/src/openssl/crypto/asn1/p5_pbe.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 1999-2023 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <stdio.h> |
11 | | #include "internal/cryptlib.h" |
12 | | #include <openssl/asn1t.h> |
13 | | #include <openssl/x509.h> |
14 | | #include <openssl/rand.h> |
15 | | #include "crypto/evp.h" |
16 | | |
17 | | /* PKCS#5 password based encryption structure */ |
18 | | |
19 | | ASN1_SEQUENCE(PBEPARAM) = { |
20 | | ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING), |
21 | | ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER) |
22 | | } ASN1_SEQUENCE_END(PBEPARAM) |
23 | | |
24 | | IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM) |
25 | | |
26 | | /* Set an algorithm identifier for a PKCS#5 PBE algorithm */ |
27 | | |
28 | | int PKCS5_pbe_set0_algor_ex(X509_ALGOR *algor, int alg, int iter, |
29 | | const unsigned char *salt, int saltlen, |
30 | | OSSL_LIB_CTX *ctx) |
31 | 0 | { |
32 | 0 | PBEPARAM *pbe = NULL; |
33 | 0 | ASN1_STRING *pbe_str = NULL; |
34 | 0 | unsigned char *sstr = NULL; |
35 | |
|
36 | 0 | pbe = PBEPARAM_new(); |
37 | 0 | if (pbe == NULL) { |
38 | | /* ERR_R_ASN1_LIB, because PBEPARAM_new() is defined in crypto/asn1 */ |
39 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); |
40 | 0 | goto err; |
41 | 0 | } |
42 | 0 | if (iter <= 0) |
43 | 0 | iter = PKCS5_DEFAULT_ITER; |
44 | 0 | if (!ASN1_INTEGER_set(pbe->iter, iter)) { |
45 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); |
46 | 0 | goto err; |
47 | 0 | } |
48 | 0 | if (!saltlen) |
49 | 0 | saltlen = PKCS5_DEFAULT_PBE1_SALT_LEN; |
50 | 0 | if (saltlen < 0) |
51 | 0 | goto err; |
52 | | |
53 | 0 | sstr = OPENSSL_malloc(saltlen); |
54 | 0 | if (sstr == NULL) |
55 | 0 | goto err; |
56 | 0 | if (salt) |
57 | 0 | memcpy(sstr, salt, saltlen); |
58 | 0 | else if (RAND_bytes_ex(ctx, sstr, saltlen, 0) <= 0) |
59 | 0 | goto err; |
60 | | |
61 | 0 | ASN1_STRING_set0(pbe->salt, sstr, saltlen); |
62 | 0 | sstr = NULL; |
63 | |
|
64 | 0 | if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) { |
65 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); |
66 | 0 | goto err; |
67 | 0 | } |
68 | | |
69 | 0 | PBEPARAM_free(pbe); |
70 | 0 | pbe = NULL; |
71 | |
|
72 | 0 | if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str)) |
73 | 0 | return 1; |
74 | | |
75 | 0 | err: |
76 | 0 | OPENSSL_free(sstr); |
77 | 0 | PBEPARAM_free(pbe); |
78 | 0 | ASN1_STRING_free(pbe_str); |
79 | 0 | return 0; |
80 | 0 | } |
81 | | |
82 | | int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, |
83 | | const unsigned char *salt, int saltlen) |
84 | 0 | { |
85 | 0 | return PKCS5_pbe_set0_algor_ex(algor, alg, iter, salt, saltlen, NULL); |
86 | 0 | } |
87 | | |
88 | | /* Return an algorithm identifier for a PKCS#5 PBE algorithm */ |
89 | | |
90 | | X509_ALGOR *PKCS5_pbe_set_ex(int alg, int iter, |
91 | | const unsigned char *salt, int saltlen, |
92 | | OSSL_LIB_CTX *ctx) |
93 | 0 | { |
94 | 0 | X509_ALGOR *ret; |
95 | 0 | ret = X509_ALGOR_new(); |
96 | 0 | if (ret == NULL) { |
97 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_X509_LIB); |
98 | 0 | return NULL; |
99 | 0 | } |
100 | | |
101 | 0 | if (PKCS5_pbe_set0_algor_ex(ret, alg, iter, salt, saltlen, ctx)) |
102 | 0 | return ret; |
103 | | |
104 | 0 | X509_ALGOR_free(ret); |
105 | 0 | return NULL; |
106 | 0 | } |
107 | | |
108 | | X509_ALGOR *PKCS5_pbe_set(int alg, int iter, |
109 | | const unsigned char *salt, int saltlen) |
110 | 0 | { |
111 | 0 | return PKCS5_pbe_set_ex(alg, iter, salt, saltlen, NULL); |
112 | 0 | } |
113 | | |