As part of our linux secure boot implementation using dm-verity and root hash signature checking, I need to sign a file with the following openssl command (example):
openssl smime -sign -nocerts -noattr -binary -in unsigned.txt -inkey private.key -signer cert.pem -outform der -out signed.txt
This generates a PKCS#7 file which then can be processed successfully by the linux kernel.
But for production we don't use openssl but PrimeKey Signserver (which is based on bouncycastle) with CMS signer. Here I was not able to configure the CMS signer to generate a working PKCS#7 so far. The problem is a difference in digest_enc_algorithm as seen in the image below (Left: signserver, right: openssl).
The problem is, that the kernel wont support that OID. Simply adding the sha256WithRsaEncryption to the switch fixes the problem, but I am not sure if this is a valid solution.
Another "fix" I found was simply replacing the OID of the signed PKCS#7 file, which also raises a few questions for me?!
Now my questions:
- Is there a real difference between rsaEncryption and sha256WithRsaEncryption in that context?
- Why is it possible to alter the PKCS#7 file and everything works fine?
- Would it be a valid fix to add the OID in the switch-case in the kernel? (at least from a crypto perspective)
Thank you for your support!
UPDATE: Found this issue on the backlog of PrimeKey signserver.