[openssl] master update
tmraz at fedoraproject.org
tmraz at fedoraproject.org
Thu Aug 6 16:06:19 UTC 2020
The branch master has been updated
via 15c9aa3aef77c642ef2b6c84bba2b57b35ed083e (commit)
from 1b2873e4a1ed49b45555eb9a6ecff4d38df8d7e9 (commit)
- Log -----------------------------------------------------------------
commit 15c9aa3aef77c642ef2b6c84bba2b57b35ed083e
Author: Sahana Prasad <sahana at redhat.com>
Date: Wed Jul 22 13:36:36 2020 +0200
apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
Fixes #11672
Add "-legacy" option to load the legacy provider and
fall back to the old legacy default algorithms.
doc/man1/openssl-pkcs12.pod.in: updates documentation about the new
"-legacy" option
Signed-off-by: Sahana Prasad <sahana at redhat.com>
Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12540)
-----------------------------------------------------------------------
Summary of changes:
apps/pkcs12.c | 46 ++++++++++++++++++++++++++++++++----------
doc/man1/openssl-pkcs12.pod.in | 24 ++++++++++++++++++++--
2 files changed, 57 insertions(+), 13 deletions(-)
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index ca83e2d1be..3398250efd 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -18,6 +18,7 @@
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/pkcs12.h>
+#include <openssl/provider.h>
DEFINE_STACK_OF(X509)
DEFINE_STACK_OF(PKCS7)
@@ -61,12 +62,13 @@ typedef enum OPTION_choice {
OPT_INKEY, OPT_CERTFILE, OPT_NAME, OPT_CSP, OPT_CANAME,
OPT_IN, OPT_OUT, OPT_PASSIN, OPT_PASSOUT, OPT_PASSWORD, OPT_CAPATH,
OPT_CAFILE, OPT_CASTORE, OPT_NOCAPATH, OPT_NOCAFILE, OPT_NOCASTORE, OPT_ENGINE,
- OPT_R_ENUM, OPT_PROV_ENUM
+ OPT_R_ENUM, OPT_PROV_ENUM, OPT_LEGACY_ALG
} OPTION_CHOICE;
const OPTIONS pkcs12_options[] = {
OPT_SECTION("General"),
{"help", OPT_HELP, '-', "Display this summary"},
+ {"legacy", OPT_LEGACY_ALG, '-', "use legacy algorithms"},
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
#endif
@@ -117,9 +119,9 @@ const OPTIONS pkcs12_options[] = {
OPT_SECTION("Encryption"),
#ifndef OPENSSL_NO_RC2
{"descert", OPT_DESCERT, '-',
- "Encrypt output with 3DES (default RC2-40)"},
+ "Encrypt output with 3DES (default PBES2 with PBKDF2 and AES-256 CBC)"},
{"certpbe", OPT_CERTPBE, 's',
- "Certificate PBE algorithm (default RC2-40)"},
+ "Certificate PBE algorithm (default PBES2 with PBKDF2 and AES-256 CBC)"},
#else
{"descert", OPT_DESCERT, '-', "Encrypt output with 3DES (the default)"},
{"certpbe", OPT_CERTPBE, 's', "Certificate PBE algorithm (default 3DES)"},
@@ -143,14 +145,10 @@ int pkcs12_main(int argc, char **argv)
char *infile = NULL, *outfile = NULL, *keyname = NULL, *certfile = NULL;
char *name = NULL, *csp_name = NULL;
char pass[PASSWD_BUF_SIZE] = "", macpass[PASSWD_BUF_SIZE] = "";
- int export_cert = 0, options = 0, chain = 0, twopass = 0, keytype = 0;
+ int export_cert = 0, options = 0, chain = 0, twopass = 0, keytype = 0, use_legacy = 0;
int iter = PKCS12_DEFAULT_ITER, maciter = PKCS12_DEFAULT_ITER;
-#ifndef OPENSSL_NO_RC2
- int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
-#else
- int cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-#endif
- int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+ int cert_pbe = NID_aes_256_cbc;
+ int key_pbe = NID_aes_256_cbc;
int ret = 1, macver = 1, add_lmk = 0, private = 0;
int noprompt = 0;
char *passinarg = NULL, *passoutarg = NULL, *passarg = NULL;
@@ -162,7 +160,7 @@ int pkcs12_main(int argc, char **argv)
BIO *in = NULL, *out = NULL;
PKCS12 *p12 = NULL;
STACK_OF(OPENSSL_STRING) *canames = NULL;
- const EVP_CIPHER *enc = EVP_des_ede3_cbc();
+ const EVP_CIPHER *enc = EVP_aes_256_cbc();
OPTION_CHOICE o;
prog = opt_init(argc, argv, pkcs12_options);
@@ -313,6 +311,9 @@ int pkcs12_main(int argc, char **argv)
case OPT_ENGINE:
e = setup_engine(opt_arg(), 0);
break;
+ case OPT_LEGACY_ALG:
+ use_legacy = 1;
+ break;
case OPT_PROV_CASES:
if (!opt_provider(o))
goto end;
@@ -320,6 +321,29 @@ int pkcs12_main(int argc, char **argv)
}
}
argc = opt_num_rest();
+
+ if (use_legacy) {
+ /* load the legacy provider if not loaded already*/
+ if (!OSSL_PROVIDER_available(app_get0_libctx(), "legacy")) {
+ if (!app_provider_load(app_get0_libctx(), "legacy"))
+ goto end;
+ /* load the default provider explicitly */
+ if (!app_provider_load(app_get0_libctx(), "default"))
+ goto end;
+ }
+ if (cert_pbe != NID_pbe_WithSHA1And3_Key_TripleDES_CBC) {
+ /* Restore default algorithms */
+#ifndef OPENSSL_NO_RC2
+ cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
+#else
+ cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+#endif
+ }
+
+ key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+ enc = EVP_des_ede3_cbc();
+ }
+
if (argc != 0)
goto opthelp;
diff --git a/doc/man1/openssl-pkcs12.pod.in b/doc/man1/openssl-pkcs12.pod.in
index 3a97a81517..90d8a7e19e 100644
--- a/doc/man1/openssl-pkcs12.pod.in
+++ b/doc/man1/openssl-pkcs12.pod.in
@@ -44,6 +44,7 @@ B<openssl> B<pkcs12>
[B<-maciter>]
[B<-nomac>]
[B<-twopass>]
+[B<-legacy>]
[B<-descert>]
[B<-certpbe> I<cipher>]
[B<-keypbe> I<cipher>]
@@ -166,6 +167,16 @@ always assumes these are the same so this option will render such
PKCS#12 files unreadable. Cannot be used in combination with the options
B<-password>, B<-passin> if importing, or B<-passout> if exporting.
+=item B<-legacy>
+
+Use legacy mode of operation and automatically load the legacy provider.
+In the legacy mode, the default algorithm for certificate encryption
+is RC2_CBC or 3DES_CBC depending on whether the RC2 cipher is enabled
+in the build. The default algorithm for private key encryption is 3DES_CBC.
+If the legacy option is not specified, then the legacy provider is not loaded
+and the default encryption algorithm for both certificates and private keys is
+AES_256_CBC with PBKDF2 for key derivation by default.
+
=back
=head1 FILE CREATION OPTIONS
@@ -229,8 +240,9 @@ for this search. If the search fails it is considered a fatal error.
Encrypt the certificate using triple DES, this may render the PKCS#12
file unreadable by some "export grade" software. By default the private
-key is encrypted using triple DES and the certificate using 40 bit RC2
-unless RC2 is disabled in which case triple DES is used.
+key is encrypted using AES and the certificate using triple DES unless
+the '-legacy' option is used. If '-descert' is used with the '-legacy'
+then both, the private key and the certificate are encrypted using triple DES.
=item B<-keypbe> I<alg>, B<-certpbe> I<alg>
@@ -355,6 +367,10 @@ Print some info about a PKCS#12 file:
openssl pkcs12 -in file.p12 -info -noout
+Print some info about a PKCS#12 file in legacy mode:
+
+ openssl pkcs12 -in file.p12 -info -noout -legacy
+
Create a PKCS#12 file:
openssl pkcs12 -export -in file.pem -out file.p12 -name "My Certificate"
@@ -364,6 +380,10 @@ Include some extra certificates:
openssl pkcs12 -export -in file.pem -out file.p12 -name "My Certificate" \
-certfile othercerts.pem
+Export a PKCS#12 file with default encryption algorithms as in the legacy provider:
+
+ openssl pkcs12 -export -in cert.pem -inkey key.pem -out file.p12 -legacy
+
=head1 SEE ALSO
L<openssl(1)>,
More information about the openssl-commits
mailing list