pkcs12: Allow verification with structures that support other than HMAC-SHA1 MACs.

1 files changed, 8 insertions, 4 deletions

diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c
index 753a239168..20db721878 100644
--- a/lib/x509/privkey_pkcs8.c
+++ b/lib/x509/privkey_pkcs8.c
@@ -926,7 +926,8 @@ read_pkcs_schema_params(schema_id * schema, const char *password,
 
 		if (enc_params->iv_size) {
 			result =
-			    _gnutls_pkcs12_string_to_key(2 /*IV*/,
+			    _gnutls_pkcs12_string_to_key(mac_to_entry(GNUTLS_MAC_SHA1),
+			    				 2 /*IV*/,
 							 kdf_params->salt,
 							 kdf_params->
 							 salt_size,
@@ -1833,7 +1834,8 @@ decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn,
 				 key_size, key);
 	} else if (p != NULL) { /* PKCS 12 schema */
 		result =
-		    _gnutls_pkcs12_string_to_key(1 /*KEY*/,
+		    _gnutls_pkcs12_string_to_key(mac_to_entry(GNUTLS_MAC_SHA1),
+		    			         1 /*KEY*/,
 						 kdf_params->salt,
 						 kdf_params->salt_size,
 						 kdf_params->iter_count,
@@ -2139,7 +2141,8 @@ generate_key(schema_id schema,
 		}
 	} else { /* PKCS 12 schema */
 		ret =
-		    _gnutls_pkcs12_string_to_key(1 /*KEY*/,
+		    _gnutls_pkcs12_string_to_key(mac_to_entry(GNUTLS_MAC_SHA1),
+		    				 1 /*KEY*/,
 						 kdf_params->salt,
 						 kdf_params->salt_size,
 						 kdf_params->iter_count,
@@ -2155,7 +2158,8 @@ generate_key(schema_id schema,
 		 */
 		if (enc_params->iv_size) {
 			ret =
-			    _gnutls_pkcs12_string_to_key(2 /*IV*/,
+			    _gnutls_pkcs12_string_to_key(mac_to_entry(GNUTLS_MAC_SHA1),
+							 2 /*IV*/,
 							 kdf_params->salt,
 							 kdf_params->
 							 salt_size,