libp11 icon indicating copy to clipboard operation
libp11 copied to clipboard

Published 20 hours ago verified publisher icon OpenSC

nCipher HSM doesn't like CKA_ENCRYPT/CKA_DECRYPT when deriving a generic secret...

Open jimvert opened this issue 1 year ago • 7 comments

Hi,

I'm using libp11-0.4.12 and OpenSSL-1.1.1t against an nCipher HSM running client software version 12.81 and firmware version 12.72. I'm attempting to perform CMS ECDH-based decryption. Here's the basic decryption command being issued along with its failure:

openssl cms -decrypt -in test.enc -inform der -engine pkcs11 -inkey "pkcs11:token=accelerator;object=Gx1EncryptionTest;type=private" -keyform engine -recip Gx1EncryptionTest.pem
engine "pkcs11" set.
Error decrypting CMS using private key
140295955737664:error:82067006:PKCS#11 module:pkcs11_ecdh_derive:Function failed:p11_ec.c:635:

I turned on HSM traces and see the following:

2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB <    rv 0x00000000 (CKR_OK)
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB >>   C_DeriveKey
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB >    hSession 0x000008CB
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB >    pMechanism->mechanism 0x00001050 (CKM_ECDH1_DERIVE)
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB >    hBaseKey 0x000004EF
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB >    CKA_TOKEN: false
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB >    CKA_CLASS:  CKO_SECRET_KEY
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB >    CKA_KEY_TYPE:  CKK_GENERIC_SECRET
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB >     32
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB >    CKA_SENSITIVE: false
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB >    CKA_EXTRACTABLE: true
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB >    CKA_ENCRYPT: true
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB >    CKA_DECRYPT: true
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB Error: Generic stub command DeriveKey returned 45
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB Error: Status_InvalidACL
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB <    *phKey 0x00000000
2023-05-04 11:22:36 [28556] t40ac2687b07f0000: pkcs11: 000008CB <    rv 0x00000006 (CKR_FUNCTION_FAILED)
Error decrypting CMS using private key
140396158430272:error:82067006:PKCS#11 module:pkcs11_ecdh_derive:Function failed:p11_ec.c:635:

I modified P11_ec.c to remove CKA_ENCRYPT and CKA_DECRYPT from the template at https://github.com/OpenSC/libp11/blob/libp11-0.4.12/src/p11_ec.c#L587. The change eliminated the error and allowed the decryption to proceed successfully.

There's some evidence that generic secrets don't support encryption/decryption: https://www.cryptsoft.com/pkcs11doc/v220/group__SEC__12__7__2__GENERIC__SECRET__KEY__OBJECTS.html. It would seem that the nCipher libraries are enforcing these constraints.

jimvert avatar May 04 '23 20:05 jimvert