diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2015-02-06 12:08:45 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2015-02-09 16:14:04 +0000 |
commit | d6c5462ef84356446ed133f6d28d34a5c7168bf4 (patch) | |
tree | 7f99030780c2e54ed06ec57ef7422c1db35fdfc0 /crypto/evp/p5_crpt2.c | |
parent | 849037169d98d070c27d094ac341fc6aca1ed2ca (diff) |
Support for alternative KDFs.
Don't hard code NID_id_pbkdf2 in PBES2: look it up in PBE table.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Diffstat (limited to 'crypto/evp/p5_crpt2.c')
-rw-r--r-- | crypto/evp/p5_crpt2.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index 6c458e9df8..27e3fa5017 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -194,6 +194,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, int plen; PBE2PARAM *pbe2 = NULL; const EVP_CIPHER *cipher; + EVP_PBE_KEYGEN *kdf; int rv = 0; @@ -211,8 +212,8 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, } /* See if we recognise the key derivation function */ - - if (OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) { + if (!EVP_PBE_find(EVP_PBE_TYPE_KDF, OBJ_obj2nid(pbe2->keyfunc->algorithm), + NULL, NULL, &kdf)) { EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION); goto err; @@ -236,8 +237,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_CIPHER_PARAMETER_ERROR); goto err; } - rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen, - pbe2->keyfunc->parameter, c, md, en_de); + rv = kdf(ctx, pass, passlen, pbe2->keyfunc->parameter, NULL, NULL, en_de); err: PBE2PARAM_free(pbe2); return rv; |