OpenPGP 3.4+: Get list of supported algorithms from Algorithm Information #2287
Conversation
ya-isakov
changed the title
ya-isakov
force-pushed
the
do_fa
branch
3 times, most recently
from
f923d32 to
d6f519d
Compare
ya-isakov
changed the title
ya-isakov
force-pushed
the
do_fa
branch
7 times, most recently
from
cfe0c2b to
e1d5ce0
Compare
Jakuje
left a comment
Jakuje
left a comment
There was a problem hiding this comment.
Looks good. Just couple of comments around the code style. Tested with Nitrokey Start and I did not notice any issues.
|
@Jakuje thank you for review. IIRC, Nitrokeys are based on GNUK, which OpenPGP Card 2.0 with some extensions, so, my code should not work for it. But it's good to know that I haven't broke anything for other tokens :) I've changed logic a little bit (now, DO FA should be checked independent from DO 6E, but, still, if any algo is found by it, code in DO 6E will ignore info from DOs 7E -> C1-C3. Could you, please, test it again? |
Right. I was writing the initial support for ed25519 in opensc around the gnuk.
Retested current version and looks working fine. |
|
After some research, I found that OpenSC is parsing Import-Format byte, but then it's not storing it anywhere. So, it's set in pgp_parse_algo_attr_blob, but the struct, where it is set, is created in pgp_get_card_features, but nowhere In this function I can see usage of keyformat field (e.g, it is not added as algo field) Then, keyformat is checked only once - in pgp_build_extended_header_list, and this function is called in openpgp_store_key. In the same function, key_info is created, but no keyformat field is set. So, I think I can assume, that as this setting is ignored, my current approach is fine - for tokens < 3.4, the setting will be read from DO 6E, and ignored. For 3.4+ tokens, if DO FA has this byte set for any algo, it will be ignored, again... |
|
Looks like the keyformat deals with the format of the private key on the card. And in OpenPGP-3.4.1 it shows how the STD and CRT are used. So unless you are loading or reading a private key, you should not care, because you will never see it. |
frankmorgner
left a comment
frankmorgner
left a comment
There was a problem hiding this comment.
The code looks good, just a formatting issue
|
@ya-isakov can you rebase the patch set on the current master and resolve the conflicts? |
|
@Jakuje, Sure, I'll do it on this weekend. |
…tion OpenPGP Card 3.4+ supports getting list of algos from the new Algoritm Information DO https://gnupg.org/ftp/specs/OpenPGP-smart-card-application-3.4.pdf, 4.4.3.11 If at least one algo is in this list, use it, and ignore hardcoded. Tested on Yubikey 5 NFC with FW 5.2.4. Handled few problems with Yubikey not following the spec. Also, fixed problem with algorithm find, which will return EC algorithm with the same key size, even if curve is not the same.
ya-isakov
force-pushed
the
do_fa
branch
2 times, most recently
from
6afc361 to
0f122ee
Compare
If we're finding EC algo, and curve is not matched, another algo with the same key length shoud not be returned.
- Now it's checked independent from DO 6E - If no algos can be parsed from DO FA, code will fallback to other ways - Indentation fixes
After parsing DO FA, algorithm info could have both X25519 and older EC curves. This leads to register of two mechanisms with same type, CKM_ECDH1_DERIVE, but different key types. This could lead to a situation, that C_DeriveKey will throw an error, while user is trying to derive using X25519 key. This commit fixes this, to have a list of key types, and registering the second mechanism will just add key type to list in the existing mechanism, and updates it's mech_info.
|
I've rebased my branch, fixed leftover comments, but I need to check, if it is still working :) Will do it soon. |
Jakuje
left a comment
Jakuje
left a comment
There was a problem hiding this comment.
just minor nits. I think we are good to go with this. Tested locally with Nitrokey start and all looks fine.
A bit off topic: Nitrokey Pro and Nitrokey Storage contain OpenPGP v3.3 card. Nitrokey Start is indeed v2.0+ (with chosen parts of v3.3 spec) software OpenPGP implementation, based on GNUK. |
|
@szszszsz thanks for clarification and thanks for reminder I wanted to merge this finally. It would be great if we could get the nits I mentioned last month fixed. But anyway, if there will be no further concerns, I will merge this during the next week. |
|
Thank you! |
5 participants
OpenPGP Card 3.4+ supports getting list of algos from the new Algoritm Information DO
https://gnupg.org/ftp/specs/OpenPGP-smart-card-application-3.4.pdf, 4.4.3.11
If at least one algo is in this list, use it, and ignore hardcoded.
Tested on Yubikey 5 NFC with FW 5.2.4. Handled few problems with Yubikey not
following the spec.
Also, fixed problem with algorithm find, which will return EC algorithm with the same
key size, even if curve is not the same (e.g., curves 1.3.132.0.34 and 1.3.36.3.3.2.8.1.1.11 has
the same keysize of 384 bits, so it was possible that one returned in place of other)
This is needed for Yubikey to support more algorithms, than are used in Algorithm Attributes DO,
in case it was initialized with gpg, and not pkcs15-tool.
Checklist