pkcs8: use pbes2::Parameters::recommended#1430
Merged
Conversation
When encrypting private keys, uses the recommended set of parameters from the `pbes2` crate. This uses scrypt with parameters explicitly selected to be compatible with OpenSSL so it's capable of decrypting keys encrypted using the `pkcs8` crate. Closes #429
tarcieri
force-pushed
the
pkcs8/use-pbes2-params-recommended
branch
from
313d5c0 to
ea22440
Compare
Merged
tarcieri
added a commit
that referenced
this pull request
Apr 27, 2026
## Added - Custom error types support to the Decode and DecodeValue traits (#1055) - PrivateKeyInfoRef / PrivateKeyInfoOwned type aliases (#1483) - Implement core::error::Error trait for Error (#2302) - Implement DecodePrivateKey/EncodePrivateKey traits for PrivateKeyInfoOwned (#2306) - KeyError enum (#2305) - ctutils feature (#2308) - getrandom feature (#2311) ## Changed - Eagerly decode PEM labels for better error messages (#1163) - Use pbes2::Parameters::generate_recommended (#1430, #2296) - Make PrivateKeyInfo generic around its backing storage (#1483) - Bump rand_core to 0.9 (#1658) - Use 2024 edition; bump MSRV to 1.85 (#1670) - Bump rand_core to v0.10 (#2198) - Error::KeyMalformed now wraps an inner KeyError for providing more detail (#2305) - Use TryCryptoRng instead of CryptoRng (#2309) ## Removed - subtle feature (#2308)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When encrypting private keys, uses the recommended set of parameters from the
pbes2crate.This uses scrypt with parameters explicitly selected to be compatible with OpenSSL so it's capable of decrypting keys encrypted using the
pkcs8crate.Closes RustCrypto/RSA#429