----- Original Message -----
From: "Dr. Stephen Henson" <st...@openssl.org>
On Thu, Jun 18, 2009, Lior Aharoni wrote:
I have encountered a problem when trying to use OpenSSL command to decode
PKCS12 file, I am using OpenSSL 0.9.8j that was build with FIPS support
enabled.
snip
*
Can someone shed light on why this does not work in FIPS mode? How does
this
functionality contradict the FIPS requirements?
Most browser output PKCS#12 files use 40 bit RC2 to encrypt certificates.
That
algorithm is not permitted in FIPS mode.
Steve.
Aren't PKCS#12 files, when they use password bases key-derivation,
incompatible with FIPS 140-2 full stop?
Carl
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
