Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable PKCS5 module #265

Open
jethrogb opened this issue May 16, 2023 · 1 comment
Open

Disable PKCS5 module #265

jethrogb opened this issue May 16, 2023 · 1 comment
Labels
TBD Need revisit

Comments

@jethrogb
Copy link
Member

@zvolin and I have been discussing the PKCS5 implementation in MbedTLS and it seems pretty broken and untested. e.g. Mbed-TLS/mbedtls#7038 (comment). We should disable it.
@jethrogb jethrogb mentioned this issue May 17, 2023
Merged
@jhagborgftx jhagborgftx mentioned this issue May 19, 2023
Closed
@Taowyoo
Copy link
Collaborator

Taowyoo commented Jul 18, 2023

From #213, you can see that although I removed the support of pkcs12 support in rust side, I still turn on the C define of it because some other code in C side is actually using pkcs12 (mainly in TLS for parse certificates). And this also applies to pkcs5.

And also the related function pbkdf2_hmac which used pkcs5_pbkdf2_hmac_ext is currently used by our internal projects.
So I think this issue need to be put off or declined.

@Taowyoo Taowyoo added the TBD Need revisit label Sep 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
TBD Need revisit
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

265-disable-pkcs5-module fortanix/rust-mbedtls
Disable PKCS#5 jhagborgftx/rust-mbedtls
2 participants
@jethrogb @Taowyoo