diff options
author | Vasyl Gello <vasek.gello@gmail.com> | 2018-10-26 22:26:35 +0300 |
---|---|---|
committer | Vasyl Gello <vasek.gello@gmail.com> | 2018-10-26 22:28:17 +0300 |
commit | 16d18b333312066adda31feb55aa47883f907797 (patch) | |
tree | 50f4a1afd52c46ddec34acafd2dc2679c98c7593 | |
parent | 01b86c8784cd1590bfd7c467abc89880e9a12814 (diff) | |
download | android_development-cm-14.1.tar.gz android_development-cm-14.1.tar.bz2 android_development-cm-14.1.zip |
make-key: Enforce PBEv1 password-protected signing keyscm-14.1
The bug https://bugs.openjdk.java.net/browse/JDK-8076999 prevents
the usage of PBESv2 key encryption schemes enforced by recent
OpenSSL versions.
So we enforce the PBE-SHA1-3DES scheme as recommended
in https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/
Change-Id: I43239d4da1512d08563847db57af74146f8f66ea
Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>
-rwxr-xr-x | tools/make_key | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/tools/make_key b/tools/make_key index a6cf49c0d..9eb3c9884 100755 --- a/tools/make_key +++ b/tools/make_key @@ -69,7 +69,7 @@ if [ "${password}" == "" ]; then else echo "creating ${1}.pk8 with password [${password}]" export password - openssl pkcs8 -in ${one} -topk8 -outform DER -out $1.pk8 \ + openssl pkcs8 -in ${one} -topk8 -v1 PBE-SHA1-3DES -outform DER -out $1.pk8 \ -passout env:password unset password fi |