]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/asn1/p5_pbev2.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Stop raising ERR_R_MALLOC_FAILURE in most places
[thirdparty/openssl.git] / crypto / asn1 / p5_pbev2.c
1 /*
2 * Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include "internal/cryptlib.h"
12 #include "crypto/asn1.h"
13 #include <openssl/asn1t.h>
14 #include <openssl/core.h>
15 #include <openssl/core_names.h>
16 #include <openssl/x509.h>
17 #include <openssl/rand.h>
18
19 /* PKCS#5 v2.0 password based encryption structures */
20
21 ASN1_SEQUENCE(PBE2PARAM) = {
22 ASN1_SIMPLE(PBE2PARAM, keyfunc, X509_ALGOR),
23 ASN1_SIMPLE(PBE2PARAM, encryption, X509_ALGOR)
24 } ASN1_SEQUENCE_END(PBE2PARAM)
25
26 IMPLEMENT_ASN1_FUNCTIONS(PBE2PARAM)
27
28 ASN1_SEQUENCE(PBKDF2PARAM) = {
29 ASN1_SIMPLE(PBKDF2PARAM, salt, ASN1_ANY),
30 ASN1_SIMPLE(PBKDF2PARAM, iter, ASN1_INTEGER),
31 ASN1_OPT(PBKDF2PARAM, keylength, ASN1_INTEGER),
32 ASN1_OPT(PBKDF2PARAM, prf, X509_ALGOR)
33 } ASN1_SEQUENCE_END(PBKDF2PARAM)
34
35 IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM)
36
37 /*
38 * Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm: yes I know
39 * this is horrible! Extended version to allow application supplied PRF NID
40 * and IV.
41 */
42
43 X509_ALGOR *PKCS5_pbe2_set_iv_ex(const EVP_CIPHER *cipher, int iter,
44 unsigned char *salt, int saltlen,
45 unsigned char *aiv, int prf_nid,
46 OSSL_LIB_CTX *libctx)
47 {
48 X509_ALGOR *scheme = NULL, *ret = NULL;
49 int alg_nid, keylen, ivlen;
50 EVP_CIPHER_CTX *ctx = NULL;
51 unsigned char iv[EVP_MAX_IV_LENGTH];
52 PBE2PARAM *pbe2 = NULL;
53
54 alg_nid = EVP_CIPHER_get_type(cipher);
55 if (alg_nid == NID_undef) {
56 ERR_raise(ERR_LIB_ASN1, ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
57 goto err;
58 }
59
60 if ((pbe2 = PBE2PARAM_new()) == NULL) {
61 ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);
62 goto err;
63 }
64
65 /* Setup the AlgorithmIdentifier for the encryption scheme */
66 scheme = pbe2->encryption;
67 scheme->algorithm = OBJ_nid2obj(alg_nid);
68 if ((scheme->parameter = ASN1_TYPE_new()) == NULL) {
69 ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);
70 goto err;
71 }
72
73 /* Create random IV */
74 ivlen = EVP_CIPHER_get_iv_length(cipher);
75 if (ivlen > 0) {
76 if (aiv)
77 memcpy(iv, aiv, ivlen);
78 else if (RAND_bytes_ex(libctx, iv, ivlen, 0) <= 0)
79 goto err;
80 }
81
82 ctx = EVP_CIPHER_CTX_new();
83 if (ctx == NULL) {
84 ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
85 goto err;
86 }
87
88 /* Dummy cipherinit to just setup the IV, and PRF */
89 if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, iv, 0))
90 goto err;
91 if (EVP_CIPHER_param_to_asn1(ctx, scheme->parameter) <= 0) {
92 ERR_raise(ERR_LIB_ASN1, ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
93 goto err;
94 }
95 /*
96 * If prf NID unspecified see if cipher has a preference. An error is OK
97 * here: just means use default PRF.
98 */
99 ERR_set_mark();
100 if ((prf_nid == -1) &&
101 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) {
102 prf_nid = NID_hmacWithSHA256;
103 }
104 ERR_pop_to_mark();
105 EVP_CIPHER_CTX_free(ctx);
106 ctx = NULL;
107
108 /* If its RC2 then we'd better setup the key length */
109
110 if (alg_nid == NID_rc2_cbc)
111 keylen = EVP_CIPHER_get_key_length(cipher);
112 else
113 keylen = -1;
114
115 /* Setup keyfunc */
116
117 X509_ALGOR_free(pbe2->keyfunc);
118
119 pbe2->keyfunc = PKCS5_pbkdf2_set_ex(iter, salt, saltlen, prf_nid, keylen,
120 libctx);
121
122 if (pbe2->keyfunc == NULL) {
123 ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);
124 goto err;
125 }
126
127 /* Now set up top level AlgorithmIdentifier */
128
129 if ((ret = X509_ALGOR_new()) == NULL) {
130 ERR_raise(ERR_LIB_ASN1, ERR_R_X509_LIB);
131 goto err;
132 }
133
134 ret->algorithm = OBJ_nid2obj(NID_pbes2);
135
136 /* Encode PBE2PARAM into parameter */
137
138 if (!ASN1_TYPE_pack_sequence(ASN1_ITEM_rptr(PBE2PARAM), pbe2,
139 &ret->parameter)) {
140 ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);
141 goto err;
142 }
143
144 PBE2PARAM_free(pbe2);
145 pbe2 = NULL;
146
147 return ret;
148
149 err:
150 EVP_CIPHER_CTX_free(ctx);
151 PBE2PARAM_free(pbe2);
152 /* Note 'scheme' is freed as part of pbe2 */
153 X509_ALGOR_free(ret);
154
155 return NULL;
156 }
157
158 X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
159 unsigned char *salt, int saltlen,
160 unsigned char *aiv, int prf_nid)
161 {
162 return PKCS5_pbe2_set_iv_ex(cipher, iter, salt, saltlen, aiv, prf_nid,
163 NULL);
164 }
165
166 X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
167 unsigned char *salt, int saltlen)
168 {
169 return PKCS5_pbe2_set_iv_ex(cipher, iter, salt, saltlen, NULL, -1,
170 NULL);
171 }
172
173
174 X509_ALGOR *PKCS5_pbkdf2_set_ex(int iter, unsigned char *salt, int saltlen,
175 int prf_nid, int keylen,
176 OSSL_LIB_CTX *libctx)
177 {
178 X509_ALGOR *keyfunc = NULL;
179 PBKDF2PARAM *kdf = NULL;
180 ASN1_OCTET_STRING *osalt = NULL;
181
182 if ((kdf = PBKDF2PARAM_new()) == NULL) {
183 ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);
184 goto err;
185 }
186 if ((osalt = ASN1_OCTET_STRING_new()) == NULL) {
187 ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);
188 goto err;
189 }
190
191 kdf->salt->value.octet_string = osalt;
192 kdf->salt->type = V_ASN1_OCTET_STRING;
193
194 if (saltlen < 0) {
195 ERR_raise(ERR_LIB_ASN1, ERR_R_PASSED_INVALID_ARGUMENT);
196 goto err;
197 }
198 if (saltlen == 0)
199 saltlen = PKCS5_SALT_LEN;
200 if ((osalt->data = OPENSSL_malloc(saltlen)) == NULL)
201 goto err;
202
203
204 osalt->length = saltlen;
205
206 if (salt) {
207 memcpy(osalt->data, salt, saltlen);
208 } else if (RAND_bytes_ex(libctx, osalt->data, saltlen, 0) <= 0) {
209 ERR_raise(ERR_LIB_ASN1, ERR_R_RAND_LIB);
210 goto err;
211 }
212
213 if (iter <= 0)
214 iter = PKCS5_DEFAULT_ITER;
215
216 if (!ASN1_INTEGER_set(kdf->iter, iter)) {
217 ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);
218 goto err;
219 }
220
221 /* If have a key len set it up */
222
223 if (keylen > 0) {
224 if ((kdf->keylength = ASN1_INTEGER_new()) == NULL) {
225 ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);
226 goto err;
227 }
228 if (!ASN1_INTEGER_set(kdf->keylength, keylen)) {
229 ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);
230 goto err;
231 }
232 }
233
234 /* prf can stay NULL if we are using hmacWithSHA1 */
235 if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) {
236 kdf->prf = ossl_X509_ALGOR_from_nid(prf_nid, V_ASN1_NULL, NULL);
237 if (kdf->prf == NULL) {
238 ERR_raise(ERR_LIB_ASN1, ERR_R_X509_LIB);
239 goto err;
240 }
241 }
242
243 /* Finally setup the keyfunc structure */
244
245 keyfunc = X509_ALGOR_new();
246 if (keyfunc == NULL) {
247 ERR_raise(ERR_LIB_ASN1, ERR_R_X509_LIB);
248 goto err;
249 }
250
251 keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
252
253 /* Encode PBKDF2PARAM into parameter of pbe2 */
254
255 if (!ASN1_TYPE_pack_sequence(ASN1_ITEM_rptr(PBKDF2PARAM), kdf,
256 &keyfunc->parameter)) {
257 ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);
258 goto err;
259 }
260
261 PBKDF2PARAM_free(kdf);
262 return keyfunc;
263
264 err:
265 PBKDF2PARAM_free(kdf);
266 X509_ALGOR_free(keyfunc);
267 return NULL;
268 }
269
270 X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
271 int prf_nid, int keylen)
272 {
273 return PKCS5_pbkdf2_set_ex(iter, salt, saltlen, prf_nid, keylen, NULL);
274 }
275
A mirror of the official openssl repository