From 0f35e53204636ecf2d4fc008df168022805570ce Mon Sep 17 00:00:00 2001 From: Rusty Bird Date: Sat, 5 Nov 2022 10:34:54 +0000 Subject: [PATCH] backup/restore: hardcode MD5 algo for format v2/v3 decryption Old OpenSSL versions (which were used to encrypt format v2 and v3 backups) defaulted to MD5 for key derivation from the password. OpenSSL 1.1.0+ in R4.1+ changed that default (not only for encryption but also for *decryption*) to SHA256: https://github.com/openssl/openssl/commit/f8547f62c212837dbf44fb7e2755e5774a59a57b#diff-5a32e43870f189e8abf5e1b388115b001c9dadc23e582f28b667738857c237b6 Fixes QubesOS/qubes-issues#7852 --- qubesadmin/backup/restore.py | 2 ++ qubesadmin/tests/backup/backupcompatibility.py | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/qubesadmin/backup/restore.py b/qubesadmin/backup/restore.py index 4d9862aa..71fe6c6c 100644 --- a/qubesadmin/backup/restore.py +++ b/qubesadmin/backup/restore.py @@ -679,6 +679,8 @@ def __run__(self): ["openssl", "enc", "-d", "-" + self.crypto_algorithm, + "-md", + "MD5", "-pass", "pass:" + self.passphrase], stdin=subprocess.PIPE, diff --git a/qubesadmin/tests/backup/backupcompatibility.py b/qubesadmin/tests/backup/backupcompatibility.py index 31f50463..617d37be 100644 --- a/qubesadmin/tests/backup/backupcompatibility.py +++ b/qubesadmin/tests/backup/backupcompatibility.py @@ -1142,7 +1142,8 @@ def handle_v3_file(self, f_name, subdir, stream, compressed=True, tar = subprocess.Popen(tar_cmdline, stdout=subprocess.PIPE) if encrypted: encryptor = subprocess.Popen( - ["openssl", "enc", "-e", "-aes-256-cbc", "-pass", "pass:qubes"], + ["openssl", "enc", "-e", "-aes-256-cbc", + "-md", "MD5", "-pass", "pass:qubes"], stdin=tar.stdout, stdout=subprocess.PIPE) tar.stdout.close()