2 * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "internal/cryptlib.h"
12 #include <openssl/evp.h>
13 #include <openssl/pkcs12.h>
14 #include <openssl/x509.h>
15 #include "internal/evp_int.h"
18 /* Password based encryption (PBE) functions */
20 /* Setup a cipher context from a PBE algorithm */
27 EVP_PBE_KEYGEN
*keygen
;
30 static STACK_OF(EVP_PBE_CTL
) *pbe_algs
;
32 static const EVP_PBE_CTL builtin_pbe
[] = {
33 {EVP_PBE_TYPE_OUTER
, NID_pbeWithMD2AndDES_CBC
,
34 NID_des_cbc
, NID_md2
, PKCS5_PBE_keyivgen
},
35 {EVP_PBE_TYPE_OUTER
, NID_pbeWithMD5AndDES_CBC
,
36 NID_des_cbc
, NID_md5
, PKCS5_PBE_keyivgen
},
37 {EVP_PBE_TYPE_OUTER
, NID_pbeWithSHA1AndRC2_CBC
,
38 NID_rc2_64_cbc
, NID_sha1
, PKCS5_PBE_keyivgen
},
40 {EVP_PBE_TYPE_OUTER
, NID_id_pbkdf2
, -1, -1, PKCS5_v2_PBKDF2_keyivgen
},
42 {EVP_PBE_TYPE_OUTER
, NID_pbe_WithSHA1And128BitRC4
,
43 NID_rc4
, NID_sha1
, PKCS12_PBE_keyivgen
},
44 {EVP_PBE_TYPE_OUTER
, NID_pbe_WithSHA1And40BitRC4
,
45 NID_rc4_40
, NID_sha1
, PKCS12_PBE_keyivgen
},
46 {EVP_PBE_TYPE_OUTER
, NID_pbe_WithSHA1And3_Key_TripleDES_CBC
,
47 NID_des_ede3_cbc
, NID_sha1
, PKCS12_PBE_keyivgen
},
48 {EVP_PBE_TYPE_OUTER
, NID_pbe_WithSHA1And2_Key_TripleDES_CBC
,
49 NID_des_ede_cbc
, NID_sha1
, PKCS12_PBE_keyivgen
},
50 {EVP_PBE_TYPE_OUTER
, NID_pbe_WithSHA1And128BitRC2_CBC
,
51 NID_rc2_cbc
, NID_sha1
, PKCS12_PBE_keyivgen
},
52 {EVP_PBE_TYPE_OUTER
, NID_pbe_WithSHA1And40BitRC2_CBC
,
53 NID_rc2_40_cbc
, NID_sha1
, PKCS12_PBE_keyivgen
},
55 {EVP_PBE_TYPE_OUTER
, NID_pbes2
, -1, -1, PKCS5_v2_PBE_keyivgen
},
57 {EVP_PBE_TYPE_OUTER
, NID_pbeWithMD2AndRC2_CBC
,
58 NID_rc2_64_cbc
, NID_md2
, PKCS5_PBE_keyivgen
},
59 {EVP_PBE_TYPE_OUTER
, NID_pbeWithMD5AndRC2_CBC
,
60 NID_rc2_64_cbc
, NID_md5
, PKCS5_PBE_keyivgen
},
61 {EVP_PBE_TYPE_OUTER
, NID_pbeWithSHA1AndDES_CBC
,
62 NID_des_cbc
, NID_sha1
, PKCS5_PBE_keyivgen
},
64 {EVP_PBE_TYPE_PRF
, NID_hmacWithSHA1
, -1, NID_sha1
, 0},
65 {EVP_PBE_TYPE_PRF
, NID_hmac_md5
, -1, NID_md5
, 0},
66 {EVP_PBE_TYPE_PRF
, NID_hmac_sha1
, -1, NID_sha1
, 0},
67 {EVP_PBE_TYPE_PRF
, NID_hmacWithMD5
, -1, NID_md5
, 0},
68 {EVP_PBE_TYPE_PRF
, NID_hmacWithSHA224
, -1, NID_sha224
, 0},
69 {EVP_PBE_TYPE_PRF
, NID_hmacWithSHA256
, -1, NID_sha256
, 0},
70 {EVP_PBE_TYPE_PRF
, NID_hmacWithSHA384
, -1, NID_sha384
, 0},
71 {EVP_PBE_TYPE_PRF
, NID_hmacWithSHA512
, -1, NID_sha512
, 0},
72 {EVP_PBE_TYPE_PRF
, NID_id_HMACGostR3411_94
, -1, NID_id_GostR3411_94
, 0},
73 {EVP_PBE_TYPE_PRF
, NID_id_tc26_hmac_gost_3411_2012_256
, -1,
74 NID_id_GostR3411_2012_256
, 0},
75 {EVP_PBE_TYPE_PRF
, NID_id_tc26_hmac_gost_3411_2012_512
, -1,
76 NID_id_GostR3411_2012_512
, 0},
77 {EVP_PBE_TYPE_PRF
, NID_hmacWithSHA512_224
, -1, NID_sha512_224
, 0},
78 {EVP_PBE_TYPE_PRF
, NID_hmacWithSHA512_256
, -1, NID_sha512_256
, 0},
79 {EVP_PBE_TYPE_KDF
, NID_id_pbkdf2
, -1, -1, PKCS5_v2_PBKDF2_keyivgen
},
80 #ifndef OPENSSL_NO_SCRYPT
81 {EVP_PBE_TYPE_KDF
, NID_id_scrypt
, -1, -1, PKCS5_v2_scrypt_keyivgen
}
85 int EVP_PBE_CipherInit(ASN1_OBJECT
*pbe_obj
, const char *pass
, int passlen
,
86 ASN1_TYPE
*param
, EVP_CIPHER_CTX
*ctx
, int en_de
)
88 const EVP_CIPHER
*cipher
;
90 int cipher_nid
, md_nid
;
91 EVP_PBE_KEYGEN
*keygen
;
93 if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER
, OBJ_obj2nid(pbe_obj
),
94 &cipher_nid
, &md_nid
, &keygen
)) {
96 EVPerr(EVP_F_EVP_PBE_CIPHERINIT
, EVP_R_UNKNOWN_PBE_ALGORITHM
);
98 OPENSSL_strlcpy(obj_tmp
, "NULL", sizeof(obj_tmp
));
100 i2t_ASN1_OBJECT(obj_tmp
, sizeof(obj_tmp
), pbe_obj
);
101 ERR_add_error_data(2, "TYPE=", obj_tmp
);
107 else if (passlen
== -1)
108 passlen
= strlen(pass
);
110 if (cipher_nid
== -1)
113 cipher
= EVP_get_cipherbynid(cipher_nid
);
115 EVPerr(EVP_F_EVP_PBE_CIPHERINIT
, EVP_R_UNKNOWN_CIPHER
);
123 md
= EVP_get_digestbynid(md_nid
);
125 EVPerr(EVP_F_EVP_PBE_CIPHERINIT
, EVP_R_UNKNOWN_DIGEST
);
130 if (!keygen(ctx
, pass
, passlen
, param
, cipher
, md
, en_de
)) {
131 EVPerr(EVP_F_EVP_PBE_CIPHERINIT
, EVP_R_KEYGEN_FAILURE
);
137 DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL
, EVP_PBE_CTL
, pbe2
);
139 static int pbe2_cmp(const EVP_PBE_CTL
*pbe1
, const EVP_PBE_CTL
*pbe2
)
141 int ret
= pbe1
->pbe_type
- pbe2
->pbe_type
;
145 return pbe1
->pbe_nid
- pbe2
->pbe_nid
;
148 IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL
, EVP_PBE_CTL
, pbe2
);
150 static int pbe_cmp(const EVP_PBE_CTL
*const *a
, const EVP_PBE_CTL
*const *b
)
152 int ret
= (*a
)->pbe_type
- (*b
)->pbe_type
;
156 return (*a
)->pbe_nid
- (*b
)->pbe_nid
;
159 /* Add a PBE algorithm */
161 int EVP_PBE_alg_add_type(int pbe_type
, int pbe_nid
, int cipher_nid
,
162 int md_nid
, EVP_PBE_KEYGEN
*keygen
)
164 EVP_PBE_CTL
*pbe_tmp
;
166 if (pbe_algs
== NULL
) {
167 pbe_algs
= sk_EVP_PBE_CTL_new(pbe_cmp
);
168 if (pbe_algs
== NULL
)
172 if ((pbe_tmp
= OPENSSL_malloc(sizeof(*pbe_tmp
))) == NULL
)
175 pbe_tmp
->pbe_type
= pbe_type
;
176 pbe_tmp
->pbe_nid
= pbe_nid
;
177 pbe_tmp
->cipher_nid
= cipher_nid
;
178 pbe_tmp
->md_nid
= md_nid
;
179 pbe_tmp
->keygen
= keygen
;
181 if (!sk_EVP_PBE_CTL_push(pbe_algs
, pbe_tmp
)) {
182 OPENSSL_free(pbe_tmp
);
188 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE
, ERR_R_MALLOC_FAILURE
);
192 int EVP_PBE_alg_add(int nid
, const EVP_CIPHER
*cipher
, const EVP_MD
*md
,
193 EVP_PBE_KEYGEN
*keygen
)
195 int cipher_nid
, md_nid
;
198 cipher_nid
= EVP_CIPHER_nid(cipher
);
202 md_nid
= EVP_MD_type(md
);
206 return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER
, nid
,
207 cipher_nid
, md_nid
, keygen
);
210 int EVP_PBE_find(int type
, int pbe_nid
,
211 int *pcnid
, int *pmnid
, EVP_PBE_KEYGEN
**pkeygen
)
213 EVP_PBE_CTL
*pbetmp
= NULL
, pbelu
;
215 if (pbe_nid
== NID_undef
)
218 pbelu
.pbe_type
= type
;
219 pbelu
.pbe_nid
= pbe_nid
;
221 if (pbe_algs
!= NULL
) {
222 i
= sk_EVP_PBE_CTL_find(pbe_algs
, &pbelu
);
223 pbetmp
= sk_EVP_PBE_CTL_value(pbe_algs
, i
);
225 if (pbetmp
== NULL
) {
226 pbetmp
= OBJ_bsearch_pbe2(&pbelu
, builtin_pbe
, OSSL_NELEM(builtin_pbe
));
231 *pcnid
= pbetmp
->cipher_nid
;
233 *pmnid
= pbetmp
->md_nid
;
235 *pkeygen
= pbetmp
->keygen
;
239 static void free_evp_pbe_ctl(EVP_PBE_CTL
*pbe
)
244 void EVP_PBE_cleanup(void)
246 sk_EVP_PBE_CTL_pop_free(pbe_algs
, free_evp_pbe_ctl
);
250 int EVP_PBE_get(int *ptype
, int *ppbe_nid
, size_t num
)
252 const EVP_PBE_CTL
*tpbe
;
254 if (num
>= OSSL_NELEM(builtin_pbe
))
257 tpbe
= builtin_pbe
+ num
;
259 *ptype
= tpbe
->pbe_type
;
261 *ppbe_nid
= tpbe
->pbe_nid
;