Patches from Vern Staats <staatsvr@asc.hpc.mil> to get Kerberos 5 in

[oweals/openssl.git] / crypto / pkcs12 / p12_key.c

diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
index b042dcf05c95928386948181b73b19790562ab38..a4fd5b98ec9ab85bc7941609b89e0893614d2dec 100644 (file)
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -84,7 +84,7 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
        if(!pass) {
                unipass = NULL;
                uniplen = 0;
-       } else if (!asc2uni(pass, &unipass, &uniplen)) {
+       } else if (!asc2uni(pass, passlen, &unipass, &uniplen)) {
                PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE);
                return 0;
        }
@@ -102,7 +102,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
             const EVP_MD *md_type)
 {
        unsigned char *B, *D, *I, *p, *Ai;
-       int Slen, Plen, Ilen;
+       int Slen, Plen, Ilen, Ijlen;
        int i, j, u, v;
        BIGNUM *Ij, *Bpl1;      /* These hold Ij and B + 1 */
        EVP_MD_CTX ctx;
@@ -180,10 +180,17 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
                        BN_bin2bn (I + j, v, Ij);
                        BN_add (Ij, Ij, Bpl1);
                        BN_bn2bin (Ij, B);
+                       Ijlen = BN_num_bytes (Ij);
                        /* If more than 2^(v*8) - 1 cut off MSB */
-                       if (BN_num_bytes (Ij) > v) {
+                       if (Ijlen > v) {
                                BN_bn2bin (Ij, B);
                                memcpy (I + j, B + 1, v);
+#ifndef PKCS12_BROKEN_KEYGEN
+                       /* If less than v bytes pad with zeroes */
+                       } else if (Ijlen < v) {
+                               memset(I + j, 0, v - Ijlen);
+                               BN_bn2bin(Ij, I + j + v - Ijlen); 
+#endif
                        } else BN_bn2bin (Ij, I + j);
                }
        }