Bug 2063947

Summary: openssl req defaults to 3DES
Product: Red Hat Enterprise Linux 9 Reporter: Alexander Sosedkin <asosedki>
Component: opensslAssignee: Dmitry Belyavskiy <dbelyavs>
Status: CLOSED CURRENTRELEASE QA Contact: Alicja Kario <hkario>
Severity: low Docs Contact: Jan Fiala <jafiala>
Priority: low    
Version: 9.0CC: cllang, dbelyavs, hkario, jafiala, ssorce
Target Milestone: rcKeywords: Triaged, ZStream
Target Release: ---Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openssl-3.0.1-29.el9 Doc Type: Bug Fix
Doc Text:
.OpenSSL `req` uses AES-256-CBC for private keys encryption Previously, the OpenSSL `req` tool encrypted private key files by using the 3DES algorithm. Because the 3DES algorithm is insecure and disallowed in the current FIPS 140 standard for cryptographic modules, `req` now generates private key files encrypted using the AES-256-CBC algorithm instead. The overall PKCS#8 file format remains unchanged.
 Story Points: ---
Clone Of:
: 2085499 (view as bug list) Environment:
Last Closed: 2023-06-05 16:09:48 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2085499    

Description Alexander Sosedkin 2022-03-14 17:18:16 UTC 
Description of problem: openssl req still defaults to 3DES for private key encryption
Version-Release number of selected component: openssl-3.0.1-5.el9
How reproducible: always
Steps to Reproduce: openssl req -newkey 4096
Expected results: cute +*. mashup, retcode 0, key file

Actual results:
804B3713977F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:349:Global default library context, Algorithm (DES-EDE3-CBC : 27), Properties (<null>)

Additional info: -nodes works, but we should have modern, secure and FIPS-compatible defaults.
Comment 3 Dmitry Belyavskiy 2022-05-12 11:40:36 UTC 
We consider AES-256-CBC is the best choice
Comment 6 Dmitry Belyavskiy 2022-05-13 14:09:55 UTC 
*** Bug 2085397 has been marked as a duplicate of this bug. ***
Comment 14 Clemens Lang 2023-06-05 16:09:48 UTC 
RHEL 9.1 contains openssl-3.0.1-43.el9_0.