Bug 465507

Summary: Enhancement: Support SHA2 + EC signature algorithms
Product: [Retired] Dogtag Certificate System Reporter: David Stutzman <david.k.stutzman2.ctr>
Component: Certificate ManagerAssignee: Christina Fu <cfu>
Status: CLOSED ERRATA QA Contact: Chandrasekar Kannan <ckannan>
Severity: medium Docs Contact:
Priority: high    
Version: 1.0CC: awnuk, benl, blord, cfu
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-09-14 18:28:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 512842    
Attachments:
Description Flags
pki-util changes
none
pki-ca changes
none
pki-common changes
none
pki-ocsp changes
none
pki-ca take 2 (after svn update)
none
pki-ca spec changes
none
pki-common spec changes
none
pki-util spec changes
none
pki-ocsp spec changes
none
pki-ca: refrain from changing logics for signing algs
none
pki-ocsp: refrain from chaning logics about algs none

Description David Stutzman 2008-10-03 16:30:43 UTC
Description of problem:
The CA doesn't appear to currently support any SHA2 algorithms with EC keys.  It seems only SHA1withEC is supported.

Steps to Reproduce:
1. Shut down CA
2. Edit CS.cfg, change ca.crl.MasterCRL.signingAlgorithm=SHA1withEC to ca.crl.MasterCRL.signingAlgorithm=SHA384withEC
3. Start CA
  
Actual results:
[03/Oct/2008:11:59:25][main]: initializing crl issue point MasterCRL
[03/Oct/2008:11:59:25][main]: CMS:Caught EBaseException
Signing Algorithm SHA384withEC is not supported for the CA signing token
        at com.netscape.ca.SigningUnit.checkSigningAlgorithmFromName(SigningUnit.java:217)
        at com.netscape.ca.CRLIssuingPoint.initConfig(CRLIssuingPoint.java:593)
        at com.netscape.ca.CRLIssuingPoint.init(CRLIssuingPoint.java:407)
        at com.netscape.ca.CertificateAuthority.initCRL(CertificateAuthority.java:1565)
        at com.netscape.ca.CertificateAuthority.init(CertificateAuthority.java:301)
        at com.netscape.cmscore.apps.CMSEngine.initSubsystem(CMSEngine.java:781)
        at com.netscape.cmscore.apps.CMSEngine.initSubsystems(CMSEngine.java:710)
        at com.netscape.cmscore.apps.CMSEngine.init(CMSEngine.java:313)
        at com.netscape.certsrv.apps.CMS.init(CMS.java:152)
        at com.netscape.certsrv.apps.CMS.start(CMS.java:1490)

Additional info:
by default, the CA signing rule policy only lists SHA1withEC as a valid alg(from CS.cfg):
ca.Policy.rule.SigningAlgRule.algorithms=MD5withRSA,MD2withRSA,SHA1withRSA,SHA256withRSA,SHA512withRSA,SHA1withEC

JSS appears to support SHA384withEC:
http://mxr.mozilla.org/security/source/security/jss/org/mozilla/jss/JSSProvider.java#120

NSS 3.12 release notes:
http://www.mozilla.org/projects/security/pki/nss/nss-3.12/nss-3.12-release-notes.html#new has SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE

Info on SHA2 with ECDSA:
http://www.ietf.org/internet-drafts/draft-ietf-pkix-sha2-dsa-ecdsa-04.txt

Comment 2 Chandrasekar Kannan 2009-08-19 22:15:36 UTC
shifting priority to high

Comment 3 Christina Fu 2009-08-25 17:03:10 UTC
Created attachment 358600 [details]
pki-util changes

Comment 4 Christina Fu 2009-08-25 17:03:42 UTC
Created attachment 358601 [details]
pki-ca changes

Comment 5 Christina Fu 2009-08-25 17:04:14 UTC
Andrew please review.

Comment 6 Christina Fu 2009-08-25 19:13:16 UTC
Created attachment 358618 [details]
pki-common changes

Comment 7 Christina Fu 2009-08-25 19:17:04 UTC
Created attachment 358620 [details]
pki-ocsp changes

Comment 8 Christina Fu 2009-08-25 19:20:51 UTC
Created attachment 358621 [details]
pki-ca take 2 (after svn update)

Comment 9 Andrew Wnuk 2009-08-25 20:42:34 UTC
attachment (id=358618)
attachment (id=358620) 
attachment (id=358621) 
+awnuk

Please add spec file to trunk and 8.0 branch.

It would be nice to have ca/SigningUnit.java done
similar way to ocsp/SigningUnit.java.

Comment 10 Christina Fu 2009-08-25 21:11:24 UTC
Created attachment 358635 [details]
pki-ca spec changes

Comment 11 Christina Fu 2009-08-25 21:11:59 UTC
Created attachment 358636 [details]
pki-common spec changes

Comment 12 Christina Fu 2009-08-25 21:12:35 UTC
Created attachment 358637 [details]
pki-util spec changes

Comment 13 Christina Fu 2009-08-25 21:13:05 UTC
Created attachment 358638 [details]
pki-ocsp spec changes

Comment 14 Christina Fu 2009-08-25 21:35:24 UTC
Created attachment 358641 [details]
pki-ca: refrain from changing logics for signing algs

Comment 15 Christina Fu 2009-08-25 21:36:25 UTC
Created attachment 358642 [details]
pki-ocsp: refrain from chaning logics about algs

Comment 16 Christina Fu 2009-08-26 01:02:13 UTC
QA: please test ECC CA case with CRL generation as the bug reported.
Please also test OCSP.

Comment 17 Christina Fu 2009-08-26 01:03:27 UTC
[cfu@paw base]$ svn commit
Sending        ca/shared/conf/CS.cfg
Sending        ca/shared/profiles/ca/caAdminCert.cfg
Sending        ca/shared/profiles/ca/caAgentFileSigning.cfg
Sending        ca/shared/profiles/ca/caAgentServerCert.cfg
Sending        ca/shared/profiles/ca/caCACert.cfg
Sending        ca/shared/profiles/ca/caCMCUserCert.cfg
Sending        ca/shared/profiles/ca/caDirUserCert.cfg
Sending        ca/shared/profiles/ca/caDualCert.cfg
Sending        ca/shared/profiles/ca/caDualRAuserCert.cfg
Sending        ca/shared/profiles/ca/caFullCMCUserCert.cfg
Sending        ca/shared/profiles/ca/caInstallCACert.cfg
Sending        ca/shared/profiles/ca/caInternalAuthAuditSigningCert.cfg
Sending        ca/shared/profiles/ca/caInternalAuthDRMstorageCert.cfg
Sending        ca/shared/profiles/ca/caInternalAuthOCSPCert.cfg
Sending        ca/shared/profiles/ca/caInternalAuthServerCert.cfg
Sending        ca/shared/profiles/ca/caInternalAuthSubsystemCert.cfg
Sending        ca/shared/profiles/ca/caInternalAuthTransportCert.cfg
Sending        ca/shared/profiles/ca/caJarSigningCert.cfg
Sending        ca/shared/profiles/ca/caOCSPCert.cfg
Sending        ca/shared/profiles/ca/caOtherCert.cfg
Sending        ca/shared/profiles/ca/caRACert.cfg
Sending        ca/shared/profiles/ca/caRARouterCert.cfg
Sending        ca/shared/profiles/ca/caRAagentCert.cfg
Sending        ca/shared/profiles/ca/caRAserverCert.cfg
Sending        ca/shared/profiles/ca/caRouterCert.cfg
Sending        ca/shared/profiles/ca/caServerCert.cfg
Sending        ca/shared/profiles/ca/caSignedLogCert.cfg
Sending        ca/shared/profiles/ca/caSimpleCMCUserCert.cfg
Sending        ca/shared/profiles/ca/caTPSCert.cfg
Sending        ca/shared/profiles/ca/caTransportCert.cfg
Sending        ca/shared/profiles/ca/caUUIDdeviceCert.cfg
Sending        ca/shared/profiles/ca/caUserCert.cfg
Sending        ca/src/com/netscape/ca/SigningUnit.java
Sending        common/src/com/netscape/cms/profile/common/CACertCAEnrollProfile.java
Sending        common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
Sending        ocsp/src/com/netscape/ocsp/SigningUnit.java
Sending        util/src/com/netscape/cmsutil/util/Cert.java
Sending        util/src/netscape/security/pkcs/PKCS10.java
Sending        util/src/netscape/security/x509/AlgorithmId.java
Transmitting file data .......................................
Committed revision 777.

Comment 19 Kashyap Chamarthy 2009-08-26 05:11:53 UTC
Verified. Works with the new patch.
I can see the shal384withECC being used to sign the algorithm(from the CA debug log)

=========================================================================

[25/Aug/2009:13:44:55][http-19443-Processor25]: CMSServlet: curDate=Tue Aug 25 13:44:55 IST 2009 id=camasterCAUpdateCRL time=37
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: Updating CRL
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: Making CRL wth algorithm SHA384withEC SHA384withEC
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: before new X509CRLImpl
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: before sign
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: Getting algorithm context for SHA384withEC ECSignatureWithSHA384Digest
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: Signing Certificate
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: before getEncoded()
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: after getEncoded()
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: getConn: mNumConns now 2
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: ByteArrayMapper:mapObjectToLDAPAttributeSet certificaterevocationlist size=282
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: ObjectStreamMapper:mapObjectToLDAPAttributeSet revokedCerts size=84
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: ObjectStreamMapper:mapObjectToLDAPAttributeSet unrevokedCerts size=84
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: ObjectStreamMapper:mapObjectToLDAPAttributeSet expiredCerts size=84
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: returnConn: mNumConns now 3
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: Logging CRL Update to transaction log
[25/Aug/2009:13:44:56][CRLIssuingPoint-MasterCRL]: Finished Logging CRL Update to transaction log
===================================================================================
<crl signed with SHA384withEC />
--------------------------------
Certificate Revocation List:
        Data:
            Signature Algorithm: SHA384withEC
            Issuer: CN=Certificate Authority,O=PnqRedhat Domain3
            This Update: Tuesday, August 25, 2009 1:44:56 PM IST Asia/Kolkata
            Next Update: Tuesday, August 25, 2009 5:00:00 PM IST Asia/Kolkata
            Revoked Certificates: 1-1 of 1
                Serial Number: 0x7
                Revocation Date: Tuesday, August 25, 2009 1:44:21 PM IST Asia/Kolkata
                Extensions:
                    Identifier: Revocation Reason - 2.5.29.21
                        Critical: no
                        Reason: Key_Compromise
                    Identifier: Invalidity Date - 2.5.29.24
                        Critical: no
                        Invalidity Date: Tue Aug 25 00:00:00 IST 2009
==============================================================================

Comment 21 errata-xmlrpc 2009-09-14 18:28:16 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-1443.html