_20_SignAndVerifyTest.cs Example problem about pkcs11interop HOT 1 CLOSED

I have tried to run that code 4-5 times and It have broken something on my smartcard. I cannot sign documents with other software, except Dike, nor re-execute that code (it throws CKR_GENERAL_ERROR exception on executing GenerateKeyPair method on the session object ).

My first guess would be that memory got full on your device. Usually CKR_DEVICE_MEMORY is returned in such case but I've also seen plenty of implementations returning CKR_GENERAL_ERROR.

Our unit tests (code samples) create/generate temporary objects/keys with "Pkcs11Interop" label for each test method. If the test is successful these objects are deleted. If test fails these objects are not deleted mostly to keep the code simple but sometimes they may also be useful for further manual troubleshooting.

When the device memory gets full you can use some management tool like Pkcs11Admin to safely delete all left-over objects with "Pkcs11Interop" label.

The problem may be related to the CKA_ID generated in a random way when it calls:

Helpers.GenerateKeyPair(session, out publicKey, out privateKey);

and in that helper class, in the GenerateKeyPair method:

byte[] ckaId = session.GenerateRandom(20);

So it can interfere with some CKA_ID if the two CKA_IDs match.

I believe that multiple keys with the same value of CKA_ID attribute should not present a problem in general. This topic is addressed in PKCS#11 specification v2.20 chapter 10.7.2 ...

The CKA_ID field is intended to distinguish among multiple keys. In the case of public and private keys, this field assists in handling multiple keys held by the same subject; the key identifier for a public key and its corresponding private key should be the same. The key identifier should also be the same as for the corresponding certificate, if one exists. Cryptoki does not enforce these associations, however. (See Section 10.6 for further commentary.)

... and chapter 10.6.3 ...

The CKA_ID attribute is intended as a means of distinguishing multiple publickey/private-key pairs held by the same subject (whether stored in the same token or not). (Since the keys are distinguished by subject name as well as identifier, it is possible that keys for different subjects may have the same CKA_ID value without introducing any ambiguity.)

It is intended in the interests of interoperability that the subject name and key identifier for a certificate will be the same as those for the corresponding public and private keys (though it is not required that all be stored in the same token). However, Cryptoki does not enforce this association, or even the uniqueness of the key identifier for a given subject; in particular, an application may leave the key identifier empty.

However some vendor specific requirements for the value of CKA_ID attribute may exist and it would be best to discuss them with the vendor.

I don't know where the bug resides, and unfortunately I cannot provide more information because I had to return back the usb token to the certification authority.

That's a pity. It would be an interesting thing to analyze and troubleshoot.

I suggest to use keys from the card and not to generate a new pair. It was done on another project from the same author ( Pkcs7SignatureGenerator ).

Currently I don't plan to change the way our unit tests work but I may add some comments describing code behavior. The main idea behind generating new objects for each test method was not to mess in any way with the existing objects/keys because they may be valuable. For example I would not be happy if my encryption key got accidentally deleted.

Has someone encountered that problem?

Up until now you are the first one to report such problems.

from pkcs11interop.