X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fevp%2Fevp_pbe.c;h=c26d2de0f3883adec9938decf8a92a300c5370b4;hp=1418921a04cde51df27db930b633aa68ca620335;hb=15ac971681bb81b9ab36383eb7014449ad190f9a;hpb=6b691a5c85ddc4e407e32781841fee5c029506cd diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c index 1418921a04..c26d2de0f3 100644 --- a/crypto/evp/evp_pbe.c +++ b/crypto/evp/evp_pbe.c @@ -1,4 +1,4 @@ -/* p12_pbop.c */ +/* evp_pbe.c */ /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL * project 1999. */ @@ -57,9 +57,9 @@ */ #include -#include "evp.h" -#include "x509.h" #include "cryptlib.h" +#include +#include /* Password based encryption (PBE) functions */ @@ -69,90 +69,56 @@ static STACK *pbe_algs; typedef struct { int pbe_nid; -EVP_CIPHER *cipher; -EVP_MD *md; +const EVP_CIPHER *cipher; +const EVP_MD *md; EVP_PBE_KEYGEN *keygen; } EVP_PBE_CTL; -int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, unsigned char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, EVP_CIPHER_CTX *ctx, - int en_de) +int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, + ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de) { EVP_PBE_CTL *pbetmp, pbelu; - unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; int i; pbelu.pbe_nid = OBJ_obj2nid(pbe_obj); - if ((pbelu.pbe_nid != NID_undef) && pbe_algs) - i = sk_find (pbe_algs, (char *)&pbelu); + if (pbelu.pbe_nid != NID_undef) i = sk_find(pbe_algs, (char *)&pbelu); else i = -1; if (i == -1) { char obj_tmp[80]; EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM); - if (!pbe_obj) strcpy (obj_tmp, "NULL"); - else i2t_ASN1_OBJECT(obj_tmp, 80, pbe_obj); + if (!pbe_obj) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp); + else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj); ERR_add_error_data(2, "TYPE=", obj_tmp); return 0; } - if (passlen == -1) passlen = strlen(pass); + if(!pass) passlen = 0; + else if (passlen == -1) passlen = strlen(pass); pbetmp = (EVP_PBE_CTL *)sk_value (pbe_algs, i); - i = (*pbetmp->keygen)(pass, passlen, salt, saltlen, iter, - pbetmp->cipher, pbetmp->md, key, iv); + i = (*pbetmp->keygen)(ctx, pass, passlen, param, pbetmp->cipher, + pbetmp->md, en_de); if (!i) { EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE); return 0; } - EVP_CipherInit (ctx, pbetmp->cipher, key, iv, en_de); return 1; } -/* Setup a PBE algorithm but take most parameters from AlgorithmIdentifier */ - -int EVP_PBE_ALGOR_CipherInit (X509_ALGOR *algor, unsigned char *pass, - int passlen, EVP_CIPHER_CTX *ctx, int en_de) -{ - PBEPARAM *pbe; - int saltlen, iter; - unsigned char *salt, *pbuf; - - /* Extract useful info from algor */ - pbuf = (char *) algor->parameter->value.sequence->data; - if (!(pbe = d2i_PBEPARAM (NULL, &pbuf, - algor->parameter->value.sequence->length))) { - EVPerr(EVP_F_EVP_PBE_ALGOR_CIPHERINIT,EVP_R_DECODE_ERROR); - return 0; - } - - if (!pbe->iter) iter = 1; - else iter = ASN1_INTEGER_get (pbe->iter); - salt = pbe->salt->data; - saltlen = pbe->salt->length; - - if (!(EVP_PBE_CipherInit (algor->algorithm, pass, passlen, salt, - saltlen, iter, ctx, en_de))) { - EVPerr(EVP_F_EVP_PBE_ALGOR_CIPHERINIT,EVP_R_EVP_PBE_CIPHERINIT_ERROR); - PBEPARAM_free(pbe); - return 0; - } - PBEPARAM_free(pbe); - return 1; -} - - -static int pbe_cmp (EVP_PBE_CTL **pbe1, EVP_PBE_CTL **pbe2) +static int pbe_cmp(const char * const *a, const char * const *b) { + const EVP_PBE_CTL * const *pbe1 = (const EVP_PBE_CTL * const *) a, + * const *pbe2 = (const EVP_PBE_CTL * const *)b; return ((*pbe1)->pbe_nid - (*pbe2)->pbe_nid); } /* Add a PBE algorithm */ -int EVP_PBE_alg_add (int nid, EVP_CIPHER *cipher, EVP_MD *md, +int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, EVP_PBE_KEYGEN *keygen) { EVP_PBE_CTL *pbe_tmp; - if (!pbe_algs) pbe_algs = sk_new (pbe_cmp); - if (!(pbe_tmp = (EVP_PBE_CTL*) Malloc (sizeof(EVP_PBE_CTL)))) { + if (!pbe_algs) pbe_algs = sk_new(pbe_cmp); + if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL)))) { EVPerr(EVP_F_EVP_PBE_ALG_ADD,ERR_R_MALLOC_FAILURE); return 0; } @@ -166,5 +132,6 @@ int EVP_PBE_alg_add (int nid, EVP_CIPHER *cipher, EVP_MD *md, void EVP_PBE_cleanup(void) { - sk_pop_free(pbe_algs, FreeFunc); + sk_pop_free(pbe_algs, OPENSSL_freeFunc); + pbe_algs = NULL; }