diff options
author | Dr. Stephen Henson <steve@openssl.org> | 1999-06-06 13:07:13 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 1999-06-06 13:07:13 +0000 |
commit | 69cbf468119d6a85289e4720d609c38d4329de23 (patch) | |
tree | 74b95aaf00f25cd802bc38b83c37e157bc117ae8 /crypto/pkcs12 | |
parent | 095ce35378bc42b1684c1fc29f6ceb3c17fdada3 (diff) |
Rewrite PBE handling read to support PKCS#5 v2.0 and update the function
list for Win32.
Diffstat (limited to 'crypto/pkcs12')
-rw-r--r-- | crypto/pkcs12/p12_crpt.c | 23 | ||||
-rw-r--r-- | crypto/pkcs12/p12_decr.c | 3 | ||||
-rw-r--r-- | crypto/pkcs12/pkcs12.h | 20 |
3 files changed, 37 insertions, 9 deletions
diff --git a/crypto/pkcs12/p12_crpt.c b/crypto/pkcs12/p12_crpt.c index 9e37436c92..cb65c42000 100644 --- a/crypto/pkcs12/p12_crpt.c +++ b/crypto/pkcs12/p12_crpt.c @@ -82,19 +82,38 @@ EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc(), #endif } -int PKCS12_PBE_keyivgen (const char *pass, int passlen, unsigned char *salt, - int saltlen, int iter, EVP_CIPHER *cipher, EVP_MD *md, +int PKCS12_PBE_keyivgen (const char *pass, int passlen, ASN1_TYPE *param, + EVP_CIPHER *cipher, EVP_MD *md, unsigned char *key, unsigned char *iv) { + PBEPARAM *pbe; + int saltlen, iter; + unsigned char *salt, *pbuf; + + /* Extract useful info from parameter */ + pbuf = param->value.sequence->data; + if (!(pbe = d2i_PBEPARAM (NULL, &pbuf, + param->value.sequence->length))) { + EVPerr(PKCS12_F_PKCS12_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); + return 0; + } + + if (!pbe->iter) iter = 1; + else iter = ASN1_INTEGER_get (pbe->iter); + salt = pbe->salt->data; + saltlen = pbe->salt->length; if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_KEY_ID, iter, EVP_CIPHER_key_length(cipher), key, md)) { PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_KEY_GEN_ERROR); + PBEPARAM_free(pbe); return 0; } if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_IV_ID, iter, EVP_CIPHER_iv_length(cipher), iv, md)) { PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_IV_GEN_ERROR); + PBEPARAM_free(pbe); return 0; } + PBEPARAM_free(pbe); return 1; } diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c index 53fb8aad0f..8f502fae7f 100644 --- a/crypto/pkcs12/p12_decr.c +++ b/crypto/pkcs12/p12_decr.c @@ -82,7 +82,8 @@ unsigned char * PKCS12_pbe_crypt (X509_ALGOR *algor, const char *pass, } /* Decrypt data */ - if (!EVP_PBE_ALGOR_CipherInit (algor, pass, passlen, &ctx, en_de)) { + if (!EVP_PBE_CipherInit (algor->algorithm, pass, passlen, + algor->parameter, &ctx, en_de)) { PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR); return NULL; } diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h index 459962c1a3..12ef0e5146 100644 --- a/crypto/pkcs12/pkcs12.h +++ b/crypto/pkcs12/pkcs12.h @@ -230,13 +230,17 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, const EVP_MD *md_type); int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, const EVP_MD *md_type); -int PKCS12_PBE_keyivgen(const char *pass, int passlen, unsigned char *salt, int saltlen, int iter, EVP_CIPHER *cipher, EVP_MD *md_type, unsigned char *key, unsigned char *iv); -int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, unsigned char *mac, unsigned int *maclen); +int PKCS12_PBE_keyivgen(const char *pass, int passlen, ASN1_TYPE *param, + EVP_CIPHER *cipher, EVP_MD *md_type, + unsigned char *key, unsigned char *iv); +int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, + unsigned char *mac, unsigned int *maclen); int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen); int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, unsigned char *salt, int saltlen, int iter, EVP_MD *md_type); -int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, EVP_MD *md_type); +int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, + int saltlen, EVP_MD *md_type); unsigned char *asc2uni(const char *asc, unsigned char **uni, int *unilen); char *uni2asc(unsigned char *uni, int unilen); int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **pp); @@ -249,17 +253,21 @@ PKCS12 *PKCS12_new(void); void PKCS12_free(PKCS12 *a); int i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **pp); PKCS12_MAC_DATA *PKCS12_MAC_DATA_new(void); -PKCS12_MAC_DATA *d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, unsigned char **pp, long length); +PKCS12_MAC_DATA *d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, unsigned char **pp, + long length); void PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a); int i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **pp); PKCS12_SAFEBAG *PKCS12_SAFEBAG_new(void); -PKCS12_SAFEBAG *d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, unsigned char **pp, long length); +PKCS12_SAFEBAG *d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, unsigned char **pp, + long length); void PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a); void ERR_load_PKCS12_strings(void); void PKCS12_PBE_add(void); int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK **ca); -PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, STACK *ca, int nid_key, int nid_cert, int iter, int mac_iter, int keytype); +PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, + STACK *ca, int nid_key, int nid_cert, int iter, + int mac_iter, int keytype); int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12); int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12); |