diff options
Diffstat (limited to 'crypto/pkcs12/p12_crpt.c')
-rw-r--r-- | crypto/pkcs12/p12_crpt.c | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/crypto/pkcs12/p12_crpt.c b/crypto/pkcs12/p12_crpt.c index 9e37436c92..cb65c42000 100644 --- a/crypto/pkcs12/p12_crpt.c +++ b/crypto/pkcs12/p12_crpt.c @@ -82,19 +82,38 @@ EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc(), #endif } -int PKCS12_PBE_keyivgen (const char *pass, int passlen, unsigned char *salt, - int saltlen, int iter, EVP_CIPHER *cipher, EVP_MD *md, +int PKCS12_PBE_keyivgen (const char *pass, int passlen, ASN1_TYPE *param, + EVP_CIPHER *cipher, EVP_MD *md, unsigned char *key, unsigned char *iv) { + PBEPARAM *pbe; + int saltlen, iter; + unsigned char *salt, *pbuf; + + /* Extract useful info from parameter */ + pbuf = param->value.sequence->data; + if (!(pbe = d2i_PBEPARAM (NULL, &pbuf, + param->value.sequence->length))) { + EVPerr(PKCS12_F_PKCS12_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); + return 0; + } + + if (!pbe->iter) iter = 1; + else iter = ASN1_INTEGER_get (pbe->iter); + salt = pbe->salt->data; + saltlen = pbe->salt->length; if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_KEY_ID, iter, EVP_CIPHER_key_length(cipher), key, md)) { PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_KEY_GEN_ERROR); + PBEPARAM_free(pbe); return 0; } if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_IV_ID, iter, EVP_CIPHER_iv_length(cipher), iv, md)) { PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_IV_GEN_ERROR); + PBEPARAM_free(pbe); return 0; } + PBEPARAM_free(pbe); return 1; } |