projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
indent has problems with comments that are on the right hand side of a line.
[oweals/openssl.git]
/
crypto
/
evp
/
p5_crpt2.c
diff --git
a/crypto/evp/p5_crpt2.c
b/crypto/evp/p5_crpt2.c
index b161d7664afc0fbf7345a772afe0e2d7dec23819..6bec77baf96430219eb5820049b34ed8742a2450 100644
(file)
--- a/
crypto/evp/p5_crpt2.c
+++ b/
crypto/evp/p5_crpt2.c
@@
-1,5
+1,5
@@
/* p5_crpt2.c */
/* p5_crpt2.c */
-/* Written by Dr Stephen N Henson (s
henson@bigfoot.com
) for the OpenSSL
+/* Written by Dr Stephen N Henson (s
teve@openssl.org
) for the OpenSSL
* project 1999.
*/
/* ====================================================================
* project 1999.
*/
/* ====================================================================
@@
-77,7
+77,7
@@
*/
int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
*/
int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
- unsigned char *salt, int saltlen, int iter,
+
const
unsigned char *salt, int saltlen, int iter,
int keylen, unsigned char *out)
{
unsigned char digtmp[SHA_DIGEST_LENGTH], *p, itmp[4];
int keylen, unsigned char *out)
{
unsigned char digtmp[SHA_DIGEST_LENGTH], *p, itmp[4];
@@
-148,16
+148,23
@@
int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md,
int en_de)
{
ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md,
int en_de)
{
- unsigned char *pbuf, *salt, key[EVP_MAX_KEY_LENGTH];
- int saltlen, keylen, iter, plen;
+ unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
+ const unsigned char *pbuf;
+ int saltlen, iter, plen;
+ unsigned int keylen;
PBE2PARAM *pbe2 = NULL;
const EVP_CIPHER *cipher;
PBKDF2PARAM *kdf = NULL;
PBE2PARAM *pbe2 = NULL;
const EVP_CIPHER *cipher;
PBKDF2PARAM *kdf = NULL;
+ if (param == NULL || param->type != V_ASN1_SEQUENCE ||
+ param->value.sequence == NULL) {
+ EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
+ return 0;
+ }
+
pbuf = param->value.sequence->data;
plen = param->value.sequence->length;
pbuf = param->value.sequence->data;
plen = param->value.sequence->length;
- if(!param || (param->type != V_ASN1_SEQUENCE) ||
- !(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
+ if(!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
return 0;
}
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
return 0;
}
@@
-194,11
+201,16
@@
int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
/* Now decode key derivation function */
/* Now decode key derivation function */
+ if(!pbe2->keyfunc->parameter ||
+ (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE))
+ {
+ EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
+ goto err;
+ }
+
pbuf = pbe2->keyfunc->parameter->value.sequence->data;
plen = pbe2->keyfunc->parameter->value.sequence->length;
pbuf = pbe2->keyfunc->parameter->value.sequence->data;
plen = pbe2->keyfunc->parameter->value.sequence->length;
- if(!pbe2->keyfunc->parameter ||
- (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE) ||
- !(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
+ if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
goto err;
}
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
goto err;
}
@@
-208,7
+220,7
@@
int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
/* Now check the parameters of the kdf */
/* Now check the parameters of the kdf */
- if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != keylen)){
+ if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) !=
(int)
keylen)){
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
EVP_R_UNSUPPORTED_KEYLENGTH);
goto err;
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
EVP_R_UNSUPPORTED_KEYLENGTH);
goto err;