Commit 21761bfe authored by Evan Hunt's avatar Evan Hunt

[master] deprecate HMAC in dnssec-keygen, MD5 in rndc-confgen

4785.	[func]		The hmac-md5 algorithm is no longer recommended for
			use with RNDC keys. For compatibility reasons, it
			it is still the default algorithm in rndc-confgen,
			but this will be changed to hmac-sha256 in a future
			release. [RT #42272]

4784.	[func]		The use of dnssec-keygen to generate HMAC keys is
			deprecated in favor of tsig-keygen.  dnssec-keygen
			will print a warning when used for this purpose.
			All HMAC algorithms will be removed from
			dnssec-keygen in a future release. [RT #42272]
parent 969d9235
4785. [func] The hmac-md5 algorithm is no longer recommended for
use with RNDC keys. For compatibility reasons, it
it is still the default algorithm in rndc-confgen,
but this will be changed to hmac-sha256 in a future
release. [RT #42272]
4784. [func] The use of dnssec-keygen to generate HMAC keys is
deprecated in favor of tsig-keygen. dnssec-keygen
will print a warning when used for this purpose.
All HMAC algorithms will be removed from
dnssec-keygen in a future release. [RT #42272]
4783. [test] dnssec: 'check that NOTIFY is sent at the end of 4783. [test] dnssec: 'check that NOTIFY is sent at the end of
NSEC3 chain generation failed' required more time NSEC3 chain generation failed' required more time
on some machines for the IXFR to complete. [RT #46388] on some machines for the IXFR to complete. [RT #46388]
......
...@@ -73,7 +73,7 @@ Usage:\n\ ...@@ -73,7 +73,7 @@ Usage:\n\
%s [-a] [-b bits] [-c keyfile] [-k keyname] [-p port] [-r randomfile] \ %s [-a] [-b bits] [-c keyfile] [-k keyname] [-p port] [-r randomfile] \
[-s addr] [-t chrootdir] [-u user]\n\ [-s addr] [-t chrootdir] [-u user]\n\
-a: generate just the key clause and write it to keyfile (%s)\n\ -a: generate just the key clause and write it to keyfile (%s)\n\
-A alg: algorithm (default hmac-md5)\n\ -A alg: algorithm (default hmac-md5 (deprecated and will change))\n\
-b bits: from 1 through 512, default 256; total length of the secret\n\ -b bits: from 1 through 512, default 256; total length of the secret\n\
-c keyfile: specify an alternate key file (requires -a)\n\ -c keyfile: specify an alternate key file (requires -a)\n\
-k keyname: the name as it will be used in named.conf and rndc.conf\n\ -k keyname: the name as it will be used in named.conf and rndc.conf\n\
...@@ -115,6 +115,7 @@ main(int argc, char **argv) { ...@@ -115,6 +115,7 @@ main(int argc, char **argv) {
const char *randomfile = NULL; const char *randomfile = NULL;
const char *serveraddr = NULL; const char *serveraddr = NULL;
dns_secalg_t alg; dns_secalg_t alg;
isc_boolean_t algset = ISC_FALSE;
const char *algname; const char *algname;
char *p; char *p;
int ch; int ch;
...@@ -153,6 +154,7 @@ main(int argc, char **argv) { ...@@ -153,6 +154,7 @@ main(int argc, char **argv) {
keyonly = ISC_TRUE; keyonly = ISC_TRUE;
break; break;
case 'A': case 'A':
algset = ISC_TRUE;
algname = isc_commandline_argument; algname = isc_commandline_argument;
alg = alg_fromtext(algname); alg = alg_fromtext(algname);
if (alg == DST_ALG_UNKNOWN) if (alg == DST_ALG_UNKNOWN)
...@@ -225,6 +227,20 @@ main(int argc, char **argv) { ...@@ -225,6 +227,20 @@ main(int argc, char **argv) {
if (argc > 0) if (argc > 0)
usage(1); usage(1);
if (alg == DST_ALG_HMACMD5) {
if (algset) {
fprintf(stderr,
"warning: use of hmac-md5 for RNDC keys "
"is deprecated; hmac-sha256 is now "
"recommended.\n");
} else {
fprintf(stderr,
"warning: the default algorithm hmac-md5 "
"is deprecated and will be\n"
"changed to hmac-sha256 in a future release\n")
}
}
if (keysize < 0) if (keysize < 0)
keysize = alg_bits(alg); keysize = alg_bits(alg);
algname = alg_totext(alg); algname = alg_totext(alg);
......
...@@ -128,8 +128,12 @@ ...@@ -128,8 +128,12 @@
<para> <para>
Specifies the algorithm to use for the TSIG key. Available Specifies the algorithm to use for the TSIG key. Available
choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256, choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
hmac-sha384 and hmac-sha512. The default is hmac-md5 or hmac-sha384 and hmac-sha512. The default is hmac-md5, or
if MD5 was disabled hmac-sha256. if MD5 was disabled at compile time, hmac-sha256.
</para>
<para>
Note: Use of hmac-md5 is no longer recommended, and the default
value will be changed to hmac-sha256 in a future release.
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
......
...@@ -582,6 +582,16 @@ main(int argc, char **argv) { ...@@ -582,6 +582,16 @@ main(int argc, char **argv) {
INSIST((alg != DNS_KEYALG_RSAMD5) && (alg != DST_ALG_HMACMD5)); INSIST((alg != DNS_KEYALG_RSAMD5) && (alg != DST_ALG_HMACMD5));
#endif #endif
if (alg == DST_ALG_HMACMD5 || alg == DST_ALG_HMACSHA1 ||
alg == DST_ALG_HMACSHA224 || alg == DST_ALG_HMACSHA256 ||
alg == DST_ALG_HMACSHA384 || alg == DST_ALG_HMACSHA512)
{
fprintf(stderr,
"Use of dnssec-keygen for HMAC keys is "
"deprecated: use tsig-keygen\n");
}
if (!dst_algorithm_supported(alg)) if (!dst_algorithm_supported(alg))
fatal("unsupported algorithm: %d", alg); fatal("unsupported algorithm: %d", alg);
......
...@@ -122,12 +122,19 @@ ...@@ -122,12 +122,19 @@
of <option>algorithm</option> must be one of RSAMD5, RSASHA1, of <option>algorithm</option> must be one of RSAMD5, RSASHA1,
DSA, NSEC3RSASHA1, NSEC3DSA, RSASHA256, RSASHA512, ECCGOST, DSA, NSEC3RSASHA1, NSEC3DSA, RSASHA256, RSASHA512, ECCGOST,
ECDSAP256SHA256, ECDSAP384SHA384, ED25519 or ED448. For ECDSAP256SHA256, ECDSAP384SHA384, ED25519 or ED448. For
TSIG/TKEY keys, the value must be one of DH (Diffie Hellman), TKEY and SIG(0) keys, the value must be DH (Diffie Hellman);
HMAC-MD5, HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, HMAC-SHA384, specifying this value will automatically set the
or HMAC-SHA512; specifying any of these algorithms will <option>-T KEY</option> option as well.
automatically set the <option>-T KEY</option> option as well. </para>
(Note: <command>tsig-keygen</command> produces TSIG keys in a <para>
more useful format than <command>dnssec-keygen</command>.) TSIG keys can also by generated by setting the value to
one of HMAC-MD5, HMAC-SHA1, HMAC-SHA224, HMAC-SHA256,
HMAC-SHA384, or HMAC-SHA512. As with DH, specifying these
values will automatically set <option>-T KEY</option>. Note,
however, that <command>tsig-keygen</command> produces TSIG keys
in a more useful format. These algorithms have been deprecated
in <command>dnssec-keygen</command>, and will be removed in a
future release.
</para> </para>
<para> <para>
These values are case insensitive. In some cases, abbreviations These values are case insensitive. In some cases, abbreviations
...@@ -138,8 +145,8 @@ ...@@ -138,8 +145,8 @@
</para> </para>
<para> <para>
As of BIND 9.12.0, this option is mandatory except when using As of BIND 9.12.0, this option is mandatory except when using
the <option>-S</option> option (which copies the algorithm from the <option>-S</option> option, which copies the algorithm from
the predecessor key). Previously, the default for newly the predecessor key. Previously, the default for newly
generated keys was RSASHA1. generated keys was RSASHA1.
</para> </para>
</listitem> </listitem>
......
...@@ -477,6 +477,28 @@ ...@@ -477,6 +477,28 @@
they are set. they are set.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
The use of <command>dnssec-keygen</command> to generate
HMAC keys for TSIG authentication has been deprecated in favor
of <command>tsig-keygen</command>. If the algorithms HMAC-MD5,
HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, HMAC-SHA384, or
HMAC-SHA512 are specified, <command>dnssec-keygen</command>
will print a warning message. These algorithms will be
removed from <command>dnssec-keygen</command> entirely in
a future release. [RT #42272]
</para>
</listitem>
<listitem>
<para>
The use of HMAC-MD5 for RNDC keys is no longer recommended.
For compatibility, this is still the default algorithm generated
by <command>rndc-confgen</command>, but it will print a
warning message. The default algorithm in
<command>rndc-confgen</command> will be changed to HMAC-SHA256
in a future release. [RT #42272]
</para>
</listitem>
</itemizedlist> </itemizedlist>
</section> </section>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment