summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pkcs12/p12_mutl.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/pkcs12/p12_mutl.c')
-rw-r--r--src/lib/libcrypto/pkcs12/p12_mutl.c10
1 files changed, 7 insertions, 3 deletions
diff --git a/src/lib/libcrypto/pkcs12/p12_mutl.c b/src/lib/libcrypto/pkcs12/p12_mutl.c
index f0e6df9eb6..c71ed735ea 100644
--- a/src/lib/libcrypto/pkcs12/p12_mutl.c
+++ b/src/lib/libcrypto/pkcs12/p12_mutl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p12_mutl.c,v 1.35 2023/02/16 08:38:17 tb Exp $ */ 1/* $OpenBSD: p12_mutl.c,v 1.36 2024/01/25 13:44:08 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -115,6 +115,7 @@ PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
115{ 115{
116 const EVP_MD *md_type; 116 const EVP_MD *md_type;
117 HMAC_CTX *hmac = NULL; 117 HMAC_CTX *hmac = NULL;
118 ASN1_OCTET_STRING *aos;
118 unsigned char key[EVP_MAX_MD_SIZE], *salt; 119 unsigned char key[EVP_MAX_MD_SIZE], *salt;
119 int saltlen, iter; 120 int saltlen, iter;
120 int md_size; 121 int md_size;
@@ -124,6 +125,10 @@ PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
124 PKCS12error(PKCS12_R_CONTENT_TYPE_NOT_DATA); 125 PKCS12error(PKCS12_R_CONTENT_TYPE_NOT_DATA);
125 goto err; 126 goto err;
126 } 127 }
128 if ((aos = PKCS7_get_octet_string(p12->authsafes)) == NULL) {
129 PKCS12error(PKCS12_R_DECODE_ERROR);
130 goto err;
131 }
127 132
128 salt = p12->mac->salt->data; 133 salt = p12->mac->salt->data;
129 saltlen = p12->mac->salt->length; 134 saltlen = p12->mac->salt->length;
@@ -155,8 +160,7 @@ PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
155 goto err; 160 goto err;
156 if (!HMAC_Init_ex(hmac, key, md_size, md_type, NULL)) 161 if (!HMAC_Init_ex(hmac, key, md_size, md_type, NULL))
157 goto err; 162 goto err;
158 if (!HMAC_Update(hmac, p12->authsafes->d.data->data, 163 if (!HMAC_Update(hmac, aos->data, aos->length))
159 p12->authsafes->d.data->length))
160 goto err; 164 goto err;
161 if (!HMAC_Final(hmac, mac, maclen)) 165 if (!HMAC_Final(hmac, mac, maclen))
162 goto err; 166 goto err;