Commit 21761bfe authored by Evan Hunt's avatar Evan Hunt
Browse files

[master] deprecate HMAC in dnssec-keygen, MD5 in rndc-confgen

4785.	[func]		The hmac-md5 algorithm is no longer recommended for
			use with RNDC keys. For compatibility reasons, it
			it is still the default algorithm in rndc-confgen,
			but this will be changed to hmac-sha256 in a future
			release. [RT #42272]

4784.	[func]		The use of dnssec-keygen to generate HMAC keys is
			deprecated in favor of tsig-keygen.  dnssec-keygen
			will print a warning when used for this purpose.
			All HMAC algorithms will be removed from
			dnssec-keygen in a future release. [RT #42272]
parent 969d9235
4785. [func] The hmac-md5 algorithm is no longer recommended for
use with RNDC keys. For compatibility reasons, it
it is still the default algorithm in rndc-confgen,
but this will be changed to hmac-sha256 in a future
release. [RT #42272]
4784. [func] The use of dnssec-keygen to generate HMAC keys is
deprecated in favor of tsig-keygen. dnssec-keygen
will print a warning when used for this purpose.
All HMAC algorithms will be removed from
dnssec-keygen in a future release. [RT #42272]
4783. [test] dnssec: 'check that NOTIFY is sent at the end of
NSEC3 chain generation failed' required more time
on some machines for the IXFR to complete. [RT #46388]
......
......@@ -73,7 +73,7 @@ Usage:\n\
%s [-a] [-b bits] [-c keyfile] [-k keyname] [-p port] [-r randomfile] \
[-s addr] [-t chrootdir] [-u user]\n\
-a: generate just the key clause and write it to keyfile (%s)\n\
-A alg: algorithm (default hmac-md5)\n\
-A alg: algorithm (default hmac-md5 (deprecated and will change))\n\
-b bits: from 1 through 512, default 256; total length of the secret\n\
-c keyfile: specify an alternate key file (requires -a)\n\
-k keyname: the name as it will be used in named.conf and rndc.conf\n\
......@@ -115,6 +115,7 @@ main(int argc, char **argv) {
const char *randomfile = NULL;
const char *serveraddr = NULL;
dns_secalg_t alg;
isc_boolean_t algset = ISC_FALSE;
const char *algname;
char *p;
int ch;
......@@ -153,6 +154,7 @@ main(int argc, char **argv) {
keyonly = ISC_TRUE;
break;
case 'A':
algset = ISC_TRUE;
algname = isc_commandline_argument;
alg = alg_fromtext(algname);
if (alg == DST_ALG_UNKNOWN)
......@@ -225,6 +227,20 @@ main(int argc, char **argv) {
if (argc > 0)
usage(1);
if (alg == DST_ALG_HMACMD5) {
if (algset) {
fprintf(stderr,
"warning: use of hmac-md5 for RNDC keys "
"is deprecated; hmac-sha256 is now "
"recommended.\n");
} else {
fprintf(stderr,
"warning: the default algorithm hmac-md5 "
"is deprecated and will be\n"
"changed to hmac-sha256 in a future release\n")
}
}
if (keysize < 0)
keysize = alg_bits(alg);
algname = alg_totext(alg);
......
......@@ -128,8 +128,12 @@
<para>
Specifies the algorithm to use for the TSIG key. Available
choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
hmac-sha384 and hmac-sha512. The default is hmac-md5 or
if MD5 was disabled hmac-sha256.
hmac-sha384 and hmac-sha512. The default is hmac-md5, or
if MD5 was disabled at compile time, hmac-sha256.
</para>
<para>
Note: Use of hmac-md5 is no longer recommended, and the default
value will be changed to hmac-sha256 in a future release.
</para>
</listitem>
</varlistentry>
......
......@@ -582,6 +582,16 @@ main(int argc, char **argv) {
INSIST((alg != DNS_KEYALG_RSAMD5) && (alg != DST_ALG_HMACMD5));
#endif
if (alg == DST_ALG_HMACMD5 || alg == DST_ALG_HMACSHA1 ||
alg == DST_ALG_HMACSHA224 || alg == DST_ALG_HMACSHA256 ||
alg == DST_ALG_HMACSHA384 || alg == DST_ALG_HMACSHA512)
{
fprintf(stderr,
"Use of dnssec-keygen for HMAC keys is "
"deprecated: use tsig-keygen\n");
}
if (!dst_algorithm_supported(alg))
fatal("unsupported algorithm: %d", alg);
......
......@@ -122,12 +122,19 @@
of <option>algorithm</option> must be one of RSAMD5, RSASHA1,
DSA, NSEC3RSASHA1, NSEC3DSA, RSASHA256, RSASHA512, ECCGOST,
ECDSAP256SHA256, ECDSAP384SHA384, ED25519 or ED448. For
TSIG/TKEY keys, the value must be one of DH (Diffie Hellman),
HMAC-MD5, HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, HMAC-SHA384,
or HMAC-SHA512; specifying any of these algorithms will
automatically set the <option>-T KEY</option> option as well.
(Note: <command>tsig-keygen</command> produces TSIG keys in a
more useful format than <command>dnssec-keygen</command>.)
TKEY and SIG(0) keys, the value must be DH (Diffie Hellman);
specifying this value will automatically set the
<option>-T KEY</option> option as well.
</para>
<para>
TSIG keys can also by generated by setting the value to
one of HMAC-MD5, HMAC-SHA1, HMAC-SHA224, HMAC-SHA256,
HMAC-SHA384, or HMAC-SHA512. As with DH, specifying these
values will automatically set <option>-T KEY</option>. Note,
however, that <command>tsig-keygen</command> produces TSIG keys
in a more useful format. These algorithms have been deprecated
in <command>dnssec-keygen</command>, and will be removed in a
future release.
</para>
<para>
These values are case insensitive. In some cases, abbreviations
......@@ -138,8 +145,8 @@
</para>
<para>
As of BIND 9.12.0, this option is mandatory except when using
the <option>-S</option> option (which copies the algorithm from
the predecessor key). Previously, the default for newly
the <option>-S</option> option, which copies the algorithm from
the predecessor key. Previously, the default for newly
generated keys was RSASHA1.
</para>
</listitem>
......
......@@ -477,6 +477,28 @@
they are set.
</para>
</listitem>
<listitem>
<para>
The use of <command>dnssec-keygen</command> to generate
HMAC keys for TSIG authentication has been deprecated in favor
of <command>tsig-keygen</command>. If the algorithms HMAC-MD5,
HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, HMAC-SHA384, or
HMAC-SHA512 are specified, <command>dnssec-keygen</command>
will print a warning message. These algorithms will be
removed from <command>dnssec-keygen</command> entirely in
a future release. [RT #42272]
</para>
</listitem>
<listitem>
<para>
The use of HMAC-MD5 for RNDC keys is no longer recommended.
For compatibility, this is still the default algorithm generated
by <command>rndc-confgen</command>, but it will print a
warning message. The default algorithm in
<command>rndc-confgen</command> will be changed to HMAC-SHA256
in a future release. [RT #42272]
</para>
</listitem>
</itemizedlist>
</section>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment