[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CSM_Free3::GeneratePBEKey



Hi,

I want to know if this function is supposed to be compatible with PKCS-5
????

If yes, it have a small bug.

This the code now :

CSM_Buffer* CSM_Free3::GeneratePBEKey(CSM_Buffer *pbufSalt, int nIterCount,
                                     char *pszPassword)
{
.....
   CSM_OID o(md5);
.....
   int temp = strlen(pszPassword);;
   if (temp > (16)) //pbufSalt->Length()))
      temp = 16; //pbufSalt->Length();
   SME(pK->Write(pszPassword, temp));
   if (16-temp > 0)
   {
      SME(pK->Write(pbufSalt->Access(),
         16-temp)); //pbufSalt->Length()))
   }
    //  SME(pK->Write(pbufSalt->Access(),
        // )); //pbufSalt->Length()));

#ifdef NODEF
   SME(pK->Write(pszPassword, strlen(pszPassword)));
   SME(pK->Write(pbufSalt->Access(),
         pbufSalt->Length()));
#endif
.....
   // at this point, pK has the key, delete Temp
   delete (pTemp);
.....
}


There is the correction :

CSM_Buffer* CSM_Free3::GeneratePBEKey(CSM_Buffer *pbufSalt, int nIterCount,
char *pszPassword, AsnOid hashOid, int nKeyLength)
{
     .....
     CSM_OID o(hashOid);
     .....
     if ( o == md5)
          if (nKeyLength > 16)
               SME_THROW(???????????);
     else if (0 = sha1)
          if (nKeyLength > 20)
               SME_THROW(???????????);
     else
          SME_THROW(???????????);

     int temp = strlen(pszPassword);
     SME(pK->Write(pszPassword, temp));
     SME(pK->Write(pbufSalt->Access(), pbufSalt->Length()));
     .....
     if (pTemp)
          delete (pTemp);
     pTemp = new CSM_Buffer();
     pTemp->Set(pK->Access(), nKeyLength);
     pK = pTemp;
     .....
}



Thanks.
**************************************************************************
Eric Boudreault
------------------------------------------------
Programmeur
------------------------------------------------
Motus Technologies
390, St-Vallier Est
Bureau 100
Québec, Qc
G1K 3P6
Tél.: 521-2100  ext.#242
Fax.: 521-2101
courriel: eboudreault@xxxxxxxxx
**************************************************************************