Closed dwosk closed 3 months ago
It looks like EncryptedPrivateKeyInfo::encrypt
needs to be changed to use pbes2::Parameters::recommended()
which was introduced in https://github.com/RustCrypto/formats/issues/1205
See the current implementation here: https://github.com/RustCrypto/formats/blob/c501837/pkcs8/src/encrypted_private_key_info.rs#L77
Right now it's using scrypt::Params::default
, i.e. the OWASP recommended defaults which are unfortunately "Too Secure For OpenSSL To Handle". See also https://github.com/RustCrypto/password-hashes/pull/388
Thanks @tarcieri. Would you accept a PR that changes that method to use recommended()
over default()
? Since the new behavior would be considered "less secure" than what is being used today I'm not sure how you want to handle that. But if they are the recommended parameters then it makes sense to use them.
There is currently no Default
impl for pbes2::Parameters
.
pbes2::Parameters::recommended()
takes an explicit RNG parameter to initialize the salt and cipher IV parameters.
We could potentially add a Default
impl gated on a getrandom
feature, which calls pbes2::Parameters::recommended
with &mut OsRng
. But I'm not sure it's a good idea semantically for a Default
impl to use an RNG and return different values every time.
Reproduction:
I think the root cause was found/fixed here: https://github.com/RustCrypto/formats/issues/1205. However, as I'm new to these libraries, I'm unsure how to use the new constructors and piece them together with this crate.
Is there sample code I can leverage that uses the openssl-compatible scrypt parameters to generate the pkcs8 pem key? Is this supported in the latest pre-release? Currently I am using:
Thanks!