add padding support via hx509_crypto_set_padding

author Love Hornquist Astrand <lha@h5l.org>

Wed, 22 Sep 2010 21:41:17 +0000 (14:41 -0700)

committer Love Hornquist Astrand <lha@h5l.org>

Wed, 22 Sep 2010 21:41:17 +0000 (14:41 -0700)
author Love Hornquist Astrand <lha@h5l.org>
Wed, 22 Sep 2010 21:41:17 +0000 (14:41 -0700)
committer Love Hornquist Astrand <lha@h5l.org>
Wed, 22 Sep 2010 21:41:17 +0000 (14:41 -0700)
diff --git a/lib/hx509/crypto.c b/lib/hx509/crypto.c

index 25daa2c00be48323b308bced2868d975bce17ddc..6e4dc98bb7b160af5003a08828a37f02c1403fa5 100644 (file)
--- a/lib/hx509/crypto.c
+++ b/lib/hx509/crypto.c
@@ -2016,7 +2016,11 @@ struct hx509cipher {
  struct hx509_crypto_data {
      char *name;
      int flags;
-#define ALLOW_WEAK 1
+#define ALLOW_WEAK     1
+
+#define PADDING_NONE   2
+#define PADDING_PKCS7  4
+#define PADDING_FLAGS  (2|4)
      const struct hx509cipher *cipher;
      const EVP_CIPHER *c;
      heim_octet_string key;
@@ -2302,6 +2306,7 @@ hx509_crypto_init(hx509_context context,
         return ENOMEM;
      }
  
+    (*crypto)->flags = PADDING_PKCS7;
      (*crypto)->cipher = cipher;
      (*crypto)->c = (*cipher->evp_func)();
  
@@ -2342,9 +2347,20 @@ hx509_crypto_set_key_name(hx509_crypto crypto, const char *name)
  }
  
  void
-hx509_crypto_allow_weak(hx509_crypto crypto)
+hx509_crypto_set_padding(hx509_crypto crypto, int padding_type)
  {
-    crypto->flags |= ALLOW_WEAK;
+    switch (padding_type) {
+    case HX509_CRYPTO_PADDING_PKCS7:
+       crypto->flags &= ~PADDING_FLAGS;
+       crypto->flags |= PADDING_PKCS7;
+       break;
+    case HX509_CRYPTO_PADDING_NONE:
+       crypto->flags &= ~PADDING_FLAGS;
+       crypto->flags |= PADDING_NONE;
+       break;
+    default:
+       _hx509_abort("Invalid padding");
+    }
  }
  
  int
@@ -2560,7 +2576,7 @@ hx509_crypto_decrypt(hx509_crypto crypto,
      }
      EVP_CIPHER_CTX_cleanup(&evp);
  
-    if (EVP_CIPHER_block_size(crypto->c) > 1) {
+    if ((crypto->flags & PADDING_PKCS7) && EVP_CIPHER_block_size(crypto->c) > 1) {
         int padsize;
         unsigned char *p;
         int j, bsize = EVP_CIPHER_block_size(crypto->c);
diff --git a/lib/hx509/hx509.h b/lib/hx509/hx509.h

index fa4aa8134a27de22eed2daeae31599b2a9694d49..b6eeac9d18a2f33de8ea3417ef4e54f3bafd76d7 100644 (file)
--- a/lib/hx509/hx509.h
+++ b/lib/hx509/hx509.h
@@ -71,6 +71,11 @@ enum {
      HX509_VALIDATE_F_VERBOSE = 2
  };
  
+enum {
+    HX509_CRYPTO_PADDING_PKCS7 = 0,
+    HX509_CRYPTO_PADDING_NONE = 1
+};
+
  struct hx509_cert_attribute_data {
      heim_oid oid;
      heim_octet_string data;
diff --git a/lib/hx509/libhx509-exports.def b/lib/hx509/libhx509-exports.def

index 6d7492d3d5231f3c26db5c115e5e5c8e1e3ee7a3..9f221a07828eba0242a0d6a3b0583732f03a425b 100644 (file)
--- a/lib/hx509/libhx509-exports.def
+++ b/lib/hx509/libhx509-exports.def
@@ -127,6 +127,7 @@ EXPORTS
         hx509_crypto_select
         hx509_crypto_set_key_data
         hx509_crypto_set_key_name
+       hx509_crypto_set_padding
         hx509_crypto_set_params
         hx509_crypto_set_random_key
         hx509_env_add
diff --git a/lib/hx509/version-script.map b/lib/hx509/version-script.map

index 5aaccd4f2cca23662350d4823fe089b272c72b45..c0666d81c99ad275219f5d9574e86b5427fbb080 100644 (file)
--- a/lib/hx509/version-script.map
+++ b/lib/hx509/version-script.map
@@ -133,6 +133,7 @@ HEIMDAL_X509_1.2 {
                 hx509_crypto_select;
                 hx509_crypto_set_key_data;
                 hx509_crypto_set_key_name;
+               hx509_crypto_set_padding;
                 hx509_crypto_set_params;
                 hx509_crypto_set_random_key;
                 hx509_env_add;
author	Love Hornquist Astrand <lha@h5l.org>
	Wed, 22 Sep 2010 21:41:17 +0000 (14:41 -0700)
committer	Love Hornquist Astrand <lha@h5l.org>
	Wed, 22 Sep 2010 21:41:17 +0000 (14:41 -0700)
lib/hx509/crypto.c		patch \| blob \| history
lib/hx509/hx509.h		patch \| blob \| history
lib/hx509/libhx509-exports.def		patch \| blob \| history
lib/hx509/version-script.map		patch \| blob \| history