Long shot - Yubikey 5 - Anyone able to initialize PKCS#11 with OpenSC?

[dylanetaft]

pkcs11-tool --module "c:\Program Files\Yubico\Yubico PIV Tool\bin\libykcs11.dll" --init-token --label yubikey
Using slot 0 with a present token (0x0)
Please enter the new SO PIN: Please enter the new SO PIN (again): error: PKCS11 function C_InitToken failed: rv = CKR_DEVICE_ERROR (0x30)
Aborting.

Or with the OpenSC driver

pkcs11-tool --init-token --label yubikey
Using slot 0 with a present token (0x0)
Please enter the new SO PIN: Please enter the new SO PIN (again): error: PKCS11 function C_InitToken failed: rv = CKR_FUNCTION_NOT_SUPPORTED (0x54)
Aborting.

I'm trying to use the generic pkcs#11 functionality, not through the PIV module.
I want to create keys and such, was trying to see if curve25519 is supported as I know the OpenPGP stuff works on Yubi.

I'm thinking they're not supporting PKCS#11 anymore than what is needed for the PIV implementation?

[dylanetaft]

Or log in as SO

C:\Program Files\OpenSC Project\OpenSC\tools>pkcs11-tool -v -l --login-type so -t
Using slot 0 with a present token (0x0)
Logging in to "PIV_II".
Please enter SO PIN: error: PKCS11 function C_Login failed: rv = CKR_GENERAL_ERROR (0x5)
Aborting.

I can log in as a user fine.

Their PKCS#11 minidriver allows login but it's missing all the features of PKCS#11 3.0
C:\Program Files\OpenSC Project\OpenSC\tools>pkcs11-tool --module "c:\Program Files\Yubico\Yubico PIV Tool\bin\libykcs11.dll" -l --login-type so -t

s11.dll" -l --login-type so -t
Using slot 0 with a present token (0x0)
Logging in to "YubiKey PIV #22685530".
Please enter SO PIN: C_SeedRandom() and C_GenerateRandom():
seems to be OK
Digests:
all 4 digest functions seem to work
SHA-1: OK
SHA256: OK
Signature: not a R/W session, skipping signature tests
Verify: not a R/W session, skipping verify tests
Decryption: not a R/W session, skipping decryption tests
No errors

[dengert]

OpenSC can not handle using two different applets on the same token at the same time.
By default, OpenSC will find the PIV applet on the Yubikey first. (Which it looks like what you are seeing.)

If you want to use the openpgp applet instead:

• set env OPENSC_DRIVER=openpgp before the commands.
• Modify opensc.conf to only try selected drivers. "card_drivers = "
• Or if you never want to use the PIV applet, use Yubikey tools to turn off the PIV applet.

(Note: PIV cards were not designed to be provisioned by end users using PKCS11.)

[dylanetaft]

C:\Program Files\OpenSC Project\OpenSC\tools>pkcs11-tool -l --login-type so -k --key-type EC:curve25519
Using slot 0 with a present token (0x0)
Logging in to "OpenPGP card (User PIN)".
Please enter SO PIN: error: Generate EC key mechanism 1056 not supported
Aborting.

Closer. I can log in as SO now. Now it won't generate an X25519 key. Hypothetically it is supported, maybe I'll try with gnupg, and see if it's usable for operations like DH with pkcs11.

It's able to create other key types.

edit:
#1960

Hm, maybe I need to create the key with GPG tools, OpenSC doesn't support writing.

Edit: Yup, exactly that. Thanks.

[dengert]

I am not very good with openpgp...

OpenPGP has two pins, a signature pin and a second pin used for authentication and key agreement.
PKCS11 only has user pin and SO pin.
So OpenSC PKCS11 assigns two slots one for authentication and key agreement that use the same pin and another for signature pin.

OPENSC_DRIVER=openpgp ./pkcs11-tool --list-slots
OPENSC_DRIVER=openpgp ./pkcs11-tool --slot 0 -O
OPENSC_DRIVER=openpgp ./pkcs11-tool --slot 1 -O

With your OPENSC_DRIVER=openpgp pkcs11-tool -l --login-type so -k --key-type EC:curve25519
you will need to add --slot 0 -id 3

[dengert]

You may find these helpful:

https://github.com/OpenSC/OpenSC/wiki/OpenPGP-card
https://docs.oasis-open.org/pkcs11/pkcs11-curr/v3.0/os/pkcs11-curr-v3.0-os.html
https://github.com/OpenSC/OpenSC/blob/master/.github/test-openpgp.sh

[dylanetaft]

It's cool y'all were able to implement pkcs#11 at all ontop of OpenPGP card.

[dengert]

It's cool y'all were able to implement pkcs#11 at all on top of OpenPGP card.

I assume you got it to work with both curve25519 and X25519 keys?

Can you list the commands you used, starting with initializing the token?
It would be nice if these where added to https://github.com/OpenSC/OpenSC/wiki/OpenPGP-card

[dylanetaft]

Well, it got as far as I see them in pkcs11-tool. They were generated with gpg4win.
What I want to do with this is a big lift. I want to ensure interoperability with libsodium.

By that I mean, I think, using PKCS#11 function CKM_ECDH1_DERIVE - with the CKD_NULL param in CK_ECDH1_DERIVE_PARAMS - that should give a SK to be used for a symmetric cipher.

I should be able to do a DH handshake between libsodium and PKCS#11 over X25519 and ensure the SK is the same as a valid test.

I also want to validate cross-compatibility with CKM_EDDSA\EDDSA signing.

This would validate that the key generated on chip from GPG tools is usable in OpenSC.

I would write a testcase likely with lib11 or pkcs11-helper.

The documentation for this is barely there, but I am going to attempt, if it works I'll document...

I have no idea if the OpenSC PKCS#11 implementation for OpenPGP cards supports all the necessities to do this.

I don't think showing key objects in pkcs11-tool is useful, I want to make sure it's actually usable for something.

It doesn't look like OpenPGP cards support PKCS#11 natively, I am not sure how far the devs of OpenSC have bent over backwards or the extent of the creativity to actually have enough of it working to be useful?

[dengert]

Here is a test script I use with PIV cards with EC keys using p-256 or p-384 to derive a shared secret key.
They use CKM_ECDH1_COFACTOR_DERIVE, but it looks like with CKK_EC_MONTGOMERY keys you will have to use CKM_ECDH1_DERIVE

test.derive.sh.txt

[dengert]

And a test script to use CMS.
test.openssl.cms.sh.txt