summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pkcs12
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/pkcs12')
-rw-r--r--src/lib/libcrypto/pkcs12/p12_key.c38
1 files changed, 22 insertions, 16 deletions
diff --git a/src/lib/libcrypto/pkcs12/p12_key.c b/src/lib/libcrypto/pkcs12/p12_key.c
index a29794bbbc..424203f648 100644
--- a/src/lib/libcrypto/pkcs12/p12_key.c
+++ b/src/lib/libcrypto/pkcs12/p12_key.c
@@ -107,6 +107,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
107 unsigned char *B, *D, *I, *p, *Ai; 107 unsigned char *B, *D, *I, *p, *Ai;
108 int Slen, Plen, Ilen, Ijlen; 108 int Slen, Plen, Ilen, Ijlen;
109 int i, j, u, v; 109 int i, j, u, v;
110 int ret = 0;
110 BIGNUM *Ij, *Bpl1; /* These hold Ij and B + 1 */ 111 BIGNUM *Ij, *Bpl1; /* These hold Ij and B + 1 */
111 EVP_MD_CTX ctx; 112 EVP_MD_CTX ctx;
112#ifdef DEBUG_KEYGEN 113#ifdef DEBUG_KEYGEN
@@ -144,10 +145,8 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
144 I = OPENSSL_malloc (Ilen); 145 I = OPENSSL_malloc (Ilen);
145 Ij = BN_new(); 146 Ij = BN_new();
146 Bpl1 = BN_new(); 147 Bpl1 = BN_new();
147 if (!D || !Ai || !B || !I || !Ij || !Bpl1) { 148 if (!D || !Ai || !B || !I || !Ij || !Bpl1)
148 PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_MALLOC_FAILURE); 149 goto err;
149 return 0;
150 }
151 for (i = 0; i < v; i++) D[i] = id; 150 for (i = 0; i < v; i++) D[i] = id;
152 p = I; 151 p = I;
153 for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen]; 152 for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen];
@@ -164,28 +163,22 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
164 } 163 }
165 memcpy (out, Ai, min (n, u)); 164 memcpy (out, Ai, min (n, u));
166 if (u >= n) { 165 if (u >= n) {
167 OPENSSL_free (Ai);
168 OPENSSL_free (B);
169 OPENSSL_free (D);
170 OPENSSL_free (I);
171 BN_free (Ij);
172 BN_free (Bpl1);
173 EVP_MD_CTX_cleanup(&ctx);
174#ifdef DEBUG_KEYGEN 166#ifdef DEBUG_KEYGEN
175 fprintf(stderr, "Output KEY (length %d)\n", tmpn); 167 fprintf(stderr, "Output KEY (length %d)\n", tmpn);
176 h__dump(tmpout, tmpn); 168 h__dump(tmpout, tmpn);
177#endif 169#endif
178 return 1; 170 ret = 1;
171 goto end;
179 } 172 }
180 n -= u; 173 n -= u;
181 out += u; 174 out += u;
182 for (j = 0; j < v; j++) B[j] = Ai[j % u]; 175 for (j = 0; j < v; j++) B[j] = Ai[j % u];
183 /* Work out B + 1 first then can use B as tmp space */ 176 /* Work out B + 1 first then can use B as tmp space */
184 BN_bin2bn (B, v, Bpl1); 177 if (!BN_bin2bn (B, v, Bpl1)) goto err;
185 BN_add_word (Bpl1, 1); 178 if (!BN_add_word (Bpl1, 1)) goto err;
186 for (j = 0; j < Ilen ; j+=v) { 179 for (j = 0; j < Ilen ; j+=v) {
187 BN_bin2bn (I + j, v, Ij); 180 if (!BN_bin2bn (I + j, v, Ij)) goto err;
188 BN_add (Ij, Ij, Bpl1); 181 if (!BN_add (Ij, Ij, Bpl1)) goto err;
189 BN_bn2bin (Ij, B); 182 BN_bn2bin (Ij, B);
190 Ijlen = BN_num_bytes (Ij); 183 Ijlen = BN_num_bytes (Ij);
191 /* If more than 2^(v*8) - 1 cut off MSB */ 184 /* If more than 2^(v*8) - 1 cut off MSB */
@@ -201,6 +194,19 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
201 } else BN_bn2bin (Ij, I + j); 194 } else BN_bn2bin (Ij, I + j);
202 } 195 }
203 } 196 }
197
198err:
199 PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_MALLOC_FAILURE);
200
201end:
202 OPENSSL_free (Ai);
203 OPENSSL_free (B);
204 OPENSSL_free (D);
205 OPENSSL_free (I);
206 BN_free (Ij);
207 BN_free (Bpl1);
208 EVP_MD_CTX_cleanup(&ctx);
209 return ret;
204} 210}
205#ifdef DEBUG_KEYGEN 211#ifdef DEBUG_KEYGEN
206void h__dump (unsigned char *p, int len) 212void h__dump (unsigned char *p, int len)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 14:48:29 +0000