diff options
Diffstat (limited to 'src/lib/libcrypto/pkcs12/p12_mutl.c')
| -rw-r--r-- | src/lib/libcrypto/pkcs12/p12_mutl.c | 35 |
1 files changed, 14 insertions, 21 deletions
diff --git a/src/lib/libcrypto/pkcs12/p12_mutl.c b/src/lib/libcrypto/pkcs12/p12_mutl.c index 56a4964a34..f3132ec75f 100644 --- a/src/lib/libcrypto/pkcs12/p12_mutl.c +++ b/src/lib/libcrypto/pkcs12/p12_mutl.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: p12_mutl.c,v 1.22 2016/11/08 20:01:06 miod Exp $ */ | 1 | /* $OpenBSD: p12_mutl.c,v 1.23 2017/01/29 17:49:23 beck Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| @@ -80,8 +80,7 @@ PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, | |||
| 80 | int md_size; | 80 | int md_size; |
| 81 | 81 | ||
| 82 | if (!PKCS7_type_is_data(p12->authsafes)) { | 82 | if (!PKCS7_type_is_data(p12->authsafes)) { |
| 83 | PKCS12err(PKCS12_F_PKCS12_GEN_MAC, | 83 | PKCS12error(PKCS12_R_CONTENT_TYPE_NOT_DATA); |
| 84 | PKCS12_R_CONTENT_TYPE_NOT_DATA); | ||
| 85 | return 0; | 84 | return 0; |
| 86 | } | 85 | } |
| 87 | 86 | ||
| @@ -90,13 +89,12 @@ PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, | |||
| 90 | if (!p12->mac->iter) | 89 | if (!p12->mac->iter) |
| 91 | iter = 1; | 90 | iter = 1; |
| 92 | else if ((iter = ASN1_INTEGER_get(p12->mac->iter)) <= 0) { | 91 | else if ((iter = ASN1_INTEGER_get(p12->mac->iter)) <= 0) { |
| 93 | PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_DECODE_ERROR); | 92 | PKCS12error(PKCS12_R_DECODE_ERROR); |
| 94 | return 0; | 93 | return 0; |
| 95 | } | 94 | } |
| 96 | if (!(md_type = EVP_get_digestbyobj( | 95 | if (!(md_type = EVP_get_digestbyobj( |
| 97 | p12->mac->dinfo->algor->algorithm))) { | 96 | p12->mac->dinfo->algor->algorithm))) { |
| 98 | PKCS12err(PKCS12_F_PKCS12_GEN_MAC, | 97 | PKCS12error(PKCS12_R_UNKNOWN_DIGEST_ALGORITHM); |
| 99 | PKCS12_R_UNKNOWN_DIGEST_ALGORITHM); | ||
| 100 | return 0; | 98 | return 0; |
| 101 | } | 99 | } |
| 102 | md_size = EVP_MD_size(md_type); | 100 | md_size = EVP_MD_size(md_type); |
| @@ -104,7 +102,7 @@ PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, | |||
| 104 | return 0; | 102 | return 0; |
| 105 | if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter, | 103 | if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter, |
| 106 | md_size, key, md_type)) { | 104 | md_size, key, md_type)) { |
| 107 | PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR); | 105 | PKCS12error(PKCS12_R_KEY_GEN_ERROR); |
| 108 | return 0; | 106 | return 0; |
| 109 | } | 107 | } |
| 110 | HMAC_CTX_init(&hmac); | 108 | HMAC_CTX_init(&hmac); |
| @@ -127,12 +125,11 @@ PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen) | |||
| 127 | unsigned int maclen; | 125 | unsigned int maclen; |
| 128 | 126 | ||
| 129 | if (p12->mac == NULL) { | 127 | if (p12->mac == NULL) { |
| 130 | PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_ABSENT); | 128 | PKCS12error(PKCS12_R_MAC_ABSENT); |
| 131 | return 0; | 129 | return 0; |
| 132 | } | 130 | } |
| 133 | if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) { | 131 | if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) { |
| 134 | PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, | 132 | PKCS12error(PKCS12_R_MAC_GENERATION_ERROR); |
| 135 | PKCS12_R_MAC_GENERATION_ERROR); | ||
| 136 | return 0; | 133 | return 0; |
| 137 | } | 134 | } |
| 138 | if ((maclen != (unsigned int)p12->mac->dinfo->digest->length) || | 135 | if ((maclen != (unsigned int)p12->mac->dinfo->digest->length) || |
| @@ -154,17 +151,15 @@ PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, unsigned char *salt, | |||
| 154 | md_type = EVP_sha1(); | 151 | md_type = EVP_sha1(); |
| 155 | if (PKCS12_setup_mac(p12, iter, salt, saltlen, md_type) == | 152 | if (PKCS12_setup_mac(p12, iter, salt, saltlen, md_type) == |
| 156 | PKCS12_ERROR) { | 153 | PKCS12_ERROR) { |
| 157 | PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_SETUP_ERROR); | 154 | PKCS12error(PKCS12_R_MAC_SETUP_ERROR); |
| 158 | return 0; | 155 | return 0; |
| 159 | } | 156 | } |
| 160 | if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) { | 157 | if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) { |
| 161 | PKCS12err(PKCS12_F_PKCS12_SET_MAC, | 158 | PKCS12error(PKCS12_R_MAC_GENERATION_ERROR); |
| 162 | PKCS12_R_MAC_GENERATION_ERROR); | ||
| 163 | return 0; | 159 | return 0; |
| 164 | } | 160 | } |
| 165 | if (!(ASN1_STRING_set(p12->mac->dinfo->digest, mac, maclen))) { | 161 | if (!(ASN1_STRING_set(p12->mac->dinfo->digest, mac, maclen))) { |
| 166 | PKCS12err(PKCS12_F_PKCS12_SET_MAC, | 162 | PKCS12error(PKCS12_R_MAC_STRING_SET_ERROR); |
| 167 | PKCS12_R_MAC_STRING_SET_ERROR); | ||
| 168 | return 0; | 163 | return 0; |
| 169 | } | 164 | } |
| 170 | return 1; | 165 | return 1; |
| @@ -179,20 +174,18 @@ PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, | |||
| 179 | return PKCS12_ERROR; | 174 | return PKCS12_ERROR; |
| 180 | if (iter > 1) { | 175 | if (iter > 1) { |
| 181 | if (!(p12->mac->iter = ASN1_INTEGER_new())) { | 176 | if (!(p12->mac->iter = ASN1_INTEGER_new())) { |
| 182 | PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, | 177 | PKCS12error(ERR_R_MALLOC_FAILURE); |
| 183 | ERR_R_MALLOC_FAILURE); | ||
| 184 | return 0; | 178 | return 0; |
| 185 | } | 179 | } |
| 186 | if (!ASN1_INTEGER_set(p12->mac->iter, iter)) { | 180 | if (!ASN1_INTEGER_set(p12->mac->iter, iter)) { |
| 187 | PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, | 181 | PKCS12error(ERR_R_MALLOC_FAILURE); |
| 188 | ERR_R_MALLOC_FAILURE); | ||
| 189 | return 0; | 182 | return 0; |
| 190 | } | 183 | } |
| 191 | } | 184 | } |
| 192 | if (!saltlen) | 185 | if (!saltlen) |
| 193 | saltlen = PKCS12_SALT_LEN; | 186 | saltlen = PKCS12_SALT_LEN; |
| 194 | if (!(p12->mac->salt->data = malloc(saltlen))) { | 187 | if (!(p12->mac->salt->data = malloc(saltlen))) { |
| 195 | PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); | 188 | PKCS12error(ERR_R_MALLOC_FAILURE); |
| 196 | return 0; | 189 | return 0; |
| 197 | } | 190 | } |
| 198 | p12->mac->salt->length = saltlen; | 191 | p12->mac->salt->length = saltlen; |
| @@ -202,7 +195,7 @@ PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, | |||
| 202 | memcpy (p12->mac->salt->data, salt, saltlen); | 195 | memcpy (p12->mac->salt->data, salt, saltlen); |
| 203 | p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type)); | 196 | p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type)); |
| 204 | if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) { | 197 | if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) { |
| 205 | PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); | 198 | PKCS12error(ERR_R_MALLOC_FAILURE); |
| 206 | return 0; | 199 | return 0; |
| 207 | } | 200 | } |
| 208 | p12->mac->dinfo->algor->parameter->type = V_ASN1_NULL; | 201 | p12->mac->dinfo->algor->parameter->type = V_ASN1_NULL; |