[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Patch for PKCS#12 files without passwords
The attached patch enables PKCS#12 files without passwords to be used
with the sm_free3 CTIL in SFL release 2.3. Please could this feature be
incorporated in the next SFL release.
--
John Stark
Tel: +44 1223 566732
Mobile: +44 7968 110628
E-mail: jas@xxxxxxxxxxxx
Web: http://www.metanate.com
*** sm_free3Internal.cpp 9 Mar 2004 13:33:37 -0000 1.1.1.1
--- sm_free3Internal.cpp 19 Mar 2004 18:29:20 -0000
***************
*** 1,4 ****
-
//////////////////////////////////////////////////////////////////////////
// sm_Free3Internal.cpp
//
--- 1,3 ----
***************
*** 445,451 ****
--- 444,453 ----
char *pID=(char *)calloc(1, lBlockSize);
memset(pID, iID, lBlockSize);
for (i = 0; i < lBlockSize; i++) *ptr2++ = pSalt[i % pbufSalt->Length()];
+ // JAS: only do this if password is non-empty, else leave clear.
+ if (lPassword)
for (i = 0; i < lBlockSize; i++) *ptr2++ = pszPassword[i % lPassword];
+
if ((pKOut = new CSM_Buffer) == NULL)
SME_THROW(SM_MEMORY_ERROR, "memory", NULL);
***************
*** 565,571 ****
SME_SETUP("CSM_Free3::DecryptPKCS12PrivateKey");
! if ((pEncryptedPrivateKeyInfo == NULL) || (pszPassword == NULL))
SME_THROW(SM_MISSING_PARAM, "MISSING PARAMS", NULL);
DECODE_BUF(&Pfx, pEncryptedPrivateKeyInfo);
--- 567,575 ----
SME_SETUP("CSM_Free3::DecryptPKCS12PrivateKey");
! // JAS: allow empty password
! if (pszPassword == NULL) pszPassword = "";
! if ((pEncryptedPrivateKeyInfo == NULL))
SME_THROW(SM_MISSING_PARAM, "MISSING PARAMS", NULL);
DECODE_BUF(&Pfx, pEncryptedPrivateKeyInfo);
***************
*** 969,987 ****
int iLength = 20;
int iPBEKeyBits=SM_FREE_RC2_DEFAULT_PBE_KEYBITS;
EncryptedContentInfo snaccEncryptedCI;
- char *pszPassword=NULL;
- long lPassword2=(strlen(pszPasswordIn)+1)*2;
long lRequestedLength=0;
CSM_Buffer *pbufOut=NULL;
SME_SETUP("CSM_Free3::DecryptPKCS12Blob");
! if (pszPasswordIn == NULL)
SME_THROW(SM_MISSING_PARAM, "MISSING PARAMS", NULL);
!
! pszPassword=(char *)calloc(1, lPassword2);
! for (int iii=0; iii < strlen(pszPasswordIn); iii++)
pszPassword[iii*2+1] = pszPasswordIn[iii];
if (EncryptionAlgorithm.algorithm != pbewithSHAAnd40BitRC2_CBC &&
EncryptionAlgorithm.algorithm != pbeWithSHAAnd3_KeyTripleDES_CBC)
--- 973,1002 ----
int iLength = 20;
int iPBEKeyBits=SM_FREE_RC2_DEFAULT_PBE_KEYBITS;
EncryptedContentInfo snaccEncryptedCI;
long lRequestedLength=0;
+ char *pszPassword=NULL;
CSM_Buffer *pbufOut=NULL;
SME_SETUP("CSM_Free3::DecryptPKCS12Blob");
! // JAS: allow empty password.
! long lPassword2;
! if (pszPasswordIn == NULL || !*pszPasswordIn)
! {
! #if 0
SME_THROW(SM_MISSING_PARAM, "MISSING PARAMS", NULL);
! #endif
! lPassword2 = 2;
! pszPassword = (char *)calloc(1, 2);
! }
! else
! {
! // Create Unicode, null-terminated string.
! lPassword2=(strlen(pszPasswordIn)+1)*2;
! pszPassword=(char *)calloc(1, lPassword2);
! for (int iii=0; iii < strlen(pszPasswordIn); iii++)
pszPassword[iii*2+1] = pszPasswordIn[iii];
+ }
if (EncryptionAlgorithm.algorithm != pbewithSHAAnd40BitRC2_CBC &&
EncryptionAlgorithm.algorithm != pbeWithSHAAnd3_KeyTripleDES_CBC)
***************
*** 1671,1676 ****
--- 1686,1693 ----
} // END if status
#endif
+ // JAS: allow empty password
+ if (pszINPassword == NULL) pszINPassword = "";
if (strlen(pszINPassword) < 8) // IMPORTANT, change ONLY after PKCS12
{ // extracted.
pszPassword = (char *)calloc(1, 9);