I was advised by Albert Mestre, with a comment in one of my previous entries, that the DNIe is not working for the last version of chrome. I usually do not use that browser so I was not aware of it (last time I checked it worked, but previously I had a debian box and the chromium browser was an old version). This weekend I spent some time trying to know what was happening.
First I installed the library like I explained in a previous entry and (at command level) it is working ok. The module is in place and the certificates can be read.
The module is installed in the database:
modutil -dbdir sql:.pki/nssdb/ -list
Listing of PKCS #11 Modules
-----------------------------------------------------------
1. NSS Internal PKCS #11 Module
slots: 2 slots attached
status: loaded
slot: NSS Internal Cryptographic Services
token: NSS Generic Crypto Services
slot: NSS User Private Key and Certificate Services
token: NSS Certificate DB
2. opensc
library name: /home/rmartinc/apps/opensc/lib/opensc-pkcs11.so
slots: 1 slot attached
status: loaded
slot: Gemalto PC Twin Reader 00 00
token: PIN1 (DNI electrónico)
-----------------------------------------------------------
The certificates can be listed:
certutil -d sql:$HOME/.pki/nssdb -L -h "PIN1 (DNI electrónico)"
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
Enter Password or Pin for "PIN1 (DNI electrónico)":
PIN1 (DNI electrónico):CertAutenticacion u,u,u
PIN1 (DNI electrónico):CertCAIntermediaDGP ,,
PIN1 (DNI electrónico):CertFirmaDigital u,u,u
And any of them (for example the authentication one) can be parsed:
certutil -d sql:$HOME/.pki/nssdb -L -h "PIN1 (DNI electrónico)" -n "PIN1 (DNI electrónico):CertAutenticacion"
Enter Password or Pin for "PIN1 (DNI electrónico)":
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption
Issuer: "CN=AC DNIE 001,OU=DNIE,O=DIRECCION GENERAL DE LA POLICIA,C=ES"
Validity:
Not Before: Mon Oct 10 06:58:43 2016
Not After : Wed Aug 19 22:00:00 2020
...
So, in general, the library is working at command level. But when you start the browser and try to use the card a coredump is generated. The trace is something like this:
(gdb) bt
#0 0x00007f794760dda9 in BN_num_bits () at /usr/lib64/chromium-browser/./libboringssl.so
#1 0x00007f794760dde9 in BN_num_bytes () at /usr/lib64/chromium-browser/./libboringssl.so
#2 0x00007f794765480d in rsa_default_size () at /usr/lib64/chromium-browser/./libboringssl.so
#3 0x00007f7947652605 in RSA_size () at /usr/lib64/chromium-browser/./libboringssl.so
#4 0x00007f79476401cf in pkey_rsa_verify () at /usr/lib64/chromium-browser/./libboringssl.so
#5 0x00007f794763d012 in EVP_DigestVerifyFinal () at /usr/lib64/chromium-browser/./libboringssl.so
#6 0x00007f7947659d45 in ASN1_item_verify () at /usr/lib64/chromium-browser/./libboringssl.so
#7 0x00007f78f670b02b in cwa_verify_icc_certificates (icc_cert=0x1b5a5b4e40f0, sub_ca_cert=0x1b5a5b605a50, provider=
0x1b5a5a3cac40, card=0x1b5a5a213000) at cwa14890.c:354
#8 0x00007f78f670b02b in cwa_create_secure_channel (card=card@entry=0x1b5a5a213000, provider=0x1b5a5a3cac40, flag=flag@entry=1)
at cwa14890.c:1114
#9 0x00007f78f6709bb3 in dnie_pin_verify (card=card@entry=0x1b5a5a213000, data=data@entry=0x7f791560b2f0, tries_left=tries_left@entry=0x1b5a5a8368e4) at card-dnie.c:2181
...
It seems that chrome has forked the openssl and now they have their own implementation called boringssl. And it crashes with the DNIe. In some part of the implementation the driver checks that the certificates returned by the card are valid and it uses openssl API for that (method X509_verify). As chrome loads its own libraries the pkcs#11 also has to use them and everything finishes in big core dump. I tried to pre-load the openssl libraries but then it is the chromium itself the one that does not work. So openssl and boringssl seem to be incompatible. The same day I decided to re-test the module against openssl and libressl (another fork done by the BSD guys) and the DNIe works well with both of them.
I am not going to spend more time on this. It seems that something weird happens with the boringssl implementation (besides the problem appears just checking the validity of the intermediate CA certificate, which is read from the card). My tests were done with the chromium 57 that comes with fedora 25, Albert reported the issue with version 58. I do not like that google decided to use its own implementation of such an important library if they are going to make them incompatible. In summary, for the moment DNIe driver for OpenSC is not working with chrome (and I do not think the situation is going to change for the moment). I do not know if other OpenSC drivers (several of them uses openssl) are also affected.
Sorry for the bad news!
EDIT: It works in my old debian laptop with chromium 57 and 58 (after updating to last current package). Debian decided to link boringssl statically and then the issue is avoided. So I think is more a bug in fedora than a general problem. But if you see that the boringssl so file is in your system you have to worry. At the end it is not a very big problem, I am going to change the title.
Comments