commit 9b5e88561167529bd41cbf1db3e1d7f3e5173d22
author Paul Bakker <p.j.bakker@polarssl.org> Fri Jun 28 16:12:50 2013 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Fri Jun 28 16:12:50 2013 +0200
tree 9b3e16f43d1f77e70d2f0e80918bda2779bf5a51
parent 6d72f33441caa503173b1d10dfe6216b59b5e783

PKCS#5 PBES2 now uses OID database for algorithm detection

library/oid.c

diff --git a/library/oid.c b/library/oid.c
index a280070..371d1ba 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -30,7 +30,6 @@
 #if defined(POLARSSL_OID_C)
 
 #include "polarssl/oid.h"
-#include "polarssl/md.h"
 #include "polarssl/rsa.h"
 
 #include <stdio.h>
@@ -202,6 +201,30 @@
 };
 
 /*
+ * For PKCS#5 PBES2 encryption algorithm
+ */
+typedef struct {
+    oid_descriptor_t    descriptor;
+    cipher_type_t       cipher_alg;
+} oid_cipher_alg_t;
+
+static const oid_cipher_alg_t oid_cipher_alg[] =
+{
+    {
+        { OID_DES_CBC,              "desCBC",       "DES-CBC" },
+        POLARSSL_CIPHER_DES_CBC,
+    },
+    {
+        { OID_DES_EDE3_CBC,         "des-ede3-cbc", "DES-EDE3-CBC" },
+        POLARSSL_CIPHER_DES_EDE3_CBC,
+    },
+    {
+        { NULL, NULL, NULL },
+        0,
+    },
+};
+
+/*
  * For digestAlgorithm
  */
 typedef struct {
@@ -452,6 +475,14 @@
                                 oid );
 }
 
+static const oid_cipher_alg_t *oid_cipher_alg_from_asn1( const asn1_buf *oid )
+{
+    return (const oid_cipher_alg_t *) oid_descriptor_from_asn1(
+                                oid_cipher_alg,
+                                sizeof(oid_cipher_alg_t),
+                                oid );
+}
+
 int oid_get_attr_short_name( const asn1_buf *oid, const char **short_name )
 {
     const oid_x520_attr_t *data = oid_x520_attr_from_asn1( oid );
@@ -554,4 +585,17 @@
     return( POLARSSL_ERR_OID_NOT_FOUND );
 }
 
+int oid_get_cipher_alg( const asn1_buf *oid,
+                        cipher_type_t *cipher_alg )
+{
+    const oid_cipher_alg_t *data = oid_cipher_alg_from_asn1( oid );
+
+    if( data == NULL )
+        return( POLARSSL_ERR_OID_NOT_FOUND );
+
+    *cipher_alg = data->cipher_alg;
+
+    return( 0 );
+}
+
 #endif /* POLARSSL_OID_C */

library/pkcs5.c

diff --git a/library/pkcs5.c b/library/pkcs5.c
index fa91115..c41927b 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c
@@ -40,6 +40,7 @@
 #include "polarssl/pkcs5.h"
 #include "polarssl/asn1.h"
 #include "polarssl/cipher.h"
+#include "polarssl/oid.h"
 
 static int pkcs5_parse_pbkdf2_params( unsigned char **p,
                                       const unsigned char *end,
@@ -117,6 +118,7 @@
     const md_info_t *md_info;
     const cipher_info_t *cipher_info;
     md_context_t md_ctx;
+    cipher_type_t cipher_alg;
     cipher_context_t cipher_ctx;
 
     p = pbe_params->p;
@@ -178,21 +180,10 @@
     enc_scheme_oid.p = p;
     p += enc_scheme_oid.len;
 
-#if defined(POLARSSL_DES_C)
-    // Only DES-CBC and DES-EDE3-CBC supported at the moment
-    //
-    if( OID_CMP( OID_DES_EDE3_CBC, &enc_scheme_oid ) )
-    {
-        cipher_info = cipher_info_from_type( POLARSSL_CIPHER_DES_EDE3_CBC );
-    }
-    else if( OID_CMP( OID_DES_CBC, &enc_scheme_oid ) )
-    {
-        cipher_info = cipher_info_from_type( POLARSSL_CIPHER_DES_CBC );
-    }
-    else
-#endif /* POLARSSL_DES_C */
+    if ( oid_get_cipher_alg( &enc_scheme_oid, &cipher_alg ) != 0 )
         return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE );
 
+    cipher_info = cipher_info_from_type( cipher_alg );
     if( cipher_info == NULL )
         return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE );