certmonger

#89 scep-submit should support configuration of allowed encryption and hash algorithms
Closed: fixed Opened by tvaughan.

Closed: fixed
Reopen Issue

Presently, when enrolling a certificate, it looks like scep-submit will only use DES and MD5.

There are a couple of issues with this. First, both of these are horribly insecure at this point. Second, some servers, such as dogtag allow you to specify the allowed set of encryption and hashing algorithms for SCEP to include AES and SHA256 or higher.

The current SCEP draft implementation notes that both AES and SHA256 are mandatory to implement functionality per https://tools.ietf.org/html/draft-gutmann-scep-06#section-2.8 and that implementations should not support DES or MD5.

This was tested against dogtag with both certmonger-0.78.4-3.el7.x86_64 and certmonger-0.79.5-1.el7.centos.x86_64 and I was unable to change the algorithm.

For Messages from the Client

All messages from the client are sent as DES and MD5 and there does not appear to be a way to disable this. Removing those from the list of allowed ciphers in dogtag causes the certificate enrollment to fail due to lack of a supported algorithm.

For Messages from the Server

After looking at the scep source code, it looks like specifying ca.scep.hashAlgorithm=SHA256 in dogtag does work.

Also, setting ca.scep.encryptionAlgorithm=DES3 works.

However, AES support is nowhere to be found.

We should be able to fail enrollment if the server does not respond with an allowed encryption or hash type.
Edited by tvaughan

DES and MD5 are a MUST NOT in the latest draft.

@rcritten This is very true, but I would probably leave them in to be optionally enabled for the sole reason that this was originally designed for network equipment and it will be years before people can swap them out for updated models.

But certmonger is just another client so as long as the CA servers are up-to-date-ish I think disallowing it is fine. I can go ahead and add an option to allow it I suppose.

BTW, I think the reason certmonger is using MD5 and DES is that dogtag doesn't support GetCACaps so certmonger is falling back to its defaults of MD5 and DES (which obviously should be AES and SHA-256 but I suppose SCEP has been a moving target and these were the minimums at one time).

@rcritten Yeah, this is exactly the reason. I've already pinged the necro-bug to try and get it fixed https://pagure.io/dogtagpki/issue/627

If you're using https there's no issue at all and even so, not making is something that I can toggle on or of isn't great from a user point of view.

From this side, basically leaving the old ciphers off, but available, means that I don't have to go update a lot of different things at the same time. Give it a sunset date for certmonger 1.0 or something like that.

@rcritten I've added a PR for this as #98

Metadata Update from @rcritten:
- Issue assigned to tvaughan
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

@rcritten I see that this was merged but I'm unable to determine if it has made it into an upstream certmonger release. Do you know which release this was included in?

certmonger-0.79.6
Metadata
None
None
None
None
Static archive. pagure.io was sunset in 2026; this is a read-only snapshot.
Red Hat Logo

Fedora is sponsored by Red Hat. Learn more about the relationship between Red Hat and Fedora »

© Red Hat, Inc. and others.