utzig closed pull request #119: Fix pbkdf2 hash URL: https://github.com/apache/mynewt-newt/pull/119
This is a PR merged from a forked repository. As GitHub hides the original diff on merge, it is displayed below for the sake of provenance: As this is a foreign pull request (from a fork), the diff is supplied below (as it won't show otherwise due to GitHub magic): diff --git a/newt/image/encrypted.go b/newt/image/encrypted.go index 9d8ce58..0547e2f 100644 --- a/newt/image/encrypted.go +++ b/newt/image/encrypted.go @@ -24,20 +24,25 @@ import ( "crypto/aes" "crypto/cipher" "crypto/sha1" + "crypto/sha256" "crypto/x509" "crypto/x509/pkix" "encoding/asn1" "fmt" + "hash" "golang.org/x/crypto/pbkdf2" "golang.org/x/crypto/ssh/terminal" ) var ( - oidPbes2 = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 13} - oidPbkdf2 = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 12} - oidAes128CBC = asn1.ObjectIdentifier{2, 16, 840, 1, 101, 3, 4, 1, 2} - oidAes256CBC = asn1.ObjectIdentifier{2, 16, 840, 1, 101, 3, 4, 1, 42} + oidPbes2 = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 13} + oidPbkdf2 = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 12} + oidHmacWithSha1 = asn1.ObjectIdentifier{1, 2, 840, 113549, 2, 7} + oidHmacWithSha224 = asn1.ObjectIdentifier{1, 2, 840, 113549, 2, 8} + oidHmacWithSha256 = asn1.ObjectIdentifier{1, 2, 840, 113549, 2, 9} + oidAes128CBC = asn1.ObjectIdentifier{2, 16, 840, 1, 101, 3, 4, 1, 2} + oidAes256CBC = asn1.ObjectIdentifier{2, 16, 840, 1, 101, 3, 4, 1, 42} ) // We only support a narrow set of possible key types, namely the type @@ -65,9 +70,12 @@ type pbes2 struct { type pbkdf2Param struct { Salt []byte IterCount int + HashFunc pkix.AlgorithmIdentifier // Optional and default values omitted, and unsupported. } +type hashFunc func() hash.Hash + func parseEncryptedPrivateKey(der []byte) (key interface{}, err error) { var wrapper pkcs5 if _, err = asn1.Unmarshal(der, &wrapper); err != nil { @@ -90,6 +98,18 @@ func parseEncryptedPrivateKey(der []byte) (key interface{}, err error) { return nil, err } + var hashNew hashFunc + switch { + case kdfParam.HashFunc.Algorithm.Equal(oidHmacWithSha1): + hashNew = sha1.New + case kdfParam.HashFunc.Algorithm.Equal(oidHmacWithSha224): + hashNew = sha256.New224 + case kdfParam.HashFunc.Algorithm.Equal(oidHmacWithSha256): + hashNew = sha256.New + default: + return nil, fmt.Errorf("pkcs5: Unsupported hash: %v", pbparm.EncryptionScheme.Algorithm) + } + // Get the encryption used. size := 0 var iv []byte @@ -108,15 +128,15 @@ func parseEncryptedPrivateKey(der []byte) (key interface{}, err error) { return nil, fmt.Errorf("pkcs5: Unsupported cipher: %v", pbparm.EncryptionScheme.Algorithm) } - return unwrapPbes2Pbkdf2(&kdfParam, size, iv, wrapper.Encrypted) + return unwrapPbes2Pbkdf2(&kdfParam, size, iv, hashNew, wrapper.Encrypted) } -func unwrapPbes2Pbkdf2(param *pbkdf2Param, size int, iv []byte, encrypted []byte) (key interface{}, err error) { +func unwrapPbes2Pbkdf2(param *pbkdf2Param, size int, iv []byte, hashNew hashFunc, encrypted []byte) (key interface{}, err error) { pass, err := getPassword() if err != nil { return nil, err } - cryptoKey := pbkdf2.Key(pass, param.Salt, param.IterCount, size, sha1.New) + cryptoKey := pbkdf2.Key(pass, param.Salt, param.IterCount, size, hashNew) block, err := aes.NewCipher(cryptoKey) if err != nil { ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services