bc-csharp icon indicating copy to clipboard operation
bc-csharp copied to clipboard
verified publisher icon bcgit

SHA1 used as MAC algorithm for PKCS12 format

Open greygreg87 opened this issue 1 year ago • 0 comments

Is your feature request related to a problem or specific use case? Please describe. When writing certificate to PKCS12 format we successfully used solution described in discussion: SetKeyAlgorithm(NistObjectIdentifiers.IdAes256Cbc, PkcsObjectIdentifiers.IdHmacWithSha256) But when we check generated certificate format in openssl tool MAC algorithm is SHA1

Describe the solution you'd like Possibility to configure MAC algorithm

Product deployment Please complete the following information:

  • Deployment format: software,
  • Version: .NET Framework 4.8

Additional context openssl response for command openssl pkcs12 -info -in <cert_name>.p12:

  • for certificate generated using BouncyCastle: image

  • for same certificate imported and exported from Windows: image

We checked the certificate the following tools but always show SHA2: java keytool, keystore explorer, certivity, xca, windows cert store

greygreg87 avatar Dec 10 '24 15:12 greygreg87