Nitrokey Pro 'CKR_MECHANISM_INVALID' connecting to openVPN

sepp · March 25, 2024, 2:09pm

Hi,

I’m trying to connect to an openvpn server running on an opnsense using an Nitrokey Pro. I’m getting the following error:

Enter OpenPGP card (User PIN) token Password: ******
2024-03-25 14:36:58 PKCS#11: Cannot perform signature 112:‘CKR_MECHANISM_INVALID’
2024-03-25 14:36:58 OpenSSL: error:0A080006:SSL routines::EVP lib
2024-03-25 14:36:58 TLS_ERROR: BIO read tls_read_plaintext error
2024-03-25 14:36:58 TLS Error: TLS object → incoming plaintext read error
2024-03-25 14:36:58 TLS Error: TLS handshake failed

Versions Server:
opnsense 24.1.4
openssl 3.0.13
openvpn 2.6.9

Versions Linux Client:
linuxmint 21.3
openssl 3.0.2-0ubuntu1.15
openvpn 2.5.9-0ubuntu0.22.04.2
opensc 0.22.0-1ubuntu2

Same happens with Windows using the viscosity vpn client:

Mrz 25 2:12:05 PM: Status auf Authenticating geändert
Mrz 25 2:12:09 PM: ERROR: An unknown error occured while trying to logon to this token. Please contact your device provider for further assistance.
Method C_SignInit returned CKR_MECHANISM_INVALID Retrying…
Mrz 25 2:12:12 PM: Status auf Trenne Verbindung (PKCS#11 Cancel) geändert
Mrz 25 2:12:12 PM: ERROR: PKCS#11 signing failed.
Mrz 25 2:12:12 PM: OpenSSL: error:0A080006:SSL routines::EVP lib:
Mrz 25 2:12:12 PM: TLS_ERROR: BIO read tls_read_plaintext error
Mrz 25 2:12:12 PM: TLS Error: TLS object → incoming plaintext read error
Mrz 25 2:12:12 PM: TLS Error: TLS handshake failed

Versions Windows client:
windows 11 home
viscosity 1.11
opensc 0.25.0

Asking google, the problem seems to be, that current versions of openvpn and openssl use TLS 1.3 and this requires RSA-PSS, which might not be supported by the NitroKey?

On Linux, it works when by downgrading the connection to TLS1.2 in the openssl.cnf:

SignatureAlgorithms = RSA+SHA512:ECDSA+SHA512:RSA+SHA384:ECDSA+SHA384:RSA+SHA256:ECDSA+SHA256"
MaxProtocol = TLSv1.2
MinProtocol = TLSv1.2

I don’t think, this is a good solution and on windows I didn’t find a way to force the viscosity client to use TLS1.2 at all. I also don’t see a way to force the server to use TLS1.2, since opnsense apparently has no config option for this.

Is there a way to use the NitroKey in this scenario with TLS1.3?

daringer · March 28, 2024, 11:29am

Hey @sepp,

yes, this is a known Issue, see also our documentation (note the red boxes at the end), OpenVPN Configuration with Easy-RSA - Nitrokey Documentation

best

sepp · March 28, 2024, 1:04pm

Hi @daringer,

Thanks for your answer. Do you know if anyone is looking into this topic? The reports are over three years old and there appears to be no progress there. I have now ordered a Yubikey as a test, which works immediately and without any problems.

At the moment the best solution for me seems to be to throw away all Nitrokeys and replace them with Yubikeys…

Regards
Sebastian