c/minizip-ng
1
0
Fork 0
mirror of https://github.com/zlib-ng/minizip-ng synced 2025-03-28 21:13:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
minizip-ng/test/test.p12
Nicolas Benes 0273af4bde Rewrite test certificates using more modern algorithms 
The test.p12 file use the RC2-CBC and 3DES-CBC algorithms, which
are quite dated and require the `-legacy` option in openssl to read
them.

```console
$ openssl pkcs12 -in test.p12 -info -noout -legacy -passin pass:test
MAC: sha1, Iteration 1
MAC length: 20, salt length: 8
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048
Certificate bag
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
```

Rewrite the test.p12 file with a current openssl (via p12 -> pem -> p12
conversion) to use more modern algorithms which do not require legacy
mode. Rewrite test.pem with a new export of test.p12.

```console
$ openssl pkcs12 -in test.p12 -info -noout -passin pass:test
MAC: sha256, Iteration 2048
MAC length: 32, salt length: 8
PKCS7 Encrypted data: PBES2, PBKDF2, AES-256-CBC, Iteration 2048, PRF hmacWithSHA256
Certificate bag
PKCS7 Data
Shrouded Keybag: PBES2, PBKDF2, AES-256-CBC, Iteration 2048, PRF hmacWithSHA256
```
2022-12-30 13:05:20 -08:00

2.6 KiB
Raw History

View Raw