} EVP_ENCODE_CTX;
/* Password based encryption function */
-typedef int (EVP_PBE_KEYGEN)(const char *pass, int passlen,
+typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER *cipher,
- EVP_MD *md, unsigned char *key, unsigned char *iv);
+ EVP_MD *md, int en_de);
#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
(char *)(rsa))
int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
/* PKCS5 password based encryption */
-int PKCS5_PBE_keyivgen(const char *pass, int passlen, ASN1_TYPE *param,
- EVP_CIPHER *cipher, EVP_MD *md,
- unsigned char *key, unsigned char *iv);
+int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+ ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
+ int en_de);
void PKCS5_PBE_add(void);
{
EVP_PBE_CTL *pbetmp, pbelu;
- unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
int i;
pbelu.pbe_nid = OBJ_obj2nid(pbe_obj);
if (pbelu.pbe_nid != NID_undef) i = sk_find(pbe_algs, (char *)&pbelu);
}
if (passlen == -1) passlen = strlen(pass);
pbetmp = (EVP_PBE_CTL *)sk_value (pbe_algs, i);
- i = (*pbetmp->keygen)(pass, passlen, param, pbetmp->cipher,
- pbetmp->md, key, iv);
+ i = (*pbetmp->keygen)(ctx, pass, passlen, param, pbetmp->cipher,
+ pbetmp->md, en_de);
if (!i) {
EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE);
return 0;
}
- EVP_CipherInit (ctx, pbetmp->cipher, key, iv, en_de);
return 1;
}
#endif
}
-int PKCS5_PBE_keyivgen(const char *pass, int passlen, ASN1_TYPE *param,
- EVP_CIPHER *cipher, EVP_MD *md,
- unsigned char *key, unsigned char *iv)
+int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
+ ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
+ int en_de)
{
EVP_MD_CTX ctx;
unsigned char md_tmp[EVP_MAX_MD_SIZE];
+ unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
int i;
PBEPARAM *pbe;
int saltlen, iter;
memcpy (key, md_tmp, EVP_CIPHER_key_length(cipher));
memcpy (iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
EVP_CIPHER_iv_length(cipher));
+ EVP_CipherInit(cctx, cipher, key, iv, en_de);
+ memset(md_tmp, 0, EVP_MAX_MD_SIZE);
+ memset(key, 0, EVP_MAX_KEY_LENGTH);
+ memset(iv, 0, EVP_MAX_IV_LENGTH);
return 1;
}
#endif
}
-int PKCS12_PBE_keyivgen (const char *pass, int passlen, ASN1_TYPE *param,
- EVP_CIPHER *cipher, EVP_MD *md,
- unsigned char *key, unsigned char *iv)
+int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+ ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md, int en_de)
{
PBEPARAM *pbe;
int saltlen, iter;
unsigned char *salt, *pbuf;
+ unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
/* Extract useful info from parameter */
pbuf = param->value.sequence->data;
return 0;
}
PBEPARAM_free(pbe);
+ EVP_CipherInit(ctx, cipher, key, iv, en_de);
+ memset(key, 0, EVP_MAX_KEY_LENGTH);
+ memset(iv, 0, EVP_MAX_IV_LENGTH);
return 1;
}
int saltlen, int id, int iter, int n,
unsigned char *out, const EVP_MD *md_type);
int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, const EVP_MD *md_type);
-int PKCS12_PBE_keyivgen(const char *pass, int passlen, ASN1_TYPE *param,
- EVP_CIPHER *cipher, EVP_MD *md_type,
- unsigned char *key, unsigned char *iv);
+int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+ ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md_type,
+ int en_de);
int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
unsigned char *mac, unsigned int *maclen);
int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
projects / openssl.git / commitdiff