[gnutls-devel] GnuTLS | Support PBMAC1 usage in PKCS#12 (!1833)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Apr 30 13:48:51 CEST 2024
Daiki Ueno commented on a discussion on lib/includes/gnutls/pkcs12.h: https://gitlab.com/gnutls/gnutls/-/merge_requests/1833#note_1887218368
> gnutls_pkcs12_bag_t bag);
> int gnutls_pkcs12_set_bag(gnutls_pkcs12_t pkcs12, gnutls_pkcs12_bag_t bag);
>
> +typedef enum gnutls_pkcs12_flags_t {
> + GNUTLS_PKCS12_USE_PBMAC1 = 1
> +} gnutls_pkcs12_flags_t;
> +
> int gnutls_pkcs12_generate_mac(gnutls_pkcs12_t pkcs12, const char *pass);
> int gnutls_pkcs12_generate_mac2(gnutls_pkcs12_t pkcs12,
> gnutls_mac_algorithm_t mac, const char *pass);
> +int gnutls_pkcs12_generate_mac3(gnutls_pkcs12_t pkcs12,
> + gnutls_mac_algorithm_t mac, const char *pass,
> + unsigned int flags);
That is true. On the other hand, if we really want that control, maybe we could extend the `gnutls_pkcs12` API, e.g., adding a function like:
```c
int gnutls_pkcs12_set_kdf(gnutls_pkcs12_t pkcs12, ...);
```
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1833#note_1887218368
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20240430/8dc01511/attachment.html>
More information about the Gnutls-devel
mailing list