struct hx509_crypto_data {
char *name;
int flags;
-#define ALLOW_WEAK 1
+#define ALLOW_WEAK 1
+
+#define PADDING_NONE 2
+#define PADDING_PKCS7 4
+#define PADDING_FLAGS (2|4)
const struct hx509cipher *cipher;
const EVP_CIPHER *c;
heim_octet_string key;
return ENOMEM;
}
+ (*crypto)->flags = PADDING_PKCS7;
(*crypto)->cipher = cipher;
(*crypto)->c = (*cipher->evp_func)();
}
void
-hx509_crypto_allow_weak(hx509_crypto crypto)
+hx509_crypto_set_padding(hx509_crypto crypto, int padding_type)
{
- crypto->flags |= ALLOW_WEAK;
+ switch (padding_type) {
+ case HX509_CRYPTO_PADDING_PKCS7:
+ crypto->flags &= ~PADDING_FLAGS;
+ crypto->flags |= PADDING_PKCS7;
+ break;
+ case HX509_CRYPTO_PADDING_NONE:
+ crypto->flags &= ~PADDING_FLAGS;
+ crypto->flags |= PADDING_NONE;
+ break;
+ default:
+ _hx509_abort("Invalid padding");
+ }
}
int
}
EVP_CIPHER_CTX_cleanup(&evp);
- if (EVP_CIPHER_block_size(crypto->c) > 1) {
+ if ((crypto->flags & PADDING_PKCS7) && EVP_CIPHER_block_size(crypto->c) > 1) {
int padsize;
unsigned char *p;
int j, bsize = EVP_CIPHER_block_size(crypto->c);
HX509_VALIDATE_F_VERBOSE = 2
};
+enum {
+ HX509_CRYPTO_PADDING_PKCS7 = 0,
+ HX509_CRYPTO_PADDING_NONE = 1
+};
+
struct hx509_cert_attribute_data {
heim_oid oid;
heim_octet_string data;