1e1051a39Sopenharmony_ci/* 2e1051a39Sopenharmony_ci * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved. 3e1051a39Sopenharmony_ci * 4e1051a39Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License"). You may not use 5e1051a39Sopenharmony_ci * this file except in compliance with the License. You can obtain a copy 6e1051a39Sopenharmony_ci * in the file LICENSE in the source distribution or at 7e1051a39Sopenharmony_ci * https://www.openssl.org/source/license.html 8e1051a39Sopenharmony_ci */ 9e1051a39Sopenharmony_ci 10e1051a39Sopenharmony_ci#include <stdio.h> 11e1051a39Sopenharmony_ci#include "internal/cryptlib.h" 12e1051a39Sopenharmony_ci#include <openssl/asn1t.h> 13e1051a39Sopenharmony_ci#include <openssl/x509.h> 14e1051a39Sopenharmony_ci#include <openssl/rand.h> 15e1051a39Sopenharmony_ci 16e1051a39Sopenharmony_ci/* PKCS#5 password based encryption structure */ 17e1051a39Sopenharmony_ci 18e1051a39Sopenharmony_ciASN1_SEQUENCE(PBEPARAM) = { 19e1051a39Sopenharmony_ci ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING), 20e1051a39Sopenharmony_ci ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER) 21e1051a39Sopenharmony_ci} ASN1_SEQUENCE_END(PBEPARAM) 22e1051a39Sopenharmony_ci 23e1051a39Sopenharmony_ciIMPLEMENT_ASN1_FUNCTIONS(PBEPARAM) 24e1051a39Sopenharmony_ci 25e1051a39Sopenharmony_ci/* Set an algorithm identifier for a PKCS#5 PBE algorithm */ 26e1051a39Sopenharmony_ci 27e1051a39Sopenharmony_ciint PKCS5_pbe_set0_algor_ex(X509_ALGOR *algor, int alg, int iter, 28e1051a39Sopenharmony_ci const unsigned char *salt, int saltlen, 29e1051a39Sopenharmony_ci OSSL_LIB_CTX *ctx) 30e1051a39Sopenharmony_ci{ 31e1051a39Sopenharmony_ci PBEPARAM *pbe = NULL; 32e1051a39Sopenharmony_ci ASN1_STRING *pbe_str = NULL; 33e1051a39Sopenharmony_ci unsigned char *sstr = NULL; 34e1051a39Sopenharmony_ci 35e1051a39Sopenharmony_ci pbe = PBEPARAM_new(); 36e1051a39Sopenharmony_ci if (pbe == NULL) { 37e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); 38e1051a39Sopenharmony_ci goto err; 39e1051a39Sopenharmony_ci } 40e1051a39Sopenharmony_ci if (iter <= 0) 41e1051a39Sopenharmony_ci iter = PKCS5_DEFAULT_ITER; 42e1051a39Sopenharmony_ci if (!ASN1_INTEGER_set(pbe->iter, iter)) { 43e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); 44e1051a39Sopenharmony_ci goto err; 45e1051a39Sopenharmony_ci } 46e1051a39Sopenharmony_ci if (!saltlen) 47e1051a39Sopenharmony_ci saltlen = PKCS5_SALT_LEN; 48e1051a39Sopenharmony_ci if (saltlen < 0) 49e1051a39Sopenharmony_ci goto err; 50e1051a39Sopenharmony_ci 51e1051a39Sopenharmony_ci sstr = OPENSSL_malloc(saltlen); 52e1051a39Sopenharmony_ci if (sstr == NULL) { 53e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); 54e1051a39Sopenharmony_ci goto err; 55e1051a39Sopenharmony_ci } 56e1051a39Sopenharmony_ci if (salt) 57e1051a39Sopenharmony_ci memcpy(sstr, salt, saltlen); 58e1051a39Sopenharmony_ci else if (RAND_bytes_ex(ctx, sstr, saltlen, 0) <= 0) 59e1051a39Sopenharmony_ci goto err; 60e1051a39Sopenharmony_ci 61e1051a39Sopenharmony_ci ASN1_STRING_set0(pbe->salt, sstr, saltlen); 62e1051a39Sopenharmony_ci sstr = NULL; 63e1051a39Sopenharmony_ci 64e1051a39Sopenharmony_ci if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) { 65e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); 66e1051a39Sopenharmony_ci goto err; 67e1051a39Sopenharmony_ci } 68e1051a39Sopenharmony_ci 69e1051a39Sopenharmony_ci PBEPARAM_free(pbe); 70e1051a39Sopenharmony_ci pbe = NULL; 71e1051a39Sopenharmony_ci 72e1051a39Sopenharmony_ci if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str)) 73e1051a39Sopenharmony_ci return 1; 74e1051a39Sopenharmony_ci 75e1051a39Sopenharmony_ci err: 76e1051a39Sopenharmony_ci OPENSSL_free(sstr); 77e1051a39Sopenharmony_ci PBEPARAM_free(pbe); 78e1051a39Sopenharmony_ci ASN1_STRING_free(pbe_str); 79e1051a39Sopenharmony_ci return 0; 80e1051a39Sopenharmony_ci} 81e1051a39Sopenharmony_ci 82e1051a39Sopenharmony_ciint PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, 83e1051a39Sopenharmony_ci const unsigned char *salt, int saltlen) 84e1051a39Sopenharmony_ci{ 85e1051a39Sopenharmony_ci return PKCS5_pbe_set0_algor_ex(algor, alg, iter, salt, saltlen, NULL); 86e1051a39Sopenharmony_ci} 87e1051a39Sopenharmony_ci 88e1051a39Sopenharmony_ci/* Return an algorithm identifier for a PKCS#5 PBE algorithm */ 89e1051a39Sopenharmony_ci 90e1051a39Sopenharmony_ciX509_ALGOR *PKCS5_pbe_set_ex(int alg, int iter, 91e1051a39Sopenharmony_ci const unsigned char *salt, int saltlen, 92e1051a39Sopenharmony_ci OSSL_LIB_CTX *ctx) 93e1051a39Sopenharmony_ci{ 94e1051a39Sopenharmony_ci X509_ALGOR *ret; 95e1051a39Sopenharmony_ci ret = X509_ALGOR_new(); 96e1051a39Sopenharmony_ci if (ret == NULL) { 97e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); 98e1051a39Sopenharmony_ci return NULL; 99e1051a39Sopenharmony_ci } 100e1051a39Sopenharmony_ci 101e1051a39Sopenharmony_ci if (PKCS5_pbe_set0_algor_ex(ret, alg, iter, salt, saltlen, ctx)) 102e1051a39Sopenharmony_ci return ret; 103e1051a39Sopenharmony_ci 104e1051a39Sopenharmony_ci X509_ALGOR_free(ret); 105e1051a39Sopenharmony_ci return NULL; 106e1051a39Sopenharmony_ci} 107e1051a39Sopenharmony_ci 108e1051a39Sopenharmony_ciX509_ALGOR *PKCS5_pbe_set(int alg, int iter, 109e1051a39Sopenharmony_ci const unsigned char *salt, int saltlen) 110e1051a39Sopenharmony_ci{ 111e1051a39Sopenharmony_ci return PKCS5_pbe_set_ex(alg, iter, salt, saltlen, NULL); 112e1051a39Sopenharmony_ci} 113e1051a39Sopenharmony_ci 114