tools/pkcs11-tool.c - Changes for PKCS11 V3,0 eratta and V3.1

PKCS11 tool when sending EC_POINT for Edwards and Montgomery to a PKCS11 module are sent as raw byte string. And pkcs11-tool will accept an EC_POINT as byte string, OCTET STRING or BIT STRING. Note the CKA_PUBLIC_KEY_INFO is SubjectPublicKeyInfo as defined in RFC8410. Additional tests when compiled by OpenSSL older version or Libressl have been added and a signatre operation using a Yubkey Ed25519 key verifies by OpenSSL 3.3.2 utilities. On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c
dengert · Nov 29, 2024 · cbcf9f6 · cbcf9f6
1 parent e418f73
commit cbcf9f6
Showing 1 changed file with 14 additions and 12 deletions.
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
@@ -4686,18 +4686,15 @@ static CK_RV write_object(CK_SESSION_HANDLE session)
 			n_privkey_attr++;
 		}
 
-		/* TODO separate out EC from CKK_EC_EDWARDS and CKK_EC_MONTGOMERY
-		 * to save raw private key part as per 3.0 errata and 3.1
-		 */
-		else if ((type == CKK_EC) || (type == CKK_EC_EDWARDS) || (type = CKK_EC_MONTGOMERY)) {
+		else if ((type == CKK_EC) ||(type == CKK_EC_EDWARDS) || (type == CKK_EC_MONTGOMERY)) {
 			FILL_ATTR(privkey_templ[n_privkey_attr], CKA_KEY_TYPE, &type, sizeof(type));
 			n_privkey_attr++;
 			FILL_ATTR(privkey_templ[n_privkey_attr], CKA_EC_PARAMS, gost.param_oid.value, gost.param_oid.len);
 			n_privkey_attr++;
 			FILL_ATTR(privkey_templ[n_privkey_attr], CKA_VALUE, gost.private.value, gost.private.len);
 			n_privkey_attr++;
+
 		} else if (type == CKK_GOSTR3410) {
-
 			FILL_ATTR(privkey_templ[n_privkey_attr], CKA_KEY_TYPE, &type, sizeof(type));
 			n_privkey_attr++;
 			FILL_ATTR(privkey_templ[n_privkey_attr], CKA_GOSTR3410_PARAMS, gost.param_oid.value, gost.param_oid.len);
@@ -4773,9 +4770,6 @@ static CK_RV write_object(CK_SESSION_HANDLE session)
 		}
 #if !defined(OPENSSL_NO_EC)
 
-		/* TODO separate out EC from CKK_EC_EDWARDS and CKK_EC_MONTGOMERY
-		 * to set CKA_ECPOINT as raw key part as per 3.0 errata and 3.1
-		 */
 		else if ((type == CKK_EC) || (type == CKK_EC_EDWARDS) || (type == CKK_EC_MONTGOMERY)) {
 
 			FILL_ATTR(pubkey_templ[n_pubkey_attr], CKA_KEY_TYPE, &type, sizeof(type));
@@ -6533,6 +6527,8 @@ static int read_object(CK_SESSION_HANDLE session)
 				if (!i2d_PUBKEY_bio(pout, pkey))
 					util_fatal("cannot convert EC public key to DER");
 #endif
+			/* only if compiled with a version of or OpenSSL or libressl */
+			/* do more tests for the other 3 as needed */
 #ifdef EVP_PKEY_ED25519
 			} else if (type == CKK_EC_EDWARDS || type == CKK_EC_MONTGOMERY) {
 				EVP_PKEY *key = NULL;
@@ -6602,14 +6598,20 @@ static int read_object(CK_SESSION_HANDLE session)
 
 				if (type == CKK_EC_EDWARDS && BYTES4BITS(255))
 					raw_pk = EVP_PKEY_ED25519;
+#if defined(EVP_PKEY_ED448)
 				else if (type == CKK_EC_EDWARDS && BYTES4BITS(448))
 					raw_pk = EVP_PKEY_ED448;
+#endif /* EVP_PKEY_ED448 */
+#if defined(EVP_PKEY_X25519)
 				else if (type == CKK_EC_MONTGOMERY && BYTES4BITS(255))
 					raw_pk = EVP_PKEY_X25519;
+#endif /*EVP_PKEY_X25519 */
+#if defined(EVP_PKEY_X448)
 				else if (type == CKK_EC_MONTGOMERY && BYTES4BITS(448))
 					raw_pk = EVP_PKEY_X448;
+#endif  /* EVP_PKEY_X448 */
 				else
-					util_fatal("Invalid CKK_EC_EDWARDS or CKK_EC_MONTGOMERY public key");
+					util_fatal("Invalid or not supported CKK_EC_EDWARDS or CKK_EC_MONTGOMERY public key");
 
 				key = EVP_PKEY_new_raw_public_key(raw_pk, NULL,
 						(const uint8_t *)os->data,
@@ -8761,9 +8763,9 @@ static void test_ec(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
 		return;
 	}
 	getEC_POINT(session, pub_key, &ec_point_len);
-	/* TODO only looking at length of encoded EC_POINT. May be in BIT STRING or OCTET STRING */
-	/* TODO per 3.0 errata and 3.1 Edwards and Montgomery RC_POINT is just a byte string.
-	 * Accept either BIT STRING, OCTET STRING or raw  byte string.
+	/* TODO if this routine us expanded to test EDDSA keys the following may be needed. 
+	 * a per 3.0 errata and 3.1 Edwards and Montgomery EC_POINT is just a byte string.
+	 * Accept either BIT STRING, OCTET STRING or raw byte string.
 	 */
 	if (ec_point_len < 5 || ec_point_len > 10000) {
 		printf("ERR: GetAttribute(pubkey, CKA_EC_POINT) doesn't seem to work\n");