Open JonathanLydall opened 3 years ago
vcsjones
commented
3 years ago You should be able to use RSA-HSM with a 2048-bit key. That's fairly typical and I have used that with AzureSignTool and SignService.
I would advise against EC and EC-HSM at the moment as Windows' code signing appears to have some compatibility issue with EC keys for SignerSignEx3 (but that was quite a long time ago, perhaps Windows has improved that).
judge2020
commented
3 years ago To add, you should be able to re-issue the certificate without having to repay for it if you contact your CA. Most will be fine with one or two re-issuances (the old cert ends up being OCSP revoked)
You should be able to use RSA-HSM with a 2048-bit key. That's fairly typical and I have used that with AzureSignTool and SignService.
Any issues with 4096-bit keys in that case?
vcsjones
commented
3 years ago Any issues with 4096-bit keys in that case?
I can't think of a reason why that would not work. It looks like RSA-HSM supports its and AzureSignTool.Core has tests for 4096-bit keys.
garrett-wood
commented
3 years ago @vcsjones , FYI the CAB Forum has a new guideline taking effect 2021.06.01 where all CA's need to enforce a minimum size of 3072 bit RSA keys for CS certs https://blog.entrust.com/2021/01/code-signing-baseline-requirements-oblige-larger-keys-for-crypto-efficacy/
Of the options offered by Azure Key Vault (below), what is supported by AzureSignTool? Additionally, if anyone has suggestions on what is likely the most practical to use considering security and other tradeoffs, that would be useful too.
As per https://github.com/vcsjones/AzureSignTool/issues/36#issuecomment-744497228, some key type with size and/or curve elliptic name choices offered by Azure Key Vault are not supported when using AzureSignTool.
The portal at the moment offers the following key types:
I presume that as issuers require an HSM in order to issue EV certificates, that means we need to choose between
RSA-HSMandEC-HSM.For RSA-HSM, the portal offers the following key size options:
Apparently, since 2015 NIST has recommended a minimum key size of 2048 for RSA.
For EC-HSM, the portal offers the following elliptic curve names:
When I naively asked in a different issue if
RSA-HSMwith a key size of2048would work, @garrett-wood shot me down and I went with his suggestion to useEC-HSMwithP-384. Unfortunately though, once our certficate was eventually issued I then discovered that it is not supported by AzureSignTool and/or the underlying OS.Thanks in advance for any advice offered.