Fix PKCS#12 PBE routines to cope with passwords

from PEM callbacks which are not null terminated.

CHANGES

@@ -4,6 +4,12 @@
 
  Changes between 0.9.6 and 0.9.6a  [xx XXX 2000]
 
+  *) Change PKCS12_key_gen_asc() so it can cope with non null
+     terminated strings whose length is passed in the passlen
+     parameter, for example from PEM callbacks. This was done
+     by adding an extra length parameter to asc2uni().
+     [Steve Henson, reported by <oddissey@samsung.co.kr>]
+
   *) Fix C code generated by 'openssl dsaparam -C': If a BN_bin2bn
      call failed, free the DSA structure.
      [Bodo Moeller]

crypto/pkcs12/p12_attr.c

@@ -151,7 +151,7 @@ int PKCS12_add_friendlyname_asc (PKCS12_SAFEBAG *bag, const char *name,
 {
 	unsigned char *uniname;
 	int ret, unilen;
-	if (!asc2uni(name, &uniname, &unilen)) {
+	if (!asc2uni(name, namelen, &uniname, &unilen)) {
 		PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC,
 							ERR_R_MALLOC_FAILURE);
 		return 0;

crypto/pkcs12/p12_key.c

@@ -84,7 +84,7 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
 	if(!pass) {
 		unipass = NULL;
 		uniplen = 0;
-	} else if (!asc2uni(pass, &unipass, &uniplen)) {
+	} else if (!asc2uni(pass, passlen, &unipass, &uniplen)) {
 		PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE);
 		return 0;
 	}

crypto/pkcs12/p12_utl.c

@@ -62,22 +62,26 @@
 
 /* Cheap and nasty Unicode stuff */
 
-unsigned char *asc2uni (const char *asc, unsigned char **uni, int *unilen)
+unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen)
 {
 	int ulen, i;
 	unsigned char *unitmp;
-	ulen = strlen(asc)*2  + 2;
+	if (asclen == -1) asclen = strlen(asc);
-	if (!(unitmp = OPENSSL_malloc (ulen))) return NULL;
+	ulen = asclen*2  + 2;
-	for (i = 0; i < ulen; i+=2) {
+	if (!(unitmp = OPENSSL_malloc(ulen))) return NULL;
+	for (i = 0; i < ulen - 2; i+=2) {
 		unitmp[i] = 0;
 		unitmp[i + 1] = asc[i>>1];
 	}
+	/* Make result double null terminated */
+	unitmp[ulen - 2] = 0;
+	unitmp[ulen - 1] = 0;
 	if (unilen) *unilen = ulen;
 	if (uni) *uni = unitmp;
 	return unitmp;
 }
 
-char *uni2asc (unsigned char *uni, int unilen)
+char *uni2asc(unsigned char *uni, int unilen)
 {
 	int asclen, i;
 	char *asctmp;
@@ -85,7 +89,7 @@ char *uni2asc (unsigned char *uni, int unilen)
 	/* If no terminating zero allow for one */
 	if (!unilen || uni[unilen - 1]) asclen++;
 	uni++;
-	if (!(asctmp = OPENSSL_malloc (asclen))) return NULL;
+	if (!(asctmp = OPENSSL_malloc(asclen))) return NULL;
 	for (i = 0; i < unilen; i+=2) asctmp[i>>1] = uni[i];
 	asctmp[asclen - 1] = 0;
 	return asctmp;

crypto/pkcs12/pkcs12.h

@@ -247,7 +247,7 @@ int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
 		   EVP_MD *md_type);
 int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
 					 int saltlen, EVP_MD *md_type);
-unsigned char *asc2uni(const char *asc, unsigned char **uni, int *unilen);
+unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen);
 char *uni2asc(unsigned char *uni, int unilen);
 int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **pp);
 PKCS12_BAGS *PKCS12_BAGS_new(void);