Tutorials on OpenSSL integration with nCipher HSM (nShield) ?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

Tutorials on OpenSSL integration with nCipher HSM (nShield) ?

Sunjeet Singh
Hi,

Most of the references on this forum on how to use nCipher HSM with OpenSSL using the CHIL API (or CAPI) are outdated. I was wondering if anyone had any pointers to helpful resources in this regard.

I've been reading up about it here and there and I'm aware of the commands to use for engine selection and usage etc. but I think I am lacking some basic conceptual knowledge. I've gotten only as far as generating the keys using the CHIL engine, but don't know how to use the key and certificate for crypto operations.



Thank you,
Sunjeet



______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Tutorials on OpenSSL integration with nCipher HSM (nShield) ?

Sander Temme

On Mar 6, 2012, at 10:45 AM, Sunjeet Singh wrote:

> Hi,
>
> Most of the references on this forum on how to use nCipher HSM with OpenSSL using the CHIL API (or CAPI) are outdated. I was wondering if anyone had any pointers to helpful resources in this regard.

I don't know if "outdated" is the word: perhaps there hasn't ever been much.

> I've been reading up about it here and there and I'm aware of the commands to use for engine selection and usage etc. but I think I am lacking some basic conceptual knowledge. I've gotten only as far as generating the keys using the CHIL engine, but don't know how to use the key and certificate for crypto operations.


The CHIL Engine *only* registers for RSA exponentiation, and cannot be used to generate keys.  You generate HSM protected keys of 'embed' application type using the Thales/nCipher 'generatekey' utility (invoke with --help to see what options are available), and use the embedsavefile as key for your openssl program with the CHIL engine registered.

S.

--
[hidden email]              http://www.temme.net/sander/
PGP FP: FC5A 6FC6 2E25 2DFD 8007  EE23 9BB8 63B0 F51B B88A

View my availability: http://tungle.me/sctemme

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Tutorials on OpenSSL integration with nCipher HSM (nShield) ?

Sunjeet Singh
Thank you for your response.

> I don't know if "outdated" is the word: perhaps there hasn't ever been much.

Some old blogs are referencing helpful blogs/tutorials that are now expired. Searching online didn't help either.

> The CHIL Engine *only* registers for RSA exponentiation, and cannot be used to generate keys.  You generate HSM protected keys of 'embed' application type using the Thales/nCipher 'generatekey' utility (invoke with --help to see what options are available), and use the embedsavefile as key for your openssl program with the CHIL engine registered.

Pardon me. Indeed, I have been using the 'embed' application type for generating RSA keys using nCipher 'generatekey' utility.

After grappling at little more with this, I have come down to three specific questions-

1. When you say 'embedsavefile' are you talking about the key blob that gets saved in the Key Management folder of nCipher as-it-is, or do I need to apply some padding/formatting to it first?
2. My private key is ultimately protected by a smart-card pass-phrase. At which step is the pass phrase supplied and how by an application that is making use of the OpenSSL (CHIL) engine API?
3. If I want to use CryptoAPI instead of CHIL, what changes? I gather that one immediate change would be that the private key will have to be imported onto the HSM (assuming that nCipher generatekey can not generate CryptoAPI keys). Other than that, CAPI engine for OpenSSL will have to be used. Any other major changes that come to mind?


Thanks much,
Sunjeet


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Tutorials on OpenSSL integration with nCipher HSM (nShield) ?

Sunjeet Singh
In reply to this post by Sander Temme
Greetings again, I'm back with another question. Any help will be much appreciated-

My OpenSSL Application uses the OpenSSL C function call-
SSL_CTX_use_certificate_chain_file( sslCtx, keyFile );
        where keyFile is the path to a .PEM file containing the private key and certificate.

But now, with a nCipher HSM using the CHIL engine, I have-

1. Private key stored on HSM card under the name "rsa-test";
2. Key blob stored in the file- "C:\ProgramData\nCipher\Key Management Data\local\key_hwcrhk_rsa-test"; and
3. A self-signed certificate that I generated under the folder "C:\temp\rsa-test.CRT"

Which path should my keyFile point to?


Thank you,
Sunjeet


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Tutorials on OpenSSL integration with nCipher HSM (nShield) ?

Dr. Stephen Henson
On Wed, Mar 07, 2012, Sunjeet Singh wrote:

> Greetings again, I'm back with another question. Any help will be much appreciated-
>
> My OpenSSL Application uses the OpenSSL C function call-
> SSL_CTX_use_certificate_chain_file( sslCtx, keyFile );
> where keyFile is the path to a .PEM file containing the private key and certificate.
>
> But now, with a nCipher HSM using the CHIL engine, I have-
>
> 1. Private key stored on HSM card under the name "rsa-test";
> 2. Key blob stored in the file- "C:\ProgramData\nCipher\Key Management Data\local\key_hwcrhk_rsa-test"; and
> 3. A self-signed certificate that I generated under the folder "C:\temp\rsa-test.CRT"
>
> Which path should my keyFile point to?
>

None of the above ;-)

If you have the CHIL ENGINE you load a private key using
ENGINE_load_private_key() and pass the appropriate ENGINE pointer and the name
of the key which will presumably be "rsa-test".

That will get you an EVP_PKEY pointer which you can pass to
SSL_CTX_use_PrivateKey().

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Tutorials on OpenSSL integration with nCipher HSM (nShield) ?

Sander Temme
In reply to this post by Sunjeet Singh

On Mar 7, 2012, at 2:12 PM, Sunjeet Singh wrote:

> Thank you for your response.
>
>> I don't know if "outdated" is the word: perhaps there hasn't ever been much.
>
> Some old blogs are referencing helpful blogs/tutorials that are now expired. Searching online didn't help either.
>
>> The CHIL Engine *only* registers for RSA exponentiation, and cannot be used to generate keys.  You generate HSM protected keys of 'embed' application type using the Thales/nCipher 'generatekey' utility (invoke with --help to see what options are available), and use the embedsavefile as key for your openssl program with the CHIL engine registered.
>
> Pardon me. Indeed, I have been using the 'embed' application type for generating RSA keys using nCipher 'generatekey' utility.
>
> After grappling at little more with this, I have come down to three specific questions-
>
> 1. When you say 'embedsavefile' are you talking about the key blob that gets saved in the Key Management folder of nCipher as-it-is, or do I need to apply some padding/formatting to it first?

When you create an 'embed' type key (not 'hwcrhk', but 'embed'), the generatekey utility will save three files in addition to the key blob.  They are named after the information you passed when generatekey asked for the 'embedsavefile': for instance if you passed 'fookey' as response, you will have

fookey
fookey_certreq
fookey_selfcert

The first one looks a lot like a private key, but it is a dummy key.  This is the key file you pass to the OpenSSL library.  It looks so much like a private key, that the library will just use it.  However, when you use it with the CHIL engine registered, and the Hardware Crypto Hook library loaded, the Hardware Crypto Hook library will find embedded (hence 'embed') in the private exponent value for that dummy key a pointer to the real key, protected by the nCipher Security World and saved under the Key Management Data folder.

If you care to run that fookey file through openssl:

openssl rsa -in fookey -noout -text

you will see that it is bogus: several values are identical that would differ for a real key.  As bonus exercise, decode the private exponent as straight ASCII: you will see the pointer to the real key appear.  

This is for embed type keys: I have never had the opportunity to figure out how this would work for hwcrhk type keys.

WARNING: if you try to use that dummy private key without the CHIL engine registered, the OpenSSL library will happily use the bogus key value for private key operations.  You are almost guaranteed to get garbage results if this happens.  

> 2. My private key is ultimately protected by a smart-card pass-phrase. At which step is the pass phrase supplied and how by an application that is making use of the OpenSSL (CHIL) engine API?

OpenSSL, CHIL and the Hardware Crypto Hook library lack the capability to prompt for smart cards and passphrases.  You need to start your OpenSSL program out of the nCipher preload utility.  Run preload --help to find out which options are available.  

> 3. If I want to use CryptoAPI instead of CHIL, what changes? I gather that one immediate change would be that the private key will have to be imported onto the HSM (assuming that nCipher generatekey can not generate CryptoAPI keys). Other than that, CAPI engine for OpenSSL will have to be used. Any other major changes that come to mind?


I am wholly unfamiliar with the MS-CAPI engine.  However, if you can use it and can set the CSP to "nCipher Enhanced Cryptographic Provider", you should be able to use hardware protected container keys.  The nCipher generatekey utility cannot generate or import MS-CAPI keys.  If the MS-CAPI Engine can generate keys, you might be able to use it through the nCipher CSP to generate hardware protected Signing and Exchange keypairs for your CAPI container.  Another option, if you already generated a Security World protected RSA keypair for another application type, is to use the nCipher cspimport utility to bring it into the MS-CAPI environment.  

Note that you can contact Thales technical support as part of your support contract.  They also sell Developer Support to help you with your code.

S.

--
[hidden email]              http://www.temme.net/sander/
PGP FP: FC5A 6FC6 2E25 2DFD 8007  EE23 9BB8 63B0 F51B B88A

View my availability: http://tungle.me/sctemme

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Tutorials on OpenSSL integration with nCipher HSM (nShield) ?

Sunjeet Singh
Hi Sander, 

Thank you for your elaborate response. It has helped me a great deal.

A follow-up question-

fookey
fookey_certreq
fookey_selfcert

The first one looks a lot like a private key, but it is a dummy key.  This is the key file you pass to the OpenSSL library.  It looks so much like a private key, that the library will just use it.  However, when you use it with the CHIL engine registered, and the Hardware Crypto Hook library loaded, the Hardware Crypto Hook library will find embedded (hence 'embed') in the private exponent value for that dummy key a pointer to the real key, protected by the nCipher Security World and saved under the Key Management Data folder.

I try loading the private key 'fookey' using - ENGINE_load_private_key( e, "fookey", NULL, NULL );  but it fails. This key was generated like you said, to be of application type "embed".
However, if I try to load a key of type "hwcrhk", it succeeds with no changes to the rest of the code. (Still using CHIL engine, and as a pre-command to the engine I've set SO_PATH to be the location of the hwcrhk dll).

The other part- SSL_CTX_use_certificate_chain_file( sslCtx, PATH_TO_fookey_selfcert ); seems to be working as the function returns a value of 1.


2. My private key is ultimately protected by a smart-card pass-phrase. At which step is the pass phrase supplied and how by an application that is making use of the OpenSSL (CHIL) engine API?

OpenSSL, CHIL and the Hardware Crypto Hook library lack the capability to prompt for smart cards and passphrases.  You need to start your OpenSSL program out of the nCipher preload utility.  Run preload --help to find out which options are available.  

So I'm using module-protected keys for now. But later on once I want to use card-protected keys, I'll look into the pre-commands or post-commands for specifying the passphrase to the engine.


Note that you can contact Thales technical support as part of your support contract.  They also sell Developer Support to help you with your code.

I tried, but this seems to be faster and more effective :)


Thanks again, 
Sunjeet

Reply | Threaded
Open this post in threaded view
|

Re: Tutorials on OpenSSL integration with nCipher HSM (nShield) ?

Sunjeet Singh
In reply to this post by Dr. Stephen Henson

> None of the above ;-)
>
> If you have the CHIL ENGINE you load a private key using
> ENGINE_load_private_key() and pass the appropriate ENGINE pointer and the name
> of the key which will presumably be "rsa-test".
>
> That will get you an EVP_PKEY pointer which you can pass to
> SSL_CTX_use_PrivateKey().

Thank you for your response Stephen.

As I write in my other recent post, I am having some trouble with using SSL_CTX_use_PrivateKey() on the private key of application type "embed" but it seems to work for the private key of type "hwcrhk". I'm using CHIL engine with the SO_PATH configured to be the location of hwcrhk dll.

Any ideas why?


Thanks much,
Sunjeet


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Tutorials on OpenSSL integration with nCipher HSM (nShield) ?

Sunjeet Singh
In reply to this post by Sander Temme
> If the MS-CAPI Engine can generate keys, you might be able to use it through the nCipher CSP to generate hardware protected Signing and Exchange keypairs for your CAPI container.  

I just accomplished this by making use of the nCipher CSP and their command line utility "keytst" to generate a container and Signing and Exchange key pairs within that container.

A little glitch that I ran into was the permissions on the created container file. When issuing "keytst -c fooContainer", a container got created but I was unable to access it using subsequence keytst commands. I noticed in the KM_LOCAL directory that there is a lock against the icon for the container file. For now, I manually changed the permissions to allow Administrator full access to the file and this way I was able to generate keys within the created container.

Now onto using CryptoAPI for integration with OpenSSL. I'll post my queries on that in a different thread, since this one started off talking about using the CHIL API.


Thanks,
Sunjeet


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]