Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Creation of Certificate Sign Requests Fails if Key Pin Policy is Set to Once or Always in Combination with Attestation #430

Open
tillmann-crabnebula opened this issue Feb 28, 2023 · 4 comments

Comments

@tillmann-crabnebula
Copy link

tillmann-crabnebula commented Feb 28, 2023

Used version: yubico-piv-tool --version yubico-piv-tool 2.3.1

Reproduction commands:

  1. Create key on device
    yubico-piv-tool --slot 9c --pin 123456 --action verify-pin,generate --pin-policy always --touch-policy never

  2. Create signing request for generated key
    yubico-piv-tool --slot 9c --pin 123456 --action verify-pin,request-certificate --attestation --output 9c.csr --subject "/CN=Example/OU=example/[email protected]/"

  3. Observe output

Successfully verified PIN.
Failed signing data: Authentication error.
Failed signing request.
C0EBAFB7917F0000:error:06880006:asn1 encoding routines:ASN1_item_sign_ctx:EVP lib:../crypto/asn1/a_sign.c:284:

I saw similar issues mentioning this behavior #383 and some recent changes ubuntu tracker 1988833 ubuntu tracker 1993908 but the issue persists for me.

The above example works once the --pin-policy is set to never or the --attestation flag is removed.

Raw output:

DBG ykpiv.c:589 (ykpiv_connect): Connect reader 'Yubico YubiKey FIDO+CCID 00 00' matching 'Yubikey'.
DBG ykpiv.c:595 (ykpiv_connect): SCardConnect succeeded for 'Yubico YubiKey FIDO+CCID 00 00', protocol=2
DBG ykpiv.c:795 (_ykpiv_transmit): > 00a4040005a00000030800 (11)
DBG ykpiv.c:802 (_ykpiv_transmit): < 61114f0600001000010079074f05a0000003089000 (21)
DBG ykpiv.c:748 (ykpiv_translate_sw): SW_SUCCESS
DBG ykpiv.c:795 (_ykpiv_transmit): > 0020008000 (5)
DBG ykpiv.c:802 (_ykpiv_transmit): < 63c3 (2)
DBG ykpiv.c:775 (ykpiv_translate_sw): SW_63c3
DBG ykpiv.c:795 (_ykpiv_transmit): > 00fd000000 (5)
DBG ykpiv.c:802 (_ykpiv_transmit): < 0504039000 (5)
DBG ykpiv.c:748 (ykpiv_translate_sw): SW_SUCCESS
DBG ykpiv.c:795 (_ykpiv_transmit): > 00f8000000 (5)
DBG ykpiv.c:802 (_ykpiv_transmit): < 011d235e9000 (6)
DBG ykpiv.c:748 (ykpiv_translate_sw): SW_SUCCESS
Now processing for action 'verify-pin'.
Action 'verify-pin' does not need authentication.
DBG ykpiv.c:795 (_ykpiv_transmit): > 0020008008313233343536ffff00 (14)
DBG ykpiv.c:802 (_ykpiv_transmit): < 9000 (2)
DBG ykpiv.c:748 (ykpiv_translate_sw): SW_SUCCESS
Successfully verified PIN.
Now processing for action 'request-certificate'.
Action 'request-certificate' does not need authentication.
DBG ykpiv.c:795 (_ykpiv_transmit): > 00f99c0000 (5)
DBG ykpiv.c:802 (_ykpiv_transmit): < 3082032030820208a003020102021001c9686403336502df36ac80f68378e0300d06092a864886f70d01010b05003021311f301d06035504030c1659756269636f20504956204174746573746174696f6e3020170d3136303331343030303030305a180f32303532303431373030303030305a30253123302106035504030c1a597562694b657920504956204174746573746174696f6e20396330820122300d06092a864886f70d01010105000382010f003082010a0282010100d43c74824d20644a0325f8e2a631418ca5cacc4b8f1bd354ff439e0e967d7e79fa5b6b093e76d0821811771c5ba0f3b13f0ea7a5ecdc9570064bdf9f004a09c6cf6a7971346100 (258)
DBG ykpiv.c:795 (_ykpiv_transmit): > 00c0000000 (5)
DBG ykpiv.c:802 (_ykpiv_transmit): < 343e7971d64eb91b3f1b135a532644664504479ae39c30b1acb1474074901a4f41dbb4137e92df13e6d12916fab0a63f54ceede43cbd0753bf71d461f9916e2a9ae55572cf6fe56b04781a78668b8d697a9fc41aa6f810a68e6f5fdd48700d0db5d715d114ad1edf2ecff56f47e4a365fc37570fb85d7196db1ee4de2b21a7061b314dbd6aa0a0646fcc3988b4cec3d34994e219dc9bde6d87e2413bcbb83a21496cf2807f7ba10817056e8e4bab330e7860804cd2a76ff3bbc5830203010001a34e304c3011060a2b0601040182c40a030304030504033014060a2b0601040182c40a030704060204011d235e3010060a2b0601040182c40a030804020301306100 (258)
DBG ykpiv.c:795 (_ykpiv_transmit): > 00c0000000 (5)
DBG ykpiv.c:802 (_ykpiv_transmit): < 0f060a2b0601040182c40a0309040103300d06092a864886f70d01010b05000382010100554362d01a1dc6d8e8d50ed382a76f365ea2c188c652225e1c03a645d6fd65129faa23d09eb9daeb2788482e0a52503ad07d41f2ddd9828064d38a99392198d2e6a4d30229573849e73f89e92e0eddcb3ac53691d959962feb231af5498b64dd3f847874968fd1194895501bcffc39211a2ceac3e8c25f9dd73375c90533dc16b19eb5aa29d33db06807ba9ebd60a5acd7974868433736362e6c9095ebbf853ad82bc116dfeee4c3d0a1272829f18bae6fae791b0f6e49a4945de26892d7969c73adc5adc8003197a79e3240d57d333e3746c50532768741b44862686124 (258)
DBG ykpiv.c:795 (_ykpiv_transmit): > 00c0000024 (5)
DBG ykpiv.c:802 (_ykpiv_transmit): < f8ee18cc962747c0dc2c3a38b63524d654eb659393487526b4278ed5e1f21a757a5f21569000 (38)
DBG ykpiv.c:748 (ykpiv_translate_sw): SW_SUCCESS
DBG ykpiv.c:795 (_ykpiv_transmit): > 00cb3fff055c035fff0100 (11)
DBG ykpiv.c:802 (_ykpiv_transmit): < 53820302708202fe308202fa308201e2a003020102020900e8c3dd799e433b62300d06092a864886f70d01010b0500302b3129302706035504030c2059756269636f2050495620526f6f742043412053657269616c203236333735313020170d3136303331343030303030305a180f32303532303431373030303030305a3021311f301d06035504030c1659756269636f20504956204174746573746174696f6e30820122300d06092a864886f70d01010105000382010f003082010a0282010100bd3d3e27f411eaca9c15528daabcec90506f7a9d966902b25f81cfed02cf3f6259366eb3108c7222d01f1f68845b8eb4ac392eaf564e995fe3ff717d6d476100 (258)
DBG ykpiv.c:795 (_ykpiv_transmit): > 00c0000000 (5)
DBG ykpiv.c:802 (_ykpiv_transmit): < 56b684a67e85b694b82eb01133d0580e4bcd69bf3ea171fdbe996f0a7a076f66a0db448d8e397777b6d7b40f8f096bc0f8c74e698f67cc5987bc7f962adc18ef9ece40b65572439501250b34cc558135d0cf3d362726dc36438667f2964c1c8457e054cba57f35180da1a791e96822d8655e93f85d5360cbae4dc60762cb8f1cafca132ebd552e14b76e68d3674ea58f5dd2602385edfbc090bc9e99fc2e3f8f36d06f8efdadecd4f5d9a4bc5c6ec90fd58b1a3abebe160f084add1de4c4dc27aef70203010001a32930273011060a2b0601040182c40a0303040305040330120603551d130101ff040830060101ff020100300d06092a864886f70d01010b056100 (258)
DBG ykpiv.c:795 (_ykpiv_transmit): > 00c0000000 (5)
DBG ykpiv.c:802 (_ykpiv_transmit): < 0003820101005b86793d1d9a8db527aa81f55fc3261c26675dfb00f4cd04ab3411f857d24ab77fd8dfbbe518b36f616b06873fbef72adb1639480da142bab69bec363bbe03f51b01f5272d457dceb86c552a0414d12d321aa3175e9552353e7647208bf3ce3a8e6e343b79ee7b83f626d619e9347b8d6518a6e5452599ea86b5d5b0b43e0e24c4e3a60cc7ad66f50aa19ed084dd98d35dbdbf76c22b7cdeff07a1dff1f78474d168e67e1c0a3e2c179bf37e506c6bca5ebc71e52cc36cbd594c22c7148c47cb907329ba6b5dea9adb70cc69cb26b13575be6563b18fe5e3699325ac9abd012b1bdd07ee04c89820d8c1c54f01ada75058b8d9cbec6dac149d036106 (258)
DBG ykpiv.c:795 (_ykpiv_transmit): > 00c0000006 (5)
DBG ykpiv.c:802 (_ykpiv_transmit): < 352223f6983f9000 (8)
DBG ykpiv.c:748 (ykpiv_translate_sw): SW_SUCCESS
DBG ykpiv.c:795 (_ykpiv_transmit): > 1087079cff7c8201068200818201000001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff003031300d0609608648016503040201050004204dd2a91a5273d3f4a5aa91265001ef8e973897832600 (261)
DBG ykpiv.c:802 (_ykpiv_transmit): < 9000 (2)
DBG ykpiv.c:795 (_ykpiv_transmit): > 0087079c0bf8b5948962db394dc679b200 (17)
DBG ykpiv.c:802 (_ykpiv_transmit): < 6982 (2)
DBG ykpiv.c:751 (ykpiv_translate_sw): SW_ERR_SECURITY_STATUS
DBG ykpiv.c:1249 (_general_authenticate): Sign command failed
Failed signing data: Authentication error.
Failed signing request.
C01B991E117F0000:error:06880006:asn1 encoding routines:ASN1_item_sign_ctx:EVP lib:../crypto/asn1/a_sign.c:284:
DBG ykpiv.c:344 (ykpiv_disconnect): Disconnect card
@tillmann-crabnebula tillmann-crabnebula changed the title Creation of Certificate Sign Requests Fails if Key Pin Policy is Set to Once or Always Creation of Certificate Sign Requests Fails if Key Pin Policy is Set to Once or Always in Combination with Attestation Feb 28, 2023
@qpernil
Copy link
Contributor

qpernil commented Feb 28, 2023

Yes this is a known issue, the problem is that the tool performs several operations against the device within a single action, hence pin cannot be verified directly before the signing operation, which is required by keys with the always-auth pin policy. There are two PRs implemented to solve this in two different ways, but a decision hasn't been made yet which one to commit to.

@tillmann-crabnebula
Copy link
Author

tillmann-crabnebula commented Mar 1, 2023

Hey @qpernil thanks for the heads up!
I saw the PRs are around 2 years old, so I don't expect any merge soon. Any recommendation which branch we should use in the meantime?

I would assume #326 is the more simplistic change suited for our case, as it's only affecting the tool and not the library.

@qpernil
Copy link
Contributor

qpernil commented Mar 1, 2023

Yes, that's the one most likely to be merged, or something similar.

@qpernil
Copy link
Contributor

qpernil commented Mar 13, 2023

I just noticed one thing from the title of this issue - The problem should only manifest if the PIN policy is 'always', i.e. by default only slot 9c.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

2 participants