Add support for Camellia HMAC-Based cipher suites from RFC6367

[openssl.git] / crypto / pem / pvkfmt.c

diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index 0dd6f5d98a6a3dc7f8049f1642195b8d6c598755..ae89f8281a827fa27cd90d99bee7de2beebc33f4 100644 (file)
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -662,7 +662,7 @@ static int do_PVK_header(const unsigned char **in, unsigned int length,
                
        {
        const unsigned char *p = *in;
-       unsigned int pvk_magic, keytype, is_encrypted;
+       unsigned int pvk_magic, is_encrypted;
        if (skip_magic)
                {
                if (length < 20)
@@ -689,7 +689,7 @@ static int do_PVK_header(const unsigned char **in, unsigned int length,
                }
        /* Skip reserved */
        p += 4;
-       keytype = read_ledword(&p);
+       /*keytype = */read_ledword(&p);
        is_encrypted = read_ledword(&p);
        *psaltlen = read_ledword(&p);
        *pkeylen = read_ledword(&p);
@@ -759,6 +759,11 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
                /* Copy BLOBHEADER across, decrypt rest */
                memcpy(enctmp, p, 8);
                p += 8;
+               if (keylen < 8)
+                       {
+                       PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT);
+                       return NULL;
+                       }
                inlen = keylen - 8;
                q = enctmp + 8;
                if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
@@ -847,7 +852,7 @@ EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u)
 static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
                pem_password_cb *cb, void *u)
        {
-       int outlen = 24, noinc, pklen;
+       int outlen = 24, pklen;
        unsigned char *p, *salt = NULL;
        EVP_CIPHER_CTX cctx;
        EVP_CIPHER_CTX_init(&cctx);
@@ -860,10 +865,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
        if (!out)
                return outlen;
        if (*out)
-               {
                p = *out;
-               noinc = 0;
-               }
        else
                {
                p = OPENSSL_malloc(outlen);
@@ -873,7 +875,6 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
                        return -1;
                        }
                *out = p;
-               noinc = 1;
                }
 
        write_ledword(&p, MS_PVKMAGIC);