1 files changed, 56 insertions, 33 deletions
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c
index 334379f310..975d004df4 100644
--- a/src/lib/libcrypto/evp/p5_crpt2.c
+++ b/src/lib/libcrypto/evp/p5_crpt2.c
@@ -62,6 +62,7 @@
 #include <openssl/x509.h>
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
+#include "evp_locl.h"
 /* set this to print out info about the keygen algorithm */
 /* #define DEBUG_PKCS5V2 */
@@ -110,10 +111,14 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
                itmp[1] = (unsigned char)((i >> 16) & 0xff);
                itmp[2] = (unsigned char)((i >> 8) & 0xff);
                itmp[3] = (unsigned char)(i & 0xff);
-                HMAC_Init_ex(&hctx, pass, passlen, digest, NULL);
+                if (!HMAC_Init_ex(&hctx, pass, passlen, digest, NULL)
-                HMAC_Update(&hctx, salt, saltlen);
+                        || !HMAC_Update(&hctx, salt, saltlen)
-                HMAC_Update(&hctx, itmp, 4);
+                        || !HMAC_Update(&hctx, itmp, 4)
-                HMAC_Final(&hctx, digtmp, NULL);
+                        || !HMAC_Final(&hctx, digtmp, NULL))
+                        {
+                        HMAC_CTX_cleanup(&hctx);
+                        return 0;
+                        }
                memcpy(p, digtmp, cplen);
                for(j = 1; j < iter; j++)
                        {
@@ -168,27 +173,24 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
                         ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md,
                         int en_de)
 {
-        unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
        const unsigned char *pbuf;
-        int saltlen, iter, plen;
+        int plen;
-        unsigned int keylen;
        PBE2PARAM *pbe2 = NULL;
        const EVP_CIPHER *cipher;
-        PBKDF2PARAM *kdf = NULL;
-        const EVP_MD *prfmd;
+        int rv = 0;
-        int prf_nid, hmac_md_nid;
        if (param == NULL || param->type != V_ASN1_SEQUENCE ||
            param->value.sequence == NULL) {
                EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
-                return 0;
+                goto err;
        }
        pbuf = param->value.sequence->data;
        plen = param->value.sequence->length;
        if(!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
                EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
-                return 0;
+                goto err;
        }
        /* See if we recognise the key derivation function */
@@ -211,38 +213,63 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
        }
        /* Fixup cipher based on AlgorithmIdentifier */
-        EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de);
+        if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de))
+                goto err;
        if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
                EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
                                        EVP_R_CIPHER_PARAMETER_ERROR);
                goto err;
        }
+        rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen,
+                                        pbe2->keyfunc->parameter, c, md, en_de);
+        err:
+        PBE2PARAM_free(pbe2);
+        return rv;
+}
+int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+                         ASN1_TYPE *param,
+                         const EVP_CIPHER *c, const EVP_MD *md, int en_de)
+{
+        unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
+        const unsigned char *pbuf;
+        int saltlen, iter, plen;
+        int rv = 0;
+        unsigned int keylen = 0;
+        int prf_nid, hmac_md_nid;
+        PBKDF2PARAM *kdf = NULL;
+        const EVP_MD *prfmd;
+        if (EVP_CIPHER_CTX_cipher(ctx) == NULL)
+                {
+                EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_NO_CIPHER_SET);
+                goto err;
+                }
        keylen = EVP_CIPHER_CTX_key_length(ctx);
        OPENSSL_assert(keylen <= sizeof key);
-        /* Now decode key derivation function */
+        /* Decode parameter */
-        if(!pbe2->keyfunc->parameter ||
+        if(!param || (param->type != V_ASN1_SEQUENCE))
-                 (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE))
                {
-                EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
+                EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR);
                goto err;
                }
-        pbuf = pbe2->keyfunc->parameter->value.sequence->data;
+        pbuf = param->value.sequence->data;
-        plen = pbe2->keyfunc->parameter->value.sequence->length;
+        plen = param->value.sequence->length;
        if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
-                EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
+                EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR);
                goto err;
        }
-        PBE2PARAM_free(pbe2);
+        keylen = EVP_CIPHER_CTX_key_length(ctx);
-        pbe2 = NULL;
        /* Now check the parameters of the kdf */
        if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){
-                EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
+                EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
                                                EVP_R_UNSUPPORTED_KEYLENGTH);
                goto err;
        }
@@ -254,19 +281,19 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
        if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0))
                {
-                EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
+                EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
                goto err;
                }
        prfmd = EVP_get_digestbynid(hmac_md_nid);
        if (prfmd == NULL)
                {
-                EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
+                EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
                goto err;
                }
        if(kdf->salt->type != V_ASN1_OCTET_STRING) {
-                EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
+                EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
                                                EVP_R_UNSUPPORTED_SALT_TYPE);
                goto err;
        }
@@ -278,15 +305,11 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
        if(!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
                                                   keylen, key))
                goto err;
-        EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
+        rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
-        OPENSSL_cleanse(key, keylen);
-        PBKDF2PARAM_free(kdf);
-        return 1;
        err:
-        PBE2PARAM_free(pbe2);
+        OPENSSL_cleanse(key, keylen);
        PBKDF2PARAM_free(kdf);
-        return 0;
+        return rv;
 }
 #ifdef DEBUG_PKCS5V2

diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c index 334379f310..975d004df4 100644 --- a/src/lib/libcrypto/evp/p5_crpt2.c +++ b/src/lib/libcrypto/evp/p5_crpt2.c
@@ -62,6 +62,7 @@
62	#include <openssl/x509.h>	62	#include <openssl/x509.h>
63	#include <openssl/evp.h>	63	#include <openssl/evp.h>
64	#include <openssl/hmac.h>	64	#include <openssl/hmac.h>
		65	#include "evp_locl.h"
65		66
66	/* set this to print out info about the keygen algorithm */	67	/* set this to print out info about the keygen algorithm */
67	/* #define DEBUG_PKCS5V2 */	68	/* #define DEBUG_PKCS5V2 */
@@ -110,10 +111,14 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
110	itmp[1] = (unsigned char)((i >> 16) & 0xff);	111	itmp[1] = (unsigned char)((i >> 16) & 0xff);
111	itmp[2] = (unsigned char)((i >> 8) & 0xff);	112	itmp[2] = (unsigned char)((i >> 8) & 0xff);
112	itmp[3] = (unsigned char)(i & 0xff);	113	itmp[3] = (unsigned char)(i & 0xff);
113	HMAC_Init_ex(&hctx, pass, passlen, digest, NULL);	114	if (!HMAC_Init_ex(&hctx, pass, passlen, digest, NULL)
114	HMAC_Update(&hctx, salt, saltlen);	115	\|\| !HMAC_Update(&hctx, salt, saltlen)
115	HMAC_Update(&hctx, itmp, 4);	116	\|\| !HMAC_Update(&hctx, itmp, 4)
116	HMAC_Final(&hctx, digtmp, NULL);	117	\|\| !HMAC_Final(&hctx, digtmp, NULL))
		118	{
		119	HMAC_CTX_cleanup(&hctx);
		120	return 0;
		121	}
117	memcpy(p, digtmp, cplen);	122	memcpy(p, digtmp, cplen);
118	for(j = 1; j < iter; j++)	123	for(j = 1; j < iter; j++)
119	{	124	{
@@ -168,27 +173,24 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX ctx, const char pass, int passlen,
168	ASN1_TYPE param, const EVP_CIPHER c, const EVP_MD *md,	173	ASN1_TYPE param, const EVP_CIPHER c, const EVP_MD *md,
169	int en_de)	174	int en_de)
170	{	175	{
171	unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
172	const unsigned char *pbuf;	176	const unsigned char *pbuf;
173	int saltlen, iter, plen;	177	int plen;
174	unsigned int keylen;
175	PBE2PARAM *pbe2 = NULL;	178	PBE2PARAM *pbe2 = NULL;
176	const EVP_CIPHER *cipher;	179	const EVP_CIPHER *cipher;
177	PBKDF2PARAM *kdf = NULL;	180
178	const EVP_MD *prfmd;	181	int rv = 0;
179	int prf_nid, hmac_md_nid;
180		182
181	if (param == NULL \|\| param->type != V_ASN1_SEQUENCE \|\|	183	if (param == NULL \|\| param->type != V_ASN1_SEQUENCE \|\|
182	param->value.sequence == NULL) {	184	param->value.sequence == NULL) {
183	EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);	185	EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
184	return 0;	186	goto err;
185	}	187	}
186		188
187	pbuf = param->value.sequence->data;	189	pbuf = param->value.sequence->data;
188	plen = param->value.sequence->length;	190	plen = param->value.sequence->length;
189	if(!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {	191	if(!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
190	EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);	192	EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
191	return 0;	193	goto err;
192	}	194	}
193		195
194	/* See if we recognise the key derivation function */	196	/* See if we recognise the key derivation function */
@@ -211,38 +213,63 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX ctx, const char pass, int passlen,
211	}	213	}
212		214
213	/* Fixup cipher based on AlgorithmIdentifier */	215	/* Fixup cipher based on AlgorithmIdentifier */
214	EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de);	216	if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de))
		217	goto err;
215	if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {	218	if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
216	EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,	219	EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
217	EVP_R_CIPHER_PARAMETER_ERROR);	220	EVP_R_CIPHER_PARAMETER_ERROR);
218	goto err;	221	goto err;
219	}	222	}
		223	rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen,
		224	pbe2->keyfunc->parameter, c, md, en_de);
		225	err:
		226	PBE2PARAM_free(pbe2);
		227	return rv;
		228	}
		229
		230	int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX ctx, const char pass, int passlen,
		231	ASN1_TYPE *param,
		232	const EVP_CIPHER c, const EVP_MD md, int en_de)
		233	{
		234	unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
		235	const unsigned char *pbuf;
		236	int saltlen, iter, plen;
		237	int rv = 0;
		238	unsigned int keylen = 0;
		239	int prf_nid, hmac_md_nid;
		240	PBKDF2PARAM *kdf = NULL;
		241	const EVP_MD *prfmd;
		242
		243	if (EVP_CIPHER_CTX_cipher(ctx) == NULL)
		244	{
		245	EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_NO_CIPHER_SET);
		246	goto err;
		247	}
220	keylen = EVP_CIPHER_CTX_key_length(ctx);	248	keylen = EVP_CIPHER_CTX_key_length(ctx);
221	OPENSSL_assert(keylen <= sizeof key);	249	OPENSSL_assert(keylen <= sizeof key);
222		250
223	/* Now decode key derivation function */	251	/* Decode parameter */
224		252
225	if(!pbe2->keyfunc->parameter \|\|	253	if(!param \|\| (param->type != V_ASN1_SEQUENCE))
226	(pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE))
227	{	254	{
228	EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);	255	EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR);
229	goto err;	256	goto err;
230	}	257	}
231		258
232	pbuf = pbe2->keyfunc->parameter->value.sequence->data;	259	pbuf = param->value.sequence->data;
233	plen = pbe2->keyfunc->parameter->value.sequence->length;	260	plen = param->value.sequence->length;
		261
234	if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {	262	if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
235	EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);	263	EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR);
236	goto err;	264	goto err;
237	}	265	}
238		266
239	PBE2PARAM_free(pbe2);	267	keylen = EVP_CIPHER_CTX_key_length(ctx);
240	pbe2 = NULL;
241		268
242	/* Now check the parameters of the kdf */	269	/* Now check the parameters of the kdf */
243		270
244	if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){	271	if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){
245	EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,	272	EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
246	EVP_R_UNSUPPORTED_KEYLENGTH);	273	EVP_R_UNSUPPORTED_KEYLENGTH);
247	goto err;	274	goto err;
248	}	275	}
@@ -254,19 +281,19 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX ctx, const char pass, int passlen,
254		281
255	if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0))	282	if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0))
256	{	283	{
257	EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);	284	EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
258	goto err;	285	goto err;
259	}	286	}
260		287
261	prfmd = EVP_get_digestbynid(hmac_md_nid);	288	prfmd = EVP_get_digestbynid(hmac_md_nid);
262	if (prfmd == NULL)	289	if (prfmd == NULL)
263	{	290	{
264	EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);	291	EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
265	goto err;	292	goto err;
266	}	293	}
267		294
268	if(kdf->salt->type != V_ASN1_OCTET_STRING) {	295	if(kdf->salt->type != V_ASN1_OCTET_STRING) {
269	EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,	296	EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
270	EVP_R_UNSUPPORTED_SALT_TYPE);	297	EVP_R_UNSUPPORTED_SALT_TYPE);
271	goto err;	298	goto err;
272	}	299	}
@@ -278,15 +305,11 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX ctx, const char pass, int passlen,
278	if(!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,	305	if(!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
279	keylen, key))	306	keylen, key))
280	goto err;	307	goto err;
281	EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);	308	rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
282	OPENSSL_cleanse(key, keylen);
283	PBKDF2PARAM_free(kdf);
284	return 1;
285
286	err:	309	err:
287	PBE2PARAM_free(pbe2);	310	OPENSSL_cleanse(key, keylen);
288	PBKDF2PARAM_free(kdf);	311	PBKDF2PARAM_free(kdf);
289	return 0;	312	return rv;
290	}	313	}
291		314
292	#ifdef DEBUG_PKCS5V2	315	#ifdef DEBUG_PKCS5V2