summaryrefslogtreecommitdiffstats
path: root/crypto/pkcs12/p12_crpt.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/pkcs12/p12_crpt.c')
-rw-r--r--crypto/pkcs12/p12_crpt.c23
1 files changed, 21 insertions, 2 deletions
diff --git a/crypto/pkcs12/p12_crpt.c b/crypto/pkcs12/p12_crpt.c
index 9e37436c92..cb65c42000 100644
--- a/crypto/pkcs12/p12_crpt.c
+++ b/crypto/pkcs12/p12_crpt.c
@@ -82,19 +82,38 @@ EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc(),
#endif
}
-int PKCS12_PBE_keyivgen (const char *pass, int passlen, unsigned char *salt,
- int saltlen, int iter, EVP_CIPHER *cipher, EVP_MD *md,
+int PKCS12_PBE_keyivgen (const char *pass, int passlen, ASN1_TYPE *param,
+ EVP_CIPHER *cipher, EVP_MD *md,
unsigned char *key, unsigned char *iv)
{
+ PBEPARAM *pbe;
+ int saltlen, iter;
+ unsigned char *salt, *pbuf;
+
+ /* Extract useful info from parameter */
+ pbuf = param->value.sequence->data;
+ if (!(pbe = d2i_PBEPARAM (NULL, &pbuf,
+ param->value.sequence->length))) {
+ EVPerr(PKCS12_F_PKCS12_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
+ return 0;
+ }
+
+ if (!pbe->iter) iter = 1;
+ else iter = ASN1_INTEGER_get (pbe->iter);
+ salt = pbe->salt->data;
+ saltlen = pbe->salt->length;
if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_KEY_ID,
iter, EVP_CIPHER_key_length(cipher), key, md)) {
PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_KEY_GEN_ERROR);
+ PBEPARAM_free(pbe);
return 0;
}
if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_IV_ID,
iter, EVP_CIPHER_iv_length(cipher), iv, md)) {
PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_IV_GEN_ERROR);
+ PBEPARAM_free(pbe);
return 0;
}
+ PBEPARAM_free(pbe);
return 1;
}