openssl_pkcs12: add cryptography backend #21
Labels
enhancement
New feature or request
Comments
|
cryptography has now basic PKCS12 suport: https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization/#pkcs12 It seems to be too limited for what the openssl_pkcs12 module offers, though, so it's not usable for us yet. |
|
Looks like it was added in pyca/cryptography#5325 to cryptography. Let's hope they expand on it. |
|
What's currently missing to replicate the current behavior is the ability to read the 'friendly name' from the PKCS#12 file. I've created pyca/cryptography#5760 for that. |
|
resolved_by #234. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
SUMMARY
The
openssl_pkcs12module should support a cryptography backend, so PyOpenSSL can be deprecated / removed eventually. Currently cryptography does not support PKCS12, though, so some preliminary work on adding PKCS12 support to cryptography is needed. Also, this means that deprecating the PyOpenSSL backend would need to be done much later than for other modules, since a new enough cryptography supporting the new features (which aren't there yet) will take some years to trickle through.(Migration of ansible/ansible#59905)
ISSUE TYPE
COMPONENT NAME
openssl_pkcs12
The text was updated successfully, but these errors were encountered: