Page MenuHome GnuPG

Kleopatra: Prevent OpenPGP Cert and CSR creation for RSA-2048 in de-vs mode
Testing, HighPublic

Description

Since 2019 Kleopatra does not offer RSA-2048 in de-vs mode in the newcertificatewizard, but it is possible to generate a CSR / OpenPCP Certificate for existing RSA-2048 keys from a smartcard. This is esp. a problem for Netkey cards since the RSA-2048 cards should be deprecated but can still be used by switching to OpenPGP.

It would be good if we could have this for the next release.

Update 2023-01-16: Also prevent usage of all non-brainpool curves in de-vs mode.

Event Timeline

aheinecke triaged this task as Normal priority.Tue, Jan 3, 11:07 AM
aheinecke created this task.
aheinecke raised the priority of this task from Normal to High.Mon, Jan 9, 10:25 AM
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.

RSA-2048 can still be used in de-vs mode if it's listed in the RSAKeySizes config entry.

Right, I think with that you could even go down to 1024 or 512 (or does gnupg block this?). Its better to block this in de-vs mode as it says in our documents somewhere that we prevent generation of non-compliant keys at least in the GUI.

For testing someone could still leave de-vs mode and generate a key that way. I think the RSAKeySizes config entry was mainly added to silence the "But I really really want RSA-8k keys" complaints.

ikloecker changed the task status from Open to Testing.Wed, Jan 11, 11:00 AM
ikloecker removed ikloecker as the assignee of this task.
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ikloecker added a subscriber: ikloecker.

Done for OpenPGP cards, PIV cards, and NetKey cards.

Note that I explicitly reject any RSA algos other than "rsa3072" and "rsa4096" instead of excluding just some RSA algos (see
rLIBKLEO1d9d7fe322f4: Add function to check if algorithm is de-vs compliant.
This function can easily be extended with other algorithms that are not De-VS compliant (or unsupported by gpgsm) and that currently cause an "Unsupported algorithm" error.

Ideally, we'd use a list of compliant, supported algorithms which we would retrieve from gpg and gpgsm.

ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.

Back to WiP to also prevent usage of all non-brainpool curves (as requested by Werner in M9#117).

ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.

Now creation of OpenPGP certificates and CSRs from card keys in de-vs mode is only possible for RSA 3072, RSA 4096, and the Brainpool curves.