Discussion:
[strongSwan] scepclient and EC pubkey support
Markus P. Beckhaus
2018-06-13 09:49:29 UTC
Permalink
Hi,

I am trying to use ipsec_scepclient against a 2-tiered AD CS with ECDSA setup but this fails with the following error message:

EC public key encryption not implemented
encrypting symmetric key failed

Obviosly this tells me exactly, why it isn’t working, but on the other side we have strongswan running VPN tunnels on the same box with ECDSA certificates from abovementioned CA, so basically ECDSA modules are present and loaded.

So I am asking myself, if the scepclient does not utilize the same module architecture as the charon deamon.

My question is, if scepclient definitely does not support EC or if I can tweak my configuration in any way to add EC support to scepclient.

Best Regards

Markus
Jason Burrell
2018-06-13 14:48:02 UTC
Permalink
The SCEP protocol doesn't support elliptic curve algorithms — It's RSA-only.

From an enrollment-protocol perspective, you'll need to look at
something like CMP or EST for ECDSA support. Since EST has a similar
scope to SCEP, whereas CMP tries to solve many more CA-related problems,
it's usually the step up from SCEP when you need ECDSA.

-Jason Burrell
Post by Markus P. Beckhaus
Hi,
I am trying to use ipsec_scepclient against a 2-tiered AD CS with
EC public key encryption not implemented
encrypting symmetric key failed
Obviosly this tells me exactly, why it isn’t working, but on the other
side we have strongswan running VPN tunnels on the same box with ECDSA
certificates from abovementioned CA, so basically ECDSA modules are
present and loaded.
So I am asking myself, if the scepclient does not utilize the same
module architecture as the charon deamon.
My question is, if scepclient definitely does not support EC or if I
can tweak my configuration in any way to add EC support to scepclient.
Best Regards
Markus
Tobias Brunner
2018-06-13 15:03:35 UTC
Permalink
Hi,
The SCEP protocol doesn't support elliptic curve algorithms — It's RSA-only.
Just for reference, SCEP, as defined in the latest version of the draft,
doesn't seem have that limitation anymore [1]. (strongSwan's scepclient
is, of course, based on version 11 of the old draft, so...)

Regards,
Tobias

[1] https://tools.ietf.org/html/draft-gutmann-scep-10#section-3.1
Markus P. Beckhaus
2018-06-14 15:31:13 UTC
Permalink
Tobias, Jason,



thanks for your fast reply and precise explanation. Unfortunately, AD CS does not provide CMP or EST and given that SCEP originally only supported RSA I doubt that the AD CS NDES (SCEP) supports ECDSA anyway.



We will have to look for a different way to mass deploy (and renew) certificates, maybe the AD CS Certificate Enrollment Webservices.



Best Regards



Markus





Am 13.06.18, 17:03 schrieb "Users im Auftrag von Tobias Brunner" <users-***@lists.strongswan.org im Auftrag von ***@strongswan.org>:



Hi,
Post by Jason Burrell
The SCEP protocol doesn't support elliptic curve algorithms — It's RSA-only.
Just for reference, SCEP, as defined in the latest version of the draft,

doesn't seem have that limitation anymore [1]. (strongSwan's scepclient

is, of course, based on version 11 of the old draft, so...)



Regards,

Tobias



[1] https://tools.ietf.org/html/draft-gutmann-scep-10#section-3.1
Christian Salway
2018-06-14 18:07:51 UTC
Permalink
What about Vault [1]?

[1] https://www.vaultproject.io/ <https://www.vaultproject.io/>
Post by Markus P. Beckhaus
Tobias, Jason,
thanks for your fast reply and precise explanation. Unfortunately, AD CS does not provide CMP or EST and given that SCEP originally only supported RSA I doubt that the AD CS NDES (SCEP) supports ECDSA anyway.
We will have to look for a different way to mass deploy (and renew) certificates, maybe the AD CS Certificate Enrollment Webservices.
Best Regards
Markus
Hi,
Post by Jason Burrell
The SCEP protocol doesn't support elliptic curve algorithms — It's RSA-only.
Just for reference, SCEP, as defined in the latest version of the draft,
doesn't seem have that limitation anymore [1]. (strongSwan's scepclient
is, of course, based on version 11 of the old draft, so...)
Regards,
Tobias
[1] https://tools.ietf.org/html/draft-gutmann-scep-10#section-3.1
Markus P. Beckhaus
2018-06-15 09:03:06 UTC
Permalink
Hi Christian,

interesting tool, but how could it help for an automated mass certificate (self) deployment to x-thousand devices.

Best Regards

Markus

Von: Christian Salway <***@naimuri.com>
Datum: Donnerstag, 14. Juni 2018 um 20:07
An: "Markus P. Beckhaus" <***@beckhaus.com>
Cc: "***@lists.strongswan.org" <***@lists.strongswan.org>
Betreff: Re: [strongSwan] scepclient and EC pubkey support

What about Vault [1]?

[1] https://www.vaultproject.io/



On 14 Jun 2018, at 16:31, Markus P. Beckhaus <***@beckhaus.com<mailto:***@beckhaus.com>> wrote:

Tobias, Jason,



thanks for your fast reply and precise explanation. Unfortunately, AD CS does not provide CMP or EST and given that SCEP originally only supported RSA I doubt that the AD CS NDES (SCEP) supports ECDSA anyway.



We will have to look for a different way to mass deploy (and renew) certificates, maybe the AD CS Certificate Enrollment Webservices.



Best Regards



Markus





Am 13.06.18, 17:03 schrieb "Users im Auftrag von Tobias Brunner" <users-***@lists.strongswan.org<mailto:users-***@lists.strongswan.org> im Auftrag von ***@strongswan.org<mailto:***@strongswan.org>>:



Hi,




The SCEP protocol doesn't support elliptic curve algorithms — It's RSA-only.



Just for reference, SCEP, as defined in the latest version of the draft,

doesn't seem have that limitation anymore [1]. (strongSwan's scepclient

is, of course, based on version 11 of the old draft, so...)



Regards,

Tobias



[1] https://tools.ietf.org/html/draft-gutmann-scep-10#section-3.1
Christian Salway
2018-06-15 09:10:33 UTC
Permalink
Hi Markus,

If it can be scripted to create certs, you can write a script to create a cert and then mass mail. It depends on where the CSR/KEY are created - on the client or in the script and then encrypted into a P12.

You could do something like this:
---------

openssl req -new -newkey ec:<(openssl ecparam -name secp384r1) -nodes -subj “C=GB/CN=${cn}" -keyout private/${cn}.key -out requests/${cn}.csr

openssl x509 -req -in requests/${cn}.csr -out certs/${cn}.crt -days 395 \
-CAkey private/ca.key -CA ca.crt -CAcreateserial \
-passin pass:”${ca-pswd}" \
-extfile <(cat <<EOF
basicConstraints = CA:false
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
extendedKeyUsage = clientAuth
subjectAltName = DNS:${cn}
EOF
)

openssl pkcs12 -export -certfile ca.crt -in certs/${cn}.crt -inkey private/${cn}.key -out p12/${cn}.p12 -passout pass:${p12-pswd}


Email out

---------
Post by Markus P. Beckhaus
Hi Christian,
interesting tool, but how could it help for an automated mass certificate (self) deployment to x-thousand devices.
Best Regards
Markus
Datum: Donnerstag, 14. Juni 2018 um 20:07
Betreff: Re: [strongSwan] scepclient and EC pubkey support
What about Vault [1]?
[1] https://www.vaultproject.io/ <https://www.vaultproject.io/>
Tobias, Jason,
thanks for your fast reply and precise explanation. Unfortunately, AD CS does not provide CMP or EST and given that SCEP originally only supported RSA I doubt that the AD CS NDES (SCEP) supports ECDSA anyway.
We will have to look for a different way to mass deploy (and renew) certificates, maybe the AD CS Certificate Enrollment Webservices.
Best Regards
Markus
Hi,
The SCEP protocol doesn't support elliptic curve algorithms — It's RSA-only.
Just for reference, SCEP, as defined in the latest version of the draft,
doesn't seem have that limitation anymore [1]. (strongSwan's scepclient
is, of course, based on version 11 of the old draft, so...)
Regards,
Tobias
[1] https://tools.ietf.org/html/draft-gutmann-scep-10#section-3.1 <https://tools.ietf.org/html/draft-gutmann-scep-10#section-3.1>
Loading...