From 69aebb8d928a473693cfa337bd8d682a4eb852ff Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Thu, 13 Jan 2022 09:36:52 +0100 Subject: [PATCH] pkcs12: use the correct MAC algorithm for GOST key generation According to the latest TC-26 requirements, the MAC algorithm used for PBKDF2 should always be HMAC_GOSTR3411_2012_512. Signed-off-by: Daiki Ueno --- NEWS | 5 +++++ lib/x509/pkcs7-crypt.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index adb04a155e..ae494e1e40 100644 --- a/NEWS +++ b/NEWS @@ -14,6 +14,7 @@ See the end for copying conditions. ** certtool: Certtool can now generate, manipulate, and evaluate x25519 and x448 public keys, private keys, and certificates. + ** libgnutls: disabling a hashing algorithm through "insecure-hash" configuration directive now also disables TLS ciphersuites that use it as a PRF algorithm. @@ -24,6 +25,10 @@ See the end for copying conditions. use the tpm2tss-genkey tool from tpm2-tss-engine: https://github.com/tpm2-software/tpm2-tss-engine/#rsa-operations +** libgnutls: PKCS#12 keys derived using GOST algorithm now uses + HMAC_GOSTR3411_2012_512 instead of HMAC_GOSTR3411_2012_256 for + integrity, to conform with the latest TC-26 requirements + ** API and ABI modifications: GNUTLS_PRIVKEY_FLAG_RSA_PSS_FIXED_SALT_LENGTH: new flag in gnutls_privkey_flags_t GNUTLS_VERIFY_RSA_PSS_FIXED_SALT_LENGTH: new flag in gnutls_certificate_verify_flags diff --git a/lib/x509/pkcs7-crypt.c b/lib/x509/pkcs7-crypt.c index e714861bfe..4cce52ecf0 100644 --- a/lib/x509/pkcs7-crypt.c +++ b/lib/x509/pkcs7-crypt.c @@ -1569,7 +1569,7 @@ _gnutls_pkcs_generate_key(schema_id schema, if (p->pbes2 != 0) { if (p->schema == PBES2_GOST28147_89_TC26Z) - kdf_params->mac = GNUTLS_MAC_STREEBOG_256; + kdf_params->mac = GNUTLS_MAC_STREEBOG_512; else if (p->schema == PBES2_GOST28147_89_CPA || p->schema == PBES2_GOST28147_89_CPB || p->schema == PBES2_GOST28147_89_CPC || -- GitLab