1 files changed, 0 insertions, 267 deletions
diff --git a/src/lib/libcrypto/cms/cms_enc.c b/src/lib/libcrypto/cms/cms_enc.c
deleted file mode 100644
index c967a18a3c..0000000000
--- a/src/lib/libcrypto/cms/cms_enc.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/* $OpenBSD: cms_enc.c,v 1.7 2015/09/10 15:56:25 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-#include <stdlib.h>
-#include <openssl/asn1t.h>
-#include <openssl/cms.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include "cms_lcl.h"
-/* CMS EncryptedData Utilities */
-DECLARE_ASN1_ITEM(CMS_EncryptedData)
-/* Return BIO based on EncryptedContentInfo and key */
-BIO *
-cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
-{
-        BIO *b;
-        EVP_CIPHER_CTX *ctx;
-        const EVP_CIPHER *ciph;
-        X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
-        unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
-        unsigned char *tkey = NULL;
-        size_t tkeylen = 0;
-        int ok = 0;
-        int enc, keep_key = 0;
-        enc = ec->cipher ? 1 : 0;
-        b = BIO_new(BIO_f_cipher());
-        if (!b) {
-                CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                    ERR_R_MALLOC_FAILURE);
-                return NULL;
-        }
-        BIO_get_cipher_ctx(b, &ctx);
-        if (enc) {
-                ciph = ec->cipher;
-                /* If not keeping key set cipher to NULL so subsequent calls
-                 * decrypt.
-                 */
-                if (ec->key)
-                        ec->cipher = NULL;
-        } else {
-                ciph = EVP_get_cipherbyobj(calg->algorithm);
-                if (!ciph) {
-                        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                            CMS_R_UNKNOWN_CIPHER);
-                        goto err;
-                }
-        }
-        if (EVP_CipherInit_ex(ctx, ciph, NULL, NULL, NULL, enc) <= 0) {
-                CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                    CMS_R_CIPHER_INITIALISATION_ERROR);
-                goto err;
-        }
-        if (enc) {
-                int ivlen;
-                calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
-                /* Generate a random IV if we need one */
-                ivlen = EVP_CIPHER_CTX_iv_length(ctx);
-                if (ivlen > 0) {
-                        arc4random_buf(iv, ivlen);
-                        piv = iv;
-                }
-        } else if (EVP_CIPHER_asn1_to_param(ctx, calg->parameter) <= 0) {
-                CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                    CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
-                goto err;
-        }
-        tkeylen = EVP_CIPHER_CTX_key_length(ctx);
-        /* Generate random session key */
-        if (!enc || !ec->key) {
-                tkey = malloc(tkeylen);
-                if (!tkey) {
-                        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                            ERR_R_MALLOC_FAILURE);
-                        goto err;
-                }
-                if (EVP_CIPHER_CTX_rand_key(ctx, tkey) <= 0)
-                        goto err;
-        }
-        if (!ec->key) {
-                ec->key = tkey;
-                ec->keylen = tkeylen;
-                tkey = NULL;
-                if (enc)
-                        keep_key = 1;
-                else
-                        ERR_clear_error();
-        }
-        if (ec->keylen != tkeylen) {
-                /* If necessary set key length */
-                if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0) {
-                        /* Only reveal failure if debugging so we don't
-                         * leak information which may be useful in MMA.
-                         */
-                        if (enc || ec->debug) {
-                                CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                                    CMS_R_INVALID_KEY_LENGTH);
-                                goto err;
-                        } else {
-                                /* Use random key */
-                                explicit_bzero(ec->key, ec->keylen);
-                                free(ec->key);
-                                ec->key = tkey;
-                                ec->keylen = tkeylen;
-                                tkey = NULL;
-                                ERR_clear_error();
-                        }
-                }
-        }
-        if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0) {
-                CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                    CMS_R_CIPHER_INITIALISATION_ERROR);
-                goto err;
-        }
-        if (piv) {
-                calg->parameter = ASN1_TYPE_new();
-                if (!calg->parameter) {
-                        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                            ERR_R_MALLOC_FAILURE);
-                        goto err;
-                }
-                if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
-                        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                            CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
-                        goto err;
-                }
-        }
-        ok = 1;
-err:
-        if (ec->key && !keep_key) {
-                explicit_bzero(ec->key, ec->keylen);
-                free(ec->key);
-                ec->key = NULL;
-        }
-        if (tkey) {
-                explicit_bzero(tkey, tkeylen);
-                free(tkey);
-        }
-        if (ok)
-                return b;
-        BIO_free(b);
-        return NULL;
-}
-int
-cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
-    const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen)
-{
-        ec->cipher = cipher;
-        if (key) {
-                ec->key = malloc(keylen);
-                if (!ec->key)
-                        return 0;
-                memcpy(ec->key, key, keylen);
-        }
-        ec->keylen = keylen;
-        if (cipher)
-                ec->contentType = OBJ_nid2obj(NID_pkcs7_data);
-        return 1;
-}
-int
-CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
-    const unsigned char *key, size_t keylen)
-{
-        CMS_EncryptedContentInfo *ec;
-        if (!key || !keylen) {
-                CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, CMS_R_NO_KEY);
-                return 0;
-        }
-        if (ciph) {
-                cms->d.encryptedData = M_ASN1_new_of(CMS_EncryptedData);
-                if (!cms->d.encryptedData) {
-                        CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY,
-                            ERR_R_MALLOC_FAILURE);
-                        return 0;
-                }
-                cms->contentType = OBJ_nid2obj(NID_pkcs7_encrypted);
-                cms->d.encryptedData->version = 0;
-        } else if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_encrypted) {
-                CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY,
-                    CMS_R_NOT_ENCRYPTED_DATA);
-                return 0;
-        }
-        ec = cms->d.encryptedData->encryptedContentInfo;
-        return cms_EncryptedContent_init(ec, ciph, key, keylen);
-}
-BIO *
-cms_EncryptedData_init_bio(CMS_ContentInfo *cms)
-{
-        CMS_EncryptedData *enc = cms->d.encryptedData;
-        if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs)
-                enc->version = 2;
-        return cms_EncryptedContent_init_bio(enc->encryptedContentInfo);
-}

diff --git a/src/lib/libcrypto/cms/cms_enc.c b/src/lib/libcrypto/cms/cms_enc.c deleted file mode 100644 index c967a18a3c..0000000000 --- a/src/lib/libcrypto/cms/cms_enc.c +++ /dev/null
@@ -1,267 +0,0 @@
1	/* $OpenBSD: cms_enc.c,v 1.7 2015/09/10 15:56:25 jsing Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project.
4	*/
5	/* ====================================================================
6	* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
7	*
8	* Redistribution and use in source and binary forms, with or without
9	* modification, are permitted provided that the following conditions
10	* are met:
11	*
12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.
14	*
15	* 2. Redistributions in binary form must reproduce the above copyright
16	* notice, this list of conditions and the following disclaimer in
17	* the documentation and/or other materials provided with the
18	* distribution.
19	*
20	* 3. All advertising materials mentioning features or use of this
21	* software must display the following acknowledgment:
22	* "This product includes software developed by the OpenSSL Project
23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24	*
25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26	* endorse or promote products derived from this software without
27	* prior written permission. For written permission, please contact
28	* licensing@OpenSSL.org.
29	*
30	* 5. Products derived from this software may not be called "OpenSSL"
31	* nor may "OpenSSL" appear in their names without prior written
32	* permission of the OpenSSL Project.
33	*
34	* 6. Redistributions of any form whatsoever must retain the following
35	* acknowledgment:
36	* "This product includes software developed by the OpenSSL Project
37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38	*
39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	* OF THE POSSIBILITY OF SUCH DAMAGE.
51	* ====================================================================
52	*/
53
54	#include <stdlib.h>
55
56	#include <openssl/asn1t.h>
57	#include <openssl/cms.h>
58	#include <openssl/err.h>
59	#include <openssl/pem.h>
60	#include <openssl/x509v3.h>
61
62	#include "cms_lcl.h"
63
64	/* CMS EncryptedData Utilities */
65
66	DECLARE_ASN1_ITEM(CMS_EncryptedData)
67
68	/* Return BIO based on EncryptedContentInfo and key */
69
70	BIO *
71	cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
72	{
73	BIO *b;
74	EVP_CIPHER_CTX *ctx;
75	const EVP_CIPHER *ciph;
76	X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
77	unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
78	unsigned char *tkey = NULL;
79	size_t tkeylen = 0;
80	int ok = 0;
81	int enc, keep_key = 0;
82
83	enc = ec->cipher ? 1 : 0;
84
85	b = BIO_new(BIO_f_cipher());
86	if (!b) {
87	CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
88	ERR_R_MALLOC_FAILURE);
89	return NULL;
90	}
91
92	BIO_get_cipher_ctx(b, &ctx);
93
94	if (enc) {
95	ciph = ec->cipher;
96	/* If not keeping key set cipher to NULL so subsequent calls
97	* decrypt.
98	*/
99	if (ec->key)
100	ec->cipher = NULL;
101	} else {
102	ciph = EVP_get_cipherbyobj(calg->algorithm);
103
104	if (!ciph) {
105	CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
106	CMS_R_UNKNOWN_CIPHER);
107	goto err;
108	}
109	}
110
111	if (EVP_CipherInit_ex(ctx, ciph, NULL, NULL, NULL, enc) <= 0) {
112	CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
113	CMS_R_CIPHER_INITIALISATION_ERROR);
114	goto err;
115	}
116
117	if (enc) {
118	int ivlen;
119	calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
120	/* Generate a random IV if we need one */
121	ivlen = EVP_CIPHER_CTX_iv_length(ctx);
122	if (ivlen > 0) {
123	arc4random_buf(iv, ivlen);
124	piv = iv;
125	}
126	} else if (EVP_CIPHER_asn1_to_param(ctx, calg->parameter) <= 0) {
127	CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
128	CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
129	goto err;
130	}
131	tkeylen = EVP_CIPHER_CTX_key_length(ctx);
132	/* Generate random session key */
133	if (!enc \|\| !ec->key) {
134	tkey = malloc(tkeylen);
135	if (!tkey) {
136	CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
137	ERR_R_MALLOC_FAILURE);
138	goto err;
139	}
140	if (EVP_CIPHER_CTX_rand_key(ctx, tkey) <= 0)
141	goto err;
142	}
143
144	if (!ec->key) {
145	ec->key = tkey;
146	ec->keylen = tkeylen;
147	tkey = NULL;
148	if (enc)
149	keep_key = 1;
150	else
151	ERR_clear_error();
152
153	}
154
155	if (ec->keylen != tkeylen) {
156	/* If necessary set key length */
157	if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0) {
158	/* Only reveal failure if debugging so we don't
159	* leak information which may be useful in MMA.
160	*/
161	if (enc \|\| ec->debug) {
162	CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
163	CMS_R_INVALID_KEY_LENGTH);
164	goto err;
165	} else {
166	/* Use random key */
167	explicit_bzero(ec->key, ec->keylen);
168	free(ec->key);
169	ec->key = tkey;
170	ec->keylen = tkeylen;
171	tkey = NULL;
172	ERR_clear_error();
173	}
174	}
175	}
176
177	if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0) {
178	CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
179	CMS_R_CIPHER_INITIALISATION_ERROR);
180	goto err;
181	}
182
183	if (piv) {
184	calg->parameter = ASN1_TYPE_new();
185	if (!calg->parameter) {
186	CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
187	ERR_R_MALLOC_FAILURE);
188	goto err;
189	}
190	if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
191	CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
192	CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
193	goto err;
194	}
195	}
196	ok = 1;
197
198	err:
199	if (ec->key && !keep_key) {
200	explicit_bzero(ec->key, ec->keylen);
201	free(ec->key);
202	ec->key = NULL;
203	}
204	if (tkey) {
205	explicit_bzero(tkey, tkeylen);
206	free(tkey);
207	}
208	if (ok)
209	return b;
210	BIO_free(b);
211	return NULL;
212	}
213
214	int
215	cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
216	const EVP_CIPHER cipher, const unsigned char key, size_t keylen)
217	{
218	ec->cipher = cipher;
219	if (key) {
220	ec->key = malloc(keylen);
221	if (!ec->key)
222	return 0;
223	memcpy(ec->key, key, keylen);
224	}
225	ec->keylen = keylen;
226	if (cipher)
227	ec->contentType = OBJ_nid2obj(NID_pkcs7_data);
228	return 1;
229	}
230
231	int
232	CMS_EncryptedData_set1_key(CMS_ContentInfo cms, const EVP_CIPHER ciph,
233	const unsigned char *key, size_t keylen)
234	{
235	CMS_EncryptedContentInfo *ec;
236
237	if (!key \|\| !keylen) {
238	CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, CMS_R_NO_KEY);
239	return 0;
240	}
241	if (ciph) {
242	cms->d.encryptedData = M_ASN1_new_of(CMS_EncryptedData);
243	if (!cms->d.encryptedData) {
244	CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY,
245	ERR_R_MALLOC_FAILURE);
246	return 0;
247	}
248	cms->contentType = OBJ_nid2obj(NID_pkcs7_encrypted);
249	cms->d.encryptedData->version = 0;
250	} else if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_encrypted) {
251	CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY,
252	CMS_R_NOT_ENCRYPTED_DATA);
253	return 0;
254	}
255	ec = cms->d.encryptedData->encryptedContentInfo;
256	return cms_EncryptedContent_init(ec, ciph, key, keylen);
257	}
258
259	BIO *
260	cms_EncryptedData_init_bio(CMS_ContentInfo *cms)
261	{
262	CMS_EncryptedData *enc = cms->d.encryptedData;
263
264	if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs)
265	enc->version = 2;
266	return cms_EncryptedContent_init_bio(enc->encryptedContentInfo);
267	}