From b64270d1e45fe7f3241e4c9b6ce60d5ac89bc2e9 Mon Sep 17 00:00:00 2001 From: beck <> Date: Wed, 15 May 2002 02:29:21 +0000 Subject: OpenSSL 0.9.7 stable 2002 05 08 merge --- src/lib/libcrypto/pkcs12/p12_decr.c | 69 ++++++++++++++++--------------------- 1 file changed, 29 insertions(+), 40 deletions(-) (limited to 'src/lib/libcrypto/pkcs12/p12_decr.c') diff --git a/src/lib/libcrypto/pkcs12/p12_decr.c b/src/lib/libcrypto/pkcs12/p12_decr.c index 8cd7e2f414..394af368f4 100644 --- a/src/lib/libcrypto/pkcs12/p12_decr.c +++ b/src/lib/libcrypto/pkcs12/p12_decr.c @@ -68,7 +68,7 @@ * OPENSSL_malloc'ed buffer */ -unsigned char * PKCS12_pbe_crypt (X509_ALGOR *algor, const char *pass, +unsigned char * PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, int passlen, unsigned char *in, int inlen, unsigned char **data, int *datalen, int en_de) { @@ -76,47 +76,48 @@ unsigned char * PKCS12_pbe_crypt (X509_ALGOR *algor, const char *pass, int outlen, i; EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX_init(&ctx); /* Decrypt data */ - if (!EVP_PBE_CipherInit (algor->algorithm, pass, passlen, + if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen, algor->parameter, &ctx, en_de)) { PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR); return NULL; } - if(!(out = OPENSSL_malloc (inlen + EVP_CIPHER_CTX_block_size(&ctx)))) { + if(!(out = OPENSSL_malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) { PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } - EVP_CipherUpdate (&ctx, out, &i, in, inlen); + EVP_CipherUpdate(&ctx, out, &i, in, inlen); outlen = i; - if(!EVP_CipherFinal (&ctx, out + i, &i)) { - OPENSSL_free (out); + if(!EVP_CipherFinal_ex(&ctx, out + i, &i)) { + OPENSSL_free(out); + out = NULL; PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_CIPHERFINAL_ERROR); - return NULL; + goto err; } outlen += i; if (datalen) *datalen = outlen; if (data) *data = out; + err: + EVP_CIPHER_CTX_cleanup(&ctx); return out; } /* Decrypt an OCTET STRING and decode ASN1 structure - * if seq & 1 'obj' is a stack of structures to be encoded - * if seq & 2 zero buffer after use - * as a sequence. + * if zbuf set zero buffer after use. */ -char * PKCS12_decrypt_d2i (X509_ALGOR *algor, char * (*d2i)(), - void (*free_func)(void *), const char *pass, int passlen, - ASN1_OCTET_STRING *oct, int seq) +void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, + const char *pass, int passlen, ASN1_OCTET_STRING *oct, int zbuf) { unsigned char *out, *p; - char *ret; + void *ret; int outlen; - if (!PKCS12_pbe_crypt (algor, pass, passlen, oct->data, oct->length, + if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length, &out, &outlen, 0)) { PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_PKCS12_PBE_CRYPT_ERROR); return NULL; @@ -134,53 +135,41 @@ char * PKCS12_decrypt_d2i (X509_ALGOR *algor, char * (*d2i)(), fclose(op); } #endif - if (seq & 1) ret = (char *) d2i_ASN1_SET(NULL, &p, outlen, d2i, - free_func, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); - else ret = d2i(NULL, &p, outlen); - if (seq & 2) memset(out, 0, outlen); + ret = ASN1_item_d2i(NULL, &p, outlen, it); + if (zbuf) memset(out, 0, outlen); if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); - OPENSSL_free (out); + OPENSSL_free(out); return ret; } /* Encode ASN1 structure and encrypt, return OCTET STRING - * if 'seq' is non-zero 'obj' is a stack of structures to be encoded - * as a sequence + * if zbuf set zero encoding. */ -ASN1_OCTET_STRING *PKCS12_i2d_encrypt (X509_ALGOR *algor, int (*i2d)(), +ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *it, const char *pass, int passlen, - char *obj, int seq) + void *obj, int zbuf) { ASN1_OCTET_STRING *oct; - unsigned char *in, *p; + unsigned char *in = NULL; int inlen; if (!(oct = M_ASN1_OCTET_STRING_new ())) { PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE); return NULL; } - if (seq) inlen = i2d_ASN1_SET((STACK *)obj, NULL, i2d, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE); - else inlen = i2d (obj, NULL); - if (!inlen) { + inlen = ASN1_item_i2d(obj, &in, it); + if (!in) { PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCODE_ERROR); return NULL; } - if (!(in = OPENSSL_malloc (inlen))) { - PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE); - return NULL; - } - p = in; - if (seq) i2d_ASN1_SET((STACK *)obj, &p, i2d, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE); - else i2d (obj, &p); - if (!PKCS12_pbe_crypt (algor, pass, passlen, in, inlen, &oct->data, + if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data, &oct->length, 1)) { PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCRYPT_ERROR); OPENSSL_free(in); return NULL; } - OPENSSL_free (in); + if (zbuf) memset(in, 0, inlen); + OPENSSL_free(in); return oct; } -- cgit v1.2.3-55-g6feb