Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
大约 1 年 前同步成功

通知 9
Star 18
Fork 1
T
Third Party Openssl

体验新版 GitCode,发现更多精彩内容 >>

提交 d6c5462e 编写于 作者: D Dr. Stephen Henson
浏览文件
操作

Support for alternative KDFs. 

Don't hard code NID_id_pbkdf2 in PBES2: look it up in PBE table.
Reviewed-by: NAndy Polyakov <appro@openssl.org>
上级 84903716
隐藏空白更改
内联 并排
Showing with 7 addition and 4 deletion
crypto/evp/evp.h
浏览文件 @ d6c5462e
...@@ -1073,6 +1073,8 @@ int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, ...@@ -1073,6 +1073,8 @@ int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
# define EVP_PBE_TYPE_OUTER 0x0 # define EVP_PBE_TYPE_OUTER 0x0
/* Is an PRF type OID */ /* Is an PRF type OID */
# define EVP_PBE_TYPE_PRF 0x1 # define EVP_PBE_TYPE_PRF 0x1
/* Is a PKCS#5 v2.0 KDF */
# define EVP_PBE_TYPE_KDF 0x2
int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
int md_nid, EVP_PBE_KEYGEN *keygen); int md_nid, EVP_PBE_KEYGEN *keygen);
......
crypto/evp/evp_pbe.c
浏览文件 @ d6c5462e
...@@ -118,6 +118,7 @@ static const EVP_PBE_CTL builtin_pbe[] = { ...@@ -118,6 +118,7 @@ static const EVP_PBE_CTL builtin_pbe[] = {
{EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0}, {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},
{EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0}, {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},
{EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0}, {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},
{EVP_PBE_TYPE_KDF, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen}
}; };
#ifdef TEST #ifdef TEST
......
crypto/evp/p5_crpt2.c
浏览文件 @ d6c5462e
...@@ -194,6 +194,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ...@@ -194,6 +194,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
int plen; int plen;
PBE2PARAM *pbe2 = NULL; PBE2PARAM *pbe2 = NULL;
const EVP_CIPHER *cipher; const EVP_CIPHER *cipher;
EVP_PBE_KEYGEN *kdf;
int rv = 0; int rv = 0;
...@@ -211,8 +212,8 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ...@@ -211,8 +212,8 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
} }
/* See if we recognise the key derivation function */ /* See if we recognise the key derivation function */
if (!EVP_PBE_find(EVP_PBE_TYPE_KDF, OBJ_obj2nid(pbe2->keyfunc->algorithm),
if (OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) { NULL, NULL, &kdf)) {
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION); EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
goto err; goto err;
...@@ -236,8 +237,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ...@@ -236,8 +237,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_CIPHER_PARAMETER_ERROR); EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_CIPHER_PARAMETER_ERROR);
goto err; goto err;
} }
rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen, rv = kdf(ctx, pass, passlen, pbe2->keyfunc->parameter, NULL, NULL, en_de);
pbe2->keyfunc->parameter, c, md, en_de);
err: err:
PBE2PARAM_free(pbe2); PBE2PARAM_free(pbe2);
return rv; return rv;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册