|
|
a005ae |
From 0615bf4ad6c7e07cc1b7dee4bded01fe8974ad0b Mon Sep 17 00:00:00 2001
|
|
|
a005ae |
From: Daiki Ueno <dueno@redhat.com>
|
|
|
a005ae |
Date: Wed, 27 Sep 2017 11:11:10 +0200
|
|
|
a005ae |
Subject: [PATCH] pk11wrap: Add backward compatibility with faulty PBES2 AES
|
|
|
a005ae |
schemes
|
|
|
a005ae |
|
|
|
a005ae |
---
|
|
|
a005ae |
lib/pk11wrap/pk11pbe.c | 19 ++++++++++++++++++-
|
|
|
a005ae |
1 file changed, 18 insertions(+), 1 deletion(-)
|
|
|
a005ae |
|
|
|
a005ae |
diff --git a/lib/pk11wrap/pk11pbe.c b/lib/pk11wrap/pk11pbe.c
|
|
|
a005ae |
index bea9333f6..5f68f399e 100644
|
|
|
a005ae |
--- a/lib/pk11wrap/pk11pbe.c
|
|
|
a005ae |
+++ b/lib/pk11wrap/pk11pbe.c
|
|
|
a005ae |
@@ -367,7 +367,24 @@ sec_pkcs5v2_key_length(SECAlgorithmID *algid, SECAlgorithmID *cipherAlgId)
|
|
|
a005ae |
cipherAlg = SECOID_GetAlgorithmTag(cipherAlgId);
|
|
|
a005ae |
|
|
|
a005ae |
if (sec_pkcs5_is_algorithm_v2_aes_algorithm(cipherAlg)) {
|
|
|
a005ae |
- length = sec_pkcs5v2_aes_key_length(cipherAlg);
|
|
|
a005ae |
+ /* Previously, the PKCS#12 files created with the old NSS
|
|
|
a005ae |
+ * releases encoded the maximum key size of AES (that is 32)
|
|
|
a005ae |
+ * in the keyLength field of PBKDF2-params. That resulted in
|
|
|
a005ae |
+ * always performing AES-256 even if AES-128-CBC or
|
|
|
a005ae |
+ * AES-192-CBC is specified in the encryptionScheme field of
|
|
|
a005ae |
+ * PBES2-params. This is wrong, but for compatibility reasons,
|
|
|
a005ae |
+ * check the keyLength field and use the value if it is 32.
|
|
|
a005ae |
+ */
|
|
|
a005ae |
+ if (p5_param.keyLength.data != NULL) {
|
|
|
a005ae |
+ length = DER_GetInteger(&p5_param.keyLength);
|
|
|
a005ae |
+ }
|
|
|
a005ae |
+ /* If the keyLength field is present and contains a value
|
|
|
a005ae |
+ * other than 32, that means the file is created outside of
|
|
|
a005ae |
+ * NSS, which we don't care about. Note that the following
|
|
|
a005ae |
+ * also handles the case when the field is absent. */
|
|
|
a005ae |
+ if (length != 32) {
|
|
|
a005ae |
+ length = sec_pkcs5v2_aes_key_length(cipherAlg);
|
|
|
a005ae |
+ }
|
|
|
a005ae |
} else if (p5_param.keyLength.data != NULL) {
|
|
|
a005ae |
length = DER_GetInteger(&p5_param.keyLength);
|
|
|
a005ae |
} else {
|
|
|
a005ae |
--
|
|
|
a005ae |
2.13.5
|
|
|
a005ae |
|