pkcs5: Parse PRF algorithms if given in PBKDF2-params as defined in RFC 8018
authorTobias Brunner <tobias@strongswan.org>
Mon, 5 Mar 2018 08:45:34 +0000 (09:45 +0100)
committerTobias Brunner <tobias@strongswan.org>
Wed, 7 Mar 2018 14:23:03 +0000 (15:23 +0100)
commit5808467ed107d7bda8c37cc63f77465a2c30acd3
tree1d823be69c1966dfcc800b95c84363a2eda0e589
parente5c5792ff87d6de61d53c5229575c99427caa716
pkcs5: Parse PRF algorithms if given in PBKDF2-params as defined in RFC 8018

We can't use ASN1_DEF, which would technically be more correct, as the
ASN.1 parser currently can't handle that.  For algorithm identifiers we
often use ASN1_EOC as type (with ASN1_RAW), however, that doesn't work with
ASN1_DEF because the element is assumed missing if the type doesn't match.
On the other hand, we can't set the type to ASN1_SEQUENCE because then the
parser skips the following rule if the element is missing (it does so for
all constructed types, but I guess is mainly intended for context tags),
which in this case overruns the parser rules array.
src/libstrongswan/crypto/pkcs5.c