Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support 3072 bit RSA and increase minimum RSA size #496

Closed
SilleBille opened this issue Nov 5, 2019 · 0 comments
Closed

Support 3072 bit RSA and increase minimum RSA size #496

SilleBille opened this issue Nov 5, 2019 · 0 comments

Comments

@SilleBille
Copy link
Owner

This issue was migrated from Pagure Issue #3097.Originally filed by cheimes on 2019-04-17

The feature request is related to IPA ticket https://pagure.io/freeipa/issue/6790 . In IPA we like to support 3072bit RSA keys. 3072 is a good compromise between performance and security for keys with a life time beyond 2030. NIST Special Publication 800-57 Part 3 Revision 1 recommends 3072bit RSA for these keys. 3072 bit RSA keys have about the same strength as 128bit symmetric encryption.

Alexander and I skimmed through Dogtag's code and found a couple of places that either have very weak minimums or seem to hard code a list of expected RSA key sizes without 3072. We are not sure if any of these places actually prohibit RSA 3072 keys. Please take a look:

CS.cfg contains

ca.Policy.rule.RSAKeyRule.maxSize=2048
ca.Policy.rule.RSAKeyRule.minSize=512

Various preop keysizes like preop.cert.audit_signing.keysize.size are hard-coded to 2048.

LWCA hard-codes 2048 in https://github.com/dogtagpki/pki/blob/8215e8205f19961d8fb1cb4b98c807e2f7e19917/base/ca/src/com/netscape/ca/CertificateAuthority.java#L2859-L2864, also see ticket https://pagure.io/dogtagpki/issue/1589

HTTPInput checks key size and does not contain 3072, https://github.com/dogtagpki/pki/blob/master/base/common/src/com/netscape/certsrv/util/HttpInput.java#L139-L148
This was referenced Nov 10, 2019
Closed
Closed
SilleBille pushed a commit that referenced this issue Aug 10, 2020
@jmagne
Address RHCS-1347 dd healthcheck to test the health of clone. (#496)
a2665b9 
Simple test of clones associated with a pki instance.

Testing is predicated on locating within the given instance a CA security domain subsystem.

From there the security domain is consulted for a list of cloned subsystems.
Each clone found is checked in a simple fashion for a connectivity and for simple data,
when appropriate. For now the OCSP , TKS, and TPS clones are checked for connectivity.

Another caveat: Originally I wanted to pair up each discoverd clone with it's master and compare data
within the CA and KRA to match them up. This round I was nota able to easily figure out this mapping, so for
now the actual clones are tested.

Simple command line to run the test directly:

pki-healthcheck --debug  --source pki.server.healthcheck.clones.connectivity_and_data --check ClonesConnectivyAndDataCheck

The test reaches out provides a result for each group of ca, kra, ocsp, tps, and tks clones.

Note that we have issues with tps and ocsp clones at this point.

Co-authored-by: Jack Magne <jmagne@localhost.localdomain>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@SilleBille