/src/openssl111/crypto/evp/p5_crpt.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the OpenSSL license (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <stdio.h> |
11 | | #include <stdlib.h> |
12 | | #include "internal/cryptlib.h" |
13 | | #include <openssl/x509.h> |
14 | | #include <openssl/evp.h> |
15 | | |
16 | | /* |
17 | | * Doesn't do anything now: Builtin PBE algorithms in static table. |
18 | | */ |
19 | | |
20 | | void PKCS5_PBE_add(void) |
21 | 0 | { |
22 | 0 | } |
23 | | |
24 | | int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, |
25 | | ASN1_TYPE *param, const EVP_CIPHER *cipher, |
26 | | const EVP_MD *md, int en_de) |
27 | 0 | { |
28 | 0 | EVP_MD_CTX *ctx; |
29 | 0 | unsigned char md_tmp[EVP_MAX_MD_SIZE]; |
30 | 0 | unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; |
31 | 0 | int i, ivl, kl; |
32 | 0 | PBEPARAM *pbe; |
33 | 0 | int saltlen, iter; |
34 | 0 | unsigned char *salt; |
35 | 0 | int mdsize; |
36 | 0 | int rv = 0; |
37 | | |
38 | | /* Extract useful info from parameter */ |
39 | 0 | if (param == NULL || param->type != V_ASN1_SEQUENCE || |
40 | 0 | param->value.sequence == NULL) { |
41 | 0 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); |
42 | 0 | return 0; |
43 | 0 | } |
44 | | |
45 | 0 | pbe = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBEPARAM), param); |
46 | 0 | if (pbe == NULL) { |
47 | 0 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); |
48 | 0 | return 0; |
49 | 0 | } |
50 | | |
51 | 0 | ivl = EVP_CIPHER_iv_length(cipher); |
52 | 0 | if (ivl < 0 || ivl > 16) { |
53 | 0 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_INVALID_IV_LENGTH); |
54 | 0 | PBEPARAM_free(pbe); |
55 | 0 | return 0; |
56 | 0 | } |
57 | 0 | kl = EVP_CIPHER_key_length(cipher); |
58 | 0 | if (kl < 0 || kl > (int)sizeof(md_tmp)) { |
59 | 0 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_INVALID_KEY_LENGTH); |
60 | 0 | PBEPARAM_free(pbe); |
61 | 0 | return 0; |
62 | 0 | } |
63 | | |
64 | 0 | if (!pbe->iter) |
65 | 0 | iter = 1; |
66 | 0 | else |
67 | 0 | iter = ASN1_INTEGER_get(pbe->iter); |
68 | 0 | salt = pbe->salt->data; |
69 | 0 | saltlen = pbe->salt->length; |
70 | |
|
71 | 0 | if (!pass) |
72 | 0 | passlen = 0; |
73 | 0 | else if (passlen == -1) |
74 | 0 | passlen = strlen(pass); |
75 | |
|
76 | 0 | ctx = EVP_MD_CTX_new(); |
77 | 0 | if (ctx == NULL) { |
78 | 0 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, ERR_R_MALLOC_FAILURE); |
79 | 0 | goto err; |
80 | 0 | } |
81 | | |
82 | 0 | if (!EVP_DigestInit_ex(ctx, md, NULL)) |
83 | 0 | goto err; |
84 | 0 | if (!EVP_DigestUpdate(ctx, pass, passlen)) |
85 | 0 | goto err; |
86 | 0 | if (!EVP_DigestUpdate(ctx, salt, saltlen)) |
87 | 0 | goto err; |
88 | 0 | PBEPARAM_free(pbe); |
89 | 0 | pbe = NULL; |
90 | 0 | if (!EVP_DigestFinal_ex(ctx, md_tmp, NULL)) |
91 | 0 | goto err; |
92 | 0 | mdsize = EVP_MD_size(md); |
93 | 0 | if (mdsize < 0) |
94 | 0 | return 0; |
95 | 0 | for (i = 1; i < iter; i++) { |
96 | 0 | if (!EVP_DigestInit_ex(ctx, md, NULL)) |
97 | 0 | goto err; |
98 | 0 | if (!EVP_DigestUpdate(ctx, md_tmp, mdsize)) |
99 | 0 | goto err; |
100 | 0 | if (!EVP_DigestFinal_ex(ctx, md_tmp, NULL)) |
101 | 0 | goto err; |
102 | 0 | } |
103 | 0 | memcpy(key, md_tmp, kl); |
104 | 0 | memcpy(iv, md_tmp + (16 - ivl), ivl); |
105 | 0 | if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de)) |
106 | 0 | goto err; |
107 | 0 | OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE); |
108 | 0 | OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); |
109 | 0 | OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); |
110 | 0 | rv = 1; |
111 | 0 | err: |
112 | 0 | PBEPARAM_free(pbe); |
113 | 0 | EVP_MD_CTX_free(ctx); |
114 | 0 | return rv; |
115 | 0 | } |