search

OP-TEE / optee_os

Trusted side of the TEE
Other
1.58k stars 1.06k forks source link

PKCS#11 TA key Import not working #5965

Closed embetrix closed 1 year ago

embetrix commented 1 year ago

Hello,

I generated self signed keys/certificates (RSA:2048) to test them with Optee 3.16 PKCS11 using a SSL connection on an STM32MP15F-DK2

I import the private key to Optee HSM:

root@stm32mp157f-dk2-e1-81-71:~# pkcs11-tool  --write-object ./server-key.der --type privkey --id 1234 --login  --module /usr/lib/libckteec.so.0
Using slot 0 with a present token (0x0)
Created private key:
Private Key Object; RSA 
  label:      
  ID:         1234
  Usage:      none
  Access:     sensitive

I created an openssl.cnf to use Optee as pkcs11 Module as follow:

# cat openssl.cnf 
#
# OpenSSL config to use Optee PKCS11 engine
#

openssl_conf = openssl_engine

[openssl_engine]
engines=engine_section

[engine_section]
pkcs11 = pkcs11_section

[pkcs11_section]
engine_id = pkcs11
#PIN=12345
MODULE_PATH = /usr/lib/libckteec.so.0
init = 0

[req]
distinguished_name = req_distinguished_name

[req_distinguished_name]

Then I started my openssl server using the private key from Optee HSM as follow:

root@stm32mp157f-dk2-e1-81-71:~# OPENSSL_CONF=openssl.cnf openssl s_server -www  -engine pkcs11 -keyform engine -key 1234 -cert server-cert.pem -C
Afile ca-cert.pem -accept 4433 -Verify 2
Engine "pkcs11" set.
verify depth is 2, must return a certificate
Using default temp DH parameters
ACCEPT

From a remote host I perform a simple curl using:

$ curl -v  --cert client-cert.pem --key client-key.pem --cacert ca-cert.pem https://stm32mp157f-dk2-e1-81-71.fritz.box:4433
*   Trying 192.168.178.101:4433...
* Connected to stm32mp157f-dk2-e1-81-71.fritz.box (192.168.178.101) port 4433 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: ca-cert.pem
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Request CERT (13):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS alert, internal error (592):
* error:0A000438:SSL routines::tlsv1 alert internal error
* Closing connection 0
curl: (35) error:0A000438:SSL routines::tlsv1 alert internal error

On the STM32mp1 Target I see the following Logs:

# OPENSSL_CONF=openssl.cnf openssl s_server -www  -engine pkcs11 -keyform engine -key 1234 -cert server-cert.pem -C
Afile ca-cert.pem -accept 4433 -Verify 2
Engine "pkcs11" set.
verify depth is 2, must return a certificate
Using default temp DH parameters
ACCEPT
20A0FDB6:error:41800070:PKCS#11 module:ERR_CKR_error:Mechanism invalid:../../git/src/p11_rsa.c:116:
20A0FDB6:error:0A080006:SSL routines:tls_construct_cert_verify:EVP lib:../openssl-3.0.8/ssl/statem/statem_lib.c:361:
embetrix commented 1 year ago

I did a simliar Setup using SoftHSMv2 on my target and it worked fine !

Here is my Setup with SoftHSMv2 (basically only specify another PKCS11 engine)

root@stm32mp157f-dk2-e1-81-71:~# pkcs11-tool  --write-object ./server-key.der --type privkey --id 1234 --login --module /usr/lib/softhsm/libsofths
m2.so
Using slot 0 with a present token (0x3a48e7d8)
Logging in to "token1".
Please enter User PIN: 
Created private key:
Private Key Object; RSA 
  label:      
  ID:         1234
  Usage:      decrypt, sign, unwrap
  Access:     sensitive
# cat openssl.cnf 
#
# OpenSSL config to use SoftHSM2 PKCS11 engine
#

openssl_conf = openssl_engine

[openssl_engine]
engines=engine_section

[engine_section]
pkcs11 = pkcs11_section

[pkcs11_section]
engine_id = pkcs11
MODULE_PATH = /usr/lib/softhsm/libsofthsm2.so
init = 0

[req]
distinguished_name = req_distinguished_name

[req_distinguished_name]

Server Log:

root@stm32mp157f-dk2-e1-81-71:~# OPENSSL_CONF=openssl.cnf openssl s_server -www -engine pkcs11 -keyform engine -key 1234 -cert server-cert.pem -CA
file ca-cert.pem -accept 4433 -Verify 2
Engine "pkcs11" set.
verify depth is 2, must return a certificate
Enter PKCS#11 token PIN for token1:
Using default temp DH parameters
ACCEPT
depth=1 O = "Embetrix ", CN = CA
verify return:1
depth=0 O = "Embetrix ", CN = CLIENT
verify return:1

Client request using curl from remote Host:

$  curl -v --cert client-cert.pem --key client-key.pem --cacert ca-cert.pem https://stm32mp157f-dk2-e1-81-71.fritz.box:4433
*   Trying 192.168.178.101:4433...
* Connected to stm32mp157f-dk2-e1-81-71.fritz.box (192.168.178.101) port 4433 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: ca-cert.pem
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Request CERT (13):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, CERT verify (15):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: O=Embetrix ; CN=stm32mp157f-dk2-e1-81-71.fritz.box
*  start date: Apr 15 12:31:37 2023 GMT
*  expire date: Dec 31 12:31:37 2042 GMT
*  common name: stm32mp157f-dk2-e1-81-71.fritz.box (matched)
*  issuer: O=Embetrix ; CN=CA
*  SSL certificate verify ok.
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET / HTTP/1.1
> Host: stm32mp157f-dk2-e1-81-71.fritz.box:4433
> User-Agent: curl/7.81.0
> Accept: */*
> 
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Mark bundle as not supporting multiuse
* HTTP 1.0, assume close after body
< HTTP/1.0 200 ok
< Content-type: text/html
< 
<HTML><BODY BGCOLOR="#ffffff">
<pre>

s_server -www -engine pkcs11 -keyform engine -key 1234 -cert server-cert.pem -CAfile ca-cert.pem -accept 4433 -Verify 2 
Secure Renegotiation IS supported
Ciphers supported in s_server binary
TLSv1.3    :TLS_AES_256_GCM_SHA384    TLSv1.3    :TLS_CHACHA20_POLY1305_SHA256 
TLSv1.3    :TLS_AES_128_GCM_SHA256    TLSv1.2    :ECDHE-ECDSA-AES256-GCM-SHA384 
TLSv1.2    :ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2    :DHE-RSA-AES256-GCM-SHA384 
TLSv1.2    :ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2    :ECDHE-RSA-CHACHA20-POLY1305 
TLSv1.2    :DHE-RSA-CHACHA20-POLY1305 TLSv1.2    :ECDHE-ECDSA-AES128-GCM-SHA256 
TLSv1.2    :ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2    :DHE-RSA-AES128-GCM-SHA256 
TLSv1.2    :ECDHE-ECDSA-AES256-SHA384 TLSv1.2    :ECDHE-RSA-AES256-SHA384   
TLSv1.2    :DHE-RSA-AES256-SHA256     TLSv1.2    :ECDHE-ECDSA-AES128-SHA256 
TLSv1.2    :ECDHE-RSA-AES128-SHA256   TLSv1.2    :DHE-RSA-AES128-SHA256     
TLSv1.0    :ECDHE-ECDSA-AES256-SHA    TLSv1.0    :ECDHE-RSA-AES256-SHA      
SSLv3      :DHE-RSA-AES256-SHA        TLSv1.0    :ECDHE-ECDSA-AES128-SHA    
TLSv1.0    :ECDHE-RSA-AES128-SHA      SSLv3      :DHE-RSA-AES128-SHA        
TLSv1.2    :RSA-PSK-AES256-GCM-SHA384 TLSv1.2    :DHE-PSK-AES256-GCM-SHA384 
TLSv1.2    :RSA-PSK-CHACHA20-POLY1305 TLSv1.2    :DHE-PSK-CHACHA20-POLY1305 
TLSv1.2    :ECDHE-PSK-CHACHA20-POLY1305 TLSv1.2    :AES256-GCM-SHA384         
TLSv1.2    :PSK-AES256-GCM-SHA384     TLSv1.2    :PSK-CHACHA20-POLY1305     
TLSv1.2    :RSA-PSK-AES128-GCM-SHA256 TLSv1.2    :DHE-PSK-AES128-GCM-SHA256 
TLSv1.2    :AES128-GCM-SHA256         TLSv1.2    :PSK-AES128-GCM-SHA256     
TLSv1.2    :AES256-SHA256             TLSv1.2    :AES128-SHA256             
TLSv1.0    :ECDHE-PSK-AES256-CBC-SHA384 TLSv1.0    :ECDHE-PSK-AES256-CBC-SHA  
SSLv3      :SRP-RSA-AES-256-CBC-SHA   SSLv3      :SRP-AES-256-CBC-SHA       
TLSv1.0    :RSA-PSK-AES256-CBC-SHA384 TLSv1.0    :DHE-PSK-AES256-CBC-SHA384 
SSLv3      :RSA-PSK-AES256-CBC-SHA    SSLv3      :DHE-PSK-AES256-CBC-SHA    
SSLv3      :AES256-SHA                TLSv1.0    :PSK-AES256-CBC-SHA384     
SSLv3      :PSK-AES256-CBC-SHA        TLSv1.0    :ECDHE-PSK-AES128-CBC-SHA256 
TLSv1.0    :ECDHE-PSK-AES128-CBC-SHA  SSLv3      :SRP-RSA-AES-128-CBC-SHA   
SSLv3      :SRP-AES-128-CBC-SHA       TLSv1.0    :RSA-PSK-AES128-CBC-SHA256 
TLSv1.0    :DHE-PSK-AES128-CBC-SHA256 SSLv3      :RSA-PSK-AES128-CBC-SHA    
SSLv3      :DHE-PSK-AES128-CBC-SHA    SSLv3      :AES128-SHA                
TLSv1.0    :PSK-AES128-CBC-SHA256     SSLv3      :PSK-AES128-CBC-SHA        
---
Ciphers common between both SSL end points:
TLS_AES_256_GCM_SHA384     TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256    
ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-GCM-SHA384 
ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-RSA-CHACHA20-POLY1305 DHE-RSA-CHACHA20-POLY1305 
ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-GCM-SHA256 
ECDHE-ECDSA-AES256-SHA384  ECDHE-RSA-AES256-SHA384    DHE-RSA-AES256-SHA256     
ECDHE-ECDSA-AES128-SHA256  ECDHE-RSA-AES128-SHA256    DHE-RSA-AES128-SHA256     
ECDHE-ECDSA-AES256-SHA     ECDHE-RSA-AES256-SHA       DHE-RSA-AES256-SHA        
ECDHE-ECDSA-AES128-SHA     ECDHE-RSA-AES128-SHA       DHE-RSA-AES128-SHA        
AES256-GCM-SHA384          AES128-GCM-SHA256          AES256-SHA256             
AES128-SHA256              AES256-SHA                 AES128-SHA
Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224:DSA+SHA224:DSA+SHA256:DSA+SHA384:DSA+SHA512
Shared Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Supported groups: x25519:secp256r1:x448:secp521r1:secp384r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
Shared groups: x25519:secp256r1:x448:secp521r1:secp384r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: AECDB043F2DD3F177A56F0C9AC9AE7F5B8A7762F546D4B4AAEBDD98BEF9A02C7
    Session-ID-ctx: 01000000
    Resumption PSK: DD19D0BD7CB2BA5D10843CC9E20FC61FC07C9A88C9A4A44C66B03F4C0D6CA192065375829EBEDD996C7F3894CE8C7234
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1681562393
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0
---
   0 items in the session cache
   0 client connects (SSL_connect())
   0 client renegotiates (SSL_connect())
   0 client connects that finished
   2 server accepts (SSL_accept())
   0 server renegotiates (SSL_accept())
   2 server accepts that finished
   0 session cache hits
   0 session cache misses
   0 session cache timeouts
   0 callback cache hits
   0 cache full overflows (128 allowed)
---
Client certificate
Certificate:
    Data:
        Version: 1 (0x0)
        Serial Number: 1 (0x1)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: O=Embetrix , CN=CA
        Validity
            Not Before: Apr 15 12:31:38 2023 GMT
            Not After : Dec 31 12:31:38 2042 GMT
        Subject: O=Embetrix , CN=CLIENT
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:db:a4:a5:0c:45:f9:c1:25:d9:b9:c9:b2:2a:
                    4c:0c:4c:bc:36:6a:75:40:39:97:d1:78:67:b7:ff:
                    06:fc:b1:a9:6d:d5:a0:d2:c6:d2:0b:9d:41:55:de:
                    82:a3:20:a4:0a:28:bf:fd:2e:f8:7b:6f:6f:3c:af:
                    3d:2d:2b:48:22:ec:06:be:c4:02:6e:74:4e:7b:80:
                    3d:07:79:68:fb:7c:c3:36:11:ec:21:60:28:53:bd:
                    be:67:e8:5f:8a:29:c9:49:79:1d:b6:9a:bf:8b:5c:
                    ae:70:f0:57:92:d6:e7:f9:6b:03:35:ec:d3:77:20:
                    e1:40:b8:a0:c9:0d:1b:64:24:c6:59:cb:d4:94:bf:
                    cc:67:40:9b:63:15:b3:9c:db:f8:0d:35:71:b9:31:
                    a0:52:68:ca:b8:05:5e:f6:d6:2c:ea:c4:34:38:b4:
                    cc:ff:ab:c5:76:75:07:0a:3e:4c:40:c8:31:a3:ee:
                    35:75:04:e3:27:87:6f:5d:3f:4e:d7:3b:12:d9:cf:
                    0d:d7:90:f4:84:cf:9c:ac:59:e3:7b:10:5c:5d:b9:
                    4d:85:f8:42:af:d2:cb:aa:05:1f:ba:a1:27:1d:4e:
                    bb:7a:34:18:be:0e:84:7a:55:4d:e4:1d:9c:33:73:
                    51:51:81:18:55:89:a2:ae:c6:df:08:06:2b:d9:60:
                    07:bb
                Exponent: 65537 (0x10001)
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        24:82:cb:72:0b:bd:b7:a2:64:de:22:55:ec:3a:7c:20:24:97:
        cb:50:12:47:62:b8:82:f5:9e:4e:aa:b9:13:59:30:e7:6a:c0:
        7c:87:d8:ab:e1:d8:eb:78:f9:61:17:07:6a:41:8c:ee:00:47:
        75:4e:43:d9:dd:4a:e7:25:d8:61:45:e4:94:a1:84:73:a6:a7:
        9e:d7:4a:cc:4a:65:2e:21:77:25:59:75:83:e1:c0:31:ec:a4:
        31:ca:17:00:48:32:59:6c:e9:fe:04:6d:21:af:c8:0f:82:99:
        ef:58:fc:c6:c8:72:1d:90:7e:16:0f:4c:28:34:fc:00:82:98:
        f0:4d:16:51:c3:19:7a:51:06:2f:4b:c4:b3:da:24:bb:16:91:
        b5:b2:4b:85:7e:36:df:73:b4:b8:ca:0d:dc:7b:5c:a5:55:06:
        71:56:f1:22:40:50:f5:2b:50:fa:7c:f5:ce:8a:82:2f:b4:59:
        c9:ae:2f:84:8e:8c:68:55:3a:37:0b:66:fe:9e:f2:60:99:be:
        1f:d2:65:07:05:2c:f7:46:27:c3:ba:11:b9:2d:53:1b:96:5f:
        51:4c:8d:f8:f7:b3:4d:8a:37:89:fd:29:a6:b1:90:b0:bb:51:
        b6:86:5b:80:dd:e5:b4:61:c9:b8:ec:31:11:d4:e7:72:2e:a1:
        66:0f:4d:2a
-----BEGIN CERTIFICATE-----
MIICujCCAaICAQEwDQYJKoZIhvcNAQELBQAwITESMBAGA1UECgwJRW1iZXRyaXgg
MQswCQYDVQQDDAJDQTAeFw0yMzA0MTUxMjMxMzhaFw00MjEyMzExMjMxMzhaMCUx
EjAQBgNVBAoMCUVtYmV0cml4IDEPMA0GA1UEAwwGQ0xJRU5UMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29ukpQxF+cEl2bnJsipMDEy8Nmp1QDmX0Xhn
t/8G/LGpbdWg0sbSC51BVd6CoyCkCii//S74e29vPK89LStIIuwGvsQCbnROe4A9
B3lo+3zDNhHsIWAoU72+Z+hfiinJSXkdtpq/i1yucPBXktbn+WsDNezTdyDhQLig
yQ0bZCTGWcvUlL/MZ0CbYxWznNv4DTVxuTGgUmjKuAVe9tYs6sQ0OLTM/6vFdnUH
Cj5MQMgxo+41dQTjJ4dvXT9O1zsS2c8N15D0hM+crFnjexBcXblNhfhCr9LLqgUf
uqEnHU67ejQYvg6EelVN5B2cM3NRUYEYVYmirsbfCAYr2WAHuwIDAQABMA0GCSqG
SIb3DQEBCwUAA4IBAQAkgstyC723omTeIlXsOnwgJJfLUBJHYriC9Z5OqrkTWTDn
asB8h9ir4djrePlhFwdqQYzuAEd1TkPZ3UrnJdhhReSUoYRzpqee10rMSmUuIXcl
WXWD4cAx7KQxyhcASDJZbOn+BG0hr8gPgpnvWPzGyHIdkH4WD0woNPwAgpjwTRZR
wxl6UQYvS8Sz2iS7FpG1skuFfjbfc7S4yg3ce1ylVQZxVvEiQFD1K1D6fPXOioIv
tFnJri+EjoxoVTo3C2b+nvJgmb4f0mUHBSz3RifDuhG5LVMbll9RTI3497NNijeJ
/SmmsZCwu1G2hluA3eW0Ycm47DER1OdyLqFmD00q
-----END CERTIFICATE-----
</pre></BODY></HTML>

* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS alert, close notify (256):
* Closing connection 0
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS alert, close notify (256):
embetrix commented 1 year ago

I generated instead now ECC Keys/Certs and imported the private key into Optee:

# pkcs11-tool  --write-object ./server-key.der  --type privkey --id 1235 --login --module /usr/lib/libckteec.so.0
Using slot 0 with a present token (0x0)
Created private key:
Private Key Object; EC
  label:      
  ID:         1235
  Usage:      decrypt
  Access:     sensitive

It looks like it something not working with that:

root@stm32mp157f-dk2-e1-81-71:~# OPENSSL_CONF=openssl-optee.cnf openssl s_server -www  -engine pkcs11 -keyform engine -key 1235 -cert server-cert.pem -CAfile ca-cert.pem -accept 4433 -Verify 2
Engine "pkcs11" set.
verify depth is 2, must return a certificate
Using default temp DH parameters
error setting private key
20A0F1B6:error:05800075:x509 certificate routines:X509_check_private_key:unknown key type:../openssl-3.0.7/crypto/x509/x509_cmp.c:411:
embetrix commented 1 year ago

I had similar issue making it work with Softhsm and it looks like import using pkcs11-tool is not working for ECC I used instead softhsm2-util and key in PKCS8 format:

root@stm32mp157f-dk2-e1-81-71:~# softhsm2-util --import server-key.pkcs8 --token "token1" --label "server-key" --id 1235 --pin 12345  --force

What is the proper way to import keys in Optee PKCS#11 TA ?

embetrix commented 1 year ago

I generated the key using Optee PKCS11 and send the CSR to be signed on my Host and send back the certificates to the target.

SSL Connection is working :-)

The problem is defintely related to importing of RSA/ECC Keys in Optee

github-actions[bot] commented 1 year ago

This issue has been marked as a stale issue because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment, otherwise this issue will automatically be closed in 5 days. Note, that you can always re-open a closed issue at any time.

etienne-lms commented 1 year ago

Dear maintainers, please keep the Issue alive.

Sorry not being responsive on this. Maybe an OP-TEE/QEMU based setup would help other to understand the issue. I'll try to spend some time on it.

github-actions[bot] commented 1 year ago

This issue has been marked as a stale issue because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment, otherwise this issue will automatically be closed in 5 days. Note, that you can always re-open a closed issue at any time.

etienne-lms commented 1 year ago

Sorry, no time to work on this. This is 3.16.0, any news on a more recent tag?

embetrix commented 1 year ago

@etienne-lms : tested it with 3.19 on imx8 still not working

vesajaaskelainen commented 1 year ago

EC key import is known issue: https://github.com/OP-TEE/optee_os/issues/5165

RSA key import should work. Did not spot instantly code snippet for that... May have used python-pkcs11 for that.

embetrix commented 1 year ago

@vesajaaskelainen RSA import is not working neither

vesajaaskelainen commented 1 year ago

@vesajaaskelainen RSA import is not working neither

As far I can see RSA key import works:

root@qemuarm64-secureboot:~# dmesg | grep optee
[    3.432901] optee: probing for conduit method.
[    3.437219] optee: revision 3.22 (a61bc392)
[    3.448279] optee: dynamic shared memory is enabled
[    3.472955] optee: initialized driver
root@qemuarm64-secureboot:~# export PKCS11_MODULE=/usr/lib/libckteec.so.0
root@qemuarm64-secureboot:~# export PKCS11_SLOT=0
root@qemuarm64-secureboot:~# export PKCS11_TOKEN=device
root@qemuarm64-secureboot:~# export PKCS11_SO_PIN=1234567890
root@qemuarm64-secureboot:~# export PKCS11_USER_PIN=1234
root@qemuarm64-secureboot:~# export PKCS11_OBJECT_ID=112233
root@qemuarm64-secureboot:~# export PKCS11_OBJECT_LABEL=myImportedKey
root@qemuarm64-secureboot:~# pkcs11-tool --module ${PKCS11_MODULE} --slot-index ${PKCS11_SLOT} --init-token --label ${PKCS11_TOKEN} --so-pin ${PKCS11_SO_PIN}
Using slot with index 0 (0x0)
Token successfully initialized
root@qemuarm64-secureboot:~# pkcs11-tool --module ${PKCS11_MODULE} --slot-index ${PKCS11_SLOT} --init-pin --login --so-pin ${PKCS11_SO_PIN} --new-pin ${PKCS11_USER_PIN}
Using slot with index 0 (0x0)
User PIN successfully initialized
root@qemuarm64-secureboot:~# pkcs11-tool --module ${PKCS11_MODULE} --list-slots
Available slots:
Slot 0 (0x0): OP-TEE PKCS11 TA - TEE UUID 94e9ab89-4c43-56ea-8b35-45dc07226830
  token label        : device
  token manufacturer : Linaro
  token model        : OP-TEE TA
  token flags        : login required, rng, token initialized, PIN initialized
  hardware version   : 0.0
  firmware version   : 0.1
  serial num         : 0000000000000000
  pin min/max        : 4/128
Slot 1 (0x1): OP-TEE PKCS11 TA - TEE UUID 94e9ab89-4c43-56ea-8b35-45dc07226830
  token state:   uninitialized
Slot 2 (0x2): OP-TEE PKCS11 TA - TEE UUID 94e9ab89-4c43-56ea-8b35-45dc07226830
  token state:   uninitialized
root@qemuarm64-secureboot:~# pkcs11-tool --module ${PKCS11_MODULE} --token ${PKCS11_TOKEN} --login --pin ${PKCS11_USER_PIN} --list-objects
root@qemuarm64-secureboot:~# openssl genrsa -out /tmp/private-key.pem 2048
root@qemuarm64-secureboot:~# openssl rsa -in /tmp/private-key.pem -outform DER -out /tmp/private-key.der
writing RSA key
root@qemuarm64-secureboot:~# pkcs11-tool --module ${PKCS11_MODULE} --token ${PKCS11_TOKEN} --login --pin ${PKCS11_USER_PIN} --write-object /tmp/private-key.der --type privkey --id ${PKCS11_OBJECT_ID} --label ${PKCS11_OBJECT_LABEL} --usage-sign --usage-derive
Created private key:
Private Key Object; RSA 
  label:      myImportedKey
  ID:         112233
  Usage:      sign, derive
  Access:     sensitive
root@qemuarm64-secureboot:~# pkcs11-tool --module ${PKCS11_MODULE} --token ${PKCS11_TOKEN} --login --pin ${PKCS11_USER_PIN} --list-objects
Private Key Object; RSA 
  label:      myImportedKey
  ID:         112233
  Usage:      sign, derive
  Access:     sensitive
root@qemuarm64-secureboot:~# echo "Hello World!" > /tmp/data.bin
root@qemuarm64-secureboot:~# pkcs11-tool --module ${PKCS11_MODULE} --token ${PKCS11_TOKEN} --login --pin ${PKCS11_USER_PIN} --sign --label ${PKCS11_OBJECT_LABEL} --mechanism RSA-PKCS --input-file /tmp/data.bin --output-file /tmp/data.bin.sig
Using signature algorithm RSA-PKCS
root@qemuarm64-secureboot:~# openssl pkeyutl -verify -in /tmp/data.bin -inkey /tmp/private-key.der -sigfile /tmp/data.bin.sig
Signature Verified Successfully
embetrix commented 1 year ago

@vesajaaskelainen thanks for trying out, sorry but there is a misunderstanding about the issue, my bad:

The Import command works fine for me (see above) for both ECC/RSA but the imported keys can NOT be used from Optee PKC11 .

vesajaaskelainen commented 1 year ago

@vesajaaskelainen thanks for trying out, sorry but there is a misunderstanding about the issue, my bad:

The Import command works fine for me (see above) for both ECC/RSA but the imported keys can NOT be used from Optee PKC11 .

Please see updated comment.

Check for:

  Usage:      sign, derive

And if you have problem with RSA key please provide commands that proves that it does not work.

embetrix commented 1 year ago

@vesajaaskelainen here is my output:

# openssl genrsa -out /tmp/private-key.pem 2048
# openssl rsa -in /tmp/private-key.pem -outform DER -out /tmp/private-key.der
writing RSA key
# pkcs11-tool  --write-object /tmp/private-key.der  --type privkey --id 1235 --login --module /usr/lib/libckteec.so.0 --usage-sign --usage-derive                                                                                                               
Using slot 0 with a present tokenI/TA: PKCS11 session 1: login
 (0x0)
Created private key:
Private Key Object; RSA 
  label:      
  ID:         1235
  Usage:      sign, derive
  Access:     sensitive
# cat > openssl.cnf << EOF
> #
> # OpenSSL config to use PKCS11 engine
> #
> 
> openssl_conf = openssl_engine
> 
> [openssl_engine]
> engines=engine_section
> 
> [engine_section]
> pkcs11 = pkcs11_section
> 
> [pkcs11_section]
> engine_id = pkcs11
> MODULE_PATH = /usr/lib/libckteec.so.0
> init = 0
> 
> [req]
> distinguished_name = req_distinguished_name
> 
> [req_distinguished_name]
> 
> EOF
# OPENSSL_CONF=openssl.cnf openssl req -engine pkcs11 -new -key 1235 -keyform engine -out cert.pem -text -x509 -subj "/O=Embexus/CN=HSM-Test/emailAddress=info@embetrix.com"                                                                                     
Engine "pkcs11" set.
I/TA: PKCS11 session 1: login
20100FBCFFFF0000:error:41800068:PKCS#11 module:ERR_CKR_error:Key function not permitted:../../git/src/p11_rsa.c:116:
20100FBCFFFF0000:error:06880006:asn1 encoding routines:ASN1_item_sign_ctx:EVP lib:../openssl-3.0.9/crypto/asn1/a_sign.c:284:
embetrix commented 1 year ago

I'm using the 3.19 version I get different results when signing with pkcs11-tool:

# pkcs11-tool --module /usr/lib/libckteec.so.0 --token optee-hsm --login  --sign --id 1235 --mechanism RSA-PKCS --input-file /tmp/data.bin --output-file /tmp/data.bin.sig
I/TA: PKCS11 session 1: login
Using signature algorithm RSA-PKCS
E/TA:  check_mechanism_against_processing:140 Processing 0x1/RSA_PKCS not permitted (8/2)
error: PKCS11 function C_SignUpdate failed: rv = CKR_MECHANISM_INVALID (0x70)
Aborting.
vesajaaskelainen commented 1 year ago

openssl req -engine pkcs11 -new -key 1235 -keyform engine -out cert.pem -text -x509 -subj "/O=Embexus/CN=HSM-Test/emailAddress=info@embetrix.com"

If you do like this (with object label):

root@qemuarm64-secureboot:~# openssl req -engine pkcs11 -new -key "pkcs11:token=${PKCS11_TOKEN};object=${PKCS11_OBJECT_LABEL};type=private?pin-value=${PKCS11_USER_PIN}" -keyform engine -out cert.pem -text -x509 -subj "/O=Embexus/CN=HSM-Test/emailAddress=info@e
mbetrix.com"
Engine "pkcs11" set.
root@qemuarm64-secureboot:~# openssl x509 -in cert.pem -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:67:12:1e:96:80:e1:3d:59:f3:86:36:c9:e1:75:a0:dc:e7:42:27
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: O = Embexus, CN = HSM-Test, emailAddress = info@embetrix.com
        Validity
            Not Before: Jul 24 08:10:21 2023 GMT
            Not After : Aug 23 08:10:21 2023 GMT
        Subject: O = Embexus, CN = HSM-Test, emailAddress = info@embetrix.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:27:f5:01:59:dd:b8:5d:de:a0:20:f7:ba:dd:
                    33:79:2f:63:e4:4f:82:9f:8f:3c:9f:85:36:28:dc:
                    c1:4e:cb:6b:69:c6:94:ba:89:a9:fc:8e:54:de:1e:
                    08:6c:8f:68:ea:27:88:62:60:d2:91:e8:04:30:f3:
                    32:52:da:bb:b1:f9:1b:cf:59:0f:1e:f6:21:93:63:
                    a4:24:f1:3a:c1:6b:5b:16:16:3f:c9:43:d9:47:2b:
                    fe:17:88:ca:23:6e:e5:82:98:d1:90:ac:95:2e:68:
                    df:60:92:76:42:5a:29:85:09:a3:8a:a2:d1:72:4a:
                    99:d3:c5:ba:db:88:7b:65:d5:92:93:2d:e8:90:d0:
                    01:ad:fb:d3:80:67:03:79:f9:d3:5c:bf:82:23:72:
                    34:88:d9:1f:92:7c:15:e6:cc:d9:56:0e:ac:c8:a0:
                    eb:70:53:ba:50:8c:d7:54:25:31:80:6f:1a:77:9c:
                    ab:87:ad:1c:e8:4a:42:40:5b:3e:86:87:a3:d4:fa:
                    10:1e:d0:2f:1d:de:cf:a1:4a:7f:4c:29:1e:32:89:
                    27:43:13:3b:f5:10:4f:53:35:2e:f1:b7:f1:ff:e9:
                    a3:9f:69:90:50:90:d0:ab:6b:7c:e1:26:e6:9d:39:
                    71:20:3f:d2:86:9b:22:63:7d:ff:d1:16:d7:74:41:
                    32:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                88:0D:D5:EC:2D:11:E6:C6:2B:A7:2B:D8:09:B8:30:1D:E0:9C:BC:22
            X509v3 Authority Key Identifier: 
                88:0D:D5:EC:2D:11:E6:C6:2B:A7:2B:D8:09:B8:30:1D:E0:9C:BC:22
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        07:12:45:19:95:70:81:2b:ff:d5:f9:12:04:38:d3:6d:b2:d1:
        61:bc:cf:3c:cb:15:dc:dc:83:26:ae:d4:c3:53:51:4c:89:fa:
        ea:1f:2a:f7:02:5d:39:18:f8:7b:0e:ab:e6:47:ee:5b:54:52:
        ae:d9:9d:6e:60:ac:cf:67:16:96:79:64:97:99:5f:0f:92:2a:
        db:15:7c:2e:83:0e:fa:74:4d:34:0c:15:0f:2c:46:4d:ab:8d:
        31:03:45:2b:23:e6:6c:be:60:23:5d:18:2d:39:1a:b0:51:92:
        97:05:6d:71:77:f5:f2:6a:4a:e5:2c:a9:60:c6:2f:9b:d1:7a:
        b8:2e:69:7d:08:ab:e7:8b:27:02:b7:ba:34:9c:0f:2c:b9:16:
        6e:16:a7:5a:da:b8:2b:2d:e7:a4:9c:e5:63:e7:0d:eb:8b:e5:
        5d:68:a6:9d:8f:97:09:ab:f6:9f:2a:09:0a:3d:06:65:ef:fb:
        45:6b:40:78:6f:8e:8e:ad:fc:16:43:42:a9:31:ff:60:07:8e:
        b4:38:78:df:df:9e:a4:84:33:93:c8:f3:42:f8:32:8d:02:f4:
        fc:b5:c4:18:e8:f3:a9:4c:b8:3f:a7:13:7e:f8:fa:0d:72:b3:
        31:3c:f7:f5:36:cc:b3:75:cc:9e:aa:3d:f3:45:96:29:98:76:
        36:ed:d4:83

or with object ID:

root@qemuarm64-secureboot:~# openssl req -engine pkcs11 -new -key "pkcs11:token=${PKCS11_TOKEN};id=%11%22%33;type=private?pin-value=${PKCS11_USER_PIN}" -keyform engine -out cert.pem -text -x509 -subj "/O=Embexus/CN=HSM-Test/emailAddress=info@embetrix.com"
Engine "pkcs11" set.
embetrix commented 1 year ago

I don't think there is an issue with object label since it works when using a private key generated from the HSM

vesajaaskelainen commented 1 year ago

check_mechanism_against_processing

A bit weird location for failure. I suppose it is in this code path: https://github.com/OP-TEE/optee_os/blob/3.19.0/ta/pkcs11/src/pkcs11_attributes.c#L81-L82

There really hasn't been too much activity on this code area since 3.19.

Here is my output for legacy and deprecated method for key selection (to be disabled in future libp11 pkcs11 engine -- only PKCS11 URI will be available in future):

root@qemuarm64-secureboot:~# openssl req -engine pkcs11 -new -key ${PKCS11_OBJECT_ID} -keyform engine -out cert.pem -text -x509 -subj "/O=Embexus/CN=HSM-Test/emailAddress=info@embetrix.com"
Engine "pkcs11" set.
Enter PKCS#11 token PIN for device:

and matching trace:

I/TA: PKCS11 session 1: login
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_LOGIN rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_FIND_OBJECTS_INIT p#0 35@0x40018000, p#1 --- 0@0x0, p#2 --- 0@0x0
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_FIND_OBJECTS_INIT rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_FIND_OBJECTS p#0 4@0x40019000, p#1 --- 0@0x0, p#2 out 4@0x40018000
D/TA:  entry_find_objects:699 PKCS11 session 1: finding objects
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_FIND_OBJECTS rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_FIND_OBJECTS_FINAL p#0 4@0x40018000, p#1 --- 0@0x0, p#2 --- 0@0x0
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_FIND_OBJECTS_FINAL rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_GET_ATTRIBUTE_VALUE p#0 28@0x40019000, p#1 --- 0@0x0, p#2 out 20@0x40018000
D/TA:  entry_get_attribute_value:903 PKCS11 session 1: get attributes 0x1
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_GET_ATTRIBUTE_VALUE rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_GET_ATTRIBUTE_VALUE p#0 28@0x40019000, p#1 --- 0@0x0, p#2 out 20@0x40018000
D/TA:  entry_get_attribute_value:903 PKCS11 session 1: get attributes 0x1
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_GET_ATTRIBUTE_VALUE rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_GET_ATTRIBUTE_VALUE p#0 279@0x40019000, p#1 --- 0@0x0, p#2 out 271@0x40018000
D/TA:  entry_get_attribute_value:903 PKCS11 session 1: get attributes 0x1
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_GET_ATTRIBUTE_VALUE rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_GET_ATTRIBUTE_VALUE p#0 24@0x40019000, p#1 --- 0@0x0, p#2 out 16@0x40018000
D/TA:  entry_get_attribute_value:903 PKCS11 session 1: get attributes 0x1
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_GET_ATTRIBUTE_VALUE rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_GET_ATTRIBUTE_VALUE p#0 37@0x40019000, p#1 --- 0@0x0, p#2 out 29@0x40018000
D/TA:  entry_get_attribute_value:903 PKCS11 session 1: get attributes 0x1
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_GET_ATTRIBUTE_VALUE rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_GET_ATTRIBUTE_VALUE p#0 25@0x40019000, p#1 --- 0@0x0, p#2 out 17@0x40018000
D/TA:  entry_get_attribute_value:903 PKCS11 session 1: get attributes 0x1
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_GET_ATTRIBUTE_VALUE rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_GET_ATTRIBUTE_VALUE p#0 24@0x40019000, p#1 --- 0@0x0, p#2 out 16@0x40018000
D/TA:  entry_get_attribute_value:903 PKCS11 session 1: get attributes 0x1
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_GET_ATTRIBUTE_VALUE rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_GET_ATTRIBUTE_VALUE p#0 280@0x40019000, p#1 --- 0@0x0, p#2 out 272@0x40018000
D/TA:  entry_get_attribute_value:903 PKCS11 session 1: get attributes 0x1
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_GET_ATTRIBUTE_VALUE rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_GET_ATTRIBUTE_VALUE p#0 24@0x40019000, p#1 --- 0@0x0, p#2 out 16@0x40018000
D/TA:  entry_get_attribute_value:903 PKCS11 session 1: get attributes 0x1
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_GET_ATTRIBUTE_VALUE rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_GET_ATTRIBUTE_VALUE p#0 27@0x40019000, p#1 --- 0@0x0, p#2 out 19@0x40018000
D/TA:  entry_get_attribute_value:903 PKCS11 session 1: get attributes 0x1
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_GET_ATTRIBUTE_VALUE rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_GET_ATTRIBUTE_VALUE p#0 24@0x40019000, p#1 --- 0@0x0, p#2 out 16@0x40018000
D/TA:  entry_get_attribute_value:903 PKCS11 session 1: get attributes 0x1
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_GET_ATTRIBUTE_VALUE rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_GET_ATTRIBUTE_VALUE p#0 280@0x40019000, p#1 --- 0@0x0, p#2 out 272@0x40018000
D/TA:  entry_get_attribute_value:903 PKCS11 session 1: get attributes 0x1
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_GET_ATTRIBUTE_VALUE rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_GET_ATTRIBUTE_VALUE p#0 24@0x40019000, p#1 --- 0@0x0, p#2 out 16@0x40018000
D/TA:  entry_get_attribute_value:903 PKCS11 session 1: get attributes 0x1
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_GET_ATTRIBUTE_VALUE rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_GET_ATTRIBUTE_VALUE p#0 27@0x40019000, p#1 --- 0@0x0, p#2 out 19@0x40018000
D/TA:  entry_get_attribute_value:903 PKCS11 session 1: get attributes 0x1
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_GET_ATTRIBUTE_VALUE rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_SIGN_INIT p#0 16@0x40018000, p#1 --- 0@0x0, p#2 --- 0@0x0
F/TC:? 0 trace_syscall:150 syscall #8 (syscall_check_access_rights)
F/TC:? 0 trace_syscall:150 syscall #27 (syscall_cryp_obj_alloc)
F/TC:? 0 trace_syscall:150 syscall #15 (syscall_cryp_state_alloc)
F/TC:? 0 trace_syscall:150 syscall #24 (syscall_cryp_obj_get_info)
F/TC:? 0 trace_syscall:150 syscall #24 (syscall_cryp_obj_get_info)
F/TC:? 0 trace_syscall:150 syscall #29 (syscall_cryp_obj_reset)
F/TC:? 0 trace_syscall:150 syscall #24 (syscall_cryp_obj_get_info)
F/TC:? 0 trace_syscall:150 syscall #24 (syscall_cryp_obj_get_info)
F/TC:? 0 trace_syscall:150 syscall #31 (syscall_cryp_obj_copy)
D/TA:  entry_processing_init:672 PKCS11 session 1: init processing RSA_PKCS SIGN
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_SIGN_INIT rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_SIGN_ONESHOT p#0 4@0x4001a000, p#1 in 51@0x40019150, p#2 out 256@0x40018ea0
F/TC:? 0 trace_syscall:150 syscall #8 (syscall_check_access_rights)
F/TC:? 0 trace_syscall:150 syscall #8 (syscall_check_access_rights)
F/TC:? 0 trace_syscall:150 syscall #39 (syscall_asymm_operate)
F/TC:? 0 trace_syscall:150 syscall #17 (syscall_cryp_state_free)
D/TA:  TA_InvokeCommandEntryPoint:364 PKCS11_CMD_SIGN_ONESHOT rc 0/OK
D/TA:  TA_InvokeCommandEntryPoint:143 PKCS11_CMD_CLOSE_ALL_SESSIONS p#0 4@0x40018000, p#1 --- 0@0x0, p#2 --- 0@0x0
D/TA:  entry_ck_close_all_sessions:768 Close all sessions for PKCS11 token 0
D/TA:  close_ck_session:703 Close PKCS11 session 1

You can enable above level traces with:

+    CFG_TEE_CORE_LOG_LEVEL=4 \
+    CFG_TEE_TA_LOG_LEVEL=4 \

Now what affects what goes in here is pkcs11 engine you are using and its version.

Openssl has had some bugs in 3.0.x series that could affect.

What is special in your setup? What CPU? Some chipset vendor variant of OP-TEE?

embetrix commented 1 year ago

the cpu is an imx8mp and optee version is https://github.com/nxp-imx/imx-optee-os/tree/lf-5.15.71_2.2.0 based on 3.19

the pkc11 TA does not look different from the mainline one : https://github.com/nxp-imx/imx-optee-os/commits/lf-5.15.71_2.2.0/ta/pkcs11

vesajaaskelainen commented 1 year ago

This is on i.MX 6SoloX with tree based on https://github.com/nxp-imx/imx-optee-os/tree/lf-6.1.1_1.0.0.

On top of tree there are some upstream changes after 3.19.0 mainly to keep our imx-optee-os tree in sync with zynqs tree based on upstream optee-os.

Only change that is related on pkcs11 in there is: HACK: ta: pkcs11: Relax handling of empty allowed mechanisms list to relax handling for empty allowed mecha list as we had a preview version of pkcs11 ta in use. And do not yet have object migration/fixup in place.

Did ramdisk boot and tested it out:

mydevice ~ # uname -a
Linux mydevice 6.1.1-vaisala #1 SMP PREEMPT Fri Jul  7 08:29:21 UTC 2023 armv7l GNU/Linux
mydevice ~ # dmesg | grep optee
[    3.583673] optee: probing for conduit method.
[    3.588230] optee: revision 3.19 (22bca22a)
[    3.588696] optee: dynamic shared memory is enabled
[    3.598446] optee: initialized driver
mydevice ~ # export PKCS11_MODULE=/usr/lib/libckteec.so.0
mydevice ~ # export PKCS11_SLOT=0
mydevice ~ # export PKCS11_TOKEN=device
mydevice ~ # export PKCS11_SO_PIN=1234567890
mydevice ~ # export PKCS11_USER_PIN=1234
mydevice ~ # export PKCS11_OBJECT_ID=112233
mydevice ~ # export PKCS11_OBJECT_LABEL=myImportedKey
mydevice ~ # pkcs11-tool --module ${PKCS11_MODULE} --slot-index ${PKCS11_SLOT} --init-token --label ${PKCS11_TOKEN} --so-pin ${PKCS11_SO_PIN}
Using slot with index 0 (0x0)
Token successfully initialized
mydevice ~ # pkcs11-tool --module ${PKCS11_MODULE} --slot-index ${PKCS11_SLOT} --init-pin --login --so-pin ${PKCS11_SO_PIN} --new-pin ${PKCS11_USER_PIN}
Using slot with index 0 (0x0)
User PIN successfully initialized
mydevice ~ # pkcs11-tool --module ${PKCS11_MODULE} --list-slots
Available slots:
Slot 0 (0x0): OP-TEE PKCS11 TA - TEE UUID d1d075f9-c201-5616-8f74-d74b14d9b9d8
  token label        : device
  token manufacturer : Linaro
  token model        : OP-TEE TA
  token flags        : login required, rng, token initialized, PIN initialized
  hardware version   : 0.0
  firmware version   : 0.1
  serial num         : 0000000000000000
  pin min/max        : 4/128
Slot 1 (0x1): OP-TEE PKCS11 TA - TEE UUID d1d075f9-c201-5616-8f74-d74b14d9b9d8
  token state:   uninitialized
Slot 2 (0x2): OP-TEE PKCS11 TA - TEE UUID d1d075f9-c201-5616-8f74-d74b14d9b9d8
  token state:   uninitialized
mydevice ~ # pkcs11-tool --module ${PKCS11_MODULE} --token ${PKCS11_TOKEN} --login --pin ${PKCS11_USER_PIN} --list-objects
mydevice ~ # openssl genrsa -out /tmp/private-key.pem 2048
mydevice ~ # openssl rsa -in /tmp/private-key.pem -outform DER -out /tmp/private-key.der
writing RSA key
mydevice ~ # pkcs11-tool --module ${PKCS11_MODULE} --token ${PKCS11_TOKEN} --login --pin ${PKCS11_USER_PIN} --write-object /tmp/private-key.der --type privkey --id ${PKCS11_OBJECT_ID} --label ${PKC
S11_OBJECT_LABEL} --usage-sign --usage-derive
Created private key:
Private Key Object; RSA
  label:      myImportedKey
  ID:         112233
  Usage:      sign, derive
  Access:     sensitive
mydevice ~ # pkcs11-tool --module ${PKCS11_MODULE} --token ${PKCS11_TOKEN} --login --pin ${PKCS11_USER_PIN} --list-objects
Private Key Object; RSA
  label:      myImportedKey
  ID:         112233
  Usage:      sign, derive
  Access:     sensitive
mydevice ~ # echo "Hello World!" > /tmp/data.bin
mydevice ~ # pkcs11-tool --module ${PKCS11_MODULE} --token ${PKCS11_TOKEN} --login --pin ${PKCS11_USER_PIN} --sign --label ${PKCS11_OBJECT_LABEL} --mechanism RSA-PKCS --input-file /tmp/data.bin --o
utput-file /tmp/data.bin.sig
Using signature algorithm RSA-PKCS
mydevice ~ # openssl pkeyutl -verify -in /tmp/data.bin -inkey /tmp/private-key.der -sigfile /tmp/data.bin.sig
Signature Verified Successfully

And the cert creation:

mydevice /var/volatile/tmp # openssl req -engine pkcs11 -new -key "pkcs11:token=${PKCS11_TOKEN};object=${PKCS11_OBJECT_LABEL};type=private?pin-value=${PKCS11_USER_PIN}" -keyform engine -out cert.pem -text -x509 -subj "/O=Embexus/CN=HSM-Test/emailAddress=info@embetrix.com"
Engine "pkcs11" set.

openssl version:

OpenSSL 3.0.9 30 May 2023 (Library: OpenSSL 3.0.9 30 May 2023)

libp11 version:

SRC_URI = "git://github.com/OpenSC/libp11.git;branch=master;protocol=https"
SRCREV = "206af152fbcb48d4149097ed140e4840febd72d8"
embetrix commented 1 year ago

@vesajaaskelainen I updated the libp11 to newer tag 0.4.12 and the rsa import and usage of the key is working :-)

# openssl genrsa -out private-key.pem 4096
# openssl rsa -in private-key.pem -outform DER -out private-key.der
writing RSA key
# pkcs11-tool  --write-object private-key.der  --type privkey --id 0872 --login --module /usr/lib/libckteec.so.0 --usage-sign --usage-derive
Using slot 0 with a present token (0x0)
I/TA: PKCS11 session 1: login
Created private key:
Private Key Object; RSA 
  label:      
  ID:         0872
  Usage:      sign, derive
  Access:     sensitive
# OPENSSL_CONF=openssl.cnf openssl req -engine pkcs11 -new -key 0872 -keyform engine -out cert.pem -text -x509 -subj "/O=Embexus/CN=HSM-Test/emailAddress=info@embetrix.com"                                                                                    
Engine "pkcs11" set.
I/TA: PKCS11 session 1: login
embetrix commented 1 year ago

thanks for the support :+1:

any workaround to get this working with ECC Key type ?

vesajaaskelainen commented 1 year ago

thanks for the support 👍

any workaround to get this working with ECC Key type ?

No workaround for that. Let's see how we can resolve that properly -- it is being tracked with different issue.

As always -- I highly recommend not using the key import feature at all. i.MX8 series should have good RNG so let it do the key generation and get certificate signing request from the device and sign that and store the certificate on the device.

embetrix commented 1 year ago

yes definitely I agree that for the productive software I'll proceed that way: this step should be done at production time. but for development and testing purpose it's a big hustle, it's far more handy to have a working import functionality.

vesajaaskelainen commented 1 year ago

yes definitely I agree that for the productive software I'll proceed that way: this step should be done at production time. but for development and testing purpose it's a big hustle, it's far more handy to have a working import functionality.

Please try these changes out: https://github.com/OP-TEE/optee_os/pull/6204