[
https://issues.apache.org/jira/browse/IMPALA-14038?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17950614#comment-17950614
]
Joe McDonnell commented on IMPALA-14038:
----------------------------------------
X509_digest_sig's implementation uses a variety of functions that only exist in
OpenSSL 3, so it is hard to directly incorporate into our codebase. It's more
sophisticated about handling cases where there isn't a hash algorithm (it falls
back to sha256). I think that could apply for Ed25519/Ed448. No one has
mentioned using that yet.
Switching to using X509_get_signature_info() fixes my test case with
RSASSA-PSS. Postgres continues to use X509_get_signature_info(), and I think it
will be a while before we need something more sophisticated.
> RSASSA-PSS Signature Algorithm Not Supported
> --------------------------------------------
>
> Key: IMPALA-14038
> URL: https://issues.apache.org/jira/browse/IMPALA-14038
> Project: IMPALA
> Issue Type: Bug
> Affects Versions: Impala 5.0.0
> Reporter: Jason Fehr
> Assignee: Joe McDonnell
> Priority: Critical
>
> If a certificate used in kRPC communication uses the signature algorithm
> RSASSA-PSS, then communication will be blocked with the following error
> reported:
> {noformat}
> negotiation.cc:311] Negotiation complete: Not implemented: Server connection
> negotiation failed: server connection from ****: server certificate has no
> signature digest (hash) algorithm
> {noformat}
> This error is generated in
> [kudu/security/cert.cc|https://github.com/apache/impala/blob/cb496104d98e8cbd87acf25277f2648cffaac42a/be/src/kudu/security/cert.cc#L194].
> The reason the error is thrown is the RSASSA-PSS algorithm does not
> explicitly specify a hash algorithm. Instead, the hash algorithm is defined
> in subfields within the signature block of the certificate.
> For example, most signature algorithms look like this where the hash
> algorithm (SHA384) is included:
> {noformat}
> Signature Algorithm: ecdsa-with-SHA384
> {noformat}
> But, a RSASSA-PSS signature algorithm looks like this (note the hash
> algorithm is now in a subfield):
> {noformat}
> Signature Algorithm: rsassaPss
> Hash Algorithm: sha256
> Mask Algorithm: mgf1 with sha256
> Salt Length: 0x20
> Trailer Field: 0xBC (default)
> {noformat}
> Since the hash algorithm is defined in a subfield, digest_nid is set to 0.
> One possible solution is to use theĀ
> [X509_digest_sig|https://github.com/openssl/openssl/commit/fccf3dcef42f12b0ac2b1ab8979125a2511dc271]
> function from OpenSSL
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
