Bugzilla

Reopening as this was only partially implemented by Bug 1753026 implementation of some of the SHA-3 family primitives.

The reporter requested implementation of the RSA and ECDSA digital signatures using SHA-3 family of hash functions.

Currently NSS [secoidt.h](https://searchfox.org/mozilla-central/source/security/nss/lib/util/secoidt.h#505) has defined:
* less than half of the [CSOR registered SHA-3 family hash OIDs](https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration#heading1709301476339_2),
* All of the [CSOR registered SHA-3 family HMAC OIDs](https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration#heading1709301289369_3), and
* None of the DSA, RSA or ECDSA [CSOR registered SHA-3 family digital signature OIDs](https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration#DSA) requested by the reporter.

As mentioned by Simon in Comment #6, apart from the 4 SHA-3 hash algorithms the [SHA-3 family](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf#page=3) does also include the 2 SHAKE hash algorithms.

The 2 SHAKE algorithms have been standardised in 2019 by IETF as part of PKIX under the [RFC 8692](https://www.rfc-editor.org/rfc/rfc8692.html).

Without these implemented when Firefox currently encounters a website with an OpenSSl generated certificate signed using `ecdsa_with_SHA3-384` algorithm, it fails with `SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED` "The certificate is not trusted because it was signed using a signature algorithm that was disabled because that algorithm is not secure"  error because the NSS [sec_DecodeSigAlg](https://searchfox.org/mozilla-central/source/security/nss/lib/cryptohi/secvfy.c#424) and [CERT_VerifySignedDataWithPublicKey](https://searchfox.org/mozilla-central/source/security/nss/lib/certhigh/certvfy.c#169) functions don't recognise the signature algorithm.

With SHA-3 primitives already implemented by Bug 1753026, I'm guessing implementing SHA-3 digital signatures and certificate validation support should be easier?

Reopening as this was only partially implemented by Bug 1753026 implementation of some of the SHA-3 family primitives.

The reporter requested implementation of the RSA and ECDSA digital signatures using SHA-3 family of hash functions.

Currently NSS [secoidt.h](https://searchfox.org/mozilla-central/source/security/nss/lib/util/secoidt.h#505) has defined:
* less than half of the [CSOR registered SHA-3 family hash OIDs](https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration#heading1709301476339_2),
* All of the [CSOR registered SHA-3 family HMAC OIDs](https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration#heading1709301289369_3), and
* None of the DSA, RSA or ECDSA [CSOR registered SHA-3 family digital signature OIDs](https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration#DSA) requested by the reporter.

As mentioned by Simon in Comment #6, apart from the 4 SHA-3 hash algorithms the [SHA-3 family](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf#page=3) does also include the 2 SHAKE hash algorithms.

The 2 SHAKE algorithms have been standardised in 2019 by IETF as part of PKIX under the [RFC 8692](https://www.rfc-editor.org/rfc/rfc8692.html).

Without these implemented, when Firefox currently encounters a website with an OpenSSl generated certificate signed using `ecdsa_with_SHA3-384` algorithm, it fails with `SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED` "The certificate is not trusted because it was signed using a signature algorithm that was disabled because that algorithm is not secure"  error because the NSS [sec_DecodeSigAlg](https://searchfox.org/mozilla-central/source/security/nss/lib/cryptohi/secvfy.c#424) and [CERT_VerifySignedDataWithPublicKey](https://searchfox.org/mozilla-central/source/security/nss/lib/certhigh/certvfy.c#169) functions don't recognise the signature algorithm.

With SHA-3 primitives already implemented by Bug 1753026, I'm guessing implementing SHA-3 digital signatures and certificate validation support should be easier?

Reopening as this was only partially implemented by Bug 1753026 implementation of some of the SHA-3 family primitives.

The reporter requested implementation of the RSA and ECDSA digital signatures using SHA-3 family of hash functions.

Currently NSS [secoidt.h](https://searchfox.org/mozilla-central/source/security/nss/lib/util/secoidt.h#505) has defined:
* less than half of the [CSOR registered SHA-3 family hash OIDs](https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration#heading1709301476339_2),
* All of the [CSOR registered SHA-3 family HMAC OIDs](https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration#heading1709301289369_3), and
* None of the DSA, RSA or ECDSA [CSOR registered SHA-3 family digital signature OIDs](https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration#DSA) requested by the reporter.

As mentioned by Simon in Comment #6, apart from the 4 SHA-3 hash algorithms the [SHA-3 family](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf#page=3) does also include the 2 SHAKE hash algorithms.

The 2 SHAKE algorithms have been standardised in 2019 by IETF as part of PKIX under the [RFC 8692](https://www.rfc-editor.org/rfc/rfc8692.html).

Without these implemented, when Firefox currently encounters a website with an OpenSSL generated certificate signed using `ecdsa_with_SHA3-384` algorithm, it fails with `SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED` "The certificate is not trusted because it was signed using a signature algorithm that was disabled because that algorithm is not secure"  error because the NSS [sec_DecodeSigAlg](https://searchfox.org/mozilla-central/source/security/nss/lib/cryptohi/secvfy.c#424) and [CERT_VerifySignedDataWithPublicKey](https://searchfox.org/mozilla-central/source/security/nss/lib/certhigh/certvfy.c#169) functions don't recognise the signature algorithm.

With SHA-3 primitives already implemented by Bug 1753026, I'm guessing implementing SHA-3 digital signatures and certificate validation support should be easier?