From 8a0dfacb58d7a3600f66b319bdc0661fb19ad5a9 Mon Sep 17 00:00:00 2001 From: Marcos Del Sol Vives Date: Sun, 6 Nov 2016 12:22:25 +0100 Subject: [PATCH 1/4] Compile PBES2 in PKCS5 only if ASN1 is enabled --- library/pkcs5.c | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/library/pkcs5.c b/library/pkcs5.c index 95f44fa98b..6a5128a849 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -38,11 +38,13 @@ #if defined(MBEDTLS_PKCS5_C) #include "mbedtls/pkcs5.h" +#include + +#if defined(MBEDTLS_ASN1_PARSE_C) #include "mbedtls/asn1.h" #include "mbedtls/cipher.h" #include "mbedtls/oid.h" - -#include +#endif #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" @@ -51,6 +53,22 @@ #define mbedtls_printf printf #endif +#if !defined(MBEDTLS_ASN1_PARSE_C) +int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t datalen, + unsigned char *output ) +{ + ((void) pbe_params); + ((void) mode); + ((void) pwd); + ((void) pwdlen); + ((void) data); + ((void) datalen); + ((void) output); + return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); +} +#else static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, mbedtls_asn1_buf *salt, int *iterations, int *keylen, mbedtls_md_type_t *md_type ) @@ -211,6 +229,7 @@ exit: return( ret ); } +#endif /* MBEDTLS_ASN1_PARSE_C */ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password, size_t plen, const unsigned char *salt, size_t slen, From af9a486b0138709bea86b53c116faa457d96754f Mon Sep 17 00:00:00 2001 From: Andres Amaya Garcia Date: Tue, 27 Mar 2018 20:53:07 +0100 Subject: [PATCH 2/4] Fix coding style in pkcs5.c preprocessor directives --- library/pkcs5.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/library/pkcs5.c b/library/pkcs5.c index 6a5128a849..440a174b5b 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -38,13 +38,14 @@ #if defined(MBEDTLS_PKCS5_C) #include "mbedtls/pkcs5.h" -#include #if defined(MBEDTLS_ASN1_PARSE_C) #include "mbedtls/asn1.h" #include "mbedtls/cipher.h" #include "mbedtls/oid.h" -#endif +#endif /* MBEDTLS_ASN1_PARSE_C */ + +#include #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" From 576d47470468759739fd086a026208eb294892cb Mon Sep 17 00:00:00 2001 From: Andres Amaya Garcia Date: Tue, 27 Mar 2018 20:53:56 +0100 Subject: [PATCH 3/4] Fix test dependencies of pkcs5 pbs2 on asn1 parse --- tests/suites/test_suite_pkcs5.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function index 3ad64805fd..98546cb731 100644 --- a/tests/suites/test_suite_pkcs5.function +++ b/tests/suites/test_suite_pkcs5.function @@ -46,7 +46,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ void mbedtls_pkcs5_pbes2( int params_tag, char *params_hex, char *pw_hex, char *data_hex, int ref_ret, char *ref_out_hex ) { From cb47a79e0422c3cda9c3915076dc4a11fa756acf Mon Sep 17 00:00:00 2001 From: Andres Amaya Garcia Date: Tue, 27 Mar 2018 21:19:50 +0100 Subject: [PATCH 4/4] Add ChangeLog entry for PBES2 when ASN1 disabled --- ChangeLog | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ChangeLog b/ChangeLog index c0759b2b25..77f3f85071 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,6 +10,9 @@ Changes * Remove some redundant code in bignum.c. Contributed by Alexey Skalozub. * Support cmake build where Mbed TLS is a subproject. Fix contributed independently by Matthieu Volat and Arne Schwabe. + * Provide an empty implementation of mbedtls_pkcs5_pbes2() when + MBEDTLS_ASN1_PARSE_C is not enabled. This allows the use of PBKDF2 + without PBES2. Fixed by Marcos Del Sol Vives. = mbed TLS 2.8.0 branch released 2018-03-16