On Fri, Jul 02, 2004 at 10:51:52PM +0200, Dr. Stephen Henson wrote: [...] > OpenSSL already supports various private key formats which only use FIPS > approved algorithms, for example PKCS#8 with PKCS#5 v2.0. That means that one > solution is to just change the behaviour of PEM_write_PrivateKey() and friends > to call the PKCS#8 variants. The openssl pkcs8 utility can readily convert > between the formats.
I can't remember offhand, but doesn't OpenSSL also support RC2 with PKCS #5 v2.0? In theory you can use any algorithm you want with PKCS #5, as long as you assign it an OID. Generally one uses 3DES with SHA-1, in which case you're clear (FIPS-wise), but RC2 or DES with MD5 is not uncommon. Speaking of which, how does that work, in terms of the FIPS? When reading in, say, a DSA key, if it happens to be encrypted with RC2, and you decrypt the key, are you not FIPS-140 compliant anymore? Because it seems like if the key was unencrypted you could still be FIPS compatible (for level 1, at least). I do think this is a good idea in general. For one thing, PKCS #8 is readable by pretty much everything (for some definitions of everything), while OpenSSL's PEM-ish format is readable by OpenSSL and ... -J ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
