Bug 2035549 - Genkey ecparam - ECDSA key, P-384 (secp384r1).
Summary: Genkey ecparam - ECDSA key, P-384 (secp384r1).
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: dehydrated
Version: epel7
Hardware: Unspecified
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Paul Wouters
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-12-24 16:09 UTC by Admins
Modified: 2023-06-09 02:06 UTC (History)
2 users (show)

Fixed In Version: dehydrated-0.7.1-1.fc39 dehydrated-0.7.1-1.fc37 dehydrated-0.7.1-1.el8 dehydrated-0.7.1-1.el9 dehydrated-0.7.1-1.fc38 dehydrated-0.7.1-1.el7
Doc Type: ---
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-05-31 01:40:35 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description Admins 2021-12-24 16:09:26 UTC
A feature of the latest dehydrated versions is the use of the default ECDSA key, P-384 (secp384r1). When dehydrated creates an EC private key file, it looks like this:

-----BEGIN EC PARAMETERS-----
xxxxxxxxxxxxxx
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxx
-----END EC PRIVATE KEY-----

However, the go standard libraries will not read a key with this parameters section, and therefore this affects any application written in go. It can be fixed by adding flag -noout to get just the key.

The dehydrated repository has accepted this change and added the flag -noout  - 
https://github.com/dehydrated-io/dehydrated/blob/master/dehydrated

Could you please update the dehydrated packages in the repository so that the installing version also has this fix.

Comment 1 Fedora Update System 2023-05-31 01:39:21 UTC
FEDORA-2023-a214e0ccd2 has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2023-a214e0ccd2

Comment 2 Fedora Update System 2023-05-31 01:40:35 UTC
FEDORA-2023-a214e0ccd2 has been pushed to the Fedora 39 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 3 Fedora Update System 2023-05-31 01:50:40 UTC
FEDORA-2023-45452b76ae has been submitted as an update to Fedora 38. https://bodhi.fedoraproject.org/updates/FEDORA-2023-45452b76ae

Comment 4 Fedora Update System 2023-05-31 01:50:41 UTC
FEDORA-EPEL-2023-05dee96e44 has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-05dee96e44

Comment 5 Fedora Update System 2023-05-31 01:50:41 UTC
FEDORA-2023-4ea8563242 has been submitted as an update to Fedora 37. https://bodhi.fedoraproject.org/updates/FEDORA-2023-4ea8563242

Comment 6 Fedora Update System 2023-05-31 01:50:42 UTC
FEDORA-EPEL-2023-4df80860ed has been submitted as an update to Fedora EPEL 9. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-4df80860ed

Comment 7 Fedora Update System 2023-05-31 01:50:44 UTC
FEDORA-EPEL-2023-a16f4a48de has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-a16f4a48de

Comment 8 Fedora Update System 2023-06-01 01:47:38 UTC
FEDORA-2023-4ea8563242 has been pushed to the Fedora 37 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-4ea8563242`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-4ea8563242

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 9 Fedora Update System 2023-06-01 02:27:43 UTC
FEDORA-EPEL-2023-05dee96e44 has been pushed to the Fedora EPEL 8 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-05dee96e44

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 10 Fedora Update System 2023-06-01 02:33:57 UTC
FEDORA-EPEL-2023-4df80860ed has been pushed to the Fedora EPEL 9 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-4df80860ed

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 11 Fedora Update System 2023-06-01 02:39:39 UTC
FEDORA-EPEL-2023-a16f4a48de has been pushed to the Fedora EPEL 7 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-a16f4a48de

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 12 Fedora Update System 2023-06-01 03:16:13 UTC
FEDORA-2023-45452b76ae has been pushed to the Fedora 38 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-45452b76ae`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-45452b76ae

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 13 Fedora Update System 2023-06-09 01:37:40 UTC
FEDORA-2023-4ea8563242 has been pushed to the Fedora 37 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 14 Fedora Update System 2023-06-09 01:51:21 UTC
FEDORA-EPEL-2023-05dee96e44 has been pushed to the Fedora EPEL 8 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 15 Fedora Update System 2023-06-09 01:57:22 UTC
FEDORA-EPEL-2023-4df80860ed has been pushed to the Fedora EPEL 9 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 16 Fedora Update System 2023-06-09 01:59:44 UTC
FEDORA-2023-45452b76ae has been pushed to the Fedora 38 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 17 Fedora Update System 2023-06-09 02:06:25 UTC
FEDORA-EPEL-2023-a16f4a48de has been pushed to the Fedora EPEL 7 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.