Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Normal
Fix Version/s: None
Affects Version/s: rhel-10.0.beta
Component/s: pki-core
Labels:
None

Regression:
No
Severity:
Low
sprint_count:
1

Pool Team:

rhel-sst-idm-cs
Sub-System Group:

ssg_idm

Story Points:
2
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Sprint:
Crypto24Q4

Preliminary Testing:
None
Test Coverage:
None

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

Generating KRA DSA key algorithm for sizes <=1024 works see below:

pki -d /opt/pki/certdb -P http -p 21080 -h pki1.example.com -c SECret.123 -n "PKI KRA Administrator for Example.Org" kra-key-generate "testuser21049_88558805" --key-algorithm DSA --key-size "2048" --usages "wrap,unwrap"
java.lang.IllegalArgumentException: Invalid key size specified.
at com.netscape.certsrv.key.KeyClient.generateAsymmetricKey(KeyClient.java:1028)
at com.netscape.cmstools.kra.KRAKeyGenerateCLI.execute(KRAKeyGenerateCLI.java:132)
at org.dogtagpki.cli.CommandCLI.execute(CommandCLI.java:58)
at org.dogtagpki.cli.CLI.execute(CLI.java:353)
at org.dogtagpki.cli.CLI.execute(CLI.java:353)
at com.netscape.cmstools.cli.SubsystemCLI.execute(SubsystemCLI.java:79)
at org.dogtagpki.cli.CLI.execute(CLI.java:353)
at com.netscape.cmstools.cli.MainCLI.execute(MainCLI.java:659)
at com.netscape.cmstools.cli.MainCLI.main(MainCLI.java:698)
17:10
[root@pki1 ~]# pki -d /opt/pki/certdb -P http -p 21080 -h pki1.example.com -c SECret.123 -n "PKI KRA Administrator for Example.Org" kra-key-generate "testuser21049_88558805" --key-algorithm DSA --key-size "1024" --usages "wrap,unwrap"
---------------------------
Key generation request info
---------------------------
Request ID: 0x1c96f10a81952ec49ad67734e7851f91
Type: asymkeyGenRequest
Status: complete
Creation Time: Tue Sep 10 17:02:41 EDT 2024
Modification Time: Tue Sep 10 17:02:41 EDT 2024
[root@pki1 ~]# pki -d /opt/pki/certdb -P http -p 21080 -h pki1.example.com -c SECret.123 -n "PKI KRA Administrator for Example.Org" kra-key-generate "testuser21049_88558805" --key-algorithm DSA --key-size "512" --usages "wrap,unwrap"
---------------------------
Key generation request info
---------------------------
Request ID: 0x5f88bf4f72372ba1b8f8b15cb4bc1a9f
Type: asymkeyGenRequest
Status: complete
Creation Time: Tue Sep 10 17:05:06 EDT 2024
Modification Time: Tue Sep 10 17:05:06 EDT 2024
[root@pki1 ~]# pki -d /opt/pki/certdb -P http -p 21080 -h pki1.example.com -c SECret.123 -n "PKI KRA Administrator for Example.Org" kra-key-generate "testuser21049_88558805" --key-algorithm DSA --key-size "512" --usages "wrap,unwrap"

Expected :
Expected that like keysize >= 2048 it should FAIL

is cloned by

RHEL-63013 Investigate DSA keygen should fail in RHEL 10

Closed

Assignee:: RHCS Maintenance

Reporter:: Gilbert Kimetto

Developer:: RHCS Maintenance

QA Contact:: IdM CS QE

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 2024/09/16 11:21 PM

Updated:: 2024/10/17 3:22 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates