]>
Commit | Line | Data |
---|---|---|
0f113f3e | 1 | /* |
605856d7 | 2 | * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. |
8d8c7266 | 3 | * |
54fffdf4 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
b1322259 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8d8c7266 DSH |
8 | */ |
9 | ||
10 | #include <stdio.h> | |
b39fc560 | 11 | #include "internal/cryptlib.h" |
ec577822 | 12 | #include <openssl/pkcs12.h> |
8d8c7266 | 13 | |
b8f702a0 | 14 | /* PKCS#12 PBE algorithms now in static table */ |
8d8c7266 | 15 | |
6b691a5c | 16 | void PKCS12_PBE_add(void) |
8d8c7266 | 17 | { |
8d8c7266 DSH |
18 | } |
19 | ||
8afca8d9 | 20 | int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, |
0f113f3e MC |
21 | ASN1_TYPE *param, const EVP_CIPHER *cipher, |
22 | const EVP_MD *md, int en_de) | |
8d8c7266 | 23 | { |
0f113f3e MC |
24 | PBEPARAM *pbe; |
25 | int saltlen, iter, ret; | |
26 | unsigned char *salt; | |
0f113f3e | 27 | unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; |
1194ea8d AP |
28 | int (*pkcs12_key_gen)(const char *pass, int passlen, |
29 | unsigned char *salt, int slen, | |
30 | int id, int iter, int n, | |
31 | unsigned char *out, | |
32 | const EVP_MD *md_type); | |
33 | ||
0fe17491 | 34 | pkcs12_key_gen = PKCS12_key_gen_utf8; |
69cbf468 | 35 | |
394f7b6f EK |
36 | if (cipher == NULL) |
37 | return 0; | |
38 | ||
0f113f3e | 39 | /* Extract useful info from parameter */ |
c755c5fd | 40 | |
e93c8748 DSH |
41 | pbe = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBEPARAM), param); |
42 | if (pbe == NULL) { | |
9311d0c4 | 43 | ERR_raise(ERR_LIB_PKCS12, PKCS12_R_DECODE_ERROR); |
0f113f3e MC |
44 | return 0; |
45 | } | |
69cbf468 | 46 | |
12a765a5 | 47 | if (pbe->iter == NULL) |
0f113f3e MC |
48 | iter = 1; |
49 | else | |
50 | iter = ASN1_INTEGER_get(pbe->iter); | |
51 | salt = pbe->salt->data; | |
52 | saltlen = pbe->salt->length; | |
1194ea8d AP |
53 | if (!(*pkcs12_key_gen)(pass, passlen, salt, saltlen, PKCS12_KEY_ID, |
54 | iter, EVP_CIPHER_key_length(cipher), key, md)) { | |
9311d0c4 | 55 | ERR_raise(ERR_LIB_PKCS12, PKCS12_R_KEY_GEN_ERROR); |
0f113f3e MC |
56 | PBEPARAM_free(pbe); |
57 | return 0; | |
58 | } | |
1194ea8d AP |
59 | if (!(*pkcs12_key_gen)(pass, passlen, salt, saltlen, PKCS12_IV_ID, |
60 | iter, EVP_CIPHER_iv_length(cipher), iv, md)) { | |
9311d0c4 | 61 | ERR_raise(ERR_LIB_PKCS12, PKCS12_R_IV_GEN_ERROR); |
0f113f3e MC |
62 | PBEPARAM_free(pbe); |
63 | return 0; | |
64 | } | |
65 | PBEPARAM_free(pbe); | |
66 | ret = EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de); | |
67 | OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); | |
68 | OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); | |
69 | return ret; | |
8d8c7266 | 70 | } |