Topic: encrypted PEMs from OpenSSL

Not sure if I should post here or in the wolfCrypt forum...

I'm currently evaluating WolfSSL as a replacement for OpenSSL in our product.

One of the functions we need is the ability to read an encrypted private key that was written with the latest OpenSSL default options.  After some detective work, it looks like those defaults amount to PKCS 5 v2.1 format "AES 256 CBC HMAC SHA 256".  From the code it looks like you have the beginnings of support for PKCS 5 v2.0 but no support for this particular format.

Any chance you can add this support for the newer formats?

Share

Re: encrypted PEMs from OpenSSL

Hi djohnson,

PKCS 5 v2.1 is definitely something we could add but as you noted we don't have it yet. For new feature requests tracking, if it's not too much trouble, could you shoot an email to "support@wolfssl.zendesk.com" so I can more easily track that request.

Also when you send the email could you provide just some high-level overview of the project you are working on, any time-lines you may be aware of for the project etc.

Once I receive the feature request email I'll put you in touch with Rich Kelm and alert him of the request to start discussing the best way to approach this based on your project and any timelines you might have.


Thanks!

Kaleb