locked
SSL connection failing with Smart Card Minidriver on Vista RRS feed

  • Question

  • Hi,

    There is some issue while creating a SSL connection via "Microsoft Base Smart Card Crypto Provider" i.e BaseCsp. User types a url for a site which require secure connection, there is the dialogure to select the certificate. User select the certificate, another dialouguge gets prompted for Smart Card PIN. Once user enters the PIN, the connection gets failed. Below is the analysis on XP as well on VISTA

    Analysisn on XP

    CardSignData is failing with the return value of SCARD_E_INVALID_PARAMTER, as the hash algorithm id (pInfo->aiHashAlg) passed in pInfo is CALG_SSL3_SHAMD5 which is not mentioned in the specification hassing algorithm class list.

    From specification

        "aiHashAlg takes those values permissible by ALG_ID from the HASH algorithm class (CALG_TLS1PRF, CALG_MAC, CALG_SHA_256, CALG_SHA_384, CALG_SHA_512, CALG_HASH_REPLACE_OWF, CALG_MD2, CALG_MD4, CALG_MD5, CALG_SHA, CALG_SHA1, CALG_HUGHES_MD5, CALG_HMAC).
    Algorithms unsupported by the card should SCARD_E_UNSUPPORED_FEATURE."

    The other paramters on the pInfo Structure are

    dwVersion                    0x00000001
    bContainerIndex            0x00
    dwKeySpec                  0x00000001
    dwSigningFlag              0x00000000
    aiHashAlgo                  0x00080008
    pbData                        databuffer
    cbData                        0x00000024
    pbSigningData             0x00000000
    cbSigningData             0x00000000

    As the dwVersion is 1 there is no padding information.

    Assuming CALG_SSL3_SHAMD5  is in the HASH algorithm class list, mini driver does not return and perform the on card singing and return back the data. In that case the SSL connection with the site is successful and user can open the site.

    What do you suggest? Shall mini driver implementation consider CALG_SSL3_SHAMD5  as a valid hashing algorithm or shall return SCARD_E_INVALID_PARAMTER?


    Analysisn on VISTA

    The pInfo structure passed to CardSignData is

    dwVersion                   0x00000002
    bContainerIndex          0x00
    dwKeySpec                0x00000001
    dwSigningFlag            0x40000000
    aiHashAlgo                0x00000000
    pbData                      databuffer
    cbData                       0x00000024
    pbSigningData            0x00000000
    cbSigningData            0x00000000
    pPaddingInfo              0x0429f710
    dwPaddingType          0x00000002

    Also the aiHashAlgo value is 0, so the there is no padding done and 36 bytes of data buffer is signed and returned back to the BaseCSP. But the ssl connection is failed.


    #define CARD_PADDING_INFO_PRESENT 0x40000000
    #define CARD_BUFFER_SIZE_ONLY     0x20000000
    #define CARD_PADDING_NONE         0x00000001
    #define CARD_PADDING_PKCS1        0x00000002
    #define CARD_PADDING_PSS          0x00000004

    // CARD_SIGNING_INFO_BASIC_VERSION is provided for those applications
    // that do not intend to support passing in the pPaddingInfo structure
    #define CARD_SIGNING_INFO_BASIC_VERSION 1

    //
    // Function: CardSignData
    //
    // Purpose: Sign input data using a specified key
    //
    #define CARD_SIGNING_INFO_CURRENT_VERSION 2
    typedef struct _CARD_SIGNING_INFO
    {
        IN DWORD  dwVersion;

        IN BYTE   bContainerIndex;

        // See dwKeySpec constants
        IN DWORD  dwKeySpec;

        // If CARD_BUFFER_SIZE_ONLY flag is present then the card
        // minidriver should return only the size of the resulting
        // key in cbSignedData
        IN DWORD  dwSigningFlags;

        // If the aiHashAlg is non zero, then it specifies the algorithm
        // to use when padding the data using PKCS
        IN ALG_ID aiHashAlg;

        // This is the buffer and length that the caller expects to be signed.
        // Signed version is allocated a buffer and put in cb/pbSignedData. That should
        // be freed using PFN_CSP_FREE callback.
        IN PBYTE  pbData;
        IN DWORD  cbData;

        OUT PBYTE  pbSignedData;
        OUT DWORD  cbSignedData;

        // The following parameters are new in version 2 of the
        // CARD_SIGNING_INFO structure.
        // If CARD_PADDING_INFO_PRESENT is set in dwSigningFlags then
        // pPaddingInfo will point to the BCRYPT_PADDING_INFO structure
        // defined by dwPaddingType. Currently supported values are
        // CARD_PADDING_PKCS1, CARD_PADDING_PSS and CARD_PADDING_NONE
        IN LPVOID pPaddingInfo;
        IN DWORD  dwPaddingType;
    } CARD_SIGNING_INFO, *PCARD_SIGNING_INFO;


    From MSDN:

        BCRYPT_PKCS1_PADDING_INFO Structure
        The BCRYPT_PKCS1_PADDING_INFO structure is used to provide options for the PKCS1 padding scheme.
        Syntax

        typedef struct _BCRYPT_PKCS1_PADDING_INFO {
          LPCWSTR pszAlgId;
        } BCRYPT_PKCS1_PADDING_INFO;
        Members
        pszAlgId
        A pointer to a null-terminated Unicode string that identifies the cryptographic algorithm to use to create the padding. This algorithm must be a hashing algorithm. If this parameter is NULL,     the hash algorithm object identifier (OID) will not be added to the formatted data.

    Can you suggest what can be the reason for ssl connection failure?  Is there any setting which has to be made on Vista client?

    Regards,
    Amit Goel
    SafeNet,
    Wednesday, August 6, 2008 8:10 AM