From: jsing Date: Sat, 19 Apr 2014 06:15:56 +0000 (+0000) Subject: More KNF. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=a83956ba715a6a158feb53aa9f2ba5f0f902caab;p=openbsd More KNF. --- diff --git a/lib/libcrypto/asn1/i2d_pr.c b/lib/libcrypto/asn1/i2d_pr.c index 71757486011..3340e6ce394 100644 --- a/lib/libcrypto/asn1/i2d_pr.c +++ b/lib/libcrypto/asn1/i2d_pr.c @@ -5,21 +5,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,10 +34,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -62,18 +62,18 @@ #include #include "asn1_locl.h" -int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) +int +i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) { if (a->ameth && a->ameth->old_priv_encode) { return a->ameth->old_priv_encode(a, pp); } if (a->ameth && a->ameth->priv_encode) { PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a); - int ret = i2d_PKCS8_PRIV_KEY_INFO(p8,pp); + int ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp); PKCS8_PRIV_KEY_INFO_free(p8); return ret; -} - ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return(-1); + } + ASN1err(ASN1_F_I2D_PRIVATEKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return (-1); } - diff --git a/lib/libcrypto/asn1/i2d_pu.c b/lib/libcrypto/asn1/i2d_pu.c index 08b438115df..8ac271e056a 100644 --- a/lib/libcrypto/asn1/i2d_pu.c +++ b/lib/libcrypto/asn1/i2d_pu.c @@ -5,21 +5,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,10 +34,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -71,24 +71,24 @@ #include #endif -int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) +int +i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) { switch (a->type) { #ifndef OPENSSL_NO_RSA case EVP_PKEY_RSA: - return(i2d_RSAPublicKey(a->pkey.rsa,pp)); + return (i2d_RSAPublicKey(a->pkey.rsa, pp)); #endif #ifndef OPENSSL_NO_DSA case EVP_PKEY_DSA: - return(i2d_DSAPublicKey(a->pkey.dsa,pp)); + return (i2d_DSAPublicKey(a->pkey.dsa, pp)); #endif #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: - return(i2o_ECPublicKey(a->pkey.ec, pp)); + return (i2o_ECPublicKey(a->pkey.ec, pp)); #endif default: - ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return(-1); + ASN1err(ASN1_F_I2D_PUBLICKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return (-1); } } - diff --git a/lib/libcrypto/asn1/n_pkey.c b/lib/libcrypto/asn1/n_pkey.c index 0a378759f9d..0e58baf1b5b 100644 --- a/lib/libcrypto/asn1/n_pkey.c +++ b/lib/libcrypto/asn1/n_pkey.c @@ -5,21 +5,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,10 +34,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -69,15 +69,13 @@ #ifndef OPENSSL_NO_RC4 -typedef struct netscape_pkey_st -{ +typedef struct netscape_pkey_st { long version; X509_ALGOR *algor; ASN1_OCTET_STRING *private_key; } NETSCAPE_PKEY; -typedef struct netscape_encrypted_pkey_st -{ +typedef struct netscape_encrypted_pkey_st { ASN1_OCTET_STRING *os; /* This is the same structure as DigestInfo so use it: * although this isn't really anything to do with @@ -93,7 +91,7 @@ ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY) = { } ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY) DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY,NETSCAPE_ENCRYPTED_PKEY) +DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY, NETSCAPE_ENCRYPTED_PKEY) IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY) ASN1_SEQUENCE(NETSCAPE_PKEY) = { @@ -103,61 +101,59 @@ ASN1_SEQUENCE(NETSCAPE_PKEY) = { } ASN1_SEQUENCE_END(NETSCAPE_PKEY) DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_PKEY) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY,NETSCAPE_PKEY) +DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY, NETSCAPE_PKEY) IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY) static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, - int (*cb)(char *buf, int len, const char *prompt, - int verify), - int sgckey); + int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey); -int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, - int (*cb)(char *buf, int len, const char *prompt, - int verify)) +int +i2d_Netscape_RSA(const RSA *a, unsigned char **pp, + int (*cb)(char *buf, int len, const char *prompt, int verify)) { return i2d_RSA_NET(a, pp, cb, 0); } -int i2d_RSA_NET(const RSA *a, unsigned char **pp, - int (*cb)(char *buf, int len, const char *prompt, int verify), - int sgckey) +int +i2d_RSA_NET(const RSA *a, unsigned char **pp, + int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey) { int i, j, ret = 0; int rsalen, pkeylen, olen; NETSCAPE_PKEY *pkey = NULL; NETSCAPE_ENCRYPTED_PKEY *enckey = NULL; - unsigned char buf[256],*zz; + unsigned char buf[256], *zz; unsigned char key[EVP_MAX_KEY_LENGTH]; EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); - if (a == NULL) return(0); + if (a == NULL) + return (0); - if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err; - if ((enckey=NETSCAPE_ENCRYPTED_PKEY_new()) == NULL) goto err; + if ((pkey = NETSCAPE_PKEY_new()) == NULL) + goto err; + if ((enckey = NETSCAPE_ENCRYPTED_PKEY_new()) == NULL) + goto err; pkey->version = 0; - pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption); - if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err; - pkey->algor->parameter->type=V_ASN1_NULL; + pkey->algor->algorithm = OBJ_nid2obj(NID_rsaEncryption); + if ((pkey->algor->parameter = ASN1_TYPE_new()) == NULL) + goto err; + pkey->algor->parameter->type = V_ASN1_NULL; rsalen = i2d_RSAPrivateKey(a, NULL); /* Fake some octet strings just for the initial length * calculation. */ - - pkey->private_key->length=rsalen; - - pkeylen=i2d_NETSCAPE_PKEY(pkey,NULL); - + pkey->private_key->length = rsalen; + pkeylen = i2d_NETSCAPE_PKEY(pkey, NULL); enckey->enckey->digest->length = pkeylen; - enckey->os->length = 11; /* "private-key" */ - - enckey->enckey->algor->algorithm=OBJ_nid2obj(NID_rc4); - if ((enckey->enckey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err; - enckey->enckey->algor->parameter->type=V_ASN1_NULL; + enckey->enckey->algor->algorithm = OBJ_nid2obj(NID_rc4); + if ((enckey->enckey->algor->parameter = ASN1_TYPE_new()) == NULL) + goto err; + enckey->enckey->algor->parameter->type = V_ASN1_NULL; if (pp == NULL) { olen = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, NULL); @@ -166,59 +162,58 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, return olen; } - /* Since its RC4 encrypted length is actual length */ - if ((zz=(unsigned char *)malloc(rsalen)) == NULL) { - ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); + if ((zz = (unsigned char *)malloc(rsalen)) == NULL) { + ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE); goto err; } pkey->private_key->data = zz; /* Write out private key encoding */ - i2d_RSAPrivateKey(a,&zz); + i2d_RSAPrivateKey(a, &zz); - if ((zz=malloc(pkeylen)) == NULL) { - ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); + if ((zz = malloc(pkeylen)) == NULL) { + ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE); goto err; } if (!ASN1_STRING_set(enckey->os, "private-key", -1)) { - ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE); goto err; } enckey->enckey->digest->data = zz; - i2d_NETSCAPE_PKEY(pkey,&zz); + i2d_NETSCAPE_PKEY(pkey, &zz); /* Wipe the private key encoding */ OPENSSL_cleanse(pkey->private_key->data, rsalen); - + if (cb == NULL) - cb=EVP_read_pw_string; - i=cb((char *)buf,256,"Enter Private Key password:",1); + cb = EVP_read_pw_string; + i = cb((char *)buf, 256, "Enter Private Key password:", 1); if (i != 0) { - ASN1err(ASN1_F_I2D_RSA_NET,ASN1_R_BAD_PASSWORD_READ); + ASN1err(ASN1_F_I2D_RSA_NET, ASN1_R_BAD_PASSWORD_READ); goto err; } i = strlen((char *)buf); /* If the key is used for SGC the algorithm is modified a little. */ - if(sgckey) { + if (sgckey) { if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL)) goto err; memcpy(buf + 16, "SGCKEYSALT", 10); i = 26; -} + } - if (!EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL)) + if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i,1, key, NULL)) goto err; - OPENSSL_cleanse(buf,256); + OPENSSL_cleanse(buf, 256); /* Encrypt private key in place */ zz = enckey->enckey->digest->data; - if (!EVP_EncryptInit_ex(&ctx,EVP_rc4(),NULL,key,NULL)) + if (!EVP_EncryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL)) goto err; - if (!EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen)) + if (!EVP_EncryptUpdate(&ctx, zz, &i, zz, pkeylen)) goto err; - if (!EVP_EncryptFinal_ex(&ctx,zz + i,&j)) + if (!EVP_EncryptFinal_ex(&ctx, zz + i, &j)) goto err; ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp); @@ -226,110 +221,116 @@ err: EVP_CIPHER_CTX_cleanup(&ctx); NETSCAPE_ENCRYPTED_PKEY_free(enckey); NETSCAPE_PKEY_free(pkey); - return(ret); + return (ret); } -RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, - int (*cb)(char *buf, int len, const char *prompt, - int verify)) +RSA * +d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, + int (*cb)(char *buf, int len, const char *prompt, int verify)) { return d2i_RSA_NET(a, pp, length, cb, 0); } -RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, - int (*cb)(char *buf, int len, const char *prompt, int verify), - int sgckey) +RSA * +d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, + int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey) { - RSA *ret=NULL; + RSA *ret = NULL; const unsigned char *p; NETSCAPE_ENCRYPTED_PKEY *enckey = NULL; p = *pp; enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length); - if(!enckey) { - ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_DECODING_ERROR); + if (!enckey) { + ASN1err(ASN1_F_D2I_RSA_NET, ASN1_R_DECODING_ERROR); return NULL; -} + } if ((enckey->os->length != 11) || (strncmp("private-key", - (char *)enckey->os->data,11) != 0)) { - ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_PRIVATE_KEY_HEADER_MISSING); + (char *)enckey->os->data, 11) != 0)) { + ASN1err(ASN1_F_D2I_RSA_NET, ASN1_R_PRIVATE_KEY_HEADER_MISSING); NETSCAPE_ENCRYPTED_PKEY_free(enckey); return NULL; } if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4) { - ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); + ASN1err(ASN1_F_D2I_RSA_NET, + ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); goto err; -} + } if (cb == NULL) - cb=EVP_read_pw_string; - if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err; + cb = EVP_read_pw_string; + if ((ret = d2i_RSA_NET_2(a, enckey->enckey->digest, cb, + sgckey)) == NULL) + goto err; *pp = p; - err: +err: NETSCAPE_ENCRYPTED_PKEY_free(enckey); return ret; } -static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, - int (*cb)(char *buf, int len, const char *prompt, - int verify), int sgckey) +static RSA * +d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, + int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey) { - NETSCAPE_PKEY *pkey=NULL; - RSA *ret=NULL; - int i,j; + NETSCAPE_PKEY *pkey = NULL; + RSA *ret = NULL; + int i, j; unsigned char buf[256]; const unsigned char *zz; unsigned char key[EVP_MAX_KEY_LENGTH]; EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); - i=cb((char *)buf,256,"Enter Private Key password:",0); + i=cb((char *)buf,256, "Enter Private Key password:",0); if (i != 0) { - ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_BAD_PASSWORD_READ); + ASN1err(ASN1_F_D2I_RSA_NET_2, ASN1_R_BAD_PASSWORD_READ); goto err; } i = strlen((char *)buf); - if(sgckey){ + if (sgckey){ if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL)) goto err; memcpy(buf + 16, "SGCKEYSALT", 10); i = 26; -} - - if (!EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL)) + } + + if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i,1, key, NULL)) goto err; - OPENSSL_cleanse(buf,256); + OPENSSL_cleanse(buf, 256); - if (!EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL)) + if (!EVP_DecryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL)) goto err; - if (!EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length)) + if (!EVP_DecryptUpdate(&ctx, os->data, &i, os->data, os->length)) goto err; - if (!EVP_DecryptFinal_ex(&ctx,&(os->data[i]),&j)) + if (!EVP_DecryptFinal_ex(&ctx, &(os->data[i]), &j)) goto err; - os->length=i+j; + os->length = i + j; - zz=os->data; + zz = os->data; - if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL) { - ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY); + if ((pkey = d2i_NETSCAPE_PKEY(NULL, &zz, os->length)) == NULL) { + ASN1err(ASN1_F_D2I_RSA_NET_2, + ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY); goto err; } - - zz=pkey->private_key->data; - if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL) { - ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY); + + zz = pkey->private_key->data; + if ((ret = d2i_RSAPrivateKey(a, &zz, + pkey->private_key->length)) == NULL) { + ASN1err(ASN1_F_D2I_RSA_NET_2, ASN1_R_UNABLE_TO_DECODE_RSA_KEY); goto err; } + err: EVP_CIPHER_CTX_cleanup(&ctx); NETSCAPE_PKEY_free(pkey); - return(ret); + return (ret); } #endif /* OPENSSL_NO_RC4 */ @@ -337,7 +338,7 @@ err: #else /* !OPENSSL_NO_RSA */ # if PEDANTIC -static void *dummy=&dummy; +static void *dummy = &dummy; # endif #endif diff --git a/lib/libcrypto/asn1/nsseq.c b/lib/libcrypto/asn1/nsseq.c index b8c42022309..3e7c73cb919 100644 --- a/lib/libcrypto/asn1/nsseq.c +++ b/lib/libcrypto/asn1/nsseq.c @@ -10,7 +10,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -62,10 +62,10 @@ #include #include -static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, - void *exarg) +static int +nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { - if(operation == ASN1_OP_NEW_POST) { + if (operation == ASN1_OP_NEW_POST) { NETSCAPE_CERT_SEQUENCE *nsseq; nsseq = (NETSCAPE_CERT_SEQUENCE *)*pval; nsseq->type = OBJ_nid2obj(NID_netscape_cert_sequence); diff --git a/lib/libcrypto/asn1/p5_pbe.c b/lib/libcrypto/asn1/p5_pbe.c index 390305ad38f..28caebd5c22 100644 --- a/lib/libcrypto/asn1/p5_pbe.c +++ b/lib/libcrypto/asn1/p5_pbe.c @@ -10,7 +10,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -74,28 +74,29 @@ IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM) /* Set an algorithm identifier for a PKCS#5 PBE algorithm */ -int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, - const unsigned char *salt, int saltlen) +int +PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, + const unsigned char *salt, int saltlen) { - PBEPARAM *pbe=NULL; - ASN1_STRING *pbe_str=NULL; + PBEPARAM *pbe = NULL; + ASN1_STRING *pbe_str = NULL; unsigned char *sstr; pbe = PBEPARAM_new(); if (!pbe) { - ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); goto err; } - if(iter <= 0) + if (iter <= 0) iter = PKCS5_DEFAULT_ITER; if (!ASN1_INTEGER_set(pbe->iter, iter)) { - ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); goto err; } if (!saltlen) saltlen = PKCS5_SALT_LEN; if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) { - ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); goto err; } sstr = ASN1_STRING_data(pbe->salt); @@ -104,8 +105,8 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, else if (RAND_pseudo_bytes(sstr, saltlen) < 0) goto err; - if(!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) { - ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); + if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) { + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); goto err; } @@ -125,17 +126,17 @@ err: /* Return an algorithm identifier for a PKCS#5 PBE algorithm */ -X509_ALGOR *PKCS5_pbe_set(int alg, int iter, - const unsigned char *salt, int saltlen) +X509_ALGOR * +PKCS5_pbe_set(int alg, int iter, const unsigned char *salt, int saltlen) { X509_ALGOR *ret; ret = X509_ALGOR_new(); if (!ret) { - ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE); return NULL; } - if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen)) + if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen)) return ret; X509_ALGOR_free(ret); diff --git a/lib/libcrypto/asn1/p5_pbev2.c b/lib/libcrypto/asn1/p5_pbev2.c index 01563a68fdb..8917cc4ccfd 100644 --- a/lib/libcrypto/asn1/p5_pbev2.c +++ b/lib/libcrypto/asn1/p5_pbev2.c @@ -10,7 +10,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -86,9 +86,9 @@ IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM) * Extended version to allow application supplied PRF NID and IV. */ -X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen, - unsigned char *aiv, int prf_nid) +X509_ALGOR * +PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, unsigned char *salt, + int saltlen, unsigned char *aiv, int prf_nid) { X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL; int alg_nid, keylen; @@ -98,27 +98,30 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, ASN1_OBJECT *obj; alg_nid = EVP_CIPHER_type(cipher); - if(alg_nid == NID_undef) { + if (alg_nid == NID_undef) { ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, - ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); + ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); goto err; } obj = OBJ_nid2obj(alg_nid); - if(!(pbe2 = PBE2PARAM_new())) goto merr; + if (!(pbe2 = PBE2PARAM_new())) + goto merr; /* Setup the AlgorithmIdentifier for the encryption scheme */ scheme = pbe2->encryption; scheme->algorithm = obj; - if(!(scheme->parameter = ASN1_TYPE_new())) goto merr; + if (!(scheme->parameter = ASN1_TYPE_new())) + goto merr; /* Create random IV */ if (EVP_CIPHER_iv_length(cipher)) { if (aiv) memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher)); - else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0) - goto err; + else if (RAND_pseudo_bytes(iv, + EVP_CIPHER_iv_length(cipher)) < 0) + goto err; } EVP_CIPHER_CTX_init(&ctx); @@ -126,16 +129,16 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, /* Dummy cipherinit to just setup the IV, and PRF */ if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0)) goto err; - if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) { + if (EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) { ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, - ASN1_R_ERROR_SETTING_CIPHER_PARAMS); + ASN1_R_ERROR_SETTING_CIPHER_PARAMS); EVP_CIPHER_CTX_cleanup(&ctx); goto err; } /* If prf NID unspecified see if cipher has a preference. * An error is OK here: just means use default PRF. */ - if ((prf_nid == -1) && + if ((prf_nid == -1) && EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) { ERR_clear_error(); prf_nid = NID_hmacWithSHA1; @@ -144,7 +147,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, /* If its RC2 then we'd better setup the key length */ - if(alg_nid == NID_rc2_cbc) + if (alg_nid == NID_rc2_cbc) keylen = EVP_CIPHER_key_length(cipher); else keylen = -1; @@ -160,15 +163,17 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, /* Now set up top level AlgorithmIdentifier */ - if(!(ret = X509_ALGOR_new())) goto merr; - if(!(ret->parameter = ASN1_TYPE_new())) goto merr; + if (!(ret = X509_ALGOR_new())) + goto merr; + if (!(ret->parameter = ASN1_TYPE_new())) + goto merr; ret->algorithm = OBJ_nid2obj(NID_pbes2); /* Encode PBE2PARAM into parameter */ - if(!ASN1_item_pack(pbe2, ASN1_ITEM_rptr(PBE2PARAM), - &ret->parameter->value.sequence)) goto merr; + if (!ASN1_item_pack(pbe2, ASN1_ITEM_rptr(PBE2PARAM), + &ret->parameter->value.sequence)) goto merr; ret->parameter->type = V_ASN1_SEQUENCE; PBE2PARAM_free(pbe2); @@ -177,34 +182,35 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, return ret; merr: - ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ERR_R_MALLOC_FAILURE); - err: +err: PBE2PARAM_free(pbe2); /* Note 'scheme' is freed as part of pbe2 */ X509_ALGOR_free(kalg); X509_ALGOR_free(ret); return NULL; - } -X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen) +X509_ALGOR * +PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, unsigned char *salt, + int saltlen) { return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1); } -X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, - int prf_nid, int keylen) +X509_ALGOR * +PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, int prf_nid, + int keylen) { X509_ALGOR *keyfunc = NULL; PBKDF2PARAM *kdf = NULL; ASN1_OCTET_STRING *osalt = NULL; - if(!(kdf = PBKDF2PARAM_new())) + if (!(kdf = PBKDF2PARAM_new())) goto merr; - if(!(osalt = M_ASN1_OCTET_STRING_new())) + if (!(osalt = M_ASN1_OCTET_STRING_new())) goto merr; kdf->salt->value.octet_string = osalt; @@ -222,20 +228,20 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr; - if(iter <= 0) + if (iter <= 0) iter = PKCS5_DEFAULT_ITER; - if(!ASN1_INTEGER_set(kdf->iter, iter)) + if (!ASN1_INTEGER_set(kdf->iter, iter)) goto merr; /* If have a key len set it up */ - if(keylen > 0) { - if(!(kdf->keylength = M_ASN1_INTEGER_new())) + if (keylen > 0) { + if (!(kdf->keylength = M_ASN1_INTEGER_new())) goto merr; - if(!ASN1_INTEGER_set (kdf->keylength, keylen)) + if (!ASN1_INTEGER_set (kdf->keylength, keylen)) goto merr; - } + } /* prf can stay NULL if we are using hmacWithSHA1 */ if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) { @@ -243,7 +249,7 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, if (!kdf->prf) goto merr; X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid), - V_ASN1_NULL, NULL); + V_ASN1_NULL, NULL); } /* Finally setup the keyfunc structure */ @@ -256,11 +262,11 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, /* Encode PBKDF2PARAM into parameter of pbe2 */ - if(!(keyfunc->parameter = ASN1_TYPE_new())) + if (!(keyfunc->parameter = ASN1_TYPE_new())) goto merr; - if(!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM), - &keyfunc->parameter->value.sequence)) + if (!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM), + &keyfunc->parameter->value.sequence)) goto merr; keyfunc->parameter->type = V_ASN1_SEQUENCE; @@ -268,9 +274,8 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, return keyfunc; merr: - ASN1err(ASN1_F_PKCS5_PBKDF2_SET,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBKDF2_SET, ERR_R_MALLOC_FAILURE); PBKDF2PARAM_free(kdf); X509_ALGOR_free(keyfunc); return NULL; } - diff --git a/lib/libcrypto/asn1/p8_pkey.c b/lib/libcrypto/asn1/p8_pkey.c index c95d7e55a07..6c5577ee1e5 100644 --- a/lib/libcrypto/asn1/p8_pkey.c +++ b/lib/libcrypto/asn1/p8_pkey.c @@ -10,7 +10,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -62,16 +62,16 @@ #include /* Minor tweak to operation: zero private key data */ -static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, - void *exarg) +static int +pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { /* Since the structure must still be valid use ASN1_OP_FREE_PRE */ - if(operation == ASN1_OP_FREE_PRE) { + if (operation == ASN1_OP_FREE_PRE) { PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval; if (key->pkey->value.octet_string) - OPENSSL_cleanse(key->pkey->value.octet_string->data, - key->pkey->value.octet_string->length); -} + OPENSSL_cleanse(key->pkey->value.octet_string->data, + key->pkey->value.octet_string->length); + } return 1; } @@ -84,12 +84,12 @@ ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = { IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) -int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, - int version, - int ptype, void *pval, - unsigned char *penc, int penclen) +int +PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, int version, + int ptype, void *pval, unsigned char *penc, int penclen) { unsigned char **ppenc = NULL; + if (version >= 0) { if (!ASN1_INTEGER_set(priv->version, version)) return 0; @@ -118,14 +118,13 @@ int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, return 1; } -int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, - const unsigned char **pk, int *ppklen, - X509_ALGOR **pa, - PKCS8_PRIV_KEY_INFO *p8) +int +PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen, + X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8) { if (ppkalg) *ppkalg = p8->pkeyalg->algorithm; - if(p8->pkey->type == V_ASN1_OCTET_STRING) { + if (p8->pkey->type == V_ASN1_OCTET_STRING) { p8->broken = PKCS8_OK; if (pk) { *pk = p8->pkey->value.octet_string->data; @@ -137,11 +136,9 @@ int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, *pk = p8->pkey->value.sequence->data; *ppklen = p8->pkey->value.sequence->length; } - } - else + } else return 0; if (pa) *pa = p8->pkeyalg; return 1; } - diff --git a/lib/libssl/src/crypto/asn1/i2d_pr.c b/lib/libssl/src/crypto/asn1/i2d_pr.c index 71757486011..3340e6ce394 100644 --- a/lib/libssl/src/crypto/asn1/i2d_pr.c +++ b/lib/libssl/src/crypto/asn1/i2d_pr.c @@ -5,21 +5,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,10 +34,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -62,18 +62,18 @@ #include #include "asn1_locl.h" -int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) +int +i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) { if (a->ameth && a->ameth->old_priv_encode) { return a->ameth->old_priv_encode(a, pp); } if (a->ameth && a->ameth->priv_encode) { PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a); - int ret = i2d_PKCS8_PRIV_KEY_INFO(p8,pp); + int ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp); PKCS8_PRIV_KEY_INFO_free(p8); return ret; -} - ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return(-1); + } + ASN1err(ASN1_F_I2D_PRIVATEKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return (-1); } - diff --git a/lib/libssl/src/crypto/asn1/i2d_pu.c b/lib/libssl/src/crypto/asn1/i2d_pu.c index 08b438115df..8ac271e056a 100644 --- a/lib/libssl/src/crypto/asn1/i2d_pu.c +++ b/lib/libssl/src/crypto/asn1/i2d_pu.c @@ -5,21 +5,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,10 +34,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -71,24 +71,24 @@ #include #endif -int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) +int +i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) { switch (a->type) { #ifndef OPENSSL_NO_RSA case EVP_PKEY_RSA: - return(i2d_RSAPublicKey(a->pkey.rsa,pp)); + return (i2d_RSAPublicKey(a->pkey.rsa, pp)); #endif #ifndef OPENSSL_NO_DSA case EVP_PKEY_DSA: - return(i2d_DSAPublicKey(a->pkey.dsa,pp)); + return (i2d_DSAPublicKey(a->pkey.dsa, pp)); #endif #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: - return(i2o_ECPublicKey(a->pkey.ec, pp)); + return (i2o_ECPublicKey(a->pkey.ec, pp)); #endif default: - ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return(-1); + ASN1err(ASN1_F_I2D_PUBLICKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return (-1); } } - diff --git a/lib/libssl/src/crypto/asn1/n_pkey.c b/lib/libssl/src/crypto/asn1/n_pkey.c index 0a378759f9d..0e58baf1b5b 100644 --- a/lib/libssl/src/crypto/asn1/n_pkey.c +++ b/lib/libssl/src/crypto/asn1/n_pkey.c @@ -5,21 +5,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,10 +34,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -69,15 +69,13 @@ #ifndef OPENSSL_NO_RC4 -typedef struct netscape_pkey_st -{ +typedef struct netscape_pkey_st { long version; X509_ALGOR *algor; ASN1_OCTET_STRING *private_key; } NETSCAPE_PKEY; -typedef struct netscape_encrypted_pkey_st -{ +typedef struct netscape_encrypted_pkey_st { ASN1_OCTET_STRING *os; /* This is the same structure as DigestInfo so use it: * although this isn't really anything to do with @@ -93,7 +91,7 @@ ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY) = { } ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY) DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY,NETSCAPE_ENCRYPTED_PKEY) +DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY, NETSCAPE_ENCRYPTED_PKEY) IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY) ASN1_SEQUENCE(NETSCAPE_PKEY) = { @@ -103,61 +101,59 @@ ASN1_SEQUENCE(NETSCAPE_PKEY) = { } ASN1_SEQUENCE_END(NETSCAPE_PKEY) DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_PKEY) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY,NETSCAPE_PKEY) +DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY, NETSCAPE_PKEY) IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY) static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, - int (*cb)(char *buf, int len, const char *prompt, - int verify), - int sgckey); + int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey); -int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, - int (*cb)(char *buf, int len, const char *prompt, - int verify)) +int +i2d_Netscape_RSA(const RSA *a, unsigned char **pp, + int (*cb)(char *buf, int len, const char *prompt, int verify)) { return i2d_RSA_NET(a, pp, cb, 0); } -int i2d_RSA_NET(const RSA *a, unsigned char **pp, - int (*cb)(char *buf, int len, const char *prompt, int verify), - int sgckey) +int +i2d_RSA_NET(const RSA *a, unsigned char **pp, + int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey) { int i, j, ret = 0; int rsalen, pkeylen, olen; NETSCAPE_PKEY *pkey = NULL; NETSCAPE_ENCRYPTED_PKEY *enckey = NULL; - unsigned char buf[256],*zz; + unsigned char buf[256], *zz; unsigned char key[EVP_MAX_KEY_LENGTH]; EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); - if (a == NULL) return(0); + if (a == NULL) + return (0); - if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err; - if ((enckey=NETSCAPE_ENCRYPTED_PKEY_new()) == NULL) goto err; + if ((pkey = NETSCAPE_PKEY_new()) == NULL) + goto err; + if ((enckey = NETSCAPE_ENCRYPTED_PKEY_new()) == NULL) + goto err; pkey->version = 0; - pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption); - if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err; - pkey->algor->parameter->type=V_ASN1_NULL; + pkey->algor->algorithm = OBJ_nid2obj(NID_rsaEncryption); + if ((pkey->algor->parameter = ASN1_TYPE_new()) == NULL) + goto err; + pkey->algor->parameter->type = V_ASN1_NULL; rsalen = i2d_RSAPrivateKey(a, NULL); /* Fake some octet strings just for the initial length * calculation. */ - - pkey->private_key->length=rsalen; - - pkeylen=i2d_NETSCAPE_PKEY(pkey,NULL); - + pkey->private_key->length = rsalen; + pkeylen = i2d_NETSCAPE_PKEY(pkey, NULL); enckey->enckey->digest->length = pkeylen; - enckey->os->length = 11; /* "private-key" */ - - enckey->enckey->algor->algorithm=OBJ_nid2obj(NID_rc4); - if ((enckey->enckey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err; - enckey->enckey->algor->parameter->type=V_ASN1_NULL; + enckey->enckey->algor->algorithm = OBJ_nid2obj(NID_rc4); + if ((enckey->enckey->algor->parameter = ASN1_TYPE_new()) == NULL) + goto err; + enckey->enckey->algor->parameter->type = V_ASN1_NULL; if (pp == NULL) { olen = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, NULL); @@ -166,59 +162,58 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, return olen; } - /* Since its RC4 encrypted length is actual length */ - if ((zz=(unsigned char *)malloc(rsalen)) == NULL) { - ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); + if ((zz = (unsigned char *)malloc(rsalen)) == NULL) { + ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE); goto err; } pkey->private_key->data = zz; /* Write out private key encoding */ - i2d_RSAPrivateKey(a,&zz); + i2d_RSAPrivateKey(a, &zz); - if ((zz=malloc(pkeylen)) == NULL) { - ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); + if ((zz = malloc(pkeylen)) == NULL) { + ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE); goto err; } if (!ASN1_STRING_set(enckey->os, "private-key", -1)) { - ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE); goto err; } enckey->enckey->digest->data = zz; - i2d_NETSCAPE_PKEY(pkey,&zz); + i2d_NETSCAPE_PKEY(pkey, &zz); /* Wipe the private key encoding */ OPENSSL_cleanse(pkey->private_key->data, rsalen); - + if (cb == NULL) - cb=EVP_read_pw_string; - i=cb((char *)buf,256,"Enter Private Key password:",1); + cb = EVP_read_pw_string; + i = cb((char *)buf, 256, "Enter Private Key password:", 1); if (i != 0) { - ASN1err(ASN1_F_I2D_RSA_NET,ASN1_R_BAD_PASSWORD_READ); + ASN1err(ASN1_F_I2D_RSA_NET, ASN1_R_BAD_PASSWORD_READ); goto err; } i = strlen((char *)buf); /* If the key is used for SGC the algorithm is modified a little. */ - if(sgckey) { + if (sgckey) { if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL)) goto err; memcpy(buf + 16, "SGCKEYSALT", 10); i = 26; -} + } - if (!EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL)) + if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i,1, key, NULL)) goto err; - OPENSSL_cleanse(buf,256); + OPENSSL_cleanse(buf, 256); /* Encrypt private key in place */ zz = enckey->enckey->digest->data; - if (!EVP_EncryptInit_ex(&ctx,EVP_rc4(),NULL,key,NULL)) + if (!EVP_EncryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL)) goto err; - if (!EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen)) + if (!EVP_EncryptUpdate(&ctx, zz, &i, zz, pkeylen)) goto err; - if (!EVP_EncryptFinal_ex(&ctx,zz + i,&j)) + if (!EVP_EncryptFinal_ex(&ctx, zz + i, &j)) goto err; ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp); @@ -226,110 +221,116 @@ err: EVP_CIPHER_CTX_cleanup(&ctx); NETSCAPE_ENCRYPTED_PKEY_free(enckey); NETSCAPE_PKEY_free(pkey); - return(ret); + return (ret); } -RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, - int (*cb)(char *buf, int len, const char *prompt, - int verify)) +RSA * +d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, + int (*cb)(char *buf, int len, const char *prompt, int verify)) { return d2i_RSA_NET(a, pp, length, cb, 0); } -RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, - int (*cb)(char *buf, int len, const char *prompt, int verify), - int sgckey) +RSA * +d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, + int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey) { - RSA *ret=NULL; + RSA *ret = NULL; const unsigned char *p; NETSCAPE_ENCRYPTED_PKEY *enckey = NULL; p = *pp; enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length); - if(!enckey) { - ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_DECODING_ERROR); + if (!enckey) { + ASN1err(ASN1_F_D2I_RSA_NET, ASN1_R_DECODING_ERROR); return NULL; -} + } if ((enckey->os->length != 11) || (strncmp("private-key", - (char *)enckey->os->data,11) != 0)) { - ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_PRIVATE_KEY_HEADER_MISSING); + (char *)enckey->os->data, 11) != 0)) { + ASN1err(ASN1_F_D2I_RSA_NET, ASN1_R_PRIVATE_KEY_HEADER_MISSING); NETSCAPE_ENCRYPTED_PKEY_free(enckey); return NULL; } if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4) { - ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); + ASN1err(ASN1_F_D2I_RSA_NET, + ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); goto err; -} + } if (cb == NULL) - cb=EVP_read_pw_string; - if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err; + cb = EVP_read_pw_string; + if ((ret = d2i_RSA_NET_2(a, enckey->enckey->digest, cb, + sgckey)) == NULL) + goto err; *pp = p; - err: +err: NETSCAPE_ENCRYPTED_PKEY_free(enckey); return ret; } -static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, - int (*cb)(char *buf, int len, const char *prompt, - int verify), int sgckey) +static RSA * +d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, + int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey) { - NETSCAPE_PKEY *pkey=NULL; - RSA *ret=NULL; - int i,j; + NETSCAPE_PKEY *pkey = NULL; + RSA *ret = NULL; + int i, j; unsigned char buf[256]; const unsigned char *zz; unsigned char key[EVP_MAX_KEY_LENGTH]; EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); - i=cb((char *)buf,256,"Enter Private Key password:",0); + i=cb((char *)buf,256, "Enter Private Key password:",0); if (i != 0) { - ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_BAD_PASSWORD_READ); + ASN1err(ASN1_F_D2I_RSA_NET_2, ASN1_R_BAD_PASSWORD_READ); goto err; } i = strlen((char *)buf); - if(sgckey){ + if (sgckey){ if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL)) goto err; memcpy(buf + 16, "SGCKEYSALT", 10); i = 26; -} - - if (!EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL)) + } + + if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i,1, key, NULL)) goto err; - OPENSSL_cleanse(buf,256); + OPENSSL_cleanse(buf, 256); - if (!EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL)) + if (!EVP_DecryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL)) goto err; - if (!EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length)) + if (!EVP_DecryptUpdate(&ctx, os->data, &i, os->data, os->length)) goto err; - if (!EVP_DecryptFinal_ex(&ctx,&(os->data[i]),&j)) + if (!EVP_DecryptFinal_ex(&ctx, &(os->data[i]), &j)) goto err; - os->length=i+j; + os->length = i + j; - zz=os->data; + zz = os->data; - if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL) { - ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY); + if ((pkey = d2i_NETSCAPE_PKEY(NULL, &zz, os->length)) == NULL) { + ASN1err(ASN1_F_D2I_RSA_NET_2, + ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY); goto err; } - - zz=pkey->private_key->data; - if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL) { - ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY); + + zz = pkey->private_key->data; + if ((ret = d2i_RSAPrivateKey(a, &zz, + pkey->private_key->length)) == NULL) { + ASN1err(ASN1_F_D2I_RSA_NET_2, ASN1_R_UNABLE_TO_DECODE_RSA_KEY); goto err; } + err: EVP_CIPHER_CTX_cleanup(&ctx); NETSCAPE_PKEY_free(pkey); - return(ret); + return (ret); } #endif /* OPENSSL_NO_RC4 */ @@ -337,7 +338,7 @@ err: #else /* !OPENSSL_NO_RSA */ # if PEDANTIC -static void *dummy=&dummy; +static void *dummy = &dummy; # endif #endif diff --git a/lib/libssl/src/crypto/asn1/nsseq.c b/lib/libssl/src/crypto/asn1/nsseq.c index b8c42022309..3e7c73cb919 100644 --- a/lib/libssl/src/crypto/asn1/nsseq.c +++ b/lib/libssl/src/crypto/asn1/nsseq.c @@ -10,7 +10,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -62,10 +62,10 @@ #include #include -static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, - void *exarg) +static int +nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { - if(operation == ASN1_OP_NEW_POST) { + if (operation == ASN1_OP_NEW_POST) { NETSCAPE_CERT_SEQUENCE *nsseq; nsseq = (NETSCAPE_CERT_SEQUENCE *)*pval; nsseq->type = OBJ_nid2obj(NID_netscape_cert_sequence); diff --git a/lib/libssl/src/crypto/asn1/p5_pbe.c b/lib/libssl/src/crypto/asn1/p5_pbe.c index 390305ad38f..28caebd5c22 100644 --- a/lib/libssl/src/crypto/asn1/p5_pbe.c +++ b/lib/libssl/src/crypto/asn1/p5_pbe.c @@ -10,7 +10,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -74,28 +74,29 @@ IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM) /* Set an algorithm identifier for a PKCS#5 PBE algorithm */ -int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, - const unsigned char *salt, int saltlen) +int +PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, + const unsigned char *salt, int saltlen) { - PBEPARAM *pbe=NULL; - ASN1_STRING *pbe_str=NULL; + PBEPARAM *pbe = NULL; + ASN1_STRING *pbe_str = NULL; unsigned char *sstr; pbe = PBEPARAM_new(); if (!pbe) { - ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); goto err; } - if(iter <= 0) + if (iter <= 0) iter = PKCS5_DEFAULT_ITER; if (!ASN1_INTEGER_set(pbe->iter, iter)) { - ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); goto err; } if (!saltlen) saltlen = PKCS5_SALT_LEN; if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) { - ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); goto err; } sstr = ASN1_STRING_data(pbe->salt); @@ -104,8 +105,8 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, else if (RAND_pseudo_bytes(sstr, saltlen) < 0) goto err; - if(!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) { - ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); + if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) { + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE); goto err; } @@ -125,17 +126,17 @@ err: /* Return an algorithm identifier for a PKCS#5 PBE algorithm */ -X509_ALGOR *PKCS5_pbe_set(int alg, int iter, - const unsigned char *salt, int saltlen) +X509_ALGOR * +PKCS5_pbe_set(int alg, int iter, const unsigned char *salt, int saltlen) { X509_ALGOR *ret; ret = X509_ALGOR_new(); if (!ret) { - ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE); return NULL; } - if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen)) + if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen)) return ret; X509_ALGOR_free(ret); diff --git a/lib/libssl/src/crypto/asn1/p5_pbev2.c b/lib/libssl/src/crypto/asn1/p5_pbev2.c index 01563a68fdb..8917cc4ccfd 100644 --- a/lib/libssl/src/crypto/asn1/p5_pbev2.c +++ b/lib/libssl/src/crypto/asn1/p5_pbev2.c @@ -10,7 +10,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -86,9 +86,9 @@ IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM) * Extended version to allow application supplied PRF NID and IV. */ -X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen, - unsigned char *aiv, int prf_nid) +X509_ALGOR * +PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, unsigned char *salt, + int saltlen, unsigned char *aiv, int prf_nid) { X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL; int alg_nid, keylen; @@ -98,27 +98,30 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, ASN1_OBJECT *obj; alg_nid = EVP_CIPHER_type(cipher); - if(alg_nid == NID_undef) { + if (alg_nid == NID_undef) { ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, - ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); + ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); goto err; } obj = OBJ_nid2obj(alg_nid); - if(!(pbe2 = PBE2PARAM_new())) goto merr; + if (!(pbe2 = PBE2PARAM_new())) + goto merr; /* Setup the AlgorithmIdentifier for the encryption scheme */ scheme = pbe2->encryption; scheme->algorithm = obj; - if(!(scheme->parameter = ASN1_TYPE_new())) goto merr; + if (!(scheme->parameter = ASN1_TYPE_new())) + goto merr; /* Create random IV */ if (EVP_CIPHER_iv_length(cipher)) { if (aiv) memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher)); - else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0) - goto err; + else if (RAND_pseudo_bytes(iv, + EVP_CIPHER_iv_length(cipher)) < 0) + goto err; } EVP_CIPHER_CTX_init(&ctx); @@ -126,16 +129,16 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, /* Dummy cipherinit to just setup the IV, and PRF */ if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0)) goto err; - if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) { + if (EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) { ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, - ASN1_R_ERROR_SETTING_CIPHER_PARAMS); + ASN1_R_ERROR_SETTING_CIPHER_PARAMS); EVP_CIPHER_CTX_cleanup(&ctx); goto err; } /* If prf NID unspecified see if cipher has a preference. * An error is OK here: just means use default PRF. */ - if ((prf_nid == -1) && + if ((prf_nid == -1) && EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) { ERR_clear_error(); prf_nid = NID_hmacWithSHA1; @@ -144,7 +147,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, /* If its RC2 then we'd better setup the key length */ - if(alg_nid == NID_rc2_cbc) + if (alg_nid == NID_rc2_cbc) keylen = EVP_CIPHER_key_length(cipher); else keylen = -1; @@ -160,15 +163,17 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, /* Now set up top level AlgorithmIdentifier */ - if(!(ret = X509_ALGOR_new())) goto merr; - if(!(ret->parameter = ASN1_TYPE_new())) goto merr; + if (!(ret = X509_ALGOR_new())) + goto merr; + if (!(ret->parameter = ASN1_TYPE_new())) + goto merr; ret->algorithm = OBJ_nid2obj(NID_pbes2); /* Encode PBE2PARAM into parameter */ - if(!ASN1_item_pack(pbe2, ASN1_ITEM_rptr(PBE2PARAM), - &ret->parameter->value.sequence)) goto merr; + if (!ASN1_item_pack(pbe2, ASN1_ITEM_rptr(PBE2PARAM), + &ret->parameter->value.sequence)) goto merr; ret->parameter->type = V_ASN1_SEQUENCE; PBE2PARAM_free(pbe2); @@ -177,34 +182,35 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, return ret; merr: - ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ERR_R_MALLOC_FAILURE); - err: +err: PBE2PARAM_free(pbe2); /* Note 'scheme' is freed as part of pbe2 */ X509_ALGOR_free(kalg); X509_ALGOR_free(ret); return NULL; - } -X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen) +X509_ALGOR * +PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, unsigned char *salt, + int saltlen) { return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1); } -X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, - int prf_nid, int keylen) +X509_ALGOR * +PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, int prf_nid, + int keylen) { X509_ALGOR *keyfunc = NULL; PBKDF2PARAM *kdf = NULL; ASN1_OCTET_STRING *osalt = NULL; - if(!(kdf = PBKDF2PARAM_new())) + if (!(kdf = PBKDF2PARAM_new())) goto merr; - if(!(osalt = M_ASN1_OCTET_STRING_new())) + if (!(osalt = M_ASN1_OCTET_STRING_new())) goto merr; kdf->salt->value.octet_string = osalt; @@ -222,20 +228,20 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr; - if(iter <= 0) + if (iter <= 0) iter = PKCS5_DEFAULT_ITER; - if(!ASN1_INTEGER_set(kdf->iter, iter)) + if (!ASN1_INTEGER_set(kdf->iter, iter)) goto merr; /* If have a key len set it up */ - if(keylen > 0) { - if(!(kdf->keylength = M_ASN1_INTEGER_new())) + if (keylen > 0) { + if (!(kdf->keylength = M_ASN1_INTEGER_new())) goto merr; - if(!ASN1_INTEGER_set (kdf->keylength, keylen)) + if (!ASN1_INTEGER_set (kdf->keylength, keylen)) goto merr; - } + } /* prf can stay NULL if we are using hmacWithSHA1 */ if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) { @@ -243,7 +249,7 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, if (!kdf->prf) goto merr; X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid), - V_ASN1_NULL, NULL); + V_ASN1_NULL, NULL); } /* Finally setup the keyfunc structure */ @@ -256,11 +262,11 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, /* Encode PBKDF2PARAM into parameter of pbe2 */ - if(!(keyfunc->parameter = ASN1_TYPE_new())) + if (!(keyfunc->parameter = ASN1_TYPE_new())) goto merr; - if(!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM), - &keyfunc->parameter->value.sequence)) + if (!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM), + &keyfunc->parameter->value.sequence)) goto merr; keyfunc->parameter->type = V_ASN1_SEQUENCE; @@ -268,9 +274,8 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, return keyfunc; merr: - ASN1err(ASN1_F_PKCS5_PBKDF2_SET,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBKDF2_SET, ERR_R_MALLOC_FAILURE); PBKDF2PARAM_free(kdf); X509_ALGOR_free(keyfunc); return NULL; } - diff --git a/lib/libssl/src/crypto/asn1/p8_pkey.c b/lib/libssl/src/crypto/asn1/p8_pkey.c index c95d7e55a07..6c5577ee1e5 100644 --- a/lib/libssl/src/crypto/asn1/p8_pkey.c +++ b/lib/libssl/src/crypto/asn1/p8_pkey.c @@ -10,7 +10,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -62,16 +62,16 @@ #include /* Minor tweak to operation: zero private key data */ -static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, - void *exarg) +static int +pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { /* Since the structure must still be valid use ASN1_OP_FREE_PRE */ - if(operation == ASN1_OP_FREE_PRE) { + if (operation == ASN1_OP_FREE_PRE) { PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval; if (key->pkey->value.octet_string) - OPENSSL_cleanse(key->pkey->value.octet_string->data, - key->pkey->value.octet_string->length); -} + OPENSSL_cleanse(key->pkey->value.octet_string->data, + key->pkey->value.octet_string->length); + } return 1; } @@ -84,12 +84,12 @@ ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = { IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) -int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, - int version, - int ptype, void *pval, - unsigned char *penc, int penclen) +int +PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, int version, + int ptype, void *pval, unsigned char *penc, int penclen) { unsigned char **ppenc = NULL; + if (version >= 0) { if (!ASN1_INTEGER_set(priv->version, version)) return 0; @@ -118,14 +118,13 @@ int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, return 1; } -int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, - const unsigned char **pk, int *ppklen, - X509_ALGOR **pa, - PKCS8_PRIV_KEY_INFO *p8) +int +PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen, + X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8) { if (ppkalg) *ppkalg = p8->pkeyalg->algorithm; - if(p8->pkey->type == V_ASN1_OCTET_STRING) { + if (p8->pkey->type == V_ASN1_OCTET_STRING) { p8->broken = PKCS8_OK; if (pk) { *pk = p8->pkey->value.octet_string->data; @@ -137,11 +136,9 @@ int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, *pk = p8->pkey->value.sequence->data; *ppklen = p8->pkey->value.sequence->length; } - } - else + } else return 0; if (pa) *pa = p8->pkeyalg; return 1; } -