From 324afe4009a3b8858b80a803b4a9b4432c4c4d24 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Thu, 10 May 2007 21:37:44 +0000 Subject: [PATCH] Try both the empty password and the NULL password (nothing vs the octet string \x00\x00). git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20656 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/hx509/crypto.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/hx509/crypto.c b/lib/hx509/crypto.c index deca13e0e..4dc23f318 100644 --- a/lib/hx509/crypto.c +++ b/lib/hx509/crypto.c @@ -2143,11 +2143,13 @@ PBE_string2key(hx509_context context, const EVP_MD *md) { PKCS12_PBEParams p12params; - int passwordlen = strlen(password); + int passwordlen; hx509_crypto c; int iter, saltlen, ret; unsigned char *salt; + passwordlen = password ? strlen(password) : 0; + if (parameters == NULL) return HX509_ALG_NOT_SUPP; @@ -2164,10 +2166,6 @@ PBE_string2key(hx509_context context, salt = p12params.salt.data; saltlen = p12params.salt.length; - /* XXX It needs to be here, but why ? */ - if (passwordlen == 0) - password = NULL; - if (!PKCS12_key_gen (password, passwordlen, salt, saltlen, PKCS12_KEY_ID, iter, key->length, key->data, md)) { ret = HX509_CRYPTO_INTERNAL_ERROR; @@ -2288,8 +2286,10 @@ _hx509_pbe_decrypt(hx509_context context, if (i < pw->len) password = pw->val[i]; - else + else if (i < pw->len + 1) password = ""; + else + password = NULL; ret = (*s2k)(context, password, ai->parameters, &crypto, &key, &iv, enc_oid, md);