p12_key.c 5.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183
  1. /*
  2. * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include "internal/cryptlib.h"
  11. #include <openssl/pkcs12.h>
  12. #include <openssl/bn.h>
  13. /* Uncomment out this line to get debugging info about key generation */
  14. /*
  15. * #define OPENSSL_DEBUG_KEYGEN
  16. */
  17. #ifdef OPENSSL_DEBUG_KEYGEN
  18. # include <openssl/bio.h>
  19. extern BIO *bio_err;
  20. void h__dump(unsigned char *p, int len);
  21. #endif
  22. /* PKCS12 compatible key/IV generation */
  23. #ifndef min
  24. # define min(a,b) ((a) < (b) ? (a) : (b))
  25. #endif
  26. int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
  27. int saltlen, int id, int iter, int n,
  28. unsigned char *out, const EVP_MD *md_type)
  29. {
  30. int ret;
  31. unsigned char *unipass;
  32. int uniplen;
  33. if (!pass) {
  34. unipass = NULL;
  35. uniplen = 0;
  36. } else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) {
  37. PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC, ERR_R_MALLOC_FAILURE);
  38. return 0;
  39. }
  40. ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
  41. id, iter, n, out, md_type);
  42. if (ret <= 0)
  43. return 0;
  44. OPENSSL_clear_free(unipass, uniplen);
  45. return ret;
  46. }
  47. int PKCS12_key_gen_utf8(const char *pass, int passlen, unsigned char *salt,
  48. int saltlen, int id, int iter, int n,
  49. unsigned char *out, const EVP_MD *md_type)
  50. {
  51. int ret;
  52. unsigned char *unipass;
  53. int uniplen;
  54. if (!pass) {
  55. unipass = NULL;
  56. uniplen = 0;
  57. } else if (!OPENSSL_utf82uni(pass, passlen, &unipass, &uniplen)) {
  58. PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UTF8, ERR_R_MALLOC_FAILURE);
  59. return 0;
  60. }
  61. ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
  62. id, iter, n, out, md_type);
  63. if (ret <= 0)
  64. return 0;
  65. OPENSSL_clear_free(unipass, uniplen);
  66. return ret;
  67. }
  68. int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
  69. int saltlen, int id, int iter, int n,
  70. unsigned char *out, const EVP_MD *md_type)
  71. {
  72. unsigned char *B = NULL, *D = NULL, *I = NULL, *p = NULL, *Ai = NULL;
  73. int Slen, Plen, Ilen;
  74. int i, j, u, v;
  75. int ret = 0;
  76. EVP_MD_CTX *ctx = NULL;
  77. #ifdef OPENSSL_DEBUG_KEYGEN
  78. unsigned char *tmpout = out;
  79. int tmpn = n;
  80. #endif
  81. ctx = EVP_MD_CTX_new();
  82. if (ctx == NULL)
  83. goto err;
  84. #ifdef OPENSSL_DEBUG_KEYGEN
  85. fprintf(stderr, "KEYGEN DEBUG\n");
  86. fprintf(stderr, "ID %d, ITER %d\n", id, iter);
  87. fprintf(stderr, "Password (length %d):\n", passlen);
  88. h__dump(pass, passlen);
  89. fprintf(stderr, "Salt (length %d):\n", saltlen);
  90. h__dump(salt, saltlen);
  91. #endif
  92. v = EVP_MD_block_size(md_type);
  93. u = EVP_MD_size(md_type);
  94. if (u <= 0 || v <= 0)
  95. goto err;
  96. D = OPENSSL_malloc(v);
  97. Ai = OPENSSL_malloc(u);
  98. B = OPENSSL_malloc(v + 1);
  99. Slen = v * ((saltlen + v - 1) / v);
  100. if (passlen)
  101. Plen = v * ((passlen + v - 1) / v);
  102. else
  103. Plen = 0;
  104. Ilen = Slen + Plen;
  105. I = OPENSSL_malloc(Ilen);
  106. if (D == NULL || Ai == NULL || B == NULL || I == NULL)
  107. goto err;
  108. for (i = 0; i < v; i++)
  109. D[i] = id;
  110. p = I;
  111. for (i = 0; i < Slen; i++)
  112. *p++ = salt[i % saltlen];
  113. for (i = 0; i < Plen; i++)
  114. *p++ = pass[i % passlen];
  115. for (;;) {
  116. if (!EVP_DigestInit_ex(ctx, md_type, NULL)
  117. || !EVP_DigestUpdate(ctx, D, v)
  118. || !EVP_DigestUpdate(ctx, I, Ilen)
  119. || !EVP_DigestFinal_ex(ctx, Ai, NULL))
  120. goto err;
  121. for (j = 1; j < iter; j++) {
  122. if (!EVP_DigestInit_ex(ctx, md_type, NULL)
  123. || !EVP_DigestUpdate(ctx, Ai, u)
  124. || !EVP_DigestFinal_ex(ctx, Ai, NULL))
  125. goto err;
  126. }
  127. memcpy(out, Ai, min(n, u));
  128. if (u >= n) {
  129. #ifdef OPENSSL_DEBUG_KEYGEN
  130. fprintf(stderr, "Output KEY (length %d)\n", tmpn);
  131. h__dump(tmpout, tmpn);
  132. #endif
  133. ret = 1;
  134. goto end;
  135. }
  136. n -= u;
  137. out += u;
  138. for (j = 0; j < v; j++)
  139. B[j] = Ai[j % u];
  140. for (j = 0; j < Ilen; j += v) {
  141. int k;
  142. unsigned char *Ij = I + j;
  143. uint16_t c = 1;
  144. /* Work out Ij = Ij + B + 1 */
  145. for (k = v - 1; k >= 0; k--) {
  146. c += Ij[k] + B[k];
  147. Ij[k] = (unsigned char)c;
  148. c >>= 8;
  149. }
  150. }
  151. }
  152. err:
  153. PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI, ERR_R_MALLOC_FAILURE);
  154. end:
  155. OPENSSL_free(Ai);
  156. OPENSSL_free(B);
  157. OPENSSL_free(D);
  158. OPENSSL_free(I);
  159. EVP_MD_CTX_free(ctx);
  160. return ret;
  161. }
  162. #ifdef OPENSSL_DEBUG_KEYGEN
  163. void h__dump(unsigned char *p, int len)
  164. {
  165. for (; len--; p++)
  166. fprintf(stderr, "%02X", *p);
  167. fprintf(stderr, "\n");
  168. }
  169. #endif