diff options
| author | Jun Aruga <jaruga@redhat.com> | 2026-01-19 13:23:24 +0000 |
|---|---|---|
| committer | git <svn-admin@ruby-lang.org> | 2026-02-02 17:06:08 +0000 |
| commit | e690a8f39a121a2532586a321db7c4dfa1d867df (patch) | |
| tree | 0dd49637c863cf3cfa32c196a9b916c9f877d866 | |
| parent | a2ca4aa9ae9b917616b27d4605162003c7009269 (diff) | |
[ruby/openssl] Fix test_pkcs12.rb in FIPS.
* OpenSSL::PKCS12.create calling the PKCS12_create() has the argument mac_iter
which uses a MAC key using PKCS12KDF which is not FIPS-approved.
* OpenSSL::PKCS12.new with base64-encoded example calling PKCS12_parse()
verifies the MAC key using PKCS12KDF which is not FIPS-approved.
* PBE-SHA1-3DES uses PKCS12KDF which is not FIPS-approved according to the RFC
7292 PKCS#12.
https://datatracker.ietf.org/doc/html/rfc7292#appendix-C
> The PBES1 encryption scheme defined in PKCS #5 provides a number of
> algorithm identifiers for deriving keys and IVs; here, we specify a
> few more, all of which use the procedure detailed in Appendices B.2
> and B.3 to construct keys (and IVs, where needed). As is implied by
> their names, all of the object identifiers below use the hash
> function SHA-1.
> ...
> pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3}
Note that the pbeWithSHAAnd3-KeyTripleDES-CBC (pkcs12-pbeids 3) in the RFC
7292 PKCS#12 means PBE-SHA1-3DES in OpenSSL. PKCS12KDF is used in PKCS#12.
https://oidref.com/1.2.840.113549.1.12.1.3
https://github.com/openssl/openssl/blob/ed57d1e06dca28689190e00d9893e0fd7ecc67c1/crypto/objects/objects.txt#L385
https://github.com/ruby/openssl/commit/2aa6d97a54
| -rw-r--r-- | test/openssl/test_pkcs12.rb | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/test/openssl/test_pkcs12.rb b/test/openssl/test_pkcs12.rb index 1b5328774e..81f7875f9a 100644 --- a/test/openssl/test_pkcs12.rb +++ b/test/openssl/test_pkcs12.rb @@ -3,6 +3,29 @@ require_relative "utils" if defined?(OpenSSL) +# OpenSSL::PKCS12.create calling the PKCS12_create() has the argument mac_iter +# which uses a MAC key using PKCS12KDF which is not FIPS-approved. +# OpenSSL::PKCS12.new with base64-encoded example calling PKCS12_parse() +# verifies the MAC key using PKCS12KDF which is not FIPS-approved. +# +# PBE-SHA1-3DES uses PKCS12KDF which is not FIPS-approved according to the RFC +# 7292 PKCS#12. +# https://datatracker.ietf.org/doc/html/rfc7292#appendix-C +# > The PBES1 encryption scheme defined in PKCS #5 provides a number of +# > algorithm identifiers for deriving keys and IVs; here, we specify a +# > few more, all of which use the procedure detailed in Appendices B.2 +# > and B.3 to construct keys (and IVs, where needed). As is implied by +# > their names, all of the object identifiers below use the hash +# > function SHA-1. +# > ... +# > pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3} +# +# Note that the pbeWithSHAAnd3-KeyTripleDES-CBC (pkcs12-pbeids 3) in the RFC +# 7292 PKCS#12 means PBE-SHA1-3DES in OpenSSL. PKCS12KDF is used in PKCS#12. +# https://oidref.com/1.2.840.113549.1.12.1.3 +# https://github.com/openssl/openssl/blob/ed57d1e06dca28689190e00d9893e0fd7ecc67c1/crypto/objects/objects.txt#L385 +return if OpenSSL.fips_mode + module OpenSSL class TestPKCS12 < OpenSSL::TestCase DEFAULT_PBE_PKEYS = "PBE-SHA1-3DES" |