pkcs12: use the correct MAC algorithm for GOST key generation

According to the latest TC-26 requirements, the MAC algorithm used for
PBKDF2 should always be HMAC_GOSTR3411_2012_512.

Signed-off-by: Daiki Ueno <ueno@gnu.org>

diff --git a/NEWS b/NEWS
index adb04a155e412e2d57c8564ce1c9aa0b640ab3d3..ae494e1e408375d40a0517e02e15ad47fcc30245 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -14,6 +14,7 @@ See the end for copying conditions.
 
 ** certtool: Certtool can now generate, manipulate, and evaluate x25519 and
    x448 public keys, private keys, and certificates.
+
 ** libgnutls: disabling a hashing algorithm through "insecure-hash"
    configuration directive now also disables TLS ciphersuites that use it
    as a PRF algorithm.
@@ -24,6 +25,10 @@ See the end for copying conditions.
    use the tpm2tss-genkey tool from tpm2-tss-engine:
    https://github.com/tpm2-software/tpm2-tss-engine/#rsa-operations
 
+** libgnutls: PKCS#12 keys derived using GOST algorithm now uses
+   HMAC_GOSTR3411_2012_512 instead of HMAC_GOSTR3411_2012_256 for
+   integrity, to conform with the latest TC-26 requirements
+
 ** API and ABI modifications:
 GNUTLS_PRIVKEY_FLAG_RSA_PSS_FIXED_SALT_LENGTH: new flag in gnutls_privkey_flags_t
 GNUTLS_VERIFY_RSA_PSS_FIXED_SALT_LENGTH: new flag in gnutls_certificate_verify_flags

diff --git a/lib/x509/pkcs7-crypt.c b/lib/x509/pkcs7-crypt.c
index e714861bfe7aa42cbc08ab1cccf28556a0cfb6e6..4cce52ecf021c94f83d992f9c349dcfc8132991c 100644 (file)
--- a/lib/x509/pkcs7-crypt.c
+++ b/lib/x509/pkcs7-crypt.c
@@ -1569,7 +1569,7 @@ _gnutls_pkcs_generate_key(schema_id schema,
 
        if (p->pbes2 != 0) {
                if (p->schema == PBES2_GOST28147_89_TC26Z)
-                       kdf_params->mac = GNUTLS_MAC_STREEBOG_256;
+                       kdf_params->mac = GNUTLS_MAC_STREEBOG_512;
                else if (p->schema == PBES2_GOST28147_89_CPA ||
                         p->schema == PBES2_GOST28147_89_CPB ||
                         p->schema == PBES2_GOST28147_89_CPC ||