X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fpkcs12%2Fp12_mutl.c;h=32b6e17c245abbb82b987db3fa8a9a21b7a96b2c;hp=d860c21b52be70acb45ac165634a7f0fb6a82a2c;hb=135883505078a868349e0a3c24514099e3cb2dac;hpb=e778802f53c8d47e96a6e4cbc776eb6e1d4c461a diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c index d860c21b52..32b6e17c24 100644 --- a/crypto/pkcs12/p12_mutl.c +++ b/crypto/pkcs12/p12_mutl.c @@ -56,19 +56,16 @@ * */ +#ifndef OPENSSL_NO_HMAC #include #include "cryptlib.h" -#include "hmac.h" -#include "rand.h" -#include "pkcs12.h" +#include +#include +#include /* Generate a MAC */ -int PKCS12_gen_mac (p12, pass, passlen, mac, maclen) -PKCS12 *p12; -unsigned char *pass; -int passlen; -unsigned char *mac; -unsigned int *maclen; +int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen, + unsigned char *mac, unsigned int *maclen) { const EVP_MD *md_type; HMAC_CTX hmac; @@ -96,10 +93,7 @@ unsigned int *maclen; } /* Verify the mac */ -int PKCS12_verify_mac (p12, pass, passlen) -PKCS12 *p12; -unsigned char *pass; -int passlen; +int PKCS12_verify_mac (PKCS12 *p12, const char *pass, int passlen) { unsigned char mac[EVP_MAX_MD_SIZE]; unsigned int maclen; @@ -112,66 +106,57 @@ int passlen; return 0; } if ((maclen != (unsigned int)p12->mac->dinfo->digest->length) - || memcmp (mac, p12->mac->dinfo->digest->data, maclen)) { - PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_VERIFY_ERROR); - return 0; - } + || memcmp (mac, p12->mac->dinfo->digest->data, maclen)) return 0; return 1; } /* Set a mac */ -int PKCS12_set_mac (p12, pass, passlen, salt, saltlen, iter, md_type) -PKCS12 *p12; -unsigned char *pass; -int passlen; -unsigned char *salt; -int saltlen; -int iter; -EVP_MD *md_type; +int PKCS12_set_mac (PKCS12 *p12, const char *pass, int passlen, + unsigned char *salt, int saltlen, int iter, const EVP_MD *md_type) { unsigned char mac[EVP_MAX_MD_SIZE]; - int maclen; + unsigned int maclen; + if (!md_type) md_type = EVP_sha1(); if (PKCS12_setup_mac (p12, iter, salt, saltlen, md_type) == PKCS12_ERROR) { - PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_SETUP_ERROR); + PKCS12err(PKCS12_F_PKCS12_SET_MAC,PKCS12_R_MAC_SETUP_ERROR); return 0; } if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) { - PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_GENERATION_ERROR); + PKCS12err(PKCS12_F_PKCS12_SET_MAC,PKCS12_R_MAC_GENERATION_ERROR); return 0; } - if (!(ASN1_OCTET_STRING_set (p12->mac->dinfo->digest, mac, maclen))) { - PKCS12err(PKCS12_F_PKCS12_PKCS12_SET_MAC,PKCS12_R_MAC_STRING_SET_ERROR); + if (!(M_ASN1_OCTET_STRING_set (p12->mac->dinfo->digest, mac, maclen))) { + PKCS12err(PKCS12_F_PKCS12_SET_MAC,PKCS12_R_MAC_STRING_SET_ERROR); return 0; } return 1; } /* Set up a mac structure */ -int PKCS12_setup_mac (p12, iter, salt, saltlen, md_type) -PKCS12 *p12; -int iter; -unsigned char *salt; -int saltlen; -EVP_MD *md_type; +int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen, + const EVP_MD *md_type) { - if (!(p12->mac = PKCS12_MAC_DATA_new ())) return PKCS12_ERROR; + if (!(p12->mac = PKCS12_MAC_DATA_new())) return PKCS12_ERROR; if (iter > 1) { - if(!(p12->mac->iter = ASN1_INTEGER_new())) { + if(!(p12->mac->iter = M_ASN1_INTEGER_new())) { PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); return 0; } - ASN1_INTEGER_set (p12->mac->iter, iter); + ASN1_INTEGER_set(p12->mac->iter, iter); } if (!saltlen) saltlen = PKCS12_SALT_LEN; p12->mac->salt->length = saltlen; - if (!(p12->mac->salt->data = Malloc (saltlen))) { + if (!(p12->mac->salt->data = OPENSSL_malloc (saltlen))) { PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); return 0; } - if (!salt) RAND_bytes (p12->mac->salt->data, saltlen); + if (!salt) { + if (RAND_pseudo_bytes (p12->mac->salt->data, saltlen) < 0) + return 0; + } else memcpy (p12->mac->salt->data, salt, saltlen); p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type)); if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) { @@ -182,3 +167,4 @@ EVP_MD *md_type; return 1; } +#endif