1 files changed, 0 insertions, 265 deletions
diff --git a/src/lib/libcrypto/pkcs12/p12_mutl.c b/src/lib/libcrypto/pkcs12/p12_mutl.c
deleted file mode 100644
index 2060358188..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_mutl.c
+++ /dev/null
@@ -1,265 +0,0 @@
-/* $OpenBSD: p12_mutl.c,v 1.38 2024/03/24 06:48:03 tb Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#ifndef OPENSSL_NO_HMAC
-#include <openssl/err.h>
-#include <openssl/hmac.h>
-#include <openssl/pkcs12.h>
-#include "evp_local.h"
-#include "hmac_local.h"
-#include "pkcs12_local.h"
-#include "x509_local.h"
-int
-PKCS12_mac_present(const PKCS12 *p12)
-{
-        return p12->mac != NULL;
-}
-LCRYPTO_ALIAS(PKCS12_mac_present);
-void
-PKCS12_get0_mac(const ASN1_OCTET_STRING **pmac, const X509_ALGOR **pmacalg,
-    const ASN1_OCTET_STRING **psalt, const ASN1_INTEGER **piter,
-    const PKCS12 *p12)
-{
-        if (p12->mac == NULL) {
-                if (pmac != NULL)
-                        *pmac = NULL;
-                if (pmacalg != NULL)
-                        *pmacalg = NULL;
-                if (psalt != NULL)
-                        *psalt = NULL;
-                if (piter != NULL)
-                        *piter = NULL;
-                return;
-        }
-        if (pmac != NULL)
-                *pmac = p12->mac->dinfo->digest;
-        if (pmacalg != NULL)
-                *pmacalg = p12->mac->dinfo->algor;
-        if (psalt != NULL)
-                *psalt = p12->mac->salt;
-        if (piter != NULL)
-                *piter = p12->mac->iter;
-}
-LCRYPTO_ALIAS(PKCS12_get0_mac);
-/* Generate a MAC */
-int
-PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
-    unsigned char *mac, unsigned int *maclen)
-{
-        const EVP_MD *md_type;
-        HMAC_CTX *hmac = NULL;
-        ASN1_OCTET_STRING *aos;
-        unsigned char key[EVP_MAX_MD_SIZE], *salt;
-        int saltlen, iter;
-        int md_size;
-        int ret = 0;
-        if (!PKCS7_type_is_data(p12->authsafes)) {
-                PKCS12error(PKCS12_R_CONTENT_TYPE_NOT_DATA);
-                goto err;
-        }
-        if ((aos = PKCS7_get_octet_string(p12->authsafes)) == NULL) {
-                PKCS12error(PKCS12_R_DECODE_ERROR);
-                goto err;
-        }
-        salt = p12->mac->salt->data;
-        saltlen = p12->mac->salt->length;
-        iter = 1;
-        if (p12->mac->iter != NULL) {
-                if ((iter = ASN1_INTEGER_get(p12->mac->iter)) <= 0) {
-                        PKCS12error(PKCS12_R_DECODE_ERROR);
-                        goto err;
-                }
-        }
-        md_type = EVP_get_digestbyobj(p12->mac->dinfo->algor->algorithm);
-        if (md_type == NULL) {
-                PKCS12error(PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);
-                goto err;
-        }
-        if ((md_size = EVP_MD_size(md_type)) < 0)
-                goto err;
-        if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
-            md_size, key, md_type)) {
-                PKCS12error(PKCS12_R_KEY_GEN_ERROR);
-                goto err;
-        }
-        if ((hmac = HMAC_CTX_new()) == NULL)
-                goto err;
-        if (!HMAC_Init_ex(hmac, key, md_size, md_type, NULL))
-                goto err;
-        if (!HMAC_Update(hmac, aos->data, aos->length))
-                goto err;
-        if (!HMAC_Final(hmac, mac, maclen))
-                goto err;
-        ret = 1;
- err:
-        explicit_bzero(key, sizeof(key));
-        HMAC_CTX_free(hmac);
-        return ret;
-}
-/* Verify the mac */
-int
-PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen)
-{
-        unsigned char mac[EVP_MAX_MD_SIZE];
-        unsigned int maclen;
-        if (p12->mac == NULL) {
-                PKCS12error(PKCS12_R_MAC_ABSENT);
-                return 0;
-        }
-        if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
-                PKCS12error(PKCS12_R_MAC_GENERATION_ERROR);
-                return 0;
-        }
-        if ((maclen != (unsigned int)p12->mac->dinfo->digest->length) ||
-            memcmp(mac, p12->mac->dinfo->digest->data, maclen))
-                return 0;
-        return 1;
-}
-LCRYPTO_ALIAS(PKCS12_verify_mac);
-/* Set a mac */
-int
-PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, unsigned char *salt,
-    int saltlen, int iter, const EVP_MD *md_type)
-{
-        unsigned char mac[EVP_MAX_MD_SIZE];
-        unsigned int maclen;
-        if (!md_type)
-                md_type = EVP_sha1();
-        if (PKCS12_setup_mac(p12, iter, salt, saltlen, md_type) ==
-            PKCS12_ERROR) {
-                PKCS12error(PKCS12_R_MAC_SETUP_ERROR);
-                return 0;
-        }
-        if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
-                PKCS12error(PKCS12_R_MAC_GENERATION_ERROR);
-                return 0;
-        }
-        if (!(ASN1_STRING_set(p12->mac->dinfo->digest, mac, maclen))) {
-                PKCS12error(PKCS12_R_MAC_STRING_SET_ERROR);
-                return 0;
-        }
-        return 1;
-}
-LCRYPTO_ALIAS(PKCS12_set_mac);
-/* Set up a mac structure */
-int
-PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
-    const EVP_MD *md_type)
-{
-        PKCS12_MAC_DATA_free(p12->mac);
-        if ((p12->mac = PKCS12_MAC_DATA_new()) == NULL)
-                return PKCS12_ERROR;
-        if (iter > 1) {
-                if (!(p12->mac->iter = ASN1_INTEGER_new())) {
-                        PKCS12error(ERR_R_MALLOC_FAILURE);
-                        return 0;
-                }
-                if (!ASN1_INTEGER_set(p12->mac->iter, iter)) {
-                        PKCS12error(ERR_R_MALLOC_FAILURE);
-                        return 0;
-                }
-        }
-        if (!saltlen)
-                saltlen = PKCS12_SALT_LEN;
-        if (!(p12->mac->salt->data = malloc(saltlen))) {
-                PKCS12error(ERR_R_MALLOC_FAILURE);
-                return 0;
-        }
-        p12->mac->salt->length = saltlen;
-        if (!salt)
-                arc4random_buf(p12->mac->salt->data, saltlen);
-        else
-                memcpy(p12->mac->salt->data, salt, saltlen);
-        p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type));
-        if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) {
-                PKCS12error(ERR_R_MALLOC_FAILURE);
-                return 0;
-        }
-        p12->mac->dinfo->algor->parameter->type = V_ASN1_NULL;
-        return 1;
-}
-#endif

diff --git a/src/lib/libcrypto/pkcs12/p12_mutl.c b/src/lib/libcrypto/pkcs12/p12_mutl.c deleted file mode 100644 index 2060358188..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_mutl.c +++ /dev/null
@@ -1,265 +0,0 @@
1	/* $OpenBSD: p12_mutl.c,v 1.38 2024/03/24 06:48:03 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.
4	*/
5	/* ====================================================================
6	* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7	*
8	* Redistribution and use in source and binary forms, with or without
9	* modification, are permitted provided that the following conditions
10	* are met:
11	*
12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.
14	*
15	* 2. Redistributions in binary form must reproduce the above copyright
16	* notice, this list of conditions and the following disclaimer in
17	* the documentation and/or other materials provided with the
18	* distribution.
19	*
20	* 3. All advertising materials mentioning features or use of this
21	* software must display the following acknowledgment:
22	* "This product includes software developed by the OpenSSL Project
23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24	*
25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26	* endorse or promote products derived from this software without
27	* prior written permission. For written permission, please contact
28	* licensing@OpenSSL.org.
29	*
30	* 5. Products derived from this software may not be called "OpenSSL"
31	* nor may "OpenSSL" appear in their names without prior written
32	* permission of the OpenSSL Project.
33	*
34	* 6. Redistributions of any form whatsoever must retain the following
35	* acknowledgment:
36	* "This product includes software developed by the OpenSSL Project
37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38	*
39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	* OF THE POSSIBILITY OF SUCH DAMAGE.
51	* ====================================================================
52	*
53	* This product includes cryptographic software written by Eric Young
54	* (eay@cryptsoft.com). This product includes software written by Tim
55	* Hudson (tjh@cryptsoft.com).
56	*
57	*/
58
59	#include <stdio.h>
60	#include <stdlib.h>
61	#include <string.h>
62
63	#include <openssl/opensslconf.h>
64
65	#ifndef OPENSSL_NO_HMAC
66
67	#include <openssl/err.h>
68	#include <openssl/hmac.h>
69	#include <openssl/pkcs12.h>
70
71	#include "evp_local.h"
72	#include "hmac_local.h"
73	#include "pkcs12_local.h"
74	#include "x509_local.h"
75
76	int
77	PKCS12_mac_present(const PKCS12 *p12)
78	{
79	return p12->mac != NULL;
80	}
81	LCRYPTO_ALIAS(PKCS12_mac_present);
82
83	void
84	PKCS12_get0_mac(const ASN1_OCTET_STRING pmac, const X509_ALGOR pmacalg,
85	const ASN1_OCTET_STRING psalt, const ASN1_INTEGER piter,
86	const PKCS12 *p12)
87	{
88	if (p12->mac == NULL) {
89	if (pmac != NULL)
90	*pmac = NULL;
91	if (pmacalg != NULL)
92	*pmacalg = NULL;
93	if (psalt != NULL)
94	*psalt = NULL;
95	if (piter != NULL)
96	*piter = NULL;
97	return;
98	}
99
100	if (pmac != NULL)
101	*pmac = p12->mac->dinfo->digest;
102	if (pmacalg != NULL)
103	*pmacalg = p12->mac->dinfo->algor;
104	if (psalt != NULL)
105	*psalt = p12->mac->salt;
106	if (piter != NULL)
107	*piter = p12->mac->iter;
108	}
109	LCRYPTO_ALIAS(PKCS12_get0_mac);
110
111	/* Generate a MAC */
112	int
113	PKCS12_gen_mac(PKCS12 p12, const char pass, int passlen,
114	unsigned char mac, unsigned int maclen)
115	{
116	const EVP_MD *md_type;
117	HMAC_CTX *hmac = NULL;
118	ASN1_OCTET_STRING *aos;
119	unsigned char key[EVP_MAX_MD_SIZE], *salt;
120	int saltlen, iter;
121	int md_size;
122	int ret = 0;
123
124	if (!PKCS7_type_is_data(p12->authsafes)) {
125	PKCS12error(PKCS12_R_CONTENT_TYPE_NOT_DATA);
126	goto err;
127	}
128	if ((aos = PKCS7_get_octet_string(p12->authsafes)) == NULL) {
129	PKCS12error(PKCS12_R_DECODE_ERROR);
130	goto err;
131	}
132
133	salt = p12->mac->salt->data;
134	saltlen = p12->mac->salt->length;
135
136	iter = 1;
137	if (p12->mac->iter != NULL) {
138	if ((iter = ASN1_INTEGER_get(p12->mac->iter)) <= 0) {
139	PKCS12error(PKCS12_R_DECODE_ERROR);
140	goto err;
141	}
142	}
143
144	md_type = EVP_get_digestbyobj(p12->mac->dinfo->algor->algorithm);
145	if (md_type == NULL) {
146	PKCS12error(PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);
147	goto err;
148	}
149
150	if ((md_size = EVP_MD_size(md_type)) < 0)
151	goto err;
152
153	if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
154	md_size, key, md_type)) {
155	PKCS12error(PKCS12_R_KEY_GEN_ERROR);
156	goto err;
157	}
158
159	if ((hmac = HMAC_CTX_new()) == NULL)
160	goto err;
161	if (!HMAC_Init_ex(hmac, key, md_size, md_type, NULL))
162	goto err;
163	if (!HMAC_Update(hmac, aos->data, aos->length))
164	goto err;
165	if (!HMAC_Final(hmac, mac, maclen))
166	goto err;
167
168	ret = 1;
169
170	err:
171	explicit_bzero(key, sizeof(key));
172	HMAC_CTX_free(hmac);
173
174	return ret;
175	}
176
177	/* Verify the mac */
178	int
179	PKCS12_verify_mac(PKCS12 p12, const char pass, int passlen)
180	{
181	unsigned char mac[EVP_MAX_MD_SIZE];
182	unsigned int maclen;
183
184	if (p12->mac == NULL) {
185	PKCS12error(PKCS12_R_MAC_ABSENT);
186	return 0;
187	}
188	if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
189	PKCS12error(PKCS12_R_MAC_GENERATION_ERROR);
190	return 0;
191	}
192	if ((maclen != (unsigned int)p12->mac->dinfo->digest->length) \|\|
193	memcmp(mac, p12->mac->dinfo->digest->data, maclen))
194	return 0;
195	return 1;
196	}
197	LCRYPTO_ALIAS(PKCS12_verify_mac);
198
199	/* Set a mac */
200
201	int
202	PKCS12_set_mac(PKCS12 p12, const char pass, int passlen, unsigned char *salt,
203	int saltlen, int iter, const EVP_MD *md_type)
204	{
205	unsigned char mac[EVP_MAX_MD_SIZE];
206	unsigned int maclen;
207
208	if (!md_type)
209	md_type = EVP_sha1();
210	if (PKCS12_setup_mac(p12, iter, salt, saltlen, md_type) ==
211	PKCS12_ERROR) {
212	PKCS12error(PKCS12_R_MAC_SETUP_ERROR);
213	return 0;
214	}
215	if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
216	PKCS12error(PKCS12_R_MAC_GENERATION_ERROR);
217	return 0;
218	}
219	if (!(ASN1_STRING_set(p12->mac->dinfo->digest, mac, maclen))) {
220	PKCS12error(PKCS12_R_MAC_STRING_SET_ERROR);
221	return 0;
222	}
223	return 1;
224	}
225	LCRYPTO_ALIAS(PKCS12_set_mac);
226
227	/* Set up a mac structure */
228	int
229	PKCS12_setup_mac(PKCS12 p12, int iter, unsigned char salt, int saltlen,
230	const EVP_MD *md_type)
231	{
232	PKCS12_MAC_DATA_free(p12->mac);
233	if ((p12->mac = PKCS12_MAC_DATA_new()) == NULL)
234	return PKCS12_ERROR;
235	if (iter > 1) {
236	if (!(p12->mac->iter = ASN1_INTEGER_new())) {
237	PKCS12error(ERR_R_MALLOC_FAILURE);
238	return 0;
239	}
240	if (!ASN1_INTEGER_set(p12->mac->iter, iter)) {
241	PKCS12error(ERR_R_MALLOC_FAILURE);
242	return 0;
243	}
244	}
245	if (!saltlen)
246	saltlen = PKCS12_SALT_LEN;
247	if (!(p12->mac->salt->data = malloc(saltlen))) {
248	PKCS12error(ERR_R_MALLOC_FAILURE);
249	return 0;
250	}
251	p12->mac->salt->length = saltlen;
252	if (!salt)
253	arc4random_buf(p12->mac->salt->data, saltlen);
254	else
255	memcpy(p12->mac->salt->data, salt, saltlen);
256	p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type));
257	if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) {
258	PKCS12error(ERR_R_MALLOC_FAILURE);
259	return 0;
260	}
261	p12->mac->dinfo->algor->parameter->type = V_ASN1_NULL;
262
263	return 1;
264	}
265	#endif