diff options
| author | tb <> | 2024-01-27 16:50:39 +0000 |
|---|---|---|
| committer | tb <> | 2024-01-27 16:50:39 +0000 |
| commit | 5ea0f31282d99221a4ab0c82c39e02ff04acf612 (patch) | |
| tree | 6189b734a1d271d4a1419644c0ba2afbe8b8b503 /src | |
| parent | be0f6022dcac4f63cbfaa9bc981c3ab75bbd1c49 (diff) | |
| download | openbsd-5ea0f31282d99221a4ab0c82c39e02ff04acf612.tar.gz openbsd-5ea0f31282d99221a4ab0c82c39e02ff04acf612.tar.bz2 openbsd-5ea0f31282d99221a4ab0c82c39e02ff04acf612.zip | |
Make some comments and some whitespace less ugly
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/evp/p5_crpt2.c | 27 |
1 files changed, 14 insertions, 13 deletions
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c index 8e95613f6b..9917b3cc5e 100644 --- a/src/lib/libcrypto/evp/p5_crpt2.c +++ b/src/lib/libcrypto/evp/p5_crpt2.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: p5_crpt2.c,v 1.28 2023/12/16 13:23:20 tb Exp $ */ | 1 | /* $OpenBSD: p5_crpt2.c,v 1.29 2024/01/27 16:50:39 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| @@ -72,10 +72,8 @@ | |||
| 72 | #include "evp_local.h" | 72 | #include "evp_local.h" |
| 73 | #include "hmac_local.h" | 73 | #include "hmac_local.h" |
| 74 | 74 | ||
| 75 | /* This is an implementation of PKCS#5 v2.0 password based encryption key | 75 | /* |
| 76 | * derivation function PBKDF2. | 76 | * PKCS#5 v2.0 password based encryption key derivation function PBKDF2. |
| 77 | * SHA1 version verified against test vectors posted by Peter Gutmann | ||
| 78 | * <pgut001@cs.auckland.ac.nz> to the PKCS-TNG <pkcs-tng@rsa.com> mailing list. | ||
| 79 | */ | 77 | */ |
| 80 | 78 | ||
| 81 | int | 79 | int |
| @@ -107,7 +105,8 @@ PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, | |||
| 107 | cplen = mdlen; | 105 | cplen = mdlen; |
| 108 | else | 106 | else |
| 109 | cplen = tkeylen; | 107 | cplen = tkeylen; |
| 110 | /* We are unlikely to ever use more than 256 blocks (5120 bits!) | 108 | /* |
| 109 | * We are unlikely to ever use more than 256 blocks (5120 bits!) | ||
| 111 | * but just in case... | 110 | * but just in case... |
| 112 | */ | 111 | */ |
| 113 | itmp[0] = (unsigned char)((i >> 24) & 0xff); | 112 | itmp[0] = (unsigned char)((i >> 24) & 0xff); |
| @@ -158,7 +157,8 @@ PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, const unsigned char *salt, | |||
| 158 | EVP_sha1(), keylen, out); | 157 | EVP_sha1(), keylen, out); |
| 159 | } | 158 | } |
| 160 | 159 | ||
| 161 | /* Now the key derivation function itself. This is a bit evil because | 160 | /* |
| 161 | * Now the key derivation function itself. This is a bit evil because | ||
| 162 | * it has to check the ASN1 parameters are valid: and there are quite a | 162 | * it has to check the ASN1 parameters are valid: and there are quite a |
| 163 | * few of them... | 163 | * few of them... |
| 164 | */ | 164 | */ |
| @@ -194,11 +194,8 @@ PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 194 | goto err; | 194 | goto err; |
| 195 | } | 195 | } |
| 196 | 196 | ||
| 197 | /* lets see if we recognise the encryption algorithm. | 197 | /* Let's see if we recognise the encryption algorithm. */ |
| 198 | */ | ||
| 199 | |||
| 200 | cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm); | 198 | cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm); |
| 201 | |||
| 202 | if (!cipher) { | 199 | if (!cipher) { |
| 203 | EVPerror(EVP_R_UNSUPPORTED_CIPHER); | 200 | EVPerror(EVP_R_UNSUPPORTED_CIPHER); |
| 204 | goto err; | 201 | goto err; |
| @@ -211,11 +208,13 @@ PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 211 | EVPerror(EVP_R_CIPHER_PARAMETER_ERROR); | 208 | EVPerror(EVP_R_CIPHER_PARAMETER_ERROR); |
| 212 | goto err; | 209 | goto err; |
| 213 | } | 210 | } |
| 211 | |||
| 214 | rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen, | 212 | rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen, |
| 215 | pbe2->keyfunc->parameter, c, md, en_de); | 213 | pbe2->keyfunc->parameter, c, md, en_de); |
| 216 | 214 | ||
| 217 | err: | 215 | err: |
| 218 | PBE2PARAM_free(pbe2); | 216 | PBE2PARAM_free(pbe2); |
| 217 | |||
| 219 | return rv; | 218 | return rv; |
| 220 | } | 219 | } |
| 221 | 220 | ||
| @@ -296,11 +295,13 @@ PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 296 | if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd, | 295 | if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd, |
| 297 | keylen, key)) | 296 | keylen, key)) |
| 298 | goto err; | 297 | goto err; |
| 298 | |||
| 299 | rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); | 299 | rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); |
| 300 | 300 | ||
| 301 | err: | 301 | err: |
| 302 | explicit_bzero(key, keylen); | 302 | explicit_bzero(key, keylen); |
| 303 | PBKDF2PARAM_free(kdf); | 303 | PBKDF2PARAM_free(kdf); |
| 304 | |||
| 304 | return rv; | 305 | return rv; |
| 305 | } | 306 | } |
| 306 | 307 | ||