/* should be init to zeros. */
static char prompt_string[80];
-void EVP_set_pw_prompt(char *prompt)
+void EVP_set_pw_prompt(const char *prompt)
{
if (prompt == NULL)
prompt_string[0]='\0';
else
+ {
strncpy(prompt_string,prompt,79);
+ prompt_string[79]='\0';
+ }
}
char *EVP_get_pw_prompt(void)
* in the DES library -- if someone ever wants to disable DES,
* this function will fail */
int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
+ {
+ return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
+ }
+
+int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, int verify)
{
int ret;
char buff[BUFSIZ];
if ((prompt == NULL) && (prompt_string[0] != '\0'))
prompt=prompt_string;
ui = UI_new();
- UI_add_input_string(ui,prompt,0,buf,0,(len>=BUFSIZ)?BUFSIZ-1:len);
+ UI_add_input_string(ui,prompt,0,buf,min,(len>=BUFSIZ)?BUFSIZ-1:len);
if (verify)
UI_add_verify_string(ui,prompt,0,
- buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
+ buff,min,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
ret = UI_process(ui);
UI_free(ui);
- memset(buff,0,BUFSIZ);
+ OPENSSL_cleanse(buff,BUFSIZ);
return ret;
}
unsigned char md_buf[EVP_MAX_MD_SIZE];
int niv,nkey,addmd=0;
unsigned int mds=0,i;
-
+ int rv = 0;
nkey=type->key_len;
niv=type->iv_len;
+ OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
+ OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
if (data == NULL) return(nkey);
EVP_MD_CTX_init(&c);
for (;;)
{
- EVP_DigestInit(&c,md);
+ if (!EVP_DigestInit_ex(&c,md, NULL))
+ return 0;
if (addmd++)
- EVP_DigestUpdate(&c,&(md_buf[0]),mds);
- EVP_DigestUpdate(&c,data,datal);
+ if (!EVP_DigestUpdate(&c,&(md_buf[0]),mds))
+ goto err;
+ if (!EVP_DigestUpdate(&c,data,datal))
+ goto err;
if (salt != NULL)
- EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN);
- EVP_DigestFinal(&c,&(md_buf[0]),&mds);
+ if (!EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN))
+ goto err;
+ if (!EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds))
+ goto err;
for (i=1; i<(unsigned int)count; i++)
{
- EVP_DigestInit(&c,md);
- EVP_DigestUpdate(&c,&(md_buf[0]),mds);
- EVP_DigestFinal(&c,&(md_buf[0]),&mds);
+ if (!EVP_DigestInit_ex(&c,md, NULL))
+ goto err;
+ if (!EVP_DigestUpdate(&c,&(md_buf[0]),mds))
+ goto err;
+ if (!EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds))
+ goto err;
}
i=0;
if (nkey)
}
if ((nkey == 0) && (niv == 0)) break;
}
+ rv = type->key_len;
+ err:
EVP_MD_CTX_cleanup(&c);
- memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE);
- return(type->key_len);
+ OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE);
+ return rv;
}