On Tue, Jul 19, 2016, Hubert Kario wrote: > I have few questions now though: > > I've noticed that 1.0.2 uses sha1 hmac for the PRF while the master > uses sha256 > > is there a way to set this? >
Not currently no (at least not from the command line, maybe by delving into the pkcs12 internals). It's determined by the encryption algorithm (if it has a preference: most don't) or the value is hard coded in p5_pbev2.c > also, is there a way to report the MAC algorithm used over the whole > file (the one set using -macalg) > Not from the command line currently. The PKCS12_get0_mac() function can be used to retrieve the X509_ALGOR structure corresponding to the MAC though. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev