From 85fa45a4322f53d2e08a544921ed6505bebc08ea Mon Sep 17 00:00:00 2001
From: Gobi Ganesan <gobi.ganesan1509@gmail.com>
Date: Thu, 18 Jun 2026 15:07:52 +0530
Subject: [PATCH] Replace SHA-1 with SHA-256 for X.509 SubjectKeyIdentifier
 computation

SHA-1 is deprecated by NIST (SP 800-131A Rev 2) and disallowed under
FIPS 140-2/3. This change replaces the SHA-1-based bigIntHash method
with computeSubjectKeyId, which implements RFC 7093 Method 4: SHA-256
of the full DER-encoded SubjectPublicKeyInfo structure.

The previous implementation also only hashed privateKey.N (the RSA
modulus), missing the public exponent and algorithm identifier. The new
implementation uses x509.MarshalPKIXPublicKey to hash the complete
SubjectPublicKeyInfo, which is cryptographically correct.

Fixes #39
---
 types/certificate_generator.go | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/types/certificate_generator.go b/types/certificate_generator.go
index 058e2a37..f32a0ef4 100644
--- a/types/certificate_generator.go
+++ b/types/certificate_generator.go
@@ -3,6 +3,7 @@ package types
 import (
 	"crypto/rand"
 	"crypto/rsa"
+	"crypto/sha256"
 	"crypto/x509"
 	"crypto/x509/pkix"
 	"encoding/pem"
@@ -10,8 +11,6 @@ import (
 	"net"
 	"time"
 
-	"crypto/sha1"
-
 	"github.com/cloudfoundry/bosh-utils/errors"
 )
 
@@ -60,10 +59,15 @@ func (cfg CertificateGenerator) Generate(parameters interface{}) (interface{}, e
 	return cfg.generateCertificate(params)
 }
 
-func (cfg CertificateGenerator) bigIntHash(n *big.Int) []byte {
-	h := sha1.New()
-	h.Write(n.Bytes())
-	return h.Sum(nil)
+// computeSubjectKeyId derives the SubjectKeyIdentifier per RFC 7093 Method 4:
+// SHA-256 of the full DER-encoded SubjectPublicKeyInfo structure.
+func computeSubjectKeyId(pub *rsa.PublicKey) ([]byte, error) {
+	pubDER, err := x509.MarshalPKIXPublicKey(pub)
+	if err != nil {
+		return nil, err
+	}
+	hash := sha256.Sum256(pubDER)
+	return hash[:], nil
 }
 
 func (cfg CertificateGenerator) generateCertificate(cParams certParams) (CertResponse, error) {
@@ -94,7 +98,11 @@ func (cfg CertificateGenerator) generateCertificate(cParams certParams) (CertRes
 		}
 	}
 
-	certTemplate.SubjectKeyId = cfg.bigIntHash(privateKey.N)
+	subjectKeyId, err := computeSubjectKeyId(&privateKey.PublicKey)
+	if err != nil {
+		return certResponse, errors.WrapError(err, "Computing SubjectKeyId")
+	}
+	certTemplate.SubjectKeyId = subjectKeyId
 
 	if cParams.IsCA {
 		certTemplate.KeyUsage = x509.KeyUsageCertSign | x509.KeyUsageCRLSign