Make PKCS#12 code handle missing passwords.

Add a couple of FAQs.

3 files changed, 31 insertions, 14 deletions

diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
index b364671..743b5bd 100644
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -74,25 +74,30 @@ void h__dump (unsigned char *p, int len);
 #define min(a,b) ((a) < (b) ? (a) : (b))
 #endif
 
-int PKCS12_key_gen_asc (const char *pass, int passlen, unsigned char *salt,
+int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
 	     int saltlen, int id, int iter, int n, unsigned char *out,
 	     const EVP_MD *md_type)
 {
 	int ret;
 	unsigned char *unipass;
 	int uniplen;
-	if (!asc2uni (pass, &unipass, &uniplen)) {
+	if(!pass) {
+		unipass = NULL;
+		uniplen = 0;
+	} else if (!asc2uni(pass, &unipass, &uniplen)) {
 		PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE);
 		return 0;
 	}
-	ret = PKCS12_key_gen_uni (unipass, uniplen, salt, saltlen,
+	ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
 						 id, iter, n, out, md_type);
-	memset(unipass, 0, uniplen);	/* Clear password from memory */
-	Free(unipass);
+	if(unipass) {
+		memset(unipass, 0, uniplen);	/* Clear password from memory */
+		Free(unipass);
+	}
 	return ret;
 }
 
-int PKCS12_key_gen_uni (unsigned char *pass, int passlen, unsigned char *salt,
+int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
 	     int saltlen, int id, int iter, int n, unsigned char *out,
 	     const EVP_MD *md_type)
 {
@@ -106,10 +111,12 @@ int PKCS12_key_gen_uni (unsigned char *pass, int passlen, unsigned char *salt,
 	int tmpn = n;
 #endif
 
+#if 0
 	if (!pass) {
 		PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_PASSED_NULL_PARAMETER);
 		return 0;
 	}
+#endif
 
 #ifdef  DEBUG_KEYGEN
 	fprintf(stderr, "KEYGEN DEBUG\n");
@@ -125,7 +132,8 @@ int PKCS12_key_gen_uni (unsigned char *pass, int passlen, unsigned char *salt,
 	Ai = Malloc (u);
 	B = Malloc (v + 1);
 	Slen = v * ((saltlen+v-1)/v);
-	Plen = v * ((passlen+v-1)/v);
+	if(passlen) Plen = v * ((passlen+v-1)/v);
+	else Plen = 0;
 	Ilen = Slen + Plen;
 	I = Malloc (Ilen);
 	Ij = BN_new();
diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c
index ee257ff..61c865b 100644
--- a/crypto/pkcs12/p12_kiss.c
+++ b/crypto/pkcs12/p12_kiss.c
@@ -106,11 +106,23 @@ int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
 
 	/* Check the mac */
 
-	if (!PKCS12_verify_mac (p12, pass, -1))
-		{
+	/* If password is zero length or NULL then try verifying both cases
+	 * to determine which password is correct. The reason for this is that
+	 * under PKCS#12 password based encryption no password and a zero length
+	 * password are two different things...
+	 */
+
+	if(!pass || !*pass) {
+		if(PKCS12_verify_mac(p12, NULL, 0)) pass = NULL;
+		else if(PKCS12_verify_mac(p12, "", 0)) pass = "";
+		else {
+			PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_MAC_VERIFY_FAILURE);
+			goto err;
+		}
+	} else if (!PKCS12_verify_mac(p12, pass, -1)) {
 		PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_MAC_VERIFY_FAILURE);
 		goto err;
-		}
+	}
 
 	if (!parse_pk12 (p12, pass, -1, pkey, cert, ca))
 		{
diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c
index 369257e..a335a7b 100644
--- a/crypto/pkcs12/p12_mutl.c
+++ b/crypto/pkcs12/p12_mutl.c
@@ -106,10 +106,7 @@ int PKCS12_verify_mac (PKCS12 *p12, const char *pass, int passlen)
 		return 0;
 	}
 	if ((maclen != (unsigned int)p12->mac->dinfo->digest->length)
-	|| memcmp (mac, p12->mac->dinfo->digest->data, maclen)) {
-		PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_VERIFY_ERROR);
-		return 0;
-	}
+	|| memcmp (mac, p12->mac->dinfo->digest->data, maclen)) return 0;
 	return 1;
 }