Selection of PKCS12 MAC algorithm #1266
Comments
|
We recommend you use pyca/cryptography for this, it has an API to change the MAC algorithm: https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization/#cryptography.hazmat.primitives.serialization.pkcs12.serialize_key_and_certificates |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hello all,
Is there a manner to select the MAC algorithm of the PKCS12 files created with the PKCS12 Object of the library? (https://www.pyopenssl.org/en/latest/api/crypto.html)
I see when the object is created one can select passphrase, iterations and MAC iterations, but nothing about the MAC algorithm. We are generating PKCS12 using this library and, recently, we have faced that the SHA256 is used instead of the previous SHA1. We know this last algorithm is not the recommended one, but we are facing the issue that when we need to use these keystores in Apple computers they cannot be opened because iOS is not compatible with SHA256 in PKCS12 keystores. As a short term solution it would be good to be able to select the algorithm, but we don't see a manner to do it.
Thanks in advance,
Jordi.
The text was updated successfully, but these errors were encountered: