Upgrade go-pkcs12 and use modern encoders

This PR upgrades go-pkcs12 and switches the default encoder to a modern
version PBES2 with PBKDF2-HMAC-SHA-256 and AES-256-CBC. It also adds
a legacy flag to use the previous version.

This PR also fixes some linter issues.

Fixes #1061

cmd/step/main.go

@@ -150,13 +150,13 @@ func panicHandler() {
 			fmt.Fprintf(os.Stderr, "%s\n", step.Version())
 			fmt.Fprintf(os.Stderr, "Release Date: %s\n\n", step.ReleaseDate())
 			panic(r)
-		} else {
-			fmt.Fprintln(os.Stderr, "Something unexpected happened.")
-			fmt.Fprintln(os.Stderr, "If you want to help us debug the problem, please run:")
-			fmt.Fprintf(os.Stderr, "STEPDEBUG=1 %s\n", strings.Join(os.Args, " "))
-			fmt.Fprintln(os.Stderr, "and send the output to info@smallstep.com")
-			os.Exit(2)
 		}
+
+		fmt.Fprintln(os.Stderr, "Something unexpected happened.")
+		fmt.Fprintln(os.Stderr, "If you want to help us debug the problem, please run:")
+		fmt.Fprintf(os.Stderr, "STEPDEBUG=1 %s\n", strings.Join(os.Args, " "))
+		fmt.Fprintln(os.Stderr, "and send the output to info@smallstep.com")
+		os.Exit(2)
 	}
 }
 

command/certificate/p12.go

@@ -1,7 +1,6 @@
 package certificate
 
 import (
-	"crypto/rand"
 	"crypto/x509"
 	"fmt"
 
@@ -23,7 +22,7 @@ func p12Command() cli.Command {
 		Action: command.ActionFunc(p12Action),
 		Usage:  `package a certificate and keys into a .p12 file`,
 		UsageText: `step certificate p12 <p12-path> [<crt-path>] [<key-path>]
-[**--ca**=<file>] [**--password-file**=<file>]`,
+[**--ca**=<file>] [**--password-file**=<file>] [**--legacy**]`,
 		Description: `**step certificate p12** creates a .p12 (PFX / PKCS12)
 file containing certificates and keys. This can then be used to import
 into Windows / Firefox / Java applications.
@@ -56,7 +55,15 @@ Package a certificate and private key with an empty password:
 
 '''
 $ step certificate p12 --no-password --insecure foo.p12 foo.crt foo.key
-'''`,
+'''
+
+Package a certificate and private key using a legacy encoder,
+
+'''
+$ step certificate p12 --legacy foo.p12 foo.crt foo.key
+'''
+
+`,
 		Flags: []cli.Flag{
 			cli.StringSliceFlag{
 				Name: "ca",
@@ -69,6 +76,10 @@ multiple CAs or intermediates.`,
 				Usage: `The path to the <file> containing the password to encrypt the .p12 file.`,
 			},
 			flags.NoPassword,
+			cli.BoolFlag{
+				Name:  "legacy",
+				Usage: "Encodes PKCS#12 files using the algorithms that were traditionally used, PBE+SHA1+RC2 for certificates and PBE+SHA1+3DES for keys.",
+			},
 			flags.Force,
 			flags.Insecure,
 		},
@@ -86,6 +97,11 @@ func p12Action(ctx *cli.Context) error {
 	caFiles := ctx.StringSlice("ca")
 	hasKeyAndCert := crtFile != "" && keyFile != ""
 
+	encoder := pkcs12.Modern
+	if ctx.Bool("legacy") {
+		encoder = pkcs12.LegacyRC2
+	}
+
 	// If either key or cert are provided, both must be provided
 	if !hasKeyAndCert && (crtFile != "" || keyFile != "") {
 		return errs.MissingArguments(ctx, "key_file")
@@ -150,7 +166,7 @@ func p12Action(ctx *cli.Context) error {
 		// Any remaining certs will be intermediates for the server
 		x509CAs = append(x509CAs, x509CertBundle[1:]...)
 
-		pkcs12Data, err = pkcs12.Encode(rand.Reader, key, x509Cert, x509CAs, password)
+		pkcs12Data, err = encoder.Encode(key, x509Cert, x509CAs, password)
 		if err != nil {
 			return errs.Wrap(err, "failed to encode PKCS12 data")
 		}
@@ -163,7 +179,7 @@ func p12Action(ctx *cli.Context) error {
 				FriendlyName: fmt.Sprintf("%s - %s", cert.Subject.String(), x509util.Fingerprint(cert)),
 			})
 		}
-		pkcs12Data, err = pkcs12.EncodeTrustStoreEntries(rand.Reader, certsWithFriendlyNames, password)
+		pkcs12Data, err = encoder.EncodeTrustStoreEntries(certsWithFriendlyNames, password)
 		if err != nil {
 			return errs.Wrap(err, "failed to encode PKCS12 data")
 		}

command/crypto/jwe/decrypt.go

@@ -48,7 +48,7 @@ used with **--jwks** (a JWK Set) the KID value must match the **"kid"** member o
 one of the JWKs in the JWK Set.`,
 			},
 			cli.StringFlag{
-				Name: "password-file",
+				Name:  "password-file",
 				Usage: `The path to the <file> containing the password to encrypt the keys.`,
 			},
 		},

command/oauth/cmd.go

@@ -44,10 +44,12 @@ import (
 // Google is also distributing the client ID and secret on the cloud SDK
 // available here https://cloud.google.com/sdk/docs/quickstarts
 const (
+	//nolint:gosec // This is a client meant for open source testing. The client has no security access or roles.
 	defaultClientID = "1087160488420-8qt7bavg3qesdhs6it824mhnfgcfe8il.apps.googleusercontent.com"
 	//nolint:gosec // This is a client meant for open source testing. The client has no security access or roles.
 	defaultClientNotSoSecret = "udTrOT3gzrO7W9fDPgZQLfYJ"
 
+	//nolint:gosec // This is a client meant for open source testing. The client has no security access or roles.
 	defaultDeviceAuthzClientID = "1087160488420-1u0jqoulmv3mfomfh6fhkfs4vk4bdjih.apps.googleusercontent.com"
 	//nolint:gosec // This is a client meant for open source testing. The client has no security access or roles.
 	defaultDeviceAuthzClientNotSoSecret = "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"

go.mod

@@ -32,7 +32,7 @@ require (
 	golang.org/x/term v0.15.0
 	google.golang.org/protobuf v1.31.0
 	gopkg.in/square/go-jose.v2 v2.6.0
-	software.sslmate.com/src/go-pkcs12 v0.2.1
+	software.sslmate.com/src/go-pkcs12 v0.4.0
 )
 
 require (

go.sum

@@ -613,5 +613,5 @@ howett.net/plist v1.0.0 h1:7CrbWYbPPO/PyNy38b2EB/+gYbjCe2DXBxgtOOZbSQM=
 howett.net/plist v1.0.0/go.mod h1:lqaXoTrLY4hg8tnEzNru53gicrbv7rrk+2xJA/7hw9g=
 k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg=
 k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
-software.sslmate.com/src/go-pkcs12 v0.2.1 h1:tbT1jjaeFOF230tzOIRJ6U5S1jNqpsSyNjzDd58H3J8=
+software.sslmate.com/src/go-pkcs12 v0.4.0 h1:H2g08FrTvSFKUj+D309j1DPfk5APnIdAQAB8aEykJ5k=
-software.sslmate.com/src/go-pkcs12 v0.2.1/go.mod h1:Qiz0EyvDRJjjxGyUQa2cCNZn/wMyzrRJ/qcDXOQazLI=
+software.sslmate.com/src/go-pkcs12 v0.4.0/go.mod h1:Qiz0EyvDRJjjxGyUQa2cCNZn/wMyzrRJ/qcDXOQazLI=