I am generating exporting some pkcs#12 files for testing purposes. These files are not being used in production and only exist temporary during automated testing.
I am using the following command:
openssl pkcs12 -export -nodes -out bundle.pfx -inkey mykey.key -in certificate.crt -certfile ca-cert.crt
Why is it insisting on an export password when I have included -nodes
?
My OpenSSL version is OpenSSL 1.0.1f 6 Jan 2014
on Ubuntu Server 14.10 64-bit.
In interactive mode, when it prompts for a password, just press enter and there will be no password set.
If you are want to automate that (for example as an ansible command), use the -passout
argument. It expects the parameter to be in the form pass:mypassword
. Since we want no password:
openssl pkcs12 -export -nodes -out bundle.pfx -inkey mykey.key \ -in certificate.crt -certfile ca-cert.crt \ -passout pass:
tl;dr If you explicitly set the encryption algorithms both to NONE
(the one for the key and the one for the cert), you will still have to provide a password but as no encryption is performed, it won't matter which password you provide as the password is simply ignored and the resulting file is not encrypted.
For a full command line sample, check out this reply:
https://stackoverflow.com/a/62863490/7878845
-nodes
means "don't encrypt private key" but in a PKCS#12 file, the certificates are encrypted as well, so even with -nodes
you'd need an export password.
See documentation of -descert
which says:
Encrypt the certificate using triple DES; this may render the PKCS#12 file unreadable by some "export grade" software. By default, the private key is encrypted using triple DES and the certificate using 40-bit RC2.
So unless you use this option, the certificates are encrypted using RC2. You can change the algorithms for either key or certificate using the options -keypbe
and -certpbe
.
Also for openssl pkcs12
the -nodes
option is only listed in the section:
The options for parsing a PKCS12 file are as follows:
But you are not parsing such a file, you are creating it and if you look at
The options for PKCS12 file creation are as follows:
the option -nodes
is not even listed.
Just hitting return when prompted for a password also won't mean "no password" but it means "empty password" (your password is an empty string), which is legal. The reason why this works like no password in some cases is that some software will try to read PKCS#12 files with an empty string password first and only if that fails, prompt the user for an actual password, so if the password is empty, the user won't ever be prompted in these cases making it look like there is "no password" set.
This can cause issues in macOS and iOS, as Apple assumes that PKCS#12 always has a password set and it won't allow you to enter an "empty password", so if a file has an empty password set, it's impossible to import it on these systems. Firefox also had this issue in the very beginning but it was fixed 13 years ago.
When reading a PKCS#12 file, OpenSSL itself tries to distinguish "no password" and "empty password" only by guessing. Here is original code from the project:
/* If we enter empty password try no password first */ if(!mpass[0] && PKCS12_verify_mac(p12, NULL, 0)) { /* If mac and crypto pass the same set it to NULL too */ if(!twopass) cpass = NULL; } else if (!PKCS12_verify_mac(p12, mpass, -1)) { BIO_printf (bio_err, "Mac verify error: invalid password?\n"); ERR_print_errors (bio_err); goto end; }
The first time NULL
is passed for password, the second time the empty string is parsed for password. Now let's look at the code when creating a P12 file:
p12 = PKCS12_create(cpass, name, key, ucert, certs, key_pbe, cert_pbe, iter, -1, keytype);
Theoretically this call would create a PKCS#12 file without a password if cpass
is NULL
, however, when this call is being made, it cannot be NULL
because if you follow the code path from the beginning of the function to the call above, there is no code path that would lead to cpass
being NULL
in the end.
if(!cpass) { if(export_cert) cpass = passout; else cpass = passin; } if(cpass) { mpass = cpass; noprompt = 1; } else { cpass = pass; mpass = macpass; }
In case cpass
was still NULL
at the last if
, it will be set to pass
and pass
is:
char pass[50], macpass[50];
This is a static variable and when stored to a pointer, this pointer cannot be NULL
. There is no other code that ever assigns a different value to cpass
, so cpass
can be an empty string but it can certainly never be NULL
.
The actual encryption happens at a function named PKCS12_add_safe_ex()
and if look at this function, you see the following code:
if (nid_safe == 0) #ifdef OPENSSL_NO_RC2 nid_safe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; #else nid_safe = NID_pbe_WithSHA1And40BitRC2_CBC; #endif if (nid_safe == -1) p7 = PKCS12_pack_p7data(bags); else p7 = PKCS12_pack_p7encdata_ex(nid_safe, pass, -1, NULL, 0, iter, bags, ctx, propq); if (p7 == NULL) goto err;
nid_safe
is a number that tells the function which encryption method to use. As you can see, if it isn't set (value of 0
) a default is used which is either RC2, or in case not available, 3DES.
However, if nid_safe
is -1
, which means NONE
, an alternative function is being used and pass
is not even passed to this function, so the value of pass
is entirely irrelevant in that case. So you can provide any password you like, if you set the encryption algorithm for the key and the certificate to NONE
, nothing is encrypted.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With