[39340] in Kerberos
Re: Using PKINIT with ECC
daemon@ATHENA.MIT.EDU (Goetz Golla)
Fri Jan 26 02:02:43 2024
Message-ID: <81773b85-0be5-4412-9d64-ca94b2cdd2b7@sec4mail.de>
Date: Fri, 26 Jan 2024 08:01:12 +0100
MIME-Version: 1.0
Content-Language: en-US
To: kerberos@mit.edu
From: Goetz Golla <mit@sec4mail.de>
In-Reply-To: <202401111441.40BEf6HH019591@hedwig.cmf.nrl.navy.mil>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: kerberos-bounces@mit.edu
On 1/11/24 15:41, Ken Hornstein wrote:
> But here is some snippets of the PKCS#11 code in MIT Kerberos:
>
> When specifying the search parameters to find the private key:
>
> keytype = CKK_RSA;
> attrs[nattrs].type = CKA_KEY_TYPE;
> attrs[nattrs].pValue = &keytype;
> attrs[nattrs].ulValueLen = sizeof keytype;
> nattrs++;
>
> When setting the key signing mechanism:
>
> /*
> * We'd like to use CKM_SHA256_RSA_PKCS for signing if it's available, but
> * historically many cards seem to be confused about whether they are
> * capable of mechanisms or not. The safe thing seems to be to ignore the
> * mechanism list, always use CKM_RSA_PKCS and calculate the sha256 digest
> * ourselves.
> */
> id_cryptoctx->mech = CKM_RSA_PKCS;
>
> Those are all hardcoded use of RSA keys and signing mechanisms and it
> doesn't handle ECC at all. So unless the Yubico library ignored the
> key type and mechanism (which I think would be extremely unlikely but
> not impossible) I suspect you were using RSA back during your original
> testing and didn't realize it.
>
> --Ken
Its good to know the reason why MIT Kerberos cannot handle EC
certificates right now.
I know that NIST is happy with RSA 2048, but in Europe RSA >= 3072 is
already mandatory, and this key size makes small devices like the
Yubikeys very slow when generating the keys. In fact, Yubikeys only
support RSA <=2048.
So is there a way to submit a feature request for ECDSA support in MIT
Kerberos ?
-- Goetz
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
