diff options
author | Jack Lloyd <[email protected]> | 2018-05-22 11:04:15 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-05-22 11:04:15 -0400 |
commit | 3789138906cecbcc5e33bb0d5784e6b576171080 (patch) | |
tree | 147c442020bec8ad6effe62727fdb6b300d0f7f7 /src/lib/pubkey/pbes2 | |
parent | cd0bcd90817ece3e4fcba32e06a372580bbe3008 (diff) |
DER improvements
Let DER_Encoder write to a user specified vector instead of only to an
internal vector. This allows encoding to a std::vector without having
to first write to a locked vector and then copying out the result.
Add ASN1_Object::BER_encode convenience method. Replaces
X509_Object::BER_encode which had the same logic but was restricted to
a subtype. This replaces many cases where DER_Encoder was just used
to encode a single object (X509_DN, AlgorithmIdentifier, etc).
Diffstat (limited to 'src/lib/pubkey/pbes2')
-rw-r--r-- | src/lib/pubkey/pbes2/pbes2.cpp | 35 |
1 files changed, 18 insertions, 17 deletions
diff --git a/src/lib/pubkey/pbes2/pbes2.cpp b/src/lib/pubkey/pbes2/pbes2.cpp index e7bdf96ec..a6590938a 100644 --- a/src/lib/pubkey/pbes2/pbes2.cpp +++ b/src/lib/pubkey/pbes2/pbes2.cpp @@ -29,29 +29,30 @@ std::vector<uint8_t> encode_pbes2_params(const std::string& cipher, size_t iterations, size_t key_length) { - return DER_Encoder() + std::vector<uint8_t> output; + + std::vector<uint8_t> pbkdf2_params; + + DER_Encoder(pbkdf2_params) .start_cons(SEQUENCE) - .encode( - AlgorithmIdentifier("PKCS5.PBKDF2", - DER_Encoder() - .start_cons(SEQUENCE) - .encode(salt, OCTET_STRING) - .encode(iterations) - .encode(key_length) - .encode_if( - prf != "HMAC(SHA-160)", - AlgorithmIdentifier(prf, AlgorithmIdentifier::USE_NULL_PARAM)) - .end_cons() - .get_contents_unlocked() - ) - ) + .encode(salt, OCTET_STRING) + .encode(iterations) + .encode(key_length) + .encode_if(prf != "HMAC(SHA-160)", + AlgorithmIdentifier(prf, AlgorithmIdentifier::USE_NULL_PARAM)) + .end_cons(); + + DER_Encoder(output) + .start_cons(SEQUENCE) + .encode(AlgorithmIdentifier("PKCS5.PBKDF2", pbkdf2_params)) .encode( AlgorithmIdentifier(cipher, DER_Encoder().encode(iv, OCTET_STRING).get_contents_unlocked() ) ) - .end_cons() - .get_contents_unlocked(); + .end_cons(); + + return output; } /* |