Project

General

Profile

Feature #2765

Allow generation an x509 certificates with an SHA256 signature hash

Added by Dim Hatz almost 7 years ago. Updated over 6 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Certificates
Target version:
-
Start date:
01/19/2013
Due date:
% Done:

100%

Estimated time:

Description

Apparently pfsense's Cert Manager has hard-coded the use of SHA-1 for all PKI operations ("digest_alg" => "sha1" in /etc/inc/certs.inc).

It'd be nice to allow user-selectable digest_alg (options would be sha224/sha256/sha384/sha512), since according to Wiki & NIST "cryptographic weaknesses were discovered in SHA-1 and the standard is no longer approved for most cryptographic uses after 2010".

Associated revisions

Revision ca621902 (diff)
Added by Jim Pingle almost 7 years ago

Allow selecting the digest algorithm when creating a CA or Cert. Implements #2765

History

#1 Updated by Dim Hatz almost 7 years ago

Just quick update:

1) The relevant keyword in openssl.cnf is default_md = sha256 # (md5/sha512/etc)
2) For openssl command-line -sha256 is correct for commandline req including req -x509, and x509 including x509 -req, but not for "openssl ca". ca uses -md sha256.

#2 Updated by Jim Pingle almost 7 years ago

  • Assignee set to Jim Pingle

I'd hate to hardcode a list, but openssl doesn't appear to have a good way to list the available message digest algorithms in the version we use. "openssl list-message-digest-commands" doesn't contain all the right ones, and "list-message-digest-algorithms" seems to only be in OpenSSL >= 1.0.

Passing an invalid parameter to "openssl dgst" such as "openssl dgst -h" can get one somewhat but it's still would be awkward to parse.

May be better to hardcode in the long run since many of these are probably unsuitable anyhow...


-md5            to use the md5 message digest algorithm (default)
-md4            to use the md4 message digest algorithm
-md2            to use the md2 message digest algorithm
-sha1           to use the sha1 message digest algorithm
-sha            to use the sha message digest algorithm
-sha224         to use the sha224 message digest algorithm
-sha256         to use the sha256 message digest algorithm
-sha384         to use the sha384 message digest algorithm
-sha512         to use the sha512 message digest algorithm
-mdc2           to use the mdc2 message digest algorithm
-ripemd160      to use the ripemd160 message digest algorithm

#3 Updated by Dim Hatz almost 7 years ago

Based on some searching I did earlier, it seems that the only ones suitable are:

sha1 (with the above mentioned reservations)
sha224
sha256
sha384
sha512

A quick checking of Root CAs (Verisign, Thawte, Godaddy etc), suggests that they are transitioning to sha256/RSA2048 or better.

PS: Since we're talking about networking gear, there is also a related table by Cisco at http://www.cisco.com/web/about/security/intelligence/nextgen_crypto.html

#4 Updated by Jim Pingle almost 7 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

#5 Updated by Jim Pingle over 6 years ago

  • Status changed from Feedback to Resolved

Also available in: Atom PDF