From c2e9c1f794c29aaec9fe19ca87dd9634d01c8432 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Wed, 25 Apr 2018 21:33:33 +0200 Subject: Revert "Update NSS to 3.35-RTM" This reverts commit f1a0f0a56fdd0fc39f255174ce08c06b91c66c94. --- security/nss/doc/certutil.xml | 10 -- security/nss/doc/html/certutil.html | 43 +++--- security/nss/doc/html/pk12util.html | 12 +- security/nss/doc/nroff/certutil.1 | 37 ++--- security/nss/doc/nroff/pk12util.1 | 279 +++++++++++++++++++++++++++++------- security/nss/doc/pk12util.xml | 74 ++++++---- 6 files changed, 306 insertions(+), 149 deletions(-) (limited to 'security/nss/doc') diff --git a/security/nss/doc/certutil.xml b/security/nss/doc/certutil.xml index d5062bd5eb..461b213898 100644 --- a/security/nss/doc/certutil.xml +++ b/security/nss/doc/certutil.xml @@ -455,16 +455,6 @@ of the attribute codes: Set an alternate exponent value to use in generating a new RSA public key for the database, instead of the default value of 65537. The available alternate values are 3 and 17. - - --pss - Restrict the generated certificate (with the option) or certificate request (with the option) to be used with the RSA-PSS signature scheme. This only works when the private key of the certificate or certificate request is RSA. - - - - --pss-sign - Sign the generated certificate with the RSA-PSS signature scheme (with the or option). This only works when the private key of the signer's certificate is RSA. If the signer's certificate is restricted to RSA-PSS, it is not necessary to specify this option. - - -z noise-file Read a seed value from the specified file to generate a new private and public key pair. This argument makes it possible to use hardware-generated seed values or manually create a value from the keyboard. The minimum file size is 20 bytes. diff --git a/security/nss/doc/html/certutil.html b/security/nss/doc/html/certutil.html index 902d1309a4..eb2e94322b 100644 --- a/security/nss/doc/html/certutil.html +++ b/security/nss/doc/html/certutil.html @@ -1,4 +1,4 @@ -CERTUTIL

Name

certutil — Manage keys and certificate in both NSS databases and other NSS tokens

Synopsis

certutil [options] [[arguments]]

STATUS

This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 +CERTUTIL

Name

certutil — Manage keys and certificate in both NSS databases and other NSS tokens

Synopsis

certutil [options] [[arguments]]

STATUS

This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477

Description

The Certificate Database Tool, certutil, is a command-line utility that can create and modify certificate and key databases. It can specifically list, generate, modify, or delete certificates, create or change the password, generate new public and private key pairs, display the contents of the key database, or delete key pairs within the key database.

Certificate issuance, part of the key and certificate management process, requires that keys and certificates be created in the key database. This document discusses certificate and key database management. For information on the security module database management, see the modutil manpage.

Command Options and Arguments

Running certutil always requires one and only one command option to specify the type of certificate operation. Each command option may take zero or more arguments. The command option -H will list all the command options and their relevant arguments.

Command Options

-A

Add an existing certificate to a certificate database. The certificate database should already exist; if one is not present, this command option will initialize one by default.

-B

Run a series of commands from the specified batch file. This requires the -i argument.

-C

Create a new binary certificate file from a binary certificate request file. Use the -i argument to specify the certificate request file. If this argument is not used, certutil prompts for a filename.

-D

Delete a certificate from the certificate database.

--rename

Change the database nickname of a certificate.

-E

Add an email certificate to the certificate database.

-F

Delete a private key from a key database. Specify the key to delete with the -n argument. Specify the database from which to delete the key with the -d argument. Use the -k argument to specify explicitly whether to delete a DSA, RSA, or ECC key. If you don't use the -k argument, the option looks for an RSA key matching the specified nickname.

@@ -20,26 +20,25 @@ Add one or multiple extensions that certutil cannot encode yet, by loading their duplicate nicknames. Giving a key type generates a new key pair; giving the ID of an existing key reuses that key pair (which is required to renew certificates). -

-l

Display detailed information when validating a certificate with the -V option.

-m serial-number

Assign a unique serial number to a certificate being created. This operation should be performed by a CA. If no serial number is provided a default serial number is made from the current time. Serial numbers are limited to integers

-n nickname

Specify the nickname of a certificate or key to list, create, add to a database, modify, or validate. Bracket the nickname string with quotation marks if it contains spaces.

-o output-file

Specify the output file name for new certificates or binary certificate requests. Bracket the output-file string with quotation marks if it contains spaces. If this argument is not used the output destination defaults to standard output.

-P dbPrefix

Specify the prefix used on the certificate and key database file. This argument is provided to support legacy servers. Most applications do not use a database prefix.

-p phone

Specify a contact telephone number to include in new certificates or certificate requests. Bracket this string with quotation marks if it contains spaces.

-q pqgfile or curve-name

Read an alternate PQG value from the specified file when generating DSA key pairs. If this argument is not used, certutil generates its own PQG value. PQG files are created with a separate DSA utility.

Elliptic curve name is one of the ones from nistp256, nistp384, nistp521, curve25519.

- If a token is available that supports more curves, the foolowing curves are supported as well: - sect163k1, nistk163, sect163r1, sect163r2, - nistb163, sect193r1, sect193r2, sect233k1, nistk233, - sect233r1, nistb233, sect239k1, sect283k1, nistk283, - sect283r1, nistb283, sect409k1, nistk409, sect409r1, - nistb409, sect571k1, nistk571, sect571r1, nistb571, - secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, - nistp192, secp224k1, secp224r1, nistp224, secp256k1, - secp256r1, secp384r1, secp521r1, - prime192v1, prime192v2, prime192v3, - prime239v1, prime239v2, prime239v3, c2pnb163v1, - c2pnb163v2, c2pnb163v3, c2pnb176v1, c2tnb191v1, - c2tnb191v2, c2tnb191v3, - c2pnb208w1, c2tnb239v1, c2tnb239v2, c2tnb239v3, - c2pnb272w1, c2pnb304w1, - c2tnb359w1, c2pnb368w1, c2tnb431r1, secp112r1, - secp112r2, secp128r1, secp128r2, sect113r1, sect113r2, - sect131r1, sect131r2 -

-r

Display a certificate's binary DER encoding when listing information about that certificate with the -L option.

-s subject

Identify a particular certificate owner for new certificates or certificate requests. Bracket this string with quotation marks if it contains spaces. The subject identification format follows RFC #1485.

-t trustargs

Specify the trust attributes to modify in an existing certificate or to apply to a certificate when creating it or adding it to a database. There are three available trust categories for each certificate, expressed in the order SSL, email, object signing for each trust setting. In each category position, use none, any, or all +

-l

Display detailed information when validating a certificate with the -V option.

-m serial-number

Assign a unique serial number to a certificate being created. This operation should be performed by a CA. If no serial number is provided a default serial number is made from the current time. Serial numbers are limited to integers

-n nickname

Specify the nickname of a certificate or key to list, create, add to a database, modify, or validate. Bracket the nickname string with quotation marks if it contains spaces.

-o output-file

Specify the output file name for new certificates or binary certificate requests. Bracket the output-file string with quotation marks if it contains spaces. If this argument is not used the output destination defaults to standard output.

-P dbPrefix

Specify the prefix used on the certificate and key database file. This argument is provided to support legacy servers. Most applications do not use a database prefix.

-p phone

Specify a contact telephone number to include in new certificates or certificate requests. Bracket this string with quotation marks if it contains spaces.

-q pqgfile or curve-name

Read an alternate PQG value from the specified file when generating DSA key pairs. If this argument is not used, certutil generates its own PQG value. PQG files are created with a separate DSA utility.

Elliptic curve name is one of the ones from nistp256, nistp384, nistp521, curve25519.

If a token is available that supports more curves, the foolowing curves are supported as well: + sect163k1, nistk163, sect163r1, sect163r2, + nistb163, sect193r1, sect193r2, sect233k1, nistk233, + sect233r1, nistb233, sect239k1, sect283k1, nistk283, + sect283r1, nistb283, sect409k1, nistk409, sect409r1, + nistb409, sect571k1, nistk571, sect571r1, nistb571, + secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, + nistp192, secp224k1, secp224r1, nistp224, secp256k1, + secp256r1, secp384r1, secp521r1, + prime192v1, prime192v2, prime192v3, + prime239v1, prime239v2, prime239v3, c2pnb163v1, + c2pnb163v2, c2pnb163v3, c2pnb176v1, c2tnb191v1, + c2tnb191v2, c2tnb191v3, + c2pnb208w1, c2tnb239v1, c2tnb239v2, c2tnb239v3, + c2pnb272w1, c2pnb304w1, + c2tnb359w1, c2pnb368w1, c2tnb431r1, secp112r1, + secp112r2, secp128r1, secp128r2, sect113r1, sect113r2, + sect131r1, sect131r2

+
-r

Display a certificate's binary DER encoding when listing information about that certificate with the -L option.

-s subject

Identify a particular certificate owner for new certificates or certificate requests. Bracket this string with quotation marks if it contains spaces. The subject identification format follows RFC #1485.

-t trustargs

Specify the trust attributes to modify in an existing certificate or to apply to a certificate when creating it or adding it to a database. There are three available trust categories for each certificate, expressed in the order SSL, email, object signing for each trust setting. In each category position, use none, any, or all of the attribute codes:

  • p - Valid peer @@ -60,7 +59,7 @@ of the attribute codes: the certificate or adding it to a database. Express the offset in integers, using a minus sign (-) to indicate a negative offset. If this argument is not used, the validity period begins at the current system time. The length - of the validity period is set with the -v argument.

-X

Force the key and certificate database to open in read-write mode. This is used with the -U and -L command options.

-x

Use certutil to generate the signature for a certificate being created or added to a database, rather than obtaining a signature from a separate CA.

-y exp

Set an alternate exponent value to use in generating a new RSA public key for the database, instead of the default value of 65537. The available alternate values are 3 and 17.

--pss

Restrict the generated certificate (with the -S option) or certificate request (with the -R option) to be used with the RSA-PSS signature scheme. This only works when the private key of the certificate or certificate request is RSA.

--pss-sign

Sign the generated certificate with the RSA-PSS signature scheme (with the -C or -S option). This only works when the private key of the signer's certificate is RSA. If the signer's certificate is restricted to RSA-PSS, it is not necessary to specify this option.

-z noise-file

Read a seed value from the specified file to generate a new private and public key pair. This argument makes it possible to use hardware-generated seed values or manually create a value from the keyboard. The minimum file size is 20 bytes.

-Z hashAlg

Specify the hash algorithm to use with the -C, -S or -R command options. Possible keywords:

  • MD2

  • MD4

  • MD5

  • SHA1

  • SHA224

  • SHA256

  • SHA384

  • SHA512

-0 SSO_password

Set a site security officer password on a token.

-1 | --keyUsage keyword,keyword

Set an X.509 V3 Certificate Type Extension in the certificate. There are several available keywords:

  • + of the validity period is set with the -v argument.

-X

Force the key and certificate database to open in read-write mode. This is used with the -U and -L command options.

-x

Use certutil to generate the signature for a certificate being created or added to a database, rather than obtaining a signature from a separate CA.

-y exp

Set an alternate exponent value to use in generating a new RSA public key for the database, instead of the default value of 65537. The available alternate values are 3 and 17.

-z noise-file

Read a seed value from the specified file to generate a new private and public key pair. This argument makes it possible to use hardware-generated seed values or manually create a value from the keyboard. The minimum file size is 20 bytes.

-Z hashAlg

Specify the hash algorithm to use with the -C, -S or -R command options. Possible keywords:

  • MD2

  • MD4

  • MD5

  • SHA1

  • SHA224

  • SHA256

  • SHA384

  • SHA512

-0 SSO_password

Set a site security officer password on a token.

-1 | --keyUsage keyword,keyword

Set an X.509 V3 Certificate Type Extension in the certificate. There are several available keywords:

  • digitalSignature

  • nonRepudiation diff --git a/security/nss/doc/html/pk12util.html b/security/nss/doc/html/pk12util.html index 94dbf51e97..fe516dd83a 100644 --- a/security/nss/doc/html/pk12util.html +++ b/security/nss/doc/html/pk12util.html @@ -1,6 +1,6 @@ -PK12UTIL

    Name

    pk12util — Export and import keys and certificate to or from a PKCS #12 file and the NSS database

    Synopsis

    pk12util [-i p12File|-l p12File|-o p12File] [-d [sql:]directory] [-h tokenname] [-P dbprefix] [-r] [-v] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]

    STATUS

    This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 -

    Description

    The PKCS #12 utility, pk12util, enables sharing certificates among any server that supports PKCS #12. The tool can import certificates and keys from PKCS #12 files into security databases, export certificates, and list certificates and keys.

    Options and Arguments

    Options

    -i p12file

    Import keys and certificates from a PKCS #12 file into a security database.

    -l p12file

    List the keys and certificates in PKCS #12 file.

    -o p12file

    Export keys and certificates from the security database to a PKCS #12 file.

    Arguments

    -c keyCipher

    Specify the key encryption algorithm.

    -C certCipher

    Specify the certiticate encryption algorithm.

    -d [sql:]directory

    Specify the database directory into which to import to or export from certificates and keys.

    pk12util supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt). If the prefix sql: is not used, then the tool assumes that the given databases are in the old format.

    -h tokenname

    Specify the name of the token to import into or export from.

    -k slotPasswordFile

    Specify the text file containing the slot's password.

    -K slotPassword

    Specify the slot's password.

    -m | --key-len keyLength

    Specify the desired length of the symmetric key to be used to encrypt the private key.

    -n | --cert-key-len certKeyLength

    Specify the desired length of the symmetric key to be used to encrypt the certificates and other meta-data.

    -n certname

    Specify the nickname of the cert and private key to export.

    -P prefix

    Specify the prefix used on the certificate and key databases. This option is provided as a special case. - Changing the names of the certificate and key databases is not recommended.

    -r

    Dumps all of the data in raw (binary) form. This must be saved as a DER file. The default is to return information in a pretty-print ASCII format, which displays the information about the certificates and public keys in the p12 file.

    -v

    Enable debug logging when importing.

    -w p12filePasswordFile

    Specify the text file containing the pkcs #12 file password.

    -W p12filePassword

    Specify the pkcs #12 file password.

    Return Codes

    • 0 - No error

    • 1 - User Cancelled

    • 2 - Usage error

    • 6 - NLS init error

    • 8 - Certificate DB open error

    • 9 - Key DB open error

    • 10 - File initialization error

    • 11 - Unicode conversion error

    • 12 - Temporary file creation error

    • 13 - PKCS11 get slot error

    • 14 - PKCS12 decoder start error

    • 15 - error read from import file

    • 16 - pkcs12 decode error

    • 17 - pkcs12 decoder verify error

    • 18 - pkcs12 decoder validate bags error

    • 19 - pkcs12 decoder import bags error

    • 20 - key db conversion version 3 to version 2 error

    • 21 - cert db conversion version 7 to version 5 error

    • 22 - cert and key dbs patch error

    • 23 - get default cert db error

    • 24 - find cert by nickname error

    • 25 - create export context error

    • 26 - PKCS12 add password itegrity error

    • 27 - cert and key Safes creation error

    • 28 - PKCS12 add cert and key error

    • 29 - PKCS12 encode error

    Examples

    Importing Keys and Certificates

    The most basic usage of pk12util for importing a certificate or key is the PKCS #12 input file (-i) and some way to specify the security database being accessed (either -d for a directory or -h for a token). +PK12UTIL

    Name

    pk12util — Export and import keys and certificate to or from a PKCS #12 file and the NSS database

    Synopsis

    pk12util [-i p12File|-l p12File|-o p12File] [-d [sql:]directory] [-h tokenname] [-P dbprefix] [-r] [-v] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]

    STATUS

    This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 +

    Description

    The PKCS #12 utility, pk12util, enables sharing certificates among any server that supports PKCS#12. The tool can import certificates and keys from PKCS#12 files into security databases, export certificates, and list certificates and keys.

    Options and Arguments

    Options

    -i p12file

    Import keys and certificates from a PKCS#12 file into a security database.

    -l p12file

    List the keys and certificates in PKCS#12 file.

    -o p12file

    Export keys and certificates from the security database to a PKCS#12 file.

    Arguments

    -c keyCipher

    Specify the key encryption algorithm.

    -C certCipher

    Specify the key cert (overall package) encryption algorithm.

    -d [sql:]directory

    Specify the database directory into which to import to or export from certificates and keys.

    pk12util supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt). If the prefix sql: is not used, then the tool assumes that the given databases are in the old format.

    -h tokenname

    Specify the name of the token to import into or export from.

    -k slotPasswordFile

    Specify the text file containing the slot's password.

    -K slotPassword

    Specify the slot's password.

    -m | --key-len keyLength

    Specify the desired length of the symmetric key to be used to encrypt the private key.

    -n | --cert-key-len certKeyLength

    Specify the desired length of the symmetric key to be used to encrypt the certificates and other meta-data.

    -n certname

    Specify the nickname of the cert and private key to export.

    -P prefix

    Specify the prefix used on the certificate and key databases. This option is provided as a special case. + Changing the names of the certificate and key databases is not recommended.

    -r

    Dumps all of the data in raw (binary) form. This must be saved as a DER file. The default is to return information in a pretty-print ASCII format, which displays the information about the certificates and public keys in the p12 file.

    -v

    Enable debug logging when importing.

    -w p12filePasswordFile

    Specify the text file containing the pkcs #12 file password.

    -W p12filePassword

    Specify the pkcs #12 file password.

    Return Codes

    • 0 - No error

    • 1 - User Cancelled

    • 2 - Usage error

    • 6 - NLS init error

    • 8 - Certificate DB open error

    • 9 - Key DB open error

    • 10 - File initialization error

    • 11 - Unicode conversion error

    • 12 - Temporary file creation error

    • 13 - PKCS11 get slot error

    • 14 - PKCS12 decoder start error

    • 15 - error read from import file

    • 16 - pkcs12 decode error

    • 17 - pkcs12 decoder verify error

    • 18 - pkcs12 decoder validate bags error

    • 19 - pkcs12 decoder import bags error

    • 20 - key db conversion version 3 to version 2 error

    • 21 - cert db conversion version 7 to version 5 error

    • 22 - cert and key dbs patch error

    • 23 - get default cert db error

    • 24 - find cert by nickname error

    • 25 - create export context error

    • 26 - PKCS12 add password itegrity error

    • 27 - cert and key Safes creation error

    • 28 - PKCS12 add cert and key error

    • 29 - PKCS12 encode error

    Examples

    Importing Keys and Certificates

    The most basic usage of pk12util for importing a certificate or key is the PKCS#12 input file (-i) and some way to specify the security database being accessed (either -d for a directory or -h for a token).

    pk12util -i p12File [-h tokenname] [-v] [-d [sql:]directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]

    For example:

    # pk12util -i /tmp/cert-files/users.p12 -d sql:/home/my/sharednssdb
    @@ -12,7 +12,7 @@ and should contain at least one non-alphabetic character.
     Enter new password: 
     Re-enter password: 
     Enter password for PKCS12 file: 
    -pk12util: PKCS12 IMPORT SUCCESSFUL

    Exporting Keys and Certificates

    Using the pk12util command to export certificates and keys requires both the name of the certificate to extract from the database (-n) and the PKCS #12-formatted output file to write to. There are optional parameters that can be used to encrypt the file to protect the certificate material. +pk12util: PKCS12 IMPORT SUCCESSFUL

    Exporting Keys and Certificates

    Using the pk12util command to export certificates and keys requires both the name of the certificate to extract from the database (-n) and the PKCS#12-formatted output file to write to. There are optional parameters that can be used to encrypt the file to protect the certificate material.

    pk12util -o p12File -n certname [-c keyCipher] [-C certCipher] [-m|--key_len keyLen] [-n|--cert_key_len certKeyLen] [-d [sql:]directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]

    For example:

    # pk12util -o certs.p12 -n Server-Cert -d sql:/home/my/sharednssdb
     Enter password for PKCS12 file: 
     Re-enter password: 

    Listing Keys and Certificates

    The information in a .p12 file are not human-readable. The certificates and keys in the file can be printed (listed) in a human-readable pretty-print format that shows information for every certificate and any public keys in the .p12 file. @@ -48,7 +48,7 @@ Key(shrouded): Certificate Friendly Name: Thawte Personal Freemail Issuing CA - Thawte Consulting Certificate Friendly Name: Thawte Freemail Member's Thawte Consulting (Pty) Ltd. ID -

    Password Encryption

    PKCS #12 provides for not only the protection of the private keys but also the certificate and meta-data associated with the keys. Password-based encryption is used to protect private keys on export to a PKCS #12 file and, optionally, the associated certificates. If no algorithm is specified, the tool defaults to using PKCS #12 SHA-1 and 3-key triple DES for private key encryption. When not in FIPS mode, PKCS #12 SHA-1 and 40-bit RC4 is used for certificate encryption. When in FIPS mode, there is no certificate encryption. If certificate encryption is not wanted, specify "NONE" as the argument of the -C option.

    The private key is always protected with strong encryption by default.

    Several types of ciphers are supported.

    PKCS #5 password-based encryption
    • PBES2 with AES-CBC-Pad as underlying encryption scheme ("AES-128-CBC", "AES-192-CBC", and "AES-256-CBC")

    PKCS #12 password-based encryption
    • SHA-1 and 128-bit RC4 ("PKCS #12 V2 PBE With SHA-1 And 128 Bit RC4" or "RC4")

    • SHA-1 and 40-bit RC4 ("PKCS #12 V2 PBE With SHA-1 And 40 Bit RC4") (used by default for certificate encryption in non-FIPS mode)

    • SHA-1 and 3-key triple-DES ("PKCS #12 V2 PBE With SHA-1 And 3KEY Triple DES-CBC" or "DES-EDE3-CBC")

    • SHA-1 and 128-bit RC2 ("PKCS #12 V2 PBE With SHA-1 And 128 Bit RC2 CBC" or "RC2-CBC")

    • SHA-1 and 40-bit RC2 ("PKCS #12 V2 PBE With SHA-1 And 40 Bit RC2 CBC")

    With PKCS #12, the crypto provider may be the soft token module or an external hardware module. If the cryptographic module does not support the requested algorithm, then the next best fit will be selected (usually the default). If no suitable replacement for the desired algorithm can be found, the tool returns the error no security module can perform the requested operation.

    NSS Database Types

    NSS originally used BerkeleyDB databases to store security information. +

    Password Encryption

    PKCS#12 provides for not only the protection of the private keys but also the certificate and meta-data associated with the keys. Password-based encryption is used to protect private keys on export to a PKCS#12 file and, optionally, the entire package. If no algorithm is specified, the tool defaults to using PKCS12 V2 PBE with SHA1 and 3KEY Triple DES-cbc for private key encryption. PKCS12 V2 PBE with SHA1 and 40 Bit RC4 is the default for the overall package encryption when not in FIPS mode. When in FIPS mode, there is no package encryption.

    The private key is always protected with strong encryption by default.

    Several types of ciphers are supported.

    Symmetric CBC ciphers for PKCS#5 V2
    • DES-CBC

    • RC2-CBC

    • RC5-CBCPad

    • DES-EDE3-CBC (the default for key encryption)

    • AES-128-CBC

    • AES-192-CBC

    • AES-256-CBC

    • CAMELLIA-128-CBC

    • CAMELLIA-192-CBC

    • CAMELLIA-256-CBC

    PKCS#12 PBE ciphers
    • PKCS #12 PBE with Sha1 and 128 Bit RC4

    • PKCS #12 PBE with Sha1 and 40 Bit RC4

    • PKCS #12 PBE with Sha1 and Triple DES CBC

    • PKCS #12 PBE with Sha1 and 128 Bit RC2 CBC

    • PKCS #12 PBE with Sha1 and 40 Bit RC2 CBC

    • PKCS12 V2 PBE with SHA1 and 128 Bit RC4

    • PKCS12 V2 PBE with SHA1 and 40 Bit RC4 (the default for non-FIPS mode)

    • PKCS12 V2 PBE with SHA1 and 3KEY Triple DES-cbc

    • PKCS12 V2 PBE with SHA1 and 2KEY Triple DES-cbc

    • PKCS12 V2 PBE with SHA1 and 128 Bit RC2 CBC

    • PKCS12 V2 PBE with SHA1 and 40 Bit RC2 CBC

    PKCS#5 PBE ciphers
    • PKCS #5 Password Based Encryption with MD2 and DES CBC

    • PKCS #5 Password Based Encryption with MD5 and DES CBC

    • PKCS #5 Password Based Encryption with SHA1 and DES CBC

    With PKCS#12, the crypto provider may be the soft token module or an external hardware module. If the cryptographic module does not support the requested algorithm, then the next best fit will be selected (usually the default). If no suitable replacement for the desired algorithm can be found, the tool returns the error no security module can perform the requested operation.

    NSS Database Types

    NSS originally used BerkeleyDB databases to store security information. The last versions of these legacy databases are:

    • cert8.db for certificates

    • @@ -68,7 +68,7 @@ BerkleyDB. These new databases provide more accessibility and performance:

      sql: prefix with the given security directory. For example:

      # pk12util -i /tmp/cert-files/users.p12 -d sql:/home/my/sharednssdb

      To set the shared database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to sql:

      export NSS_DEFAULT_DB_TYPE="sql"

      This line can be set added to the ~/.bashrc file to make the change permanent.

      Most applications do not use the shared database by default, but they can be configured to use them. For example, this how-to article covers how to configure Firefox and Thunderbird to use the new shared NSS databases:

      • https://wiki.mozilla.org/NSS_Shared_DB_Howto

      For an engineering draft on the changes in the shared NSS databases, see the NSS project wiki:

      • https://wiki.mozilla.org/NSS_Shared_DB -

    Compatibility Notes

    The exporting behavior of pk12util has changed over time, while importing files exported with older versions of NSS is still supported.

    Until the 3.30 release, pk12util used the UTF-16 encoding for the PKCS #5 password-based encryption schemes, while the recommendation is to encode passwords in UTF-8 if the used encryption scheme is defined outside of the PKCS #12 standard.

    Until the 3.31 release, even when "AES-128-CBC" or "AES-192-CBC" is given from the command line, pk12util always used 256-bit AES as the underlying encryption scheme.

    For historical reasons, pk12util accepts password-based encryption schemes not listed in this document. However, those schemes are not officially supported and may have issues in interoperability with other tools.

    See Also

    certutil (1)

    modutil (1)

    The NSS wiki has information on the new database design and how to configure applications to use it.

    • +

    See Also

    certutil (1)

    modutil (1)

    The NSS wiki has information on the new database design and how to configure applications to use it.

    • https://wiki.mozilla.org/NSS_Shared_DB_Howto

    • https://wiki.mozilla.org/NSS_Shared_DB

    Additional Resources

    For information about NSS and other tools related to NSS (like JSS), check out the NSS project wiki at http://www.mozilla.org/projects/security/pki/nss/. The NSS site relates directly to NSS code changes and releases.

    Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto

    IRC: Freenode at #dogtag-pki

    Authors

    The NSS tools were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.

    diff --git a/security/nss/doc/nroff/certutil.1 b/security/nss/doc/nroff/certutil.1 index 80a02fc276..b2a8bd2bb8 100644 --- a/security/nss/doc/nroff/certutil.1 +++ b/security/nss/doc/nroff/certutil.1 @@ -1,13 +1,13 @@ '\" t .\" Title: CERTUTIL .\" Author: [see the "Authors" section] -.\" Generator: DocBook XSL Stylesheets vsnapshot -.\" Date: 27 October 2017 +.\" Generator: DocBook XSL Stylesheets v1.78.1 +.\" Date: 8 September 2016 .\" Manual: NSS Security Tools .\" Source: nss-tools .\" Language: English .\" -.TH "CERTUTIL" "1" "27 October 2017" "nss-tools" "NSS Security Tools" +.TH "CERTUTIL" "1" "8 September 2016" "nss-tools" "NSS Security Tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -371,9 +371,9 @@ Read an alternate PQG value from the specified file when generating DSA key pair \fBcertutil\fR generates its own PQG value\&. PQG files are created with a separate DSA utility\&. .sp -Elliptic curve name is one of the ones from nistp256, nistp384, nistp521, curve25519\&. +Elliptic curve name is one of the ones from nistp256, nistp384, nistp521, curve25519. .sp -If a token is available that supports more curves, the foolowing curves are supported as well: sect163k1, nistk163, sect163r1, sect163r2, nistb163, sect193r1, sect193r2, sect233k1, nistk233, sect233r1, nistb233, sect239k1, sect283k1, nistk283, sect283r1, nistb283, sect409k1, nistk409, sect409r1, nistb409, sect571k1, nistk571, sect571r1, nistb571, secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, nistp192, secp224k1, secp224r1, nistp224, secp256k1, secp256r1, secp384r1, secp521r1, prime192v1, prime192v2, prime192v3, prime239v1, prime239v2, prime239v3, c2pnb163v1, c2pnb163v2, c2pnb163v3, c2pnb176v1, c2tnb191v1, c2tnb191v2, c2tnb191v3, c2pnb208w1, c2tnb239v1, c2tnb239v2, c2tnb239v3, c2pnb272w1, c2pnb304w1, c2tnb359w1, c2pnb368w1, c2tnb431r1, secp112r1, secp112r2, secp128r1, secp128r2, sect113r1, sect113r2, sect131r1, sect131r2 +If a token is available that supports more curves, the foolowing curves are supported as well: sect163k1, nistk163, sect163r1, sect163r2, nistb163, sect193r1, sect193r2, sect233k1, nistk233, sect233r1, nistb233, sect239k1, sect283k1, nistk283, sect283r1, nistb283, sect409k1, nistk409, sect409r1, nistb409, sect571k1, nistk571, sect571r1, nistb571, secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, nistp192, secp224k1, secp224r1, nistp224, secp256k1, secp256r1, secp384r1, secp521r1, prime192v1, prime192v2, prime192v3, prime239v1, prime239v2, prime239v3, c2pnb163v1, c2pnb163v2, c2pnb163v3, c2pnb176v1, c2tnb191v1, c2tnb191v2, c2tnb191v3, c2pnb208w1, c2tnb239v1, c2tnb239v2, c2tnb239v3, c2pnb272w1, c2pnb304w1, c2tnb359w1, c2pnb368w1, c2tnb431r1, secp112r1, secp112r2, secp128r1, secp128r2, sect113r1, sect113r2, sect131r1, sect131r2 .RE .PP \-r @@ -609,24 +609,6 @@ to generate the signature for a certificate being created or added to a database Set an alternate exponent value to use in generating a new RSA public key for the database, instead of the default value of 65537\&. The available alternate values are 3 and 17\&. .RE .PP -\-\-pss -.RS 4 -Restrict the generated certificate (with the -\fB\-S\fR -option) or certificate request (with the -\fB\-R\fR -option) to be used with the RSA\-PSS signature scheme\&. This only works when the private key of the certificate or certificate request is RSA\&. -.RE -.PP -\-\-pss\-sign -.RS 4 -Sign the generated certificate with the RSA\-PSS signature scheme (with the -\fB\-C\fR -or -\fB\-S\fR -option)\&. This only works when the private key of the signer\*(Aqs certificate is RSA\&. If the signer\*(Aqs certificate is restricted to RSA\-PSS, it is not necessary to specify this option\&. -.RE -.PP \-z noise\-file .RS 4 Read a seed value from the specified file to generate a new private and public key pair\&. This argument makes it possible to use hardware\-generated seed values or manually create a value from the keyboard\&. The minimum file size is 20 bytes\&. @@ -1530,8 +1512,7 @@ There are ways to narrow the keys listed in the search results: .IP \(bu 2.3 .\} To return a specific key, use the -\fB\-n\fR -\fIname\fR +\fB\-n\fR\fIname\fR argument with the name of the key\&. .RE .sp @@ -1544,8 +1525,7 @@ argument with the name of the key\&. .IP \(bu 2.3 .\} If there are multiple security devices loaded, then the -\fB\-h\fR -\fItokenname\fR +\fB\-h\fR\fItokenname\fR argument can search a specific token or all tokens\&. .RE .sp @@ -1558,8 +1538,7 @@ argument can search a specific token or all tokens\&. .IP \(bu 2.3 .\} If there are multiple key types available, then the -\fB\-k\fR -\fIkey\-type\fR +\fB\-k\fR\fIkey\-type\fR argument can search a specific type of key, like RSA, DSA, or ECC\&. .RE .PP diff --git a/security/nss/doc/nroff/pk12util.1 b/security/nss/doc/nroff/pk12util.1 index e0a8da833e..c4fa972c0a 100644 --- a/security/nss/doc/nroff/pk12util.1 +++ b/security/nss/doc/nroff/pk12util.1 @@ -1,13 +1,13 @@ '\" t .\" Title: PK12UTIL .\" Author: [see the "Authors" section] -.\" Generator: DocBook XSL Stylesheets vsnapshot -.\" Date: 27 October 2017 +.\" Generator: DocBook XSL Stylesheets v1.78.1 +.\" Date: 5 June 2014 .\" Manual: NSS Security Tools .\" Source: nss-tools .\" Language: English .\" -.TH "PK12UTIL" "1" "27 October 2017" "nss-tools" "NSS Security Tools" +.TH "PK12UTIL" "1" "5 June 2014" "nss-tools" "NSS Security Tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -39,24 +39,24 @@ This documentation is still work in progress\&. Please contribute to the initial .SH "DESCRIPTION" .PP The PKCS #12 utility, -\fBpk12util\fR, enables sharing certificates among any server that supports PKCS #12\&. The tool can import certificates and keys from PKCS #12 files into security databases, export certificates, and list certificates and keys\&. +\fBpk12util\fR, enables sharing certificates among any server that supports PKCS#12\&. The tool can import certificates and keys from PKCS#12 files into security databases, export certificates, and list certificates and keys\&. .SH "OPTIONS AND ARGUMENTS" .PP \fBOptions\fR .PP \-i p12file .RS 4 -Import keys and certificates from a PKCS #12 file into a security database\&. +Import keys and certificates from a PKCS#12 file into a security database\&. .RE .PP \-l p12file .RS 4 -List the keys and certificates in PKCS #12 file\&. +List the keys and certificates in PKCS#12 file\&. .RE .PP \-o p12file .RS 4 -Export keys and certificates from the security database to a PKCS #12 file\&. +Export keys and certificates from the security database to a PKCS#12 file\&. .RE .PP \fBArguments\fR @@ -68,7 +68,7 @@ Specify the key encryption algorithm\&. .PP \-C certCipher .RS 4 -Specify the certiticate encryption algorithm\&. +Specify the key cert (overall package) encryption algorithm\&. .RE .PP \-d [sql:]directory @@ -432,7 +432,7 @@ Specify the pkcs #12 file password\&. .PP The most basic usage of \fBpk12util\fR -for importing a certificate or key is the PKCS #12 input file (\fB\-i\fR) and some way to specify the security database being accessed (either +for importing a certificate or key is the PKCS#12 input file (\fB\-i\fR) and some way to specify the security database being accessed (either \fB\-d\fR for a directory or \fB\-h\fR @@ -467,7 +467,7 @@ pk12util: PKCS12 IMPORT SUCCESSFUL .PP Using the \fBpk12util\fR -command to export certificates and keys requires both the name of the certificate to extract from the database (\fB\-n\fR) and the PKCS #12\-formatted output file to write to\&. There are optional parameters that can be used to encrypt the file to protect the certificate material\&. +command to export certificates and keys requires both the name of the certificate to extract from the database (\fB\-n\fR) and the PKCS#12\-formatted output file to write to\&. There are optional parameters that can be used to encrypt the file to protect the certificate material\&. .PP pk12util \-o p12File \-n certname [\-c keyCipher] [\-C certCipher] [\-m|\-\-key_len keyLen] [\-n|\-\-cert_key_len certKeyLen] [\-d [sql:]directory] [\-P dbprefix] [\-k slotPasswordFile|\-K slotPassword] [\-w p12filePasswordFile|\-W p12filePassword] .PP @@ -559,17 +559,17 @@ Certificate Friendly Name: Thawte Freemail Member\*(Aqs Thawte Consulting (Pt .\} .SH "PASSWORD ENCRYPTION" .PP -PKCS #12 provides for not only the protection of the private keys but also the certificate and meta\-data associated with the keys\&. Password\-based encryption is used to protect private keys on export to a PKCS #12 file and, optionally, the associated certificates\&. If no algorithm is specified, the tool defaults to using PKCS #12 SHA\-1 and 3\-key triple DES for private key encryption\&. When not in FIPS mode, PKCS #12 SHA\-1 and 40\-bit RC4 is used for certificate encryption\&. When in FIPS mode, there is no certificate encryption\&. If certificate encryption is not wanted, specify -\fB"NONE"\fR -as the argument of the -\fB\-C\fR -option\&. +PKCS#12 provides for not only the protection of the private keys but also the certificate and meta\-data associated with the keys\&. Password\-based encryption is used to protect private keys on export to a PKCS#12 file and, optionally, the entire package\&. If no algorithm is specified, the tool defaults to using +\fBPKCS12 V2 PBE with SHA1 and 3KEY Triple DES\-cbc\fR +for private key encryption\&. +\fBPKCS12 V2 PBE with SHA1 and 40 Bit RC4\fR +is the default for the overall package encryption when not in FIPS mode\&. When in FIPS mode, there is no package encryption\&. .PP The private key is always protected with strong encryption by default\&. .PP Several types of ciphers are supported\&. .PP -PKCS #5 password\-based encryption +Symmetric CBC ciphers for PKCS#5 V2 .RS 4 .sp .RS 4 @@ -580,13 +580,110 @@ PKCS #5 password\-based encryption .sp -1 .IP \(bu 2.3 .\} -PBES2 with AES\-CBC\-Pad as underlying encryption scheme (\fB"AES\-128\-CBC"\fR, -\fB"AES\-192\-CBC"\fR, and -\fB"AES\-256\-CBC"\fR) +DES\-CBC +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +RC2\-CBC +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +RC5\-CBCPad +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +DES\-EDE3\-CBC (the default for key encryption) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +AES\-128\-CBC +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +AES\-192\-CBC +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +AES\-256\-CBC +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +CAMELLIA\-128\-CBC +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +CAMELLIA\-192\-CBC +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +CAMELLIA\-256\-CBC .RE .RE .PP -PKCS #12 password\-based encryption +PKCS#12 PBE ciphers .RS 4 .sp .RS 4 @@ -597,9 +694,7 @@ PKCS #12 password\-based encryption .sp -1 .IP \(bu 2.3 .\} -SHA\-1 and 128\-bit RC4 (\fB"PKCS #12 V2 PBE With SHA\-1 And 128 Bit RC4"\fR -or -\fB"RC4"\fR) +PKCS #12 PBE with Sha1 and 128 Bit RC4 .RE .sp .RS 4 @@ -610,7 +705,7 @@ or .sp -1 .IP \(bu 2.3 .\} -SHA\-1 and 40\-bit RC4 (\fB"PKCS #12 V2 PBE With SHA\-1 And 40 Bit RC4"\fR) (used by default for certificate encryption in non\-FIPS mode) +PKCS #12 PBE with Sha1 and 40 Bit RC4 .RE .sp .RS 4 @@ -621,9 +716,7 @@ SHA\-1 and 40\-bit RC4 (\fB"PKCS #12 V2 PBE With SHA\-1 And 40 Bit RC4"\fR) (use .sp -1 .IP \(bu 2.3 .\} -SHA\-1 and 3\-key triple\-DES (\fB"PKCS #12 V2 PBE With SHA\-1 And 3KEY Triple DES\-CBC"\fR -or -\fB"DES\-EDE3\-CBC"\fR) +PKCS #12 PBE with Sha1 and Triple DES CBC .RE .sp .RS 4 @@ -634,9 +727,7 @@ or .sp -1 .IP \(bu 2.3 .\} -SHA\-1 and 128\-bit RC2 (\fB"PKCS #12 V2 PBE With SHA\-1 And 128 Bit RC2 CBC"\fR -or -\fB"RC2\-CBC"\fR) +PKCS #12 PBE with Sha1 and 128 Bit RC2 CBC .RE .sp .RS 4 @@ -647,11 +738,114 @@ or .sp -1 .IP \(bu 2.3 .\} -SHA\-1 and 40\-bit RC2 (\fB"PKCS #12 V2 PBE With SHA\-1 And 40 Bit RC2 CBC"\fR) +PKCS #12 PBE with Sha1 and 40 Bit RC2 CBC +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +PKCS12 V2 PBE with SHA1 and 128 Bit RC4 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +PKCS12 V2 PBE with SHA1 and 40 Bit RC4 (the default for non\-FIPS mode) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +PKCS12 V2 PBE with SHA1 and 3KEY Triple DES\-cbc +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +PKCS12 V2 PBE with SHA1 and 2KEY Triple DES\-cbc +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +PKCS12 V2 PBE with SHA1 and 128 Bit RC2 CBC +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +PKCS12 V2 PBE with SHA1 and 40 Bit RC2 CBC .RE .RE .PP -With PKCS #12, the crypto provider may be the soft token module or an external hardware module\&. If the cryptographic module does not support the requested algorithm, then the next best fit will be selected (usually the default)\&. If no suitable replacement for the desired algorithm can be found, the tool returns the error +PKCS#5 PBE ciphers +.RS 4 +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +PKCS #5 Password Based Encryption with MD2 and DES CBC +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +PKCS #5 Password Based Encryption with MD5 and DES CBC +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +PKCS #5 Password Based Encryption with SHA1 and DES CBC +.RE +.RE +.PP +With PKCS#12, the crypto provider may be the soft token module or an external hardware module\&. If the cryptographic module does not support the requested algorithm, then the next best fit will be selected (usually the default)\&. If no suitable replacement for the desired algorithm can be found, the tool returns the error \fIno security module can perform the requested operation\fR\&. .SH "NSS DATABASE TYPES" .PP @@ -793,27 +987,6 @@ For an engineering draft on the changes in the shared NSS databases, see the NSS .\} https://wiki\&.mozilla\&.org/NSS_Shared_DB .RE -.SH "COMPATIBILITY NOTES" -.PP -The exporting behavior of -\fBpk12util\fR -has changed over time, while importing files exported with older versions of NSS is still supported\&. -.PP -Until the 3\&.30 release, -\fBpk12util\fR -used the UTF\-16 encoding for the PKCS #5 password\-based encryption schemes, while the recommendation is to encode passwords in UTF\-8 if the used encryption scheme is defined outside of the PKCS #12 standard\&. -.PP -Until the 3\&.31 release, even when -\fB"AES\-128\-CBC"\fR -or -\fB"AES\-192\-CBC"\fR -is given from the command line, -\fBpk12util\fR -always used 256\-bit AES as the underlying encryption scheme\&. -.PP -For historical reasons, -\fBpk12util\fR -accepts password\-based encryption schemes not listed in this document\&. However, those schemes are not officially supported and may have issues in interoperability with other tools\&. .SH "SEE ALSO" .PP certutil (1) diff --git a/security/nss/doc/pk12util.xml b/security/nss/doc/pk12util.xml index c267949653..03ee356e65 100644 --- a/security/nss/doc/pk12util.xml +++ b/security/nss/doc/pk12util.xml @@ -46,7 +46,7 @@ Description - The PKCS #12 utility, pk12util, enables sharing certificates among any server that supports PKCS #12. The tool can import certificates and keys from PKCS #12 files into security databases, export certificates, and list certificates and keys. + The PKCS #12 utility, pk12util, enables sharing certificates among any server that supports PKCS#12. The tool can import certificates and keys from PKCS#12 files into security databases, export certificates, and list certificates and keys. @@ -55,17 +55,17 @@ -i p12file - Import keys and certificates from a PKCS #12 file into a security database. + Import keys and certificates from a PKCS#12 file into a security database. -l p12file - List the keys and certificates in PKCS #12 file. + List the keys and certificates in PKCS#12 file. -o p12file - Export keys and certificates from the security database to a PKCS #12 file. + Export keys and certificates from the security database to a PKCS#12 file. @@ -78,7 +78,7 @@ -C certCipher - Specify the certiticate encryption algorithm. + Specify the key cert (overall package) encryption algorithm. @@ -233,7 +233,7 @@ Examples Importing Keys and Certificates - The most basic usage of pk12util for importing a certificate or key is the PKCS #12 input file () and some way to specify the security database being accessed (either for a directory or for a token). + The most basic usage of pk12util for importing a certificate or key is the PKCS#12 input file () and some way to specify the security database being accessed (either for a directory or for a token). pk12util -i p12File [-h tokenname] [-v] [-d [sql:]directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword] @@ -252,7 +252,7 @@ Enter password for PKCS12 file: pk12util: PKCS12 IMPORT SUCCESSFUL Exporting Keys and Certificates - Using the pk12util command to export certificates and keys requires both the name of the certificate to extract from the database () and the PKCS #12-formatted output file to write to. There are optional parameters that can be used to encrypt the file to protect the certificate material. + Using the pk12util command to export certificates and keys requires both the name of the certificate to extract from the database () and the PKCS#12-formatted output file to write to. There are optional parameters that can be used to encrypt the file to protect the certificate material. pk12util -o p12File -n certname [-c keyCipher] [-C certCipher] [-m|--key_len keyLen] [-n|--cert_key_len certKeyLen] [-d [sql:]directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword] For example: @@ -304,34 +304,58 @@ Certificate Friendly Name: Thawte Freemail Member's Thawte Consulting (Pty) L Password Encryption - PKCS #12 provides for not only the protection of the private keys but also the certificate and meta-data associated with the keys. Password-based encryption is used to protect private keys on export to a PKCS #12 file and, optionally, the associated certificates. If no algorithm is specified, the tool defaults to using PKCS #12 SHA-1 and 3-key triple DES for private key encryption. When not in FIPS mode, PKCS #12 SHA-1 and 40-bit RC4 is used for certificate encryption. When in FIPS mode, there is no certificate encryption. If certificate encryption is not wanted, specify "NONE" as the argument of the option. + PKCS#12 provides for not only the protection of the private keys but also the certificate and meta-data associated with the keys. Password-based encryption is used to protect private keys on export to a PKCS#12 file and, optionally, the entire package. If no algorithm is specified, the tool defaults to using PKCS12 V2 PBE with SHA1 and 3KEY Triple DES-cbc for private key encryption. PKCS12 V2 PBE with SHA1 and 40 Bit RC4 is the default for the overall package encryption when not in FIPS mode. When in FIPS mode, there is no package encryption. The private key is always protected with strong encryption by default. Several types of ciphers are supported. - PKCS #5 password-based encryption + Symmetric CBC ciphers for PKCS#5 V2 - - PBES2 with AES-CBC-Pad as underlying encryption scheme ("AES-128-CBC", "AES-192-CBC", and "AES-256-CBC") - + + DES-CBC + RC2-CBC + RC5-CBCPad + DES-EDE3-CBC (the default for key encryption) + AES-128-CBC + AES-192-CBC + AES-256-CBC + CAMELLIA-128-CBC + CAMELLIA-192-CBC + CAMELLIA-256-CBC + - PKCS #12 password-based encryption + PKCS#12 PBE ciphers - - SHA-1 and 128-bit RC4 ("PKCS #12 V2 PBE With SHA-1 And 128 Bit RC4" or "RC4") - SHA-1 and 40-bit RC4 ("PKCS #12 V2 PBE With SHA-1 And 40 Bit RC4") (used by default for certificate encryption in non-FIPS mode) - SHA-1 and 3-key triple-DES ("PKCS #12 V2 PBE With SHA-1 And 3KEY Triple DES-CBC" or "DES-EDE3-CBC") - SHA-1 and 128-bit RC2 ("PKCS #12 V2 PBE With SHA-1 And 128 Bit RC2 CBC" or "RC2-CBC") - SHA-1 and 40-bit RC2 ("PKCS #12 V2 PBE With SHA-1 And 40 Bit RC2 CBC") - + + PKCS #12 PBE with Sha1 and 128 Bit RC4 + PKCS #12 PBE with Sha1 and 40 Bit RC4 + PKCS #12 PBE with Sha1 and Triple DES CBC + PKCS #12 PBE with Sha1 and 128 Bit RC2 CBC + PKCS #12 PBE with Sha1 and 40 Bit RC2 CBC + PKCS12 V2 PBE with SHA1 and 128 Bit RC4 + PKCS12 V2 PBE with SHA1 and 40 Bit RC4 (the default for non-FIPS mode) + PKCS12 V2 PBE with SHA1 and 3KEY Triple DES-cbc + PKCS12 V2 PBE with SHA1 and 2KEY Triple DES-cbc + PKCS12 V2 PBE with SHA1 and 128 Bit RC2 CBC + PKCS12 V2 PBE with SHA1 and 40 Bit RC2 CBC + + + + PKCS#5 PBE ciphers + + + PKCS #5 Password Based Encryption with MD2 and DES CBC + PKCS #5 Password Based Encryption with MD5 and DES CBC + PKCS #5 Password Based Encryption with SHA1 and DES CBC + - With PKCS #12, the crypto provider may be the soft token module or an external hardware module. If the cryptographic module does not support the requested algorithm, then the next best fit will be selected (usually the default). If no suitable replacement for the desired algorithm can be found, the tool returns the error no security module can perform the requested operation. + With PKCS#12, the crypto provider may be the soft token module or an external hardware module. If the cryptographic module does not support the requested algorithm, then the next best fit will be selected (usually the default). If no suitable replacement for the desired algorithm can be found, the tool returns the error no security module can perform the requested operation. NSS Database Types @@ -408,14 +432,6 @@ Using the SQLite databases must be manually specified by using the sql: - - Compatibility Notes - The exporting behavior of pk12util has changed over time, while importing files exported with older versions of NSS is still supported. - Until the 3.30 release, pk12util used the UTF-16 encoding for the PKCS #5 password-based encryption schemes, while the recommendation is to encode passwords in UTF-8 if the used encryption scheme is defined outside of the PKCS #12 standard. - Until the 3.31 release, even when "AES-128-CBC" or "AES-192-CBC" is given from the command line, pk12util always used 256-bit AES as the underlying encryption scheme. - For historical reasons, pk12util accepts password-based encryption schemes not listed in this document. However, those schemes are not officially supported and may have issues in interoperability with other tools. - - See Also certutil (1) -- cgit v1.2.3