[openssl-dev] openssl pkeyutl unable to use keys on a PKCS11 token?

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Thu Dec 10 17:16:17 UTC 2015 

> From previous private conversations, can you comments on if this is a PIV or
> NEO with a PIV applet?

I certainly can – this is NEO with a PIV applet. But side-stepping – note
that openssl dgst appeared to work fine. See my other posting to this list,
and duplicated here:
$ pkcs15-tool --read-public-key 02 -o pub.key

Using reader with a card: Yubico Yubikey NEO OTP+U2F+CCID

Please enter PIN [PIV Card Holder pin]:

$ openssl dgst -engine pkcs11 -keyform engine -sign
"pkcs11:object=SIGN%20key;object-type=private;pin-value=123456" -sha256 -out
t.sig < config.h

engine "pkcs11" set.

$ openssl dgst -verify pub.key -keyform PEM -signature t.sig -sha256 <
config.h

Verified OK


> Did you generate a key on the card using the piv-tool or NEO tool?

At this moment (test setting) the keys were generated off-card, and loaded
on the token using NEO tools.
For production, of course they’ll be generated on the card (except for the
KEY MAN key) and certified elsewhere.

> Did you create a certificate  and load it on the card?  I assume not.

For production this assumption would be correct. But not for this case
(testing, "feeling the water", so to say).

But in any case, fully-configured certificates with all the necessary
attributes (Key Usage, Extended Key Usage, etc.) have been loaded.

> There is a chicken and egg problem with the PIV. To determine if a key is on
> the card, and its attributes,
> the public key that was saved during key generate step is needed. In normal
> use the public key is in the certificate,
> on the card. But if there is NO certificate on the card,  as when you are
> trying to generate the certificate, the OpenSC
> low level routines will look for the public key from a file off the card.

Got it. This will be very useful once I move to “real” from “testing”.

>  https://github.com/OpenSC/OpenSC/wiki/PivTool#generate-a-certificate-request
> 
> shows setting of the PIV_9A_KEY =  environment variable.
> In your case because you are using the "SIGN key"  you would need to set
> PIV_9C_KEY=path.to.pubkey.file.der
> This should  work with other programs like openssl pkeyutl too.
> 
> Once the certificate is then loaded, the PIV_9X_KEY environment variable will
> not be used. 

Got it. Thanks!




On 12/10/2015 9:38 AM, Blumenthal, Uri - 0553 - MITLL wrote:
> On 12/10/15, 3:39 , "openssl-dev on behalf of Richard Levitte"
> <openssl-dev-bounces at openssl.org on behalf of levitte at openssl.org>
> <mailto:openssl-dev-bounces at openssl.orgonbehalfoflevitte@openssl.org>  wrote:
> 
>> This is an odity with 'openssl pkeyutl'.  Try this option order:
> I see!
> 
>> LOAD_CERT_CTRL=true VERBOSE=7 openssl pkeyutl -engine pkcs11 -sign
>> -keyform engine -inkey
>> "pkcs11:object=SIGN%20key;object-type=private;pin-value=123456" -out
>> config.status.sig -in config.status.hash
> Much better now - but at this time I hit “unsupported algorithm”. The key
> in question is RSA-2048, with SHA256.
> 
> $ LOAD_CERT_CTRL=true VERBOSE=7 openssl pkeyutl -engine pkcs11 -sign
> -keyform engine -inkey
> "pkcs11:object=SIGN%20key;object-type=private;pin-value=123456" -out
> config.status.sig -in config.status.hash
> engine "pkcs11" set.
> Error initializing context
> 140735296230224:error:260C0065:engine
> routines:ENGINE_get_pkey_meth:unimplemented public key
> method:tb_pkmeth.c:128:
> 140735296230224:error:0609D09C:digital envelope
> routines:INT_CTX_NEW:unsupported algorithm:pmeth_lib.c:164:
> Usage: pkeyutl [options]
> -in file        input file
> -out file       output file
> -sigfile file signature file (verify operation only)
> -inkey file     input key
> -keyform arg    private key format - default PEM
> -pubin          input is a public key
> -certin         input is a certificate carrying a public key
> -pkeyopt X:Y    public key options
> -sign           sign with private key
> -verify         verify with public key
> -verifyrecover  verify with public key, recover original data
> -encrypt        encrypt with public key
> -decrypt        decrypt with private key
> -derive         derive shared secret
> -hexdump        hex dump output
> -engine e       use engine e, possibly a hardware device.
> -passin arg     pass phrase source
> $
> 
> 
> I observed exactly the same happening with the decryption key.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20151210/eaec1211/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4308 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20151210/eaec1211/attachment.bin>

More information about the openssl-dev mailing list