summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/pkcs12/p12_mutl.c17
-rw-r--r--src/lib/libssl/src/crypto/pkcs12/p12_mutl.c17
2 files changed, 18 insertions, 16 deletions
diff --git a/src/lib/libcrypto/pkcs12/p12_mutl.c b/src/lib/libcrypto/pkcs12/p12_mutl.c
index 0c49bf96fd..ac58f50ca7 100644
--- a/src/lib/libcrypto/pkcs12/p12_mutl.c
+++ b/src/lib/libcrypto/pkcs12/p12_mutl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p12_mutl.c,v 1.18 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: p12_mutl.c,v 1.19 2014/10/22 18:37:22 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -100,7 +100,7 @@ PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
100 md_size = EVP_MD_size(md_type); 100 md_size = EVP_MD_size(md_type);
101 if (md_size < 0) 101 if (md_size < 0)
102 return 0; 102 return 0;
103 if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter, 103 if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
104 md_size, key, md_type)) { 104 md_size, key, md_type)) {
105 PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR); 105 PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR);
106 return 0; 106 return 0;
@@ -123,11 +123,12 @@ PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen)
123{ 123{
124 unsigned char mac[EVP_MAX_MD_SIZE]; 124 unsigned char mac[EVP_MAX_MD_SIZE];
125 unsigned int maclen; 125 unsigned int maclen;
126
126 if (p12->mac == NULL) { 127 if (p12->mac == NULL) {
127 PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_ABSENT); 128 PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_ABSENT);
128 return 0; 129 return 0;
129 } 130 }
130 if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) { 131 if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
131 PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, 132 PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC,
132 PKCS12_R_MAC_GENERATION_ERROR); 133 PKCS12_R_MAC_GENERATION_ERROR);
133 return 0; 134 return 0;
@@ -149,17 +150,17 @@ PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, unsigned char *salt,
149 150
150 if (!md_type) 151 if (!md_type)
151 md_type = EVP_sha1(); 152 md_type = EVP_sha1();
152 if (PKCS12_setup_mac (p12, iter, salt, saltlen, md_type) == 153 if (PKCS12_setup_mac(p12, iter, salt, saltlen, md_type) ==
153 PKCS12_ERROR) { 154 PKCS12_ERROR) {
154 PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_SETUP_ERROR); 155 PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_SETUP_ERROR);
155 return 0; 156 return 0;
156 } 157 }
157 if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) { 158 if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
158 PKCS12err(PKCS12_F_PKCS12_SET_MAC, 159 PKCS12err(PKCS12_F_PKCS12_SET_MAC,
159 PKCS12_R_MAC_GENERATION_ERROR); 160 PKCS12_R_MAC_GENERATION_ERROR);
160 return 0; 161 return 0;
161 } 162 }
162 if (!(M_ASN1_OCTET_STRING_set (p12->mac->dinfo->digest, mac, maclen))) { 163 if (!(M_ASN1_OCTET_STRING_set(p12->mac->dinfo->digest, mac, maclen))) {
163 PKCS12err(PKCS12_F_PKCS12_SET_MAC, 164 PKCS12err(PKCS12_F_PKCS12_SET_MAC,
164 PKCS12_R_MAC_STRING_SET_ERROR); 165 PKCS12_R_MAC_STRING_SET_ERROR);
165 return 0; 166 return 0;
@@ -188,11 +189,11 @@ PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
188 } 189 }
189 if (!saltlen) 190 if (!saltlen)
190 saltlen = PKCS12_SALT_LEN; 191 saltlen = PKCS12_SALT_LEN;
191 p12->mac->salt->length = saltlen; 192 if (!(p12->mac->salt->data = malloc(saltlen))) {
192 if (!(p12->mac->salt->data = malloc (saltlen))) {
193 PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); 193 PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
194 return 0; 194 return 0;
195 } 195 }
196 p12->mac->salt->length = saltlen;
196 if (!salt) 197 if (!salt)
197 arc4random_buf(p12->mac->salt->data, saltlen); 198 arc4random_buf(p12->mac->salt->data, saltlen);
198 else 199 else
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c b/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c
index 0c49bf96fd..ac58f50ca7 100644
--- a/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c
+++ b/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p12_mutl.c,v 1.18 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: p12_mutl.c,v 1.19 2014/10/22 18:37:22 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -100,7 +100,7 @@ PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
100 md_size = EVP_MD_size(md_type); 100 md_size = EVP_MD_size(md_type);
101 if (md_size < 0) 101 if (md_size < 0)
102 return 0; 102 return 0;
103 if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter, 103 if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
104 md_size, key, md_type)) { 104 md_size, key, md_type)) {
105 PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR); 105 PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR);
106 return 0; 106 return 0;
@@ -123,11 +123,12 @@ PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen)
123{ 123{
124 unsigned char mac[EVP_MAX_MD_SIZE]; 124 unsigned char mac[EVP_MAX_MD_SIZE];
125 unsigned int maclen; 125 unsigned int maclen;
126
126 if (p12->mac == NULL) { 127 if (p12->mac == NULL) {
127 PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_ABSENT); 128 PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_ABSENT);
128 return 0; 129 return 0;
129 } 130 }
130 if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) { 131 if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
131 PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, 132 PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC,
132 PKCS12_R_MAC_GENERATION_ERROR); 133 PKCS12_R_MAC_GENERATION_ERROR);
133 return 0; 134 return 0;
@@ -149,17 +150,17 @@ PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, unsigned char *salt,
149 150
150 if (!md_type) 151 if (!md_type)
151 md_type = EVP_sha1(); 152 md_type = EVP_sha1();
152 if (PKCS12_setup_mac (p12, iter, salt, saltlen, md_type) == 153 if (PKCS12_setup_mac(p12, iter, salt, saltlen, md_type) ==
153 PKCS12_ERROR) { 154 PKCS12_ERROR) {
154 PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_SETUP_ERROR); 155 PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_SETUP_ERROR);
155 return 0; 156 return 0;
156 } 157 }
157 if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) { 158 if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
158 PKCS12err(PKCS12_F_PKCS12_SET_MAC, 159 PKCS12err(PKCS12_F_PKCS12_SET_MAC,
159 PKCS12_R_MAC_GENERATION_ERROR); 160 PKCS12_R_MAC_GENERATION_ERROR);
160 return 0; 161 return 0;
161 } 162 }
162 if (!(M_ASN1_OCTET_STRING_set (p12->mac->dinfo->digest, mac, maclen))) { 163 if (!(M_ASN1_OCTET_STRING_set(p12->mac->dinfo->digest, mac, maclen))) {
163 PKCS12err(PKCS12_F_PKCS12_SET_MAC, 164 PKCS12err(PKCS12_F_PKCS12_SET_MAC,
164 PKCS12_R_MAC_STRING_SET_ERROR); 165 PKCS12_R_MAC_STRING_SET_ERROR);
165 return 0; 166 return 0;
@@ -188,11 +189,11 @@ PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
188 } 189 }
189 if (!saltlen) 190 if (!saltlen)
190 saltlen = PKCS12_SALT_LEN; 191 saltlen = PKCS12_SALT_LEN;
191 p12->mac->salt->length = saltlen; 192 if (!(p12->mac->salt->data = malloc(saltlen))) {
192 if (!(p12->mac->salt->data = malloc (saltlen))) {
193 PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); 193 PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
194 return 0; 194 return 0;
195 } 195 }
196 p12->mac->salt->length = saltlen;
196 if (!salt) 197 if (!salt)
197 arc4random_buf(p12->mac->salt->data, saltlen); 198 arc4random_buf(p12->mac->salt->data, saltlen);
198 else 199 else
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-28 10:56:22 +0000