Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

This article describes the security configuration for CMP in Certificate Manager and some configurable parameters in the cmp.conf file. 


Excerpt

CMP has additional security features supported by PGW. Device keys are always generated in the device. The inner request is always signed by the newly generated key for the sake of Proof of Possession (PoP) of the key. The device authenticates against the CMP server with an outer signature. This signature is created either with a password based mac using a shared secret or a private key, which is certified either in a vendor certificate, that is, signed by the manufacturer's CA and loaded in the device during production, or in an operator certificate, that is, signed by the operator's CA and loaded in the device using CMP. The device signs all requests and confirmations with the password-based mac or either key.

Encrypt device certificate

The CMP service also signs all responses and confirmations. It can also encrypt the newly issued device certificate with the device certificate's public key. This is configured with the enroll.encryptcertificate parameter and provides additional protocol security to protect the certificate from becoming publicly known before the device has received the certificate and sent the confirmation. 

Use password-based mac

By default, the CMP service will use a private key to sign all its responses back to the requesting device. However it is possible to configure the CMP service to respond with a password based mac using the shared secret of the current device. If the cmpresponsebuilder.allow.passwordbasedmac parameter inside the certificate format cmp.conf is set to true, then the CMP service will sign all responses with a password based mac, if and only if the device initiated the the first transaction request with a password-based mac, and if no error occurred during the transaction. This means if the device used a secret to sign its ir, cr or kur requests, the CMP service will respond with a password-based mac, if the secret is known. Else it will sign with a private key. During the transaction, the device is not allowed to change its protection algorithm until the transaction has finished, that is, during a confirmation. 

Verify salt and iteration count

When the device is using a password-based mac, the CMP service will verify that the parameters, salt and iteration count, are not too low or too high. The allowed spans can be configured in the Protocol Gateway certificate format cmp.conf. See the passwordbased.<xxx> parameters in the example below.

Example

Code Block
titleExample: cmp.conf
[Info]
FileFormatVersion = 1
Description = CMP request format.
Type = EU

[Modules]
CMPRequestVerifyer = 1
CmpPopVerifyer = 2
CertificateReader = 3
FieldOperator = 4
FieldComposer = 5
RequestVerifier = 6
CmpRequestCaller = 7
CmpResponseBuilder = 8
CmpErrorMessageBuilder = 9

[FormatDefinitionFields]

;; Should the resulting certificate be encrypted or not?
enroll.encryptcertificate = false

passwordbased.saltlength.min = 10
passwordbased.saltlength.max = 50
passwordbased.iterationcount.min = 500
passwordbased.iterationcount.max = 1000000

cmpresponsebuilder.allow.passwordbasedmac = false

Related information