2048557 – gnutls certtool pkcs12 export doesn't let selecting a PRF

Bug 2048557 - gnutls certtool pkcs12 export doesn't let selecting a PRF

Summary: gnutls certtool pkcs12 export doesn't let selecting a PRF

Keywords:
Status:	NEW
Alias:	None
Product:	Red Hat Enterprise Linux 9
Classification:	Red Hat
Component:	gnutls
Sub Component:
Version:	9.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	low
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Daiki Ueno
QA Contact:	Alexander Sosedkin
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-01-31 14:11 UTC by Alexander Sosedkin
Modified:	2023-07-04 13:00 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	CRYPTO-8529	0	None	None	None	2022-10-12 11:57:43 UTC
Red Hat Issue Tracker	RHELPLAN-110406	0	None	None	None	2022-01-31 14:14:17 UTC

Description Alexander Sosedkin 2022-01-31 14:11:08 UTC

Description of problem: certtool --to-p12 always uses hmacWithSHA256
Version-Release number of selected component (if applicable): gnutls-3.7.3-1.el9
How reproducible: always

Steps to Reproduce:
 1. openssl req -x509 -newkey rsa -keyout localhost.key -out localhost.crt -subj /CN=localhost -nodes -batch
 2. certtool --to-p12 --outder --p12-name localhost --load-certificate localhost.crt --load-privkey localhost.key --outfile p12 --password pass --hash SHA512
 3. openssl pkcs12 -in p12 -info -nodes -noout -passin pass:pass

Actual results:
    MAC: sha512, Iteration 600000
    MAC length: 64, salt length: 8
    PKCS7 Encrypted data: PBES2, PBKDF2, AES-128-CBC, Iteration 600000, PRF hmacWithSHA256
    Certificate bag
    PKCS7 Data
    Shrouded Keybag: PBES2, PBKDF2, AES-128-CBC, Iteration 600000, PRF hmacWithSHA256

Expected results:
    MAC: sha512, Iteration 600000
    MAC length: 64, salt length: 8
    PKCS7 Encrypted data: PBES2, PBKDF2, AES-128-CBC, Iteration 600000, PRF hmacWithSHA512
    Certificate bag
    PKCS7 Data
    Shrouded Keybag: PBES2, PBKDF2, AES-128-CBC, Iteration 600000, PRF hmacWithSHA512

Additional info:
  * maybe the control doesn't have to be --hash
  * int gnutls_pkcs12_bag_encrypt(gnutls_pkcs12_bag_t bag, const char * pass, unsigned int /*gnutls_pkcs_encrypt_flags_t*/ flags)
    doesn't have a readily available avenue to pass a choice of a PRF, so this might entail quite some work
  * code reference: https://gitlab.com/gnutls/gnutls/-/blob/c87f5aa5fd5a807a4444e428063db3f8635d378d/lib/x509/pkcs7-crypt.c#L1579
  * related change: bz1764199
  * wishlist-grade, as this should be workaroundable

Note You need to log in before you can comment on or make changes to this bug.