/src/openssl/crypto/asn1/p5_pbe.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <stdio.h> |
11 | | #include "internal/cryptlib.h" |
12 | | #include <openssl/asn1t.h> |
13 | | #include <openssl/x509.h> |
14 | | #include <openssl/rand.h> |
15 | | |
16 | | /* PKCS#5 password based encryption structure */ |
17 | | |
18 | | ASN1_SEQUENCE(PBEPARAM) = { |
19 | | ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING), |
20 | | ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER) |
21 | | } ASN1_SEQUENCE_END(PBEPARAM) |
22 | | |
23 | | IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM) |
24 | | |
25 | | /* Set an algorithm identifier for a PKCS#5 PBE algorithm */ |
26 | | |
27 | | int PKCS5_pbe_set0_algor_ex(X509_ALGOR *algor, int alg, int iter, |
28 | | const unsigned char *salt, int saltlen, |
29 | | OSSL_LIB_CTX *ctx) |
30 | 0 | { |
31 | 0 | PBEPARAM *pbe = NULL; |
32 | 0 | ASN1_STRING *pbe_str = NULL; |
33 | 0 | unsigned char *sstr = NULL; |
34 | |
|
35 | 0 | pbe = PBEPARAM_new(); |
36 | 0 | if (pbe == NULL) { |
37 | | /* ERR_R_ASN1_LIB, because PBEPARAM_new() is defined in crypto/asn1 */ |
38 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); |
39 | 0 | goto err; |
40 | 0 | } |
41 | 0 | if (iter <= 0) |
42 | 0 | iter = PKCS5_DEFAULT_ITER; |
43 | 0 | if (!ASN1_INTEGER_set(pbe->iter, iter)) { |
44 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); |
45 | 0 | goto err; |
46 | 0 | } |
47 | 0 | if (!saltlen) |
48 | 0 | saltlen = PKCS5_SALT_LEN; |
49 | 0 | if (saltlen < 0) |
50 | 0 | goto err; |
51 | | |
52 | 0 | sstr = OPENSSL_malloc(saltlen); |
53 | 0 | if (sstr == NULL) |
54 | 0 | goto err; |
55 | 0 | if (salt) |
56 | 0 | memcpy(sstr, salt, saltlen); |
57 | 0 | else if (RAND_bytes_ex(ctx, sstr, saltlen, 0) <= 0) |
58 | 0 | goto err; |
59 | | |
60 | 0 | ASN1_STRING_set0(pbe->salt, sstr, saltlen); |
61 | 0 | sstr = NULL; |
62 | |
|
63 | 0 | if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) { |
64 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); |
65 | 0 | goto err; |
66 | 0 | } |
67 | | |
68 | 0 | PBEPARAM_free(pbe); |
69 | 0 | pbe = NULL; |
70 | |
|
71 | 0 | if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str)) |
72 | 0 | return 1; |
73 | | |
74 | 0 | err: |
75 | 0 | OPENSSL_free(sstr); |
76 | 0 | PBEPARAM_free(pbe); |
77 | 0 | ASN1_STRING_free(pbe_str); |
78 | 0 | return 0; |
79 | 0 | } |
80 | | |
81 | | int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, |
82 | | const unsigned char *salt, int saltlen) |
83 | 0 | { |
84 | 0 | return PKCS5_pbe_set0_algor_ex(algor, alg, iter, salt, saltlen, NULL); |
85 | 0 | } |
86 | | |
87 | | /* Return an algorithm identifier for a PKCS#5 PBE algorithm */ |
88 | | |
89 | | X509_ALGOR *PKCS5_pbe_set_ex(int alg, int iter, |
90 | | const unsigned char *salt, int saltlen, |
91 | | OSSL_LIB_CTX *ctx) |
92 | 0 | { |
93 | 0 | X509_ALGOR *ret; |
94 | 0 | ret = X509_ALGOR_new(); |
95 | 0 | if (ret == NULL) { |
96 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_X509_LIB); |
97 | 0 | return NULL; |
98 | 0 | } |
99 | | |
100 | 0 | if (PKCS5_pbe_set0_algor_ex(ret, alg, iter, salt, saltlen, ctx)) |
101 | 0 | return ret; |
102 | | |
103 | 0 | X509_ALGOR_free(ret); |
104 | 0 | return NULL; |
105 | 0 | } |
106 | | |
107 | | X509_ALGOR *PKCS5_pbe_set(int alg, int iter, |
108 | | const unsigned char *salt, int saltlen) |
109 | 0 | { |
110 | 0 | return PKCS5_pbe_set_ex(alg, iter, salt, saltlen, NULL); |
111 | 0 | } |
112 | | |