[Bug 1312462] [NEW] SmartCard-HSM card fails when generating ECC keypair

Thu, 24 Apr 2014 16:01:26 -0700 

Public bug reported:

Generating an ECC keypair on-card will result in a private key on the
card, but it does not list the public key (pkcs15-tool -D, pkcs11-tool
--list-objects). Possibly related to #1311921.

Steps to reproduce:

1. Generate an ECC keypair will produce a warning:

$ pkcs11-tool --module opensc-pkcs11.so -l --keypairgen --key-type
EC:prime256v1 --label "My first EC key" --id 12

Outputs a warning which is unexpected:

Using slot 1 with a present token (0x1)
Logging in to "SmartCard-HSM (UserPIN)".
Please enter User PIN: 
Key pair generated:
Private Key Object; EC
  label:      My first EC key
  ID:         12
  Usage:      decrypt, sign, unwrap
Public Key Object; EC EC_POINT 264 bits
 EC_POINT:  
04430441049c70fbabddb007a398c370bcc61f9182b2da7c1146921d36580ab03ec66093a1724cc7b3a04ee0b49965c21996f9fa3580a0bde3c4b708fe4cf5f023a3e47005
warning: PKCS11 function C_GetAttributeValue(EC_PARAMS) failed: rv = 
CKR_ATTRIBUTE_TYPE_INVALID (0x12)

  label:      My first EC key
  ID:         12
  Usage:      encrypt, verify, wrap

2. Verifying both the public and private key to be listed fails. Only my
RSA public keys are listed.

$ pkcs15-tool -D
[...]
Private RSA Key [Private Key]
[...]
Private RSA Key [rsa1024 test]
[...]
Private EC Key [My first EC key]
[...]
Public RSA Key [Private Key]
[...]
Public RSA Key [rsa1024 test]
[...]

$ pkcs11-tool --module opensc-pkcs11.so --list-objects                          
                                                                     
Using slot 1 with a present token (0x1)
Public Key Object; RSA 2048 bits
  label:      Private Key
  ID:         10
  Usage:      none
Public Key Object; RSA 1024 bits
  label:      rsa1024 test
  ID:         11
  Usage:      none

Applying
https://github.com/OpenSC/OpenSC/commit/b34d916e60a6c3fc281e051ce1447191584a85a5
on top of 0.13.0-3ubuntu4 (together with my debdiff in
https://bugs.launchpad.net/ubuntu/+source/opensc/+bug/1311921/comments/1
) does not fix it for me, unfortunately.

I'm currently researching on how to get this working with a minimal set
of patches from upstream.

** Affects: opensc (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1312462

Title:
  SmartCard-HSM card fails when generating ECC keypair

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/opensc/+bug/1312462/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to