diff options
Diffstat (limited to 'src/lib/libcrypto/evp/p5_crpt2.c')
| -rw-r--r-- | src/lib/libcrypto/evp/p5_crpt2.c | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c index 27a2c518be..7881860b53 100644 --- a/src/lib/libcrypto/evp/p5_crpt2.c +++ b/src/lib/libcrypto/evp/p5_crpt2.c | |||
| @@ -55,7 +55,7 @@ | |||
| 55 | * Hudson (tjh@cryptsoft.com). | 55 | * Hudson (tjh@cryptsoft.com). |
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | #if !defined(NO_HMAC) && !defined(NO_SHA) | 58 | #if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA) |
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <stdlib.h> | 60 | #include <stdlib.h> |
| 61 | #include <openssl/x509.h> | 61 | #include <openssl/x509.h> |
| @@ -84,9 +84,12 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, | |||
| 84 | int cplen, j, k, tkeylen; | 84 | int cplen, j, k, tkeylen; |
| 85 | unsigned long i = 1; | 85 | unsigned long i = 1; |
| 86 | HMAC_CTX hctx; | 86 | HMAC_CTX hctx; |
| 87 | |||
| 88 | HMAC_CTX_init(&hctx); | ||
| 87 | p = out; | 89 | p = out; |
| 88 | tkeylen = keylen; | 90 | tkeylen = keylen; |
| 89 | if(passlen == -1) passlen = strlen(pass); | 91 | if(!pass) passlen = 0; |
| 92 | else if(passlen == -1) passlen = strlen(pass); | ||
| 90 | while(tkeylen) { | 93 | while(tkeylen) { |
| 91 | if(tkeylen > SHA_DIGEST_LENGTH) cplen = SHA_DIGEST_LENGTH; | 94 | if(tkeylen > SHA_DIGEST_LENGTH) cplen = SHA_DIGEST_LENGTH; |
| 92 | else cplen = tkeylen; | 95 | else cplen = tkeylen; |
| @@ -97,7 +100,7 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, | |||
| 97 | itmp[1] = (unsigned char)((i >> 16) & 0xff); | 100 | itmp[1] = (unsigned char)((i >> 16) & 0xff); |
| 98 | itmp[2] = (unsigned char)((i >> 8) & 0xff); | 101 | itmp[2] = (unsigned char)((i >> 8) & 0xff); |
| 99 | itmp[3] = (unsigned char)(i & 0xff); | 102 | itmp[3] = (unsigned char)(i & 0xff); |
| 100 | HMAC_Init(&hctx, pass, passlen, EVP_sha1()); | 103 | HMAC_Init_ex(&hctx, pass, passlen, EVP_sha1(), NULL); |
| 101 | HMAC_Update(&hctx, salt, saltlen); | 104 | HMAC_Update(&hctx, salt, saltlen); |
| 102 | HMAC_Update(&hctx, itmp, 4); | 105 | HMAC_Update(&hctx, itmp, 4); |
| 103 | HMAC_Final(&hctx, digtmp, NULL); | 106 | HMAC_Final(&hctx, digtmp, NULL); |
| @@ -111,7 +114,7 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, | |||
| 111 | i++; | 114 | i++; |
| 112 | p+= cplen; | 115 | p+= cplen; |
| 113 | } | 116 | } |
| 114 | HMAC_cleanup(&hctx); | 117 | HMAC_CTX_cleanup(&hctx); |
| 115 | #ifdef DEBUG_PKCS5V2 | 118 | #ifdef DEBUG_PKCS5V2 |
| 116 | fprintf(stderr, "Password:\n"); | 119 | fprintf(stderr, "Password:\n"); |
| 117 | h__dump (pass, passlen); | 120 | h__dump (pass, passlen); |
| @@ -142,7 +145,7 @@ main() | |||
| 142 | */ | 145 | */ |
| 143 | 146 | ||
| 144 | int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | 147 | int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, |
| 145 | ASN1_TYPE *param, EVP_CIPHER *c, EVP_MD *md, | 148 | ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, |
| 146 | int en_de) | 149 | int en_de) |
| 147 | { | 150 | { |
| 148 | unsigned char *pbuf, *salt, key[EVP_MAX_KEY_LENGTH]; | 151 | unsigned char *pbuf, *salt, key[EVP_MAX_KEY_LENGTH]; |
| @@ -180,7 +183,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 180 | } | 183 | } |
| 181 | 184 | ||
| 182 | /* Fixup cipher based on AlgorithmIdentifier */ | 185 | /* Fixup cipher based on AlgorithmIdentifier */ |
| 183 | EVP_CipherInit(ctx, cipher, NULL, NULL, en_de); | 186 | EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de); |
| 184 | if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) { | 187 | if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) { |
| 185 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, | 188 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, |
| 186 | EVP_R_CIPHER_PARAMETER_ERROR); | 189 | EVP_R_CIPHER_PARAMETER_ERROR); |
| @@ -226,7 +229,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 226 | saltlen = kdf->salt->value.octet_string->length; | 229 | saltlen = kdf->salt->value.octet_string->length; |
| 227 | iter = ASN1_INTEGER_get(kdf->iter); | 230 | iter = ASN1_INTEGER_get(kdf->iter); |
| 228 | PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key); | 231 | PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key); |
| 229 | EVP_CipherInit(ctx, NULL, key, NULL, en_de); | 232 | EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); |
| 230 | memset(key, 0, keylen); | 233 | memset(key, 0, keylen); |
| 231 | PBKDF2PARAM_free(kdf); | 234 | PBKDF2PARAM_free(kdf); |
| 232 | return 1; | 235 | return 1; |