x/crypto/pkcs12: incorrect results when using pbkdf with SHA265 as hash function #22163
Labels
FrozenDueToAge
WaitingForInfo
Issue is not actionable because of missing required information, which needs to be provided.
Milestone
This is for Go 1.9
I've found the (unexported)
pbkdf
function fromx/crypto/pkcs12
gives incorrect results when using a hash function that's not 20 bytes long.I'm working on some code that needs PKCS12 key derivation, and could not make behavior match results I get from existing implementations of my algorithm using bouncycastle* (Java) and forge* (javascript)
I'm using
SHA256
as the hash function (Block size 64, Size 32) andpbkdf
seemed to truncate internal stateA
compared to other implementations.This is due to this code:
where does the
20
come from? I believe this should be block size (u
), and indeed my test cases pass when I change it to that. (this is "Step 7" in the RFC)Testcase:
The text was updated successfully, but these errors were encountered: