]>
git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/evp/p5_crpt.c
2 * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
12 #include "internal/cryptlib.h"
13 #include <openssl/x509.h>
14 #include <openssl/evp.h>
17 * Doesn't do anything now: Builtin PBE algorithms in static table.
20 void PKCS5_PBE_add(void)
24 int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX
*cctx
, const char *pass
, int passlen
,
25 ASN1_TYPE
*param
, const EVP_CIPHER
*cipher
,
26 const EVP_MD
*md
, int en_de
)
29 unsigned char md_tmp
[EVP_MAX_MD_SIZE
];
30 unsigned char key
[EVP_MAX_KEY_LENGTH
], iv
[EVP_MAX_IV_LENGTH
];
38 /* Extract useful info from parameter */
39 if (param
== NULL
|| param
->type
!= V_ASN1_SEQUENCE
||
40 param
->value
.sequence
== NULL
) {
41 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN
, EVP_R_DECODE_ERROR
);
45 pbe
= ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBEPARAM
), param
);
47 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN
, EVP_R_DECODE_ERROR
);
54 iter
= ASN1_INTEGER_get(pbe
->iter
);
55 salt
= pbe
->salt
->data
;
56 saltlen
= pbe
->salt
->length
;
60 else if (passlen
== -1)
61 passlen
= strlen(pass
);
63 ctx
= EVP_MD_CTX_new();
65 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN
, ERR_R_MALLOC_FAILURE
);
69 if (!EVP_DigestInit_ex(ctx
, md
, NULL
))
71 if (!EVP_DigestUpdate(ctx
, pass
, passlen
))
73 if (!EVP_DigestUpdate(ctx
, salt
, saltlen
))
76 if (!EVP_DigestFinal_ex(ctx
, md_tmp
, NULL
))
78 mdsize
= EVP_MD_size(md
);
81 for (i
= 1; i
< iter
; i
++) {
82 if (!EVP_DigestInit_ex(ctx
, md
, NULL
))
84 if (!EVP_DigestUpdate(ctx
, md_tmp
, mdsize
))
86 if (!EVP_DigestFinal_ex(ctx
, md_tmp
, NULL
))
89 OPENSSL_assert(EVP_CIPHER_key_length(cipher
) <= (int)sizeof(md_tmp
));
90 memcpy(key
, md_tmp
, EVP_CIPHER_key_length(cipher
));
91 OPENSSL_assert(EVP_CIPHER_iv_length(cipher
) <= 16);
92 memcpy(iv
, md_tmp
+ (16 - EVP_CIPHER_iv_length(cipher
)),
93 EVP_CIPHER_iv_length(cipher
));
94 if (!EVP_CipherInit_ex(cctx
, cipher
, NULL
, key
, iv
, en_de
))
96 OPENSSL_cleanse(md_tmp
, EVP_MAX_MD_SIZE
);
97 OPENSSL_cleanse(key
, EVP_MAX_KEY_LENGTH
);
98 OPENSSL_cleanse(iv
, EVP_MAX_IV_LENGTH
);
101 EVP_MD_CTX_free(ctx
);