Closed Bug 1333725 Opened 8 years ago Closed 7 years ago

PKCS#11 context specific login does not work with OpenSC

Categories

(NSS :: Libraries, defect, P3)

Product:
NSS
Component:
Libraries
Version:
3.28.1
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: jjelen, Assigned: rrelyea)

References

(Blocks 1 open bug)

Details

User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0 Build ID: 20161213225203 Steps to reproduce: The OpenSC is using ALWAYS_AUTHENTICATE attributes for some of the keys, and when NSS is used to do the Sign/Decrypt operations, it sends different commands to the card between the context specific login and the actual Sign/Decrypt. The reason is that the NSS is updating the database of cached certs after login (but that should not happen after context-specific login). The patch below resolve the problem for us: --- nss-3.28.1/nss/lib/pk11wrap/pk11auth.c.old 2017-01-25 11:21:29.577219114 +0100 +++ nss-3.28.1/nss/lib/pk11wrap/pk11auth.c 2017-01-25 11:21:42.234203686 +0100 @@ -636,7 +636,7 @@ PK11_DoPassword(PK11SlotInfo *slot, CK_S break; } if (rv == SECSuccess) { - if (!PK11_IsFriendly(slot)) { + if (!contextSpecific && !PK11_IsFriendly(slot)) { nssTrustDomain_UpdateCachedTokenCerts(slot->nssToken->trustDomain, slot->nssToken); } Actual results: The Sign/Decrypt fails with errors (security status not satisfied). Expected results: The Sign/Decrypt operation on ALWAYS_AUTHENTICATE objects should work
See the discussion on https://github.com/OpenSC/OpenSC/issues/1071 and proposed fix https://github.com/OpenSC/OpenSC/pull/1072 With NIST-800-73-4 Part 2, PIV smart card, the ALWAYS_AUTHENTICATE is referred to as "PIN Always" rule. It is enforced on the smart card by requiring a PIN VERIFY command to immediately proceed the crypto operation. When OpenSC receives a C_GetSessionInfo call it will check if the user is still logged into the smart card by issuing a VERIFY Lc=0 i.e. a VERIFY command with out a PIN. If the application calls C_GetSessionInfo between the C_Login(CKU_CONTEXT_SPECIFIC) and the C_Sign this will cause the card to reject the C_Sign because of the "PIN Always" rule. The feature to use the VERIFY Lc=0 was added to OpenSC in the previous release. There are two ways to fix this: Fix in OpenSC, to recognize the situation and not send the VERIFY Lc=0. That is what is being discussed in the OpenSC issues above and may be fixed (or not) in the next release. Fix in application (Mozilla NSS) by not calling C_GetSessionInfo (or the sequence of commands in the pooling loop: C_GetSlotList, C_GetSlotInfo and C_GetSessionInfo) between the C_Login(CKU_CONTEXT_SPECIFIC) and the C_Sign. Avoid any other PKCS#11 calls as well.
An updated version of https://github.com/OpenSC/OpenSC/pull/1072 has been submitted. An annotated opensc-debug.log is also included and can be found at: https://github.com/OpenSC/OpenSC/pull/1072#issuecomment-310678440 I would be interested if any NSS developer can try the OpenSC PR to see if it fixes the problem. Right now this appears to be an issue with only PIV cards that enforce the "PIN Always" rule. If other cards also fail an opensc-debug.log would be helpful.
Assignee: nobody → rrelyea
Blocks: 1399364
Priority: -- → P3
https://hg.mozilla.org/projects/nss/rev/cb3e42a506f1cd2dea5f25a7440f57bc8e2d04b2
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.36
You need to log in before you can comment on or make changes to this bug.