This issue was migrated from Pagure Issue #3097.Originally filed by cheimes on 2019-04-17
The feature request is related to IPA ticket https://pagure.io/freeipa/issue/6790 . In IPA we like to support 3072bit RSA keys. 3072 is a good compromise between performance and security for keys with a life time beyond 2030. NIST Special Publication 800-57 Part 3 Revision 1 recommends 3072bit RSA for these keys. 3072 bit RSA keys have about the same strength as 128bit symmetric encryption.
Alexander and I skimmed through Dogtag's code and found a couple of places that either have very weak minimums or seem to hard code a list of expected RSA key sizes without 3072. We are not sure if any of these places actually prohibit RSA 3072 keys. Please take a look:
This issue was migrated from Pagure Issue #3097.Originally filed by cheimes on 2019-04-17
The feature request is related to IPA ticket https://pagure.io/freeipa/issue/6790 . In IPA we like to support 3072bit RSA keys. 3072 is a good compromise between performance and security for keys with a life time beyond 2030. NIST Special Publication 800-57 Part 3 Revision 1 recommends 3072bit RSA for these keys. 3072 bit RSA keys have about the same strength as 128bit symmetric encryption.
Alexander and I skimmed through Dogtag's code and found a couple of places that either have very weak minimums or seem to hard code a list of expected RSA key sizes without 3072. We are not sure if any of these places actually prohibit RSA 3072 keys. Please take a look:
CS.cfg contains
Various preop keysizes like
preop.cert.audit_signing.keysize.size
are hard-coded to 2048.LWCA hard-codes 2048 in https://github.com/dogtagpki/pki/blob/8215e8205f19961d8fb1cb4b98c807e2f7e19917/base/ca/src/com/netscape/ca/CertificateAuthority.java#L2859-L2864, also see ticket https://pagure.io/dogtagpki/issue/1589
HTTPInput checks key size and does not contain 3072, https://github.com/dogtagpki/pki/blob/master/base/common/src/com/netscape/certsrv/util/HttpInput.java#L139-L148