This commit was manufactured by cvs2git to create tag 'tb_20250414'.tb_20250414

author: cvs2svn <admin@example.com> 2025-04-14 17:32:06 +0000
committer: cvs2svn <admin@example.com> 2025-04-14 17:32:06 +0000
commit: eb8dd9dca1228af0cd132f515509051ecfabf6f6 (patch)
tree: edb6da6af7e865d488dc1a29309f1e1ec226e603 /src/lib/libcrypto/pkcs12/p12_decr.c
parent: 247f0352e0ed72a4f476db9dc91f4d982bc83eb2 (diff)
download: openbsd-tb_20250414.tar.gz
openbsd-tb_20250414.tar.bz2
openbsd-tb_20250414.zip
1 files changed, 0 insertions, 184 deletions
diff --git a/src/lib/libcrypto/pkcs12/p12_decr.c b/src/lib/libcrypto/pkcs12/p12_decr.c
deleted file mode 100644
index 907d4e52a6..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_decr.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/* $OpenBSD: p12_decr.c,v 1.26 2024/03/02 10:15:16 tb Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include <string.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-#include "evp_local.h"
-/* Encrypt/Decrypt a buffer based on password and algor, result in a
- * malloc'ed buffer
- */
-unsigned char *
-PKCS12_pbe_crypt(const X509_ALGOR *algor, const char *pass, int passlen,
-    const unsigned char *in, int inlen, unsigned char **data, int *datalen,
-    int en_de)
-{
-        unsigned char *out;
-        int outlen, i;
-        EVP_CIPHER_CTX ctx;
-        EVP_CIPHER_CTX_legacy_clear(&ctx);
-        /* Decrypt data */
-        if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen,
-            algor->parameter, &ctx, en_de)) {
-                out = NULL;
-                PKCS12error(PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR);
-                goto err;
-        }
-        if (!(out = malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) {
-                PKCS12error(ERR_R_MALLOC_FAILURE);
-                goto err;
-        }
-        if (!EVP_CipherUpdate(&ctx, out, &i, in, inlen)) {
-                free(out);
-                out = NULL;
-                PKCS12error(ERR_R_EVP_LIB);
-                goto err;
-        }
-        outlen = i;
-        if (!EVP_CipherFinal_ex(&ctx, out + i, &i)) {
-                free(out);
-                out = NULL;
-                PKCS12error(PKCS12_R_PKCS12_CIPHERFINAL_ERROR);
-                goto err;
-        }
-        outlen += i;
-        if (datalen)
-                *datalen = outlen;
-        if (data)
-                *data = out;
-err:
-        EVP_CIPHER_CTX_cleanup(&ctx);
-        return out;
-}
-/* Decrypt an OCTET STRING and decode ASN1 structure
- * if zbuf set zero buffer after use.
- */
-void *
-PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it,
-    const char *pass, int passlen, const ASN1_OCTET_STRING *oct, int zbuf)
-{
-        unsigned char *out;
-        const unsigned char *p;
-        void *ret;
-        int outlen;
-        if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length,
-            &out, &outlen, 0)) {
-                PKCS12error(PKCS12_R_PKCS12_PBE_CRYPT_ERROR);
-                return NULL;
-        }
-        p = out;
-        ret = ASN1_item_d2i(NULL, &p, outlen, it);
-        if (zbuf)
-                explicit_bzero(out, outlen);
-        if (!ret)
-                PKCS12error(PKCS12_R_DECODE_ERROR);
-        free(out);
-        return ret;
-}
-/* Encode ASN1 structure and encrypt, return OCTET STRING
- * if zbuf set zero encoding.
- */
-ASN1_OCTET_STRING *
-PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *it,
-    const char *pass, int passlen,
-    void *obj, int zbuf)
-{
-        ASN1_OCTET_STRING *oct;
-        unsigned char *in = NULL;
-        int inlen;
-        if (!(oct = ASN1_OCTET_STRING_new())) {
-                PKCS12error(ERR_R_MALLOC_FAILURE);
-                return NULL;
-        }
-        inlen = ASN1_item_i2d(obj, &in, it);
-        if (!in) {
-                PKCS12error(PKCS12_R_ENCODE_ERROR);
-                goto err;
-        }
-        if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data,
-            &oct->length, 1)) {
-                PKCS12error(PKCS12_R_ENCRYPT_ERROR);
-                goto err;
-        }
-        if (zbuf)
-                explicit_bzero(in, inlen);
-        free(in);
-        return oct;
-err:
-        free(in);
-        ASN1_OCTET_STRING_free(oct);
-        return NULL;
-}
author	cvs2svn <admin@example.com>	2025-04-14 17:32:06 +0000
committer	cvs2svn <admin@example.com>	2025-04-14 17:32:06 +0000
commit	eb8dd9dca1228af0cd132f515509051ecfabf6f6 (patch)
tree	edb6da6af7e865d488dc1a29309f1e1ec226e603 /src/lib/libcrypto/pkcs12/p12_decr.c
parent	247f0352e0ed72a4f476db9dc91f4d982bc83eb2 (diff)
download	openbsd-tb_20250414.tar.gz openbsd-tb_20250414.tar.bz2 openbsd-tb_20250414.zip

diff --git a/src/lib/libcrypto/pkcs12/p12_decr.c b/src/lib/libcrypto/pkcs12/p12_decr.c deleted file mode 100644 index 907d4e52a6..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_decr.c +++ /dev/null
@@ -1,184 +0,0 @@
1	/* $OpenBSD: p12_decr.c,v 1.26 2024/03/02 10:15:16 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.
4	*/
5	/* ====================================================================
6	* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7	*
8	* Redistribution and use in source and binary forms, with or without
9	* modification, are permitted provided that the following conditions
10	* are met:
11	*
12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.
14	*
15	* 2. Redistributions in binary form must reproduce the above copyright
16	* notice, this list of conditions and the following disclaimer in
17	* the documentation and/or other materials provided with the
18	* distribution.
19	*
20	* 3. All advertising materials mentioning features or use of this
21	* software must display the following acknowledgment:
22	* "This product includes software developed by the OpenSSL Project
23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24	*
25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26	* endorse or promote products derived from this software without
27	* prior written permission. For written permission, please contact
28	* licensing@OpenSSL.org.
29	*
30	* 5. Products derived from this software may not be called "OpenSSL"
31	* nor may "OpenSSL" appear in their names without prior written
32	* permission of the OpenSSL Project.
33	*
34	* 6. Redistributions of any form whatsoever must retain the following
35	* acknowledgment:
36	* "This product includes software developed by the OpenSSL Project
37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38	*
39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	* OF THE POSSIBILITY OF SUCH DAMAGE.
51	* ====================================================================
52	*
53	* This product includes cryptographic software written by Eric Young
54	* (eay@cryptsoft.com). This product includes software written by Tim
55	* Hudson (tjh@cryptsoft.com).
56	*
57	*/
58
59	#include <stdio.h>
60	#include <string.h>
61
62	#include <openssl/err.h>
63	#include <openssl/pkcs12.h>
64
65	#include "evp_local.h"
66
67	/* Encrypt/Decrypt a buffer based on password and algor, result in a
68	* malloc'ed buffer
69	*/
70
71	unsigned char *
72	PKCS12_pbe_crypt(const X509_ALGOR algor, const char pass, int passlen,
73	const unsigned char in, int inlen, unsigned char data, int datalen,
74	int en_de)
75	{
76	unsigned char *out;
77	int outlen, i;
78	EVP_CIPHER_CTX ctx;
79
80	EVP_CIPHER_CTX_legacy_clear(&ctx);
81	/* Decrypt data */
82	if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen,
83	algor->parameter, &ctx, en_de)) {
84	out = NULL;
85	PKCS12error(PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR);
86	goto err;
87	}
88
89	if (!(out = malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) {
90	PKCS12error(ERR_R_MALLOC_FAILURE);
91	goto err;
92	}
93
94	if (!EVP_CipherUpdate(&ctx, out, &i, in, inlen)) {
95	free(out);
96	out = NULL;
97	PKCS12error(ERR_R_EVP_LIB);
98	goto err;
99	}
100
101	outlen = i;
102	if (!EVP_CipherFinal_ex(&ctx, out + i, &i)) {
103	free(out);
104	out = NULL;
105	PKCS12error(PKCS12_R_PKCS12_CIPHERFINAL_ERROR);
106	goto err;
107	}
108	outlen += i;
109	if (datalen)
110	*datalen = outlen;
111	if (data)
112	*data = out;
113
114	err:
115	EVP_CIPHER_CTX_cleanup(&ctx);
116	return out;
117
118	}
119
120	/* Decrypt an OCTET STRING and decode ASN1 structure
121	* if zbuf set zero buffer after use.
122	*/
123
124	void *
125	PKCS12_item_decrypt_d2i(const X509_ALGOR algor, const ASN1_ITEM it,
126	const char pass, int passlen, const ASN1_OCTET_STRING oct, int zbuf)
127	{
128	unsigned char *out;
129	const unsigned char *p;
130	void *ret;
131	int outlen;
132
133	if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length,
134	&out, &outlen, 0)) {
135	PKCS12error(PKCS12_R_PKCS12_PBE_CRYPT_ERROR);
136	return NULL;
137	}
138	p = out;
139	ret = ASN1_item_d2i(NULL, &p, outlen, it);
140	if (zbuf)
141	explicit_bzero(out, outlen);
142	if (!ret)
143	PKCS12error(PKCS12_R_DECODE_ERROR);
144	free(out);
145	return ret;
146	}
147
148	/* Encode ASN1 structure and encrypt, return OCTET STRING
149	* if zbuf set zero encoding.
150	*/
151
152	ASN1_OCTET_STRING *
153	PKCS12_item_i2d_encrypt(X509_ALGOR algor, const ASN1_ITEM it,
154	const char *pass, int passlen,
155	void *obj, int zbuf)
156	{
157	ASN1_OCTET_STRING *oct;
158	unsigned char *in = NULL;
159	int inlen;
160
161	if (!(oct = ASN1_OCTET_STRING_new())) {
162	PKCS12error(ERR_R_MALLOC_FAILURE);
163	return NULL;
164	}
165	inlen = ASN1_item_i2d(obj, &in, it);
166	if (!in) {
167	PKCS12error(PKCS12_R_ENCODE_ERROR);
168	goto err;
169	}
170	if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data,
171	&oct->length, 1)) {
172	PKCS12error(PKCS12_R_ENCRYPT_ERROR);
173	goto err;
174	}
175	if (zbuf)
176	explicit_bzero(in, inlen);
177	free(in);
178	return oct;
179
180	err:
181	free(in);
182	ASN1_OCTET_STRING_free(oct);
183	return NULL;
184	}