diff options
| author | markm <markm@FreeBSD.org> | 2003-01-28 21:43:22 +0000 |
|---|---|---|
| committer | markm <markm@FreeBSD.org> | 2003-01-28 21:43:22 +0000 |
| commit | aad1d64cb5a8d9b503d9199642363dc1e92d2f9b (patch) | |
| tree | 610a51c6e3965764fb0f1629c1376e2d23afffe8 /crypto/openssl/crypto/evp/evp_key.c | |
| parent | eba366e36e93f5da8ae5c744eb337c3ef6872641 (diff) | |
| download | FreeBSD-src-aad1d64cb5a8d9b503d9199642363dc1e92d2f9b.zip FreeBSD-src-aad1d64cb5a8d9b503d9199642363dc1e92d2f9b.tar.gz | |
Vendor import of OpenSSL release 0.9.7. This release includes
support for AES and OpenBSD's hardware crypto.
Diffstat (limited to 'crypto/openssl/crypto/evp/evp_key.c')
| -rw-r--r-- | crypto/openssl/crypto/evp/evp_key.c | 43 |
1 files changed, 29 insertions, 14 deletions
diff --git a/crypto/openssl/crypto/evp/evp_key.c b/crypto/openssl/crypto/evp/evp_key.c index e7434ef..5f387a9 100644 --- a/crypto/openssl/crypto/evp/evp_key.c +++ b/crypto/openssl/crypto/evp/evp_key.c @@ -61,6 +61,7 @@ #include <openssl/x509.h> #include <openssl/objects.h> #include <openssl/evp.h> +#include <openssl/ui.h> /* should be init to zeros. */ static char prompt_string[80]; @@ -70,7 +71,10 @@ void EVP_set_pw_prompt(char *prompt) if (prompt == NULL) prompt_string[0]='\0'; else + { strncpy(prompt_string,prompt,79); + prompt_string[79]='\0'; + } } char *EVP_get_pw_prompt(void) @@ -86,18 +90,26 @@ char *EVP_get_pw_prompt(void) * this function will fail */ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) { -#ifndef NO_DES + int ret; + char buff[BUFSIZ]; + UI *ui; + if ((prompt == NULL) && (prompt_string[0] != '\0')) prompt=prompt_string; - return(des_read_pw_string(buf,len,prompt,verify)); -#else - return -1; -#endif + ui = UI_new(); + UI_add_input_string(ui,prompt,0,buf,0,(len>=BUFSIZ)?BUFSIZ-1:len); + if (verify) + UI_add_verify_string(ui,prompt,0, + buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf); + ret = UI_process(ui); + UI_free(ui); + OPENSSL_cleanse(buff,BUFSIZ); + return ret; } -int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md, - const unsigned char *salt, const unsigned char *data, int datal, - int count, unsigned char *key, unsigned char *iv) +int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, + const unsigned char *salt, const unsigned char *data, int datal, + int count, unsigned char *key, unsigned char *iv) { EVP_MD_CTX c; unsigned char md_buf[EVP_MAX_MD_SIZE]; @@ -106,24 +118,27 @@ int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md, nkey=type->key_len; niv=type->iv_len; + OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH); + OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH); if (data == NULL) return(nkey); + EVP_MD_CTX_init(&c); for (;;) { - EVP_DigestInit(&c,md); + EVP_DigestInit_ex(&c,md, NULL); if (addmd++) EVP_DigestUpdate(&c,&(md_buf[0]),mds); EVP_DigestUpdate(&c,data,datal); if (salt != NULL) EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN); - EVP_DigestFinal(&c,&(md_buf[0]),&mds); + EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds); for (i=1; i<(unsigned int)count; i++) { - EVP_DigestInit(&c,md); + EVP_DigestInit_ex(&c,md, NULL); EVP_DigestUpdate(&c,&(md_buf[0]),mds); - EVP_DigestFinal(&c,&(md_buf[0]),&mds); + EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds); } i=0; if (nkey) @@ -152,8 +167,8 @@ int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md, } if ((nkey == 0) && (niv == 0)) break; } - memset(&c,0,sizeof(c)); - memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE); + EVP_MD_CTX_cleanup(&c); + OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE); return(type->key_len); } |
