diff options
Diffstat (limited to 'src/lib/libcrypto/evp/p5_crpt2.c')
| -rw-r--r-- | src/lib/libcrypto/evp/p5_crpt2.c | 40 |
1 files changed, 31 insertions, 9 deletions
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c index 975d004df4..fe3c6c8813 100644 --- a/src/lib/libcrypto/evp/p5_crpt2.c +++ b/src/lib/libcrypto/evp/p5_crpt2.c | |||
| @@ -85,19 +85,24 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, | |||
| 85 | unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; | 85 | unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; |
| 86 | int cplen, j, k, tkeylen, mdlen; | 86 | int cplen, j, k, tkeylen, mdlen; |
| 87 | unsigned long i = 1; | 87 | unsigned long i = 1; |
| 88 | HMAC_CTX hctx; | 88 | HMAC_CTX hctx_tpl, hctx; |
| 89 | 89 | ||
| 90 | mdlen = EVP_MD_size(digest); | 90 | mdlen = EVP_MD_size(digest); |
| 91 | if (mdlen < 0) | 91 | if (mdlen < 0) |
| 92 | return 0; | 92 | return 0; |
| 93 | 93 | ||
| 94 | HMAC_CTX_init(&hctx); | 94 | HMAC_CTX_init(&hctx_tpl); |
| 95 | p = out; | 95 | p = out; |
| 96 | tkeylen = keylen; | 96 | tkeylen = keylen; |
| 97 | if(!pass) | 97 | if(!pass) |
| 98 | passlen = 0; | 98 | passlen = 0; |
| 99 | else if(passlen == -1) | 99 | else if(passlen == -1) |
| 100 | passlen = strlen(pass); | 100 | passlen = strlen(pass); |
| 101 | if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) | ||
| 102 | { | ||
| 103 | HMAC_CTX_cleanup(&hctx_tpl); | ||
| 104 | return 0; | ||
| 105 | } | ||
| 101 | while(tkeylen) | 106 | while(tkeylen) |
| 102 | { | 107 | { |
| 103 | if(tkeylen > mdlen) | 108 | if(tkeylen > mdlen) |
| @@ -111,19 +116,36 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, | |||
| 111 | itmp[1] = (unsigned char)((i >> 16) & 0xff); | 116 | itmp[1] = (unsigned char)((i >> 16) & 0xff); |
| 112 | itmp[2] = (unsigned char)((i >> 8) & 0xff); | 117 | itmp[2] = (unsigned char)((i >> 8) & 0xff); |
| 113 | itmp[3] = (unsigned char)(i & 0xff); | 118 | itmp[3] = (unsigned char)(i & 0xff); |
| 114 | if (!HMAC_Init_ex(&hctx, pass, passlen, digest, NULL) | 119 | if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) |
| 115 | || !HMAC_Update(&hctx, salt, saltlen) | ||
| 116 | || !HMAC_Update(&hctx, itmp, 4) | ||
| 117 | || !HMAC_Final(&hctx, digtmp, NULL)) | ||
| 118 | { | 120 | { |
| 121 | HMAC_CTX_cleanup(&hctx_tpl); | ||
| 122 | return 0; | ||
| 123 | } | ||
| 124 | if (!HMAC_Update(&hctx, salt, saltlen) | ||
| 125 | || !HMAC_Update(&hctx, itmp, 4) | ||
| 126 | || !HMAC_Final(&hctx, digtmp, NULL)) | ||
| 127 | { | ||
| 128 | HMAC_CTX_cleanup(&hctx_tpl); | ||
| 119 | HMAC_CTX_cleanup(&hctx); | 129 | HMAC_CTX_cleanup(&hctx); |
| 120 | return 0; | 130 | return 0; |
| 121 | } | 131 | } |
| 132 | HMAC_CTX_cleanup(&hctx); | ||
| 122 | memcpy(p, digtmp, cplen); | 133 | memcpy(p, digtmp, cplen); |
| 123 | for(j = 1; j < iter; j++) | 134 | for(j = 1; j < iter; j++) |
| 124 | { | 135 | { |
| 125 | HMAC(digest, pass, passlen, | 136 | if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) |
| 126 | digtmp, mdlen, digtmp, NULL); | 137 | { |
| 138 | HMAC_CTX_cleanup(&hctx_tpl); | ||
| 139 | return 0; | ||
| 140 | } | ||
| 141 | if (!HMAC_Update(&hctx, digtmp, mdlen) | ||
| 142 | || !HMAC_Final(&hctx, digtmp, NULL)) | ||
| 143 | { | ||
| 144 | HMAC_CTX_cleanup(&hctx_tpl); | ||
| 145 | HMAC_CTX_cleanup(&hctx); | ||
| 146 | return 0; | ||
| 147 | } | ||
| 148 | HMAC_CTX_cleanup(&hctx); | ||
| 127 | for(k = 0; k < cplen; k++) | 149 | for(k = 0; k < cplen; k++) |
| 128 | p[k] ^= digtmp[k]; | 150 | p[k] ^= digtmp[k]; |
| 129 | } | 151 | } |
| @@ -131,7 +153,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, | |||
| 131 | i++; | 153 | i++; |
| 132 | p+= cplen; | 154 | p+= cplen; |
| 133 | } | 155 | } |
| 134 | HMAC_CTX_cleanup(&hctx); | 156 | HMAC_CTX_cleanup(&hctx_tpl); |
| 135 | #ifdef DEBUG_PKCS5V2 | 157 | #ifdef DEBUG_PKCS5V2 |
| 136 | fprintf(stderr, "Password:\n"); | 158 | fprintf(stderr, "Password:\n"); |
| 137 | h__dump (pass, passlen); | 159 | h__dump (pass, passlen); |