Description of problem:
When PKCS#12 file is created using pk12util, it uses hmacWithSHA1 as the PRF for PBKDF2 and only 2000 iterations of that function.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
export PKCS#12 file from NSS db using pk12util -o, inspect using openssl pkcs12 or openssl asn1parse
PBKDF2 always uses SHA1 and always uses 2000 iterations
default to SHA256 and higher number of iterations (a million or so, optimally dependent on the speed of CPU)
Created attachment 1343377 [details]
processing times for different ciphers
It will now take about 2s to export key on a 2.6GHz Haswell machine with default settings.
3s if both key and certificate is encrypted with AES-256-CBC.
that seems to me like acceptable performance
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.