cms_enc.c (194206) | cms_enc.c (237657) |
---|---|
1/* crypto/cms/cms_enc.c */ 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * project. 4 */ 5/* ==================================================================== 6 * Copyright (c) 2008 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 59 unchanged lines hidden (view full) --- 68 69BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec) 70 { 71 BIO *b; 72 EVP_CIPHER_CTX *ctx; 73 const EVP_CIPHER *ciph; 74 X509_ALGOR *calg = ec->contentEncryptionAlgorithm; 75 unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL; | 1/* crypto/cms/cms_enc.c */ 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * project. 4 */ 5/* ==================================================================== 6 * Copyright (c) 2008 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 59 unchanged lines hidden (view full) --- 68 69BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec) 70 { 71 BIO *b; 72 EVP_CIPHER_CTX *ctx; 73 const EVP_CIPHER *ciph; 74 X509_ALGOR *calg = ec->contentEncryptionAlgorithm; 75 unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL; |
76 unsigned char *tkey = NULL; 77 size_t tkeylen; |
|
76 77 int ok = 0; 78 79 int enc, keep_key = 0; 80 81 enc = ec->cipher ? 1 : 0; 82 83 b = BIO_new(BIO_f_cipher()); --- 48 unchanged lines hidden (view full) --- 132 } 133 } 134 else if (EVP_CIPHER_asn1_to_param(ctx, calg->parameter) <= 0) 135 { 136 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, 137 CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR); 138 goto err; 139 } | 78 79 int ok = 0; 80 81 int enc, keep_key = 0; 82 83 enc = ec->cipher ? 1 : 0; 84 85 b = BIO_new(BIO_f_cipher()); --- 48 unchanged lines hidden (view full) --- 134 } 135 } 136 else if (EVP_CIPHER_asn1_to_param(ctx, calg->parameter) <= 0) 137 { 138 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, 139 CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR); 140 goto err; 141 } |
140 141 142 if (enc && !ec->key) | 142 tkeylen = EVP_CIPHER_CTX_key_length(ctx); 143 /* Generate random session key */ 144 if (!enc || !ec->key) |
143 { | 145 { |
144 /* Generate random key */ 145 if (!ec->keylen) 146 ec->keylen = EVP_CIPHER_CTX_key_length(ctx); 147 ec->key = OPENSSL_malloc(ec->keylen); 148 if (!ec->key) | 146 tkey = OPENSSL_malloc(tkeylen); 147 if (!tkey) |
149 { 150 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, 151 ERR_R_MALLOC_FAILURE); 152 goto err; 153 } | 148 { 149 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, 150 ERR_R_MALLOC_FAILURE); 151 goto err; 152 } |
154 if (EVP_CIPHER_CTX_rand_key(ctx, ec->key) <= 0) | 153 if (EVP_CIPHER_CTX_rand_key(ctx, tkey) <= 0) |
155 goto err; | 154 goto err; |
156 keep_key = 1; | |
157 } | 155 } |
158 else if (ec->keylen != (unsigned int)EVP_CIPHER_CTX_key_length(ctx)) | 156 157 if (!ec->key) |
159 { | 158 { |
159 ec->key = tkey; 160 ec->keylen = tkeylen; 161 tkey = NULL; 162 if (enc) 163 keep_key = 1; 164 else 165 ERR_clear_error(); 166 167 } 168 169 if (ec->keylen != tkeylen) 170 { |
|
160 /* If necessary set key length */ 161 if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0) 162 { | 171 /* If necessary set key length */ 172 if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0) 173 { |
163 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, 164 CMS_R_INVALID_KEY_LENGTH); 165 goto err; | 174 /* Only reveal failure if debugging so we don't 175 * leak information which may be useful in MMA. 176 */ 177 if (enc || ec->debug) 178 { 179 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, 180 CMS_R_INVALID_KEY_LENGTH); 181 goto err; 182 } 183 else 184 { 185 /* Use random key */ 186 OPENSSL_cleanse(ec->key, ec->keylen); 187 OPENSSL_free(ec->key); 188 ec->key = tkey; 189 ec->keylen = tkeylen; 190 tkey = NULL; 191 ERR_clear_error(); 192 } |
166 } 167 } 168 169 if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0) 170 { 171 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, 172 CMS_R_CIPHER_INITIALISATION_ERROR); 173 goto err; --- 19 unchanged lines hidden (view full) --- 193 194 err: 195 if (ec->key && !keep_key) 196 { 197 OPENSSL_cleanse(ec->key, ec->keylen); 198 OPENSSL_free(ec->key); 199 ec->key = NULL; 200 } | 193 } 194 } 195 196 if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0) 197 { 198 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, 199 CMS_R_CIPHER_INITIALISATION_ERROR); 200 goto err; --- 19 unchanged lines hidden (view full) --- 220 221 err: 222 if (ec->key && !keep_key) 223 { 224 OPENSSL_cleanse(ec->key, ec->keylen); 225 OPENSSL_free(ec->key); 226 ec->key = NULL; 227 } |
228 if (tkey) 229 { 230 OPENSSL_cleanse(tkey, tkeylen); 231 OPENSSL_free(tkey); 232 } |
|
201 if (ok) 202 return b; 203 BIO_free(b); 204 return NULL; 205 } 206 207int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec, 208 const EVP_CIPHER *cipher, --- 54 unchanged lines hidden --- | 233 if (ok) 234 return b; 235 BIO_free(b); 236 return NULL; 237 } 238 239int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec, 240 const EVP_CIPHER *cipher, --- 54 unchanged lines hidden --- |