node-webcrypto-ossl icon indicating copy to clipboard operation
node-webcrypto-ossl copied to clipboard
verified publisher icon PeculiarVentures

Support RC2 and 3DES-CBC for PKCS12

Open rmhrisk opened this issue 9 years ago • 1 comments 

Unfortunately, it seems that all versions of Windows (even Windows 10) still produces PKCS #12’s using pbeWithSHAAnd3-KeyTripleDES-CBC for “privacy” of keys and privacy of certificates it uses pbeWithSHAAnd40BitRC2-CBC. It then relies on the HMAC scheme for integrity.
  • https://unmitigatedrisk.com/?p=543

For us to support PKCS#12 in a way an interoperable with Windows we will need to support these weak algorithms. They are not specified in WebCrypto (because they are weak) but we can still choose to support them.

rmhrisk avatar May 18 '16 07:05 rmhrisk

Yep, it will be very nice!

fuson avatar May 27 '17 23:05 fuson