X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=crypto%2Fasn1%2Fp5_pbe.c;h=cc91fad53b2aa1440d4bbbcbcd093621eb07872d;hb=c9f6be4ead3ddc5044c1c0430b4d0335301f202b;hp=5145c6349e7dba86bea8e10a651fb1c6a2bf0738;hpb=8e21c14607173ae5b0ea04c5a24b36514f6887f1;p=openssl.git

diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c
index 5145c6349e..cc91fad53b 100644
--- a/crypto/asn1/p5_pbe.c
+++ b/crypto/asn1/p5_pbe.c
@@ -1,6 +1,7 @@
 /* p5_pbe.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
  */
 /* ====================================================================
  * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
@@ -10,7 +11,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -57,98 +58,84 @@
  */
 
 #include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include "internal/cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
 #include <openssl/rand.h>
 
 /* PKCS#5 password based encryption structure */
 
-int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp)
-{
-	M_ASN1_I2D_vars(a);
-	M_ASN1_I2D_len (a->salt, i2d_ASN1_OCTET_STRING);
-	M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER);
+ASN1_SEQUENCE(PBEPARAM) = {
+        ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING),
+        ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(PBEPARAM)
 
-	M_ASN1_I2D_seq_total ();
+IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM)
 
-	M_ASN1_I2D_put (a->salt, i2d_ASN1_OCTET_STRING);
-	M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER);
-	M_ASN1_I2D_finish();
-}
+/* Set an algorithm identifier for a PKCS#5 PBE algorithm */
 
-PBEPARAM *PBEPARAM_new(void)
+int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
+                         const unsigned char *salt, int saltlen)
 {
-	PBEPARAM *ret=NULL;
-	ASN1_CTX c;
-	M_ASN1_New_Malloc(ret, PBEPARAM);
-	M_ASN1_New(ret->iter,ASN1_INTEGER_new);
-	M_ASN1_New(ret->salt,ASN1_OCTET_STRING_new);
-	return (ret);
-	M_ASN1_New_Error(ASN1_F_PBEPARAM_NEW);
-}
+    PBEPARAM *pbe = NULL;
+    ASN1_STRING *pbe_str = NULL;
+    unsigned char *sstr;
 
-PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length)
-{
-	M_ASN1_D2I_vars(a,PBEPARAM *,PBEPARAM_new);
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get (ret->salt, d2i_ASN1_OCTET_STRING);
-	M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER);
-	M_ASN1_D2I_Finish(a, PBEPARAM_free, ASN1_F_D2I_PBEPARAM);
-}
+    pbe = PBEPARAM_new();
+    if (!pbe) {
+        ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (iter <= 0)
+        iter = PKCS5_DEFAULT_ITER;
+    if (!ASN1_INTEGER_set(pbe->iter, iter)) {
+        ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (!saltlen)
+        saltlen = PKCS5_SALT_LEN;
+    if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) {
+        ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    sstr = ASN1_STRING_data(pbe->salt);
+    if (salt)
+        memcpy(sstr, salt, saltlen);
+    else if (RAND_bytes(sstr, saltlen) <= 0)
+        goto err;
 
-void PBEPARAM_free (PBEPARAM *a)
-{
-	if(a==NULL) return;
-	ASN1_OCTET_STRING_free(a->salt);
-	ASN1_INTEGER_free (a->iter);
-	Free ((char *)a);
+    if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {
+        ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    PBEPARAM_free(pbe);
+    pbe = NULL;
+
+    if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str))
+        return 1;
+
+ err:
+    PBEPARAM_free(pbe);
+    ASN1_STRING_free(pbe_str);
+    return 0;
 }
 
 /* Return an algorithm identifier for a PKCS#5 PBE algorithm */
 
-X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
-	     int saltlen)
+X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
+                          const unsigned char *salt, int saltlen)
 {
-	PBEPARAM *pbe;
-	ASN1_OBJECT *al;
-	X509_ALGOR *algor;
-	ASN1_TYPE *astype;
-
-	if (!(pbe = PBEPARAM_new ())) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	ASN1_INTEGER_set (pbe->iter, iter);
-	if (!saltlen) saltlen = PKCS5_SALT_LEN;
-	if (!(pbe->salt->data = Malloc (saltlen))) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	pbe->salt->length = saltlen;
-	if (salt) memcpy (pbe->salt->data, salt, saltlen);
-	else RAND_bytes (pbe->salt->data, saltlen);
-
-	if (!(astype = ASN1_TYPE_new())) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
+    X509_ALGOR *ret;
+    ret = X509_ALGOR_new();
+    if (!ret) {
+        ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
 
-	astype->type = V_ASN1_SEQUENCE;
-	if(!ASN1_pack_string(pbe, i2d_PBEPARAM, &astype->value.sequence)) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	PBEPARAM_free (pbe);
-	
-	al = OBJ_nid2obj(alg); /* never need to free al */
-	if (!(algor = X509_ALGOR_new())) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	ASN1_OBJECT_free(algor->algorithm);
-	algor->algorithm = al;
-	algor->parameter = astype;
+    if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen))
+        return ret;
 
-	return (algor);
+    X509_ALGOR_free(ret);
+    return NULL;
 }