Disturbing access to private cert without PIN or Passphrase

I have been able to access my private cert with no prompt
from my PKCS15
formatted token.
So I don't understand what's going on.
This happened once before on a FreeBSD system, where after
formatting a
token with opensc code we were able to access a server
without a prompt or
PIN of any kind.
Our thinking was an agent process that was running but PS
showed no such
process.
Then we thought that formatting the token with
"onepin" option was the
problem. We reformatted and tried again. This time we got a
prompt. This has
started happing on the cygwin system I have been working
with Alon with/on.
Regardless of anything else the token "should"
protect the ability to use
the private certificate stored on the token.

This issue is figuring out why this is happening; how can I
access the
private key without logging into the token first, I need to
be confident
that the token will protect the private key regardless of
the formatting or
software prompts.

I need ideas of what I have done wrong.

--
Dan



_______________________________________________
opensc-user mailing list
opensc-userlists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-
user

Am Donnerstag, 20. März 2008 06:52:17 schrieb Dan Peterson:
> I have been able to access my private cert with no
prompt from my PKCS15
> formatted token.

keys are private, not certificates. everyone can read the
certificate - it is 
not of much use.

you could construct a different profile, where the cert is
protected by pin,
but the opensc setup is different.

I prefer to have the cert open - a machine can check if you
are elegible for 
login before asking you for a pin. same with web sites and
offering cert 
based authentication. entering a PIN without knowing whether
it is any good
is bad securitypractice from my point of view. if you want
privacy, the 
certificate doesn't need a name or anything, a serial only /
random id will 
do.

Regards, Andreas
_______________________________________________
opensc-user mailing list
opensc-userlists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-
user

I guess what I am talking about is I was able to use the
private key to login to a server with ever entering a
passphrase or pin, nothing.
Meaning that if you had my username and my token you also
could log into the server, no passphrase needed

--
Dan

      -----Original Message-----
      From: Andreas Jellinghaus [mailto:ajdungeon.inka.de]
      Sent: Wednesday, March 19, 2008 11:34 PM
      To: opensc-userlists.opensc-project.org; drpetersones.net
      Subject: Re: [opensc-user] Disturbing access to
private cert
      without PIN or Passphrase
      
      Am Donnerstag, 20. März 2008 06:52:17 schrieb Dan
Peterson:
      > I have been able to access my private cert with
no prompt from my
      PKCS15
      > formatted token.
      
      keys are private, not certificates. everyone can read
the
      certificate - it is
      not of much use.
      
      you could construct a different profile, where the
cert is
      protected by pin,
      but the opensc setup is different.
      
      I prefer to have the cert open - a machine can check
if you are
      elegible for
      login before asking you for a pin. same with web sites
and offering
      cert
      based authentication. entering a PIN without knowing
whether it is
      any good
      is bad securitypractice from my point of view. if you
want privacy,
      the
      certificate doesn't need a name or anything, a serial
only / random
      id will
      do.
      
      Regards, Andreas



_______________________________________________
opensc-user mailing list
opensc-userlists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-
user

So.. I was happily testing away with my Aladdin eToken when
it started allowing me to connect without any passphrase or
PIN. Thinking that it might have cached something; I killed
all agents that might have been running and tried again.
Connected without passphrase or PIN.
So I rebooted; now I know that I don’t have anything
running on my end; tried again, no prompt for passphrase or
PIN connected to server.
I gave up and the next day; with a fellow co-worker looking
over my shoulder rebooted the system, and proceeded to
connect to the server without a passphrase or PIN using the
token. I exited the connection and tried to remake the
connection without the token inserted. I was told that the
token was not inserted. I inserted the token and tried
again; this time it connected without a passphrase or PIN.

I then started playing around with different options in the
pkcs15.profile and managed to mangle the token to the point
I can't use it anymore; that’s okay, but I don’t
understand why I was able to use the token to authenticate
to a SSH server without ever entering a passphrase or PIN.

I set up another token with the exact configuration and have
not had the issue come back up, meaning that I have to enter
some passphrase or PIN to complete the connection. So why
was I able to use the token without ever typing a
passphrase?

This is the exact method of the formatting of this token; I
was recording the steps and information of the token as I
was doing it.

Now this token was initiated with the following:

pkcs15-init --erase --use-default-transport-key
pkcs15-init --create-pkcs15 --use-default-transport-key
pkcs15-init --store-pin --auth-id 01 --label "My
Token"
pkcs15-init --store-private-key My-priv.pem --auth-id 01
--id 45
pkcs15-init --store-certificate My-pub.pem --auth-id 01 --id
45

The PEM files came from a p12 file out of firefox from a CA
I have access to; I split with the following:
openssl pkcs12 -in MY.p12 -clcerts -nokeys -out My-pub.pem
openssl pkcs12 -in MY.p12 -nocerts -out My-prv.pem

When I was done a dump of the token showed:

pkcs15-tool --dump
PKCS#15 Card [OpenSC]:
        Version        : 1
        Serial number  : 254AE20E0A0F
        Manufacturer ID: OpenSC Project
        Last update    : 20080226180017Z
        Flags          : EID compliant

PIN [User PIN]
        Com. Flags: 0x3
        ID        : 01
        Flags     : [0x32], local, initialized,
needs-padding
        Length    : min_len:4, max_len:8, stored_len:8
        Pad char  : 0x00
        Reference : 1
        Type      : ascii-numeric
        Path      : 3f005015

Private RSA Key [......]
        Com. Flags  : 3
        Usage       : [0x4], sign
        Access Flags: [0x1D], sensitive, alwaysSensitive,
neverExtract, local
        ModLength   : 2048
        Key ref     : 16
        Native      : yes
        Path        : 3f005015
        Auth ID     :
        ID          : 45

Public RSA Key [.......]
        Com. Flags  : 2
        Usage       : [0x4], sign
        Access Flags: [0x0]
        ModLength   : 2048
        Key ref     : 0
        Native      : no
        Path        : 3f0050153048
        Auth ID     :
        ID          : 45

X.509 Certificate [.....]
        Flags    : 2
        Authority: no
        Path     : 3f0050153149
        ID       : 45

I grabbed the public key with:
PuTTY SC tool pprint.exe:

pprint -l opensc-pkcs11.dll
Putty SC pkcs11 public key list tool v1.2
see http://www.joebar.ch/pu
ttysc/ for more information

--------------------------------------------
sc: Found token: ...... (User PIN)
sc: Found cert: .......
sc: Found cert: E
sc: Found key: E
sc: Blob: 280 (4,257)
sc: ssh-rsa
AAAAB3NzaC1yc2EAAAAEAAEAAQAAAQEAr58MIYd5eYooh0bWa7X0ejdBsRse
NDSaq1X3I9DiXz7EiN
oFJruqJOaSE1FVqhjFuK2ZGfA2BziMf4o/HqOohXQOOK/ik2W41j31rVu37j
+bOwCftyhFlOFlv4c0ANkO5y3Fhd1+
/QjH53w2R9BrE5EVn8DAVRCSeM/w6FdTF/IPFir+VqosIIEOSbbRFQVAsOEw
/JULi2oGLeANJrdgPAKLcldgAbeD90
q7TK15iiwecTCFy1RZZHd/pRnmJKmjDpa94vruGSx2Lxjt1LhEV7dFsDJ6BU
GLJXypXfvtnDh4yh8+Z+7sgN+e2JOU
H5AemKehRHiAKIZfgZf4i+2fcw== token-key

I copied the public cert to the SSH server authorized_keys
file and was using that to test.

--
Dan

  

-----Original Message-----
From: Andreas Jellinghaus [mailto:ajdungeon.inka.de] 
Sent: Wednesday, March 26, 2008 12:20 AM
To: opensc-userlists.opensc-project.org; drpetersones.net
Subject: Re: [opensc-user] Disturbing access to private cert
without PIN or Passphrase

Am Donnerstag, 20. März 2008 07:59:04 schrieb Dan
Peterson:
> I guess what I am talking about is I was able to use
the private key 
> to login to a server with ever entering a passphrase or
pin, nothing. 
> Meaning that if you had my username and my token you
also could log 
> into the server, no passphrase needed

the opensc default profile needs a pin for using the rsa
key. that pin could be from an ssh agent or similar - some
people have one and even forget it is there - check with
"ssh-add -D".

if the card was initialized with a different software: maybe
it configured the card to have a key that can be used
without a PIN? that is still quite secure - most likely you
still can't extract the key - and works well enough for many
people.

not all card operating systems allow rsa keys without pin
protection, and I don't think anyone has made a profile for
opensc (and whetever other changes are necessary) to setup a
card in that way.

Regards, Andreas



_______________________________________________
opensc-user mailing list
opensc-userlists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-
user

Am Donnerstag, 20. März 2008 07:59:04 schrieb Dan Peterson:
> I guess what I am talking about is I was able to use
the private key to
> login to a server with ever entering a passphrase or
pin, nothing. Meaning
> that if you had my username and my token you also could
log into the
> server, no passphrase needed

the opensc default profile needs a pin for using the rsa
key. that pin could 
be from an ssh agent or similar - some people have one and
even forget it is
there - check with "ssh-add -D".

if the card was initialized with a different software: maybe
it configured the
card to have a key that can be used without a PIN? that is
still quite 
secure - most likely you still can't extract the key - and
works well enough
for many people.

not all card operating systems allow rsa keys without pin
protection, and I
don't think anyone has made a profile for opensc (and
whetever other changes 
are necessary) to setup a card in that way.

Regards, Andreas
_______________________________________________
opensc-user mailing list
opensc-userlists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-
user

I never touched the pkcs15.profile until after the problem
and in doing so a made the openSC portion of the token
un-erasable. It asks for a passphrase to erase the token and
does not take anything I give it. 

We saw this problem on a FreeBSD box first; then it started
doing it on my install later. No other keys, files etc, were
available nor available to the server at the time in either
case.

The RSA keys are passphrased and in fact all of this was
working just fine for about 30 to 50 logins; then out of the
blue it started doing this, I am repeating myself, I told
you story already...

Is there any documentation on the pkcs15.profile settings? I
cant find any or I am looking in all the wrong places.

If I see this again I will start the debug as suggested but
for now I don’t think it would do any good.
 



--
Dan

-----Original Message-----
From: Andreas Jellinghaus [mailto:ajdungeon.inka.de] 
Sent: Thursday, March 27, 2008 2:56 AM
To: drpetersones.net
Cc: opensc-userlists.opensc-project.org
Subject: Re: [opensc-user] Disturbing access to private cert
without PIN or Passphrase

Am Mittwoch, 26. März 2008 17:40:55 schrieb Dan Peterson:
> I set up another token with the exact configuration and
have not had 
> the issue come back up, meaning that I have to enter
some passphrase 
> or PIN to complete the connection. So why was I able to
use the token 
> without ever typing a passphrase?

if you still have it: enable opensc.conf options for
debugging and a debug log file. if the file is created, the
token is used. if not, the ssh might accept some other
authentication (file key etc.). only to be one the safe
side.

if the token is used, the log file could tell what is going
on. maybe the rsa key doesn't need a PIN to be used - then
opensc would use it without asking for one I guess. but I
don't even know how to create an rsa key that doesn't need
one. but with cardos it should be possible, as far as I
remember.

> pkcs15-init --erase --use-default-transport-key
pkcs15-init 
> --create-pkcs15 --use-default-transport-key pkcs15-init
--store-pin 
> --auth-id 01 --label "My Token"
> pkcs15-init --store-private-key My-priv.pem --auth-id
01 --id 45 
> pkcs15-init --store-certificate My-pub.pem --auth-id 01
--id 45

everything looks fine to me.

> pkcs15-tool --dump
> PKCS#15 Card [OpenSC]:
>         Version        : 1
>         Serial number  : 254AE20E0A0F
>         Manufacturer ID: OpenSC Project
>         Last update    : 20080226180017Z
>         Flags          : EID compliant
>
> PIN [User PIN]
>         Com. Flags: 0x3
>         ID        : 01
>         Flags     : [0x32], local, initialized,
needs-padding
>         Length    : min_len:4, max_len:8, stored_len:8
>         Pad char  : 0x00
>         Reference : 1
>         Type      : ascii-numeric
>         Path      : 3f005015
>
> Private RSA Key [......]
>         Com. Flags  : 3
>         Usage       : [0x4], sign

you could add -u to set a key usage other than sign (e.g.
allow decrypt too).
but cardos doesn't support signing and decrypting on the
same key. however we have a hack for this situation:
--split-key will store two copies, one for signing and one
for decrypting, and choose the right one.

so, sorry, no idea how that happend to you. noone edits
pkcs15.profile (except maybe the sizes of the directories),
so if you changed that, it could be the cause - no idea.
that file is only used with pkcs15-init as far as I know,
once the token is initialized and filled with content, it is
no longer used.

Regards, Andreas



_______________________________________________
opensc-user mailing list
opensc-userlists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-
user

Am Donnerstag, 27. März 2008 17:42:32 schrieb Dan Peterson:
> I never touched the pkcs15.profile until after the
problem and in doing so
> a made the openSC portion of the token un-erasable. It
asks for a
> passphrase to erase the token and does not take
anything I give it.
>
> We saw this problem on a FreeBSD box first; then it
started doing it on my
> install later. No other keys, files etc, were available
nor available to
> the server at the time in either case.
>
> The RSA keys are passphrased and in fact all of this
was working just fine
> for about 30 to 50 logins; then out of the blue it
started doing this, I am
> repeating myself, I told you story already...
>
> Is there any documentation on the pkcs15.profile
settings? I cant find any
> or I am looking in all the wrong places.

not really. I think there is no documentation beside the
comments in the code
and the author of that code has left opensc project many
years ago. but if you
have specific questions, some of the other developers might
be able to help I 
hope.

> If I see this again I will start the debug as suggested
but for now I don’t
> think it would do any good.

problem with debugging is, that it is very time consuming to
analyse log files
etc. so see what went wrong. still if you can reproduce the
problem, it might
be worth a try.

Regards, Andreas
_______________________________________________
opensc-user mailing list
opensc-userlists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-
user

Is it at all possible that the eToken COS might be part of
the issue?
In the Aladdin software there is a "check box"
labeled "ONE FACTOR LOGIN" it was as if that bit
suddenly got set in the token.

--
Dan
   

-----Original Message-----
From: Andreas Jellinghaus [mailto:ajdungeon.inka.de] 
Sent: Saturday, March 29, 2008 3:04 AM
To: opensc-userlists.opensc-project.org; drpetersones.net
Subject: Re: [opensc-user] Disturbing access to private cert
without PIN or Passphrase

Am Donnerstag, 27. März 2008 17:42:32 schrieb Dan
Peterson:
> I never touched the pkcs15.profile until after the
problem and in 
> doing so a made the openSC portion of the token
un-erasable. It asks 
> for a passphrase to erase the token and does not take
anything I give it.
>
> We saw this problem on a FreeBSD box first; then it
started doing it 
> on my install later. No other keys, files etc, were
available nor 
> available to the server at the time in either case.
>
> The RSA keys are passphrased and in fact all of this
was working just 
> fine for about 30 to 50 logins; then out of the blue it
started doing 
> this, I am repeating myself, I told you story
already...
>
> Is there any documentation on the pkcs15.profile
settings? I cant find 
> any or I am looking in all the wrong places.

not really. I think there is no documentation beside the
comments in the code and the author of that code has left
opensc project many years ago. but if you have specific
questions, some of the other developers might be able to
help I hope.

> If I see this again I will start the debug as suggested
but for now I 
> don’t think it would do any good.

problem with debugging is, that it is very time consuming to
analyse log files etc. so see what went wrong. still if you
can reproduce the problem, it might be worth a try.

Regards, Andreas



_______________________________________________
opensc-user mailing list
opensc-userlists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-
user

Am Samstag, 29. März 2008 18:38:36 schrieb Dan Peterson:
> Is it at all possible that the eToken COS might be part
of the issue?

etoken (except for the new java version) use siemens cardOS
M4.*.

> In the Aladdin software there is a "check
box" labeled "ONE FACTOR LOGIN"
> it was as if that bit suddenly got set in the token.

then I guess that option is for setting up rsa keys without
PIN protection.
fine with me, and still very secure IMHO.

Regards, Andreas
_______________________________________________
opensc-user mailing list
opensc-userlists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-
user