Hi, We are using the OpenSSL PKCS#12 features for creating files for import to/from the Microsoft user stores - using PKCS12_parse and PKCS12_create ( nid_key=NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nid_cert=NID_pbe_WithSHA1And40BitRC2_CBC, iter=2000, mac_iter=2000, keytype=0).
Our tests have uncovered an issue where passwords of 32 ASCII chars or larger used on either side (MS store or OpenSSL) result in neither system reading files generated by the other due to MAC verification failure (ERR_GET_LIB(...) == ERR_LIB_PKCS12 && ERR_GET_REASON(...) == PKCS12_R_MAC_VERIFY_FAILURE ) on the PKCS12_parse side and similar password related errors on the certificate import wizard side (assuming PFXVerifyPassword failure in the CryptoAPI). Basically - it would seem that MS's MAC generation is based on a maximum of 32 characters (for example - try exporting from the MS user store with a password greater than 32 chars, re-import the file to the store but only supply the first 32 characters back). Changing the following in the PKCS12_key_gen_uni function in p12_key.c, line 136, from: if(passlen) Plen = v * ((passlen+v-1)/v); to: if(passlen) Plen = v * ((min(passlen,0x40L)+v-1)/v); results in correct operation (from the *limited* testing I've undertaken) for both import to and from OpenSSL and the MS stores - at character lengths >= 32 ASCII chars. This has been tested against 0.9.7d - however I note that p12_key.c hasn't changed in the 0.9.7d release. Is the Microsoft approach correct? If not - is there possible scope for a #define option for users where MS PKCS#12 interop is desirable? (apologies in advance if such an option does exist) Best regards, Deane Sloan ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
