diff options
Diffstat (limited to 'src/lib/libcrypto/pkcs12/p12_npas.c')
| -rw-r--r-- | src/lib/libcrypto/pkcs12/p12_npas.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/src/lib/libcrypto/pkcs12/p12_npas.c b/src/lib/libcrypto/pkcs12/p12_npas.c index 47e5e9c377..2f71355150 100644 --- a/src/lib/libcrypto/pkcs12/p12_npas.c +++ b/src/lib/libcrypto/pkcs12/p12_npas.c | |||
| @@ -120,8 +120,13 @@ static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass) | |||
| 120 | bags = PKCS12_unpack_p7data(p7); | 120 | bags = PKCS12_unpack_p7data(p7); |
| 121 | } else if (bagnid == NID_pkcs7_encrypted) { | 121 | } else if (bagnid == NID_pkcs7_encrypted) { |
| 122 | bags = PKCS12_unpack_p7encdata(p7, oldpass, -1); | 122 | bags = PKCS12_unpack_p7encdata(p7, oldpass, -1); |
| 123 | alg_get(p7->d.encrypted->enc_data->algorithm, | 123 | if (!alg_get(p7->d.encrypted->enc_data->algorithm, |
| 124 | &pbe_nid, &pbe_iter, &pbe_saltlen); | 124 | &pbe_nid, &pbe_iter, &pbe_saltlen)) |
| 125 | { | ||
| 126 | sk_PKCS12_SAFEBAG_pop_free(bags, | ||
| 127 | PKCS12_SAFEBAG_free); | ||
| 128 | bags = NULL; | ||
| 129 | } | ||
| 125 | } else continue; | 130 | } else continue; |
| 126 | if (!bags) { | 131 | if (!bags) { |
| 127 | sk_PKCS7_pop_free(asafes, PKCS7_free); | 132 | sk_PKCS7_pop_free(asafes, PKCS7_free); |
| @@ -193,7 +198,9 @@ static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass) | |||
| 193 | if(M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag) return 1; | 198 | if(M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag) return 1; |
| 194 | 199 | ||
| 195 | if (!(p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1))) return 0; | 200 | if (!(p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1))) return 0; |
| 196 | alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, &p8_saltlen); | 201 | if (!alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, |
| 202 | &p8_saltlen)) | ||
| 203 | return 0; | ||
| 197 | if(!(p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen, | 204 | if(!(p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen, |
| 198 | p8_iter, p8))) return 0; | 205 | p8_iter, p8))) return 0; |
| 199 | X509_SIG_free(bag->value.shkeybag); | 206 | X509_SIG_free(bag->value.shkeybag); |
| @@ -208,9 +215,11 @@ static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen) | |||
| 208 | 215 | ||
| 209 | p = alg->parameter->value.sequence->data; | 216 | p = alg->parameter->value.sequence->data; |
| 210 | pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); | 217 | pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); |
| 218 | if (!pbe) | ||
| 219 | return 0; | ||
| 211 | *pnid = OBJ_obj2nid(alg->algorithm); | 220 | *pnid = OBJ_obj2nid(alg->algorithm); |
| 212 | *piter = ASN1_INTEGER_get(pbe->iter); | 221 | *piter = ASN1_INTEGER_get(pbe->iter); |
| 213 | *psaltlen = pbe->salt->length; | 222 | *psaltlen = pbe->salt->length; |
| 214 | PBEPARAM_free(pbe); | 223 | PBEPARAM_free(pbe); |
| 215 | return 0; | 224 | return 1; |
| 216 | } | 225 | } |