Add option for disabling HW PKCS#1 v1.5 padding

[xhanulik]

This PR implements a configuration option for global disabling HW PKCS#1 v1.5 depadding if the card supports it. The depadding is then done in OpenSC rather than by the card. That can mask time time deviations between correct and incorrect padding. The initial idea is discussed in #2948 (#2948 (comment)).

A similar approach has already been implemented in MyEID.

It is up for further discussion

• whether the option should be global or rather implemented as an option only for particular cards
• in what part of the configuration file should then the option be placed

[popovec]

In principle, I agree with this proposal, but we need to solve one thing. PKCS#1 v1.5 padding has type 1 and type 2. Disabling HW padding for MyEID was primarily focused on padding type 1. For cards where pkcs#1 padding type 1 works correctly, we need to keep this padding and turn off only depadding (type 2). We probably have to split the attribute SC_ALGORITHM_RSA_PAD_PKCS1 into a pair of attributes .. for type 1 and for type 2. And of course, there should be two global options for suppressing PKCS#1 type1/2 padding, i.e. disable_hw_pkcs1_padding, disable_hw_pkcs1_depadding

At the same time, I would suggest that depadding be turned off by default and padding turned on by default. (In the documentation with the appropriate comment, so that users understand why it is the default). And I would ask to keep the section for the MyEID card in the documentation... with the note "MyEID specific" so that users have the opportunity to learn why HW padding type 1 is appropriately to disable for MyEID cards.

[mouse07410]

You understand that some devices (HSM, YubiHSM2) forbid raw RSA operations?

[popovec]

Yes, we've already discussed that for cards that don't support RAW RSA, there's nothing we can do to mitigate the pkcs#1 v1.5 type 2 padding attack. For those cards, of course, PKCS#1 depadding will remain enabled.

[xhanulik]

I added the option disable_hw_pkcs1_padding with values to disable nothing/type 01 for signatures/type 02 for decryption or both pkcs1 padding types in HW. I haven't come up with a better idea than just splitting the SC_ALGORITHM_RSA_PAD_PKCS1 into two new flags (as suggested above), one for each padding type, and setting the appropriate combination directly in drivers.
HW pkcs1 padding can only be disabled in drivers akis, mcrd, myeid, setcos, tcos and westcos, as they support both pkcs1 and raw RSA. However, some of them were already discussed for removal #2885.
Any other idea, little less wild than splitting the PKCS1 padding flag, is also welcomed.

[Jakuje]

one more nit, but I think this looks good now.

[xhanulik]

Fixed check for RAW and PKCS1 flags in _sc_card_add_rsa_alg().

[Jakuje]

In the original version, there was a removal of the myeid specific flags, which I do not see in the current version (0415eb5). I do not see a reasoning/discussion why it is not included in the current version so I wanted to check. My take would be not to remove it as it is already in at least one release version, but

• update documentation to mark it deprecated, pointing to the new global option
• maybe still parse the configuration option and use it in the same way as the new one if it would be possible to make it backward compatible?

Added two more nits inline mostly about the formatting. I think the clang is trying to be helpful, but its not always obvious :) But we need to start somewhere.

[xhanulik]

I left the original MyEID pkcs1 disabling after the #2975 (comment)

Disabling HW padding for MyEID was primarily focused on padding type 1. For cards where pkcs#1 padding type 1 works correctly, we need to keep this padding and turn off only depadding (type 2).

So the original option for myeid is still there, followed by the global option. I would probably at least add note into documentation.

[Jakuje]

I left the original MyEID pkcs1 disabling after the #2975 (comment)

Disabling HW padding for MyEID was primarily focused on padding type 1. For cards where pkcs#1 padding type 1 works correctly, we need to keep this padding and turn off only depadding (type 2).

So the original option for myeid is still there, followed by the global option. I would probably at least add note into documentation.

My reading of the above comment was mostly the need to split decryption/signing, but missed the point about request to keep the myeid option. In that case, at least a note to the manual page about how these two options play together would be helpful.

[frankmorgner]

If it is a bad idea to do it on the card, why do we need to make it configurable?

[frankmorgner]

Please adjust the default values. Should be decipher everywhere, I think

[Jakuje]

If it is a bad idea to do it on the card, why do we need to make it configurable?

I would see this mostly as a safeguard to have a simple configurable way to revert back to previously working (even though potentially vulnerable) code if the constant time depadding in software wont work for some reason. Either because of implementation bug, card/driver issue (claiming raw support while not working on card) or something else.

[mouse07410]

If it is a bad idea to do it on the card, why do we need to make it configurable?

Because some cards (usually, those offering HSM capabilities) may insist on doing it on the card and refuse operation otherwise?

[Jakuje]

Merging. Thank you!