8 Jan
8 Jan
10:01 p.m.
Hi Jon,
Unfortunately parts of Mbed TLS's PKCS5 and PKCS12 modules haven't been updated in a very long time, from way back when OpenSSL still used DES by default there. There is a pull request to fix this: https://github.com/Mbed-TLS/mbedtls/pull/7604 . It was stuck for a while because it needed rework, but I see that it's now up for review. Hopefully we'll manage to review it in time for the next release.
Best regards,
--
Gilles Peskine
Mbed TLS developer
On 29/12/2023 01:41, jtrauntvein--- via mbed-tls wrote:
>
> I have an RSA private key file generated with openssl that is
> encrypted using the aes-128-cbc method. The content of this key is as
> follows:
>
> -----BEGIN ENCRYPTED PRIVATE KEY-----
>
> MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIsWjkRdsPP9ICAggA
>
> MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAECBBB5NuIUsFZvPCRWX4PwvN+aBIIE
>
> 0Pos3/0Q7vVbRxnpmx3b3H3uOuILQ28vayLi4dtIg3SAEATSbShEzSIee1txKKcT
>
> iE2rAMs6Wr/NRjHxgdzPZIUjvkNr5xMRn9OfzUCXOxF345RUP8seK701VceatHIz
>
> Bv6R9WSUMofZ5TnV4qiUwtfmEgc1fkyCEjrzpu6Er2YijY7rHm/YDT+45hz3m3Rs
>
> MRW1ulPTzLw9GO/pbqg87yvZ1L9AhPpaWj0SRQJga7cuGglDAYDkl5lGRFNMAN3W
>
> cttgxvaWaENGgerVtofQJdXJGHypuRKMw/23KmpQWpH/pHrkj4/8z3C4EztWNkQd
>
> +kxV+eM7Yrq/BIT+mF0H7eoG45x27SKZx3TocQdHQn1xqv9zYLn9AcnDWH2CxH/4
>
> t+X/CopmzAVNWZmmxJpQ4Uxr1O3rdn3q6qtFPNrinj9zTPAlVYouhzD78X9dsOUR
>
> jj+y5Q0MP7RLfQqaXW+dS4E8hT54BP3QGIir5DN5Lz3iH3xNJtHfsPsSAE0rORzH
>
> 6A1bFhJ8F3Xcm0Dj+lGPzMTHXWqIChb+rZNV81/w9EUFVLggXrsNqhJXqU5iCq1E
>
> thQx35YF1RD+R0SbuqF6x2OHlNvVJwEM2PvXpJw+tl9N5aLWCv0S9X42SD4T6W1N
>
> /9fX8tak8Cctm6zUDnOh5M9o3TD7nnf+17g85M6XQ8EYXFnsQywoMIgkAVMj+TJq
>
> ndMn2Z2Dcyc8LRA3itNytCSL2qhzVVTnDkF8KhkF6Bv82Il2WjzMHsoVFoOMKN8I
>
> fcD22wZDvW1NtrkJYI6vge57k4gyDHYRPVd1L4/hKdITuwDUOX6M0rNi07n9WTId
>
> bZs+PYnntkzi+8jQSbKenUrq9L3loTHmVJHKNYR63w6VtHLxrXSbNrzOxxOcPAD3
>
> DMNi6vf6DivQYcOtNFXtFt7A5ZLB0LYLzJyAm5+5DJ0LCWr+OgfNi7sLcb9QaXEy
>
> YwWgMmdaK9KzGH/bkUaaxOUj58eFcvh0/JfO933VXYuGGcZbr9KHnj5AIJZ1GW1J
>
> xbdVpa6C1y3YfALxCjddm+P6SslY+6SatDHDaAl6UR/pALx8J7n2WhBZXYuTMcC7
>
> BdespFdPaOrVUq54jiwc0/IiX+LDSmhw5QBgk5/96pkjta/RKFgbijzbO2Hqd/sr
>
> 1Os5q0hy06CURK6hZKPeBrj7tUHEEN7/nvXp7kYmPvxbY9X6qMbBEKWBdcent/zp
>
> giekyYktJ4i1+3xYp8Bm3fB7el3+H6F1ut6b91rnvF9hScEMEHO+iUuGKBotZuGW
>
> Le223uzCzoqyd2BuYtM90JgeTLNT/j894a1jN0HYqz2mWsyqQ3cEhOzEB/M92OwJ
>
> f+nygSET9Vwkd8Uhf1/rrFC5cNSuL9Qk+AZn7QFWOApo4h1X/jBiapuRVzQlLLUm
>
> 2frQ/962x36cHXoz/KYcaODtJhTtvVWHY4BLKxtugjVf7kz7fx/vO+djKd9ZOLmk
>
> dUY+8uIWXa59AIq+/dqeVvH6UFB55ghm08mgISZXTL8Xwr8/e/hlallsEacarlVZ
>
> TfQCLPDkDYfQAJYbmRSD02eSxA5Vh+FAMfu06BrNJEUuY48yiIAB/6JP6r4oA8xV
>
> eRElHaP2949fXF0dTLicCnYHktE/lep8Aj6MZW9jbaTX
>
> -----END ENCRYPTED PRIVATE KEY-----
>
> When my program attempts to load this key by calling
> mbedtls_pk_parse_key(), I am getting a parse key failure: “PKCS5 -
> Requested encryption or digest alg not available). I have traced
> this through the debugger until I reach code generated by the
> FN_OID_TYPED_FROM_ASN1() and FN_OID_GET_ATTR1() macros which, as best
> I can tell in this particular use case, rely on a global array of
> cipher declarations:
>
> staticconstoid_cipher_alg_toid_cipher_alg[]=
>
> {
>
> {
>
> OID_DESCRIPTOR(MBEDTLS_OID_DES_CBC,"desCBC","DES-CBC"),
>
> MBEDTLS_CIPHER_DES_CBC,
>
> },
>
> {
>
> OID_DESCRIPTOR(MBEDTLS_OID_DES_EDE3_CBC,"des-ede3-cbc","DES-EDE3-CBC"),
>
> MBEDTLS_CIPHER_DES_EDE3_CBC,
>
> },
>
> {
>
> NULL_OID_DESCRIPTOR,
>
> MBEDTLS_CIPHER_NONE,
>
> },
>
> };
>
> I have attempted to alter this array declaration by adding support for
> AES encryption as follows:
>
> staticconstoid_cipher_alg_toid_cipher_alg[]=
>
> {
>
> {
>
> OID_DESCRIPTOR(MBEDTLS_OID_DES_CBC,"desCBC","DES-CBC"),
>
> MBEDTLS_CIPHER_DES_CBC,
>
> },
>
> {
>
> OID_DESCRIPTOR(MBEDTLS_OID_DES_EDE3_CBC,"des-ede3-cbc","DES-EDE3-CBC"),
>
> MBEDTLS_CIPHER_DES_EDE3_CBC,
>
> },
>
> {
>
> OID_DESCRIPTOR(MBEDTLS_OID_AES,"aes-128-cbc","AES-128-CBC"),
>
> MBEDTLS_CIPHER_AES_128_CBC
>
> },
>
> {
>
> NULL_OID_DESCRIPTOR,
>
> MBEDTLS_CIPHER_NONE,
>
> },
>
> };
>
> I have found, however, that this addition does not appear to make any
> difference in the outcome of the key parsing call.
>
> I have found that the key file can be parsed when I generate an
> openssl key file with the “-traditional” flag and the key file is
> presented in the following form:
>
> -----BEGIN RSA PRIVATE KEY-----
>
> Proc-Type: 4,ENCRYPTED
>
> DEK-Info: AES-128-CBC,F4B5C3EF18218C3D98AA822064A8C32F
>
> 6sgGn751Ljr1EDn6JY3GtCHIeExVGwq79aQ/8ATlfkO40WeJKTqQDrqMOe4pwMRM
>
> sUlL2XP1U8frZk7tDUgtVlzs9xA4XIT0XSxjqTVJDEaj9mrMjGSSXwRRXhN2XXci
>
> /v3zE6g4BZReNsKZR0Q/P/jal2mWm2uEYGd8Bat6gubl1HqUf4kha4bFjXrUC/7J
>
> 4CTGzbdwcz5qP1JjaRh0X30QKNXmCbQdw14XEe9UxAM1Uk9fm1/eKGr0bhEfAE8h
>
> li9lTY6nOPZYgcU3XoOykOZ6SAE4qgUJ+0GFoyJ2oCpkB9xhxei0kPsyRdkp60/W
>
> uF97vtZUw0oLqWpnPfk4OzkaHm/pWsrq2MoBH/ioss75LbcEmkQsiehXEsr9CsV6
>
> AGY342TszFqOKh5NICdAV/BCxBRf/YyMqITer/4O1HmdjC+WaONa1OdunH4cSe3o
>
> QrZ+NZQkrzo1bFF+q1f8AQTyWS6imgkSrOxA0QEDsDVySsfDpWgiMjzuXDZR58zc
>
> KMGYIfEO8YjYrMD1guZ+5pAX0GvvLlqmFUw8Xkyw3vwSJF1fVZjlzG879n5V8IkG
>
> g9YuloFOMVL0ePej/bhb+kd95pjCCsXteGli0gKggE/2EM05wukrDXGlfOUoAcWg
>
> UtnwU69OXo7Gk3BFac1K0Fh9wCxk4yqkUlsVHtU/txuTzRGGfYO4SH9YHv6dpSZx
>
> 0Jmi2fU2KarPLYJOMdRi5t62hjzykM8Lqez/mzqaKG0WWt07qXBMtso+EaLzx42r
>
> Gdc8sb2EH0FpweKW2x5oSsJPLSItZd40QrOYWkwGGFinotr+1T990QjF/q6471bH
>
> D2RhNwO3xviPUpu3sHUeG29dbk3EKsofe8Yw+0+jSY7bW0akdYZfdxSlH1dfnue4
>
> 9eFccDO0xiMxgx19NV1GFxSrY3AwQkoG7U0d204432O50VRLqAZsHIwmbcx5sEHF
>
> 1/GP6nq1Lwm1OzDs2M5/2cnzgNpDszxLrXqKcEZjGYJ8adSNdabus9C0ag3Yi62s
>
> Dgavq5XpBayZbOohSUuSiUVJ+YHONLHcKyFJlOUTSsklW6um/VQmgnN2MpEucDni
>
> iYYYZpqiM6+WHaIk37O9WbrxVEua/OCFqTgTuLh7h98ygI9jhBhQC6CBtl9q+h2c
>
> m+nRNId5oWmOhD2sJmME8nNTSs8qXLha9mXj1eTS9vn8lG0aXj24qXfZ2Ns6iIBl
>
> +M+wd3f7YeqX2H9sO+avN5jnZcPPpCpESQzzKcj8bDMzXb1jfxK7fyiTeSX1eX8r
>
> dgKCXiBcu0oPXq8ntUSgU/0SWJFA9xHBuB8J0+y9XvhHncd0avP2wrA8qx/g334Z
>
> bm3MtCiMNkRd9v9j9EpXpLUOwRgsxWKz40tNXHo2SPkyS0U3jIAYQwBr1Ot1DlBN
>
> 7GLFZE2ce/3Js3y6JSr9kXq1V8qwqcx9XTutNc4PtM8/kmW+jKg2NKu/aRPykae5
>
> JuRfiOxF7Pr1rwSyz1GAO97Z7yd/q35k5o4AQiTjvPKp/d/j1MuJF6n/4Yso5Lwn
>
> cSiKgdWulCnKEKkOV9q5n9fVMXtid0QBXRcvbyyUBveVwkqxu5K2lVHPnn5CB/pz
>
> -----END RSA PRIVATE KEY-----
>
> The parsing attempt will succeed.
>
> I had hoped that updating to the latest version of mbedtls would
> address this problem but it still persists. I would love to try to
> fix the problem and submit a patch but am operating at the limits of
> my familiarity with the way that mbed-tls parses the ASN.1 structure
> and matches OID content. This is a mid-level priority for me because
> there is a work-around but I am concerned that this problem may crop
> up with a customer who is using the server that I have written. I
> would appreciate any advice on thjis matter.
>
> Regards,
>
> Jon Trauntvein
>
>
319
days inactive
329
days old
mbed-tls@lists.trustedfirmware.org
1 comments
participants
participants (2)
-
Gilles Peskine -
jtrauntvein@gmail.com