Allow label for SP800_108_Counter to include null bytes

Legrandin · Aug 18, 2024 · 4f77bb8 · 4f77bb8
1 parent e76a488
commit 4f77bb8
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 5 deletions.
diff --git a/lib/Crypto/Protocol/KDF.py b/lib/Crypto/Protocol/KDF.py
@@ -616,9 +616,6 @@ def SP800_108_Counter(master, key_len, prf, num_keys=None, label=b'', context=b'
     if num_keys is None:
         num_keys = 1
 
-    if label.find(b'\x00') != -1:
-        raise ValueError("Null byte found in label")
-
     if context.find(b'\x00') != -1:
         raise ValueError("Null byte found in context")
 

diff --git a/lib/Crypto/SelfTest/Protocol/test_KDF.py b/lib/Crypto/SelfTest/Protocol/test_KDF.py
@@ -720,8 +720,10 @@ def test_negative_zeroes(self):
         def prf(s, x):
             return HMAC.new(s, x, SHA256).digest()
 
-        self.assertRaises(ValueError, SP800_108_Counter, b'0' * 16, 1, prf,
-                          label=b'A\x00B')
+        try:
+            _ = SP800_108_Counter(b'0' * 16, 1, prf, label=b'A\x00B')
+        except ValueError:
+            self.fail('SP800_108_Counter failed with zero in label')
         self.assertRaises(ValueError, SP800_108_Counter, b'0' * 16, 1, prf,
                           context=b'A\x00B')