*/
#include <stdio.h>
#include <stdlib.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
# include <openssl/x509.h>
# include <openssl/evp.h>
# include <openssl/hmac.h>
unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
int cplen, j, k, tkeylen, mdlen;
unsigned long i = 1;
- HMAC_CTX hctx_tpl, hctx;
+ HMAC_CTX *hctx_tpl = NULL, *hctx = NULL;
mdlen = EVP_MD_size(digest);
if (mdlen < 0)
return 0;
- HMAC_CTX_init(&hctx_tpl);
+ hctx_tpl = HMAC_CTX_new();
+ if (hctx_tpl == NULL)
+ return 0;
p = out;
tkeylen = keylen;
if (!pass)
passlen = 0;
else if (passlen == -1)
passlen = strlen(pass);
- if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) {
- HMAC_CTX_cleanup(&hctx_tpl);
+ if (!HMAC_Init_ex(hctx_tpl, pass, passlen, digest, NULL)) {
+ HMAC_CTX_free(hctx_tpl);
+ return 0;
+ }
+ hctx = HMAC_CTX_new();
+ if (hctx == NULL) {
+ HMAC_CTX_free(hctx_tpl);
return 0;
}
while (tkeylen) {
itmp[1] = (unsigned char)((i >> 16) & 0xff);
itmp[2] = (unsigned char)((i >> 8) & 0xff);
itmp[3] = (unsigned char)(i & 0xff);
- if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
- HMAC_CTX_cleanup(&hctx_tpl);
+ if (!HMAC_CTX_copy(hctx, hctx_tpl)) {
+ HMAC_CTX_free(hctx);
+ HMAC_CTX_free(hctx_tpl);
return 0;
}
- if (!HMAC_Update(&hctx, salt, saltlen)
- || !HMAC_Update(&hctx, itmp, 4)
- || !HMAC_Final(&hctx, digtmp, NULL)) {
- HMAC_CTX_cleanup(&hctx_tpl);
- HMAC_CTX_cleanup(&hctx);
+ if (!HMAC_Update(hctx, salt, saltlen)
+ || !HMAC_Update(hctx, itmp, 4)
+ || !HMAC_Final(hctx, digtmp, NULL)) {
+ HMAC_CTX_free(hctx);
+ HMAC_CTX_free(hctx_tpl);
return 0;
}
- HMAC_CTX_cleanup(&hctx);
+ HMAC_CTX_init(hctx);
memcpy(p, digtmp, cplen);
for (j = 1; j < iter; j++) {
- if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
- HMAC_CTX_cleanup(&hctx_tpl);
+ if (!HMAC_CTX_copy(hctx, hctx_tpl)) {
+ HMAC_CTX_free(hctx);
+ HMAC_CTX_free(hctx_tpl);
return 0;
}
- if (!HMAC_Update(&hctx, digtmp, mdlen)
- || !HMAC_Final(&hctx, digtmp, NULL)) {
- HMAC_CTX_cleanup(&hctx_tpl);
- HMAC_CTX_cleanup(&hctx);
+ if (!HMAC_Update(hctx, digtmp, mdlen)
+ || !HMAC_Final(hctx, digtmp, NULL)) {
+ HMAC_CTX_free(hctx);
+ HMAC_CTX_free(hctx_tpl);
return 0;
}
- HMAC_CTX_cleanup(&hctx);
+ HMAC_CTX_init(hctx);
for (k = 0; k < cplen; k++)
p[k] ^= digtmp[k];
}
i++;
p += cplen;
}
- HMAC_CTX_cleanup(&hctx_tpl);
+ HMAC_CTX_free(hctx);
+ HMAC_CTX_free(hctx_tpl);
# ifdef DEBUG_PKCS5V2
fprintf(stderr, "Password:\n");
h__dump(pass, passlen);
ASN1_TYPE *param, const EVP_CIPHER *c,
const EVP_MD *md, int en_de)
{
- const unsigned char *pbuf;
- int plen;
PBE2PARAM *pbe2 = NULL;
const EVP_CIPHER *cipher;
+ EVP_PBE_KEYGEN *kdf;
int rv = 0;
- if (param == NULL || param->type != V_ASN1_SEQUENCE ||
- param->value.sequence == NULL) {
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
- goto err;
- }
-
- pbuf = param->value.sequence->data;
- plen = param->value.sequence->length;
- if (!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
+ pbe2 = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBE2PARAM), param);
+ if (pbe2 == NULL) {
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
goto err;
}
/* See if we recognise the key derivation function */
-
- if (OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) {
+ if (!EVP_PBE_find(EVP_PBE_TYPE_KDF, OBJ_obj2nid(pbe2->keyfunc->algorithm),
+ NULL, NULL, &kdf)) {
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
goto err;
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_CIPHER_PARAMETER_ERROR);
goto err;
}
- rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen,
- pbe2->keyfunc->parameter, c, md, en_de);
+ rv = kdf(ctx, pass, passlen, pbe2->keyfunc->parameter, NULL, NULL, en_de);
err:
PBE2PARAM_free(pbe2);
return rv;
const EVP_CIPHER *c, const EVP_MD *md, int en_de)
{
unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
- const unsigned char *pbuf;
- int saltlen, iter, plen;
+ int saltlen, iter;
int rv = 0;
unsigned int keylen = 0;
int prf_nid, hmac_md_nid;
/* Decode parameter */
- if (!param || (param->type != V_ASN1_SEQUENCE)) {
- EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
- goto err;
- }
-
- pbuf = param->value.sequence->data;
- plen = param->value.sequence->length;
+ kdf = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBKDF2PARAM), param);
- if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen))) {
+ if (kdf == NULL) {
EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
goto err;
}
projects / openssl.git / blobdiff