pkcs11-tool: Add support for (X)EDDSA key generation

2020-02-26 19:31:56 +01:00 · 2020-02-26 19:31:56 +01:00 · 35cfc291ce
parent 485b6cff44
commit 35cfc291ce
1 changed files with 64 additions and 34 deletions
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@ -85,41 +85,46 @@ extern CK_FUNCTION_LIST_3_0 pkcs11_function_list_3_0;
 static struct ec_curve_info {
 	const char *name;
 	const char *oid;
-	const char *oid_encoded;
+	const char *ec_params;
 	size_t size;
+	CK_KEY_TYPE mechanism;
 } ec_curve_infos[] = {
-	{"secp192r1",    "1.2.840.10045.3.1.1", "06082A8648CE3D030101", 192},
-	{"prime192v1",   "1.2.840.10045.3.1.1", "06082A8648CE3D030101", 192},
-	{"prime192v2",   "1.2.840.10045.3.1.2", "06082A8648CE3D030102", 192},
-	{"prime192v3",   "1.2.840.10045.3.1.3", "06082A8648CE3D030103", 192},
-	{"nistp192",     "1.2.840.10045.3.1.1", "06082A8648CE3D030101", 192},
-	{"ansiX9p192r1", "1.2.840.10045.3.1.1", "06082A8648CE3D030101", 192},
+	{"secp192r1",    "1.2.840.10045.3.1.1", "06082A8648CE3D030101", 192, 0},
+	{"prime192v1",   "1.2.840.10045.3.1.1", "06082A8648CE3D030101", 192, 0},
+	{"prime192v2",   "1.2.840.10045.3.1.2", "06082A8648CE3D030102", 192, 0},
+	{"prime192v3",   "1.2.840.10045.3.1.3", "06082A8648CE3D030103", 192, 0},
+	{"nistp192",     "1.2.840.10045.3.1.1", "06082A8648CE3D030101", 192, 0},
+	{"ansiX9p192r1", "1.2.840.10045.3.1.1", "06082A8648CE3D030101", 192, 0},

-	{"secp224r1", "1.3.132.0.33", "06052b81040021", 224},
-	{"nistp224",  "1.3.132.0.33", "06052b81040021", 224},
+	{"secp224r1", "1.3.132.0.33", "06052b81040021", 224, 0},
+	{"nistp224",  "1.3.132.0.33", "06052b81040021", 224, 0},

-	{"prime256v1",   "1.2.840.10045.3.1.7", "06082A8648CE3D030107", 256},
-	{"secp256r1",    "1.2.840.10045.3.1.7", "06082A8648CE3D030107", 256},
-	{"ansiX9p256r1", "1.2.840.10045.3.1.7", "06082A8648CE3D030107", 256},
-	{"frp256v1",	 "1.2.250.1.223.101.256.1", "060a2a817a01815f65820001", 256},
+	{"prime256v1",   "1.2.840.10045.3.1.7", "06082A8648CE3D030107", 256, 0},
+	{"secp256r1",    "1.2.840.10045.3.1.7", "06082A8648CE3D030107", 256, 0},
+	{"ansiX9p256r1", "1.2.840.10045.3.1.7", "06082A8648CE3D030107", 256, 0},
+	{"frp256v1",	 "1.2.250.1.223.101.256.1", "060a2a817a01815f65820001", 256, 0},

-	{"secp384r1",		"1.3.132.0.34", "06052B81040022", 384},
-	{"prime384v1",		"1.3.132.0.34", "06052B81040022", 384},
-	{"ansiX9p384r1",	"1.3.132.0.34", "06052B81040022", 384},
+	{"secp384r1",		"1.3.132.0.34", "06052B81040022", 384, 0},
+	{"prime384v1",		"1.3.132.0.34", "06052B81040022", 384, 0},
+	{"ansiX9p384r1",	"1.3.132.0.34", "06052B81040022", 384, 0},

-	{"secp521r1", "1.3.132.0.35", "06052B81040023", 521},
-	{"nistp521",  "1.3.132.0.35", "06052B81040023", 521},
+	{"secp521r1", "1.3.132.0.35", "06052B81040023", 521, 0},
+	{"nistp521",  "1.3.132.0.35", "06052B81040023", 521, 0},

-	{"brainpoolP192r1", "1.3.36.3.3.2.8.1.1.3", "06092B2403030208010103", 192},
-	{"brainpoolP224r1", "1.3.36.3.3.2.8.1.1.5", "06092B2403030208010105", 224},
-	{"brainpoolP256r1", "1.3.36.3.3.2.8.1.1.7", "06092B2403030208010107", 256},
-	{"brainpoolP320r1", "1.3.36.3.3.2.8.1.1.9", "06092B2403030208010109", 320},
-	{"brainpoolP384r1", "1.3.36.3.3.2.8.1.1.11", "06092B240303020801010B", 384},
-	{"brainpoolP512r1", "1.3.36.3.3.2.8.1.1.13", "06092B240303020801010D", 512},
+	{"brainpoolP192r1", "1.3.36.3.3.2.8.1.1.3", "06092B2403030208010103", 192, 0},
+	{"brainpoolP224r1", "1.3.36.3.3.2.8.1.1.5", "06092B2403030208010105", 224, 0},
+	{"brainpoolP256r1", "1.3.36.3.3.2.8.1.1.7", "06092B2403030208010107", 256, 0},
+	{"brainpoolP320r1", "1.3.36.3.3.2.8.1.1.9", "06092B2403030208010109", 320, 0},
+	{"brainpoolP384r1", "1.3.36.3.3.2.8.1.1.11", "06092B240303020801010B", 384, 0},
+	{"brainpoolP512r1", "1.3.36.3.3.2.8.1.1.13", "06092B240303020801010D", 512, 0},

-	{"secp192k1",		"1.3.132.0.31", "06052B8104001F", 192},
-	{"secp256k1",		"1.3.132.0.10", "06052B8104000A", 256},
-	{NULL, NULL, NULL, 0},
+	{"secp192k1",		"1.3.132.0.31", "06052B8104001F", 192, 0},
+	{"secp256k1",		"1.3.132.0.10", "06052B8104000A", 256, 0},
+
+	{"edwards25519","1.3.6.1.4.1159.15.1", "130c656477617264733235353139", 255, CKM_EC_EDWARDS_KEY_PAIR_GEN},
+	{"curve25519", "1.3.6.1.4.3029.1.5.1", "130b63757276653235353139", 255, CKM_EC_MONTGOMERY_KEY_PAIR_GEN},
+
+	{NULL, NULL, NULL, 0, 0},
 };

 static const struct sc_aid GOST_HASH2001_PARAMSET_OID = { { 0x06, 0x07, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1e, 0x01 }, 9 };
@ -291,7 +296,7 @@ static const char *option_help[] = {
 	"Unlock User PIN (without '--login' unlock in logged in session; otherwise '--login-type' has to be 'context-specific')",
 	"Key pair generation",
 	"Key generation",
-	"Specify the type and length (bytes if symmetric) of the key to create, for example rsa:1024, EC:prime256v1, GOSTR3410-2012-256:B, AES:16 or GENERIC:64",
+	"Specify the type and length (bytes if symmetric) of the key to create, for example rsa:1024, EC:prime256v1, EC:ed25519, EC:curve25519, GOSTR3410-2012-256:B, AES:16 or GENERIC:64",
 	"Specify 'sign' key usage flag (sets SIGN in privkey, sets VERIFY in pubkey)",
 	"Specify 'decrypt' key usage flag (RSA only, set DECRYPT privkey, ENCRYPT in pubkey)",
 	"Specify 'derive' key usage flag (EC only)",
@ -2513,9 +2518,6 @@ static int gen_keypair(CK_SLOT_ID slot, CK_SESSION_HANDLE session,
 			size_t mtypes_num = sizeof(mtypes)/sizeof(mtypes[0]);
 			int ii;

-			if (!opt_mechanism_used)
-				if (!find_mechanism(slot, CKF_GENERATE_KEY_PAIR, mtypes, mtypes_num, &opt_mechanism))
-					util_fatal("Generate EC key mechanism not supported\n");
 			key_type = CKK_EC;

 			for (ii=0; ec_curve_infos[ii].name; ii++)   {
@ -2527,12 +2529,38 @@ static int gen_keypair(CK_SLOT_ID slot, CK_SESSION_HANDLE session,
 			if (!ec_curve_infos[ii].name)
 				util_fatal("Unknown EC key params '%s'", type + 3);

-			ecparams_size = strlen(ec_curve_infos[ii].oid_encoded) / 2;
+			switch (ec_curve_infos[ii].mechanism) {
+			case CKM_EC_EDWARDS_KEY_PAIR_GEN:
+				/* The Edwards key can not be used for derivation */
+				opt_key_usage_derive = 0;
+				key_type = CKK_EC_EDWARDS;
+				/* This replaces the above default mechanism */
+				if (!opt_mechanism_used) {
+					mtypes[0] = ec_curve_infos[ii].mechanism;
+				}
+				break;
+			case CKM_EC_MONTGOMERY_KEY_PAIR_GEN:
+				key_type = CKK_EC_MONTGOMERY;
+				/* This replaces the above default mechanism */
+				if (!opt_mechanism_used) {
+					mtypes[0] = ec_curve_infos[ii].mechanism;
+				}
+				break;
+			}
+
+			if (!opt_mechanism_used) {
+				if (!find_mechanism(slot, CKF_GENERATE_KEY_PAIR, mtypes, mtypes_num,
+						&opt_mechanism)) {
+					util_fatal("Generate EC key mechanism %lx not supported", mtypes[0]);
+				}
+			}
+
+			ecparams_size = strlen(ec_curve_infos[ii].ec_params) / 2;
 			ecparams = malloc(ecparams_size);
 			if (!ecparams)
 				util_fatal("Allocation error", 0);
-			if (!hex_to_bin(ec_curve_infos[ii].oid_encoded, ecparams, &ecparams_size)) {
-				fprintf(stderr, "Cannot convert \"%s\"\n", ec_curve_infos[ii].oid_encoded);
+			if (!hex_to_bin(ec_curve_infos[ii].ec_params, ecparams, &ecparams_size)) {
+				fprintf(stderr, "Cannot convert \"%s\"\n", ec_curve_infos[ii].ec_params);
 				util_print_usage_and_die(app_name, options, option_help, NULL);
 			}

@ -7058,6 +7086,8 @@ static struct mech_info	p11_mechanisms[] = {
      { CKM_ECDH1_DERIVE,	"ECDH1-DERIVE", NULL },
      { CKM_ECDH1_COFACTOR_DERIVE,"ECDH1-COFACTOR-DERIVE", NULL },
      { CKM_ECMQV_DERIVE,	"ECMQV-DERIVE", NULL },
+      { CKM_EC_EDWARDS_KEY_PAIR_GEN,"EC-EDWARDS-KEY-PAIR-GEN", NULL },
+      { CKM_EC_MONTGOMERY_KEY_PAIR_GEN,"EC-MONTGOMERY-KEY-PAIR-GEN", NULL },
      { CKM_EDDSA,		"EDDSA", NULL },
      { CKM_XEDDSA,		"XEDDSA", NULL },
      { CKM_JUNIPER_KEY_GEN,	"JUNIPER-KEY-GEN", NULL },