Issue #2899: Audit log messages unclear during enrollment of SCP03 v7 token using NISTSP800 - dogtagpki

dogtagpki

#2899 Audit log messages unclear during enrollment of SCP03 v7 token using NISTSP800

Closed: wontfix 3 years ago by dmoluguw. Opened 6 years ago by mharmsen.

Audit log messages unclear during enrollment of SCP03 v7 token using NISTSP800

Steps to Reproduce:

1. Edit TPS as follows:

    tks.defKeySet.nistSP800-108KdfOnKeyVersion=0
    tks.defKeySet.nistSP800-108KdfUseCuidAsKdd=true

2. Enroll an SCP03 v7 token

Actual results:

TKS Audit log has the following messages

0.http-bio-23443-exec-5 - [14/Sep/2017:15:48:58 EDT] [14] [6] [AuditEvent=COMPUTE_SESSION_KEY_REQUEST][CUID_encoded=#00#05#00#45#A7#02#00#1F#00#07][KDD_encoded=#00#00#04#47#00#1F#00#07#A7#02][Outcome=Success][AgentID=TPS-nocp1.idm.lab.eng.rdu2.redhat.com-25443] TKS Compute session key request
0.http-bio-23443-exec-5 - [14/Sep/2017:15:48:58 EDT] [14] [6] [AuditEvent=COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS][CUID_decoded=00050045A702001F0007][KDD_decoded=00000447001F0007A702][Outcome=Success][status=0][AgentID=TPS-nocp1.idm.lab.eng.rdu2.redhat.com-25443][IsCryptoValidate=true][IsServerSideKeygen=true][SelectedToken=Internal Key Storage Token][KeyNickName=#01#03#70][TKSKeyset=defKeySet][KeyInfo_KeyVersion=0x1][NistSP800_108KdfOnKeyVersion={11}][NistSP800_108KdfUseCuidAsKdd={12}] TKS Compute session key request processed successfully.

Expected results:

[TKSKeyset=defKeySet][KeyInfo_KeyVersion=0x1][NistSP800_108KdfOnKeyVersion={11}][NistSP800_108KdfUseCuidAsKdd={12}

This should be more clear

Metadata Update from @mharmsen:
- Custom field component adjusted to None
- Custom field feature adjusted to None
- Custom field origin adjusted to None
- Custom field proposedmilestone adjusted to None
- Custom field proposedpriority adjusted to None
- Custom field reviewer adjusted to None
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1497347
- Custom field type adjusted to None
- Custom field version adjusted to None

6 years ago

dmoluguw commented 3 years ago

As per grooming meeting, we decided not to address this issue. If you think this is important, please feel free to reopen

Metadata Update from @dmoluguw:
- Issue close_status updated to: wontfix
- Issue status updated to: Closed (was: Open)

3 years ago

dmoluguw commented 3 years ago

Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new
issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.

This issue has been cloned to GitHub and is available here:
https://github.com/dogtagpki/pki/issues/3017

If you want to receive further updates on the issue, please navigate to the
GitHub issue and click on Subscribe button.

Thank you for understanding, and we apologize for any inconvenience.

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

critical

Milestone

10.6

lowhangingfruit

None

reporter

None

rhbz

https://bugzilla.redhat.com/show_bug.cgi?id=1497347

type

None

version

None

keywords

None

estimate

None

feature

None

origin

None

proposedpriority

None

fixedinversion

None

platforms

None

blockedby

None

blocking

None

reviewer

None

component

None

proposedmilestone

None

dogtagpki

Source Code

#2899 Audit log messages unclear during enrollment of SCP03 v7 token using NISTSP800 Closed: wontfix 3 years ago by dmoluguw. Opened 6 years ago by mharmsen.

Metadata

#2899 Audit log messages unclear during enrollment of SCP03 v7 token using NISTSP800

Closed: wontfix 3 years ago by dmoluguw. Opened 6 years ago by mharmsen.