Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CSR, Certificate validation error #124

Open
hoinmic opened this issue Sep 16, 2024 · 3 comments
Open

CSR, Certificate validation error #124

hoinmic opened this issue Sep 16, 2024 · 3 comments

Comments

@hoinmic
Copy link
Contributor

hoinmic commented Sep 16, 2024
edited
Loading

Hello together

I am stuck with OpenSSL at one point. We send a CSR from a TPM to the PKI and the PKI sends back a certificate. Unfortunately, the certificate verification fails.
The PKI has existed for some time and must continue to be used. The PKI signs the certificates with a SHA512. The TPM, for its part, can use algorithms up to sha384 ( TPM Infineon 9673 ).
The problem is that openssl uses the TPM (which does not support this algorithm) to validate the certificate.
In my opinion, OpenSSL could do this without the TPM.

I have now tried a few things with the propquery. For example:

...
-provider tpm2 -provider default -propquery ?provider=tpm2,provider-signature!=yes
...

But I always failed.

The procedure is as follows:

.....
openssl req -provider tpm2 -new \
-subj $csr_subject \
-key handle:$handle \
-out $client_crs_file \
-sha384
 
openssl cmp -provider tpm2 -provider default -propquery ?provider=tpm2,provider-signature!=yes \
-cmd ir \
-config "" \
-server 192.168.251.40:80 \
-path /api/cmp \
-unprotected_requests \
-unprotected_errors \
-srvcert IssuingCA2018.cacert.pem \
-subject $csr_subject \
-csr $client_crs_file \
-certout $received_cert \
-extracertsout $received_extracert \
-newkey handle:$handle \
-verbosity 8

The CMP IR displays the following response:

CMP info: sending IR
CMP info: received IP
CMP DEBUG: validating CMP message
WARNING:esys:/usr/src/debug/tpm2-tss/4.0.1/src/tss2-esys/api/Esys_LoadExternal.c:314:Esys_LoadExternal_Finish() Received TPM Error
ERROR:esys:/usr/src/debug/tpm2-tss/4.0.1/src/tss2-esys/api/Esys_LoadExternal.c:108:Esys_LoadExternal() Esys Finish ErrorCode (0x000002e6)
CMP warning: CMP message signature verification failed
CMP error: cannot load key:742 tpm:parameter(2):curve not supported
CMP error: EVP lib
CMP error: error validating signature

Does anyone have any ideas what we could change or what we are doing wrong?
@DDvO
Copy link

DDvO commented Sep 17, 2024

We meanwhile figured that the issue is not really with with the digest but regarding the curve being used for EC keys.

The tpm2 provider is being used successfully for producing a ECDSA self-signature of the CSR, with 384 bits,
but when the CMP client obtains a response message signed using ECDSA with 521 bits,
attempting to verify the signature with the tpm2 provider being enables fails because such long keys are not supported.

Actually there is no need to use the provider for signature validation as this just requires the public key,
and for performance reason this should not really be done.
Is there a way, of excluding via a property query specifically the signature verification operation?

Unfortunately, tpm2 documentation on the possible query values is non-existing/incomplete:
docs/initialization.md just gives an example: -propqueryprovider=tpm2,tpm2.digest!=yes
A view at src/tpm2-provider.c reveals that there is also signature, but not verification.

@DDvO
Copy link

DDvO commented Sep 17, 2024

Does it make sense after all that the provider offers support for verifying signatures?
Maybe it should simply not offer this operation at all.

@hoinmic
Copy link
Contributor Author

hoinmic commented Sep 17, 2024

I also think that the provider should not offer signature verification.

In case someone runs into the same situation. With support from @DDvO we have found out the following workaround:

# Command is executed to generate a request with support of tpm device. The command 
# is stopped abruptly when the dummy file is consulted. At this point, the request (req.der) has already
# been created.
touch dummyfile
openssl cmp -provider tpm2 -provider default \
-cmd ir \
-config "" \
-server 192.168.251.40:80 \
-path /api/cmp \
-unprotected_requests \
-unprotected_errors \
-srvcert IssuingCA2018.cacert.pem \
-subject $csr_subject \
-certout $received_cert \
-extracertsout $received_extracert \
-newkey handle:$handle \
-verbosity 8 \
-reqout req.der \
-rspin dummyfile

# Command is executed to send the previously generated request (req.der) without support of a tpm device.
openssl cmp \
-cmd ir \
-config "" \
-server 192.168.251.40:80 \
-path /api/cmp \
-unprotected_requests \
-unprotected_errors \
-srvcert IssuingCA2018.cacert.pem \
-subject $csr_subject \
-certout $received_cert \
-extracertsout $received_extracert \
-newkey pubkey.pem \
-verbosity 8 \
-reqin req.der \
-popo -1 \
-disable_confirm

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@DDvO @hoinmic