X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fasn1%2Fp5_pbe.c;h=4d7a9c61c14e361fbec9bf537d2663f5da7ea832;hb=06b9ff06cc7fdd8f51abb92aaac39d3988a7090e;hp=5396a5a47b8bbf58c83e594d8c3f43045fedd768;hpb=ba8608012a6b71b845786d6180c0814584a1807e;p=oweals%2Fopenssl.git diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c index 5396a5a47b..4d7a9c61c1 100644 --- a/crypto/asn1/p5_pbe.c +++ b/crypto/asn1/p5_pbe.c @@ -1,6 +1,7 @@ /* p5_pbe.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. +/* + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project + * 1999. */ /* ==================================================================== * Copyright (c) 1999 The OpenSSL Project. All rights reserved. @@ -10,7 +11,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -57,128 +58,84 @@ */ #include -#include "cryptlib.h" -#include "asn1_mac.h" -#include "rand.h" +#include "internal/cryptlib.h" +#include +#include +#include /* PKCS#5 password based encryption structure */ -#define PKCS5_SALT_LEN 8 +ASN1_SEQUENCE(PBEPARAM) = { + ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING), + ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER) +} ASN1_SEQUENCE_END(PBEPARAM) -/* - *ASN1err(ASN1_F_PBEPARAM_NEW,ASN1_R_DECODE_ERROR) - *ASN1err(ASN1_F_D2I_PBEPARAM,ASN1_R_DECODE_ERROR) - */ - -int i2d_PBEPARAM(a, pp) -PBEPARAM *a; -unsigned char **pp; -{ - M_ASN1_I2D_vars(a); - M_ASN1_I2D_len (a->salt, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER); +IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM) - M_ASN1_I2D_seq_total (); +/* Set an algorithm identifier for a PKCS#5 PBE algorithm */ - M_ASN1_I2D_put (a->salt, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER); - M_ASN1_I2D_finish(); -} - -PBEPARAM *PBEPARAM_new() +int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, + const unsigned char *salt, int saltlen) { - PBEPARAM *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, PBEPARAM); - M_ASN1_New(ret->iter,ASN1_INTEGER_new); - M_ASN1_New(ret->salt,ASN1_OCTET_STRING_new); - return (ret); - M_ASN1_New_Error(ASN1_F_PBEPARAM_NEW); -} - -PBEPARAM *d2i_PBEPARAM(a,pp,length) -PBEPARAM **a; -unsigned char **pp; -long length; -{ - M_ASN1_D2I_vars(a,PBEPARAM *,PBEPARAM_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->salt, d2i_ASN1_OCTET_STRING); - M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER); - M_ASN1_D2I_Finish(a, PBEPARAM_free, ASN1_F_D2I_PBEPARAM); -} - -void PBEPARAM_free (a) -PBEPARAM *a; -{ - if(a==NULL) return; - ASN1_OCTET_STRING_free(a->salt); - ASN1_INTEGER_free (a->iter); - Free ((char *)a); + PBEPARAM *pbe = NULL; + ASN1_STRING *pbe_str = NULL; + unsigned char *sstr; + + pbe = PBEPARAM_new(); + if (pbe == NULL) { + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); + goto err; + } + if (iter <= 0) + iter = PKCS5_DEFAULT_ITER; + if (!ASN1_INTEGER_set(pbe->iter, iter)) { + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); + goto err; + } + if (!saltlen) + saltlen = PKCS5_SALT_LEN; + if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) { + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); + goto err; + } + sstr = ASN1_STRING_data(pbe->salt); + if (salt) + memcpy(sstr, salt, saltlen); + else if (RAND_bytes(sstr, saltlen) <= 0) + goto err; + + if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) { + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); + goto err; + } + + PBEPARAM_free(pbe); + pbe = NULL; + + if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str)) + return 1; + + err: + PBEPARAM_free(pbe); + ASN1_STRING_free(pbe_str); + return 0; } /* Return an algorithm identifier for a PKCS#5 PBE algorithm */ -X509_ALGOR *PKCS5_pbe_set(alg, iter, salt, saltlen) -int alg; -int iter; -unsigned char *salt; -int saltlen; +X509_ALGOR *PKCS5_pbe_set(int alg, int iter, + const unsigned char *salt, int saltlen) { - unsigned char *pdata, *ptmp; - int plen; - PBEPARAM *pbe; - ASN1_OBJECT *al; - X509_ALGOR *algor; - ASN1_TYPE *astype; - - if (!(pbe = PBEPARAM_new ())) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } - ASN1_INTEGER_set (pbe->iter, iter); - if (!saltlen) saltlen = PKCS5_SALT_LEN; - if (!(pbe->salt->data = Malloc (saltlen))) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } - pbe->salt->length = saltlen; - if (salt) memcpy (pbe->salt->data, salt, saltlen); - else RAND_bytes (pbe->salt->data, saltlen); - if (!(plen = i2d_PBEPARAM (pbe, NULL))) { - ASN1err(ASN1_F_ASN1_PBE_SET,ASN1_R_ENCODE_ERROR); - return NULL; - } - if (!(pdata = Malloc (plen))) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } - ptmp = pdata; - i2d_PBEPARAM (pbe, &ptmp); - PBEPARAM_free (pbe); - - if (!(astype = ASN1_TYPE_new())) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } - - astype->type = V_ASN1_SEQUENCE; - if (!(astype->value.sequence=ASN1_STRING_new())) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } - ASN1_STRING_set (astype->value.sequence, pdata, plen); - Free (pdata); - - al = OBJ_nid2obj(alg); /* never need to free al */ - if (!(algor = X509_ALGOR_new())) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } - ASN1_OBJECT_free(algor->algorithm); - algor->algorithm = al; - algor->parameter = astype; - - return (algor); + X509_ALGOR *ret; + ret = X509_ALGOR_new(); + if (ret == NULL) { + ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE); + return NULL; + } + + if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen)) + return ret; + + X509_ALGOR_free(ret); + return NULL; }