These defaults are: AES password based encryption (PBES2 with PBKDF2 and
AES-256-CBC) for private keys and certificates, the PBKDF2 and MAC key
derivation iteration count of B<PKCS12_DEFAULT_ITER> (currently 2048), and
-MAC algorithm HMAC with SHA2-256.
+MAC algorithm HMAC with SHA2-256. The MAC key derivation algorithm used
+for the outer PKCS#12 structure is PKCS12KDF.
The default MAC iteration count is 1 in order to retain compatibility with
old software which did not interpret MAC iteration counts. If such compatibility
should be used.
I<mac_iter> can be set to -1 and the MAC will then be omitted entirely.
+This can be useful when running with the FIPS provider as the PKCS12KDF
+is not a FIPS approvable algorithm.
PKCS12_create() makes assumptions regarding the encoding of the given pass
phrase.
=head1 SEE ALSO
+L<EVP_KDF-PKCS12KDF(7)>,
L<d2i_PKCS12(3)>,
+L<OSSL_PROVIDER-FIPS(7)>,
L<passphrase-encoding(7)>
=head1 HISTORY
PKCS12_gen_mac() generates an HMAC over the entire PKCS#12 object using the
supplied password along with a set of already configured parameters.
+The default key generation mechanism used is PKCS12KDF.
PKCS12_verify_mac() verifies the PKCS#12 object's HMAC using the supplied
password.
=head1 SEE ALSO
L<d2i_PKCS12(3)>,
+L<EVP_KDF-PKCS12KDF(7)>,
L<PKCS12_create(3)>,
L<passphrase-encoding(7)>
=head1 NOTES
+This algorithm is not available in the FIPS provider as it is not FIPS
+approvable.
+
A typical application of this algorithm is to derive keying material for an
encryption algorithm from a password in the "pass", a salt in "salt",
and an iteration count.
L<EVP_KDF_CTX_free(3)>,
L<EVP_KDF_CTX_set_params(3)>,
L<EVP_KDF_derive(3)>,
-L<EVP_KDF(3)/PARAMETERS>
+L<EVP_KDF(3)/PARAMETERS>,
+L<OSSL_PROVIDER-FIPS(7)>
=head1 HISTORY
derivation function which supports these parameters. This includes
L<EVP_PBE_CipherInit_ex(3)>, L<EVP_PBE_find_ex(3)> and L<EVP_PBE_scrypt_ex(3)>.
+=head4 PKCS#12 KDF versus FIPS
+
+Unlike in 1.x.y, the PKCS12KDF algorithm used when a PKCS#12 structure
+is created with a MAC that does not work with the FIPS provider as the PKCS12KDF
+is not a FIPS approvable mechanism.
+
+See L<EVP_KDF-PKCS12KDF(7)>, L<PKCS12_create(3)>, L<openssl-pkcs12(1)>,
+L<OSSL_PROVIDER-FIPS(7)>.
+
=head4 Windows thread synchronization changes
Windows thread synchronization uses read/write primitives (SRWLock) when
projects / thirdparty / openssl.git / commitdiff
