diff options
| author | miod <> | 2014-04-13 15:25:35 +0000 |
|---|---|---|
| committer | miod <> | 2014-04-13 15:25:35 +0000 |
| commit | 1fb5cf10c3e597dbb1ecc4dd423bba727fd7721a (patch) | |
| tree | 74f4ff344980894c7c9ceeab9b81176ac7572566 /src/lib/libcrypto/pkcs12 | |
| parent | 92349eb53934e1b3e9b807e603d45417a6320d21 (diff) | |
| download | openbsd-1fb5cf10c3e597dbb1ecc4dd423bba727fd7721a.tar.gz openbsd-1fb5cf10c3e597dbb1ecc4dd423bba727fd7721a.tar.bz2 openbsd-1fb5cf10c3e597dbb1ecc4dd423bba727fd7721a.zip | |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
Diffstat (limited to 'src/lib/libcrypto/pkcs12')
| -rw-r--r-- | src/lib/libcrypto/pkcs12/p12_crt.c | 7 | ||||
| -rw-r--r-- | src/lib/libcrypto/pkcs12/p12_key.c | 24 |
2 files changed, 23 insertions, 8 deletions
diff --git a/src/lib/libcrypto/pkcs12/p12_crt.c b/src/lib/libcrypto/pkcs12/p12_crt.c index 96b131defa..a34915d02d 100644 --- a/src/lib/libcrypto/pkcs12/p12_crt.c +++ b/src/lib/libcrypto/pkcs12/p12_crt.c | |||
| @@ -90,7 +90,14 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, | |||
| 90 | 90 | ||
| 91 | /* Set defaults */ | 91 | /* Set defaults */ |
| 92 | if (!nid_cert) | 92 | if (!nid_cert) |
| 93 | { | ||
| 94 | #ifdef OPENSSL_FIPS | ||
| 95 | if (FIPS_mode()) | ||
| 96 | nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; | ||
| 97 | else | ||
| 98 | #endif | ||
| 93 | nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; | 99 | nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; |
| 100 | } | ||
| 94 | if (!nid_key) | 101 | if (!nid_key) |
| 95 | nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; | 102 | nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; |
| 96 | if (!iter) | 103 | if (!iter) |
diff --git a/src/lib/libcrypto/pkcs12/p12_key.c b/src/lib/libcrypto/pkcs12/p12_key.c index c55c7b60b3..61d58502fd 100644 --- a/src/lib/libcrypto/pkcs12/p12_key.c +++ b/src/lib/libcrypto/pkcs12/p12_key.c | |||
| @@ -176,24 +176,32 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, | |||
| 176 | out += u; | 176 | out += u; |
| 177 | for (j = 0; j < v; j++) B[j] = Ai[j % u]; | 177 | for (j = 0; j < v; j++) B[j] = Ai[j % u]; |
| 178 | /* Work out B + 1 first then can use B as tmp space */ | 178 | /* Work out B + 1 first then can use B as tmp space */ |
| 179 | if (!BN_bin2bn (B, v, Bpl1)) goto err; | 179 | if (!BN_bin2bn (B, v, Bpl1)) |
| 180 | if (!BN_add_word (Bpl1, 1)) goto err; | 180 | goto err; |
| 181 | if (!BN_add_word (Bpl1, 1)) | ||
| 182 | goto err; | ||
| 181 | for (j = 0; j < Ilen ; j+=v) { | 183 | for (j = 0; j < Ilen ; j+=v) { |
| 182 | if (!BN_bin2bn (I + j, v, Ij)) goto err; | 184 | if (!BN_bin2bn(I + j, v, Ij)) |
| 183 | if (!BN_add (Ij, Ij, Bpl1)) goto err; | 185 | goto err; |
| 184 | BN_bn2bin (Ij, B); | 186 | if (!BN_add(Ij, Ij, Bpl1)) |
| 187 | goto err; | ||
| 188 | if (!BN_bn2bin(Ij, B)) | ||
| 189 | goto err; | ||
| 185 | Ijlen = BN_num_bytes (Ij); | 190 | Ijlen = BN_num_bytes (Ij); |
| 186 | /* If more than 2^(v*8) - 1 cut off MSB */ | 191 | /* If more than 2^(v*8) - 1 cut off MSB */ |
| 187 | if (Ijlen > v) { | 192 | if (Ijlen > v) { |
| 188 | BN_bn2bin (Ij, B); | 193 | if (!BN_bn2bin (Ij, B)) |
| 194 | goto err; | ||
| 189 | memcpy (I + j, B + 1, v); | 195 | memcpy (I + j, B + 1, v); |
| 190 | #ifndef PKCS12_BROKEN_KEYGEN | 196 | #ifndef PKCS12_BROKEN_KEYGEN |
| 191 | /* If less than v bytes pad with zeroes */ | 197 | /* If less than v bytes pad with zeroes */ |
| 192 | } else if (Ijlen < v) { | 198 | } else if (Ijlen < v) { |
| 193 | memset(I + j, 0, v - Ijlen); | 199 | memset(I + j, 0, v - Ijlen); |
| 194 | BN_bn2bin(Ij, I + j + v - Ijlen); | 200 | if (!BN_bn2bin(Ij, I + j + v - Ijlen)) |
| 201 | goto err; | ||
| 195 | #endif | 202 | #endif |
| 196 | } else BN_bn2bin (Ij, I + j); | 203 | } else if (!BN_bn2bin (Ij, I + j)) |
| 204 | goto err; | ||
| 197 | } | 205 | } |
| 198 | } | 206 | } |
| 199 | 207 | ||