X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=crypto%2Fpkcs12%2Fp12_mutl.c;h=88655651a0e6804b721f015f82aafd389bf70584;hb=ed576acdf591d4164905ab98e89ca5a3b99d90ab;hp=9ab26592938a3499349da165d8ffc8072d8d3e28;hpb=ac4e257747075958d37665f327bdf685dd2478ab;p=thirdparty%2Fopenssl.git diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c index 9ab2659293..88655651a0 100644 --- a/crypto/pkcs12/p12_mutl.c +++ b/crypto/pkcs12/p12_mutl.c @@ -1,31 +1,39 @@ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use + * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ -# include -# include "internal/cryptlib.h" -# include -# include -# include -# include -# include "p12_lcl.h" +/* + * HMAC low level APIs are deprecated for public use, but still ok for internal + * use. + */ +#include "internal/deprecated.h" -int PKCS12_mac_present(PKCS12 *p12) +#include +#include "internal/cryptlib.h" +#include +#include +#include +#include +#include "p12_local.h" + +int PKCS12_mac_present(const PKCS12 *p12) { return p12->mac ? 1 : 0; } -void PKCS12_get0_mac(ASN1_OCTET_STRING **pmac, X509_ALGOR **pmacalg, - ASN1_OCTET_STRING **psalt, ASN1_INTEGER **piter, - PKCS12 *p12) +void PKCS12_get0_mac(const ASN1_OCTET_STRING **pmac, + const X509_ALGOR **pmacalg, + const ASN1_OCTET_STRING **psalt, + const ASN1_INTEGER **piter, + const PKCS12 *p12) { if (p12->mac) { - X509_SIG_get0(pmacalg, pmac, p12->mac->dinfo); + X509_SIG_get0(p12->mac->dinfo, pmacalg, pmac); if (psalt) *psalt = p12->mac->salt; if (piter) @@ -42,7 +50,7 @@ void PKCS12_get0_mac(ASN1_OCTET_STRING **pmac, X509_ALGOR **pmacalg, } } -# define TK26_MAC_KEY_LEN 32 +#define TK26_MAC_KEY_LEN 32 static int pkcs12_gen_gost_mac_key(const char *pass, int passlen, const unsigned char *salt, int saltlen, @@ -65,65 +73,102 @@ static int pkcs12_gen_gost_mac_key(const char *pass, int passlen, } /* Generate a MAC */ -int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, - unsigned char *mac, unsigned int *maclen) +static int pkcs12_gen_mac(PKCS12 *p12, const char *pass, int passlen, + unsigned char *mac, unsigned int *maclen, + int (*pkcs12_key_gen)(const char *pass, int passlen, + unsigned char *salt, int slen, + int id, int iter, int n, + unsigned char *out, + const EVP_MD *md_type)) { - const EVP_MD *md_type; + int ret = 0; + const EVP_MD *md; + EVP_MD *md_fetch; HMAC_CTX *hmac = NULL; unsigned char key[EVP_MAX_MD_SIZE], *salt; int saltlen, iter; + char md_name[80]; int md_size = 0; - int md_type_nid; - X509_ALGOR *macalg; + int md_nid; + const X509_ALGOR *macalg; const ASN1_OBJECT *macoid; if (!PKCS7_type_is_data(p12->authsafes)) { - PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_CONTENT_TYPE_NOT_DATA); + ERR_raise(ERR_LIB_PKCS12, PKCS12_R_CONTENT_TYPE_NOT_DATA); return 0; } salt = p12->mac->salt->data; saltlen = p12->mac->salt->length; - if (!p12->mac->iter) + if (p12->mac->iter == NULL) iter = 1; else iter = ASN1_INTEGER_get(p12->mac->iter); - X509_SIG_get0(&macalg, NULL, p12->mac->dinfo); + X509_SIG_get0(p12->mac->dinfo, &macalg, NULL); X509_ALGOR_get0(&macoid, NULL, NULL, macalg); - if ((md_type = EVP_get_digestbyobj(macoid)) == NULL) { - PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_UNKNOWN_DIGEST_ALGORITHM); + if (OBJ_obj2txt(md_name, sizeof(md_name), macoid, 0) < 0) + return 0; + md = md_fetch = EVP_MD_fetch(p12->authsafes->ctx.libctx, md_name, + p12->authsafes->ctx.propq); + if (md == NULL) + md = EVP_get_digestbynid(OBJ_obj2nid(macoid)); + + if (md == NULL) { + ERR_raise(ERR_LIB_PKCS12, PKCS12_R_UNKNOWN_DIGEST_ALGORITHM); return 0; } - md_size = EVP_MD_size(md_type); - md_type_nid = EVP_MD_type(md_type); + md_size = EVP_MD_get_size(md); + md_nid = EVP_MD_get_type(md); if (md_size < 0) - return 0; - if ((md_type_nid == NID_id_GostR3411_94 - || md_type_nid == NID_id_GostR3411_2012_256 - || md_type_nid == NID_id_GostR3411_2012_512) - && !getenv("LEGACY_GOST_PKCS12")) { + goto err; + if ((md_nid == NID_id_GostR3411_94 + || md_nid == NID_id_GostR3411_2012_256 + || md_nid == NID_id_GostR3411_2012_512) + && ossl_safe_getenv("LEGACY_GOST_PKCS12") == NULL) { md_size = TK26_MAC_KEY_LEN; if (!pkcs12_gen_gost_mac_key(pass, passlen, salt, saltlen, iter, - md_size, key, md_type)) { - PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR); - return 0; + md_size, key, md)) { + ERR_raise(ERR_LIB_PKCS12, PKCS12_R_KEY_GEN_ERROR); + goto err; + } + } else { + if (pkcs12_key_gen != NULL) { + if (!(*pkcs12_key_gen)(pass, passlen, salt, saltlen, PKCS12_MAC_ID, + iter, md_size, key, md)) { + ERR_raise(ERR_LIB_PKCS12, PKCS12_R_KEY_GEN_ERROR); + goto err; + } + } else { + /* Default to UTF-8 password */ + if (!PKCS12_key_gen_utf8_ex(pass, passlen, salt, saltlen, PKCS12_MAC_ID, + iter, md_size, key, md, + p12->authsafes->ctx.libctx, + p12->authsafes->ctx.propq)) { + ERR_raise(ERR_LIB_PKCS12, PKCS12_R_KEY_GEN_ERROR); + goto err; + } } - } else - if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter, - md_size, key, md_type)) { - PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR); - return 0; } - hmac = HMAC_CTX_new(); - if (!HMAC_Init_ex(hmac, key, md_size, md_type, NULL) + if ((hmac = HMAC_CTX_new()) == NULL + || !HMAC_Init_ex(hmac, key, md_size, md, NULL) || !HMAC_Update(hmac, p12->authsafes->d.data->data, p12->authsafes->d.data->length) || !HMAC_Final(hmac, mac, maclen)) { - HMAC_CTX_free(hmac); - return 0; + goto err; } + ret = 1; + +err: + OPENSSL_cleanse(key, sizeof(key)); HMAC_CTX_free(hmac); - return 1; + EVP_MD_free(md_fetch); + return ret; +} + +int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, + unsigned char *mac, unsigned int *maclen) +{ + return pkcs12_gen_mac(p12, pass, passlen, mac, maclen, NULL); } /* Verify the mac */ @@ -131,20 +176,21 @@ int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen) { unsigned char mac[EVP_MAX_MD_SIZE]; unsigned int maclen; - ASN1_OCTET_STRING *macoct; + const ASN1_OCTET_STRING *macoct; if (p12->mac == NULL) { - PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_ABSENT); + ERR_raise(ERR_LIB_PKCS12, PKCS12_R_MAC_ABSENT); return 0; } - if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) { - PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_GENERATION_ERROR); + if (!pkcs12_gen_mac(p12, pass, passlen, mac, &maclen, NULL)) { + ERR_raise(ERR_LIB_PKCS12, PKCS12_R_MAC_GENERATION_ERROR); return 0; } - X509_SIG_get0(NULL, &macoct, p12->mac->dinfo); + X509_SIG_get0(p12->mac->dinfo, NULL, &macoct); if ((maclen != (unsigned int)ASN1_STRING_length(macoct)) - || CRYPTO_memcmp(mac, ASN1_STRING_get0_data(macoct), maclen)) + || CRYPTO_memcmp(mac, ASN1_STRING_get0_data(macoct), maclen) != 0) return 0; + return 1; } @@ -158,19 +204,25 @@ int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, unsigned int maclen; ASN1_OCTET_STRING *macoct; - if (!md_type) - md_type = EVP_sha1(); + if (md_type == NULL) + /* No need to do a fetch as the md_type is used only to get a NID */ + md_type = EVP_sha256(); + if (!iter) + iter = PKCS12_DEFAULT_ITER; if (PKCS12_setup_mac(p12, iter, salt, saltlen, md_type) == PKCS12_ERROR) { - PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_SETUP_ERROR); + ERR_raise(ERR_LIB_PKCS12, PKCS12_R_MAC_SETUP_ERROR); return 0; } - if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) { - PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_GENERATION_ERROR); + /* + * Note that output mac is forced to UTF-8... + */ + if (!pkcs12_gen_mac(p12, pass, passlen, mac, &maclen, NULL)) { + ERR_raise(ERR_LIB_PKCS12, PKCS12_R_MAC_GENERATION_ERROR); return 0; } - X509_SIG_get0(NULL, &macoct, p12->mac->dinfo); + X509_SIG_getm(p12->mac->dinfo, NULL, &macoct); if (!ASN1_OCTET_STRING_set(macoct, mac, maclen)) { - PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_STRING_SET_ERROR); + ERR_raise(ERR_LIB_PKCS12, PKCS12_R_MAC_STRING_SET_ERROR); return 0; } return 1; @@ -182,34 +234,42 @@ int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, { X509_ALGOR *macalg; + PKCS12_MAC_DATA_free(p12->mac); + p12->mac = NULL; + if ((p12->mac = PKCS12_MAC_DATA_new()) == NULL) return PKCS12_ERROR; if (iter > 1) { if ((p12->mac->iter = ASN1_INTEGER_new()) == NULL) { - PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); return 0; } if (!ASN1_INTEGER_set(p12->mac->iter, iter)) { - PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); return 0; } } if (!saltlen) saltlen = PKCS12_SALT_LEN; + if (saltlen < 0) + return 0; if ((p12->mac->salt->data = OPENSSL_malloc(saltlen)) == NULL) { - PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); return 0; } p12->mac->salt->length = saltlen; if (!salt) { - if (RAND_bytes(p12->mac->salt->data, saltlen) <= 0) + if (saltlen < 0) + return 0; + if (RAND_bytes_ex(p12->authsafes->ctx.libctx, p12->mac->salt->data, + (size_t)saltlen, 0) <= 0) return 0; } else memcpy(p12->mac->salt->data, salt, saltlen); - X509_SIG_get0(&macalg, NULL, p12->mac->dinfo); - if (!X509_ALGOR_set0(macalg, OBJ_nid2obj(EVP_MD_type(md_type)), + X509_SIG_getm(p12->mac->dinfo, &macalg, NULL); + if (!X509_ALGOR_set0(macalg, OBJ_nid2obj(EVP_MD_get_type(md_type)), V_ASN1_NULL, NULL)) { - PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); return 0; }