[feature] Importing existing CA: KeyError: 'ecdsa-with-SHA384'

[MEschenbacher]

I'm trying to importing an existing CA certificate which generates an error:

  File "/home/max/git/django-x509/django_x509/base/models.py", line 362, in _import
    self.digest = SIGNATURE_MAPPING[algorithm]
KeyError: 'ecdsa-with-SHA384'
[13/Jun/2021 00:03:38] "POST /admin/django_x509/ca/add/ HTTP/1.1" 500 142363

Looking into django_x509/base/models.py dict SIGNATURE_MAPPING: are EC signatures and certificates/keys supported?

[nemesifier]

I'm trying to importing an existing CA certificate which generates an error:

  File "/home/max/git/django-x509/django_x509/base/models.py", line 362, in _import
    self.digest = SIGNATURE_MAPPING[algorithm]
KeyError: 'ecdsa-with-SHA384'
[13/Jun/2021 00:03:38] "POST /admin/django_x509/ca/add/ HTTP/1.1" 500 142363

Looking into django_x509/base/models.py dict SIGNATURE_MAPPING: are EC signatures and certificates/keys supported?

@MEschenbacher looks like these are not supported: https://github.com/openwisp/django-x509/blob/9b3795ec07ceee4bdd27e99b08424d048cbf05c7/django_x509/base/models.py#L39-L45

I guess these can be added with a bit of work.

How do you generate an ecdsa cert for testing purposes?

[MEschenbacher]

Here's a minimal example for creation of the ecdsa certificate:

openssl ecparam -genkey -name secp384r1 | openssl ec -aes256 -out ca.key.pem
openssl req -new -sha384 -key ca.key.pem -out ca.req.pem
openssl req -x509 -sha384 -days 365 -key ca.key.pem -in ca.req.pem -out ca.cert.pem

[sid-008]

Hey there @nemesisdesign I'd like to take a shot at working on this, how do you propose I start?

[nemesifier]

Hey there @nemesisdesign I'd like to take a shot at working on this, how do you propose I start?

Start with https://github.com/openwisp/django-x509#installing-for-development, then come to the dev chat to coordinate.