mirror/gmsm
1
0
Fork 0
mirror of https://github.com/emmansun/gmsm.git synced 2025-04-27 20:56:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

doc: supplement PBMAC in pkcs12.md

Browse Source
This commit is contained in:
Sun Yimin 2024-07-03 11:11:09 +08:00 committed by GitHub
parent 58196f9364
commit ffddbdcfec
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/pkcs12.md
View File

@ -43,12 +43,16 @@ PBES1属于老旧遗留算法目前版本未实现。
* AES-CBC-Pad密钥长度支持16/24/32字节
* SM4-CBC-Pad密钥长度支持16字节
#### 数据完整性保护
这里只支持基于密码的完整性保护:**HMAC**。支持的HASH算法有
#### 数据完整性保护(PBMAC)
这里只支持基于密码的完整性保护:**PKCS12-KDF + HMAC**。支持的HASH算法有
* SHA1
* SHA256
* SM3
**PBMAC**目前的实现还是基于**PKCS12-KDF**,将来看情况是否要实现**PBMAC1**,主要看**OpenSSL**的支持进度:
* [Support FIPS-compliant PKCS#12 files and create them by default in FIPS mode](https://github.com/openssl/openssl/issues/24546)
* [RFC 9579 implementation: add PBMAC1 with PBKDF2 to PKCS#12](https://github.com/openssl/openssl/pull/24577)
## PKCS#12的生成
目前只支持下列几种,不支持自由定义: