[I'm not entirely sure where to post this - but since it's part of beta code, and this forum seems less stale than others - and I can't find anywhere else that seems more appropriate - here it goes. I'm glad to be pointed elsewhere...]
A review of the EasyRSA scripts appears to show they encrypt private keys with 3DES [triple-DES].
Is there some good reason not to use aes-256 as a default? While arguing about the "better" cypher is probably a pointless thing to start - it does seem to me that AES-256 [or even Camellia-256] would be better choices than 3DES because the key is 256 bits instead of 112 [or perhaps 168].
I really seems like any easy change and I can't personally think of a reason it isn't a good idea.
[And Yes, I understand that the entropy of the pass-phrase could *very* easily be less than even 100 bits - which means the AES-256 key of 256 bits is essentially lost because of a low entropy password. But why should the script throw away higher entropy passwords if they're available!]
Can someone please comment? And I'd be glad to submit a patch, provided someone can tell me how to do this - but seriously, the change would as simple as the following:
Line 861 in the EasyRSA script:
- local crypto="-des3"
+ local crypto="-aes256"
[or if you want to use Camellia]
+ local crypto="-camellia256"
TIA
-Greg
EasyRSA key encryption
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please report your experience with testing branch. Include what you were using and how
If there is a problem, the more info the better!
Please report your experience with testing branch. Include what you were using and how
If there is a problem, the more info the better!
-
gsloop
- OpenVpn Newbie
- Posts: 2
- Joined: Mon Sep 08, 2014 7:27 pm
Re: EasyRSA key encryption
So, I've been continuing to look through the code, and that snippet is from the "set_pass" function. It appears this is only used to set/reset a password on a private RSA/EC key.
I can't find this code being called when the CA/Server/Client key/request is generated so it may well not apply, but then again, I can't figure out what encryption *IS* being set on the key. It's obviously encrypted, provided you don't call easyrsa with the option "nopass" - but what encryption is used, I simply can't tell from the code or other methods.
So, while I can't see [figure out] what CA/Server/Client keys are encrypted with initially, if the pass-phrase is changed, the new encryption type is 3DES.
Can someone confirm with me what is used initially, and if this is changeable? [I tried passing "aes-256' as an extra option, and it's rejected by EasyRSA - which looks like what the code intends.]
TIA
-Greg
I can't find this code being called when the CA/Server/Client key/request is generated so it may well not apply, but then again, I can't figure out what encryption *IS* being set on the key. It's obviously encrypted, provided you don't call easyrsa with the option "nopass" - but what encryption is used, I simply can't tell from the code or other methods.
So, while I can't see [figure out] what CA/Server/Client keys are encrypted with initially, if the pass-phrase is changed, the new encryption type is 3DES.
Can someone confirm with me what is used initially, and if this is changeable? [I tried passing "aes-256' as an extra option, and it's rejected by EasyRSA - which looks like what the code intends.]
TIA
-Greg