[gnutls-devel] GnuTLS | x509: embed "NULL" in PBKDF2 algorithm ID params in PKCS#5 (!1912)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Wed Sep 10 14:12:45 CEST 2025 



Alexander Sosedkin commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1912#note_2742022946


Adds NULL parameters as requested as the second AlgorithmIdentifier sequence member, next to the hmac ID.

Was:
```
    0:d=0  hl=4 l=1910 cons: SEQUENCE
    4:d=1  hl=2 l=  96 cons: SEQUENCE
    6:d=2  hl=2 l=   9 prim: OBJECT            :PBES2
   17:d=2  hl=2 l=  83 cons: SEQUENCE
   19:d=3  hl=2 l=  50 cons: SEQUENCE
   21:d=4  hl=2 l=   9 prim: OBJECT            :PBKDF2
   32:d=4  hl=2 l=  37 cons: SEQUENCE
   34:d=5  hl=2 l=  15 prim: OCTET STRING      {HEX DUMP}:86DD2D7FBC324403D12469BD0A6F54
   51:d=5  hl=2 l=   3 prim: INTEGER           :0927C0
   56:d=5  hl=2 l=   1 prim: INTEGER           :10
   59:d=5  hl=2 l=  10 cons: SEQUENCE
   61:d=6  hl=2 l=   8 prim: OBJECT            :hmacWithSHA256
   71:d=3  hl=2 l=  29 cons: SEQUENCE
   73:d=4  hl=2 l=   9 prim: OBJECT            :aes-128-cbc
   84:d=4  hl=2 l=  16 prim: OCTET STRING      {HEX DUMP}:69FB39FEEAF8C3A5CD96A28FB54E6EEE
  102:d=1  hl=4 l=1808 prim: OCTET STRING      {HEX DUMP}:...
```

Became (notice the NULL at offt 72):
```
    0:d=0  hl=4 l=1913 cons: SEQUENCE
    4:d=1  hl=2 l=  99 cons: SEQUENCE
    6:d=2  hl=2 l=   9 prim: OBJECT            :PBES2
   17:d=2  hl=2 l=  86 cons: SEQUENCE
   19:d=3  hl=2 l=  53 cons: SEQUENCE
   21:d=4  hl=2 l=   9 prim: OBJECT            :PBKDF2
   32:d=4  hl=2 l=  40 cons: SEQUENCE
   34:d=5  hl=2 l=  17 prim: OCTET STRING      {HEX DUMP}:CCC17A349971E90978D07D59A04CAF5548
   53:d=5  hl=2 l=   2 prim: INTEGER           :2710
   57:d=5  hl=2 l=   1 prim: INTEGER           :10
   60:d=5  hl=2 l=  12 cons: SEQUENCE
   62:d=6  hl=2 l=   8 prim: OBJECT            :hmacWithSHA256
   72:d=6  hl=2 l=   0 prim: NULL
   74:d=3  hl=2 l=  29 cons: SEQUENCE
   76:d=4  hl=2 l=   9 prim: OBJECT            :aes-128-cbc
   87:d=4  hl=2 l=  16 prim: OCTET STRING      {HEX DUMP}:817FAE718F7C4436EBDAFDF911945063
  105:d=1  hl=4 l=1808 prim: OCTET STRING      {HEX DUMP}:...
```

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1912#note_2742022946
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250910/5c3d6b7a/attachment.html>

More information about the Gnutls-devel mailing list