diff options
Diffstat (limited to 'src/lib/libcrypto/evp/p5_crpt.c')
| -rw-r--r-- | src/lib/libcrypto/evp/p5_crpt.c | 33 |
1 files changed, 19 insertions, 14 deletions
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c index 294cc90d87..eff82e8c0b 100644 --- a/src/lib/libcrypto/evp/p5_crpt.c +++ b/src/lib/libcrypto/evp/p5_crpt.c | |||
| @@ -10,7 +10,7 @@ | |||
| 10 | * are met: | 10 | * are met: |
| 11 | * | 11 | * |
| 12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright |
| 13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. |
| 14 | * | 14 | * |
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | 15 | * 2. Redistributions in binary form must reproduce the above copyright |
| 16 | * notice, this list of conditions and the following disclaimer in | 16 | * notice, this list of conditions and the following disclaimer in |
| @@ -65,13 +65,14 @@ | |||
| 65 | /* Doesn't do anything now: Builtin PBE algorithms in static table. | 65 | /* Doesn't do anything now: Builtin PBE algorithms in static table. |
| 66 | */ | 66 | */ |
| 67 | 67 | ||
| 68 | void PKCS5_PBE_add(void) | 68 | void |
| 69 | PKCS5_PBE_add(void) | ||
| 69 | { | 70 | { |
| 70 | } | 71 | } |
| 71 | 72 | ||
| 72 | int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, | 73 | int |
| 73 | ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, | 74 | PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, |
| 74 | int en_de) | 75 | ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de) |
| 75 | { | 76 | { |
| 76 | EVP_MD_CTX ctx; | 77 | EVP_MD_CTX ctx; |
| 77 | unsigned char md_tmp[EVP_MAX_MD_SIZE]; | 78 | unsigned char md_tmp[EVP_MAX_MD_SIZE]; |
| @@ -88,23 +89,27 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, | |||
| 88 | /* Extract useful info from parameter */ | 89 | /* Extract useful info from parameter */ |
| 89 | if (param == NULL || param->type != V_ASN1_SEQUENCE || | 90 | if (param == NULL || param->type != V_ASN1_SEQUENCE || |
| 90 | param->value.sequence == NULL) { | 91 | param->value.sequence == NULL) { |
| 91 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); | 92 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); |
| 92 | return 0; | 93 | return 0; |
| 93 | } | 94 | } |
| 94 | 95 | ||
| 95 | pbuf = param->value.sequence->data; | 96 | pbuf = param->value.sequence->data; |
| 96 | if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { | 97 | if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { |
| 97 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); | 98 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); |
| 98 | return 0; | 99 | return 0; |
| 99 | } | 100 | } |
| 100 | 101 | ||
| 101 | if (!pbe->iter) iter = 1; | 102 | if (!pbe->iter) |
| 102 | else iter = ASN1_INTEGER_get (pbe->iter); | 103 | iter = 1; |
| 104 | else | ||
| 105 | iter = ASN1_INTEGER_get (pbe->iter); | ||
| 103 | salt = pbe->salt->data; | 106 | salt = pbe->salt->data; |
| 104 | saltlen = pbe->salt->length; | 107 | saltlen = pbe->salt->length; |
| 105 | 108 | ||
| 106 | if(!pass) passlen = 0; | 109 | if (!pass) |
| 107 | else if(passlen == -1) passlen = strlen(pass); | 110 | passlen = 0; |
| 111 | else if (passlen == -1) | ||
| 112 | passlen = strlen(pass); | ||
| 108 | 113 | ||
| 109 | if (!EVP_DigestInit_ex(&ctx, md, NULL)) | 114 | if (!EVP_DigestInit_ex(&ctx, md, NULL)) |
| 110 | goto err; | 115 | goto err; |
| @@ -117,7 +122,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, | |||
| 117 | goto err; | 122 | goto err; |
| 118 | mdsize = EVP_MD_size(md); | 123 | mdsize = EVP_MD_size(md); |
| 119 | if (mdsize < 0) | 124 | if (mdsize < 0) |
| 120 | return 0; | 125 | return 0; |
| 121 | for (i = 1; i < iter; i++) { | 126 | for (i = 1; i < iter; i++) { |
| 122 | if (!EVP_DigestInit_ex(&ctx, md, NULL)) | 127 | if (!EVP_DigestInit_ex(&ctx, md, NULL)) |
| 123 | goto err; | 128 | goto err; |
| @@ -130,14 +135,14 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, | |||
| 130 | memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); | 135 | memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); |
| 131 | OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16); | 136 | OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16); |
| 132 | memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), | 137 | memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), |
| 133 | EVP_CIPHER_iv_length(cipher)); | 138 | EVP_CIPHER_iv_length(cipher)); |
| 134 | if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de)) | 139 | if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de)) |
| 135 | goto err; | 140 | goto err; |
| 136 | OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE); | 141 | OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE); |
| 137 | OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); | 142 | OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); |
| 138 | OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); | 143 | OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); |
| 139 | rv = 1; | 144 | rv = 1; |
| 140 | err: | 145 | err: |
| 141 | EVP_MD_CTX_cleanup(&ctx); | 146 | EVP_MD_CTX_cleanup(&ctx); |
| 142 | return rv; | 147 | return rv; |
| 143 | } | 148 | } |