SSL connection failure: PKCS #11 error

traxtopel at gmail.com traxtopel at gmail.com
Fri Mar 8 02:54:02 PST 2024


I changed the patch to just set. Still fails.

inScheme.details.ecdsa.hashAlg = TPM2_ALG_SHA256; 
digest.size = 32;


if I attempt the gnutls-cli command, I see the following.
gnutls-cli --x509certfile=cert.pem --
x509keyfile="pkcs11:model=%01%01%04%00%02%01%02%00%00%00%00%00%00%00%00
%00;manufacturer=STMicro;serial=0000000000000000;token=TL_ECC256;id=%55
%34%65%38%63%66%65%35%64%61%33%66%30%62%33%33;object=KL_ECC256;type=pri
vate;pin-value=userpin" vpn.com

- Status: The certificate is trusted.
- Description: (TLS1.2-X.509)-(ECDHE-SECP256R1)-(RSA-SHA512)-(AES-256-
GCM)
- Session ID:
C0:25:19:E9:9F:96:EC:96:9D:4B:EE:43:43:90:3C:89:2B:C6:0D:39:64:A9:BA:DE
:7A:D5:ED:C2:8A:5C:44:DB
- No certificate was sent to peer
- Options: safe renegotiation,
- Handshake was completed
- Simple Client Mode:
(this output is similar to what I see with the working rsa4096 cert)

When I try to connect with openconnect, I receive the following error:
ERROR: Esys_Sign: tpm:parameter(1):structure is the wrong size
SSL connection failure: PKCS #11 error.

Similarly, if post running the openconnect command attempt the gnutls-
cli command mentioned above again, it also fails with the same error:
ERROR: Esys_Sign: tpm:parameter(1):structure is the wrong size
*** Fatal error: PKCS #11 error.

However, if I wait a few minutes or connect using my legacy rsa4096
certificate, I can then run the gnutls-cli command multiple times
without encountering the PKCS #11 error.


On Thu, 2024-03-07 at 22:53 +0000, David Woodhouse wrote:
> On 7 March 2024 19:03:33 GMT, traxtopel at gmail.com wrote:
> > David,
> > tried to patch it no luck
> > i.e.
> > diff -ur openconnect-9.12.orig/gnutls_tpm2_esys.c openconnect-
> > 9.12/gnutls_tpm2_esys.c
> > --- openconnect-9.12.orig/gnutls_tpm2_esys.c	2022-04-28
> > 17:58:05.000000000 +0200
> > +++ openconnect-9.12/gnutls_tpm2_esys.c	2024-03-07
> > 16:03:54.521631835
> > +0100
> > @@ -498,12 +498,11 @@
> > 	case SHA1_SIZE:   inScheme.details.ecdsa.hashAlg =
> > TPM2_ALG_SHA1;   break;
> > 	case SHA256_SIZE: inScheme.details.ecdsa.hashAlg =
> > TPM2_ALG_SHA256; break;
> > 	case SHA384_SIZE: inScheme.details.ecdsa.hashAlg =
> > TPM2_ALG_SHA384; break;
> > -	case SHA512_SIZE: inScheme.details.ecdsa.hashAlg =
> > TPM2_ALG_SHA512; break;
> > +	case SHA512_SIZE: inScheme.details.ecdsa.hashAlg =
> > TPM2_ALG_SHA512; digest.size = 32 ; break;
> > 	default:
> > -		vpn_progress(vpninfo, PRG_ERR,
> > -			     _("Unknown TPM2 EC digest size %d for
> > algo 0x%x\n"),
> > -			     data->size, algo);
> > -		return GNUTLS_E_PK_SIGN_FAILED;
> > +	  inScheme.details.ecdsa.hashAlg = TPM2_ALG_SHA512; 
> 
> That wants to be SHA256 too.
> 
> > +    digest.size = 32;
> > +    break;
> > 	}
> > 
> > 	memcpy(digest.buffer, data->data, data->size);
> > 
> > I am on Fedora 39 using gnutls-3.8.3-1.fc39.x86_64
> 
> Ah, by v3.8 GnuTLS actually includes my TPMv2 code natively. Can you
> test with gnutls-cli connecting to the same server with the same key?
> 



More information about the openconnect-devel mailing list