update fips token support

[haijie-ftsafe]

Checklist

• Documentation is added or updated
• New files have a LGPL 2.1 license statement
• PKCS#11 module is tested
• Windows minidriver is tested
• macOS tokend is tested

[frankmorgner]

please revert your changes on the OpenSSL logging and change the formatting as suggested in the clang-format CI run.

[Jakuje]

Please, try to use the formatting proposed by the clang-format CI where possible to improve readability.
Please put back the logging that you likely accidentally removed.
Please, squash the fixup commits.
Please rebase on top of upstream instead of introducing merge commits.
The commit messages could be little bit more descriptive than "update fips token support". What was the issue? How was it fixed? What token version does it affect?

[dengert]

Is this response to #2843 and comments #2843 (comment) and #2843 (comment) (which was sent to ftsafe.us as a bug report) ?

Commit haijie-ftsafe@901f270 in aes128_encrypt_cmac_ft can be accomplished by 84ce488 which uses AES-128-CBC that takes a iv, when old code used AES-128-ECB which ignores the iv.

The real problem with some FIPS-2 cards is RSA-2048 does not work.

[haijie-ftsafe]

Is this response to #2843 and comments #2843 (comment) and #2843 (comment) (which was sent to ftsafe.us as a bug report) ?

Commit haijie-ftsafe@901f270 in aes128_encrypt_cmac_ft can be accomplished by 84ce488 which uses AES-128-CBC that takes a iv, when old code used AES-128-ECB which ignores the iv.

The real problem with some FIPS-2 cards is RSA-2048 does not work.
We have also carried out test according to be following steps,and all work normally.
1、pkcs15-init --pin 12345678 --generate-key rsa/2048 --auth-id 02 --key-usage sign
2、pkcs11-tool -auth-id2 -m SHA256-RSA-PKCS --sign --input /tmp/data.txt --output-file /tmp/signature
3、pkcs11-tool -auth-id2 -m SHA256-RSA-PKCS --verify --input /tmp/data.txt --signature-file /tmp/signature

[dengert]

We have also carried out test according to be following steps,and all work normally.
1、pkcs15-init --pin 12345678 --generate-key rsa/2048 --auth-id 02 --key-usage sign
2、pkcs11-tool -auth-id2 -m SHA256-RSA-PKCS --sign --input /tmp/data.txt --output-file /tmp/signature
3、pkcs11-tool -auth-id2 -m SHA256-RSA-PKCS --verify --input /tmp/data.txt --signature-file /tmp/signature

@haijie-ftsafe, I see you used --auth-id 02 What commands did you use to initialize the the token? What version of OpenSC

I am using OpenSC 0.25.0 or master, with 84ce488 and these commands:

./pkcs15-init -E -T
./pkcs15-init -C -T --profile pkcs15+onepin --pin 123456 --puk 12345678 --label "ePass2003-X"
./pkcs15-init --generate-key rsa/2048 --auth-id 01 --key-usage sign --id 01 --label "Key01"
./pkcs15-init --verify-pin -G EC:nistp256 --id 02 --key-usage sign --auth-id 01 --label "Key02"

Fails:
./pkcs11-tool --sign --id 01 -m SHA256-RSA-PKCS --input /tmp/data.txt --output-file /tmp/signature.rsa
Works:
./pkcs11-tool --sign --id 02 -m ECDSA-SHA256 --input /tmp/data.txt --output-file /tmp/signature.ecdsa

The --profile pkcs15+onepin only uses one pin, the user pin 123456 has id = 01:

./pkcs15-tool --list-keys --list-pins
Using reader with a card: Feitian ePass2003 00 00
Connecting to card in reader Feitian ePass2003 00 00...
Using card driver epass2003.
Private RSA Key [Key01]
	Object Flags   : [0x03], private, modifiable
	Usage          : [0x0C], sign, signRecover
	Access Flags   : [0x1D], sensitive, alwaysSensitive, neverExtract, local
	Algo_refs      : 0
	ModLength      : 2048
	Key ref        : 0 (0x00)
	Native         : yes
	Path           : 3f0050152900
	Auth ID        : 01
	ID             : 01
	MD:guid        : f0ebfcf4-bbd0-1335-8906-711c51a26c59

Private EC Key [Key02]
	Object Flags   : [0x03], private, modifiable
	Usage          : [0x0C], sign, signRecover
	Access Flags   : [0x1D], sensitive, alwaysSensitive, neverExtract, local
	Algo_refs      : 0
	FieldLength    : 256
	Key ref        : 1 (0x01)
	Native         : yes
	Path           : 3f0050152901
	Auth ID        : 01
	ID             : 02
	MD:guid        : 09616dd5-2a58-bb65-4c26-fb1b7ae93aca

PIN [User PIN]
	Object Flags   : [0x03], private, modifiable
	ID             : 01
	Flags          : [0x32], local, initialized, needs-padding
	Length         : min_len:4, max_len:16, stored_len:16
	Pad char       : 0x00
	Reference      : 1 (0x01)
	Type           : ascii-numeric
	Path           : 3f005015

Note ECDSA works, but RSA sig fails. The Auth ID for both keys is 01, the only key. Is it possible the token is hard coded to only use "Auth ID 02" for FIPS RSA? Or the pkcs15-init tool is not setting the ACLs correctly on the card?

If I run without onepin get:

./pkcs15-init -C -T --profile pkcs15 --pin 123456 --puk 12345678 --label "ePass2003-X"
Using reader with a card: Feitian ePass2003 00 00
Connecting to card in reader Feitian ePass2003 00 00...
Using card driver epass2003.
New User PIN.
Please enter User PIN: 
Please type again to verify: 
Unblock Code for New User PIN (Optional - press return for no PIN).
Please enter User unblocking PIN (PUK): 
Please type again to verify: 
Failed to create PKCS #15 meta structure: Security status not satisfied

It did not use the pin and puk from command line, but prompted for them.

The tokens that are failing all have Tag "84 02 1D D4"

Minor comment:
pkcs11-tool -auth-id2 is parsed: "-a, --label Specify the label of the object" with the label = "uath-id2"

Unfortunately, your time zone is 13 hours earlier then mine, making communications difficult.

[devshah89]

@haijie-ftsafe I have the same behavior as dengert reported with your new commits. It would be appreciated if you can provider some insights on how you are able to use auth-id 02.

[dengert]

@haijie-ftsafe and @devshah89 can you run this command to get the ATR and the epass2003 data object?
opensc-tool --card-driver default --send-apdu 00:CA:01:86:00

All the cards that fail have this output:

$ opensc-tool --card-driver default -a --send-apdu 00:CA:01:86:00
Using reader with a card: Feitian ePass2003 00 00
3b:9f:95:81:31:fe:9f:00:66:46:53:05:10:11:31:71:df:00:00:03:90:00:a0
Sending: 00 CA 01 86 00 
Received (SW1=0x90, SW2=0x00):
80 01 01 81 02 1D D4 82 01 00 83 02 00 00 84 01 ................
01 85 0A 07 55 2E 6F 44 EB 00 1A 00 03 86 01 00 ....U.oD........
87 01 01

@devshah89 @drodgers-immt @zepingouin @faryon93 If you have not filed a bug report with ftsafe, please do so. The process may vary by country. As they appear to have multiple Subsidiaries.

[devshah89]

Thank you. I am getting the same output. I have filled a bug report with ftsafe.

…

On Mon, Apr 1, 2024 at 10:27 AM Doug Engert ***@***.***> wrote: @haijie-ftsafe <https://github.com/haijie-ftsafe> and @devshah89 <https://github.com/devshah89> can you run this command to get the ATR and the epass2003 data object? opensc-tool --card-driver default --send-apdu 00:CA:01:86:00 All the cards that fail have this output: $ opensc-tool --card-driver default -a --send-apdu 00:CA:01:86:00 Using reader with a card: Feitian ePass2003 00 00 3b:9f:95:81:31:fe:9f:00:66:46:53:05:10:11:31:71:df:00:00:03:90:00:a0 Sending: 00 CA 01 86 00 Received (SW1=0x90, SW2=0x00): 80 01 01 81 02 1D D4 82 01 00 83 02 00 00 84 01 ................ 01 85 0A 07 55 2E 6F 44 EB 00 1A 00 03 86 01 00 ....U.oD........ 87 01 01 @devshah89 <https://github.com/devshah89> @drodgers-immt <https://github.com/drodgers-immt> @zepingouin <https://github.com/zepingouin> @faryon93 <https://github.com/faryon93> If you have not filed a bug report with ftsafe, please do so. The process may vary by country. As they appear to have multiple Subsidiaries. — Reply to this email directly, view it on GitHub <#3081 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AG52NSK46KBZURNXVWRH3QDY3GKIBAVCNFSM6AAAAABFAY2JDGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAMZQGIYDIMJSGU> . You are receiving this because you were mentioned.Message ID: ***@***.***>