search

Mastercard / pkcs11-tools

A set of tools to manage objects on PKCS#11 cryptographic tokens. Compatible with many PKCS#11 library, including major HSM brands, NSS and softoken.
Other
162 stars 33 forks source link

C_WrapKey using AES key to wrap ED448 and ED25519 fails for CKM_AES_KEY_WRAP_PAD with CKR_KEY_NOT_WRAPPABLE #26

Closed harisubash closed 3 years ago

harisubash commented 3 years ago

Describe the bug C_WrapKey using AES key to wrap ED448 and ED25519 fails for CKM_AES_KEY_WRAP_PAD with CKR_KEY_NOT_WRAPPABLE

To Reproduce Steps to reproduce the behavior:

  1. Let's try wrapping a prime256v1 key with same steps and observe that it is successful.

p11keygen -k ec -q prime256v1 -i prime256v1-17 CKA_EXTRACTABLE=true -W 'wrappingkey="aes-sharing",algorithm=rfc5649,filename="prime256v1-key-wrapped.seck"'

+ p11keygen -k ec -q prime256v1 -i prime256v1-17 CKA_EXTRACTABLE=true -W 'wrappingkey="aes-sharing",algorithm=rfc5649,filename="prime256v1-key-wrapped.seck"'
Generating, please wait...
>>> key generated
>>> job #1: wrapping key 'prime256v1-17' with parameters 'wrappingkey="aes-sharing",algorithm=rfc5649,filename="prime256v1-key-wrapped.seck"'
key generation succeeded
  1. Repeat for ED25519 key

p11keygen -k ed -q ED25519 -i ED25519-17 CKA_EXTRACTABLE=true -W 'wrappingkey="aes-sharing",algorithm=rfc5649,filename="ED25519-key-wrapped.seck"'

+ p11keygen -k ed -q ED25519 -i ED25519-17 CKA_EXTRACTABLE=true -W 'wrappingkey="aes-sharing",algorithm=rfc5649,filename="ED25519-key-wrapped.seck"'
Generating, please wait...
>>> key generated
>>> job #1: wrapping key 'ED25519-17' with parameters 'wrappingkey="aes-sharing",algorithm=rfc5649,filename="ED25519-key-wrapped.seck"'
*** PKCS#11 Error: C_WrapKey() returned CKR_KEY_NOT_WRAPPABLE ( 0x00000069 )
***Warning: It didn't work with CKM_AES_KEY_WRAP_PAD
***Error: tried all mechanisms, no one worked
***Error: wrapping operation failed for wrapping job #1
some (1) wrapping jobs failed - returning code 1 (0x0001) to calling process
  1. p11keygen -k ed -q ED448 -i ED448-17 CKA_EXTRACTABLE=true -W 'wrappingkey="aes-sharing",algorithm=rfc5649,filename="ED448-key-wrapped.seck"'
+ p11keygen -k ed -q ED448 -i ED448-17 CKA_EXTRACTABLE=true -W 'wrappingkey="aes-sharing",algorithm=rfc5649,filename="ED448-key-wrapped.seck"'
Generating, please wait...
>>> key generated
>>> job #1: wrapping key 'ED448-17' with parameters 'wrappingkey="aes-sharing",algorithm=rfc5649,filename="ED448-key-wrapped.seck"'
*** PKCS#11 Error: C_WrapKey() returned CKR_KEY_NOT_WRAPPABLE ( 0x00000069 )
***Warning: It didn't work with CKM_AES_KEY_WRAP_PAD
***Error: tried all mechanisms, no one worked
***Error: wrapping operation failed for wrapping job #1
some (1) wrapping jobs failed - returning code 1 (0x0001) to calling process

Expected behavior

CKM_AES_KEY_WRAP_PAD should have been successful.

Screenshots image

Operating System (please complete the following information):

keldonin commented 3 years ago

Hi @harisubash , thanks for reporting this issue.

May I ask you what is the PKCS#11 library you are interfacing with?

Note that if you are using SoftHSMv2, the ability to wrap ED25519 and ED448 keys has just been committed to their repo, (https://github.com/opendnssec/SoftHSMv2/commit/6f866d041ddaee4f8e10fb98c6ab7eeb56bb8720) in their develop branch, and is not part of an official release yet.

harisubash commented 3 years ago

@keldonin Sorry I missed to mention that. You are right, I am using SoftHSMv2 library ( v2.6.1) Thank you so much for pointing out that it was not a part of the official release yet. While I wait for an official release, I will check it out from their "develop" branch as well.