What Should I Push On?

Douglas E. Engert deengert at anl.gov
Wed May 9 10:42:57 EDT 2012 

[This message may not have gotten to the krbdev list,
  so is being resent again. It was sent to the coolkey
  list on 5/7/2012]

On 5/7/2012 9:45 AM, Douglas E. Engert wrote:

>
>
> On 5/5/2012 12:58 PM, Henry B. Hotz wrote:
>> Thanks for the info. I may have issues to deal with afer this one. *sigh*
>>
>> Since the specific problem shows with a PKCS12 credential as well, I'm thinking I should get a real RedHat 6.2 instance to test with first.
>>
>
> Here is a possible patch that appears to work for 1024 bit keys at least:
>
> --- ./src/libckyapplet/,cky_applet.c    Fri May  4 13:34:35 2012
> +++ ./src/libckyapplet/cky_applet.c     Mon May  7 13:40:23 2012
> @@ -1298,7 +1298,7 @@
>      if (length + dataSize > CKY_MAX_WRITE_CHUNK_SIZE) {
>         CKYBuffer_AppendBuffer(&tmp, data, 0, CKY_MAX_WRITE_CHUNK_SIZE-length);
>      } else {
> -       CKYBuffer_AppendBuffer(&tmp, data, 0, length+dataSize);
> +       CKYBuffer_AppendBuffer(&tmp, data, 0, dataSize);
>      }
>
>      prsd.tag_1.tag = 0;
> @@ -1331,7 +1331,7 @@
>      }
>
>      pasd.chain = 0;
> -    pasd.len = dataSize;
> +    pasd.len = dataSize + 1 + ber_len_1 + 1 + ber_len_2;
>
>      ret = CKYApplet_HandleAPDU(conn, PIVAppletFactory_SignDecrypt,
>                             &pasd, NULL, CKY_SIZE_UNKNOWN,
>


> This morning, after using the pcscd -d -f -a to look at the
> APDU commands sent to the card and the responses:
>
> It looks like the PIVApplet_signDecrypt routine in cky_applet.c
> is sending a short command without the data (RSA padded data)
> to be signed, and it is only requesting the first 128 bytes of
> the response.
>
> The response includes a header that the PIV will return with
> the signature.
>
> The PIV card is taking this as the data to be signed is all zero
> or whatever is in some buffer on the card, and the header plus the
> first 122 bytes of the signature is returned as requested, and
> status of "90 00" Success is returned.
>
> The header returned is 6 bytes for a RSA 1024 bit key.
>
> The coolkey parses the header, skips the 6 bytes and only
> returns the 122 bytes, even though the header says there should
> be 128 signature.
>
> Attached is pcscd output showing what Coolkey and OpenSC do
> with a sign operation. (Note some data bytes changed to XX XX
> to not expose a valid signature.)
>
>
>> On May 4, 2012, at 1:40 PM, Douglas E. Engert wrote:
>>
>>> On 5/4/2012 8:57 AM, Douglas E. Engert wrote:
>>>>
>>>>
>>>> On 5/3/2012 11:18 PM, Greg Hudson wrote:
>>>>> On 05/03/2012 08:52 PM, Henry B. Hotz wrote:
>>>>>> [5571] 1336088306.8828: Selected etype info: etype aes256-cts, salt "SC.JPL.NASA.GOVhotz", params "
>>>>>> CoolKey PIN:
>>>>>> [5571] 1336088310.707006: Preauth module pkinit (16) (flags=1) returned: 12/Cannot allocate memory
>>>>>> [5571] 1336088310.708361: Preauth module pkinit (15) (flags=1) returned: 12/Cannot allocate memory
>>>>>
>>>>> That almost certainly indicates a bug--either in our code, the
>>>>> Scientific Linux packaging of it, or the PKCS11 library invoked for the
>>>>> PIV card.
>>>>
>>>>
>>>> What version of coolkey are you running? In the past coolkey only supported
>>>> the CAC cards. DOD has been moving to dual CAC and PIV cards. NASA cards may
>>>> be PIV only, thus may not work with some versions of coolkey.
>>>>
>>>> To test if it is a PKCS#11 issue, OpenSC has a pkcs11-spy module
>>>> that could be used to trace the PKCS#11 calls and results.
>>>>
>>>> export PKCS11SPY=/usr/lib64/pkcs11/libcoolkeypk11.so
>>>> kinit -X X509_user_identity=PKCS11:/path/to/pkcs11-spy.so hotz at SC.JPL.NASA.GOV
>>>>
>>>> OpenSC also has PKCS#11 and supports PIV.
>>>>
>>>
>>> I got coolkey-1.1.0-19 to build on Solaris 10 in 32 bit mode. (although
>>> some of the patches from the rpm to the 1.1.0 source did
>>> not apply cleanly and I have to make a minor modification for Solaris.)
>>>
>>> Using krb5-1.10.1 and the OpenSC pkcs11spy and a PIV card,
>>> I can see it reads the certificates, prompted for PIN and did a C_Sign operation
>>> but coolkey only returns 122 bytes rather then 128 bytes as expected for the signature.
>>>
>>> I then get a kinit: Message stream modified while getting initial credentials.
>>>
>>> So it looks like there are some problems in the coolkey code in processing the
>>> returned signature.
>>>
>>> Using the same card, with krb5-1.10.1 and OpenSC pkcs11 works.
>>>
>>>>
>>>>>
>>>>> Unfortunately, I think the next step is to grab the SRPM for krb5 and
>>>>> either (a) build with debugging symbols (and without optimization) and
>>>>> start poking around in gdb, or (b) build with the PKINIT debugging
>>>>> defines turned on and collect more information. Either is pretty
>>>>> time-consuming.
>>>>> _______________________________________________
>>>>> krbdev mailing list krbdev at mit.edu
>>>>> https://mailman.mit.edu/mailman/listinfo/krbdev
>>>>>
>>>>>
>>>>
>>>
>>> --
>>>
>>> Douglas E. Engert<DEEngert at anl.gov>
>>> Argonne National Laboratory
>>> 9700 South Cass Avenue
>>> Argonne, Illinois 60439
>>> (630) 252-5444
>>
>> ------------------------------------------------------
>> The opinions expressed in this message are mine,
>> not those of Caltech, JPL, NASA, or the US Government.
>> Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
>>
>>
>
>
>
> _______________________________________________
> krbdev mailing list             krbdev at mit.edu
> https://mailman.mit.edu/mailman/listinfo/krbdev

-- 

  Douglas E. Engert  <DEEngert at anl.gov>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444

More information about the krbdev mailing list