pkinit: using RSA modulus to locate private key

Douglas E. Engert deengert at anl.gov
Mon Oct 6 16:10:10 EDT 2008 


Tom Yu wrote:
> Mark Phalan <Mark.Phalan at Sun.COM> writes:
> 
>> One issue I ran into when working with PKINIT on OpenSolaris was that
>> our tool for storing certs and keys in PKCS11 tokens (pkinit(1)) doesn't
>> generate a CKA_ID for private keys - it leaves it blank. 

Can you change your pkinit utility? But since many tokens don't store
the CKA_ID then what?

>> When PKINIT
>> finds a suitable cert and then looks for a corresponding private key it
>> fails to locate it (unless it's the only key available). I've
>> implemented a fallback so that if PKINIT can't find a suitable key by
>> CKA_ID it will try to find a private key matching the RSA modulus
>> associated with its key.

Assuming you are using RSA key, that might work.
PKCS#11 2.20 says 12.1.3:
"The only attributes from Table 36 for which a Cryptoki implementation
  is required to be able to return values are CKA_MODULUS and
  CKA_PRIVATE_EXPONENT"

But there might be cards where this is not true, as the card may not
store this information.

>> As the CKA_ID is typically a hash of the
>> modulus it seemed to me to be a suitable fallback.

I don't believe that setting CK_ID to the hash is typical.
OpenSC can present a PKCS#11 view of many cards, it will
typically use 1, 2, 3... for the CK_ID and keep the same CK_ID
for the cert, public key and matching private key,
assuming that a CK_ID is unique only across a card.

Note that if  the MIT x509_identity with cert_id= is
defined in the krb5.conf or pam_krb5 it will be in effect a
constant,and thus each card used must use the same CKA_ID,
for the "authentication" cert/key.

>>
>> Does this sound reasonable? I can contribute a patch.

Yes it does. I believe the Heimdal code already does something
like this.

> 
> Is there a CKA_ID on the certificate?  Also, my reading of PKCS11 is
> that the CKA_ID is not required to match the subjectKeyIdentifier, but
> this may not be a significant problem.
> 
> Your approach sounds reasonable, but I first would like else someone
> more familiar with PKCS11 than I am to provide feedback.
> _______________________________________________
> krbdev mailing list             krbdev at mit.edu
> https://mailman.mit.edu/mailman/listinfo/krbdev
> 
> 

-- 

  Douglas E. Engert  <DEEngert at anl.gov>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444

More information about the krbdev mailing list