1 | /* |
2 | * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at |
7 | * https://www.openssl.org/source/license.html |
8 | */ |
9 | |
10 | #include <stdio.h> |
11 | #include <stdlib.h> |
12 | #include "internal/cryptlib.h" |
13 | #include <openssl/x509.h> |
14 | #include <openssl/evp.h> |
15 | |
16 | /* |
17 | * Doesn't do anything now: Builtin PBE algorithms in static table. |
18 | */ |
19 | |
20 | void PKCS5_PBE_add(void) |
21 | { |
22 | } |
23 | |
24 | int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, |
25 | ASN1_TYPE *param, const EVP_CIPHER *cipher, |
26 | const EVP_MD *md, int en_de) |
27 | { |
28 | EVP_MD_CTX *ctx; |
29 | unsigned char md_tmp[EVP_MAX_MD_SIZE]; |
30 | unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; |
31 | int i, ivl, kl; |
32 | PBEPARAM *pbe; |
33 | int saltlen, iter; |
34 | unsigned char *salt; |
35 | int mdsize; |
36 | int rv = 0; |
37 | |
38 | /* Extract useful info from parameter */ |
39 | if (param == NULL || param->type != V_ASN1_SEQUENCE || |
40 | param->value.sequence == NULL) { |
41 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); |
42 | return 0; |
43 | } |
44 | |
45 | pbe = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBEPARAM), param); |
46 | if (pbe == NULL) { |
47 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); |
48 | return 0; |
49 | } |
50 | |
51 | ivl = EVP_CIPHER_iv_length(cipher); |
52 | if (ivl < 0 || ivl > 16) { |
53 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_INVALID_IV_LENGTH); |
54 | return 0; |
55 | } |
56 | kl = EVP_CIPHER_key_length(cipher); |
57 | if (kl < 0 || kl > (int)sizeof(md_tmp)) { |
58 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_INVALID_KEY_LENGTH); |
59 | return 0; |
60 | } |
61 | |
62 | if (pbe->iter == NULL) |
63 | iter = 1; |
64 | else |
65 | iter = ASN1_INTEGER_get(pbe->iter); |
66 | salt = pbe->salt->data; |
67 | saltlen = pbe->salt->length; |
68 | |
69 | if (pass == NULL) |
70 | passlen = 0; |
71 | else if (passlen == -1) |
72 | passlen = strlen(pass); |
73 | |
74 | ctx = EVP_MD_CTX_new(); |
75 | if (ctx == NULL) { |
76 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, ERR_R_MALLOC_FAILURE); |
77 | goto err; |
78 | } |
79 | |
80 | if (!EVP_DigestInit_ex(ctx, md, NULL)) |
81 | goto err; |
82 | if (!EVP_DigestUpdate(ctx, pass, passlen)) |
83 | goto err; |
84 | if (!EVP_DigestUpdate(ctx, salt, saltlen)) |
85 | goto err; |
86 | PBEPARAM_free(pbe); |
87 | if (!EVP_DigestFinal_ex(ctx, md_tmp, NULL)) |
88 | goto err; |
89 | mdsize = EVP_MD_size(md); |
90 | if (mdsize < 0) |
91 | return 0; |
92 | for (i = 1; i < iter; i++) { |
93 | if (!EVP_DigestInit_ex(ctx, md, NULL)) |
94 | goto err; |
95 | if (!EVP_DigestUpdate(ctx, md_tmp, mdsize)) |
96 | goto err; |
97 | if (!EVP_DigestFinal_ex(ctx, md_tmp, NULL)) |
98 | goto err; |
99 | } |
100 | memcpy(key, md_tmp, kl); |
101 | memcpy(iv, md_tmp + (16 - ivl), ivl); |
102 | if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de)) |
103 | goto err; |
104 | OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE); |
105 | OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); |
106 | OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); |
107 | rv = 1; |
108 | err: |
109 | EVP_MD_CTX_free(ctx); |
110 | return rv; |
111 | } |
112 | |