diff options
| author | Fraser Tweedale <ftweedal@redhat.com> | 2017-04-06 13:27:56 +1000 |
|---|---|---|
| committer | Matthew Harmsen <mharmsen@redhat.com> | 2017-04-29 23:50:07 -0600 |
| commit | 012718d24aff8c37713f42f2ca69c5bd7aec97df (patch) | |
| tree | 378cfb8e282b99b50b02c72a5a62fe66ed805476 /base/kra/src/com | |
| parent | 118f648961e502f55d6997f59f6cf8f355218da5 (diff) | |
| download | pki-012718d24aff8c37713f42f2ca69c5bd7aec97df.tar.gz pki-012718d24aff8c37713f42f2ca69c5bd7aec97df.tar.xz pki-012718d24aff8c37713f42f2ca69c5bd7aec97df.zip | |
KRA: use AES in PKCS #12 recovery for wrapped keys
The KRA has two private key recovery code paths: one dealing with
keys wrapped to the storage key, and one dealing with symmetrically
encrypted keys. Each has a separate function for constructing a
PKCS #12 file for the recovered key.
This commit updates the PKCS #12 generation for wrapped keys to use
AES encryption. The JSS PBE facility is not expressive enough to
handle PBES2 encryption, which is necessary for many algorithms
including AES, so we now use CryptoStore.getEncryptedPrivateKeyInfo.
Part of: https://pagure.io/dogtagpki/issue/2610
Change-Id: Iba67f15642338316e4a6d09f78504327e8853b85
(cherry picked from commit 8e663b6270d9a9409a04bfcb445318a6d5622b52)
Diffstat (limited to 'base/kra/src/com')
| -rw-r--r-- | base/kra/src/com/netscape/kra/RecoveryService.java | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/base/kra/src/com/netscape/kra/RecoveryService.java b/base/kra/src/com/netscape/kra/RecoveryService.java index 5609b190e..eee800aa8 100644 --- a/base/kra/src/com/netscape/kra/RecoveryService.java +++ b/base/kra/src/com/netscape/kra/RecoveryService.java @@ -31,6 +31,7 @@ import java.util.Random; import org.mozilla.jss.CryptoManager; import org.mozilla.jss.asn1.ASN1Util; +import org.mozilla.jss.asn1.ANY; import org.mozilla.jss.asn1.ASN1Value; import org.mozilla.jss.asn1.BMPString; import org.mozilla.jss.asn1.OCTET_STRING; @@ -38,6 +39,7 @@ import org.mozilla.jss.asn1.SEQUENCE; import org.mozilla.jss.asn1.SET; import org.mozilla.jss.crypto.CryptoToken; import org.mozilla.jss.crypto.PBEAlgorithm; +import org.mozilla.jss.crypto.EncryptionAlgorithm; import org.mozilla.jss.crypto.PrivateKey; import org.mozilla.jss.pkcs12.AuthenticatedSafes; import org.mozilla.jss.pkcs12.CertBag; @@ -484,20 +486,20 @@ public class RecoveryService implements IService { SEQUENCE safeContents = new SEQUENCE(); PasswordConverter passConverter = new PasswordConverter(); - Random ran = new SecureRandom(); - byte[] salt = new byte[20]; - ran.nextBytes(salt); - ASN1Value key = EncryptedPrivateKeyInfo.createPBE( - PBEAlgorithm.PBE_SHA1_DES3_CBC, - pass, salt, 1, passConverter, priKey, ct); - CMS.debug("RecoverService: createPFX() EncryptedPrivateKeyInfo.createPBE() returned"); - if (key == null) { - CMS.debug("RecoverService: createPFX() key null"); - throw new EBaseException("EncryptedPrivateKeyInfo.createPBE() failed"); + byte[] epkiBytes = ct.getCryptoStore().getEncryptedPrivateKeyInfo( + /* NSS has a bug that causes any AES CBC encryption + * to use AES-256, but AlgorithmID contains chosen + * alg. To avoid mismatch, use AES_256_CBC. */ + passConverter, pass, EncryptionAlgorithm.AES_256_CBC, 0, priKey); + CMS.debug("RecoverService: createPFX() getEncryptedPrivateKeyInfo() returned"); + if (epkiBytes == null) { + CMS.debug("RecoverService: createPFX() epkiBytes null"); + throw new EBaseException("getEncryptedPrivateKeyInfo returned null"); } else { - CMS.debug("RecoverService: createPFX() key not null"); + CMS.debug("RecoverService: createPFX() epkiBytes not null"); } + ASN1Value key = new ANY(epkiBytes); SET keyAttrs = createBagAttrs( x509cert.getSubjectDN().toString(), |