1

Our application includes a script which converts p12 to pem format. Operating System is RHEL 7 FIPS enabled and it's using OpenSSL 1.0.2k-fips library.Script fails with the below error during this pem conversion. Tried few algorithms other than RC2-40 and it's still a failure, trying to find the right flags to pass in the openssl command for making this pem conversion successful, any suggestions:

Command :

openssl pkcs12 -in app1-serverpub.p12 -certpbe pbeWithSHA1And3-KeyTripleDES-CBC -keypbe pbeWithSHA1And3-KeyTripleDES-CBC -out ca-bundle.pem -passin pass:xxxx -info

Error :

MAC Iteration 100000  
MAC verified OK  
PKCS7 Encrypted data: `pbeWithSHA1And40BitRC2-CBC`, Iteration 50000  
Error outputting keys and certificates  
139990890305424:error:060740A0:digital envelope routines:EVP_PBE_CipherInit:unknown cipher:evp_pbe.c:181:  
139990890305424:error:23077073:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 algor cipherinit error:p12_decr.c:87: 
139990890305424:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt error:p12_decr.c:139:

========================================================================

Tried the below command per various suggestions, still not able to override this error :

openssl pkcs12 -in app1-serverpub.p12 -out ca-bundle.pem -passin pass:xxxx -descert -info
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 50000

  1. Please suggest right algorithm/correct values to try for certpbe, keypbe
  2. openssl command to use any algorithm which overrides RC2-40 which is not FIPS complaint

Thanks.

whoami - fakeFaceTrueSoul
  • 17,086
  • 6
  • 32
  • 46
Suresh
  • 11
  • 1
  • 2

1 Answers1

0

Options -certpbe -keybpe -descert only apply when using openssl pkcs12 -export to create a PKCS12 file (from PEM files for key and cert(s)). They are ignored, not implemented, discarded, ineffectual and useless when reading an existing file, as you are doing. An existing p12 file has parts of its content (called 'bags') encrypted using algorithms chosen when the encryption is done, and the file you have has already been encrypted using the algorithms that were used -- in the past -- apparently including RC2-40 for the cert bag, as is very common and de facto standard (and the default for openssl when not in FIPS mode). Nothing you do now can change this, as it occurred in the past and time only goes forward not backward.

Depending on the reason(s) this system is used in FIPS mode, you may be able to get permission to run this specific operation in non-FIPS mode. I assume the output PEM files are to be used on this system, and whoever makes these decisions will probably require that the privatekey output be FIPS-compliant, but that's okay because the OpenSSL default of pkcs12pbe-using-SHA1-plus-3DES is(are) Approved.

Alternatively, you must either have whoever or whatever creates this file use Approved algorithms, or you must convert it to do so on another system which doesn't enforce FIPS; on that system you could use:

openssl pkcs12 -in bad.p12 -passin whatever -nodes | openssl pkcs12 -export -descert -passout whatever -out good.p12

This converts the contents to PEM and pipes them directly to a process which converts back to a new, compliant p12. Using -nodes avoids the need to specify or enter a redundant password (at least twice) for the internal piped data, but you can omit it if you (or your rule-setter) prefer.

dave_thompson_085
  • 34,712
  • 6
  • 50
  • 70
  • 1
    we ran the command in non-fips OS and it's working as expected. Tried skipping the p12 conversion and used this method as per someone's comment and it works fine. keytool -list -rfc -keystore "truststore.jks" -storepass ${truststorePass} | sed -e '/-*BEGIN [A-Z]*-*/,/-*END [A-Z]-*/!d' > ca-bundle.pem – Suresh Jan 10 '20 at 16:28