Remove OBJ_bsearch_() usage from PBE

Split the table of built-in password based encryption algorithms into two and use a linear scan over the table corresponding to the type specified in EVP_PBE_find()'s type argument. Use better variable names, make the API a bit safer and generally reduce the eye bleed in here. ok jsing
author: tb <> 2023-12-16 14:04:59 +0000
committer: tb <> 2023-12-16 14:04:59 +0000
commit: 8037621774b49536be41fb210500651c3c7b09ba (patch)
tree: 66210f30b3273d815e80ab90cc41aa76c92c9711 /src
parent: 7dbb67bb033c7b2d56630e14cd2e83a242b8f58d (diff)
download: openbsd-8037621774b49536be41fb210500651c3c7b09ba.tar.gz
openbsd-8037621774b49536be41fb210500651c3c7b09ba.tar.bz2
openbsd-8037621774b49536be41fb210500651c3c7b09ba.zip
1 files changed, 175 insertions, 79 deletions
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c
index edcd385341..0fe82953e3 100644
--- a/src/lib/libcrypto/evp/evp_pbe.c
+++ b/src/lib/libcrypto/evp/evp_pbe.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_pbe.c,v 1.31 2023/12/15 14:21:14 tb Exp $ */
+/* $OpenBSD: evp_pbe.c,v 1.32 2023/12/16 14:04:59 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -70,49 +70,156 @@
 /* Password based encryption (PBE) functions */
-typedef struct {
+struct pbe_config {
-        int pbe_type;
        int pbe_nid;
        int cipher_nid;
        int md_nid;
        EVP_PBE_KEYGEN *keygen;
-} EVP_PBE_CTL;
+};
-static const EVP_PBE_CTL builtin_pbe[] = {
-        {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC, NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},
-        {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC, NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
-        {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC, NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
+static const struct pbe_config pbe_outer[] = {
+        {
+                .pbe_nid = NID_pbeWithMD2AndDES_CBC,
+                .cipher_nid = NID_des_cbc,
+                .md_nid = NID_md2,
+                .keygen = PKCS5_PBE_keyivgen,
+        },
+        {
+                .pbe_nid = NID_pbeWithMD5AndDES_CBC,
+                .cipher_nid = NID_des_cbc,
+                .md_nid = NID_md5,
+                .keygen = PKCS5_PBE_keyivgen,
+        },
+        {
+                .pbe_nid = NID_pbeWithSHA1AndRC2_CBC,
+                .cipher_nid = NID_rc2_64_cbc,
+                .md_nid = NID_sha1,
+                .keygen = PKCS5_PBE_keyivgen,
+        },
 #ifndef OPENSSL_NO_HMAC
-        {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
+        {
+                .pbe_nid = NID_id_pbkdf2,
+                .cipher_nid = -1,
+                .md_nid = -1,
+                .keygen = PKCS5_v2_PBKDF2_keyivgen,
+        },
 #endif
+        {
-        {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4, NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},
+                .pbe_nid = NID_pbe_WithSHA1And128BitRC4,
-        {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4, NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen},
+                .cipher_nid = NID_rc4,
-        {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+                .md_nid = NID_sha1,
-        {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC, NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+                .keygen = PKCS12_PBE_keyivgen,
-        {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC, NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+        },
-        {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC, NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+        {
+                .pbe_nid = NID_pbe_WithSHA1And40BitRC4,
+                .cipher_nid = NID_rc4_40,
+                .md_nid = NID_sha1,
+                .keygen = PKCS12_PBE_keyivgen,
+        },
+        {
+                .pbe_nid = NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
+                .cipher_nid = NID_des_ede3_cbc,
+                .md_nid = NID_sha1,
+                .keygen = PKCS12_PBE_keyivgen,
+        },
+        {
+                .pbe_nid = NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
+                .cipher_nid = NID_des_ede_cbc,
+                .md_nid = NID_sha1,
+                .keygen = PKCS12_PBE_keyivgen,
+        },
+        {
+                .pbe_nid = NID_pbe_WithSHA1And128BitRC2_CBC,
+                .cipher_nid = NID_rc2_cbc,
+                .md_nid = NID_sha1,
+                .keygen = PKCS12_PBE_keyivgen,
+        },
+        {
+                .pbe_nid = NID_pbe_WithSHA1And40BitRC2_CBC,
+                .cipher_nid = NID_rc2_40_cbc,
+                .md_nid = NID_sha1,
+                .keygen = PKCS12_PBE_keyivgen,
+        },
 #ifndef OPENSSL_NO_HMAC
-        {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen},
+        {
+                .pbe_nid = NID_pbes2,
+                .cipher_nid = -1,
+                .md_nid = -1,
+                .keygen = PKCS5_v2_PBE_keyivgen,
+        },
 #endif
-        {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC, NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen},
+        {
-        {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC, NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},
+                .pbe_nid = NID_pbeWithMD2AndRC2_CBC,
-        {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC, NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},
+                .cipher_nid = NID_rc2_64_cbc,
+                .md_nid = NID_md2,
+                .keygen = PKCS5_PBE_keyivgen,
-        {EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0},
+        },
-        {EVP_PBE_TYPE_PRF, NID_hmacWithMD5, -1, NID_md5, 0},
+        {
-        {EVP_PBE_TYPE_PRF, NID_hmacWithSHA224, -1, NID_sha224, 0},
+                .pbe_nid = NID_pbeWithMD5AndRC2_CBC,
-        {EVP_PBE_TYPE_PRF, NID_hmacWithSHA256, -1, NID_sha256, 0},
+                .cipher_nid = NID_rc2_64_cbc,
-        {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},
+                .md_nid = NID_md5,
-        {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},
+                .keygen = PKCS5_PBE_keyivgen,
-        {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},
+        },
-        {EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_12_256, -1, NID_id_tc26_gost3411_2012_256, 0},
+        {
-        {EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_12_512, -1, NID_id_tc26_gost3411_2012_512, 0},
+                .pbe_nid = NID_pbeWithSHA1AndDES_CBC,
+                .cipher_nid = NID_des_cbc,
+                .md_nid = NID_sha1,
+                .keygen = PKCS5_PBE_keyivgen,
+        },
+};
+#define N_PBE_OUTER (sizeof(pbe_outer) / sizeof(pbe_outer[0]))
+static const struct pbe_config pbe_prf[] = {
+        {
+                .pbe_nid = NID_hmacWithSHA1,
+                .cipher_nid = -1,
+                .md_nid = NID_sha1,
+        },
+        {
+                .pbe_nid = NID_hmacWithMD5,
+                .cipher_nid = -1,
+                .md_nid = NID_md5,
+        },
+        {
+                .pbe_nid = NID_hmacWithSHA224,
+                .cipher_nid = -1,
+                .md_nid = NID_sha224,
+        },
+        {
+                .pbe_nid = NID_hmacWithSHA256,
+                .cipher_nid = -1,
+                .md_nid = NID_sha256,
+        },
+        {
+                .pbe_nid = NID_hmacWithSHA384,
+                .cipher_nid = -1,
+                .md_nid = NID_sha384,
+        },
+        {
+                .pbe_nid = NID_hmacWithSHA512,
+                .cipher_nid = -1,
+                .md_nid = NID_sha512,
+        },
+        {
+                .pbe_nid = NID_id_HMACGostR3411_94,
+                .cipher_nid = -1,
+                .md_nid = NID_id_GostR3411_94,
+        },
+        {
+                .pbe_nid = NID_id_tc26_hmac_gost_3411_12_256,
+                .cipher_nid = -1,
+                .md_nid = NID_id_tc26_gost3411_2012_256,
+        },
+        {
+                .pbe_nid = NID_id_tc26_hmac_gost_3411_12_512,
+                .cipher_nid = -1,
+                .md_nid = NID_id_tc26_gost3411_2012_512,
+        },
 };
+#define N_PBE_PRF (sizeof(pbe_prf) / sizeof(pbe_prf[0]))
 int
 EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
    ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
@@ -166,59 +273,48 @@ EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
        return 1;
 }
-static int pbe2_cmp_BSEARCH_CMP_FN(const void *, const void *);
-static int pbe2_cmp(EVP_PBE_CTL const *, EVP_PBE_CTL const *);
-static EVP_PBE_CTL *OBJ_bsearch_pbe2(EVP_PBE_CTL *key, EVP_PBE_CTL const *base, int num);
-static int
-pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2)
-{
-        int ret = pbe1->pbe_type - pbe2->pbe_type;
-        if (ret)
-                return ret;
-        else
-                return pbe1->pbe_nid - pbe2->pbe_nid;
-}
-static int
-pbe2_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)
-{
-        EVP_PBE_CTL const *a = a_;
-        EVP_PBE_CTL const *b = b_;
-        return pbe2_cmp(a, b);
-}
-static EVP_PBE_CTL *
-OBJ_bsearch_pbe2(EVP_PBE_CTL *key, EVP_PBE_CTL const *base, int num)
-{
-        return (EVP_PBE_CTL *)OBJ_bsearch_(key, base, num, sizeof(EVP_PBE_CTL),
-            pbe2_cmp_BSEARCH_CMP_FN);
-}
 int
-EVP_PBE_find(int type, int pbe_nid,
+EVP_PBE_find(int type, int pbe_nid, int *out_cipher_nid, int *out_md_nid,
-    int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen)
+    EVP_PBE_KEYGEN **out_keygen)
 {
-        EVP_PBE_CTL *pbetmp = NULL, pbelu;
+        const struct pbe_config *pbe = NULL;
+        size_t i;
+        if (out_cipher_nid != NULL)
+                *out_cipher_nid = NID_undef;
+        if (out_md_nid != NULL)
+                *out_md_nid = NID_undef;
+        if (out_keygen != NULL)
+                *out_keygen = NULL;
        if (pbe_nid == NID_undef)
                return 0;
-        pbelu.pbe_type = type;
+        if (type == EVP_PBE_TYPE_OUTER) {
-        pbelu.pbe_nid = pbe_nid;
+                for (i = 0; i < N_PBE_OUTER; i++) {
+                        if (pbe_nid == pbe_outer[i].pbe_nid) {
-        pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe,
+                                pbe = &pbe_outer[i];
-            sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL));
+                                break;
-        if (pbetmp == NULL)
+                        }
+                }
+        } else if (type == EVP_PBE_TYPE_PRF) {
+                for (i = 0; i < N_PBE_PRF; i++) {
+                        if (pbe_nid == pbe_prf[i].pbe_nid) {
+                                pbe = &pbe_prf[i];
+                                break;
+                        }
+                }
+        }
+        if (pbe == NULL)
                return 0;
-        if (pcnid)
-                *pcnid = pbetmp->cipher_nid;
+        if (out_cipher_nid != NULL)
-        if (pmnid)
+                *out_cipher_nid = pbe->cipher_nid;
-                *pmnid = pbetmp->md_nid;
+        if (out_md_nid != NULL)
-        if (pkeygen)
+                *out_md_nid = pbe->md_nid;
-                *pkeygen = pbetmp->keygen;
+        if (out_keygen != NULL)
+                *out_keygen = pbe->keygen;
        return 1;
 }
author	tb <>	2023-12-16 14:04:59 +0000
committer	tb <>	2023-12-16 14:04:59 +0000
commit	8037621774b49536be41fb210500651c3c7b09ba (patch)
tree	66210f30b3273d815e80ab90cc41aa76c92c9711 /src
parent	7dbb67bb033c7b2d56630e14cd2e83a242b8f58d (diff)
download	openbsd-8037621774b49536be41fb210500651c3c7b09ba.tar.gz openbsd-8037621774b49536be41fb210500651c3c7b09ba.tar.bz2 openbsd-8037621774b49536be41fb210500651c3c7b09ba.zip

diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c index edcd385341..0fe82953e3 100644 --- a/src/lib/libcrypto/evp/evp_pbe.c +++ b/src/lib/libcrypto/evp/evp_pbe.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: evp_pbe.c,v 1.31 2023/12/15 14:21:14 tb Exp $ */	1	/* $OpenBSD: evp_pbe.c,v 1.32 2023/12/16 14:04:59 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.	3	* project 1999.
4	*/	4	*/
@@ -70,49 +70,156 @@
70		70
71	/* Password based encryption (PBE) functions */	71	/* Password based encryption (PBE) functions */
72		72
73	typedef struct {	73	struct pbe_config {
74	int pbe_type;
75	int pbe_nid;	74	int pbe_nid;
76	int cipher_nid;	75	int cipher_nid;
77	int md_nid;	76	int md_nid;
78	EVP_PBE_KEYGEN *keygen;	77	EVP_PBE_KEYGEN *keygen;
79	} EVP_PBE_CTL;	78	};
80
81	static const EVP_PBE_CTL builtin_pbe[] = {
82	{EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC, NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},
83	{EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC, NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
84	{EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC, NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
85		79
		80	static const struct pbe_config pbe_outer[] = {
		81	{
		82	.pbe_nid = NID_pbeWithMD2AndDES_CBC,
		83	.cipher_nid = NID_des_cbc,
		84	.md_nid = NID_md2,
		85	.keygen = PKCS5_PBE_keyivgen,
		86	},
		87	{
		88	.pbe_nid = NID_pbeWithMD5AndDES_CBC,
		89	.cipher_nid = NID_des_cbc,
		90	.md_nid = NID_md5,
		91	.keygen = PKCS5_PBE_keyivgen,
		92	},
		93	{
		94	.pbe_nid = NID_pbeWithSHA1AndRC2_CBC,
		95	.cipher_nid = NID_rc2_64_cbc,
		96	.md_nid = NID_sha1,
		97	.keygen = PKCS5_PBE_keyivgen,
		98	},
86	#ifndef OPENSSL_NO_HMAC	99	#ifndef OPENSSL_NO_HMAC
87	{EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},	100	{
		101	.pbe_nid = NID_id_pbkdf2,
		102	.cipher_nid = -1,
		103	.md_nid = -1,
		104	.keygen = PKCS5_v2_PBKDF2_keyivgen,
		105	},
88	#endif	106	#endif
89		107	{
90	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4, NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},	108	.pbe_nid = NID_pbe_WithSHA1And128BitRC4,
91	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4, NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen},	109	.cipher_nid = NID_rc4,
92	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen},	110	.md_nid = NID_sha1,
93	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC, NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},	111	.keygen = PKCS12_PBE_keyivgen,
94	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC, NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},	112	},
95	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC, NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},	113	{
96		114	.pbe_nid = NID_pbe_WithSHA1And40BitRC4,
		115	.cipher_nid = NID_rc4_40,
		116	.md_nid = NID_sha1,
		117	.keygen = PKCS12_PBE_keyivgen,
		118	},
		119	{
		120	.pbe_nid = NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
		121	.cipher_nid = NID_des_ede3_cbc,
		122	.md_nid = NID_sha1,
		123	.keygen = PKCS12_PBE_keyivgen,
		124	},
		125	{
		126	.pbe_nid = NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
		127	.cipher_nid = NID_des_ede_cbc,
		128	.md_nid = NID_sha1,
		129	.keygen = PKCS12_PBE_keyivgen,
		130	},
		131	{
		132	.pbe_nid = NID_pbe_WithSHA1And128BitRC2_CBC,
		133	.cipher_nid = NID_rc2_cbc,
		134	.md_nid = NID_sha1,
		135	.keygen = PKCS12_PBE_keyivgen,
		136	},
		137	{
		138	.pbe_nid = NID_pbe_WithSHA1And40BitRC2_CBC,
		139	.cipher_nid = NID_rc2_40_cbc,
		140	.md_nid = NID_sha1,
		141	.keygen = PKCS12_PBE_keyivgen,
		142	},
97	#ifndef OPENSSL_NO_HMAC	143	#ifndef OPENSSL_NO_HMAC
98	{EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen},	144	{
		145	.pbe_nid = NID_pbes2,
		146	.cipher_nid = -1,
		147	.md_nid = -1,
		148	.keygen = PKCS5_v2_PBE_keyivgen,
		149	},
99	#endif	150	#endif
100	{EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC, NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen},	151	{
101	{EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC, NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},	152	.pbe_nid = NID_pbeWithMD2AndRC2_CBC,
102	{EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC, NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},	153	.cipher_nid = NID_rc2_64_cbc,
103		154	.md_nid = NID_md2,
104		155	.keygen = PKCS5_PBE_keyivgen,
105	{EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0},	156	},
106	{EVP_PBE_TYPE_PRF, NID_hmacWithMD5, -1, NID_md5, 0},	157	{
107	{EVP_PBE_TYPE_PRF, NID_hmacWithSHA224, -1, NID_sha224, 0},	158	.pbe_nid = NID_pbeWithMD5AndRC2_CBC,
108	{EVP_PBE_TYPE_PRF, NID_hmacWithSHA256, -1, NID_sha256, 0},	159	.cipher_nid = NID_rc2_64_cbc,
109	{EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},	160	.md_nid = NID_md5,
110	{EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},	161	.keygen = PKCS5_PBE_keyivgen,
111	{EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},	162	},
112	{EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_12_256, -1, NID_id_tc26_gost3411_2012_256, 0},	163	{
113	{EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_12_512, -1, NID_id_tc26_gost3411_2012_512, 0},	164	.pbe_nid = NID_pbeWithSHA1AndDES_CBC,
		165	.cipher_nid = NID_des_cbc,
		166	.md_nid = NID_sha1,
		167	.keygen = PKCS5_PBE_keyivgen,
		168	},
		169	};
		170
		171	#define N_PBE_OUTER (sizeof(pbe_outer) / sizeof(pbe_outer[0]))
		172
		173	static const struct pbe_config pbe_prf[] = {
		174	{
		175	.pbe_nid = NID_hmacWithSHA1,
		176	.cipher_nid = -1,
		177	.md_nid = NID_sha1,
		178	},
		179	{
		180	.pbe_nid = NID_hmacWithMD5,
		181	.cipher_nid = -1,
		182	.md_nid = NID_md5,
		183	},
		184	{
		185	.pbe_nid = NID_hmacWithSHA224,
		186	.cipher_nid = -1,
		187	.md_nid = NID_sha224,
		188	},
		189	{
		190	.pbe_nid = NID_hmacWithSHA256,
		191	.cipher_nid = -1,
		192	.md_nid = NID_sha256,
		193	},
		194	{
		195	.pbe_nid = NID_hmacWithSHA384,
		196	.cipher_nid = -1,
		197	.md_nid = NID_sha384,
		198	},
		199	{
		200	.pbe_nid = NID_hmacWithSHA512,
		201	.cipher_nid = -1,
		202	.md_nid = NID_sha512,
		203	},
		204	{
		205	.pbe_nid = NID_id_HMACGostR3411_94,
		206	.cipher_nid = -1,
		207	.md_nid = NID_id_GostR3411_94,
		208	},
		209	{
		210	.pbe_nid = NID_id_tc26_hmac_gost_3411_12_256,
		211	.cipher_nid = -1,
		212	.md_nid = NID_id_tc26_gost3411_2012_256,
		213	},
		214	{
		215	.pbe_nid = NID_id_tc26_hmac_gost_3411_12_512,
		216	.cipher_nid = -1,
		217	.md_nid = NID_id_tc26_gost3411_2012_512,
		218	},
114	};	219	};
115		220
		221	#define N_PBE_PRF (sizeof(pbe_prf) / sizeof(pbe_prf[0]))
		222
116	int	223	int
117	EVP_PBE_CipherInit(ASN1_OBJECT pbe_obj, const char pass, int passlen,	224	EVP_PBE_CipherInit(ASN1_OBJECT pbe_obj, const char pass, int passlen,
118	ASN1_TYPE param, EVP_CIPHER_CTX ctx, int en_de)	225	ASN1_TYPE param, EVP_CIPHER_CTX ctx, int en_de)
@@ -166,59 +273,48 @@ EVP_PBE_CipherInit(ASN1_OBJECT pbe_obj, const char pass, int passlen,
166	return 1;	273	return 1;
167	}	274	}
168		275
169	static int pbe2_cmp_BSEARCH_CMP_FN(const void , const void );
170	static int pbe2_cmp(EVP_PBE_CTL const , EVP_PBE_CTL const );
171	static EVP_PBE_CTL OBJ_bsearch_pbe2(EVP_PBE_CTL key, EVP_PBE_CTL const *base, int num);
172
173	static int
174	pbe2_cmp(const EVP_PBE_CTL pbe1, const EVP_PBE_CTL pbe2)
175	{
176	int ret = pbe1->pbe_type - pbe2->pbe_type;
177
178	if (ret)
179	return ret;
180	else
181	return pbe1->pbe_nid - pbe2->pbe_nid;
182	}
183
184
185	static int
186	pbe2_cmp_BSEARCH_CMP_FN(const void a_, const void b_)
187	{
188	EVP_PBE_CTL const *a = a_;
189	EVP_PBE_CTL const *b = b_;
190	return pbe2_cmp(a, b);
191	}
192
193	static EVP_PBE_CTL *
194	OBJ_bsearch_pbe2(EVP_PBE_CTL key, EVP_PBE_CTL const base, int num)
195	{
196	return (EVP_PBE_CTL *)OBJ_bsearch_(key, base, num, sizeof(EVP_PBE_CTL),
197	pbe2_cmp_BSEARCH_CMP_FN);
198	}
199
200	int	276	int
201	EVP_PBE_find(int type, int pbe_nid,	277	EVP_PBE_find(int type, int pbe_nid, int out_cipher_nid, int out_md_nid,
202	int pcnid, int pmnid, EVP_PBE_KEYGEN **pkeygen)	278	EVP_PBE_KEYGEN **out_keygen)
203	{	279	{
204	EVP_PBE_CTL *pbetmp = NULL, pbelu;	280	const struct pbe_config *pbe = NULL;
		281	size_t i;
		282
		283	if (out_cipher_nid != NULL)
		284	*out_cipher_nid = NID_undef;
		285	if (out_md_nid != NULL)
		286	*out_md_nid = NID_undef;
		287	if (out_keygen != NULL)
		288	*out_keygen = NULL;
205		289
206	if (pbe_nid == NID_undef)	290	if (pbe_nid == NID_undef)
207	return 0;	291	return 0;
208		292
209	pbelu.pbe_type = type;	293	if (type == EVP_PBE_TYPE_OUTER) {
210	pbelu.pbe_nid = pbe_nid;	294	for (i = 0; i < N_PBE_OUTER; i++) {
211		295	if (pbe_nid == pbe_outer[i].pbe_nid) {
212	pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe,	296	pbe = &pbe_outer[i];
213	sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL));	297	break;
214	if (pbetmp == NULL)	298	}
		299	}
		300	} else if (type == EVP_PBE_TYPE_PRF) {
		301	for (i = 0; i < N_PBE_PRF; i++) {
		302	if (pbe_nid == pbe_prf[i].pbe_nid) {
		303	pbe = &pbe_prf[i];
		304	break;
		305	}
		306	}
		307	}
		308	if (pbe == NULL)
215	return 0;	309	return 0;
216	if (pcnid)	310
217	*pcnid = pbetmp->cipher_nid;	311	if (out_cipher_nid != NULL)
218	if (pmnid)	312	*out_cipher_nid = pbe->cipher_nid;
219	*pmnid = pbetmp->md_nid;	313	if (out_md_nid != NULL)
220	if (pkeygen)	314	*out_md_nid = pbe->md_nid;
221	*pkeygen = pbetmp->keygen;	315	if (out_keygen != NULL)
		316	*out_keygen = pbe->keygen;
		317
222	return 1;	318	return 1;
223	}	319	}
224		320