At my work, I've been attempting to create a single jar signing
certificate with multiple signatures. Since tools such as PGP allow
a single certificate to be signed by multiple CA's, it seemed
plausible that the NSS signing tools should be able to do the same.
Here's the motivation. Our software enhancements/updates are
delivered in jar files (produced by the NSS suite). We've been
using certification authority "A" so far, and we recently gave
another group a certificate "X" that had "A" in its trust chain.
So jars signed with "X"'s are allowed by the update mechanism.
Now we have a type "B" device which runs some but not all of the software
as type A. So the idea is to sign common code with a "Z" certificate
that is signed by A and a new B CA. Then updates that are signed with
"A" or "Z" can only applied to "A" devices, while only "B" or "Z" signed
jars can be applied to "B" devices. This is the desired method because
of the precedent set by the A/X trust chain.
However, after iteratively producing NSS certificates/keys and
trying in vain to produce jars that could be successfully verified
with multiple distinct CA's, I don't believe this is possible with
the current tool set.
The pure NSS approach that failed goes like this:
- Create new certificate Z with CA A
% certutil -d A -f passwd.A -S -s ... -1 -2 -5 -m 20070606 -v 12 \
-c A -n Z -t C,C,Cu
- Export Z as CSR
% certutil -d A -f passwd.A -R -s ... -a -o CSR.Z -n Z
- Create cert from CSR.Z using CA B
% certutil -d B -f passwd.B -C -a -o CERT.Z -c B -v 12 -1 -2 -5 -i CSR.Z
(Note: This worked with our "production boxes" running NSS 3.9.2.
I also tried with NSS 3.11, which rejected this, saying
unable to retrieve key B: Peer's public key is invalid.
Hmm...)
- Import resulting cert back to A
% mv A A.save; mkdir A; cp A.save/* A
% certutil -d A -f passwd.A -A -a -i CERT.Z -n Z -t C,C,Cu
Now try to create a sign jar:
- signtool -dA -kZ -p... -Zcommon.jar test.d
...
Generating zigbert.sf file..
warning - can't find private key for this cert
signtool: PROBLEM signing data (Bad signature)
the tree "test.d" was NOT SUCCESSFULLY SIGNED
Perhaps this is what some people call "cross signing" certificates?
The NSS roadmap refers support for cross signed certificates in the
NSS 3.12 timeframe, but the date for 3.12 feature completion remains TBD.
I also spent some time with OpenSSL, whose facilities for certificate
management are centered on the X.509 standard. It appears that the
X.509 format itself allows for just one signature per certificate,
though there have been proposals for multiple signature extensions.
JDK includes a "jarsigner" utility which can apply multiple signatures
to the same jar, but does not appear to interoperate with NSS signtool.
Also, since jarsigner operates much differerently from signtool,
changing to JDK from NSS seems an unacceptable risk to me.
So, am I approaching this
Thanks,
Romain Kang
[EMAIL PROTECTED]
_______________________________________________
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto
