Change PKCS#12 key derivation routines to cope with

author Dr. Stephen Henson <steve@openssl.org>

Sun, 14 Jan 2001 14:07:10 +0000 (14:07 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Sun, 14 Jan 2001 14:07:10 +0000 (14:07 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Sun, 14 Jan 2001 14:07:10 +0000 (14:07 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Sun, 14 Jan 2001 14:07:10 +0000 (14:07 +0000)
diff --git a/CHANGES b/CHANGES

index 403568adc0d52f8acce5c806987b153d2f9acd96..eb80eb6184881f741a3dd1a17389029f0f381aec 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,12 @@
  
   Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
  
+  *) Change PKCS12_key_gen_asc() so it can cope with non null
+     terminated strings whose length is passed in the passlen
+     parameter, for example from PEM callbacks. This was done
+     by adding an extra length parameter to asc2uni().
+     [Steve Henson, reported by <oddissey@samsung.co.kr>]
+
    *) New OCSP utility. Allows OCSP requests to be generated or
       read. The request can be sent to a responder and the output
       parsed, outputed or printed in text form. Not complete yet:
diff --git a/crypto/pkcs12/p12_attr.c b/crypto/pkcs12/p12_attr.c

index 64bf4173fca2b580b45d9100b16383f342985ce8..2d4d04292a630433c396a1d802df3d9c98945b30 100644 (file)
--- a/crypto/pkcs12/p12_attr.c
+++ b/crypto/pkcs12/p12_attr.c
@@ -151,7 +151,7 @@ int PKCS12_add_friendlyname_asc (PKCS12_SAFEBAG *bag, const char *name,
  {
         unsigned char *uniname;
         int ret, unilen;
-       if (!asc2uni(name, &uniname, &unilen)) {
+       if (!asc2uni(name, namelen, &uniname, &unilen)) {
                 PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC,
                                                         ERR_R_MALLOC_FAILURE);
                 return 0;
diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c

index b042dcf05c95928386948181b73b19790562ab38..a9b4b8c9721e68a866abdc38168d399ebfff9554 100644 (file)
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -84,7 +84,7 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
         if(!pass) {
                 unipass = NULL;
                 uniplen = 0;
-       } else if (!asc2uni(pass, &unipass, &uniplen)) {
+       } else if (!asc2uni(pass, passlen, &unipass, &uniplen)) {
                 PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE);
                 return 0;
         }
diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c

index 8ed3e0d0c7ed20f34625d7c07af3df393954d8d1..4409e5c1a8a57609e03e7c49af30e914d2cec175 100644 (file)
--- a/crypto/pkcs12/p12_utl.c
+++ b/crypto/pkcs12/p12_utl.c
@@ -62,22 +62,26 @@
  
  /* Cheap and nasty Unicode stuff */
  
-unsigned char *asc2uni (const char *asc, unsigned char **uni, int *unilen)
+unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen)
  {
         int ulen, i;
         unsigned char *unitmp;
-       ulen = strlen(asc)*2  + 2;
-       if (!(unitmp = OPENSSL_malloc (ulen))) return NULL;
-       for (i = 0; i < ulen; i+=2) {
+       if (asclen == -1) asclen = strlen(asc);
+       ulen = asclen*2  + 2;
+       if (!(unitmp = OPENSSL_malloc(ulen))) return NULL;
+       for (i = 0; i < ulen - 2; i+=2) {
                 unitmp[i] = 0;
                 unitmp[i + 1] = asc[i>>1];
         }
+       /* Make result double null terminated */
+       unitmp[ulen - 2] = 0;
+       unitmp[ulen - 1] = 0;
         if (unilen) *unilen = ulen;
         if (uni) *uni = unitmp;
         return unitmp;
  }
  
-char *uni2asc (unsigned char *uni, int unilen)
+char *uni2asc(unsigned char *uni, int unilen)
  {
         int asclen, i;
         char *asctmp;
@@ -85,7 +89,7 @@ char *uni2asc (unsigned char *uni, int unilen)
         /* If no terminating zero allow for one */
         if (!unilen || uni[unilen - 1]) asclen++;
         uni++;
-       if (!(asctmp = OPENSSL_malloc (asclen))) return NULL;
+       if (!(asctmp = OPENSSL_malloc(asclen))) return NULL;
         for (i = 0; i < unilen; i+=2) asctmp[i>>1] = uni[i];
         asctmp[asclen - 1] = 0;
         return asctmp;
diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h

index 6492a910e2f93a53d810fe81bfe91e5ade9c3118..1531ee7926b8f6abf5eb92fb0efe0091bc38ee3e 100644 (file)
--- a/crypto/pkcs12/pkcs12.h
+++ b/crypto/pkcs12/pkcs12.h
@@ -230,7 +230,7 @@ int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
                    EVP_MD *md_type);
  int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
                                          int saltlen, EVP_MD *md_type);
-unsigned char *asc2uni(const char *asc, unsigned char **uni, int *unilen);
+unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen);
  char *uni2asc(unsigned char *uni, int unilen);
  
  DECLARE_ASN1_FUNCTIONS(PKCS12)
author	Dr. Stephen Henson <steve@openssl.org>
	Sun, 14 Jan 2001 14:07:10 +0000 (14:07 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sun, 14 Jan 2001 14:07:10 +0000 (14:07 +0000)
CHANGES		patch \| blob \| history
crypto/pkcs12/p12_attr.c		patch \| blob \| history
crypto/pkcs12/p12_key.c		patch \| blob \| history
crypto/pkcs12/p12_utl.c		patch \| blob \| history
crypto/pkcs12/pkcs12.h		patch \| blob \| history