]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/evp/evp_key.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Remove the possibility to disable the UI module entirely
[thirdparty/openssl.git] / crypto / evp / evp_key.c
1 /*
2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include "internal/cryptlib.h"
12 #include <openssl/x509.h>
13 #include <openssl/objects.h>
14 #include <openssl/evp.h>
15 #include <openssl/ui.h>
16
17 /* should be init to zeros. */
18 static char prompt_string[80];
19
20 void EVP_set_pw_prompt(const char *prompt)
21 {
22 if (prompt == NULL)
23 prompt_string[0] = '\0';
24 else {
25 strncpy(prompt_string, prompt, 79);
26 prompt_string[79] = '\0';
27 }
28 }
29
30 char *EVP_get_pw_prompt(void)
31 {
32 if (prompt_string[0] == '\0')
33 return (NULL);
34 else
35 return (prompt_string);
36 }
37
38 /*
39 * For historical reasons, the standard function for reading passwords is in
40 * the DES library -- if someone ever wants to disable DES, this function
41 * will fail
42 */
43 int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
44 {
45 return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
46 }
47
48 int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
49 int verify)
50 {
51 int ret;
52 char buff[BUFSIZ];
53 UI *ui;
54
55 if ((prompt == NULL) && (prompt_string[0] != '\0'))
56 prompt = prompt_string;
57 ui = UI_new();
58 if (ui == NULL)
59 return -1;
60 UI_add_input_string(ui, prompt, 0, buf, min,
61 (len >= BUFSIZ) ? BUFSIZ - 1 : len);
62 if (verify)
63 UI_add_verify_string(ui, prompt, 0,
64 buff, min, (len >= BUFSIZ) ? BUFSIZ - 1 : len,
65 buf);
66 ret = UI_process(ui);
67 UI_free(ui);
68 OPENSSL_cleanse(buff, BUFSIZ);
69 return ret;
70 }
71
72 int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
73 const unsigned char *salt, const unsigned char *data,
74 int datal, int count, unsigned char *key,
75 unsigned char *iv)
76 {
77 EVP_MD_CTX *c;
78 unsigned char md_buf[EVP_MAX_MD_SIZE];
79 int niv, nkey, addmd = 0;
80 unsigned int mds = 0, i;
81 int rv = 0;
82 nkey = EVP_CIPHER_key_length(type);
83 niv = EVP_CIPHER_iv_length(type);
84 OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
85 OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
86
87 if (data == NULL)
88 return (nkey);
89
90 c = EVP_MD_CTX_new();
91 if (c == NULL)
92 goto err;
93 for (;;) {
94 if (!EVP_DigestInit_ex(c, md, NULL))
95 goto err;
96 if (addmd++)
97 if (!EVP_DigestUpdate(c, &(md_buf[0]), mds))
98 goto err;
99 if (!EVP_DigestUpdate(c, data, datal))
100 goto err;
101 if (salt != NULL)
102 if (!EVP_DigestUpdate(c, salt, PKCS5_SALT_LEN))
103 goto err;
104 if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds))
105 goto err;
106
107 for (i = 1; i < (unsigned int)count; i++) {
108 if (!EVP_DigestInit_ex(c, md, NULL))
109 goto err;
110 if (!EVP_DigestUpdate(c, &(md_buf[0]), mds))
111 goto err;
112 if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds))
113 goto err;
114 }
115 i = 0;
116 if (nkey) {
117 for (;;) {
118 if (nkey == 0)
119 break;
120 if (i == mds)
121 break;
122 if (key != NULL)
123 *(key++) = md_buf[i];
124 nkey--;
125 i++;
126 }
127 }
128 if (niv && (i != mds)) {
129 for (;;) {
130 if (niv == 0)
131 break;
132 if (i == mds)
133 break;
134 if (iv != NULL)
135 *(iv++) = md_buf[i];
136 niv--;
137 i++;
138 }
139 }
140 if ((nkey == 0) && (niv == 0))
141 break;
142 }
143 rv = EVP_CIPHER_key_length(type);
144 err:
145 EVP_MD_CTX_free(c);
146 OPENSSL_cleanse(md_buf, sizeof(md_buf));
147 return rv;
148 }
A mirror of the official openssl repository