<html dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style id="owaParaStyle" type="text/css">P {margin-top:0;margin-bottom:0;}</style>
</head>
<body ocsi="0" fpstyle="1">
<div style="direction: ltr;font-family: Tahoma;color: #000000;font-size: 10pt;"><span style="font-family: Courier New;">Hello all,</span><br style="font-family: Courier New;">
<br style="font-family: Courier New;">
<span style="font-family: Courier New;">I have come across what looks like a bug in SCEP responses from the CA when using
</span><span style="font-family: Courier New;">SHA-256 and SHA-512.</span><br style="font-family: Courier New;">
<br style="font-family: Courier New;">
<span style="font-family: Courier New;">The problem appears to be the OID that is given in the digestAlgorithm field of
</span><span style="font-family: Courier New;">the signerInfo portion of the PKCS#7 signature. For CertRep messages using MD5
</span><span style="font-family: Courier New;">and SHA-1 the OID is correct and matches the single OID in the digestAlgorithms
</span><span style="font-family: Courier New;">list from the SignedData segment.</span><span style="font-family: Courier New;"> In the case of SHA-256 and SHA-512, it appears that the second to the last octet
</span><span style="font-family: Courier New;">in the two digests (0x2) is missing. For SHA-256 the OID in the signerInfo is
</span><span style="font-family: Courier New;">"2.16.840.1.101.3.4.1" (it should be ...3.4.2.1). For SHA-512 the OID given is
</span><span style="font-family: Courier New;">"2.16.840.1.101.3.4.3"when it should end "...3.4.2.3"</span><br style="font-family: Courier New;">
<br style="font-family: Courier New;">
<span style="font-family: Courier New;">When attempting to verify the digest using NSS'SEC_PKCS7VerifySignature() /
</span><span style="font-family: Courier New;">SEC_PKCS7VerifyDetachedSignature() it fails, and I believe it also fails with
</span><span style="font-family: Courier New;">similar calls under OpenSSL. There's a mention of the latter on the Dogtag
</span><span style="font-family: Courier New;">SCEP/SSCEP page under the heading "SSCEP Error". I believe this error is due to
</span><span style="font-family: Courier New;">this OID discrepancy.</span><br style="font-family: Courier New;">
<br style="font-family: Courier New;">
<span style="font-family: Courier New;">I've been looking in the Dogtag source and the JSS Javadocs to see where this OID
</span><span style="font-family: Courier New;">might be coming from. Everything I've looked at where OIDs for SHA-2 algorithms
</span><span style="font-family: Courier New;">are concerned have the right bytes, so I've been unable to pinpoint where the OID
</span><span style="font-family: Courier New;">is coming from.</span><br style="font-family: Courier New;">
<br style="font-family: Courier New;">
<span style="font-family: Courier New;">I can provide sample CertRep messages with the odd OIDs in there if desired. A
</span><span style="font-family: Courier New;">sample signerInfo from a SHA-256 CertRep failure message from dumpasn1 is below:</span><br style="font-family: Courier New;">
<br style="font-family: Courier New;">
Currently Running:<br style="font-family: Courier New;">
<span style="font-family: Courier New;">Fedora Core 15 updated to the latest as of 5/17/2012</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;">pki-core (and other rpms) 9.0.19-1</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;">nss-* 3.13.4-2</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;">jss-4.2.6.24</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;">nspr-4.9-2</span><br style="font-family: Courier New;">
<br>
(I've also seen this behavior with pki-core 9.0.17 and its corresponding packages as well)<br>
<br style="font-family: Courier New;">
<span style="font-family: Courier New;">I did go looking through the mailing lists and bugzilla to see if this issue had
</span><span style="font-family: Courier New;">been found and didn't see anything. If I did overlook it then please accept my
</span><span style="font-family: Courier New;">apologies. I'm currently working around the problem by using SHA-1, but I'd
</span><span style="font-family: Courier New;">really like to be able to use the stronger digest algorithms if possible. If
</span><span style="font-family: Courier New;">anyone knows how to get that working I'd appreciate it.</span><br style="font-family: Courier New;">
<br style="font-family: Courier New;">
<span style="font-family: Courier New;">Thanks,</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;">Jamil</span><br style="font-family: Courier New;">
<br style="font-family: Courier New;">
<span style="font-family: Courier New;">SAMPLE CertRep Fail signerInfo using SHA-256:</span><br style="font-family: Courier New;">
<br style="font-family: Courier New;">
<br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 60 623: SET {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 64 619: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 68 1: INTEGER 1</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 71 72: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 73 67: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 75 16: SET {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 77 14: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 79 3: OBJECT IDENTIFIER organizationName (2 5 4 10)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : (X.520 DN component)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 84 7: PrintableString 'TESTPKI'</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 93 15: SET {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 95 13: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 97 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 11)</span><br style="font-family: Courier New;">
<br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : (X.520 DN component)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 102 6: PrintableString 'pki-ca'</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 110 30: SET {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 112 28: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 114 3: OBJECT IDENTIFIER commonName (2 5 4 3)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : (X.520 DN component)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 119 21: PrintableString 'Certificate Authority'</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 142 1: INTEGER 1</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 145 12: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 147 8: OBJECT IDENTIFIER aes (2 16 840 1 101 3 4 1)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : (NIST Algorithm)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 157 0: NULL</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 159 250: [0] {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 162 17: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 164 10: OBJECT IDENTIFIER messageType (2 16 840 1 113733 1 9 2)</span><br style="font-family: Courier New;">
<br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : (Verisign PKCS #7 attribute)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 176 3: SET {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 178 1: PrintableString '3'</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 181 17: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 183 10: OBJECT IDENTIFIER pkiStatus (2 16 840 1 113733 1 9 3)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : (Verisign PKCS #7 attribute)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 195 3: SET {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 197 1: PrintableString '2'</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 200 17: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 202 10: OBJECT IDENTIFIER failInfo (2 16 840 1 113733 1 9 4)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : (Verisign PKCS #7 attribute)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 214 3: SET {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 216 1: PrintableString '2'</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 219 24: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 221 9: OBJECT IDENTIFIER contentType (1 2 840 113549 1 9 3)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : (PKCS #9)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 232 11: SET {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 234 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : (PKCS #7)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 245 32: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 247 10: OBJECT IDENTIFIER senderNonce (2 16 840 1 113733 1 9 5)</span><br style="font-family: Courier New;">
<br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : (Verisign PKCS #7 attribute)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 259 18: SET {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 261 16: OCTET STRING</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : A9 7A AB 92 86 A8 C6 FB A7 AA 59 C8 D8 85 5B 8F</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 279 32: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 281 10: OBJECT IDENTIFIER</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : recipientNonce (2 16 840 1 113733 1 9 6)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : (Verisign PKCS #7 attribute)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 293 18: SET {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 295 16: OCTET STRING</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : BD 5F 02 CC D5 5A 25 34 84 00 78 E2 6B 54 D3 7A</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 313 47: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 315 9: OBJECT IDENTIFIER messageDigest (1 2 840 113549 1 9 4)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : (PKCS #9)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 326 34: SET {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 328 32: OCTET STRING</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : E3 B0 C4 42 98 FC 1C 14 9A FB F4 C8 99 6F B9 24</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : 27 AE 41 E4 64 9B 93 4C A4 95 99 1B 78 52 B8 55</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 362 48: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 364 10: OBJECT IDENTIFIER transID (2 16 840 1 113733 1 9 7)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : (Verisign PKCS #7 attribute)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 376 34: SET {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 378 32: PrintableString '856F90890192FFE9A321C83CB56169AA'</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 412 13: SEQUENCE {</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 414 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : (PKCS #1)</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 425 0: NULL</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> 427 256: OCTET STRING</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : 6C 5E EA E3 6E 5B 5D E9 41 72 20 83 33 48 1B 7D</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : 3F 5F 1F A6 C3 D3 5D D5 F3 D3 57 E7 A7 7C 65 D1</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : 25 39 C0 A3 13 E2 63 10 79 28 55 2C 35 51 E0 0F</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : 63 7B F1 C4 F2 56 E1 63 37 78 01 C1 84 38 44 94</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : 46 8F 54 89 E0 FB C1 50 F5 15 9F CA B4 1E A7 68</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : C1 DE 96 3C AB 79 33 B8 44 44 F2 A1 0B 03 2A FD</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : 06 51 5D A1 C6 71 61 50 67 44 C4 94 01 5F 21 1F</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : EE CF 4B 8D 79 7F 89 45 0D 32 37 AC BE B2 21 A5</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : [ Another 128 bytes skipped ]</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<span style="font-family: Courier New;"> : }</span><br style="font-family: Courier New;">
<br style="font-family: Courier New;">
<br style="font-family: Courier New;">
</div>
</body>
</html>