PKCS12 APIs with fips 3.0
Zeke.Evans at microfocus.com
Mon Jan 25 16:53:24 UTC 2021
Many of the PKCS12 APIs (ie: PKCS12_create, PKCS12_parse, PKCS12_verify_mac) do not work in OpenSSL 3.0 when using the fips provider. It looks like that is because they try to load PKCS12KDF which is not implemented in the fips provider. These were all working in 1.0.2 with the fips 2.0 module. Will they be supported in 3.0 with fips? If not, is there a way for applications running in fips approved mode to support the same functionality and use existing stores/files that contain PKCS12 objects?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users