generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix PKCS#12 PBE routines to cope with passwords

Browse Source 
from PEM callbacks which are not null terminated.
This commit is contained in:
Dr. Stephen Henson 2001-01-14 14:14:45 +00:00
parent a5a4b34a5a
commit 8bcceacf34
5 changed files with 19 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGES
View File

@ -4,6 +4,12 @@
Changes between 0.9.6 and 0.9.6a [xx XXX 2000] Changes between 0.9.6 and 0.9.6a [xx XXX 2000]
*) Change PKCS12_key_gen_asc() so it can cope with non null
terminated strings whose length is passed in the passlen
parameter, for example from PEM callbacks. This was done
by adding an extra length parameter to asc2uni().
[Steve Henson, reported by <oddissey@samsung.co.kr>]
*) Fix C code generated by 'openssl dsaparam -C': If a BN_bin2bn *) Fix C code generated by 'openssl dsaparam -C': If a BN_bin2bn
call failed, free the DSA structure. call failed, free the DSA structure.
[Bodo Moeller] [Bodo Moeller]

2
crypto/pkcs12/p12_attr.c
View File

@ -151,7 +151,7 @@ int PKCS12_add_friendlyname_asc (PKCS12_SAFEBAG *bag, const char *name,
{ {
unsigned char *uniname; unsigned char *uniname;
int ret, unilen; int ret, unilen;
if (!asc2uni(name, &uniname, &unilen)) { if (!asc2uni(name, namelen, &uniname, &unilen)) {
PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC, PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC,
ERR_R_MALLOC_FAILURE); ERR_R_MALLOC_FAILURE);
return 0; return 0;

2
crypto/pkcs12/p12_key.c
View File

@ -84,7 +84,7 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
if(!pass) { if(!pass) {
unipass = NULL; unipass = NULL;
uniplen = 0; uniplen = 0;
} else if (!asc2uni(pass, &unipass, &uniplen)) { } else if (!asc2uni(pass, passlen, &unipass, &uniplen)) {
PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE); PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE);
return 0; return 0;
} }

10
crypto/pkcs12/p12_utl.c
View File

@ -62,16 +62,20 @@
/* Cheap and nasty Unicode stuff */ /* Cheap and nasty Unicode stuff */
unsigned char *asc2uni (const char *asc, unsigned char **uni, int *unilen) unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen)
{ {
int ulen, i; int ulen, i;
unsigned char *unitmp; unsigned char *unitmp;
ulen = strlen(asc)*2 + 2; if (asclen == -1) asclen = strlen(asc);
ulen = asclen*2 + 2;
if (!(unitmp = OPENSSL_malloc(ulen))) return NULL; if (!(unitmp = OPENSSL_malloc(ulen))) return NULL;
for (i = 0; i < ulen; i+=2) { for (i = 0; i < ulen - 2; i+=2) {
unitmp[i] = 0; unitmp[i] = 0;
unitmp[i + 1] = asc[i>>1]; unitmp[i + 1] = asc[i>>1];
} }
/* Make result double null terminated */
unitmp[ulen - 2] = 0;
unitmp[ulen - 1] = 0;
if (unilen) *unilen = ulen; if (unilen) *unilen = ulen;
if (uni) *uni = unitmp; if (uni) *uni = unitmp;
return unitmp; return unitmp;

2
crypto/pkcs12/pkcs12.h
View File

@ -247,7 +247,7 @@ int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
EVP_MD *md_type); EVP_MD *md_type);
int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
int saltlen, EVP_MD *md_type); int saltlen, EVP_MD *md_type);
unsigned char *asc2uni(const char *asc, unsigned char **uni, int *unilen); unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen);
char *uni2asc(unsigned char *uni, int unilen); char *uni2asc(unsigned char *uni, int unilen);
int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **pp); int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **pp);
PKCS12_BAGS *PKCS12_BAGS_new(void); PKCS12_BAGS *PKCS12_BAGS_new(void);