Is there a plan to support PKCS#1, PKCS#7, PKCS#12 ?
And, I don't want to use openssl to do this, so I found this - polarssl.
But now, there is no interface to do what I want.
So Is there a plan to support PKCS#1, PKCS#7, PKCS#12?
PKCS#1 - sign/verify interface.
PKCS#7 - sign/verify interface.
PKCS#12 - pfx file parser.
PKCS#7 and PKCS#12 are not supported at the moment.
Is PKCS#12 supported in 1.28 or 1.30?
PKCS#12 will be added in 1.3.1 or 1.3.2.
Has PKCS12 file support been added? If not, is there an ETA for it?
Please forgive me if I missed it, but I was looking through the release notes and commit history for 1.3.2 and 1.3.1 and did not see any updates. Thank you.
You are correct. It's not in there and we did promise earlier.
PKCS#12 really is a hell of a 'standard'. It's not pretty and it's ambiguous. And most software that generates PKCS#12 files use insecure ciphers (RC2 / single-DES).
We do understand the need for it from some people and we also don't want to include inherently insecure code. So we kind of a have mixed feelings here.
We have an initial implementation in an internal draft branch. We intend to finish it up and include it in a future release. We do want to do it right and allow secure-only-use-by-default and insecure-use-by-explicit-activation. At this point I cannot predict / promise a release date.
Any update as to when this feature will be released?
Not yet. We are currently busy with some other big features that we feel have a higher priority. Based on current planning, the earliest we will start working on PKCS#12 will be June / July of this year.
Any update on PKCS#7 parsing?
Unfortunately, there is no update on this feature.
Mbed TLS Team member
Has PKCS12 file support been added?