Merge remote-tracking branch 'upstream-public/pr/1523' into development-proposed

2024-11-22 16:35:41 +01:00 · 2018-03-28 15:32:13 +01:00 · 2018-03-28 15:32:13 +01:00 · 2843d21d99
commit 2843d21d99
parent 5ec118352e cb47a79e04
3 changed files with 24 additions and 1 deletions
--- a/3
+++ b/3
@ -41,6 +41,9 @@ Changes
     leak memory in case the user doesn't use mbedtls_ssl_conf_psk() and
     instead incorrectly manipulates conf->psk and/or conf->psk_identity
     directly. Found and fix submitted by junyeonLEE in #1220.
+   * Provide an empty implementation of mbedtls_pkcs5_pbes2() when
+     MBEDTLS_ASN1_PARSE_C is not enabled. This allows the use of PBKDF2
+     without PBES2. Fixed by Marcos Del Sol Vives.

 = mbed TLS 2.8.0 branch released 2018-03-16

--- a/library/pkcs5.c
+++ b/library/pkcs5.c
@ -38,9 +38,12 @@
 #if defined(MBEDTLS_PKCS5_C)

 #include "mbedtls/pkcs5.h"
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
 #include "mbedtls/asn1.h"
 #include "mbedtls/cipher.h"
 #include "mbedtls/oid.h"
+#endif /* MBEDTLS_ASN1_PARSE_C */

 #include <string.h>

@ -51,6 +54,22 @@
 #define mbedtls_printf printf
 #endif

+#if !defined(MBEDTLS_ASN1_PARSE_C)
+int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
+                 const unsigned char *pwd,  size_t pwdlen,
+                 const unsigned char *data, size_t datalen,
+                 unsigned char *output )
+{
+    ((void) pbe_params);
+    ((void) mode);
+    ((void) pwd);
+    ((void) pwdlen);
+    ((void) data);
+    ((void) datalen);
+    ((void) output);
+    return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
+}
+#else
 static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params,
                                      mbedtls_asn1_buf *salt, int *iterations,
                                      int *keylen, mbedtls_md_type_t *md_type )
@ -211,6 +230,7 @@ exit:

    return( ret );
 }
+#endif /* MBEDTLS_ASN1_PARSE_C */

 int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password,
                       size_t plen, const unsigned char *salt, size_t slen,
--- a/tests/suites/test_suite_pkcs5.function
+++ b/tests/suites/test_suite_pkcs5.function
@ -46,7 +46,7 @@ exit:
 }
 /* END_CASE */

-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
 void mbedtls_pkcs5_pbes2( int params_tag, char *params_hex, char *pw_hex,
                  char *data_hex, int ref_ret, char *ref_out_hex )
 {