[gnutls-devel] GnuTLS | Support PBMAC1 usage in PKCS#12 (!1833)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Apr 30 13:15:50 CEST 2024
Hubert Kario (@mention me if you need reply) started a new discussion on lib/includes/gnutls/pkcs12.h: https://gitlab.com/gnutls/gnutls/-/merge_requests/1833#note_1887163607
> gnutls_pkcs12_bag_t bag);
> int gnutls_pkcs12_set_bag(gnutls_pkcs12_t pkcs12, gnutls_pkcs12_bag_t bag);
>
> +typedef enum gnutls_pkcs12_flags_t {
> + GNUTLS_PKCS12_USE_PBMAC1 = 1
> +} gnutls_pkcs12_flags_t;
> +
> int gnutls_pkcs12_generate_mac(gnutls_pkcs12_t pkcs12, const char *pass);
> int gnutls_pkcs12_generate_mac2(gnutls_pkcs12_t pkcs12,
> gnutls_mac_algorithm_t mac, const char *pass);
> +int gnutls_pkcs12_generate_mac3(gnutls_pkcs12_t pkcs12,
> + gnutls_mac_algorithm_t mac, const char *pass,
> + unsigned int flags);
does that mean that there's still no way to set separate hash for the KDF and for the whole file HMAC?
also, what about setting the KDF in general? when we'll add support for scrypt or argon, that will be yet another API... (not to mention all the settings for the particular KDF used...)
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1833#note_1887163607
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20240430/686f04e7/attachment-0001.html>
More information about the Gnutls-devel
mailing list