On Tue, Dec 17, 2024 at 01:41:10PM -0500, Robert Moskowitz wrote: > https://docs.openssl.org/3.4/man5/x509v3_config/#extended-key-usage > > This page includes SKI and states the choices are: > > none|hash|hexstring > > Where it says "hash" is SHA1 of the PK. It does NOT use default_md. > > So it will have to be hexstring that I learned to use in the past to feed an > environment variable value into the config file with: > > $ENV::var > > Boo. Hiss.... The SKID just needs to be a unique nonce per key of a single issuer, there is no actual requirement for any kind of collision resistant hash. Nobody checks that the SKID value is any particular hash of the public key, it is just an opaque octet string. So any specification that prescribes a specif hash to use to use for SKIDs is I think rather misguided. You could use a counter, or any other way of keeping the SKIDs distinct. You'll find that RFC5280 is in good alignment with this assessment: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2 For CA certificates, subject key identifiers SHOULD be derived from the public key or a method that generates unique values. Two common methods for generating key identifiers from the public key are: (1) The keyIdentifier is composed of the 160-bit SHA-1 hash of the value of the BIT STRING subjectPublicKey (excluding the tag, length, and number of unused bits). (2) The keyIdentifier is composed of a four-bit type field with the value 0100 followed by the least significant 60 bits of the SHA-1 hash of the value of the BIT STRING subjectPublicKey (excluding the tag, length, and number of unused bits). Other methods of generating unique numbers are also acceptable. Because key identifiers have generally been 20-byte octet strings, there is even some (small) risk of interoperability issues if you use a longer hash. That said, you don't have to use environment variables in config files, you can specify config fragments on the fly, say with bash: https://github.com/openssl/openssl/blob/0958f5a5bc47e2cca907a3bfaf14059c020324fd/test/certs/mkcert.sh#L90-L97 ... -extfile <(printf 'subjectKeyIdentifer = ...%s...\n' "...") ... Yes, indeed there is at present no supported mechanism to specify an alternative SKID hash, but frankly it makes little sense to go there. -- Viktor. -- You received this message because you are subscribed to the Google Groups "openssl-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to openssl-users+unsubscribe@xxxxxxxxxxx. To view this discussion visit https://groups.google.com/a/openssl.org/d/msgid/openssl-users/Z27O1FJ9y3lG64MM%40chardros.imrryr.org.
