Add support for Camellia HMAC-Based cipher suites from RFC6367

[openssl.git] / crypto / pem / pvkfmt.c

diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index 0d6c749c33ed2faf5c8b5083cd3c44f18dd79a9c..ae89f8281a827fa27cd90d99bee7de2beebc33f4 100644 (file)
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -654,13 +654,15 @@ int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk)
        return do_i2b_bio(out, pk, 1);
        }
 
+#ifndef OPENSSL_NO_RC4
+
 static int do_PVK_header(const unsigned char **in, unsigned int length,
                int skip_magic,
                unsigned int *psaltlen, unsigned int *pkeylen)
                
        {
        const unsigned char *p = *in;
-       unsigned int pvk_magic, keytype, is_encrypted;
+       unsigned int pvk_magic, is_encrypted;
        if (skip_magic)
                {
                if (length < 20)
@@ -687,7 +689,7 @@ static int do_PVK_header(const unsigned char **in, unsigned int length,
                }
        /* Skip reserved */
        p += 4;
-       keytype = read_ledword(&p);
+       /*keytype = */read_ledword(&p);
        is_encrypted = read_ledword(&p);
        *psaltlen = read_ledword(&p);
        *pkeylen = read_ledword(&p);
@@ -757,6 +759,11 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
                /* Copy BLOBHEADER across, decrypt rest */
                memcpy(enctmp, p, 8);
                p += 8;
+               if (keylen < 8)
+                       {
+                       PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT);
+                       return NULL;
+                       }
                inlen = keylen - 8;
                q = enctmp + 8;
                if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
@@ -845,7 +852,7 @@ EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u)
 static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
                pem_password_cb *cb, void *u)
        {
-       int outlen = 24, noinc, pklen;
+       int outlen = 24, pklen;
        unsigned char *p, *salt = NULL;
        EVP_CIPHER_CTX cctx;
        EVP_CIPHER_CTX_init(&cctx);
@@ -858,10 +865,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
        if (!out)
                return outlen;
        if (*out)
-               {
                p = *out;
-               noinc = 0;
-               }
        else
                {
                p = OPENSSL_malloc(outlen);
@@ -871,7 +875,6 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
                        return -1;
                        }
                *out = p;
-               noinc = 1;
                }
 
        write_ledword(&p, MS_PVKMAGIC);
@@ -946,4 +949,7 @@ int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
                }
        return -1;
        }
+
+#endif
+
 #endif