crypto: regenerate PKCS#12 certificates

Browse source

The PKCS#12 certificates are using SHA1 and RC2-40, which are deprecated;
regenerate them with:

 $ openssl pkcs12 -export -in test_key_and_cert.pem -inkey test_key_and_cert.pem -certfile test_ca_cert.pem -name "test-pkcs12" -out test-cert.p12
 (key: test)

 $ openssl pkcs12 -export -in test2_key_and_cert.pem -inkey test2_key_and_cert.pem -certfile test2_ca_cert.pem -name "test2-pkcs12" -out test2-cert.p12
 (key: 12345testing)

Before:
 $ openssl pkcs12 -info -in test-cert.p12
 MAC: sha1, Iteration 2048
 MAC length: 20, salt length: 8
 PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048

After:
 $ openssl pkcs12 -info -in test-cert.p12
 MAC: sha256, Iteration 2048
 MAC length: 32, salt length: 8
 PKCS7 Encrypted data: PBES2, PBKDF2, AES-256-CBC, Iteration 2048, PRF hmacWithSHA256
(cherry picked from commit 0d657af256)

...

This commit is contained in:

Beniamino Galvani 2024-06-24 09:24:29 +02:00

parent bd2edfd6fc

commit 627d0edbf6

2 changed files with 0 additions and 0 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Show stats Download patch file Download diff file Expand all files Collapse all files

BIN

src/libnm-core-impl/tests/certs/test-cert.p12

View file

Binary file not shown.

BIN

src/libnm-core-impl/tests/certs/test2-cert.p12

View file

Binary file not shown.