......
[out] pEncryptedData[*pulEncryptedDataLen] 000055e10080d190 / 256
00000000 25 DB 91 ED 37 07 D6 EC 14 6E C1 38 0C 0B 12 1D %...7....n.8....
00000010 12 22 9A A5 5B 21 43 EA 34 CE AC A8 01 C1 84 74 ."..[!C.4......t
00000020 51 91 85 9E BF 63 63 D6 E1 4B C8 FB 4D 63 68 BB Q....cc..K..Mch.
00000030 DF 73 51 61 A1 EB 31 CB FB D4 8D C4 D7 68 1F BB .sQa..1......h..
00000040 5E 04 50 50 FE 57 AB 10 0F 6E 0B 91 CE 9E A1 2A ^.PP.W...n.....*
00000050 D8 15 A8 13 DC 54 86 A3 7E 90 CF 96 58 04 4B 3E .....T..~...X.K>
00000060 6C 91 E2 50 5D 48 B7 3E 14 24 C0 8F 56 5A 60 08 l..P]H.>.$..VZ`.
00000070 E1 86 4E 8C 34 50 BD 58 39 CE 09 DB 06 26 55 CF ..N.4P.X9....&U.
00000080 02 32 46 2A D8 B3 A0 F9 C2 E6 2A 8B 40 9F AC DC .2F*......*.@...
00000090 1E 66 81 73 4C BD 6D 90 59 7D EB 6F DE 3E 6D 43 .f.sL.m.Y}.o.>mC
000000A0 E7 8C 19 59 82 34 6C 1D 0E C1 8B 78 3F 52 93 98 ...Y.4l....x?R..
000000B0 00 CE D0 2E EE 80 40 F7 F4 23 CE E0 A0 47 9E BD ......@..#...G..
000000C0 0B D4 D9 77 9C 07 3B 99 29 10 B9 98 5D 26 0F 2C ...w..;.)...]&.,
000000D0 95 EA F3 92 36 A1 AB 4F 97 54 02 3E DE 4C 9C 58 ....6..O.T.>.L.X
000000E0 50 81 2B D9 07 60 D8 69 5C A8 05 55 A7 D3 AF 3C P.+..`.i\..U...<
000000F0 69 5D 18 2F 0B 0D 76 24 86 55 FC 45 59 1D B2 12 i]./..v$.U.EY...
Returned: 0 CKR_OK
---
Certificate chain
0 s:C = FR, ST = Radius, O = Example Inc., CN = Example Server Certificate, emailAddress = admin@example.org
i:C = FR, ST = Radius, L = Somewhere, O = Example Inc., emailAddress = admin@example.org, CN = Example Certificate Authority
1 s:C = FR, ST = Radius, L = Somewhere, O = Example Inc., emailAddress = admin@example.org, CN = Example Certificate Authority
i:C = FR, ST = Radius, L = Somewhere, O = Example Inc., emailAddress = admin@example.org, CN = Example Certificate Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIID2jCCAsKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBkzELMAkGA1UEBhMCRlIx
DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRUwEwYDVQQKDAxF
eGFtcGxlIEluYy4xIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUub3JnMSYw
JAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0yMDAxMTUy
MTI5NDFaFw0yMDAzMTUyMTI5NDFaMHwxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZS
YWRpdXMxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEjMCEGA1UEAwwaRXhhbXBsZSBT
ZXJ2ZXIgQ2VydGlmaWNhdGUxIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUu
b3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoSmxkYfh/XPMxcN
WFCJMk/GqIxAKdWKOYMefG/r0+s+uHwAcvSxHnz+duVosCckdAaNfnM5IjYLjIdi
JwoBrtFT5PDFWd0ykytzo2kIqKeredX8GuEfRs/xPkDFhDGx4xXsLOrYjLgNrzuJ
d5bP/SNUF6OJzRqilfQ4oSQrzX3VFCODTj5uy9BNHqT7poy4zrF7YfLzcZJEE/Xc
qLEsgaUB9K6/um9XouC/+Hs/3XUPe1st1U9HAvEpzOifOzW+4q8qvrJNOOtakXJb
DhSkpNgR9KnY2ZRvwrURTUF9POFjApbgqGw6yP7SQsrgFRWunzUkY5mMyxdmqTdh
1YOkTwIDAQABo08wTTATBgNVHSUEDDAKBggrBgEFBQcDATA2BgNVHR8ELzAtMCug
KaAnhiVodHRwOi8vd3d3LmV4YW1wbGUuY29tL2V4YW1wbGVfY2EuY3JsMA0GCSqG
SIb3DQEBCwUAA4IBAQAXXXA4MZb+heCjmN/cwZFm9eoFGfWnmIsG2ZglukJX1Kbw
XYQAhQXRGaYq3xsbTL7rFo7Rb3D6Z7yncCKSOb/+BrMgM15jEP5qThrBX9zKMNem
mTU3qjVp/JE1FCZWDKHngInVxzbxp1T5xJcMHziTNKavwr0ArVabA9pvp7q/lGU2
1r5kr+cHJc4y0Whq4MeXKg0ukrEZ4rBVYti9BkLetspyl6vvllocCeNFgesOwZta
Ahfh0O1VaHAGP5668R7FKlA1FIjFoZ6c707EoLkf8M8M9E+0ZJP2Kxj9a1AC8vOS
ZWCbqIHQU2YVkyYGy8Uxi7V3TfuL4txEQ7xZoZHH
-----END CERTIFICATE-----
subject=C = FR, ST = Radius, O = Example Inc., CN = Example Server Certificate, emailAddress = admin@example.org
issuer=C = FR, ST = Radius, L = Somewhere, O = Example Inc., emailAddress = admin@example.org, CN = Example Certificate Authority
---
Acceptable client certificate CA names
C = FR, ST = Radius, L = Somewhere, O = Example Inc., emailAddress = admin@example.org, CN = Example Certificate Authority
Requested Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:ECDSA+SHA1:RSA+SHA224:RSA+SHA1
Shared Requested Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3058 bytes and written 2969 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
140227221696960:error:1409441B:SSL routines:ssl3_read_bytes:tlsv1 alert decrypt error:../ssl/record/rec_layer_s3.c:1528:SSL alert number 51
37: C_CloseAllSessions
2020-01-23 17:35:09.574
[in] slotID = 0x1
Returned: 0 CKR_OK
^ permalink raw reply [flat|nested] 13+ messages in thread
* [tpm2] Re: OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
@ 2020-01-23 14:43 Roberts, William C
0 siblings, 0 replies; 13+ messages in thread
From: Roberts, William C @ 2020-01-23 14:43 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 4163 bytes --]
> -----Original Message-----
> From: Ignacio Jaureguiberry [mailto:ignaciox.jaureguiberry(a)intel.com]
> Sent: Wednesday, January 22, 2020 12:36 PM
> To: tpm2(a)lists.01.org
> Subject: [tpm2] OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions
>
> I was trying to make wpa_supplicant use a tpm2-pkcs11 stored private key to
> authenticate against a RADIUS server, I mentioned about it on this discussion:
> https://lists.01.org/hyperkitty/list/tpm2(a)lists.01.org/message/AYUBCAFCCXITEV
> SWA4IFC466LYS6ZIYX/
>
> With some fixes on tpm2-pkcs11, TLS is working and there is an integration test
> for that here: https://github.com/tpm2-software/tpm2-
> pkcs11/blob/master/test/integration/tls-tests.sh
>
> I wasn't able to reproduce this on Ubuntu 18, and noted that the test cases ran
> on top of an Ubuntu 16.04 image. I tried Ubuntu 16.04 and TLS works as in the
> integration test. I also checked that using latest version of wpa_supplicant, it
> does work with tpm2-pkcs11 and creates an EAP-TLS connection using the TPM.
Increasing our distro coverage is definitely something I need/want to do for tpm2-pkcs11.
I already did this for many of the other tpm2 projects like tpm2-tools and tpm2-tss.
>
> I've debugged a bit in both OS versions and found that openssl is calling
> pkey_rsa_sign with different padding modes: RSA_PKCS1_PADDING in Ubuntu
> 16, and RSA_PKCS1_PSS_PADDING in Ubuntu 18. The consequence is that in
This seems like a good change, IIUC PKCS1 padding has some known issues, so changing
To PSS is a good move.
> tpm2-pkcs11, sign_init is being called using CKM_RSA_PKCS as mechanism on
> Ubuntu 16, but in Ubuntu 18 it is being called with CKM_RSA_X_509, which is not
> supported.
CKM_RSA_X_509 is supported, it's raw RSA encryption and AFAICT it's been supported
since release 1.0. If it's signing with raw RSA, It must apply the PSS padding
separately. Which it does looking at OSSL 1_1_1 code:
-- code ---
} else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
if (!setup_tbuf(rctx, ctx))
return -1;
if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa,
rctx->tbuf, tbs,
rctx->md, rctx->mgf1md,
rctx->saltlen))
return -1;
ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
sig, rsa, RSA_NO_PADDING);
---
So this makes sense to what you're seeing hitting the pkey_rsa_sign versus the calls hitting
pkcs11 C_SignInit.
>
> I think I have to file a bug to OpenSSL, but I don't know too much about the
> PKCS11 specs to support the claims. I'd appreciate any help to file a decent issue.
> Also, any workaround is welcome, as replacing OpenSSL in any distribution is very
> hard given all the software that depends on it.
Probably not, it's probably something we need to fix in the pkcs11 library which is
very much an under development project. We should try and replicate the bug
first, and deduce that it is their bug before we file. We don't want to cry wolf here.
I would capture the parameters going into the C_SignInit and subsequent C_Sign calls
and create a test in test/integration/pkcs-crypt.int.c that reproduces the error.
If you get me the inputs soon, I can develop this test and get a fix out. I am out
all next week Jan 27-Jan31.
Another great way to debug deeper is both pkcs11spy and setting the env variable
"export TPM2_PKCS11_DEBUG_LOG=2" to get verbose logs out of the tpm2-pkcs11
Library. You can find the pkcs11spy project at:
https://github.com/OpenSC/OpenSC/wiki/Using-OpenSC
Also, specifying versions of OSSL and tpm2-pkcs11 as well as more logs and specific error messages you share,
the easier it will be for us to help debug.
Thanks,
Bill
> _______________________________________________
> tpm2 mailing list -- tpm2(a)lists.01.org
> To unsubscribe send an email to tpm2-leave(a)lists.01.org
> %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2020-04-07 20:59 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-01-24 21:11 [tpm2] Re: OpenSSL TLS using tpm2-pkcs11 doesn't work on newer versions David Woodhouse
-- strict thread matches above, loose matches on Subject: below --
2020-04-07 20:59 David Woodhouse
2020-04-07 20:40 nicolasoliver03
2020-01-25 1:51 Roberts, William C
2020-01-25 1:15 Roberts, William C
2020-01-24 17:10 Emmanuel Deloget
2020-01-24 15:52 nicolasoliver03
2020-01-24 8:53 Steffen Schwebel
2020-01-23 20:30 Jaureguiberry, IgnacioX
2020-01-23 19:35 nicolasoliver03
2020-01-23 19:32 Roberts, William C
2020-01-23 19:16 Jaureguiberry, IgnacioX
2020-01-23 14:43 Roberts, William C
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.