[gnutls-devel] GnuTLS | Support PBMAC1 usage in PKCS#12 (!1833)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Tue May 14 14:30:45 CEST 2024




Hubert Kario (@mention me if you need reply) started a new discussion on lib/x509/pkcs7-crypt.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1833#note_1904777723

 > +		gnutls_assert();
 > +		goto error;
 > +	}
 > +
 > +	result = read_pbmac1_auth(pasn, &tmp);
 > +	if (result < 0) {
 > +		gnutls_assert();
 > +		goto error;
 > +	}
 > +	*mac = result;
 > +
 > +	/* The keyLength field must present and the minimum is 20 bytes.
 > +	 */
 > +	if (kdf_params->key_size < 20) {
 > +		gnutls_assert();
 > +		result = GNUTLS_E_ILLEGAL_PARAMETER;

Maybe INSUFFICIENT_SECURITY would be better match here?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1833#note_1904777723
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20240514/da0bb306/attachment-0001.html>


More information about the Gnutls-devel mailing list