2 * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "internal/cryptlib.h"
12 #include <openssl/evp.h>
13 #include <openssl/pkcs12.h>
14 #include <openssl/x509.h>
15 #include "crypto/evp.h"
16 #include "evp_local.h"
18 /* Password based encryption (PBE) functions */
20 /* Setup a cipher context from a PBE algorithm */
27 EVP_PBE_KEYGEN
*keygen
;
30 static STACK_OF(EVP_PBE_CTL
) *pbe_algs
;
32 static const EVP_PBE_CTL builtin_pbe
[] = {
33 {EVP_PBE_TYPE_OUTER
, NID_pbeWithMD2AndDES_CBC
,
34 NID_des_cbc
, NID_md2
, PKCS5_PBE_keyivgen
},
35 {EVP_PBE_TYPE_OUTER
, NID_pbeWithMD5AndDES_CBC
,
36 NID_des_cbc
, NID_md5
, PKCS5_PBE_keyivgen
},
37 {EVP_PBE_TYPE_OUTER
, NID_pbeWithSHA1AndRC2_CBC
,
38 NID_rc2_64_cbc
, NID_sha1
, PKCS5_PBE_keyivgen
},
40 {EVP_PBE_TYPE_OUTER
, NID_id_pbkdf2
, -1, -1, PKCS5_v2_PBKDF2_keyivgen
},
42 {EVP_PBE_TYPE_OUTER
, NID_pbe_WithSHA1And128BitRC4
,
43 NID_rc4
, NID_sha1
, PKCS12_PBE_keyivgen
},
44 {EVP_PBE_TYPE_OUTER
, NID_pbe_WithSHA1And40BitRC4
,
45 NID_rc4_40
, NID_sha1
, PKCS12_PBE_keyivgen
},
46 {EVP_PBE_TYPE_OUTER
, NID_pbe_WithSHA1And3_Key_TripleDES_CBC
,
47 NID_des_ede3_cbc
, NID_sha1
, PKCS12_PBE_keyivgen
},
48 {EVP_PBE_TYPE_OUTER
, NID_pbe_WithSHA1And2_Key_TripleDES_CBC
,
49 NID_des_ede_cbc
, NID_sha1
, PKCS12_PBE_keyivgen
},
50 {EVP_PBE_TYPE_OUTER
, NID_pbe_WithSHA1And128BitRC2_CBC
,
51 NID_rc2_cbc
, NID_sha1
, PKCS12_PBE_keyivgen
},
52 {EVP_PBE_TYPE_OUTER
, NID_pbe_WithSHA1And40BitRC2_CBC
,
53 NID_rc2_40_cbc
, NID_sha1
, PKCS12_PBE_keyivgen
},
55 {EVP_PBE_TYPE_OUTER
, NID_pbes2
, -1, -1, PKCS5_v2_PBE_keyivgen
},
57 {EVP_PBE_TYPE_OUTER
, NID_pbeWithMD2AndRC2_CBC
,
58 NID_rc2_64_cbc
, NID_md2
, PKCS5_PBE_keyivgen
},
59 {EVP_PBE_TYPE_OUTER
, NID_pbeWithMD5AndRC2_CBC
,
60 NID_rc2_64_cbc
, NID_md5
, PKCS5_PBE_keyivgen
},
61 {EVP_PBE_TYPE_OUTER
, NID_pbeWithSHA1AndDES_CBC
,
62 NID_des_cbc
, NID_sha1
, PKCS5_PBE_keyivgen
},
64 {EVP_PBE_TYPE_PRF
, NID_hmacWithSHA1
, -1, NID_sha1
, 0},
65 {EVP_PBE_TYPE_PRF
, NID_hmac_md5
, -1, NID_md5
, 0},
66 {EVP_PBE_TYPE_PRF
, NID_hmac_sha1
, -1, NID_sha1
, 0},
67 {EVP_PBE_TYPE_PRF
, NID_hmacWithMD5
, -1, NID_md5
, 0},
68 {EVP_PBE_TYPE_PRF
, NID_hmacWithSHA224
, -1, NID_sha224
, 0},
69 {EVP_PBE_TYPE_PRF
, NID_hmacWithSHA256
, -1, NID_sha256
, 0},
70 {EVP_PBE_TYPE_PRF
, NID_hmacWithSHA384
, -1, NID_sha384
, 0},
71 {EVP_PBE_TYPE_PRF
, NID_hmacWithSHA512
, -1, NID_sha512
, 0},
72 {EVP_PBE_TYPE_PRF
, NID_id_HMACGostR3411_94
, -1, NID_id_GostR3411_94
, 0},
73 {EVP_PBE_TYPE_PRF
, NID_id_tc26_hmac_gost_3411_2012_256
, -1,
74 NID_id_GostR3411_2012_256
, 0},
75 {EVP_PBE_TYPE_PRF
, NID_id_tc26_hmac_gost_3411_2012_512
, -1,
76 NID_id_GostR3411_2012_512
, 0},
77 {EVP_PBE_TYPE_PRF
, NID_hmacWithSHA512_224
, -1, NID_sha512_224
, 0},
78 {EVP_PBE_TYPE_PRF
, NID_hmacWithSHA512_256
, -1, NID_sha512_256
, 0},
79 {EVP_PBE_TYPE_KDF
, NID_id_pbkdf2
, -1, -1, PKCS5_v2_PBKDF2_keyivgen
},
80 #ifndef OPENSSL_NO_SCRYPT
81 {EVP_PBE_TYPE_KDF
, NID_id_scrypt
, -1, -1, PKCS5_v2_scrypt_keyivgen
}
85 int EVP_PBE_CipherInit(ASN1_OBJECT
*pbe_obj
, const char *pass
, int passlen
,
86 ASN1_TYPE
*param
, EVP_CIPHER_CTX
*ctx
, int en_de
)
88 const EVP_CIPHER
*cipher
;
90 int cipher_nid
, md_nid
;
91 EVP_PBE_KEYGEN
*keygen
;
93 if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER
, OBJ_obj2nid(pbe_obj
),
94 &cipher_nid
, &md_nid
, &keygen
)) {
97 EVPerr(EVP_F_EVP_PBE_CIPHERINIT
, EVP_R_UNKNOWN_PBE_ALGORITHM
);
99 OPENSSL_strlcpy(obj_tmp
, "NULL", sizeof(obj_tmp
));
101 i2t_ASN1_OBJECT(obj_tmp
, sizeof(obj_tmp
), pbe_obj
);
102 ERR_add_error_data(2, "TYPE=", obj_tmp
);
108 else if (passlen
== -1)
109 passlen
= strlen(pass
);
111 if (cipher_nid
== -1)
114 cipher
= EVP_get_cipherbynid(cipher_nid
);
116 EVPerr(EVP_F_EVP_PBE_CIPHERINIT
, EVP_R_UNKNOWN_CIPHER
);
124 md
= EVP_get_digestbynid(md_nid
);
126 EVPerr(EVP_F_EVP_PBE_CIPHERINIT
, EVP_R_UNKNOWN_DIGEST
);
131 if (!keygen(ctx
, pass
, passlen
, param
, cipher
, md
, en_de
)) {
132 EVPerr(EVP_F_EVP_PBE_CIPHERINIT
, EVP_R_KEYGEN_FAILURE
);
138 DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL
, EVP_PBE_CTL
, pbe2
);
140 static int pbe2_cmp(const EVP_PBE_CTL
*pbe1
, const EVP_PBE_CTL
*pbe2
)
142 int ret
= pbe1
->pbe_type
- pbe2
->pbe_type
;
146 return pbe1
->pbe_nid
- pbe2
->pbe_nid
;
149 IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL
, EVP_PBE_CTL
, pbe2
);
151 static int pbe_cmp(const EVP_PBE_CTL
*const *a
, const EVP_PBE_CTL
*const *b
)
153 int ret
= (*a
)->pbe_type
- (*b
)->pbe_type
;
157 return (*a
)->pbe_nid
- (*b
)->pbe_nid
;
160 /* Add a PBE algorithm */
162 int EVP_PBE_alg_add_type(int pbe_type
, int pbe_nid
, int cipher_nid
,
163 int md_nid
, EVP_PBE_KEYGEN
*keygen
)
165 EVP_PBE_CTL
*pbe_tmp
;
167 if (pbe_algs
== NULL
) {
168 pbe_algs
= sk_EVP_PBE_CTL_new(pbe_cmp
);
169 if (pbe_algs
== NULL
)
173 if ((pbe_tmp
= OPENSSL_malloc(sizeof(*pbe_tmp
))) == NULL
)
176 pbe_tmp
->pbe_type
= pbe_type
;
177 pbe_tmp
->pbe_nid
= pbe_nid
;
178 pbe_tmp
->cipher_nid
= cipher_nid
;
179 pbe_tmp
->md_nid
= md_nid
;
180 pbe_tmp
->keygen
= keygen
;
182 if (!sk_EVP_PBE_CTL_push(pbe_algs
, pbe_tmp
)) {
183 OPENSSL_free(pbe_tmp
);
189 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE
, ERR_R_MALLOC_FAILURE
);
193 int EVP_PBE_alg_add(int nid
, const EVP_CIPHER
*cipher
, const EVP_MD
*md
,
194 EVP_PBE_KEYGEN
*keygen
)
196 int cipher_nid
, md_nid
;
199 cipher_nid
= EVP_CIPHER_nid(cipher
);
203 md_nid
= EVP_MD_type(md
);
207 return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER
, nid
,
208 cipher_nid
, md_nid
, keygen
);
211 int EVP_PBE_find(int type
, int pbe_nid
,
212 int *pcnid
, int *pmnid
, EVP_PBE_KEYGEN
**pkeygen
)
214 EVP_PBE_CTL
*pbetmp
= NULL
, pbelu
;
216 if (pbe_nid
== NID_undef
)
219 pbelu
.pbe_type
= type
;
220 pbelu
.pbe_nid
= pbe_nid
;
222 if (pbe_algs
!= NULL
) {
223 i
= sk_EVP_PBE_CTL_find(pbe_algs
, &pbelu
);
224 pbetmp
= sk_EVP_PBE_CTL_value(pbe_algs
, i
);
226 if (pbetmp
== NULL
) {
227 pbetmp
= OBJ_bsearch_pbe2(&pbelu
, builtin_pbe
, OSSL_NELEM(builtin_pbe
));
232 *pcnid
= pbetmp
->cipher_nid
;
234 *pmnid
= pbetmp
->md_nid
;
236 *pkeygen
= pbetmp
->keygen
;
240 static void free_evp_pbe_ctl(EVP_PBE_CTL
*pbe
)
245 void EVP_PBE_cleanup(void)
247 sk_EVP_PBE_CTL_pop_free(pbe_algs
, free_evp_pbe_ctl
);
251 int EVP_PBE_get(int *ptype
, int *ppbe_nid
, size_t num
)
253 const EVP_PBE_CTL
*tpbe
;
255 if (num
>= OSSL_NELEM(builtin_pbe
))
258 tpbe
= builtin_pbe
+ num
;
260 *ptype
= tpbe
->pbe_type
;
262 *ppbe_nid
= tpbe
->pbe_nid
;