Workaround for buggy PKCS#11 C_Sign() implementation

OpenSC / pam_pkcs11

This Linux-PAM login module allows a X.509 certificate based user login

GNU Lesser General Public License v2.1

65 stars 51 forks source link

Workaround for buggy PKCS#11 C_Sign() implementation #40

Closed mskalski closed 3 years ago

mskalski commented 4 years ago

Add workaround for buggy implementation of PKCS#11 library when it does not update signature_length parameter whein it returns CKR_BUFFER_TOO_SMALL. It handles also (hypotetical) reducing by PKCS#11 library returned signature length.

Additionally speeds up signature using larger buffer (of 1024 bytes) at beginning which should result for most of cases calling C_Sign() only once.

wolneykien commented 4 years ago

Hi! Thanks, I'll look at it tonight.

wolneykien commented 4 years ago

I think we have to limit the possible number of iterations.

wolneykien commented 4 years ago

And it would be nice to know the signature length beforehand. I think it is possible. At least for OpenSSL...

mskalski commented 4 years ago

And it would be nice to know the signature length beforehand. I think it is possible. At least for OpenSSL...

Yes it is possible for RSA (size of RSA key), of course it is possible for Elliptic curve, (but you need to know key type and curve), but unnecessary.

I think buffer of size 1024 bytes is far enough for all types of signatures and usually causes only one call to C_Sign().

martinpaljak commented 3 years ago

If it is a buggy module, maybe you can

report it to the module vendor to be fixed
mention the name/type/version of it so that could be tracked.