]>
Commit | Line | Data |
---|---|---|
0f113f3e | 1 | /* |
8020d79b | 2 | * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved. |
8d8c7266 | 3 | * |
54fffdf4 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
b1322259 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8d8c7266 DSH |
8 | */ |
9 | ||
10 | #include <stdio.h> | |
b39fc560 | 11 | #include "internal/cryptlib.h" |
ec577822 | 12 | #include <openssl/pkcs12.h> |
0f814687 | 13 | #include <openssl/bn.h> |
a902e43d | 14 | #include <openssl/trace.h> |
b7466c13 P |
15 | #include <openssl/kdf.h> |
16 | #include <openssl/core_names.h> | |
17 | #include "internal/provider.h" | |
8d8c7266 | 18 | |
b536880c JS |
19 | int PKCS12_key_gen_asc_ex(const char *pass, int passlen, unsigned char *salt, |
20 | int saltlen, int id, int iter, int n, | |
21 | unsigned char *out, const EVP_MD *md_type, | |
22 | OSSL_LIB_CTX *ctx, const char *propq) | |
8d8c7266 | 23 | { |
0f113f3e MC |
24 | int ret; |
25 | unsigned char *unipass; | |
26 | int uniplen; | |
0eab41fb | 27 | |
12a765a5 | 28 | if (pass == NULL) { |
0f113f3e MC |
29 | unipass = NULL; |
30 | uniplen = 0; | |
31 | } else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) { | |
9311d0c4 | 32 | ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); |
0f113f3e MC |
33 | return 0; |
34 | } | |
b536880c JS |
35 | ret = PKCS12_key_gen_uni_ex(unipass, uniplen, salt, saltlen, id, iter, |
36 | n, out, md_type, ctx, propq); | |
4b45c6e5 | 37 | OPENSSL_clear_free(unipass, uniplen); |
ed4faae0 | 38 | return ret > 0; |
8d8c7266 DSH |
39 | } |
40 | ||
b536880c JS |
41 | int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, |
42 | int saltlen, int id, int iter, int n, | |
43 | unsigned char *out, const EVP_MD *md_type) | |
44 | { | |
45 | return PKCS12_key_gen_asc_ex(pass, passlen, salt, saltlen, id, iter, n, | |
46 | out, md_type, NULL, NULL); | |
47 | } | |
48 | ||
49 | int PKCS12_key_gen_utf8_ex(const char *pass, int passlen, unsigned char *salt, | |
50 | int saltlen, int id, int iter, int n, | |
51 | unsigned char *out, const EVP_MD *md_type, | |
52 | OSSL_LIB_CTX *ctx, const char *propq) | |
9e6b2f54 AP |
53 | { |
54 | int ret; | |
55 | unsigned char *unipass; | |
56 | int uniplen; | |
57 | ||
12a765a5 | 58 | if (pass == NULL) { |
9e6b2f54 AP |
59 | unipass = NULL; |
60 | uniplen = 0; | |
61 | } else if (!OPENSSL_utf82uni(pass, passlen, &unipass, &uniplen)) { | |
9311d0c4 | 62 | ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); |
9e6b2f54 AP |
63 | return 0; |
64 | } | |
b536880c JS |
65 | ret = PKCS12_key_gen_uni_ex(unipass, uniplen, salt, saltlen, id, iter, |
66 | n, out, md_type, ctx, propq); | |
9e6b2f54 | 67 | OPENSSL_clear_free(unipass, uniplen); |
ed4faae0 | 68 | return ret > 0; |
9e6b2f54 AP |
69 | } |
70 | ||
b536880c JS |
71 | int PKCS12_key_gen_utf8(const char *pass, int passlen, unsigned char *salt, |
72 | int saltlen, int id, int iter, int n, | |
73 | unsigned char *out, const EVP_MD *md_type) | |
74 | { | |
75 | return PKCS12_key_gen_utf8_ex(pass, passlen, salt, saltlen, id, iter, n, | |
76 | out, md_type, NULL, NULL); | |
77 | } | |
78 | ||
79 | int PKCS12_key_gen_uni_ex(unsigned char *pass, int passlen, unsigned char *salt, | |
80 | int saltlen, int id, int iter, int n, | |
81 | unsigned char *out, const EVP_MD *md_type, | |
82 | OSSL_LIB_CTX *libctx, const char *propq) | |
8d8c7266 | 83 | { |
b7466c13 P |
84 | int res = 0; |
85 | EVP_KDF *kdf; | |
86 | EVP_KDF_CTX *ctx; | |
87 | OSSL_PARAM params[6], *p = params; | |
88 | ||
89 | if (n <= 0) | |
90 | return 0; | |
3bf7ef53 | 91 | |
b536880c | 92 | kdf = EVP_KDF_fetch(libctx, "PKCS12KDF", propq); |
b7466c13 P |
93 | if (kdf == NULL) |
94 | return 0; | |
95 | ctx = EVP_KDF_CTX_new(kdf); | |
96 | EVP_KDF_free(kdf); | |
6e59a892 | 97 | if (ctx == NULL) |
b7466c13 P |
98 | return 0; |
99 | ||
100 | *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, | |
ed576acd TM |
101 | (char *)EVP_MD_get0_name(md_type), |
102 | 0); | |
b7466c13 P |
103 | *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD, |
104 | pass, passlen); | |
105 | *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, | |
106 | salt, saltlen); | |
107 | *p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_PKCS12_ID, &id); | |
108 | *p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_ITER, &iter); | |
109 | *p = OSSL_PARAM_construct_end(); | |
6e59a892 | 110 | |
a902e43d | 111 | OSSL_TRACE_BEGIN(PKCS12_KEYGEN) { |
b536880c | 112 | BIO_printf(trc_out, "PKCS12_key_gen_uni_ex(): ID %d, ITER %d\n", id, iter); |
a902e43d RL |
113 | BIO_printf(trc_out, "Password (length %d):\n", passlen); |
114 | BIO_hex_string(trc_out, 0, passlen, pass, passlen); | |
115 | BIO_printf(trc_out, "\n"); | |
116 | BIO_printf(trc_out, "Salt (length %d):\n", saltlen); | |
117 | BIO_hex_string(trc_out, 0, saltlen, salt, saltlen); | |
118 | BIO_printf(trc_out, "\n"); | |
119 | } OSSL_TRACE_END(PKCS12_KEYGEN); | |
54c68d35 | 120 | |
b536880c | 121 | if (EVP_KDF_derive(ctx, out, (size_t)n, params)) { |
b7466c13 P |
122 | res = 1; |
123 | OSSL_TRACE_BEGIN(PKCS12_KEYGEN) { | |
124 | BIO_printf(trc_out, "Output KEY (length %d)\n", n); | |
125 | BIO_hex_string(trc_out, 0, n, out, n); | |
126 | BIO_printf(trc_out, "\n"); | |
127 | } OSSL_TRACE_END(PKCS12_KEYGEN); | |
0f113f3e | 128 | } |
b7466c13 P |
129 | EVP_KDF_CTX_free(ctx); |
130 | return res; | |
8d8c7266 | 131 | } |
b536880c JS |
132 | |
133 | int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, | |
134 | int saltlen, int id, int iter, int n, | |
135 | unsigned char *out, const EVP_MD *md_type) | |
136 | { | |
137 | return PKCS12_key_gen_uni_ex(pass, passlen, salt, saltlen, id, iter, n, out, md_type, NULL, NULL); | |
138 | } |