PKCS#12: added support for files with zero salt length in MAC

Resolves #191
Resolves #190

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

2 files changed, 19 insertions, 21 deletions

diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c
index 2e52ee9c41..457a673df8 100644
--- a/lib/x509/pkcs12.c
+++ b/lib/x509/pkcs12.c
@@ -1,6 +1,7 @@
 /*
  * Copyright (C) 2003-2012 Free Software Foundation, Inc.
  * Copyright (C) 2012 Nikos Mavrogiannopoulos
+ * Copyright (C) 2017 Red Hat, Inc.
  *
  * Author: Nikos Mavrogiannopoulos
  *
@@ -1061,7 +1062,7 @@ int gnutls_pkcs12_verify_mac(gnutls_pkcs12_t pkcs12, const char *pass)
 	/* Read the salt from the structure.
 	 */
 	result =
-	    _gnutls_x509_read_value(pkcs12->pkcs12, "macData.macSalt",
+	    _gnutls_x509_read_null_value(pkcs12->pkcs12, "macData.macSalt",
 				    &salt);
 	if (result < 0) {
 		gnutls_assert();
@@ -1897,7 +1898,7 @@ gnutls_pkcs12_mac_info(gnutls_pkcs12_t pkcs12, unsigned int *mac,
 		/* Read the salt from the structure.
 		 */
 		ret =
-		    _gnutls_x509_read_value(pkcs12->pkcs12, "macData.macSalt",
+		    _gnutls_x509_read_null_value(pkcs12->pkcs12, "macData.macSalt",
 					    &dsalt);
 		if (ret < 0) {
 			gnutls_assert();
@@ -1906,7 +1907,8 @@ gnutls_pkcs12_mac_info(gnutls_pkcs12_t pkcs12, unsigned int *mac,
 
 		if (*salt_size >= (unsigned)dsalt.size) {
 			*salt_size = dsalt.size;
-			memcpy(salt, dsalt.data, dsalt.size);
+			if (dsalt.size > 0)
+				memcpy(salt, dsalt.data, dsalt.size);
 		} else {
 			*salt_size = dsalt.size;
 			return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
diff --git a/lib/x509/pkcs12_encr.c b/lib/x509/pkcs12_encr.c
index b649b0e7ad..d3e8a59305 100644
--- a/lib/x509/pkcs12_encr.c
+++ b/lib/x509/pkcs12_encr.c
@@ -1,6 +1,7 @@
 /* minip12.c - A mini pkcs-12 implementation (modified for gnutls)
  *
  * Copyright (C) 2002-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
  *
  * This file is part of GnuTLS.
  *
@@ -52,7 +53,8 @@ _gnutls_pkcs12_string_to_key(const mac_entry_st * me,
 	uint8_t hash[MAX_HASH_SIZE], buf_b[64], buf_i[MAX_PASS_LEN + 64], *p;
 	uint8_t d[64];
 	size_t cur_keylen;
-	size_t n, m, p_size, i_size;
+	size_t n, m, plen, i_size;
+	size_t slen;
 	gnutls_datum_t ucs2 = {NULL, 0};
 	unsigned mac_len;
 	const uint8_t buf_512[] =	/* 2^64 */
@@ -104,25 +106,21 @@ _gnutls_pkcs12_string_to_key(const mac_entry_st * me,
 	}
 
 	/* Store salt and password in BUF_I */
-	p_size = ((pwlen / 64) * 64) + 64;
+	slen = ((salt_size+63)/64) * 64;
+	plen = ((pwlen+63)/64) * 64;
+	i_size = slen + plen;
 
-	if (p_size > sizeof(buf_i) - 64) {
+	if (i_size > sizeof(buf_i)) {
 		rc = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
 		goto cleanup;
 	}
 
-
-	if (salt_size > 0) {
-		p = buf_i;
-		for (i = 0; i < 64; i++)
-			*p++ = salt[i % salt_size];
-	} else {
-		memset(buf_i, 0, 64);
-		p = buf_i + 64;
-	}
+	p = buf_i;
+	for (i = 0; i < slen; i++)
+		*p++ = salt[i % salt_size];
 
 	if (pw) {
-		for (i = j = 0; i < p_size; i += 2) {
+		for (i = j = 0; i < plen; i += 2) {
 			*p++ = pw[j];
 			*p++ = pw[j+1];
 			j+=2;
@@ -130,12 +128,10 @@ _gnutls_pkcs12_string_to_key(const mac_entry_st * me,
 				j = 0;
 		}
 	} else {
-		memset(p, 0, p_size);
+		memset(p, 0, plen);
 	}
 
-	i_size = 64 + p_size;
 	mac_len = _gnutls_mac_get_algo_len(me);
-
 	assert(mac_len != 0);
 
 	for (;;) {
@@ -146,7 +142,7 @@ _gnutls_pkcs12_string_to_key(const mac_entry_st * me,
 		}
 		memset(d, id & 0xff, 64);
 		_gnutls_hash(&md, d, 64);
-		_gnutls_hash(&md, buf_i, pw ? i_size : 64);
+		_gnutls_hash(&md, buf_i, i_size);
 		_gnutls_hash_deinit(&md, hash);
 		for (i = 1; i < iter; i++) {
 			rc = _gnutls_hash_fast((gnutls_digest_algorithm_t)me->id,
@@ -179,7 +175,7 @@ _gnutls_pkcs12_string_to_key(const mac_entry_st * me,
 			goto cleanup;
 		}
 
-		for (i = 0; i < 128; i += 64) {
+		for (i = 0; i < i_size; i += 64) {
 			n = 64;
 			rc = _gnutls_mpi_init_scan(&num_ij, buf_i + i, n);
 			if (rc < 0) {