crypto: regenerate PKCS#12 certificates

Browse Source

The PKCS#12 certificates are using SHA1 and RC2-40, which are deprecated;
regenerate them with:

 $ openssl pkcs12 -export -in test_key_and_cert.pem -inkey test_key_and_cert.pem -certfile test_ca_cert.pem -name "test-pkcs12" -out test-cert.p12
 (key: test)

 $ openssl pkcs12 -export -in test2_key_and_cert.pem -inkey test2_key_and_cert.pem -certfile test2_ca_cert.pem -name "test2-pkcs12" -out test2-cert.p12
 (key: 12345testing)

Before:
 $ openssl pkcs12 -info -in test-cert.p12
 MAC: sha1, Iteration 2048
 MAC length: 20, salt length: 8
 PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048

After:
 $ openssl pkcs12 -info -in test-cert.p12
 MAC: sha256, Iteration 2048
 MAC length: 32, salt length: 8
 PKCS7 Encrypted data: PBES2, PBKDF2, AES-256-CBC, Iteration 2048, PRF hmacWithSHA256

...

This commit is contained in:

Beniamino Galvani 2024-06-24 09:24:29 +02:00

parent d2536a7d7f

commit 0d657af256

2 changed files with 0 additions and 0 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN

src/libnm-core-impl/tests/certs/test-cert.p12

View File

Binary file not shown.

BIN

src/libnm-core-impl/tests/certs/test2-cert.p12

View File

Binary file not shown.