diff options
Diffstat (limited to 'upstream/debian-bookworm/man7/passphrase-encoding.7ssl')
| -rw-r--r-- | upstream/debian-bookworm/man7/passphrase-encoding.7ssl | 288 |
1 files changed, 288 insertions, 0 deletions
diff --git a/upstream/debian-bookworm/man7/passphrase-encoding.7ssl b/upstream/debian-bookworm/man7/passphrase-encoding.7ssl new file mode 100644 index 00000000..269a6856 --- /dev/null +++ b/upstream/debian-bookworm/man7/passphrase-encoding.7ssl @@ -0,0 +1,288 @@ +.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.43) +.\" +.\" Standard preamble: +.\" ======================================================================== +.de Sp \" Vertical space (when we can't use .PP) +.if t .sp .5v +.if n .sp +.. +.de Vb \" Begin verbatim text +.ft CW +.nf +.ne \\$1 +.. +.de Ve \" End verbatim text +.ft R +.fi +.. +.\" Set up some character translations and predefined strings. \*(-- will +.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left +.\" double quote, and \*(R" will give a right double quote. \*(C+ will +.\" give a nicer C++. Capital omega is used to do unbreakable dashes and +.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, +.\" nothing in troff, for use with C<>. +.tr \(*W- +.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' +.ie n \{\ +. ds -- \(*W- +. ds PI pi +. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch +. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch +. ds L" "" +. ds R" "" +. ds C` "" +. ds C' "" +'br\} +.el\{\ +. ds -- \|\(em\| +. ds PI \(*p +. ds L" `` +. ds R" '' +. ds C` +. ds C' +'br\} +.\" +.\" Escape single quotes in literal strings from groff's Unicode transform. +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" +.\" If the F register is >0, we'll generate index entries on stderr for +.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index +.\" entries marked with X<> in POD. Of course, you'll have to process the +.\" output yourself in some meaningful fashion. +.\" +.\" Avoid warning from groff about undefined register 'F'. +.de IX +.. +.nr rF 0 +.if \n(.g .if rF .nr rF 1 +.if (\n(rF:(\n(.g==0)) \{\ +. if \nF \{\ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" +.. +. if !\nF==2 \{\ +. nr % 0 +. nr F 2 +. \} +. \} +.\} +.rr rF +.\" +.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). +.\" Fear. Run. Save yourself. No user-serviceable parts. +. \" fudge factors for nroff and troff +.if n \{\ +. ds #H 0 +. ds #V .8m +. ds #F .3m +. ds #[ \f1 +. ds #] \fP +.\} +.if t \{\ +. ds #H ((1u-(\\\\n(.fu%2u))*.13m) +. ds #V .6m +. ds #F 0 +. ds #[ \& +. ds #] \& +.\} +. \" simple accents for nroff and troff +.if n \{\ +. ds ' \& +. ds ` \& +. ds ^ \& +. ds , \& +. ds ~ ~ +. ds / +.\} +.if t \{\ +. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" +. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' +. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' +. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' +. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' +. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' +.\} +. \" troff and (daisy-wheel) nroff accents +.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' +.ds 8 \h'\*(#H'\(*b\h'-\*(#H' +.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] +.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' +.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' +.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] +.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] +.ds ae a\h'-(\w'a'u*4/10)'e +.ds Ae A\h'-(\w'A'u*4/10)'E +. \" corrections for vroff +.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' +.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' +. \" for low resolution devices (crt and lpr) +.if \n(.H>23 .if \n(.V>19 \ +\{\ +. ds : e +. ds 8 ss +. ds o a +. ds d- d\h'-1'\(ga +. ds D- D\h'-1'\(hy +. ds th \o'bp' +. ds Th \o'LP' +. ds ae ae +. ds Ae AE +.\} +.rm #[ #] #H #V #F C +.\" ======================================================================== +.\" +.IX Title "PASSPHRASE-ENCODING 7SSL" +.TH PASSPHRASE-ENCODING 7SSL "2023-10-23" "3.0.11" "OpenSSL" +.\" For nroff, turn off justification. Always turn off hyphenation; it makes +.\" way too many mistakes in technical documents. +.if n .ad l +.nh +.SH "NAME" +passphrase\-encoding +\&\- How diverse parts of OpenSSL treat pass phrases character encoding +.SH "DESCRIPTION" +.IX Header "DESCRIPTION" +In a modern world with all sorts of character encodings, the treatment of pass +phrases has become increasingly complex. +This manual page attempts to give an overview over how this problem is +currently addressed in different parts of the OpenSSL library. +.SS "The general case" +.IX Subsection "The general case" +The OpenSSL library doesn't treat pass phrases in any special way as a general +rule, and trusts the application or user to choose a suitable character set +and stick to that throughout the lifetime of affected objects. +This means that for an object that was encrypted using a pass phrase encoded in +\&\s-1ISO\-8859\-1,\s0 that object needs to be decrypted using a pass phrase encoded in +\&\s-1ISO\-8859\-1.\s0 +Using the wrong encoding is expected to cause a decryption failure. +.SS "PKCS#12" +.IX Subsection "PKCS#12" +PKCS#12 is a bit different regarding pass phrase encoding. +The standard stipulates that the pass phrase shall be encoded as an \s-1ASN.1\s0 +BMPString, which consists of the code points of the basic multilingual plane, +encoded in big endian (\s-1UCS\-2 BE\s0). +.PP +OpenSSL tries to adapt to this requirements in one of the following manners: +.IP "1." 4 +Treats the received pass phrase as \s-1UTF\-8\s0 encoded and tries to re-encode it to +\&\s-1UTF\-16\s0 (which is the same as \s-1UCS\-2\s0 for characters U+0000 to U+D7FF and U+E000 +to U+FFFF, but becomes an expansion for any other character), or failing that, +proceeds with step 2. +.IP "2." 4 +Assumes that the pass phrase is encoded in \s-1ASCII\s0 or \s-1ISO\-8859\-1\s0 and +opportunistically prepends each byte with a zero byte to obtain the \s-1UCS\-2\s0 +encoding of the characters, which it stores as a BMPString. +.Sp +Note that since there is no check of your locale, this may produce \s-1UCS\-2 / +UTF\-16\s0 characters that do not correspond to the original pass phrase characters +for other character sets, such as any \s-1ISO\-8859\-X\s0 encoding other than +\&\s-1ISO\-8859\-1\s0 (or for Windows, \s-1CP 1252\s0 with exception for the extra \*(L"graphical\*(R" +characters in the 0x80\-0x9F range). +.PP +OpenSSL versions older than 1.1.0 do variant 2 only, and that is the reason why +OpenSSL still does this, to be able to read files produced with older versions. +.PP +It should be noted that this approach isn't entirely fault free. +.PP +A pass phrase encoded in \s-1ISO\-8859\-2\s0 could very well have a sequence such as +0xC3 0xAF (which is the two characters \*(L"\s-1LATIN CAPITAL LETTER A WITH BREVE\*(R"\s0 +and \*(L"\s-1LATIN CAPITAL LETTER Z WITH DOT ABOVE\*(R"\s0 in \s-1ISO\-8859\-2\s0 encoding), but would +be misinterpreted as the perfectly valid \s-1UTF\-8\s0 encoded code point U+00EF (\s-1LATIN +SMALL LETTER I WITH DIAERESIS\s0) \fIif the pass phrase doesn't contain anything that +would be invalid \s-1UTF\-8\s0\fR. +A pass phrase that contains this kind of byte sequence will give a different +outcome in OpenSSL 1.1.0 and newer than in OpenSSL older than 1.1.0. +.PP +.Vb 2 +\& 0x00 0xC3 0x00 0xAF # OpenSSL older than 1.1.0 +\& 0x00 0xEF # OpenSSL 1.1.0 and newer +.Ve +.PP +On the same accord, anything encoded in \s-1UTF\-8\s0 that was given to OpenSSL older +than 1.1.0 was misinterpreted as \s-1ISO\-8859\-1\s0 sequences. +.SS "\s-1OSSL_STORE\s0" +.IX Subsection "OSSL_STORE" +\&\fBossl_store\fR\|(7) acts as a general interface to access all kinds of objects, +potentially protected with a pass phrase, a \s-1PIN\s0 or something else. +This \s-1API\s0 stipulates that pass phrases should be \s-1UTF\-8\s0 encoded, and that any +other pass phrase encoding may give undefined results. +This \s-1API\s0 relies on the application to ensure \s-1UTF\-8\s0 encoding, and doesn't check +that this is the case, so what it gets, it will also pass to the underlying +loader. +.SH "RECOMMENDATIONS" +.IX Header "RECOMMENDATIONS" +This section assumes that you know what pass phrase was used for encryption, +but that it may have been encoded in a different character encoding than the +one used by your current input method. +For example, the pass phrase may have been used at a time when your default +encoding was \s-1ISO\-8859\-1\s0 (i.e. \*(L"nai\*:ve\*(R" resulting in the byte sequence 0x6E 0x61 +0xEF 0x76 0x65), and you're now in an environment where your default encoding +is \s-1UTF\-8\s0 (i.e. \*(L"nai\*:ve\*(R" resulting in the byte sequence 0x6E 0x61 0xC3 0xAF 0x76 +0x65). +Whenever it's mentioned that you should use a certain character encoding, it +should be understood that you either change the input method to use the +mentioned encoding when you type in your pass phrase, or use some suitable tool +to convert your pass phrase from your default encoding to the target encoding. +.PP +Also note that the sub-sections below discuss human readable pass phrases. +This is particularly relevant for PKCS#12 objects, where human readable pass +phrases are assumed. +For other objects, it's as legitimate to use any byte sequence (such as a +sequence of bytes from \fI/dev/urandom\fR that's been saved away), which makes any +character encoding discussion irrelevant; in such cases, simply use the same +byte sequence as it is. +.SS "Creating new objects" +.IX Subsection "Creating new objects" +For creating new pass phrase protected objects, make sure the pass phrase is +encoded using \s-1UTF\-8.\s0 +This is default on most modern Unixes, but may involve an effort on other +platforms. +Specifically for Windows, setting the environment variable +\&\fB\s-1OPENSSL_WIN32_UTF8\s0\fR will have anything entered on [Windows] console prompt +converted to \s-1UTF\-8\s0 (command line and separately prompted pass phrases alike). +.SS "Opening existing objects" +.IX Subsection "Opening existing objects" +For opening pass phrase protected objects where you know what character +encoding was used for the encryption pass phrase, make sure to use the same +encoding again. +.PP +For opening pass phrase protected objects where the character encoding that was +used is unknown, or where the producing application is unknown, try one of the +following: +.IP "1." 4 +Try the pass phrase that you have as it is in the character encoding of your +environment. +It's possible that its byte sequence is exactly right. +.IP "2." 4 +Convert the pass phrase to \s-1UTF\-8\s0 and try with the result. +Specifically with PKCS#12, this should open up any object that was created +according to the specification. +.IP "3." 4 +Do a nai\*:ve (i.e. purely mathematical) \s-1ISO\-8859\-1\s0 to \s-1UTF\-8\s0 conversion and try +with the result. +This differs from the previous attempt because \s-1ISO\-8859\-1\s0 maps directly to +U+0000 to U+00FF, which other non\-UTF\-8 character sets do not. +.Sp +This also takes care of the case when a \s-1UTF\-8\s0 encoded string was used with +OpenSSL older than 1.1.0. +(for example, \f(CW\*(C`i\*:\*(C'\fR, which is 0xC3 0xAF when encoded in \s-1UTF\-8,\s0 would become 0xC3 +0x83 0xC2 0xAF when re-encoded in the nai\*:ve manner. +The conversion to BMPString would then yield 0x00 0xC3 0x00 0xA4 0x00 0x00, the +erroneous/non\-compliant encoding used by OpenSSL older than 1.1.0) +.SH "SEE ALSO" +.IX Header "SEE ALSO" +\&\fBevp\fR\|(7), +\&\fBossl_store\fR\|(7), +\&\fBEVP_BytesToKey\fR\|(3), \fBEVP_DecryptInit\fR\|(3), +\&\fBPEM_do_header\fR\|(3), +\&\fBPKCS12_parse\fR\|(3), \fBPKCS12_newpass\fR\|(3), +\&\fBd2i_PKCS8PrivateKey_bio\fR\|(3) +.SH "COPYRIGHT" +.IX Header "COPYRIGHT" +Copyright 2018\-2021 The OpenSSL Project Authors. All Rights Reserved. +.PP +Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file \s-1LICENSE\s0 in the source distribution or at +<https://www.openssl.org/source/license.html>. |