Open
Bug 1373747
Opened 7 years ago
Updated 2 years ago
Allow use of SHA256 HMAC for PBKDF2 in PKCS#12
Categories
(NSS :: Libraries, enhancement, P3)
Tracking
(Not tracked)
NEW
People
(Reporter: hkario, Unassigned)
Details
pk12util does not allow setting the PRF used for PBKDF2, always using SHA1. While SHA1 HMAC is not yet broken, especially for PRF/KDF use, deprecation of it from all uses is good cryptographic practice. Change the default of the PBKDF2 to SHA256, add APIs/CLI options to set the format for exported file (so it can use SHA-1 for uses where it is necessary).
Updated•7 years ago
|
Priority: -- → P3
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•