Fix CRL encoding bug.

[oweals/openssl.git] / crypto / asn1 / p5_pbe.c

diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c
index 5396a5a47b8bbf58c83e594d8c3f43045fedd768..8cda4f609a5762717b625834834e2dcf74716845 100644 (file)
--- a/crypto/asn1/p5_pbe.c
+++ b/crypto/asn1/p5_pbe.c
@@ -58,21 +58,13 @@
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include "asn1_mac.h"
-#include "rand.h"
+#include <openssl/asn1_mac.h>
+#include <openssl/x509.h>
+#include <openssl/rand.h>
 
 /* PKCS#5 password based encryption structure */
 
-#define PKCS5_SALT_LEN 8
-
-/*
- *ASN1err(ASN1_F_PBEPARAM_NEW,ASN1_R_DECODE_ERROR)
- *ASN1err(ASN1_F_D2I_PBEPARAM,ASN1_R_DECODE_ERROR)
- */
-
-int i2d_PBEPARAM(a, pp)
-PBEPARAM *a;
-unsigned char **pp;
+int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp)
 {
        M_ASN1_I2D_vars(a);
        M_ASN1_I2D_len (a->salt, i2d_ASN1_OCTET_STRING);
@@ -85,21 +77,18 @@ unsigned char **pp;
        M_ASN1_I2D_finish();
 }
 
-PBEPARAM *PBEPARAM_new()
+PBEPARAM *PBEPARAM_new(void)
 {
        PBEPARAM *ret=NULL;
        ASN1_CTX c;
        M_ASN1_New_Malloc(ret, PBEPARAM);
-       M_ASN1_New(ret->iter,ASN1_INTEGER_new);
-       M_ASN1_New(ret->salt,ASN1_OCTET_STRING_new);
+       M_ASN1_New(ret->iter,M_ASN1_INTEGER_new);
+       M_ASN1_New(ret->salt,M_ASN1_OCTET_STRING_new);
        return (ret);
        M_ASN1_New_Error(ASN1_F_PBEPARAM_NEW);
 }
 
-PBEPARAM *d2i_PBEPARAM(a,pp,length)
-PBEPARAM **a;
-unsigned char **pp;
-long length;
+PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length)
 {
        M_ASN1_D2I_vars(a,PBEPARAM *,PBEPARAM_new);
        M_ASN1_D2I_Init();
@@ -109,25 +98,19 @@ long length;
        M_ASN1_D2I_Finish(a, PBEPARAM_free, ASN1_F_D2I_PBEPARAM);
 }
 
-void PBEPARAM_free (a)
-PBEPARAM *a;
+void PBEPARAM_free (PBEPARAM *a)
 {
        if(a==NULL) return;
-       ASN1_OCTET_STRING_free(a->salt);
-       ASN1_INTEGER_free (a->iter);
+       M_ASN1_OCTET_STRING_free(a->salt);
+       M_ASN1_INTEGER_free (a->iter);
        Free ((char *)a);
 }
 
 /* Return an algorithm identifier for a PKCS#5 PBE algorithm */
 
-X509_ALGOR *PKCS5_pbe_set(alg, iter, salt, saltlen)
-int alg;
-int iter;
-unsigned char *salt;
-int saltlen;
+X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
+            int saltlen)
 {
-       unsigned char *pdata, *ptmp;
-       int plen;
        PBEPARAM *pbe;
        ASN1_OBJECT *al;
        X509_ALGOR *algor;
@@ -137,6 +120,7 @@ int saltlen;
                ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
                return NULL;
        }
+       if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
        ASN1_INTEGER_set (pbe->iter, iter);
        if (!saltlen) saltlen = PKCS5_SALT_LEN;
        if (!(pbe->salt->data = Malloc (saltlen))) {
@@ -145,18 +129,8 @@ int saltlen;
        }
        pbe->salt->length = saltlen;
        if (salt) memcpy (pbe->salt->data, salt, saltlen);
-       else RAND_bytes (pbe->salt->data, saltlen);
-       if (!(plen = i2d_PBEPARAM (pbe, NULL))) {
-               ASN1err(ASN1_F_ASN1_PBE_SET,ASN1_R_ENCODE_ERROR);
+       else if (RAND_bytes (pbe->salt->data, saltlen) <= 0)
                return NULL;
-       }
-       if (!(pdata = Malloc (plen))) {
-               ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
-               return NULL;
-       }
-       ptmp = pdata;
-       i2d_PBEPARAM (pbe, &ptmp);
-       PBEPARAM_free (pbe);
 
        if (!(astype = ASN1_TYPE_new())) {
                ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
@@ -164,12 +138,11 @@ int saltlen;
        }
 
        astype->type = V_ASN1_SEQUENCE;
-       if (!(astype->value.sequence=ASN1_STRING_new())) {
+       if(!ASN1_pack_string(pbe, i2d_PBEPARAM, &astype->value.sequence)) {
                ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
                return NULL;
        }
-       ASN1_STRING_set (astype->value.sequence, pdata, plen);
-       Free (pdata);
+       PBEPARAM_free (pbe);
        
        al = OBJ_nid2obj(alg); /* never need to free al */
        if (!(algor = X509_ALGOR_new())) {