I'm trying to use a smart card to hold on to the private key for my server. Since access to the smart card is restricted to one process at a time (not sure why it can't be shared, but that's a whole separate discussion), I'd like to use stunnel as the machine-wide SSL proxy. The problem is that with the pkcs11 engine configuration set up, it fails.
2010.02.27 00:15:03 LOG5[91580:0]: imaps accepted connection from 71.141.64.2:32934 2010.02.27 00:15:03 LOG7[91580:0]: SSL state (accept): before/accept initialization 2010.02.27 00:15:03 LOG7[91580:0]: SSL state (accept): SSLv3 read client hello A 2010.02.27 00:15:03 LOG7[91580:0]: SSL state (accept): SSLv3 write server hello A 2010.02.27 00:15:03 LOG7[91580:0]: SSL state (accept): SSLv3 write certificate A 2010.02.27 00:15:03 LOG7[91580:0]: SSL state (accept): SSLv3 write server done A 2010.02.27 00:15:03 LOG7[91580:0]: SSL state (accept): SSLv3 flush data 2010.02.27 00:15:03 LOG7[91580:0]: SSL state (accept): SSLv3 read client key exchange A 2010.02.27 00:15:03 LOG7[91580:0]: SSL alert (write): fatal: bad record mac 2010.02.27 00:15:03 LOG3[91580:0]: SSL_accept: 1408F119: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac 2010.02.27 00:15:03 LOG5[91580:0]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2010.02.27 00:15:03 LOG7[91576:0]: Cleaning up the signal pipe 2010.02.27 00:15:03 LOG7[91576:0]: Process 91580 finished with code 0 (0 left) ^C2010.02.27 00:15:42 LOG3[91576:0]: Received signal 2; terminating
This happens *whether or not* I use the private key on the smart card itself. If I load the private key from a disk file, it still happens - even if there is no engineNum statement in the service configuration block. The only way to make it not happen is to comment out the engineCtrl lines.
engine=dynamic engineCtrl=SO_PATH:/usr/local/lib/engines/engine_pkcs11.so engineCtrl=ID:pkcs11 engineCtrl=LIST_ADD:1 engineCtrl=LOAD engineCtrl=MODULE_PATH:/usr/local/lib/pkcs11/opensc-pkcs11.so engineCtrl=INIT engineCtrl=PIN:12345678
[imaps] accept = 4993 connect = 143 engineNum = 1 key = id_10 ;cert = id_10 cert = /www.crt
It's also worth noting that stunnel seems unable to pull the cert out of the card - that cert=id_10 line should work (works with openssl s_server).
This stunnel was compiled last night from the FreeBSD ports tree with WITH_STUNNEL_SSL_ENGINE turned on.
stunnel 4.29 on i386-portbld-freebsd8.0 with OpenSSL 0.9.8k 25 Mar 2009 Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6
Global options debug = 5 pid = /var/tmp/run/stunnel/stunnel.pid RNDbytes = 64 RNDfile = /dev/urandom RNDoverwrite = yes
Service-level options cert = /usr/local/etc/stunnel/stunnel.pem ciphers = AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH key = /usr/local/etc/stunnel/stunnel.pem session = 300 seconds stack = 65536 bytes sslVersion = SSLv3 for client, all for server TIMEOUTbusy = 300 seconds TIMEOUTclose = 60 seconds TIMEOUTconnect = 10 seconds TIMEOUTidle = 43200 seconds verify = none
Note that the same card in the same system can successfully provide ssl server sockets with Java using the Sun PKCS11 JCE provider configured to talk to the opensc PKCS11 module. So there's nothing wrong with the card.