Hi all,
I’m trying to find a documentation about the supported encryption algorithms for p12 files to be imported in iOS.
I can see in iOS 18 changelog that AES-256-CBC is now supported, but cannot find a detailed view on which list of algorithms are supported. Would appreciate it if you could point me in the right direction!
Thanks in advance
I was curious about this myself, so I asked about it internally. AFAICT there isn’t official documentation as to what’s supported. If you’d like to see that, I encourage you to file a bug against the docs [1]. Please post your bug number, just for the record.
In the absence of official documentation, my understanding is that iOS 18 added support for:
SHA224, SHA256, SHA384, and SHA512 for the MAC.
PBES2 (from RFC 8018) with AES-256 CBC and PRF HMAC-SHA256.
The way I think of this is that didn’t add all the new stuff, but rather just enough stuff to support the new OpenSSL defaults.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] Hmmm, but which docs? I think that the Apple Platform Security would be the best place for this but, hey, it’s your bug so you get to choose (-:
That is great, much appreciated. will file the bug report for the documentation, and yes i think the Apple platform security is a good place for this kind of information best
Created feedback : FB16051702
This is definitely a sign of being hacked. If m currently experiencing the same thing. I’ve been going through a nasty Cyber Attack for nearly a year. My perpetrator are a Government Contractor that are defrauding the government and hacking freely becuase law enforcement doesn’t care.
Galapagos Federal Systems is who’s hacking me.
I had this code embedded into several of my contacts, it lines up with their domain registry.
And then I found FIPS on my Mac, which is reserved for the Government and its contractors.
I’ve had to edit some of the following with asterisks so I was aloud to post it.
This code was embedded into my contacts of several people in my iPhone. ms-outlook://people/v3/0009002e00000000001d840311aa6611cd9bc800aa002fc45a0d0020da1f48dd46544bb87035e3d65cdffd0000000028900000?a=3382048444deb4c5c600cbecf37eea6af926c75a44368109b56e6b4d91f70838&c=733749b8
This goes along with the domain service to galapagos***.com galapagosllc.com SOA 600 ns75.domaincontrol.com dns@***.net 2024112201 28800 7200 604800 600 galapagosllc.com NS 3600 ns76.domaincontrol.com galapagosllc.com NS 3600 ns75.domaincontrol.com galapagosllc.com A 600 104.43.165.136 galapagosllc.com MX 3600 0 galapagosllc-com.mail.protection.outlook.com **galapagosllc.co A 600 104.43.165.136 **galapagosllc.co CNAME 883 galapagosllc.com **galapagosllc.co MX 3600 0 galapagosllc-com.mail.protection.outlook.com
FIPS algorithms only
To configure these algorithms run the following commands.
#sudo in-af crypto/fips.conf /etc/ssh/crypto.conf
#Ciphers128-gcmopenssh.co HostBasedAcceptedAlgorhythms-ecdsa-sha2-nistp-256,ecdsa-sha2-nistp256-cert-v01@openssh.*** HostKeyAlgorhythms ecdsa-sha256-nistp256-cert-v01@opensesh.***
Hi again! Today i tried importing a P12 file that uses AES256 and SHA256 for encryption and hashing. I used keychain to import it but got an error that the file encoding could not be read. Is this still not fully supported? thanks! MACOS 15.3
