SSL connection failure: PKCS #11 error

Thu Mar 7 11:03:33 PST 2024

David,
tried to patch it no luck
i.e.
diff -ur openconnect-9.12.orig/gnutls_tpm2_esys.c openconnect-
9.12/gnutls_tpm2_esys.c

--- openconnect-9.12.orig/gnutls_tpm2_esys.c	2022-04-28
17:58:05.000000000 +0200
+++ openconnect-9.12/gnutls_tpm2_esys.c	2024-03-07 16:03:54.521631835
+0100
@@ -498,12 +498,11 @@
 	case SHA1_SIZE:   inScheme.details.ecdsa.hashAlg =
TPM2_ALG_SHA1;   break;
 	case SHA256_SIZE: inScheme.details.ecdsa.hashAlg =
TPM2_ALG_SHA256; break;
 	case SHA384_SIZE: inScheme.details.ecdsa.hashAlg =
TPM2_ALG_SHA384; break;
-	case SHA512_SIZE: inScheme.details.ecdsa.hashAlg =
TPM2_ALG_SHA512; break;
+	case SHA512_SIZE: inScheme.details.ecdsa.hashAlg =
TPM2_ALG_SHA512; digest.size = 32 ; break;
 	default:
-		vpn_progress(vpninfo, PRG_ERR,
-			     _("Unknown TPM2 EC digest size %d for
algo 0x%x\n"),
-			     data->size, algo);
-		return GNUTLS_E_PK_SIGN_FAILED;
+	  inScheme.details.ecdsa.hashAlg = TPM2_ALG_SHA512; 
+    digest.size = 32;
+    break;
 	}
 
 	memcpy(digest.buffer, data->data, data->size);

I am on Fedora 39 using gnutls-3.8.3-1.fc39.x86_64

The process works with a software-emulated TPM, but generates the error
on real hardware, tried 3 different laptops.

Here is the basic process I am using to create/add the key and csr.
Maybe you see something here that I am missing.

tpm2_clear
tpm2_ptool init
tpm2_ptool addtoken --pid=1 --sopin=sopin --userpin=userpin --
label=TL_ECC256
tpm2_ptool addkey --algorithm=ecc256 --label=TL_ECC256 --key-
label=KL_ECC256 --userpin=userpin
tpm2_ptool config --key tcti --value "device:/dev/tpmrm0" --
label=TL_ECC256

TOKEN=`p11tool --list-token-urls 2> /dev/null | grep "token=TL_ECC256"`
p11tool --login --list-all "${TOKEN}" --set-pin="userpin" --outfile
p11tool.out
PRIVATE_KEY=`cat p11tool.out | grep private | awk '{ print $2 }'`
yaml_rsa0=$(tpm2_ptool export --label="TL_ECC256" --key-
label="KL_ECC256" --userpin="userpin")
auth_rsa0=$(echo "${yaml_rsa0}" | grep "object-auth" | cut -d' ' -f2-)

openssl req -new -provider tpm2 -provider base -propquery
"?provider=tpm2" -key "KL_ECC256.pem" -passin "pass:${auth_rsa0}" -subj
"/C=US/ST=NY/L=New_York/O=Acme/CN=1234567/emailAddress=test at acme.com" -
out test_csr.csr

I send this CSR "test_csr.csr" together with the profile to the
Digicert One API


On Thu, 2024-03-07 at 14:36 +0000, David Woodhouse wrote:
> On Wed, 2024-03-06 at 12:44 +0100, Grant Williamson wrote:
> > I am attempting to transition our existing environment of signed
> > Digicert certificates from RSA-4096 to ECC256. The digicert one
> > signing process appears to work.
> > When using a software-emulated TPM, the connection is succesful.
> > 
> > When I try hardware tpm(3 laptops) I encounter the folowing problem
> > ERROR: Esys_Sign: tpm:parameter(1):structure is the wrong size
> > SSL connection failure: PKCS #11 error.
> > 
> > I have tried generating the csr to be signed using both tpm2-
> > openssl
> > and pkcs11-provider, same result.
> > 
> > Maybe the following gives a clue. Any ideas?
> > (openconnect with --gnutls-debug=99 -v)
> > 
> > https://pastebin.com/d2gT4t6q
> 
> I think that's a GnuTLS bug. What version of GnuTLS is it?
> 
> If you're using a Prime256 key, then the SHA512 hash ought to be
> truncated to 32 bytes, and then we'd tell the TPM that it's actually
> a
> SHA256. See 
> http://git.infradead.org/?p=users/dwmw2/openconnect.git;a=blob;f=gnutls_tpm2_esys.c;hb=HEAD#l487
> 
> As a nasty hack, since you know you have a 256-bit EC key (although I
> didn't personally validate that assertion in your logs), can you try
> hard-coding it to use TPM2_ALG_SHA256 and set digest.size=32 in
> tpm2_ec_sign_hash_fn() ? 
> 
> Do this in either gnutls_tpm2_esys.c or gnutls_tpm2_ibm.c; whichever
> is
> being used on your system. Probably the former.

