make-key: Enforce PBEv1 password-protected signing keysstaging/lineage-17.0_merge-android-10.0.0_r9

The bug https://bugs.openjdk.java.net/browse/JDK-8076999 prevents the usage of PBESv2 key encryption schemes enforced by recent OpenSSL versions. So we enforce the PBE-SHA1-3DES scheme as recommended in https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/ Change-Id: I43239d4da1512d08563847db57af74146f8f66ea Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>
author: Vasyl Gello <vasek.gello@gmail.com> 2018-10-26 22:26:35 +0300
committer: Michael Bestas <mkbestas@lineageos.org> 2019-12-11 19:11:06 +0200
commit: 6e3bcd86f2eaa8dd588961c756b4152ef3e8fc68 (patch)
tree: 477d4340eb95826060eaab5773ef92c46bdacdc1
parent: 14cbb310ea083a534235c6bf0bbf63e38571ab23 (diff)
download: android_development-staging/lineage-17.0_merge-android-10.0.0_r9.tar.gz
android_development-staging/lineage-17.0_merge-android-10.0.0_r9.tar.bz2
android_development-staging/lineage-17.0_merge-android-10.0.0_r9.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/tools/make_key b/tools/make_key
index a6cf49c0d..9eb3c9884 100755
--- a/tools/make_key
+++ b/tools/make_key
@@ -69,7 +69,7 @@ if [ "${password}" == "" ]; then
 else
   echo "creating ${1}.pk8 with password [${password}]"
   export password
-  openssl pkcs8 -in ${one} -topk8 -outform DER -out $1.pk8 \
+  openssl pkcs8 -in ${one} -topk8 -v1 PBE-SHA1-3DES -outform DER -out $1.pk8 \
     -passout env:password
   unset password
 fi
author	Vasyl Gello <vasek.gello@gmail.com>	2018-10-26 22:26:35 +0300
committer	Michael Bestas <mkbestas@lineageos.org>	2019-12-11 19:11:06 +0200
commit	6e3bcd86f2eaa8dd588961c756b4152ef3e8fc68 (patch)
tree	477d4340eb95826060eaab5773ef92c46bdacdc1
parent	14cbb310ea083a534235c6bf0bbf63e38571ab23 (diff)
download	android_development-staging/lineage-17.0_merge-android-10.0.0_r9.tar.gz android_development-staging/lineage-17.0_merge-android-10.0.0_r9.tar.bz2 android_development-staging/lineage-17.0_merge-android-10.0.0_r9.zip