On 1/11/24 15:41, Ken Hornstein wrote:
But here is some snippets of the PKCS#11 code in MIT Kerberos:
When specifying the search parameters to find the private key:
keytype = CKK_RSA;
attrs[nattrs].type = CKA_KEY_TYPE;
attrs[nattrs].pValue = &keytype;
attrs[nattrs].ulValueLen = sizeof keytype;
nattrs++;
When setting the key signing mechanism:
/*
* We'd like to use CKM_SHA256_RSA_PKCS for signing if it's available, but
* historically many cards seem to be confused about whether they are
* capable of mechanisms or not. The safe thing seems to be to ignore the
* mechanism list, always use CKM_RSA_PKCS and calculate the sha256 digest
* ourselves.
*/
id_cryptoctx->mech = CKM_RSA_PKCS;
Those are all hardcoded use of RSA keys and signing mechanisms and it
doesn't handle ECC at all. So unless the Yubico library ignored the
key type and mechanism (which I think would be extremely unlikely but
not impossible) I suspect you were using RSA back during your original
testing and didn't realize it.
--Ken
Its good to know the reason why MIT Kerberos cannot handle EC
certificates right now.
I know that NIST is happy with RSA 2048, but in Europe RSA >= 3072 is
already mandatory, and this key size makes small devices like the
Yubikeys very slow when generating the keys. In fact, Yubikeys only
support RSA <=2048.
So is there a way to submit a feature request for ECDSA support in MIT
Kerberos ?
-- Goetz
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
