[Bug 942856] Re: NetworkManager does not support AES-encrypted private keys for WPA 802.1x authentication

[Sebastien Bacher]

** Description changed:

+ * Impact
+ 
+ Selecting AES-{192,256}-CBC keys to connect isn't working
+ 
+ * Test case
+ 
+ 1. Start with a working (cleartext or DES-3) private key/cert for a network.  Set up a connection and verify that everything works.
+ 2. Re-encrypt the key with AES-256 with this command: "openssl rsa -in working-key.pem -out aes-key.pem -aes256" (the output should have a line starting with "DEK-Info: AES-256-CBC,")
+ 3. Delete the settings for the test network and attempt to reconnect using the new key. 
+ 
+ That should work
+ 
+ * Regression potential
+ 
+ That's new code for an extra type of keys, it shouldn't impact existing
+ options
+ 
+ --------------
+ 
  NetworkManager does not appear to support private keys encrypted with
  AES.  At the very least, it will not validate such a key in nm-util when
  setting up a WPA 802.1x TLS wifi connection.
- 
- To test:
- 
- 1. Start with a working (cleartext or DES-3) private key/cert for a network.  Set up a connection and verify that everything works.
- 2. Re-encrypt the key with AES-256 with this command: "openssl rsa -in working-key.pem -out aes-key.pem -aes256" (the output should have a line starting with "DEK-Info: AES-256-CBC,")
- 3. Delete the settings for the test network and attempt to reconnect using the new key.  Even with the correct passphrase, the "Connect" button will remain disabled; debugging will determine that nm-util is failing to validate the private key.

-- 
You received this bug notification because you are a member of Network-
manager, which is subscribed to NetworkManager.
https://bugs.launchpad.net/bugs/942856

Title:
  NetworkManager does not support AES-encrypted private keys for WPA
  802.1x authentication

To manage notifications about this bug go to:
https://bugs.launchpad.net/network-manager/+bug/942856/+subscriptions