aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/pbes2
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2018-05-22 11:04:15 -0400
committerJack Lloyd <[email protected]>2018-05-22 11:04:15 -0400
commit3789138906cecbcc5e33bb0d5784e6b576171080 (patch)
tree147c442020bec8ad6effe62727fdb6b300d0f7f7 /src/lib/pubkey/pbes2
parentcd0bcd90817ece3e4fcba32e06a372580bbe3008 (diff)
DER improvements
Let DER_Encoder write to a user specified vector instead of only to an internal vector. This allows encoding to a std::vector without having to first write to a locked vector and then copying out the result. Add ASN1_Object::BER_encode convenience method. Replaces X509_Object::BER_encode which had the same logic but was restricted to a subtype. This replaces many cases where DER_Encoder was just used to encode a single object (X509_DN, AlgorithmIdentifier, etc).
Diffstat (limited to 'src/lib/pubkey/pbes2')
-rw-r--r--src/lib/pubkey/pbes2/pbes2.cpp35
1 files changed, 18 insertions, 17 deletions
diff --git a/src/lib/pubkey/pbes2/pbes2.cpp b/src/lib/pubkey/pbes2/pbes2.cpp
index e7bdf96ec..a6590938a 100644
--- a/src/lib/pubkey/pbes2/pbes2.cpp
+++ b/src/lib/pubkey/pbes2/pbes2.cpp
@@ -29,29 +29,30 @@ std::vector<uint8_t> encode_pbes2_params(const std::string& cipher,
size_t iterations,
size_t key_length)
{
- return DER_Encoder()
+ std::vector<uint8_t> output;
+
+ std::vector<uint8_t> pbkdf2_params;
+
+ DER_Encoder(pbkdf2_params)
.start_cons(SEQUENCE)
- .encode(
- AlgorithmIdentifier("PKCS5.PBKDF2",
- DER_Encoder()
- .start_cons(SEQUENCE)
- .encode(salt, OCTET_STRING)
- .encode(iterations)
- .encode(key_length)
- .encode_if(
- prf != "HMAC(SHA-160)",
- AlgorithmIdentifier(prf, AlgorithmIdentifier::USE_NULL_PARAM))
- .end_cons()
- .get_contents_unlocked()
- )
- )
+ .encode(salt, OCTET_STRING)
+ .encode(iterations)
+ .encode(key_length)
+ .encode_if(prf != "HMAC(SHA-160)",
+ AlgorithmIdentifier(prf, AlgorithmIdentifier::USE_NULL_PARAM))
+ .end_cons();
+
+ DER_Encoder(output)
+ .start_cons(SEQUENCE)
+ .encode(AlgorithmIdentifier("PKCS5.PBKDF2", pbkdf2_params))
.encode(
AlgorithmIdentifier(cipher,
DER_Encoder().encode(iv, OCTET_STRING).get_contents_unlocked()
)
)
- .end_cons()
- .get_contents_unlocked();
+ .end_cons();
+
+ return output;
}
/*