Closed mouse07410 closed 8 years ago
The NIST 800-73 PIV standard says the PIN is never sent over NFC. Only select objects and the card management key can be used over NFC. Early NEO would do everything over NFC which is considered a security risk.
On 3/31/2016 12:20 PM, Mouse wrote:
The reader is Contact & Contactless. Trying with CAC and Yubikey NEO using NFC. In both cases PIN is not verified, returning |6D 00|:
|0x7fff74594300 12:38:53.453 [tokend] /Users/ur20980/Src/OpenSC/OpenSC.tokend-mouse/OpenSC/OpenSCToken.cpp:203:_verifyPIN: In OpenSCToken::_verifyPIN(), PIN num is: 1 0x7fff74594300 12:38:53.453 [tokend] /Users/ur20980/Src/OpenSC/OpenSC.tokend-mouse/OpenSC/OpenSCToken.cpp:217:_verifyPIN: sc_pkcs15_get_objects(pin_id=01): 2 0x7fff74594300 12:38:53.453 [tokend] pkcs15-pin.c:295:sc_pkcs15_verify_pin: called 0x7fff74594300 12:38:53.453 [tokend] pkcs15-pin.c:296:sc_pkcs15_verify_pin: PIN(type:0;method:1;len:) 0x7fff74594300 12:38:53.453 [tokend] card.c:394:sc_lock: called 0x7fff74594300 12:38:53.453 [tokend] reader-pcsc.c:543:pcsc_lock: called 0x7fff74594300 12:38:53.454 [tokend] sec.c:159:sc_pin_cmd: called 0x7fff74594300 12:38:53.454 [tokend] apdu.c:546:sc_transmit_apdu: called 0x7fff74594300 12:38:53.454 [tokend] card.c:394:sc_lock: called 0x7fff74594300 12:38:53.454 [tokend] apdu.c:513:sc_transmit: called 0x7fff74594300 12:38:53.454 [tokend] apdu.c:367:sc_single_transmit: called 0x7fff74594300 12:38:53.454 [tokend] apdu.c:372:sc_single_transmit: CLA:0, INS:20, P1:0, P2:80, data(8) 0x7fff57d02f70 0x7fff74594300 12:38:53.454 [tokend] reader-pcsc.c:269:pcsc_transmit: reader 'Gemalto Prox Dual USB PC Link Reader(1)' 0x7fff74594300 12:38:53.454 [tokend] reader-pcsc.c:270:pcsc_transmit: Outgoing APDU (13 bytes): 00 20 00 80 08 31 32 33 34 35 36 37 38 . ...12345678 0x7fff74594300 12:38:53.454 [tokend] reader-pcsc.c:199:pcsc_internal_transmit: called 0x7fff74594300 12:38:53.463 [tokend] reader-pcsc.c:279:pcsc_transmit: Incoming APDU (2 bytes): 6D 00 m. 0x7fff74594300 12:38:53.463 [tokend] apdu.c:382:sc_single_transmit: returning with: 0 (Success) 0x7fff74594300 12:38:53.463 [tokend] apdu.c:535:sc_transmit: returning with: 0 (Success) 0x7fff74594300 12:38:53.463 [tokend] card.c:434:sc_unlock: called 0x7fff74594300 12:38:53.463 [tokend] iso7816.c:121:iso7816_check_sw: Instruction code not supported or invalid 0x7fff74594300 12:38:53.463 [tokend] sec.c:206:sc_pin_cmd: returning with: -1204 (Unsupported INS byte in APDU) 0x7fff74594300 12:38:53.463 [tokend] pkcs15-pin.c:368:sc_pkcs15_verify_pin: PIN cmd result -1204 0x7fff74594300 12:38:53.463 [tokend] card.c:434:sc_unlock: called 0x7fff74594300 12:38:53.463 [tokend] reader-pcsc.c:583:pcsc_unlock: called 0x7fff74594300 12:38:53.463 [tokend] pkcs15-pin.c:373:sc_pkcs15_verify_pin: returning with: -1204 (Unsupported INS byte in APDU) |
— You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub https://github.com/OpenSC/OpenSC.tokend/issues/26
Douglas E. Engert DEEngert@gmail.com
The NIST 800-73 PIV standard says the PIN is never sent over NFC
Are you saying that CAC cannot be used over NFC?
Regardless, the early NEO should work - shouldn't it...?
It could also be this PC-link feature is not supported by the PCSC.
The only command you listed in the debug log was the VERIFY. Were you able to select the card and read certificates and other objects?
See NIST 800-73-3 part 2 "Table 2. PIV Card Application Card Commands" See the columns "Contact Interface" and "Contactless Interface" and the notes following: "The PIV Card Application shall return the status word of '6A81' (Function not supported) when it receives a card command on the contactless interface marked “No” in the Contactless Interface column in Table 2. Note: Cryptographic protocols using private/secret keys requiring “PIN” security condition shall not be used on the contactless interface. "
The Card Management key does not require the PIN, and can be used over the contactless interface, for physical access (doors for example)
Your debug log shows 6D 00 was returned. This may be an enhanced feature of your contactless reader that refuses to send a VERIFY command with the PIN in the clear over NFC.
NIST 800-73-4 addresses the issue by defining Secure Messaging over the contactless interface, (It also defines using delegated credentials for use with tables and phones too.) But there are no cards that have this yet, and it may be a long time till they do.
The only command you listed in the debug log was the VERIFY. Were you able to select the card and read certificates and other objects?
It appears that it could read some objects and certs, but not all of them. Also, it should have returned all the certificates and public keys anyway, as they aren't supposed to be PIN-protected.
Your debug log shows ...
I'm emailing you the complete log.
NIST 800-73-4 addresses the issue by defining Secure Messaging over the contactless interface, (It also defines using delegated credentials for use with tables and phones too.)
Yes.
But there are no cards that have this yet, and it may be a long time till they do.
Yeah... :-(
P.S. With an older NEO - all the OpenSC-level access works, such as
$ pkcs11-rsa-pss-sign-demo2
Generating ephemeral file /tmp/derive.1591.text to test RSA-PSS signature...
openssl rand -hex -out /tmp/derive.1591.text 5120
Signing file /tmp/derive.1591.text...
openssl dgst -engine pkcs11 -keyform engine -sign "pkcs11:object=SIGN%20key;object-type=private;pin-value=123456" -sha384 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 -out /tmp/derive.1591.text.sig /tmp/derive.1591.text
engine "pkcs11" set.
PKCS#11 token PIN:
Signature for /tmp/derive.1591.text is stored in /tmp/derive.1591.text.sig
Verifying signature:
openssl dgst -engine pkcs11 -keyform engine -sha384 -verify id_02 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 -signature /tmp/derive.1591.text.sig /tmp/derive.1591.text
engine "pkcs11" set.
Verified OK
Keychain Access sees the card (over NFC) and unlocks it with the PIN, and at least once Apple Mail recognized the certificates on it, and successfully signed outgoing email.
With the new NEO, Keychain Access still sees it over NFC and unlocks correctly. Apple Mail has "X" instead of "checkmark" in the "S/MIME Sign" box on the outgoing email window (upper right corner). It seemed that the outgoing email got signed despite that - you should be able to tell as it's the email with the logs I promised.
NIST 800-73-3 part1 "Table 1. Data Model Containers" Contact / Contactless column. Only CHUID, "X.509 Certificate for Card Authentication" and "Discovery Object" are readable over contactless.
On 4/1/2016 11:34 AM, Mouse wrote:
The only command you listed in the debug log was the VERIFY. Were you able to select the card and read certificates and other objects?
It appears that it could read some objects and certs, but not all of them. Also, it should have returned all the certificates and public keys anyway, as they aren't supposed to be PIN-protected.
Your debug log shows ...
I'm emailing you the complete log.
NIST 800-73-4 addresses the issue by defining Secure Messaging over the contactless interface, (It also defines using delegated credentials for use with tables and phones too.)
Yes.
But there are no cards that have this yet, and it may be a long time till they do.
Yeah... :-(
— You are receiving this because you commented. Reply to this email directly or view it on GitHub https://github.com/OpenSC/OpenSC.tokend/issues/26#issuecomment-204462206
Douglas E. Engert DEEngert@gmail.com
Please close this issue. It is not an OpenSC issue. The cards are working as expected over contactless interface.
The reader is Contact & Contactless. Trying with CAC and Yubikey NEO using NFC. In both cases PIN is not verified, returning
6D 00
: