Daiki Ueno commented on a discussion on tests/cert-tests/data/pbmac1_256_256.extended-mac.p12: https://gitlab.com/gnutls/gnutls/-/merge_requests/1851#note_2010170247 Maybe that's because I used pbmac1-simple.p12 as the basis. For extending, I used this patch: ```diff diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c index b3287dfb72..ce14a4eee6 100644 --- a/lib/x509/pkcs12.c +++ b/lib/x509/pkcs12.c @@ -881,7 +881,7 @@ static int generate_mac_pbmac1(gnutls_mac_algorithm_t mac, const struct pbkdf2_params *params, const gnutls_datum_t *data, asn1_node pkcs12) { - uint8_t mac_output_data[MAX_HASH_SIZE]; + uint8_t mac_output_data[MAX_HASH_SIZE * 2]; gnutls_datum_t mac_output; int result; @@ -892,7 +892,8 @@ static int generate_mac_pbmac1(gnutls_mac_algorithm_t mac, } mac_output.data = mac_output_data; - mac_output.size = params->key_size; + memcpy(mac_output_data + params->key_size, mac_output_data, params->key_size); + mac_output.size = params->key_size * 2; result = _gnutls_x509_write_value(pkcs12, "macData.mac.digest", &mac_output); ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1851#note_2010170247 You're receiving this email because of your account on gitlab.com.
_______________________________________________ Gnutls-devel mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-devel
