U
On Tue, Oct 20, 2015 at 12:12 AM, Jonathan Gray <j...@jsg.id.au
<javascript:;>> wrote:
> On Wed, Oct 01, 2014 at 10:53:34AM +0100, Stuart Henderson wrote:
>> On 2014/10/01 19:05, Joel Sing wrote:
>> > > I should also add that the other obvious/easy "fix" is to initialise
digest
>> > > in openssl/req.c to the SHA-256 EVP. That only changes 'openssl req'
>> > > though.
>> > >
>> > > > (and yes, clearly I've spent too much time in this code base
recently...
>> > > > :)
>> > > >
>> > > > > Index: openssl.cnf
>> > > > >
===================================================================
>> > > > > RCS file: /cvs/src/lib/libcrypto/openssl.cnf,v
>> > > > > retrieving revision 1.1
>> > > > > diff -u -p -r1.1 openssl.cnf
>> > > > > --- openssl.cnf 11 Apr 2014 22:51:53 -0000 1.1
>> > > > > +++ openssl.cnf 30 Sep 2014 22:42:53 -0000
>> > > > > @@ -7,7 +7,8 @@
>> > > > >
>> > > > >
####################################################################
>> > > > > [ req ]
>> > > > > -default_bits = 1024
>> > > > > +default_bits = 2048
>> > > > > +default_md = sha256
>> > > > > default_keyfile = privkey.pem
>> > > > > distinguished_name = req_distinguished_name
>> > > > > attributes = req_attributes
>> >
>> > The following does this, however note that the default_bits of 1024
from
>> > openssl.cnf trumps the 2048 in the define... we probably should also
stop
>> > making EVP_des_ede3_cbc() the default cipher...
>>
>> I think I prefer it this way (changing usr.bin/openssl rather than
>> the library) as there's less risk of impact in unpredictable areas.
>> How about this one?
>
> Any reason to not change the default for crl/ocsp/fingerprints as well?
>
> It looks like openssl(1) could use updating:
> "The digest of choice for all new applications is SHA1."
I like this idea, of course with a man page update as well.
> Index: crl.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/openssl/crl.c,v
> retrieving revision 1.9
> diff -u -p -r1.9 crl.c
> --- crl.c 17 Oct 2015 15:00:11 -0000 1.9
> +++ crl.c 20 Oct 2015 04:48:26 -0000
> @@ -243,7 +243,7 @@ crl_main(int argc, char **argv)
> }
> }
>
> - digest = EVP_sha1();
> + digest = EVP_sha256();
>
> memset(&crl_config, 0, sizeof(crl_config));
> crl_config.informat = FORMAT_PEM;
> Index: ocsp.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/openssl/ocsp.c,v
> retrieving revision 1.7
> diff -u -p -r1.7 ocsp.c
> --- ocsp.c 17 Oct 2015 15:00:11 -0000 1.7
> +++ ocsp.c 20 Oct 2015 04:47:42 -0000
> @@ -355,7 +355,7 @@ ocsp_main(int argc, char **argv)
> if (!cert)
> goto end;
> if (!cert_id_md)
> - cert_id_md = EVP_sha1();
> + cert_id_md = EVP_sha256();
> if (!add_ocsp_cert(&req, cert,
cert_id_md, issuer, ids))
> goto end;
> if (!sk_OPENSSL_STRING_push(reqnames,
*args))
> @@ -366,7 +366,7 @@ ocsp_main(int argc, char **argv)
> if (args[1]) {
> args++;
> if (!cert_id_md)
> - cert_id_md = EVP_sha1();
> + cert_id_md = EVP_sha256();
> if (!add_ocsp_serial(&req, *args,
cert_id_md, issuer, ids))
> goto end;
> if (!sk_OPENSSL_STRING_push(reqnames,
*args))
> Index: x509.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/openssl/x509.c,v
> retrieving revision 1.12
> diff -u -p -r1.12 x509.c
> --- x509.c 17 Oct 2015 15:00:11 -0000 1.12
> +++ x509.c 20 Oct 2015 04:50:25 -0000
> @@ -788,7 +788,7 @@ bad:
> const EVP_MD *fdig = digest;
>
> if (!fdig)
> - fdig = EVP_sha1();
> + fdig = EVP_sha256();
>
> if (!X509_digest(x, fdig, md, &n)) {
> BIO_printf(bio_err, "out of
memory\n");
>
