[gnutls-devel] GnuTLS | Legacy algorithms are not supported for PKCS#12 files (#725)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Tue Mar 5 18:47:41 CET 2019


New Issue was created.

Issue 725: https://gitlab.com/gnutls/gnutls/issues/725
Author:    Hubert Kario
Assignee:  

## Description of the feature:
PKCS#12 files that use one of the below-listed PBES1 algorithms cannot be used by gnutls:
 * pbeWithMD5AndRC2-CBC
 * pbeWithSHA1AndRC2-CBC
 * pbeWithSHAAnd128BitRC2-CBC
 * pbeWithMD5AndDES-CBC
 * pbeWithSHA1AndDES-CBC
 * pbeWithSHAAnd2-KeyTripleDES-CBC
 * pbeWithSHAAnd40BitRC4

also PBES2 with rc2-cbc does not work

## Applications that this feature may be relevant to:
`certutil`

## Is this feature implemented in other libraries (and which)
OpenSSL implements all of them, NSS does implement some.

See https://github.com/redhat-qe-security/keyfile-corpus for example test files

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/725
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190305/b13b433f/attachment.html>


More information about the Gnutls-devel mailing list