[39332] in Kerberos
Re: Using PKINIT with ECC
daemon@ATHENA.MIT.EDU (Ken Hornstein via Kerberos)
Thu Jan 11 09:42:14 2024
Message-Id: <202401111441.40BEf6HH019591@hedwig.cmf.nrl.navy.mil>
To: Goetz Golla <mit@sec4mail.de>
cc: kerberos@mit.edu
In-Reply-To: <ffeca0f8-2646-4c63-88b2-e696f52bf24b@sec4mail.de>
MIME-Version: 1.0
Date: Thu, 11 Jan 2024 09:41:06 -0500
From: Ken Hornstein via Kerberos <kerberos@mit.edu>
Reply-To: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
>We had it working in November with Yubico's libykcs11 in a lab and in
>production tested by two independent people. Testing it again this year
>it failed. We are in the process of finding out what exactly we have
>tested in November.
>
>I am really confused now. I thought that the problem was in the opensc
>code and replacing it with Yubico's libykcs11, which officially supports
>ECC, should fix it.
>
>Now you seem to suggest that the problem is in the Kerberos code ?
Well, geez dude, this was back in November and I brought this up then.
But here is some snippets of the PKCS#11 code in MIT Kerberos:
When specifying the search parameters to find the private key:
keytype = CKK_RSA;
attrs[nattrs].type = CKA_KEY_TYPE;
attrs[nattrs].pValue = &keytype;
attrs[nattrs].ulValueLen = sizeof keytype;
nattrs++;
When setting the key signing mechanism:
/*
* We'd like to use CKM_SHA256_RSA_PKCS for signing if it's available, but
* historically many cards seem to be confused about whether they are
* capable of mechanisms or not. The safe thing seems to be to ignore the
* mechanism list, always use CKM_RSA_PKCS and calculate the sha256 digest
* ourselves.
*/
id_cryptoctx->mech = CKM_RSA_PKCS;
Those are all hardcoded use of RSA keys and signing mechanisms and it
doesn't handle ECC at all. So unless the Yubico library ignored the
key type and mechanism (which I think would be extremely unlikely but
not impossible) I suspect you were using RSA back during your original
testing and didn't realize it.
--Ken
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
