https://bugzilla.redhat.com/show_bug.cgi?id=824624 (Dogtag Certificate System)
Description of problem: Verification of the PKCS#7 signed data portion of SCEP CertRep messages issued by the CA have an invalid digestAlgorithm OID in the signerInfo. The problem appears to be the OID that is given in the digestAlgorithm field of the signerInfo portion of the PKCS#7 signature. For CertRep messages using MD5 and SHA-1 the OID is correct and matches the single OID in the digestAlgorithms list from the SignedData segment. In the case of SHA-256 and SHA-512, it appears that the second to the last octet in the two digests (0x2) is missing. For SHA-256 the OID in the signerInfo is "2.16.840.1.101.3.4.1" (it should be ...3.4.2.1). For SHA-512 the OID given is "2.16.840.1.101.3.4.3"when it should end "...3.4.2.3" Version-Release number of selected component (if applicable): pki-core 9.0.17 and 9.0.19. The latter was used to generate the messages in the attachment. Other possibly relevant versions: NSS 3.13.4-2, NSPR 4.9-2, JSS 4.2.6.24 How reproducible: Easily reproducible (I see the issue on every CertRep from the CA using SHA-256 or SHA-512). Steps to Reproduce: 1. Create a CA and RA using all default options. Configure the CA to use SHA-256 or SHA-512 in CS.cfg ca.scep.hashAlgorithm=SHA256 or ca.scep.hashAlgorithm=SHA512 2. Create a pin for the scep client using the RA web interface 3. Use sscep to create a request using the pin 4. Attempt to enroll using "sscep enroll -f sscep.conf" 5. Capture the CertRep message returned by the CA either with wireshark or by turning on the verbose/debug flags in the sscep client. Note: you may want a version of sscep modified to use sha256 for the request, though I don't think it's necessary. http://pki.fedoraproject.org/wiki/SCEP_in_Dogtag See the section "SCEP Request Generation with SHA2" Actual results: The signerInfo portion of the CertRep from the CA will have an invalid digest OID. For SHA-256 the OID in the signerInfo is "2.16.840.1.101.3.4.1". For SHA-512 the OID in the signerInfo is "2.16.840.1.101.3.4.3" Expected results: For SHA-256 the OID in the signerInfo should be "2.16.840.1.101.3.4.2.1" For SHA-512 the OID in the signerInfo should be "2.16.840.1.101.3.4.2.3" Additional info: The workaround for this is to use MD5 or SHA-1 for the digestAlgorithm. I have attached a zip file with CertRep success (issued cert) and failure messages for SHA-1 (working perfectly), SHA-256 and SHA-512 (both with invalid OIDs). All CertRep messages are in PEM form.
proposed Milestone: 10.2.3 - Per Dogtag 10.2.3 meeting of 09/25/2014
I think this is fixed in jss-4.2.6-35
http://koji.fedoraproject.org/koji/buildinfo?buildID=581844
http://koji.fedoraproject.org/koji/buildinfo?buildID=581825
http://koji.fedoraproject.org/koji/buildinfo?buildID=581655
Metadata Update from @nkinder: - Issue assigned to cfu - Issue set to the milestone: 10.2.3
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/1014
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Login to comment on this ticket.