Add EVP_PKEY_set1_engine() function.

[openssl.git] / crypto / evp / p5_crpt2.c

diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
index 2e45aa3bd8ecf8a67cf3997450f5af706a877d63..b9ea1a74007aa52fcf840077256369c6da70e5e6 100644 (file)
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -33,6 +33,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
                       const unsigned char *salt, int saltlen, int iter,
                       const EVP_MD *digest, int keylen, unsigned char *out)
 {
+    const char *empty = "";
     unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
     int cplen, j, k, tkeylen, mdlen;
     unsigned long i = 1;
@@ -47,10 +48,12 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
         return 0;
     p = out;
     tkeylen = keylen;
-    if (!pass)
+    if (pass == NULL) {
+        pass = empty;
         passlen = 0;
-    else if (passlen == -1)
+    } else if (passlen == -1) {
         passlen = strlen(pass);
+    }
     if (!HMAC_Init_ex(hctx_tpl, pass, passlen, digest, NULL)) {
         HMAC_CTX_free(hctx_tpl);
         return 0;
@@ -85,7 +88,6 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
             HMAC_CTX_free(hctx_tpl);
             return 0;
         }
-        HMAC_CTX_reset(hctx);
         memcpy(p, digtmp, cplen);
         for (j = 1; j < iter; j++) {
             if (!HMAC_CTX_copy(hctx, hctx_tpl)) {
@@ -99,7 +101,6 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
                 HMAC_CTX_free(hctx_tpl);
                 return 0;
             }
-            HMAC_CTX_reset(hctx);
             for (k = 0; k < cplen; k++)
                 p[k] ^= digtmp[k];
         }
@@ -129,18 +130,6 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
                              keylen, out);
 }
 
-# ifdef DO_TEST
-main()
-{
-    unsigned char out[4];
-    unsigned char salt[] = { 0x12, 0x34, 0x56, 0x78 };
-    PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out);
-    fprintf(stderr, "Out %02X %02X %02X %02X\n",
-            out[0], out[1], out[2], out[3]);
-}
-
-# endif
-
 /*
  * Now the key derivation function itself. This is a bit evil because it has
  * to check the ASN1 parameters are valid: and there are quite a few of