Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CA Private Key will be encrypted with des-ede3-cbc during build-ca with OpenSSL 3.x #1122

Open
lysiszegerman opened this issue Apr 14, 2024 · 7 comments · Fixed by #1123 or #1124
Open

Comments

@lysiszegerman
Copy link

I noticed some weirdness with the encryption of the CA private key, it always came out encrypted with des-ede3-cbc, no matter which settings I used, and was hunting it down, here's what I found out so far.

Steps to reproduce:

  • Checkout easy-rsa, switched to branch v3.1.8 (to make sure to get the latest version, I've seen this behaviour with 3.1.0-1 shipped with Debian bookworm and 3.1.7 coming with Homebrew on Mac)

  • Create empty directory, i.e. no special settings, all defaut

  • easyrsa init-pki

  • easyrsa build-ca

Verify encryption of the private key:

$ openssl asn1parse -in pki/private/ca.key
    0:d=0  hl=4 l=1308 cons: SEQUENCE
    4:d=1  hl=2 l=  78 cons: SEQUENCE
    6:d=2  hl=2 l=   9 prim: OBJECT            :PBES2
   17:d=2  hl=2 l=  65 cons: SEQUENCE
   19:d=3  hl=2 l=  41 cons: SEQUENCE
   21:d=4  hl=2 l=   9 prim: OBJECT            :PBKDF2
   32:d=4  hl=2 l=  28 cons: SEQUENCE
   34:d=5  hl=2 l=   8 prim: OCTET STRING      [HEX DUMP]:F476ED86F57305B7
   44:d=5  hl=2 l=   2 prim: INTEGER           :0800
   48:d=5  hl=2 l=  12 cons: SEQUENCE
   50:d=6  hl=2 l=   8 prim: OBJECT            :hmacWithSHA256
   60:d=6  hl=2 l=   0 prim: NULL
   62:d=3  hl=2 l=  20 cons: SEQUENCE
   64:d=4  hl=2 l=   8 prim: OBJECT            :des-ede3-cbc
   74:d=4  hl=2 l=   8 prim: OCTET STRING      [HEX DUMP]:3DD97B1607E6A620
[...]

OpenSSL version on Debian bookworm: OpenSSL 3.0.11 19 Sep 2023 (Library: OpenSSL 3.0.11 19 Sep 2023)
OpenSSL version on Mac: OpenSSL 3.2.1 30 Jan 2024 (Library: OpenSSL 3.2.1 30 Jan 2024)

This doesn't happen on Debian old-stable.
OpenSSL version on Debian old-stable: OpenSSL 1.1.1w 11 Sep 2023

By executing the two openssl commands from the build_ca function by hand I could reproduce this behaviour. First openssl genpkey is called creating $out_key_tmp. This key is correctly encrypted with aes-256-cbc (checked with openssl asn1parse as above). Then openssl req -new is called with -key $out_key_temp -keyout $out_key_temp. This overwrites the previously generated private key and encrypts it with des-ede3-cbc.

There also doesn't seem to be an option to specify the encyption of the -keyout, so we cannot force the encryption to be aes256. However, it might be possible just to leave out the -keyout parameter, since we already generated the key and just overwriting it doesn't change it anyways. Calling openssl req by hand without the -keyout parameter works, I don't know if this would have any other side effects in easyrsa though.

@TinCanTech
Copy link
Collaborator

@lysiszegerman Thanks for reporting this, I confirm this bug as outlined above.

@TinCanTech
Copy link
Collaborator

The reason that the OpenSSL version makes a difference is that, OpenSSL v1.x does not output a file defined by -newkey tmp-file; where-as OpenSSL v3.x does output a file defined by -newkey tmp-file. And this over-writes the existing file with different parameters.

@TinCanTech TinCanTech self-assigned this Apr 14, 2024
@TinCanTech TinCanTech modified the milestones: v3.2.0, v3.1.8 Apr 14, 2024
@TinCanTech TinCanTech linked a pull request Apr 14, 2024 that will close this issue
@TinCanTech
Copy link
Collaborator

Re-opening for v3.1.7

@TinCanTech TinCanTech reopened this Apr 17, 2024
@TinCanTech TinCanTech modified the milestones: v3.2.0, v3.1.8 Apr 17, 2024
@TinCanTech TinCanTech linked a pull request Apr 17, 2024 that will close this issue
@TinCanTech
Copy link
Collaborator

Closed via 73d8416

@TinCanTech
Copy link
Collaborator

@lysiszegerman git/v3.1.8 can be pulled and tested.

@TinCanTech TinCanTech reopened this Apr 18, 2024
@lysiszegerman
Copy link
Author

Perfect, thanks a lot for the quick fix, looks good now on both macos and Debian stable for me.

@TinCanTech
Copy link
Collaborator

The "quick fix" was only made possible by your detailed analysis of the problem, thank you.

Also, thanks for testing and returning your results.

Closed as completed:

@TinCanTech TinCanTech reopened this Oct 6, 2024
@TinCanTech TinCanTech added the Sticky Remain open label Oct 6, 2024
@TinCanTech TinCanTech removed this from the v3.1.8 milestone Oct 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment