1 | /* |
2 | * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at |
7 | * https://www.openssl.org/source/license.html |
8 | */ |
9 | |
10 | #include <stdio.h> |
11 | #include "internal/cryptlib.h" |
12 | #include <openssl/x509.h> |
13 | #include <openssl/objects.h> |
14 | #include <openssl/evp.h> |
15 | #include <openssl/ui.h> |
16 | |
17 | #ifndef BUFSIZ |
18 | # define BUFSIZ 256 |
19 | #endif |
20 | |
21 | /* should be init to zeros. */ |
22 | static char prompt_string[80]; |
23 | |
24 | void EVP_set_pw_prompt(const char *prompt) |
25 | { |
26 | if (prompt == NULL) |
27 | prompt_string[0] = '\0'; |
28 | else { |
29 | strncpy(prompt_string, prompt, 79); |
30 | prompt_string[79] = '\0'; |
31 | } |
32 | } |
33 | |
34 | char *EVP_get_pw_prompt(void) |
35 | { |
36 | if (prompt_string[0] == '\0') |
37 | return NULL; |
38 | else |
39 | return prompt_string; |
40 | } |
41 | |
42 | /* |
43 | * For historical reasons, the standard function for reading passwords is in |
44 | * the DES library -- if someone ever wants to disable DES, this function |
45 | * will fail |
46 | */ |
47 | int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) |
48 | { |
49 | return EVP_read_pw_string_min(buf, 0, len, prompt, verify); |
50 | } |
51 | |
52 | int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, |
53 | int verify) |
54 | { |
55 | int ret = -1; |
56 | char buff[BUFSIZ]; |
57 | UI *ui; |
58 | |
59 | if ((prompt == NULL) && (prompt_string[0] != '\0')) |
60 | prompt = prompt_string; |
61 | ui = UI_new(); |
62 | if (ui == NULL) |
63 | return ret; |
64 | if (UI_add_input_string(ui, prompt, 0, buf, min, |
65 | (len >= BUFSIZ) ? BUFSIZ - 1 : len) < 0 |
66 | || (verify |
67 | && UI_add_verify_string(ui, prompt, 0, buff, min, |
68 | (len >= BUFSIZ) ? BUFSIZ - 1 : len, |
69 | buf) < 0)) |
70 | goto end; |
71 | ret = UI_process(ui); |
72 | OPENSSL_cleanse(buff, BUFSIZ); |
73 | end: |
74 | UI_free(ui); |
75 | return ret; |
76 | } |
77 | |
78 | int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, |
79 | const unsigned char *salt, const unsigned char *data, |
80 | int datal, int count, unsigned char *key, |
81 | unsigned char *iv) |
82 | { |
83 | EVP_MD_CTX *c; |
84 | unsigned char md_buf[EVP_MAX_MD_SIZE]; |
85 | int niv, nkey, addmd = 0; |
86 | unsigned int mds = 0, i; |
87 | int rv = 0; |
88 | nkey = EVP_CIPHER_key_length(type); |
89 | niv = EVP_CIPHER_iv_length(type); |
90 | OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH); |
91 | OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH); |
92 | |
93 | if (data == NULL) |
94 | return nkey; |
95 | |
96 | c = EVP_MD_CTX_new(); |
97 | if (c == NULL) |
98 | goto err; |
99 | for (;;) { |
100 | if (!EVP_DigestInit_ex(c, md, NULL)) |
101 | goto err; |
102 | if (addmd++) |
103 | if (!EVP_DigestUpdate(c, &(md_buf[0]), mds)) |
104 | goto err; |
105 | if (!EVP_DigestUpdate(c, data, datal)) |
106 | goto err; |
107 | if (salt != NULL) |
108 | if (!EVP_DigestUpdate(c, salt, PKCS5_SALT_LEN)) |
109 | goto err; |
110 | if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds)) |
111 | goto err; |
112 | |
113 | for (i = 1; i < (unsigned int)count; i++) { |
114 | if (!EVP_DigestInit_ex(c, md, NULL)) |
115 | goto err; |
116 | if (!EVP_DigestUpdate(c, &(md_buf[0]), mds)) |
117 | goto err; |
118 | if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds)) |
119 | goto err; |
120 | } |
121 | i = 0; |
122 | if (nkey) { |
123 | for (;;) { |
124 | if (nkey == 0) |
125 | break; |
126 | if (i == mds) |
127 | break; |
128 | if (key != NULL) |
129 | *(key++) = md_buf[i]; |
130 | nkey--; |
131 | i++; |
132 | } |
133 | } |
134 | if (niv && (i != mds)) { |
135 | for (;;) { |
136 | if (niv == 0) |
137 | break; |
138 | if (i == mds) |
139 | break; |
140 | if (iv != NULL) |
141 | *(iv++) = md_buf[i]; |
142 | niv--; |
143 | i++; |
144 | } |
145 | } |
146 | if ((nkey == 0) && (niv == 0)) |
147 | break; |
148 | } |
149 | rv = EVP_CIPHER_key_length(type); |
150 | err: |
151 | EVP_MD_CTX_free(c); |
152 | OPENSSL_cleanse(md_buf, sizeof(md_buf)); |
153 | return rv; |
154 | } |
155 | |