Google Git
Sign in
pigweed / third_party / boringssl / boringssl / 4dcb05729fc4e0ea93326805bc5ddc2c2953530f^! / .
commit4dcb05729fc4e0ea93326805bc5ddc2c2953530f[log] [tgz]
authorEric Roman <eroman@chromium.org>Tue Jan 20 12:19:13 2015 -0800
committerAdam Langley <agl@google.com>Tue Jan 20 23:44:05 2015 +0000
tree2deb36e13f9652b763211d0943f29378862c00f7
parent25bde4c1f9b025deedfd3e70bf3f6f7f7694405e [diff]
Remove support for passing a C-String to PKCS5_PBKDF2_HMAC*().

Before it was possible to pass a NULL-terminated C-string to the PBKDF2
functions, and indicate the parameter was a C-string by passing a length
of -1.

This is not relied on anywhere in the BoringSSL code, and the API contract is
possible to misuse as it is not the common way of doing things.

(A problem would arise when passing in a large unsigned length that
subsequently gets interpreted as -1).

Change-Id: Ifbd31ff76e183fa74e9fa346908daf4bfb8fc3da
Reviewed-on: https://boringssl-review.googlesource.com/2953
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/crypto/evp/pbkdf.c b/crypto/evp/pbkdf.c
index 4ab10f4..4a18b08 100644
--- a/crypto/evp/pbkdf.c
+++ b/crypto/evp/pbkdf.c

@@ -58,7 +58,7 @@
 #include <openssl/hmac.h>
 
 
-int PKCS5_PBKDF2_HMAC(const char *password, int password_len,
+int PKCS5_PBKDF2_HMAC(const char *password, size_t password_len,
                       const uint8_t *salt, size_t salt_len, unsigned iterations,
                       const EVP_MD *digest, size_t key_len, uint8_t *out_key) {
   uint8_t digest_tmp[EVP_MAX_MD_SIZE], *p, itmp[4];
@@ -71,13 +71,6 @@
   HMAC_CTX_init(&hctx_tpl);
   p = out_key;
   tkeylen = key_len;
-  if (password == NULL) {
-    password_len = 0;
-  } else if (password_len == -1) {
-    /* TODO(fork): remove this hack. The OpenSSL code took the strlen when the
-     * length is given as -1. */
-    password_len = strlen(password);
-  }
   if (!HMAC_Init_ex(&hctx_tpl, password, password_len, digest, NULL)) {
     HMAC_CTX_cleanup(&hctx_tpl);
     return 0;
@@ -131,7 +124,7 @@
   return 1;
 }
 
-int PKCS5_PBKDF2_HMAC_SHA1(const char *password, int password_len,
+int PKCS5_PBKDF2_HMAC_SHA1(const char *password, size_t password_len,
                            const uint8_t *salt, size_t salt_len,
                            unsigned iterations, size_t key_len,
                            uint8_t *out_key) {

diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 4859b8a..39da689 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h

@@ -398,7 +398,7 @@
 /* PKCS5_PBKDF2_HMAC computes |iterations| iterations of PBKDF2 of |password|
  * and |salt|, using |digest|, and outputs |key_len| bytes to |out_key|. It
  * returns one on success and zero on error. */
-OPENSSL_EXPORT int PKCS5_PBKDF2_HMAC(const char *password, int password_len,
+OPENSSL_EXPORT int PKCS5_PBKDF2_HMAC(const char *password, size_t password_len,
                                      const uint8_t *salt, size_t salt_len,
                                      unsigned iterations, const EVP_MD *digest,
                                      size_t key_len, uint8_t *out_key);
@@ -406,7 +406,7 @@
 /* PKCS5_PBKDF2_HMAC_SHA1 is the same as PKCS5_PBKDF2_HMAC, but with |digest|
  * fixed to |EVP_sha1|. */
 OPENSSL_EXPORT int PKCS5_PBKDF2_HMAC_SHA1(const char *password,
-                                          int password_len, const uint8_t *salt,
+                                          size_t password_len, const uint8_t *salt,
                                           size_t salt_len, unsigned iterations,
                                           size_t key_len, uint8_t *out_key);