diff options
| author | djm <> | 2012-10-13 21:25:14 +0000 |
|---|---|---|
| committer | djm <> | 2012-10-13 21:25:14 +0000 |
| commit | 93723b50b639d8dc717bc1bf463fd46e1b321239 (patch) | |
| tree | 281e0a29ae8f87a8c47fbd4deaa1f3d48b8cc5c1 /src/lib/libcrypto/evp/p5_crpt2.c | |
| parent | 65e72ac55a6405783db7a12d7e35a7561d46005b (diff) | |
| download | openbsd-93723b50b639d8dc717bc1bf463fd46e1b321239.tar.gz openbsd-93723b50b639d8dc717bc1bf463fd46e1b321239.tar.bz2 openbsd-93723b50b639d8dc717bc1bf463fd46e1b321239.zip | |
resolve conflicts
Diffstat (limited to 'src/lib/libcrypto/evp/p5_crpt2.c')
| -rw-r--r-- | src/lib/libcrypto/evp/p5_crpt2.c | 89 |
1 files changed, 56 insertions, 33 deletions
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c index 334379f310..975d004df4 100644 --- a/src/lib/libcrypto/evp/p5_crpt2.c +++ b/src/lib/libcrypto/evp/p5_crpt2.c | |||
| @@ -62,6 +62,7 @@ | |||
| 62 | #include <openssl/x509.h> | 62 | #include <openssl/x509.h> |
| 63 | #include <openssl/evp.h> | 63 | #include <openssl/evp.h> |
| 64 | #include <openssl/hmac.h> | 64 | #include <openssl/hmac.h> |
| 65 | #include "evp_locl.h" | ||
| 65 | 66 | ||
| 66 | /* set this to print out info about the keygen algorithm */ | 67 | /* set this to print out info about the keygen algorithm */ |
| 67 | /* #define DEBUG_PKCS5V2 */ | 68 | /* #define DEBUG_PKCS5V2 */ |
| @@ -110,10 +111,14 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, | |||
| 110 | itmp[1] = (unsigned char)((i >> 16) & 0xff); | 111 | itmp[1] = (unsigned char)((i >> 16) & 0xff); |
| 111 | itmp[2] = (unsigned char)((i >> 8) & 0xff); | 112 | itmp[2] = (unsigned char)((i >> 8) & 0xff); |
| 112 | itmp[3] = (unsigned char)(i & 0xff); | 113 | itmp[3] = (unsigned char)(i & 0xff); |
| 113 | HMAC_Init_ex(&hctx, pass, passlen, digest, NULL); | 114 | if (!HMAC_Init_ex(&hctx, pass, passlen, digest, NULL) |
| 114 | HMAC_Update(&hctx, salt, saltlen); | 115 | || !HMAC_Update(&hctx, salt, saltlen) |
| 115 | HMAC_Update(&hctx, itmp, 4); | 116 | || !HMAC_Update(&hctx, itmp, 4) |
| 116 | HMAC_Final(&hctx, digtmp, NULL); | 117 | || !HMAC_Final(&hctx, digtmp, NULL)) |
| 118 | { | ||
| 119 | HMAC_CTX_cleanup(&hctx); | ||
| 120 | return 0; | ||
| 121 | } | ||
| 117 | memcpy(p, digtmp, cplen); | 122 | memcpy(p, digtmp, cplen); |
| 118 | for(j = 1; j < iter; j++) | 123 | for(j = 1; j < iter; j++) |
| 119 | { | 124 | { |
| @@ -168,27 +173,24 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 168 | ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, | 173 | ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, |
| 169 | int en_de) | 174 | int en_de) |
| 170 | { | 175 | { |
| 171 | unsigned char *salt, key[EVP_MAX_KEY_LENGTH]; | ||
| 172 | const unsigned char *pbuf; | 176 | const unsigned char *pbuf; |
| 173 | int saltlen, iter, plen; | 177 | int plen; |
| 174 | unsigned int keylen; | ||
| 175 | PBE2PARAM *pbe2 = NULL; | 178 | PBE2PARAM *pbe2 = NULL; |
| 176 | const EVP_CIPHER *cipher; | 179 | const EVP_CIPHER *cipher; |
| 177 | PBKDF2PARAM *kdf = NULL; | 180 | |
| 178 | const EVP_MD *prfmd; | 181 | int rv = 0; |
| 179 | int prf_nid, hmac_md_nid; | ||
| 180 | 182 | ||
| 181 | if (param == NULL || param->type != V_ASN1_SEQUENCE || | 183 | if (param == NULL || param->type != V_ASN1_SEQUENCE || |
| 182 | param->value.sequence == NULL) { | 184 | param->value.sequence == NULL) { |
| 183 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); | 185 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); |
| 184 | return 0; | 186 | goto err; |
| 185 | } | 187 | } |
| 186 | 188 | ||
| 187 | pbuf = param->value.sequence->data; | 189 | pbuf = param->value.sequence->data; |
| 188 | plen = param->value.sequence->length; | 190 | plen = param->value.sequence->length; |
| 189 | if(!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) { | 191 | if(!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) { |
| 190 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); | 192 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); |
| 191 | return 0; | 193 | goto err; |
| 192 | } | 194 | } |
| 193 | 195 | ||
| 194 | /* See if we recognise the key derivation function */ | 196 | /* See if we recognise the key derivation function */ |
| @@ -211,38 +213,63 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 211 | } | 213 | } |
| 212 | 214 | ||
| 213 | /* Fixup cipher based on AlgorithmIdentifier */ | 215 | /* Fixup cipher based on AlgorithmIdentifier */ |
| 214 | EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de); | 216 | if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de)) |
| 217 | goto err; | ||
| 215 | if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) { | 218 | if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) { |
| 216 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, | 219 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, |
| 217 | EVP_R_CIPHER_PARAMETER_ERROR); | 220 | EVP_R_CIPHER_PARAMETER_ERROR); |
| 218 | goto err; | 221 | goto err; |
| 219 | } | 222 | } |
| 223 | rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen, | ||
| 224 | pbe2->keyfunc->parameter, c, md, en_de); | ||
| 225 | err: | ||
| 226 | PBE2PARAM_free(pbe2); | ||
| 227 | return rv; | ||
| 228 | } | ||
| 229 | |||
| 230 | int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | ||
| 231 | ASN1_TYPE *param, | ||
| 232 | const EVP_CIPHER *c, const EVP_MD *md, int en_de) | ||
| 233 | { | ||
| 234 | unsigned char *salt, key[EVP_MAX_KEY_LENGTH]; | ||
| 235 | const unsigned char *pbuf; | ||
| 236 | int saltlen, iter, plen; | ||
| 237 | int rv = 0; | ||
| 238 | unsigned int keylen = 0; | ||
| 239 | int prf_nid, hmac_md_nid; | ||
| 240 | PBKDF2PARAM *kdf = NULL; | ||
| 241 | const EVP_MD *prfmd; | ||
| 242 | |||
| 243 | if (EVP_CIPHER_CTX_cipher(ctx) == NULL) | ||
| 244 | { | ||
| 245 | EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_NO_CIPHER_SET); | ||
| 246 | goto err; | ||
| 247 | } | ||
| 220 | keylen = EVP_CIPHER_CTX_key_length(ctx); | 248 | keylen = EVP_CIPHER_CTX_key_length(ctx); |
| 221 | OPENSSL_assert(keylen <= sizeof key); | 249 | OPENSSL_assert(keylen <= sizeof key); |
| 222 | 250 | ||
| 223 | /* Now decode key derivation function */ | 251 | /* Decode parameter */ |
| 224 | 252 | ||
| 225 | if(!pbe2->keyfunc->parameter || | 253 | if(!param || (param->type != V_ASN1_SEQUENCE)) |
| 226 | (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE)) | ||
| 227 | { | 254 | { |
| 228 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); | 255 | EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR); |
| 229 | goto err; | 256 | goto err; |
| 230 | } | 257 | } |
| 231 | 258 | ||
| 232 | pbuf = pbe2->keyfunc->parameter->value.sequence->data; | 259 | pbuf = param->value.sequence->data; |
| 233 | plen = pbe2->keyfunc->parameter->value.sequence->length; | 260 | plen = param->value.sequence->length; |
| 261 | |||
| 234 | if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) { | 262 | if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) { |
| 235 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); | 263 | EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR); |
| 236 | goto err; | 264 | goto err; |
| 237 | } | 265 | } |
| 238 | 266 | ||
| 239 | PBE2PARAM_free(pbe2); | 267 | keylen = EVP_CIPHER_CTX_key_length(ctx); |
| 240 | pbe2 = NULL; | ||
| 241 | 268 | ||
| 242 | /* Now check the parameters of the kdf */ | 269 | /* Now check the parameters of the kdf */ |
| 243 | 270 | ||
| 244 | if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){ | 271 | if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){ |
| 245 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, | 272 | EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, |
| 246 | EVP_R_UNSUPPORTED_KEYLENGTH); | 273 | EVP_R_UNSUPPORTED_KEYLENGTH); |
| 247 | goto err; | 274 | goto err; |
| 248 | } | 275 | } |
| @@ -254,19 +281,19 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 254 | 281 | ||
| 255 | if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0)) | 282 | if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0)) |
| 256 | { | 283 | { |
| 257 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF); | 284 | EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF); |
| 258 | goto err; | 285 | goto err; |
| 259 | } | 286 | } |
| 260 | 287 | ||
| 261 | prfmd = EVP_get_digestbynid(hmac_md_nid); | 288 | prfmd = EVP_get_digestbynid(hmac_md_nid); |
| 262 | if (prfmd == NULL) | 289 | if (prfmd == NULL) |
| 263 | { | 290 | { |
| 264 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF); | 291 | EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF); |
| 265 | goto err; | 292 | goto err; |
| 266 | } | 293 | } |
| 267 | 294 | ||
| 268 | if(kdf->salt->type != V_ASN1_OCTET_STRING) { | 295 | if(kdf->salt->type != V_ASN1_OCTET_STRING) { |
| 269 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, | 296 | EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, |
| 270 | EVP_R_UNSUPPORTED_SALT_TYPE); | 297 | EVP_R_UNSUPPORTED_SALT_TYPE); |
| 271 | goto err; | 298 | goto err; |
| 272 | } | 299 | } |
| @@ -278,15 +305,11 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 278 | if(!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd, | 305 | if(!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd, |
| 279 | keylen, key)) | 306 | keylen, key)) |
| 280 | goto err; | 307 | goto err; |
| 281 | EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); | 308 | rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); |
| 282 | OPENSSL_cleanse(key, keylen); | ||
| 283 | PBKDF2PARAM_free(kdf); | ||
| 284 | return 1; | ||
| 285 | |||
| 286 | err: | 309 | err: |
| 287 | PBE2PARAM_free(pbe2); | 310 | OPENSSL_cleanse(key, keylen); |
| 288 | PBKDF2PARAM_free(kdf); | 311 | PBKDF2PARAM_free(kdf); |
| 289 | return 0; | 312 | return rv; |
| 290 | } | 313 | } |
| 291 | 314 | ||
| 292 | #ifdef DEBUG_PKCS5V2 | 315 | #ifdef DEBUG_PKCS5V2 |