1 files changed, 36 insertions, 31 deletions
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c
index dafa686f64..4271393069 100644
--- a/src/lib/libcrypto/evp/evp_key.c
+++ b/src/lib/libcrypto/evp/evp_key.c
@@ -58,23 +58,26 @@
 #include <stdio.h>
 #include "cryptlib.h"
-#include "x509.h"
+#include <openssl/x509.h>
-#include "objects.h"
+#include <openssl/objects.h>
-#include "evp.h"
+#include <openssl/evp.h>
+#include <openssl/ui.h>
 /* should be init to zeros. */
 static char prompt_string[80];
-void EVP_set_pw_prompt(prompt)
+void EVP_set_pw_prompt(char *prompt)
-char *prompt;
        {
        if (prompt == NULL)
                prompt_string[0]='\0';
        else
+                {
                strncpy(prompt_string,prompt,79);
+                prompt_string[79]='\0';
+                }
        }
-char *EVP_get_pw_prompt()
+char *EVP_get_pw_prompt(void)
        {
        if (prompt_string[0] == '\0')
                return(NULL);
@@ -82,30 +85,31 @@ char *EVP_get_pw_prompt()
                return(prompt_string);
        }
-#ifdef NO_DES
+/* For historical reasons, the standard function for reading passwords is
-int des_read_pw_string(char *buf,int len,char *prompt,int verify);
+ * in the DES library -- if someone ever wants to disable DES,
-#endif
+ * this function will fail */
+int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
-int EVP_read_pw_string(buf,len,prompt,verify)
-char *buf;
-int len;
-char *prompt;
-int verify;
        {
+        int ret;
+        char buff[BUFSIZ];
+        UI *ui;
        if ((prompt == NULL) && (prompt_string[0] != '\0'))
                prompt=prompt_string;
-        return(des_read_pw_string(buf,len,prompt,verify));
+        ui = UI_new();
+        UI_add_input_string(ui,prompt,0,buf,0,(len>=BUFSIZ)?BUFSIZ-1:len);
+        if (verify)
+                UI_add_verify_string(ui,prompt,0,
+                        buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
+        ret = UI_process(ui);
+        UI_free(ui);
+        memset(buff,0,BUFSIZ);
+        return ret;
        }
-int EVP_BytesToKey(type,md,salt,data,datal,count,key,iv)
+int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, 
-EVP_CIPHER *type;
+             const unsigned char *salt, const unsigned char *data, int datal,
-EVP_MD *md;
+             int count, unsigned char *key, unsigned char *iv)
-unsigned char *salt;
-unsigned char *data;
-int datal;
-int count;
-unsigned char *key;
-unsigned char *iv;
        {
        EVP_MD_CTX c;
        unsigned char md_buf[EVP_MAX_MD_SIZE];
@@ -117,21 +121,22 @@ unsigned char *iv;
        if (data == NULL) return(nkey);
+        EVP_MD_CTX_init(&c);
        for (;;)
                {
-                EVP_DigestInit(&c,md);
+                EVP_DigestInit_ex(&c,md, NULL);
                if (addmd++)
                        EVP_DigestUpdate(&c,&(md_buf[0]),mds);
                EVP_DigestUpdate(&c,data,datal);
                if (salt != NULL)
-                        EVP_DigestUpdate(&c,salt,8);
+                        EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN);
-                EVP_DigestFinal(&c,&(md_buf[0]),&mds);
+                EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
                for (i=1; i<(unsigned int)count; i++)
                        {
-                        EVP_DigestInit(&c,md);
+                        EVP_DigestInit_ex(&c,md, NULL);
                        EVP_DigestUpdate(&c,&(md_buf[0]),mds);
-                        EVP_DigestFinal(&c,&(md_buf[0]),&mds);
+                        EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
                        }
                i=0;
                if (nkey)
@@ -160,7 +165,7 @@ unsigned char *iv;
                        }
                if ((nkey == 0) && (niv == 0)) break;
                }
-        memset(&c,0,sizeof(c));
+        EVP_MD_CTX_cleanup(&c);
        memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE);
        return(type->key_len);
        }

diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c index dafa686f64..4271393069 100644 --- a/src/lib/libcrypto/evp/evp_key.c +++ b/src/lib/libcrypto/evp/evp_key.c
@@ -58,23 +58,26 @@
58		58
59	#include <stdio.h>	59	#include <stdio.h>
60	#include "cryptlib.h"	60	#include "cryptlib.h"
61	#include "x509.h"	61	#include <openssl/x509.h>
62	#include "objects.h"	62	#include <openssl/objects.h>
63	#include "evp.h"	63	#include <openssl/evp.h>
		64	#include <openssl/ui.h>
64		65
65	/* should be init to zeros. */	66	/* should be init to zeros. */
66	static char prompt_string[80];	67	static char prompt_string[80];
67		68
68	void EVP_set_pw_prompt(prompt)	69	void EVP_set_pw_prompt(char *prompt)
69	char *prompt;
70	{	70	{
71	if (prompt == NULL)	71	if (prompt == NULL)
72	prompt_string[0]='\0';	72	prompt_string[0]='\0';
73	else	73	else
		74	{
74	strncpy(prompt_string,prompt,79);	75	strncpy(prompt_string,prompt,79);
		76	prompt_string[79]='\0';
		77	}
75	}	78	}
76		79
77	char *EVP_get_pw_prompt()	80	char *EVP_get_pw_prompt(void)
78	{	81	{
79	if (prompt_string[0] == '\0')	82	if (prompt_string[0] == '\0')
80	return(NULL);	83	return(NULL);
@@ -82,30 +85,31 @@ char *EVP_get_pw_prompt()
82	return(prompt_string);	85	return(prompt_string);
83	}	86	}
84		87
85	#ifdef NO_DES	88	/* For historical reasons, the standard function for reading passwords is
86	int des_read_pw_string(char buf,int len,char prompt,int verify);	89	* in the DES library -- if someone ever wants to disable DES,
87	#endif	90	* this function will fail */
88		91	int EVP_read_pw_string(char buf, int len, const char prompt, int verify)
89	int EVP_read_pw_string(buf,len,prompt,verify)
90	char *buf;
91	int len;
92	char *prompt;
93	int verify;
94	{	92	{
		93	int ret;
		94	char buff[BUFSIZ];
		95	UI *ui;
		96
95	if ((prompt == NULL) && (prompt_string[0] != '\0'))	97	if ((prompt == NULL) && (prompt_string[0] != '\0'))
96	prompt=prompt_string;	98	prompt=prompt_string;
97	return(des_read_pw_string(buf,len,prompt,verify));	99	ui = UI_new();
		100	UI_add_input_string(ui,prompt,0,buf,0,(len>=BUFSIZ)?BUFSIZ-1:len);
		101	if (verify)
		102	UI_add_verify_string(ui,prompt,0,
		103	buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
		104	ret = UI_process(ui);
		105	UI_free(ui);
		106	memset(buff,0,BUFSIZ);
		107	return ret;
98	}	108	}
99		109
100	int EVP_BytesToKey(type,md,salt,data,datal,count,key,iv)	110	int EVP_BytesToKey(const EVP_CIPHER type, const EVP_MD md,
101	EVP_CIPHER *type;	111	const unsigned char salt, const unsigned char data, int datal,
102	EVP_MD *md;	112	int count, unsigned char key, unsigned char iv)
103	unsigned char *salt;
104	unsigned char *data;
105	int datal;
106	int count;
107	unsigned char *key;
108	unsigned char *iv;
109	{	113	{
110	EVP_MD_CTX c;	114	EVP_MD_CTX c;
111	unsigned char md_buf[EVP_MAX_MD_SIZE];	115	unsigned char md_buf[EVP_MAX_MD_SIZE];
@@ -117,21 +121,22 @@ unsigned char *iv;
117		121
118	if (data == NULL) return(nkey);	122	if (data == NULL) return(nkey);
119		123
		124	EVP_MD_CTX_init(&c);
120	for (;;)	125	for (;;)
121	{	126	{
122	EVP_DigestInit(&c,md);	127	EVP_DigestInit_ex(&c,md, NULL);
123	if (addmd++)	128	if (addmd++)
124	EVP_DigestUpdate(&c,&(md_buf[0]),mds);	129	EVP_DigestUpdate(&c,&(md_buf[0]),mds);
125	EVP_DigestUpdate(&c,data,datal);	130	EVP_DigestUpdate(&c,data,datal);
126	if (salt != NULL)	131	if (salt != NULL)
127	EVP_DigestUpdate(&c,salt,8);	132	EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN);
128	EVP_DigestFinal(&c,&(md_buf[0]),&mds);	133	EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
129		134
130	for (i=1; i<(unsigned int)count; i++)	135	for (i=1; i<(unsigned int)count; i++)
131	{	136	{
132	EVP_DigestInit(&c,md);	137	EVP_DigestInit_ex(&c,md, NULL);
133	EVP_DigestUpdate(&c,&(md_buf[0]),mds);	138	EVP_DigestUpdate(&c,&(md_buf[0]),mds);
134	EVP_DigestFinal(&c,&(md_buf[0]),&mds);	139	EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
135	}	140	}
136	i=0;	141	i=0;
137	if (nkey)	142	if (nkey)
@@ -160,7 +165,7 @@ unsigned char *iv;
160	}	165	}
161	if ((nkey == 0) && (niv == 0)) break;	166	if ((nkey == 0) && (niv == 0)) break;
162	}	167	}
163	memset(&c,0,sizeof(c));	168	EVP_MD_CTX_cleanup(&c);
164	memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE);	169	memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE);
165	return(type->key_len);	170	return(type->key_len);
166	}	171	}