search

philipWendland / IsoApplet

A Java Card PKI Applet aiming to be ISO 7816 compliant
GNU General Public License v3.0
165 stars 72 forks source link

Private key access flags inconsistent based on key source #26

Closed motiwardi closed 3 years ago

motiwardi commented 3 years ago

There appears to be a difference in how IsoApplet handles setting the access flags on private key objects depending on if the private key is imported from an externally generated source or generated on-card. Externally loaded keys become set with 0x01, and internal keys are set with 0x1D.

Reproduction case:

IsoApplet built with DEF_PRIVATE_KEY_IMPORT_ALLOWED = true
> pkcs15-init --create-pkcs15
> openssl genrsa -out rsa.private.key 2048
> pkcs15-init --id 45 -a ff --key-usage decrypt,sign --store-private-key rsa.private.key
> pkcs15-tool -k
Private RSA Key [Private Key]
        Object Flags   : [0x03], private, modifiable
        Usage          : [0x2E], decrypt, sign, signRecover, unwrap
        Access Flags   : [0x01], sensitive
        Algo_refs      : 0
        ModLength      : 2048
        Key ref        : 0 (0x00)
        Native         : yes
        Path           : 3f005015
        Auth ID        : ff
        ID             : 45

> pkcs15-init --id 45 -a ff --delete-objects privkey,pubkey
> pkcs15-init --id 45 -a ff --key-usage decrypt,sign -G RSA/2048
> pkcs15-tool -k
Private RSA Key [Private Key]
        Object Flags   : [0x03], private, modifiable
        Usage          : [0x2E], decrypt, sign, signRecover, unwrap
        Access Flags   : [0x1D], sensitive, alwaysSensitive, neverExtract, local
        Algo_refs      : 0
        ModLength      : 2048
        Key ref        : 0 (0x00)
        Native         : yes
        Path           : 3f005015
        Auth ID        : ff
        ID             : 45

Shouldn't the access flags on the private key always be 0x1D regardless of how the private key is loaded?

I'm not sure if there are any additional security implications because of this, but it seems most other JC applets (PIV,etc) always set anything related to private keys to the more restrictive access flag set.

philipWendland commented 3 years ago

These are PKCS#15/11 attributes that are stored in the file system for OpenSC, they are not interpreted by the applet and have no security implications.

CKA_ALWAYS_SENSITIVE set to false for imported keys is correct IMO, as the key has been exposed outside the card prior to the import... The same argumentation applies to CKA_NEVER_EXTRACTABLE. CKA_LOCAL should not be set because the domain parameters have been set off-card.