Page MenuHome GnuPG

scd: Generating CSR for SigG NetKey card key fails
Open, LowPublic

Description

Generating a CSR for the SigG signing key of a NetKey card fails.

How to reproduce:

  • Put the following key parameters into a file (e.g. keyparams.txt)
Key-Type:card:NKS-SIGG.4531
Key-Usage:sign
Name-DN:CN=Otto Example,O=Example,C=DE
Name-Email:otto@example.net
  • Run
$ gpgsm --debug=ipc --gen-key --armor --batch <keyparams.txt
gpgsm: reading options from '[cmdline]'
gpgsm: enabled debug flags: ipc
gpgsm: DBG: chan_3 <- OK Pleased to meet you, process 26541
gpgsm: DBG: connection to the gpg-agent established
gpgsm: DBG: chan_3 -> RESET
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> OPTION ttyname=/dev/pts/41
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> OPTION ttytype=xterm-256color
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> OPTION display=:0
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> OPTION xauthority=/run/user/1000/xauth_MBadcS
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> OPTION putenv=XMODIFIERS=@im=ibus
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> OPTION putenv=GTK_IM_MODULE=ibus
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> OPTION putenv=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> OPTION putenv=QT_IM_MODULE=ibus
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> OPTION lc-ctype=de_DE.UTF-8
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> OPTION lc-messages=de_DE.UTF-8
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> GETINFO version
gpgsm: DBG: chan_3 <- D 2.3.0-beta1490
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> OPTION allow-pinentry-notify
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> RESET
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> SCD READKEY NKS-SIGG.4531
gpgsm: DBG: chan_3 <- [ 44 20 28 31 30 3a 70 75 62 6c 69 63 2d 6b 65 79 ...(293 byte(s) skipped) ]
gpgsm: DBG: chan_3 <- OK
gpgsm: about to sign the CSR for key: &A69B0D3796EE33E4426E5CE4B6BEEE5F1209FBA4
gpgsm: DBG: chan_3 -> SCD READKEY NKS-SIGG.4531
gpgsm: DBG: chan_3 <- [ 44 20 28 31 30 3a 70 75 62 6c 69 63 2d 6b 65 79 ...(293 byte(s) skipped) ]
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> SCD SETDATA E7F363028723DA8994907485C8437B4E37CE5CAA28BADE4A84EAB8411E73560F
gpgsm: DBG: chan_3 <- OK
gpgsm: DBG: chan_3 -> SCD PKSIGN --hash=sha256 NKS-SIGG.4531
gpgsm: DBG: chan_3 <- INQUIRE PINENTRY_LAUNCHED 26564 qt 1.1.1-beta44 /dev/pts/41 xterm-256color :0 20600/1000/5 1000/100 0
gpgsm: DBG: chan_3 -> END
gpgsm: DBG: chan_3 <- ERR 100663383 Bad PIN <SCD>
gpgsm: signing failed: Bad PIN
gpgsm: error creating certificate request: Bad PIN <SCD>

One problem could be that do_sign (app-nks.c) is hard-coded to "use the Global PIN 1". I would expect that "SigG PIN 1" is required to sign something with the SigG key. But setting pwid to 0x81 in do_sign doesn't help. iso7816_compute_ds() still returns a Bad PIN error.

Here's the output of scdaemon (patched to use pwid 0x81):

2021-01-06 15:55:51 scdaemon[20518] DBG: chan_7 <- PKSIGN --hash=sha256 NKS-SIGG.4531
2021-01-06 15:55:51 scdaemon[20518] DBG: send apdu: c=00 i=22 p1=41 p2=B6 lc=6 le=-1 em=0
2021-01-06 15:55:51 scdaemon[20518] DBG:  raw apdu: 002241b606800102840184
2021-01-06 15:55:51 scdaemon[20518] DBG:  response: sw=9000  datalen=0
2021-01-06 15:55:51 scdaemon[20518] DBG:      dump: [all zero]
2021-01-06 15:55:51 scdaemon[20518] DBG:  raw apdu: 00200081
2021-01-06 15:55:51 scdaemon[20518] DBG:  response: sw=63C3  datalen=0
2021-01-06 15:55:51 scdaemon[20518] DBG: prompting for pinpad entry '||PIN%0A%0A\x1eNumber\x1f: 8949017330002661652%0AHold>
2021-01-06 15:55:51 scdaemon[20518] DBG: chan_7 -> [ 49 4e 51 55 49 52 45 20 50 4f 50 55 50 50 49 4e ...(62 byte(s) skippe>
2021-01-06 15:55:51 scdaemon[20518] DBG: chan_7 <- END
2021-01-06 15:55:59 scdaemon[20518] DBG: dismiss pinpad entry prompt
2021-01-06 15:55:59 scdaemon[20518] DBG: chan_7 -> INQUIRE DISMISSPINPADPROMPT
2021-01-06 15:55:59 scdaemon[20518] DBG: chan_7 <- END
2021-01-06 15:55:59 scdaemon[20518] DBG: send apdu: c=00 i=2A p1=9E p2=9A lc=51 le=256 em=0
2021-01-06 15:55:59 scdaemon[20518] DBG:  raw apdu: 002a9e9a333031300d060960864801650304020105000420e7f363028723da89 \
2021-01-06 15:55:59 scdaemon[20518] DBG:  94907485c8437b4e37ce5caa28bade4a84eab8411e73560f00
2021-01-06 15:56:00 scdaemon[20518] DBG:  response: sw=6982  datalen=0
2021-01-06 15:56:00 scdaemon[20518] operation sign result: Bad PIN
2021-01-06 15:56:00 scdaemon[20518] app_sign failed: Bad PIN
2021-01-06 15:56:00 scdaemon[20518] DBG: chan_7 -> ERR 100663383 Bad PIN <SCD>

Event Timeline

We need to switch to the SigG application. Shall I look at it?

do_sign() calls find_fid_by_keyref() which does a switch_application(). So, I think the SigG application should already be active. But, yes, please have a look at it.

Lowered priority because in reality it is not possible to get a certificate for an arbitrary SigG key on the card. Only accredited CAs may issue certs and they want to keep full control over the key generation.