Skip to content

Commit

Permalink
pem2john.py: Check 'prf algorithm' and reject anything other than 'sha1'
Browse files Browse the repository at this point in the history
  • Loading branch information
@pradkrish @solardiz
pradkrish authored and solardiz committed May 20, 2022
1 parent 5d77839 commit e49fde9
Showing 1 changed file with 7 additions and 2 deletions.
9 changes: 7 additions & 2 deletions run/pem2john.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ def unwrap_pkcs8_data(blob):
if data["encryption_algorithm"]["algorithm"] != "pbes2":
sys.stderr.write("[%s] encryption_algorithm <%s> is not supported currently!\n" %
(sys.argv[0], data["encryption_algorithm"]["algorithm"]))
return False
return True

# encryption data
encrypted_data = data["encrypted_data"]
Expand All @@ -77,8 +77,13 @@ def unwrap_pkcs8_data(blob):
if kdf["algorithm"] != "pbkdf2":
sys.stderr.write("[%s] kdf algorithm <%s> is not supported currently!\n" %
(sys.argv[0], kdf["algorithm"]))
return False
return True
kdf_params = kdf["parameters"]
if kdf_params["prf"]["algorithm"] != "sha1":
sys.stderr.write("[%s] prf algorithm <%s> is not supported currently!\n" %
(sys.argv[0], kdf_params["prf"]["algorithm"]))
return True

salt = kdf_params["salt"]
iterations = kdf_params["iteration_count"]

Expand Down

0 comments on commit e49fde9

Please sign in to comment.