X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fasn1%2Fp5_pbe.c;h=bdbfdcd67c0727daa2e11af247495e0e81e85521;hp=30b9049a4573c798680300322251ac4e44d1b9ab;hb=b717b083073b6cacc0a5e2397b661678aff7ae7f;hpb=b7d135b353953bf40a58b49d145df5376a8af209 diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c index 30b9049a45..bdbfdcd67c 100644 --- a/crypto/asn1/p5_pbe.c +++ b/crypto/asn1/p5_pbe.c @@ -1,6 +1,7 @@ /* p5_pbe.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. +/* + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project + * 1999. */ /* ==================================================================== * Copyright (c) 1999 The OpenSSL Project. All rights reserved. @@ -10,7 +11,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -58,98 +59,85 @@ #include #include "cryptlib.h" -#include +#include +#include #include /* PKCS#5 password based encryption structure */ -int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - M_ASN1_I2D_len (a->salt, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER); +ASN1_SEQUENCE(PBEPARAM) = { + ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING), + ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER) +} ASN1_SEQUENCE_END(PBEPARAM) - M_ASN1_I2D_seq_total (); +IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM) - M_ASN1_I2D_put (a->salt, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER); - M_ASN1_I2D_finish(); -} +/* Set an algorithm identifier for a PKCS#5 PBE algorithm */ -PBEPARAM *PBEPARAM_new(void) +int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, + const unsigned char *salt, int saltlen) { - PBEPARAM *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, PBEPARAM); - M_ASN1_New(ret->iter,ASN1_INTEGER_new); - M_ASN1_New(ret->salt,ASN1_OCTET_STRING_new); - return (ret); - M_ASN1_New_Error(ASN1_F_PBEPARAM_NEW); -} + PBEPARAM *pbe = NULL; + ASN1_STRING *pbe_str = NULL; + unsigned char *sstr; -PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,PBEPARAM *,PBEPARAM_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->salt, d2i_ASN1_OCTET_STRING); - M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER); - M_ASN1_D2I_Finish(a, PBEPARAM_free, ASN1_F_D2I_PBEPARAM); -} + pbe = PBEPARAM_new(); + if (!pbe) { + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); + goto err; + } + if (iter <= 0) + iter = PKCS5_DEFAULT_ITER; + if (!ASN1_INTEGER_set(pbe->iter, iter)) { + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); + goto err; + } + if (!saltlen) + saltlen = PKCS5_SALT_LEN; + if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) { + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); + goto err; + } + sstr = ASN1_STRING_data(pbe->salt); + if (salt) + memcpy(sstr, salt, saltlen); + else if (RAND_pseudo_bytes(sstr, saltlen) < 0) + goto err; -void PBEPARAM_free (PBEPARAM *a) -{ - if(a==NULL) return; - ASN1_OCTET_STRING_free(a->salt); - ASN1_INTEGER_free (a->iter); - Free ((char *)a); + if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) { + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); + goto err; + } + + PBEPARAM_free(pbe); + pbe = NULL; + + if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str)) + return 1; + + err: + if (pbe != NULL) + PBEPARAM_free(pbe); + if (pbe_str != NULL) + ASN1_STRING_free(pbe_str); + return 0; } /* Return an algorithm identifier for a PKCS#5 PBE algorithm */ -X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, - int saltlen) +X509_ALGOR *PKCS5_pbe_set(int alg, int iter, + const unsigned char *salt, int saltlen) { - PBEPARAM *pbe; - ASN1_OBJECT *al; - X509_ALGOR *algor; - ASN1_TYPE *astype; - - if (!(pbe = PBEPARAM_new ())) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } - if(iter <= 0) iter = PKCS5_DEFAULT_ITER; - ASN1_INTEGER_set (pbe->iter, iter); - if (!saltlen) saltlen = PKCS5_SALT_LEN; - if (!(pbe->salt->data = Malloc (saltlen))) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } - pbe->salt->length = saltlen; - if (salt) memcpy (pbe->salt->data, salt, saltlen); - else RAND_bytes (pbe->salt->data, saltlen); - - if (!(astype = ASN1_TYPE_new())) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } + X509_ALGOR *ret; + ret = X509_ALGOR_new(); + if (!ret) { + ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE); + return NULL; + } - astype->type = V_ASN1_SEQUENCE; - if(!ASN1_pack_string(pbe, i2d_PBEPARAM, &astype->value.sequence)) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } - PBEPARAM_free (pbe); - - al = OBJ_nid2obj(alg); /* never need to free al */ - if (!(algor = X509_ALGOR_new())) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } - ASN1_OBJECT_free(algor->algorithm); - algor->algorithm = al; - algor->parameter = astype; + if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen)) + return ret; - return (algor); + X509_ALGOR_free(ret); + return NULL; }