1 | /* |
2 | * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at |
7 | * https://www.openssl.org/source/license.html |
8 | */ |
9 | |
10 | #include <stdio.h> |
11 | #include "internal/cryptlib.h" |
12 | #include <openssl/pkcs12.h> |
13 | |
14 | /* PKCS#12 PBE algorithms now in static table */ |
15 | |
16 | void PKCS12_PBE_add(void) |
17 | { |
18 | } |
19 | |
20 | int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, |
21 | ASN1_TYPE *param, const EVP_CIPHER *cipher, |
22 | const EVP_MD *md, int en_de) |
23 | { |
24 | PBEPARAM *pbe; |
25 | int saltlen, iter, ret; |
26 | unsigned char *salt; |
27 | unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; |
28 | int (*pkcs12_key_gen)(const char *pass, int passlen, |
29 | unsigned char *salt, int slen, |
30 | int id, int iter, int n, |
31 | unsigned char *out, |
32 | const EVP_MD *md_type); |
33 | |
34 | pkcs12_key_gen = PKCS12_key_gen_utf8; |
35 | |
36 | if (cipher == NULL) |
37 | return 0; |
38 | |
39 | /* Extract useful info from parameter */ |
40 | |
41 | pbe = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBEPARAM), param); |
42 | if (pbe == NULL) { |
43 | PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_DECODE_ERROR); |
44 | return 0; |
45 | } |
46 | |
47 | if (pbe->iter == NULL) |
48 | iter = 1; |
49 | else |
50 | iter = ASN1_INTEGER_get(pbe->iter); |
51 | salt = pbe->salt->data; |
52 | saltlen = pbe->salt->length; |
53 | if (!(*pkcs12_key_gen)(pass, passlen, salt, saltlen, PKCS12_KEY_ID, |
54 | iter, EVP_CIPHER_key_length(cipher), key, md)) { |
55 | PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_KEY_GEN_ERROR); |
56 | PBEPARAM_free(pbe); |
57 | return 0; |
58 | } |
59 | if (!(*pkcs12_key_gen)(pass, passlen, salt, saltlen, PKCS12_IV_ID, |
60 | iter, EVP_CIPHER_iv_length(cipher), iv, md)) { |
61 | PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_IV_GEN_ERROR); |
62 | PBEPARAM_free(pbe); |
63 | return 0; |
64 | } |
65 | PBEPARAM_free(pbe); |
66 | ret = EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de); |
67 | OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); |
68 | OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); |
69 | return ret; |
70 | } |
71 | |