[Pkg-openssl-devel] Bug#915612: openssl: "genrsa" changed command line interface in stretch-security update

Manuel Montecelo mmontecelo at sipwise.com
Thu Dec 6 09:56:35 GMT 2018 

Hi,

2018-12-06 00:10 Kurt Roeckx:
>On Wed, Dec 05, 2018 at 10:03:50PM +0100, Sebastian Andrzej Siewior wrote:
>> On 2018-12-05 11:09:25 [+0100], Manuel Montecelo wrote:
>> > the subcommand genrsa changed interface from its previous version, and does not
>> > accept -config or -batch options anymore:
>>>>
>> > I worked around the issue in other ways, and I know that "genpkey" is supposed
>> > to supercede "genrsa", but this problem might affect scripts that the users
>> > cannot easily change, and it's OK-ish for major versions but would be nice to
>> > not affect systems with stable-security updates.
>> >
>> > For reference, command that used to work:
>> >
>> >  openssl genrsa -out "${KEY_FILE}" 4096 -config "${CONFIG_FILE}" -batch
>> >
>> > As a workaround with "genrsa":
>> >
>> >  OPENSSL_CONF="${CONFIG_FILE}" openssl genrsa -out "${KEY_FILE}" 4096
>>
>> Are you sure that the workaround vs
>> 	openssl genrsa -out "${KEY_FILE}" 4096
>>
>> makes a difference?
>>
>> I'm asking because bisect identifies commit 847997f98c28b ("Check # of
>> arguments for remaining commands.") as the one that introduced the
>> regression. This change only adds the error if you specify invalid
>> arguments. Both `-config' and `-batch' are not part of accepted
>> arguments.
>> So I think 1.1.0f should produce the same result with or without those
>> two options. Is it true?
>
>It stops parsing for options when it doesn't find an argument that
>start with a '-', so 4096 is not an option anymore, but it tries
>to convert it to the number of bits. Everything after that was
>just ignored, now it gives an error.
>
>Also note that the manpage does put [numbits] at the end of the
>arguments. It was clear to me that it needs to be the last
>argument, but I can at least see why it might not be clear.

I am not sure if I understand Sebastian's question, but to demonstrate this
problem I'm going to show the commands.

With the previous version in stretch or stretch-security repos, this worked:

  ii  libssl1.1:amd64                       1.1.0f-3+deb9u2
  ii  openssl                               1.1.0f-3+deb9u2

  root at ... # openssl genrsa -out "${KEY_FILE}" 4096 -config "${CONFIG_FILE}" -batch
  Generating RSA private key, 4096 bit long modulus
  [...]............................................++
  [...]...............................................................++
  e is 65537 (0x010001)


With the newer version 1.1.0j-1~deb9u1, the same command as above it doesn't
work:

  root at ... # openssl genrsa -out "${KEY_FILE}" 4096 -config "${CONFIG_FILE}" -batch
  Extra arguments given.
  genrsa: Use -help for summary.

Rearranging arguments so that 4096 goes at the end it doesn't help:

  root at ... # openssl genrsa -out "${KEY_FILE}" -config "${CONFIG_FILE}" -batch 4096
  genrsa: Unknown cipher config

Similar when -batch is before -config, only that the error is about -batch this time:

  root at ... # openssl genrsa -out "${KEY_FILE}" -batch -config "${CONFIG_FILE}" 4096
  genrsa: Unknown cipher batch


Lastly, it works with the workaround that I mentioned, by passing config with an
env variable and avoiding -batch altogether (I don't know why it was once added
to that file, I didn't write the code):

  root at ... # OPENSSL_CONF="${CONFIG_FILE}" openssl genrsa -out "${KEY_FILE}" 4096
  Generating RSA private key, 4096 bit long modulus
  [...]..............................................................++++
  [...]...................................++++
  e is 65537 (0x010001)


As Kurt says, and apart from putting [numbits] at the end of the options in the
synopsis, currently the description in the man page says explicitly:

  numbits
    the size of the private key to generate in bits. This must be the last
    option specified. The default is 2048.

So it's probably a bug in our previous code, either by using an older/ancient
syntax (if it was once valid, not sure) or by not interpreting it correctly and
adding the arguments in the wrong older.  It sounds like the -batch and -config
options in our scripts were being silently ignored until now.

For us is not a problem since we changed it without major consequences.

But since this change affected us and had to make changes after a
stable-security release, that in general shouldn't break things working
previously, I wanted to submit a bug to have a chance to fix things if there's
anything to fix... Or otherwise, at least document the problem, so if it bites
other people also using the wrong syntax they at least have some info about
what's wrong and what to change in their systems, rather than be unable to
upgrade to the latest version of openssl or spending more time investigating the
problem on their own :)

Thanks for the quick replies and investigation!


Cheers.
-- 
Manuel Montecelo <mmontecelo at sipwise.com>
Release Engineer

Sipwise GmbH, Campus 21/Europaring F15
AT-2345 Brunn am Gebirge

Office: +43(0)13012029 | Website: https://www.sipwise.com

More information about the Pkg-openssl-devel mailing list