kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2257 Commits
12 Branches
38 MiB
 
 
 
 
 
 
Tree: 926f2194df
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '926f2194df'
${ noResults }
boringssl/crypto/pkcs8/p5_pbe.c

151 lines
4.6 KiB
Raw Blame History 

  1. /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

  2.  * project 1999.

  3.  */

  4. /* ====================================================================

  5.  * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.

  6.  *

  7.  * Redistribution and use in source and binary forms, with or without

  8.  * modification, are permitted provided that the following conditions

  9.  * are met:

  10.  *

  11.  * 1. Redistributions of source code must retain the above copyright

  12.  *    notice, this list of conditions and the following disclaimer.

  13.  *

  14.  * 2. Redistributions in binary form must reproduce the above copyright

  15.  *    notice, this list of conditions and the following disclaimer in

  16.  *    the documentation and/or other materials provided with the

  17.  *    distribution.

  18.  *

  19.  * 3. All advertising materials mentioning features or use of this

  20.  *    software must display the following acknowledgment:

  21.  *    "This product includes software developed by the OpenSSL Project

  22.  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

  23.  *

  24.  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

  25.  *    endorse or promote products derived from this software without

  26.  *    prior written permission. For written permission, please contact

  27.  *    licensing@OpenSSL.org.

  28.  *

  29.  * 5. Products derived from this software may not be called "OpenSSL"

  30.  *    nor may "OpenSSL" appear in their names without prior written

  31.  *    permission of the OpenSSL Project.

  32.  *

  33.  * 6. Redistributions of any form whatsoever must retain the following

  34.  *    acknowledgment:

  35.  *    "This product includes software developed by the OpenSSL Project

  36.  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

  37.  *

  38.  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

  39.  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  40.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

  41.  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

  42.  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

  43.  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

  44.  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

  45.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  46.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

  47.  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

  48.  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

  49.  * OF THE POSSIBILITY OF SUCH DAMAGE.

  50.  * ====================================================================

  51.  *

  52.  * This product includes cryptographic software written by Eric Young

  53.  * (eay@cryptsoft.com).  This product includes software written by Tim

  54.  * Hudson (tjh@cryptsoft.com). */

  55. 

  56. #include <string.h>

  57. 

  58. #include <openssl/asn1t.h>

  59. #include <openssl/err.h>

  60. #include <openssl/pkcs8.h>

  61. #include <openssl/rand.h>

  62. #include <openssl/x509.h>

  63. 

  64. #include "internal.h"

  65. 

  66. 

  67. /* PKCS#5 password based encryption structure */

  68. 

  69. ASN1_SEQUENCE(PBEPARAM) = {

  70. 	ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING),

  71. 	ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER)

  72. } ASN1_SEQUENCE_END(PBEPARAM)

  73. 

  74. IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM)

  75. 

  76. 

  77. /* Set an algorithm identifier for a PKCS#5 PBE algorithm */

  78. 

  79. int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,

  80. 				const unsigned char *salt, int saltlen)

  81. 	{

  82. 	PBEPARAM *pbe=NULL;

  83. 	ASN1_STRING *pbe_str=NULL;

  84. 	unsigned char *sstr;

  85. 

  86. 	pbe = PBEPARAM_new();

  87. 	if (!pbe)

  88. 		{

  89. 		OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE);

  90. 		goto err;

  91. 		}

  92. 	if(iter <= 0)

  93. 		iter = PKCS5_DEFAULT_ITERATIONS;

  94. 	if (!ASN1_INTEGER_set(pbe->iter, iter))

  95. 		{

  96. 		OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE);

  97. 		goto err;

  98. 		}

  99. 	if (!saltlen)

  100. 		saltlen = PKCS5_SALT_LEN;

  101. 	if (!ASN1_STRING_set(pbe->salt, NULL, saltlen))

  102. 		{

  103. 		OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE);

  104. 		goto err;

  105. 		}

  106. 	sstr = ASN1_STRING_data(pbe->salt);

  107. 	if (salt)

  108. 		memcpy(sstr, salt, saltlen);

  109. 	else if (!RAND_bytes(sstr, saltlen))

  110. 		goto err;

  111. 

  112. 	if(!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str))

  113. 		{

  114. 		OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE);

  115. 		goto err;

  116. 		}

  117. 

  118. 	PBEPARAM_free(pbe);

  119. 	pbe = NULL;

  120. 

  121. 	if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str))

  122. 		return 1;

  123. 

  124. err:

  125. 	if (pbe != NULL)

  126. 		PBEPARAM_free(pbe);

  127. 	if (pbe_str != NULL)

  128. 		ASN1_STRING_free(pbe_str);

  129. 	return 0;

  130. 	}

  131. 

  132. /* Return an algorithm identifier for a PKCS#5 PBE algorithm */

  133. 

  134. X509_ALGOR *PKCS5_pbe_set(int alg, int iter,

  135. 				const unsigned char *salt, int saltlen)

  136. 	{

  137. 	X509_ALGOR *ret;

  138. 	ret = X509_ALGOR_new();

  139. 	if (!ret)

  140. 		{

  141. 		OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE);

  142. 		return NULL;

  143. 		}

  144. 

  145. 	if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen)) 

  146. 		return ret;

  147. 

  148. 	X509_ALGOR_free(ret);

  149. 	return NULL;

  150. 	}