diff options
| author | Gary Ching-Pang Lin <glin@suse.com> | 2015-07-28 11:46:38 -0400 |
|---|---|---|
| committer | Peter Jones <pjones@redhat.com> | 2015-07-28 11:46:38 -0400 |
| commit | 5ce38c90cf43ee79cd999716ea83a5a44eeb819e (patch) | |
| tree | 2fb3d9dd667c772fae5f87fa61e1501cf12da0ce /Cryptlib/OpenSSL/crypto/pkcs12/p12_key.c | |
| parent | 69ba24ff72921ecabbb47178de40dc5a79350040 (diff) | |
| download | efi-boot-shim-5ce38c90cf43ee79cd999716ea83a5a44eeb819e.tar.gz efi-boot-shim-5ce38c90cf43ee79cd999716ea83a5a44eeb819e.zip | |
Update openssl to 1.0.2d
Also update Cryptlib to edk2 r17731
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
Diffstat (limited to 'Cryptlib/OpenSSL/crypto/pkcs12/p12_key.c')
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/pkcs12/p12_key.c | 42 |
1 files changed, 23 insertions, 19 deletions
diff --git a/Cryptlib/OpenSSL/crypto/pkcs12/p12_key.c b/Cryptlib/OpenSSL/crypto/pkcs12/p12_key.c index dcccc105..99b8260c 100644 --- a/Cryptlib/OpenSSL/crypto/pkcs12/p12_key.c +++ b/Cryptlib/OpenSSL/crypto/pkcs12/p12_key.c @@ -72,12 +72,6 @@ extern BIO *bio_err; void h__dump(unsigned char *p, int len); #endif -#ifdef OPENSSL_SYS_NETWARE -/* Rename these functions to avoid name clashes on NetWare OS */ -# define uni2asc OPENSSL_uni2asc -# define asc2uni OPENSSL_asc2uni -#endif - /* PKCS12 compatible key/IV generation */ #ifndef min # define min(a,b) ((a) < (b) ? (a) : (b)) @@ -90,15 +84,18 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, int ret; unsigned char *unipass; int uniplen; + if (!pass) { unipass = NULL; uniplen = 0; - } else if (!asc2uni(pass, passlen, &unipass, &uniplen)) { + } else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) { PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC, ERR_R_MALLOC_FAILURE); return 0; } ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen, id, iter, n, out, md_type); + if (ret <= 0) + return 0; if (unipass) { OPENSSL_cleanse(unipass, uniplen); /* Clear password from memory */ OPENSSL_free(unipass); @@ -139,6 +136,8 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, #endif v = EVP_MD_block_size(md_type); u = EVP_MD_size(md_type); + if (u < 0) + return 0; D = OPENSSL_malloc(v); Ai = OPENSSL_malloc(u); B = OPENSSL_malloc(v + 1); @@ -161,14 +160,16 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, for (i = 0; i < Plen; i++) *p++ = pass[i % passlen]; for (;;) { - EVP_DigestInit_ex(&ctx, md_type, NULL); - EVP_DigestUpdate(&ctx, D, v); - EVP_DigestUpdate(&ctx, I, Ilen); - EVP_DigestFinal_ex(&ctx, Ai, NULL); + if (!EVP_DigestInit_ex(&ctx, md_type, NULL) + || !EVP_DigestUpdate(&ctx, D, v) + || !EVP_DigestUpdate(&ctx, I, Ilen) + || !EVP_DigestFinal_ex(&ctx, Ai, NULL)) + goto err; for (j = 1; j < iter; j++) { - EVP_DigestInit_ex(&ctx, md_type, NULL); - EVP_DigestUpdate(&ctx, Ai, u); - EVP_DigestFinal_ex(&ctx, Ai, NULL); + if (!EVP_DigestInit_ex(&ctx, md_type, NULL) + || !EVP_DigestUpdate(&ctx, Ai, u) + || !EVP_DigestFinal_ex(&ctx, Ai, NULL)) + goto err; } memcpy(out, Ai, min(n, u)); if (u >= n) { @@ -193,20 +194,23 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, goto err; if (!BN_add(Ij, Ij, Bpl1)) goto err; - BN_bn2bin(Ij, B); + if (!BN_bn2bin(Ij, B)) + goto err; Ijlen = BN_num_bytes(Ij); /* If more than 2^(v*8) - 1 cut off MSB */ if (Ijlen > v) { - BN_bn2bin(Ij, B); + if (!BN_bn2bin(Ij, B)) + goto err; memcpy(I + j, B + 1, v); #ifndef PKCS12_BROKEN_KEYGEN /* If less than v bytes pad with zeroes */ } else if (Ijlen < v) { memset(I + j, 0, v - Ijlen); - BN_bn2bin(Ij, I + j + v - Ijlen); + if (!BN_bn2bin(Ij, I + j + v - Ijlen)) + goto err; #endif - } else - BN_bn2bin(Ij, I + j); + } else if (!BN_bn2bin(Ij, I + j)) + goto err; } } |