-
Bug
-
Resolution: Won't Do
-
Minor
-
None
-
rhel-9.0.0
-
None
-
Low
-
rhel-security-crypto
-
ssg_security
-
None
-
False
-
False
-
-
None
-
None
-
None
-
None
-
If docs needed, set a value
-
-
Unspecified
-
None
-
57,005
Description of problem: certtool --to-p12 always uses hmacWithSHA256
Version-Release number of selected component (if applicable): gnutls-3.7.3-1.el9
How reproducible: always
Steps to Reproduce:
1. openssl req -x509 -newkey rsa -keyout localhost.key -out localhost.crt -subj /CN=localhost -nodes -batch
2. certtool --to-p12 --outder --p12-name localhost --load-certificate localhost.crt --load-privkey localhost.key --outfile p12 --password pass --hash SHA512
3. openssl pkcs12 -in p12 -info -nodes -noout -passin pass:pass
Actual results:
MAC: sha512, Iteration 600000
MAC length: 64, salt length: 8
PKCS7 Encrypted data: PBES2, PBKDF2, AES-128-CBC, Iteration 600000, PRF hmacWithSHA256
Certificate bag
PKCS7 Data
Shrouded Keybag: PBES2, PBKDF2, AES-128-CBC, Iteration 600000, PRF hmacWithSHA256
Expected results:
MAC: sha512, Iteration 600000
MAC length: 64, salt length: 8
PKCS7 Encrypted data: PBES2, PBKDF2, AES-128-CBC, Iteration 600000, PRF hmacWithSHA512
Certificate bag
PKCS7 Data
Shrouded Keybag: PBES2, PBKDF2, AES-128-CBC, Iteration 600000, PRF hmacWithSHA512
Additional info:
- maybe the control doesn't have to be --hash
- int gnutls_pkcs12_bag_encrypt(gnutls_pkcs12_bag_t bag, const char * pass, unsigned int /gnutls_pkcs_encrypt_flags_t/ flags)
doesn't have a readily available avenue to pass a choice of a PRF, so this might entail quite some work - code reference: https://gitlab.com/gnutls/gnutls/-/blob/c87f5aa5fd5a807a4444e428063db3f8635d378d/lib/x509/pkcs7-crypt.c#L1579
- related change: bz1764199
- wishlist-grade, as this should be workaroundable
- external trackers
