[Bug 3013] New: Use the PKCS#8 formatted PEM files instead of insecure "traditional PEM"

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Thu May 23 01:37:20 AEST 2019


https://bugzilla.mindrot.org/show_bug.cgi?id=3013

            Bug ID: 3013
           Summary: Use the PKCS#8 formatted PEM files instead of insecure
                    "traditional PEM"
           Product: Portable OpenSSH
           Version: 8.0p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh-keygen
          Assignee: unassigned-bugs at mindrot.org
          Reporter: jjelen at redhat.com

Created attachment 3286
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3286&action=edit
generate PEM files in new PKCS#8 format

OpenSSL 1.0 introduced the following change according to the changelog
[1]:

>  *) Make PKCS#8 the default write format for private keys, replacing the
>    traditional format. This form is standardised, more secure and doesn't
>    include an implicit MD5 dependency.
>    [Steve Henson]

This is getting rid of of the old "traditional PEM" format and use the
standardized PKCS#8 one. Unfortunately, the users of the old API are
left with the old format, because the new format requires the use of a
new API.

I think OpenSSH should make use of this new format and use more secure
keys without leaving the users that need some interoperability (can not
use the new OpenSSH format) with the old (potentially) insecure format.

The attached patch modifies the PEM export function to use the new API
and generate PKCS#8 PEM files. They are readable by existing OpenSSL
API so this is the only change needed.

[1]
https://git.openssl.org/gitweb/?p=openssl.git;a=blob_plain;f=CHANGES;hb=refs/heads/OpenSSL_1_0_0-stable

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list