diff options
Diffstat (limited to 'src/lib/libcrypto/pkcs12/p12_mutl.c')
-rw-r--r-- | src/lib/libcrypto/pkcs12/p12_mutl.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/lib/libcrypto/pkcs12/p12_mutl.c b/src/lib/libcrypto/pkcs12/p12_mutl.c index f0e6df9eb6..c71ed735ea 100644 --- a/src/lib/libcrypto/pkcs12/p12_mutl.c +++ b/src/lib/libcrypto/pkcs12/p12_mutl.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: p12_mutl.c,v 1.35 2023/02/16 08:38:17 tb Exp $ */ | 1 | /* $OpenBSD: p12_mutl.c,v 1.36 2024/01/25 13:44:08 tb Exp $ */ |
2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 | * project 1999. | 3 | * project 1999. |
4 | */ | 4 | */ |
@@ -115,6 +115,7 @@ PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, | |||
115 | { | 115 | { |
116 | const EVP_MD *md_type; | 116 | const EVP_MD *md_type; |
117 | HMAC_CTX *hmac = NULL; | 117 | HMAC_CTX *hmac = NULL; |
118 | ASN1_OCTET_STRING *aos; | ||
118 | unsigned char key[EVP_MAX_MD_SIZE], *salt; | 119 | unsigned char key[EVP_MAX_MD_SIZE], *salt; |
119 | int saltlen, iter; | 120 | int saltlen, iter; |
120 | int md_size; | 121 | int md_size; |
@@ -124,6 +125,10 @@ PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, | |||
124 | PKCS12error(PKCS12_R_CONTENT_TYPE_NOT_DATA); | 125 | PKCS12error(PKCS12_R_CONTENT_TYPE_NOT_DATA); |
125 | goto err; | 126 | goto err; |
126 | } | 127 | } |
128 | if ((aos = PKCS7_get_octet_string(p12->authsafes)) == NULL) { | ||
129 | PKCS12error(PKCS12_R_DECODE_ERROR); | ||
130 | goto err; | ||
131 | } | ||
127 | 132 | ||
128 | salt = p12->mac->salt->data; | 133 | salt = p12->mac->salt->data; |
129 | saltlen = p12->mac->salt->length; | 134 | saltlen = p12->mac->salt->length; |
@@ -155,8 +160,7 @@ PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, | |||
155 | goto err; | 160 | goto err; |
156 | if (!HMAC_Init_ex(hmac, key, md_size, md_type, NULL)) | 161 | if (!HMAC_Init_ex(hmac, key, md_size, md_type, NULL)) |
157 | goto err; | 162 | goto err; |
158 | if (!HMAC_Update(hmac, p12->authsafes->d.data->data, | 163 | if (!HMAC_Update(hmac, aos->data, aos->length)) |
159 | p12->authsafes->d.data->length)) | ||
160 | goto err; | 164 | goto err; |
161 | if (!HMAC_Final(hmac, mac, maclen)) | 165 | if (!HMAC_Final(hmac, mac, maclen)) |
162 | goto err; | 166 | goto err; |