Pkcs11 ECDSA签名返回CKR_DATA_INVALID

huangapple go评论89阅读模式
英文:

Pkcs11 ECDSA signing returning CKR_DATA_INVALID

问题

我正在使用一个装有受信任证书的YubiKey上的PIV来与服务器进行双向TLS认证。我正在使用这个golang pkcs11库,它是对opensc-pkcs11.so的封装。

我正在使用YubiKey实现一个签名者接口,以便它可以作为私钥与Go的crypto/tls库一起使用。

我的签名函数如下所示(我已经在错误中添加了数据以进行调试):

func (signer *pkcs11PrivateKeyECDSA) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error) {
	return signer.yubi.dsaGeneric(signer.handle, pkcs11.CKM_ECDSA, digest)
}

func (yubi yubiInfo) dsaGeneric(key pkcs11.ObjectHandle, mechanism uint, digest []byte) ([]byte, error) {
	var err error
	var sigBytes []byte
	var sig dsaSignature
	mech := []*pkcs11.Mechanism{pkcs11.NewMechanism(mechanism, nil)}
	fmt.Println("Siging with key: ", key)
	if err = yubi.ctx.SignInit(yubi.ses, mech, key); err != nil {
		return nil, fmt.Errorf("signer init: %v", err)
	}
	sigBytes, err = yubi.ctx.Sign(yubi.ses, digest)
	if err != nil {
		return nil, fmt.Errorf("signer sign: %v, len: %d, \n %s", err, len(digest), string(digest))
	}
	err = sig.unmarshalBytes(sigBytes)
	if err != nil {
		return nil, err
	}

	return sig.marshalDER()
}

尝试使用上述代码中的签名者进行TLS握手会创建以下错误消息:

rpc error: code = Unavailable desc = connection error: desc = "transport: authentication handshake failed: signer sign: pkcs11: 0x20: CKR_DATA_INVALID, len: 32, \n ZX\xe0ތ\xcdў\xbf\xdeTh.\xacS\x1d\x89\xeeH\xe0\xf0$\xd1\xda\xf7\t\xfan:\xa7\b\xb6"

什么情况下会使摘要对签名者无效?根据我在网上找到的信息,这个错误意味着:

>CKR_DATA_INVALID:加密操作的明文输入数据无效。此返回值的优先级低于CKR_DATA_LEN_RANGE。

数据长度显然是正确的,pkcs11在签名之前还检查摘要的什么内容?

谢谢!

英文:

I am using a piv on a Yubikey loaded with trusted certificates to do mutual tls with a server. I am using this golang pkcs11 library
which is a wrapper over opensc-pkcs11.so

I am implementing a signer interface using the yubikey so that it can be used as a private key with go's crypo/tls library.

My signer function looks like this (I have added data in the error for debugging):

func (signer *pkcs11PrivateKeyECDSA) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error) {
	return signer.yubi.dsaGeneric(signer.handle, pkcs11.CKM_ECDSA, digest)
}

func (yubi yubiInfo) dsaGeneric(key pkcs11.ObjectHandle, mechanism uint, digest []byte) ([]byte, error) {
	var err error
	var sigBytes []byte
	var sig dsaSignature
	mech := []*pkcs11.Mechanism{pkcs11.NewMechanism(mechanism, nil)}
	fmt.Println("Siging with key: ", key)
	if err = yubi.ctx.SignInit(yubi.ses, mech, key); err != nil {
		return nil, fmt.Errorf("signer init: %v", err)
	}
	sigBytes, err = yubi.ctx.Sign(yubi.ses, digest)
	if err != nil {
		return nil, fmt.Errorf("signer sign: %v, len: %d, \n %s", err, len(digest), string(digest))
	}
	err = sig.unmarshalBytes(sigBytes)
	if err != nil {
		return nil, err
	}

	return sig.marshalDER()
}

Attempting to do a tls handshake with the signer in the above code creates the following error message:

 rpc error: code = Unavailable desc = connection error: desc = "transport: authentication handshake failed: signer sign: pkcs11: 0x20: CKR_DATA_INVALID, len: 32, \n ZX\xe0ތ\xcdў\xbf\xdeTh.\xacS\x1d\x89\xeeH\xe0\xf0$\xd1\xda\xf7\t\xfan:\xa7\b\xb6"

What might make a digest invalid to the signer? From what I found online that error means:

>CKR_DATA_INVALID: The plaintext input data to a cryptographic operation is invalid. This return value has lower priority than CKR_DATA_LEN_RANGE.

The data is the right length apparently, what else is pkcs11 checking in the digest before it signs?

Thanks!

答案1

得分: 0

插入的密钥是RSA密钥,而不是EC密钥,这意味着ECDSA操作失败了。

英文:

The key loaded into the slot was an RSA key, not an EC key meaning that doing ECDSA failed.

huangapple
  • 本文由 发表于 2021年7月29日 06:09:53
  • 转载请务必保留本文链接:https://go.coder-hub.com/68567889.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定