openssl req command with softhsm2

[gilweis]

Describe the bug 40B79BACEF7F0000:error:03000093:digital envelope routines:default_check:command not supported:../crypto/evp/ctrl_params_translate.c:329: Segmentation fault (core dumped)

To Reproduce $ openssl req -provider pkcs11 -new -key "pkcs11:id=%02;type=private" -out req.pem -text -x509 -subj "/CN=Andreas" Enter pass phrase for PKCS#11 Token (Slot 569901767 - SoftHSM slot ID 0x21f802c7): 40B79BACEF7F0000:error:03000093:digital envelope routines:default_check:command not supported:../crypto/evp/ctrl_params_translate.c:329: Segmentation fault (core dumped)

Operating environment (please complete the following information):

OS: Ubuntu 23.10 openssl: OpenSSL 3.0.10 1 Aug 2023 (Library: OpenSSL 3.0.10 1 Aug 2023) pkcs11-provider: latest / 0.2 softhsm2: 2.6.1

$ strace openssl req -provider pkcs11 -new -key "pkcs11:id=%02;type=private" -out req.pem -text -x509 -subj "/CN=Andreas" ... openat(AT_FDCWD, "/home/g/tokens//a35f1b46-7963-fae0-dcb4-ae2b21f802c7/0e0e6647-bb0f-6973-16f2-42cd46709987.object", O_RDONLY) = 3 fcntl(3, F_GETFL) = 0x8000 (flags O_RDONLY|O_LARGEFILE) fcntl(3, F_SETLKW, {l_type=F_RDLCK, l_whence=SEEK_SET, l_start=0, l_len=0}) = 0 newfstatat(3, "", {st_mode=S_IFREG|0600, st_size=1617, ...}, AT_EMPTY_PATH) = 0 read(3, "\0\0\0\0\0\0\0'\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\2\0\0\0\0\0\0\0\3"..., 4096) = 1617 fcntl(3, F_SETLK, {l_type=F_UNLCK, l_whence=SEEK_SET, l_start=0, l_len=0}) = 0 close(3) = 0 brk(0x55cc36490000) = 0x55cc36490000 getpid() = 4302 write(2, "4057870CB57F0000:error:03000093:"..., 1374057870CB57F0000:error:03000093:digital envelope routines:default_check:command not supported:../crypto/evp/ctrl_params_translate.c:329: ) = 137 munmap(0x7fb50c80f000, 85992) = 0 getpid() = 4302 --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x8} --- +++ killed by SIGSEGV (core dumped) +++ Segmentation fault (core dumped)

[simo5]

This is a duplicate of #310

[gilweis]

I tried with YubiHSM and I got the same error so it isn't an issue in softhsm2 (same command with openssl engine work with softhsm2 & Yubihsm2)

[simo5]

Have you tried the workaround I posted in #310 ?

[gilweis]

Yes, I tried with the workaround with softhsm2 and with YubiHSM. YubiHSM: Enter pass phrase for PKCS#11 Token (Slot 0 - YubiHSM Connector localhost): 40E7B8D5637F0000:error:03000093:digital envelope routines:default_check:command not supported:../crypto/evp/ctrl_params_translate.c:329:

softhsm: Enter pass phrase for PKCS#11 Token (Slot 569901767 - SoftHSM slot ID 0x21f802c7): 40B7692BDB7F0000:error:03000093:digital envelope routines:default_check:command not supported:../crypto/evp/ctrl_params_translate.c:329:

[simo5]

This is different, the segfaults are gone, and it looked to me that was the problem

[simo5]

That said I am not sure what is going on there. In tests/tdemoca we use the req command with softhsm with no issues.

[simo5]

Can you check if passing -propquery provider=pkcs11 makes a difference ? Usually I need to do that when not using the provider configured in openssl.cnf

[gilweis]

$ openssl req -propquery provider=pkcs11 -provider pkcs11 -new -key "pkcs11:id=%02;type=private" -out req.pem -text -x509 -subj "/CN=Andreas" Enter pass phrase for PKCS#11 Token (Slot 569901767 - SoftHSM slot ID 0x21f802c7): 4047DCEE0D7F0000:error:03000093:digital envelope routines:default_check:command not supported:../crypto/evp/ctrl_params_translate.c:329:

$ openssl req -propquery provider=pkcs11 -provider pkcs11 -new -key "pkcs11:id=%00%03;type=private" -out req.pem -text -x509 -subj "/CN=Andreas" Enter pass phrase for PKCS#11 Token (Slot 0 - YubiHSM Connector localhost): 40477861977F0000:error:03000093:digital envelope routines:default_check:command not supported:../crypto/evp/ctrl_params_translate.c:329:

[Jakuje]

Can you provide a debug log from the pkcs11 provider from your attempts? While running the same commands against softhsm token on Debian container, it looks like working just ok (in the environment set up by the testsuite, after adjusting the key URI to an existing one).

[gilweis]

How I get log from the pkcs11 provider?

[Jakuje]

How I get log from the pkcs11 provider?

Please, see the manual page for pkcs11-provider:

https://github.com/latchset/pkcs11-provider/blob/main/docs/provider-pkcs11.7.md#pkcs11_provider_debug

There is a PKCS11_PROVIDER_DEBUG environment variable, which controls what debug output is produced.

[gilweis]

debug.log debug-level2.log

[Jakuje]

The error you show in https://github.com/latchset/pkcs11-provider/issues/311#issuecomment-1824782430 is from OpenSSL. Given that both softhsm and yubihsm, it sounds like an issue in the openssl itself.

Unfortunately from the log its not much clear where does it crash so maybe running under gdb until the crash and providing backtrace from the crash would show some more useful information.

[gilweis]

No crash. Just return with error. https://github.com/latchset/pkcs11-provider/issues/311#issuecomment-1889866863

[Jakuje]

Having a better look, I can see a difference from what is executed in the democa. You have the -x509 switch causing the openssl to output the certificate and not the certificate request. What are you trying to achieve with this command? Generate the key, request the certificate and sign it with the key ID 2? Or just some of it?

[gilweis]

without -x509:

$ openssl req -provider pkcs11 -new -key "pkcs11:id=%02;type=private" -out req.pem -text -subj "/CN=Andreas" Enter pass phrase for PKCS#11 Token (Slot 569901767 - SoftHSM slot ID 0x21f802c7): 40B72098217F0000:error:03000093:digital envelope routines:default_check:command not supported:../crypto/evp/ctrl_params_translate.c:329:

$ echo $? 1

[gilweis]

I found that is working only if the key type is: --key-type="EC:edwards25519" I'm using rsa key

[Jakuje]

I found that is working only if the key type is: --key-type="EC:edwards25519" I'm using rsa key

The difference form the original command and this command is where you have the key -- the original was with PKCS#11 URI so the key was in the provider, while if you use the above --key-type, it will create a key inside of openssl.

You still did not answer the question from the previous comment:

What are you trying to achieve with this command? Generate the key, request the certificate and self-sign it with the key ID 2? Or just some of it?

Can you try to do it with intermediate steps: generate key, request csr and sign it to see what stage fails?

[gilweis]

I'm trying to create csr with pkcs11 and openssl. The -x509 was one of the tests. I don't need the -x509 parameter. The tests was with existing keys in SoftHSM! The commad "openssl req -provider pkcs11 -new -key "pkcs11:id=%02;type=private" -out req.pem -text -subj "/CN=Andreas" fail if the key in the SoftHSM (pkcs11:id=%02;type=private) is RSA and ok if the key is EC Curve25519.

[Jakuje]

I still can not reproduce what you describe with softhsm inside of the testsuite, see the #334 (debian is still broken). Can you check if you spot some difference in what I am trying there and what you try? Running the testsuite with make check from this branch works for you?

When I add the -text argument, it does not change the behavior, but adding -x509 indeed changes the csr output to certificate, breaking the next command. I do not see any difference between RSA/EC/Ed25519 keys.

[gilweis]

Yes, make check works:

TOTAL: 34

PASS: 34

I'll try to search the difference.

[gilweis]

Steps to reproduce the problem: New softhsm2: $ softhsm2-util --init-token --label "token_name" --free --pin 1234 --so-pin 1234

$ pkcs11-tool --keypairgen --key-type="RSA:2048" --login --pin=1234 --module="/usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so" --label="my_label" --id="02" $ openssl req -provider pkcs11 -new -key "pkcs11:id=%02;type=private" -out req.pem -subj "/CN=Andreas" 40277268867F0000:error:03000093:digital envelope routines:default_check:command not supported:../crypto/evp/ctrl_params_translate.c:329: $ echo $? 1

$ pkcs11-tool --keypairgen --key-type="EC:edwards25519" --login --pin=1234 --module="/usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so" --label="my_label" --id="03" $ openssl req -provider pkcs11 -new -key "pkcs11:id=%03;type=private" -out req.pem -subj "/CN=Andreas" $ echo $? 0 $ file req.pem req.pem: PEM certificate request

[Jakuje]

Running the same test inside of the pkcs11-provider tests environment (using different ID to avoid conflicts with other existing keys) looks like working for me:

$ cd tests && source tmp.softhsm/testvars 
$ pkcs11-tool --keypairgen --key-type="RSA:2048" --login --pin=$PINVALUE --module="$PKCS11_PROVIDER_MODULE" --label="my_label" --id="99"
Using slot 0 with a present token (0x592eb43a)
Key pair generated:
Private Key Object; RSA 
  label:      my_label
  ID:         99
  Usage:      decrypt, sign, signRecover, unwrap
  Access:     sensitive, always sensitive, never extractable, local
Public Key Object; RSA 2048 bits
  label:      my_label
  ID:         99
  Usage:      encrypt, verify, verifyRecover, wrap
  Access:     local
$ openssl req -provider pkcs11 -new -key "pkcs11:id=%99;type=private" -out req.pem -subj "/CN=Andreas"
$ file req.pem 

the pkcs11-provider master, other package versions (on Fedora 38):

opensc-0.24.0-1.fc38.x86_64
openssl-3.0.9-2.fc38.x86_64
softhsm-2.6.1-5.fc40.7.x86_64

Is there some specific way you used to set up the softhsm or do you have some specific configuration in openssl.cnf?

Ir it might be caused by different openssl version, but given that it works for you in the testsuite, but not with the manual test, I would assume some different configuration somewhere.

[gilweis]

Thanks. I found that my openssl.cnf has be defined with both providers and engines for pkcs11 and that caused the error. After I comment the engine section everything works with the provider.

[simo5]

Thanks for following up, sounds like all is good now.