summaryrefslogtreecommitdiffstats
path: root/security/nss/doc/rst/legacy/nss_tech_notes/nss_tech_note3/index.rst
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/doc/rst/legacy/nss_tech_notes/nss_tech_note3/index.rst')
-rw-r--r--security/nss/doc/rst/legacy/nss_tech_notes/nss_tech_note3/index.rst234
1 files changed, 234 insertions, 0 deletions
diff --git a/security/nss/doc/rst/legacy/nss_tech_notes/nss_tech_note3/index.rst b/security/nss/doc/rst/legacy/nss_tech_notes/nss_tech_note3/index.rst
new file mode 100644
index 0000000000..2d72c870cc
--- /dev/null
+++ b/security/nss/doc/rst/legacy/nss_tech_notes/nss_tech_note3/index.rst
@@ -0,0 +1,234 @@
+.. _mozilla_projects_nss_nss_tech_notes_nss_tech_note3:
+
+nss tech note3
+==============
+
+.. _all_about_certificate_extensions:
+
+`All About Certificate Extensions <#all_about_certificate_extensions>`__
+------------------------------------------------------------------------
+
+.. container::
+
+.. _nss_technical_note_3:
+
+`NSS Technical Note: 3 <#nss_technical_note_3>`__
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. container::
+
+ .. code::
+
+ 09 May 2002
+ Nelson B. Bolyard
+
+ This week at least 5 different people came to me with variants of the
+ same question:
+
+ What certificate extensions do I have to put into my cert for NSS to
+ allow it to be used for purpose <x>??
+
+ This message attempts to answer that question, and to document NSS's
+ approach to validating certificates for certain purposes.
+
+ When NSS is asked to verify the validity of a certificate chain, it
+ verifies the validity of that cert chain for a particular purpose,
+ known as a SECCertUsage, as of a specific date and time.
+
+ The list of known SECCertUsages is short:
+
+ certUsageSSLClient ........... An SSL client authentication cert
+ certUsageSSLServer ........... An ordinary SSL server cert
+ certUsageSSLServerWithStepUp.. An SSL server cert that allows export
+ clients to use strong crypto.
+ certUsageSSLCA ............... An intermediate or root CA cert allowed
+ to issue SSL client or SSL server certs
+ or other intermediate SSL CA certs.
+ certUsageEmailSigner ......... Used to verify S/MIME email signatures
+ certUsageEmailRecipient ...... Used to encrypt S/MIME emails.
+ certUsageObjectSigner ........ Used to verify signatures on files of
+ executable code, e.g. jar files.
+ certUsageStatusResponder ..... Used by an OCSP responder
+ certUsageVerifyCA ............ A CA of any kind.
+
+ Each cert has a "type" and a "key usage", each of which may contain one
+ or more valid values.
+
+ Each of the above SECCertUsages translates into a required set of
+ cert type and key usage for the certificate itself, and into another
+ set of required cert type and key usage for all the CA certs in the
+ cert chain.
+
+ To determine if a cert is valid for a given cert usage, it must have the
+ the cert type and key usage required for that cert usage, and all the
+ CA certs in the cert chain must have the cert type and key usage required
+ for CA certs for that cert usage.
+
+ There are 8 Key Usages:
+ CERT_SIGN
+ CRL_SIGN
+ DATA_ENCIPHERMENT
+ DIGITAL_SIGNATURE
+ GOVT_APPROVED
+ KEY_AGREEMENT
+ KEY_ENCIPHERMENT
+ NON_REPUDIATION
+
+ There are 9 Cert types:
+ EMAIL
+ EMAIL_CA
+ OBJECT_SIGNING
+ OBJECT_SIGNING_CA
+ SSL_CA
+ SSL_CLIENT
+ SSL_SERVER
+ STATUS_RESPONDER
+ TIME_STAMP
+
+
+ For the cert being checked, the requirements are:
+
+ Cert Usage Requried Key Usage Required Cert Type
+ -------------------- -------------------- -----------------------
+ SSLClient: DIGITAL_SIGNATURE; SSL_CLIENT;
+
+ SSLServer: KEY_AGREEMENT OR
+ KEY_ENCIPHERMENT; SSL_SERVER;
+
+ SSLServerWithStepUp: GOVT_APPROVED AND SSL_SERVER
+ KEY_AGREEMENT or
+ KEY_ENCIPHERMENT
+
+ SSLCA: CERT_SIGN; SSL_CA;
+
+ EmailSigner: DIGITAL_SIGNATURE; EMAIL;
+
+ EmailRecipient: KEY_AGREEMENT OR
+ KEY_ENCIPHERMENT; EMAIL;
+
+ ObjectSigner: DIGITAL_SIGNATURE; OBJECT_SIGNING;
+
+ StatusResponder: DIGITAL_SIGNATURE; STATUS_RESPONDER;
+
+ VerifyCA CERT_SIGN SSL_CA OR
+ EMAIL_CA OR
+ OBJECT_SIGNING_CA OR
+ STATUS_RESPONDER
+
+ For CA certs in the cert chain, the requirements are:
+
+ Cert Usage Requried Key Usage Required Cert Type
+ -------------------- -------------------- -----------------------
+ SSLServerWithStepUp: GOVT_APPROVED AND
+ CERT_SIGN; SSL_CA;
+
+ SSLClient: CERT_SIGN; SSL_CA;
+
+ SSLServer: CERT_SIGN; SSL_CA;
+
+ SSLCA: CERT_SIGN; SSL_CA;
+
+ EmailSigner: CERT_SIGN; EMAIL_CA or SSL_CA
+
+ EmailRecipient: CERT_SIGN; EMAIL_CA or SSL_CA
+
+ ObjectSigner: CERT_SIGN; OBJECT_SIGNING_CA;
+
+ UsageAnyCA: CERT_SIGN; OBJECT_SIGNING_CA OR
+ EMAIL_CA OR
+ SSL_CA;
+
+ StatusResponder: CERT_SIGN; OBJECT_SIGNING_CA OR
+ EMAIL_CA OR
+ SSL_CA;
+
+ Note: When the required key usage is KEY_AGREEMENT OR KEY_ENCIPHERMENT,
+ the actual key usage required depends on the key's algorithm. For
+ RSA keys, the required usage is KEY_ENCIPHERMENT. For other types of
+ keys, it is KEY_AGREEMENT.
+
+
+ Cert Extensions:
+
+ One vital Certificate extension is the "Basic Constraints" extension.
+ It tells NSS whether the cert is a CA cert, or not, and affects every
+ other aspect of how the cert is interpreted by NSS. The OID for this
+ extension is { 2 5 29 19 }, encoded in hex as 0x55, 0x1d, 0x13.
+ If the extension is present and has the value TRUE, then this cert is
+ taken to be a CA cert. Otherwise it is not (except that trust flags
+ may override this, see discussion of trust flags farther below).
+
+ Netscape has its own openly defined Cert Type extension, which can be used
+ to explicitly set the Cert Type in any Cert. The Cert Type extension has
+ bits in it that correspond directly to the cert types named above.
+ The OID for this extension is { 2 16 840 1 113730 1 1 }
+ encoded in hex as 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x01
+
+ In addition to Netscape's own Cert Type extension, NSS recognizes various
+ X.509 extensions.
+
+ The X.509 key usage extension has OID { 2 5 29 0F } encoded in hex as
+ 0x55, 0x1d, 0x0f. If present, this extension directly determines the
+ values of the 8 key usages defined above. If absent, the cert is
+ assumed to be valid for all key usages.
+
+ The X.509v3 extended Key usage extension as OID { 2 5 29 37 } encoded in
+ hex as 0x55, 0x1d, 0x25. That extension contains a sequence of OIDs, each
+ of which signifies one or more Cert Types, depending on the presence or
+ absence of of the True Basic Constraints extension; that is, the
+ interpretation of the extended Key Usage extension is controlled by
+ whether the cert is a CA cert, or not.
+
+ The following table shows the OIDs recognized in the extended key usage
+ extension, and how they map to cert types and key usages for CA and non-CA
+ certs.
+
+ extended key usage OID non-CA cert CA cert
+ ----------------------------------- -------------- ----------------
+ SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT EMAIL_CA EMAIL_CA
+ SEC_OID_EXT_KEY_USAGE_SERVER_AUTH SSL_SERVER SSL_CA
+ SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH SSL_CLIENT SSL_CA
+ SEC_OID_EXT_KEY_USAGE_CODE_SIGN OBJECT_SIGNING OBJECT_SIGNING_CA
+ SEC_OID_EXT_KEY_USAGE_TIME_STAMP TIME_STAMP TIME_STAMP
+ SEC_OID_OCSP_RESPONDER OCSP_RESPONDER OCSP_RESPONDER
+
+ SEC_OID_NS_KEY_USAGE_GOVT_APPROVED GOVT_APPROVED GOVT_APPROVED
+
+ If the extended key usage extension is absent, the cert is assumed to have
+ the cert types SSL_CLIENT, SSL_SERVER and EMAIL, and if the cert is a CA
+ cert (as indicated by the presence of a true basic constraints extension),
+ the cert is also assumed to have the cert types SSL_CA, EMAIL_CA and
+ STATUS_RESPONDER. If the basic constraints extension is missing, but the
+ user has trusted the cert as a CA cert, the cert also gets the
+ STATUS_RESPONDER cert type. If the cert has a Fortezza type public key
+ with the magic bits that signify that it is a CA, it is given cert types
+ SSL_CA and EMAIL_CA.
+
+ A cert with the extended key usage extension and the Netscape cert type
+ extension that has the cert type SSL_CLIENT and also has an email address
+ in the subject is also given the cert type EMAIL. This allows all SSL
+ client authentication certs with email addresses to also be used as email
+ certs (provded they have adequate key usage).
+
+ A cert with the extended key usage extension and the Netscape cert type
+ extension that as cert type SSL_CA is also always given cert type EMAIL_CA.
+ This allows all SSL intermediate CAs to also be used as email intermediate CAs.
+
+ /* X.509 v3 Key Usage Extension flags */
+ #define KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */
+ #define KU_NON_REPUDIATION (0x40) /* bit 1 */
+ #define KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */
+ #define KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */
+ #define KU_KEY_AGREEMENT (0x08) /* bit 4 */
+ #define KU_KEY_CERT_SIGN (0x04) /* bit 5 */
+ #define KU_CRL_SIGN (0x02) /* bit 6 */
+
+ #define NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */
+ #define NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */
+ #define NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */
+ #define NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */
+ #define NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */
+ #define NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */
+ #define NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */
+ #define NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */
+ </x> \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-22 11:13:26 +0000