]>
git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/pkcs12/p12_crpt.c
2 * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "internal/cryptlib.h"
12 #include <openssl/core.h>
13 #include <openssl/core_names.h>
14 #include "crypto/evp.h"
15 #include <openssl/pkcs12.h>
17 /* PKCS#12 PBE algorithms now in static table */
19 void PKCS12_PBE_add(void)
23 int PKCS12_PBE_keyivgen_ex(EVP_CIPHER_CTX
*ctx
, const char *pass
, int passlen
,
24 ASN1_TYPE
*param
, const EVP_CIPHER
*cipher
,
25 const EVP_MD
*md
, int en_de
,
26 OSSL_LIB_CTX
*libctx
, const char *propq
)
29 int saltlen
, iter
, ret
;
31 unsigned char key
[EVP_MAX_KEY_LENGTH
], iv
[EVP_MAX_IV_LENGTH
];
32 unsigned char *piv
= iv
;
37 /* Extract useful info from parameter */
39 pbe
= ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBEPARAM
), param
);
41 ERR_raise(ERR_LIB_PKCS12
, PKCS12_R_DECODE_ERROR
);
45 if (pbe
->iter
== NULL
)
48 iter
= ASN1_INTEGER_get(pbe
->iter
);
49 salt
= pbe
->salt
->data
;
50 saltlen
= pbe
->salt
->length
;
51 if (!PKCS12_key_gen_utf8_ex(pass
, passlen
, salt
, saltlen
, PKCS12_KEY_ID
,
52 iter
, EVP_CIPHER_get_key_length(cipher
),
55 ERR_raise(ERR_LIB_PKCS12
, PKCS12_R_KEY_GEN_ERROR
);
59 if (EVP_CIPHER_get_iv_length(cipher
) > 0) {
60 if (!PKCS12_key_gen_utf8_ex(pass
, passlen
, salt
, saltlen
, PKCS12_IV_ID
,
61 iter
, EVP_CIPHER_get_iv_length(cipher
),
64 ERR_raise(ERR_LIB_PKCS12
, PKCS12_R_IV_GEN_ERROR
);
72 ret
= EVP_CipherInit_ex(ctx
, cipher
, NULL
, key
, piv
, en_de
);
73 OPENSSL_cleanse(key
, EVP_MAX_KEY_LENGTH
);
74 OPENSSL_cleanse(iv
, EVP_MAX_IV_LENGTH
);
78 int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX
*ctx
, const char *pass
, int passlen
,
79 ASN1_TYPE
*param
, const EVP_CIPHER
*cipher
,
80 const EVP_MD
*md
, int en_de
)
82 return PKCS12_PBE_keyivgen_ex(ctx
, pass
, passlen
, param
, cipher
, md
, en_de
,