SafeNet HSM: Write EC public key fails using OCTET STRING contents instead of full OCTET STRING DER

[aalba6675]

Problem Description

pkcs11-tool --write of EC Public Key fails because it uses the content bytes of ECPoint OCTET STRING instead of the ASN.1 DER encoding of OCTET STRING(two byes longer).

This is with SafeNet HSM libCryptoki2_64.so; not sure who has interpreted the standard correctly here.

Proposed Resolution

ECPoint is OCTET STRING so does that mean we use the content octets or the full ASN.1 encoding?

Instead of using the content bytes of EC_POINT use the full ASN.1 DER encoding include TAG and LENGTH

Steps to reproduce

public.zip

pkcs11-tool --module /usr/lib/libCryptoki2_64.so --slot 0 -p $PIN -a xxxxxxxx  -y pubkey --write public.der
error: PKCS11 function C_CreateObject failed: rv = unknown PKCS11 error (0x8000002f)
Aborting.
0x8000002f is SafeNet's vendor CKR_ECC_POINT_INVALID

Logs

[aalba6675]

The object is created if we use the full OCTET STRING (with TAG and LENGTH). Manually creating the object using pkcs#11 C_CreateObject works if I use the full OCTET STRING:

The following hex string (OCTET STRING contents) fails:

04f24756e5642aa3fb312994de5a9ffe
1b618ab03608337b4020dffb97fe9446
2cd2a06f55b6b7db3c9501547f341a9a
7d815c159611e8403660807c2dd8f683
b8

but adding the ASN.1 TAG and LENGTH works

044104f24756e5642aa3fb312994de5a
9ffe1b618ab03608337b4020dffb97fe
94462cd2a06f55b6b7db3c9501547f34
1a9a7d815c159611e8403660807c2dd8
f683b8

[aalba6675]

Ok - so not really a bug. CentOS packaging does not define EC_POINT_NO_ASN1_OCTET_STRING, so it sends the content bytes instead of the full DER bytes.

The part that affects safenet is in pkcs11-tool.c:2204:

		gost->public.len = header_len+point_len;
#ifndef EC_POINT_NO_ASN1_OCTET_STRING // workaround for non-compliant cards not expecting DER encoding
		gost->public.len   -= header_len;
		gost->public.value += header_len;
#endif