Skip to content

Commit 53fc569

Browse files
sjaeckelsjaeckel
committed
re-work pkcs12 a bit
1 parent 6fe1b5b commit 53fc569

File tree

2 files changed

+25
-5
lines changed

2 files changed

+25
-5
lines changed

src/misc/pkcs12/pkcs12_kdf.c

Lines changed: 16 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,10 @@ int pkcs12_kdf( int hash_id,
3030
unsigned char *I = NULL, *key = NULL;
3131
int err = CRYPT_ERROR;
3232

33+
LTC_ARGCHK(pw != NULL);
34+
LTC_ARGCHK(salt != NULL);
35+
LTC_ARGCHK(out != NULL);
36+
3337
key = XMALLOC(u * c);
3438
I = XMALLOC(Plen + Slen);
3539
if (key == NULL || I == NULL) goto DONE;
@@ -40,7 +44,7 @@ int pkcs12_kdf( int hash_id,
4044
for (i = 0; i < Plen; i++) I[Slen + i] = pw[i % pwlen]; /* I = Salt || Pass */
4145

4246
for (i = 0; i < c; i++) {
43-
Alen = u; /* hash size */
47+
Alen = sizeof(A);
4448
err = hash_memory_multi(hash_id, A, &Alen, D, v, I, Slen + Plen, NULL); /* A = HASH(D || I) */
4549
if (err != CRYPT_OK) goto DONE;
4650
for (j = 1; j < iterations; j++) {
@@ -63,14 +67,21 @@ int pkcs12_kdf( int hash_id,
6367
}
6468
}
6569
/* store derived key block */
66-
for (j = 0; j < Alen; j++) key[keylen++] = A[j];
70+
XMEMCPY(&key[keylen], A, Alen);
71+
keylen += Alen;
6772
}
6873

69-
for (i = 0; i < outlen; i++) out[i] = key[i];
74+
XMEMCPY(out, key, outlen);
7075
err = CRYPT_OK;
7176
DONE:
72-
if (I) XFREE(I);
73-
if (key) XFREE(key);
77+
if (I) {
78+
zeromem(I, Plen + Slen);
79+
XFREE(I);
80+
}
81+
if (key) {
82+
zeromem(key, u * c);
83+
XFREE(key);
84+
}
7485
return err;
7586
}
7687

src/misc/pkcs12/pkcs12_utf8_to_utf16.c

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,10 @@ int pkcs12_utf8_to_utf16(const unsigned char *in, unsigned long inlen,
2121
};
2222
int err = CRYPT_ERROR;
2323

24+
LTC_ARGCHK(in != NULL);
25+
LTC_ARGCHK(out != NULL);
26+
LTC_ARGCHK(outlen != NULL);
27+
2428
while (in < in_end) {
2529
ulong32 ch = 0;
2630
unsigned short extra = 0; /* 0 */
@@ -32,10 +36,15 @@ int pkcs12_utf8_to_utf16(const unsigned char *in, unsigned long inlen,
3236
if (in + extra >= in_end) goto ERROR;
3337
switch (extra) {
3438
case 5: ch += *in++; ch <<= 6;
39+
/* FALLTHROUGH */
3540
case 4: ch += *in++; ch <<= 6;
41+
/* FALLTHROUGH */
3642
case 3: ch += *in++; ch <<= 6;
43+
/* FALLTHROUGH */
3744
case 2: ch += *in++; ch <<= 6;
45+
/* FALLTHROUGH */
3846
case 1: ch += *in++; ch <<= 6;
47+
/* FALLTHROUGH */
3948
case 0: ch += *in++;
4049
}
4150
ch -= offset[extra];

0 commit comments

Comments
 (0)