mohitgoyal2011
commented
2 years ago Hi, sorry if this is not the right place to ask. How exactly do you go about using webcrypto-liner with PKIjs ? I am trying to get a PFX generated and working on Windows. And realize that we would need to webcrypto-liner.
`import * as webcryptoliner from 'webcrypto-liner/build'
pkijs.setEngine("webcrypto", new webcryptoliner.Crypto()) //Create a PKCS12 await pkcs12.parsedValue.authenticatedSafe.makeInternalValues( { safeContents: [ { password: pvtsutils.Convert.FromString("password"), contentEncryptionAlgorithm: { name: "DES-CBC", length: 128 }, hmacHashAlgorithm: "SHA-1", iterationCount: 2048 } ] } );`
However, this complains with "DES-CBC" not found. I thought the polyfill would cause this algorithm name to be recognized atleast and then I could deal with the other errors like key length. Any pointers on how to use this would be helpful
So I hate this one but the number one ask from PKIjs users is to be able to open and create PKCS#12 files that Windows will like. Unfortunately, Windows supports old ganky encryption algorithms only for PKCS#12, see https://unmitigatedrisk.com/?p=543 for more information.
To fix this would require us to support 3DES and RC2, both are quite simple algorithms; both of these are implemented in - https://github.com/brix/crypto-js
It seems possible to easily add these two algorithms as an option, this would allow PKIJS to implement pbewithSHAAnd40BitRC2-CBC and pbeWithSHAAnd3-KeyTripleDES-CBC.
@grittygrease has expressed interest for this, it should be an easy addition; maybe he would like to add this some evening ;)