Signature algorithm not allowed

I have an S/MIME certificate I want to add to my system to be able to sing PDFs. For this, I have used the command:

pk12util -i mycert.p12 -d /home/myuser/.pki/nssdb -W mypassword

On my Laptop with an identical Fedora setup (Fedora 40 KDE Spin, Kernel 6.10.11-200.fc40.x86_64) this worked without any problems. However, on my PC this same certificate file throws:

pk12util: PKCS12 decode not verified: SEC_ERROR_BAD_EXPORT_ALGORITHM: Required algorithm is not allowed.
pk12util: no nickname for cert in PKCS12 file.
pk12util: using nickname: ###REDACTED###
pk12util: PKCS12 decode import bags failed: SEC_ERROR_BAD_EXPORT_ALGORITHM: Required algorithm is not allowed.

I have already checked update-crypto-policies to be at DEFAULT

Also, the key was generated with RSA-4096. Openssl gives the following information:

MAC: sha1, Iteration 2048
MAC length: 20, salt length: 8
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048

Preinstalled Firefox can´t load PFX certificate but portable one can - #4 by vgaetera

In particular, change the signature algorithm to SHA-256 or stronger.

That seems to work, but shouldn’t sha1 be still accepted?

https://lwn.net/Articles/887832/

Interesting, but AFAIK Fedora 40 still accepts SHA1 without any problems. It worked on my laptop. Anyway, thanks @vgaetera I just extracted the key and certificate chain and converted it to something more modern:

MAC: sha256, Iteration 2048
MAC length: 32, salt length: 8
PKCS7 Encrypted data: PBES2, PBKDF2, AES-256-CBC, Iteration 2048, PRF hmacWithSHA256
Shrouded Keybag: PBES2, PBKDF2, AES-256-CBC, Iteration 2048, PRF hmacWithSHA256

The signing process itself is using SHA-384 on both my laptop and my PC

1 Like