evp_pbe.c revision 291719 
150476Speter/* evp_pbe.c */
23229Spst/*
33229Spst * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
43229Spst * 1999.
53229Spst */
63229Spst/* ====================================================================
73229Spst * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
83229Spst *
93229Spst * Redistribution and use in source and binary forms, with or without
103229Spst * modification, are permitted provided that the following conditions
113229Spst * are met:
123229Spst *
133229Spst * 1. Redistributions of source code must retain the above copyright
143229Spst *    notice, this list of conditions and the following disclaimer.
153229Spst *
163229Spst * 2. Redistributions in binary form must reproduce the above copyright
173229Spst *    notice, this list of conditions and the following disclaimer in
183229Spst *    the documentation and/or other materials provided with the
193229Spst *    distribution.
203229Spst *
213229Spst * 3. All advertising materials mentioning features or use of this
223229Spst *    software must display the following acknowledgment:
233229Spst *    "This product includes software developed by the OpenSSL Project
243229Spst *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
253229Spst *
263229Spst * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
273229Spst *    endorse or promote products derived from this software without
283229Spst *    prior written permission. For written permission, please contact
293229Spst *    licensing@OpenSSL.org.
303229Spst *
313229Spst * 5. Products derived from this software may not be called "OpenSSL"
323229Spst *    nor may "OpenSSL" appear in their names without prior written
333229Spst *    permission of the OpenSSL Project.
343229Spst *
353229Spst * 6. Redistributions of any form whatsoever must retain the following
363229Spst *    acknowledgment:
373229Spst *    "This product includes software developed by the OpenSSL Project
383229Spst *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
393229Spst *
403229Spst * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
413229Spst * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
423229Spst * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
433229Spst * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
443229Spst * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
453229Spst * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
463229Spst * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
473229Spst * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
483229Spst * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
4913572Spst * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
503229Spst * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
513229Spst * OF THE POSSIBILITY OF SUCH DAMAGE.
523229Spst * ====================================================================
533229Spst *
543229Spst * This product includes cryptographic software written by Eric Young
553229Spst * (eay@cryptsoft.com).  This product includes software written by Tim
563229Spst * Hudson (tjh@cryptsoft.com).
5713572Spst *
583229Spst */
593229Spst
603229Spst#include <stdio.h>
613229Spst#include "cryptlib.h"
623229Spst#include <openssl/evp.h>
633229Spst#include <openssl/pkcs12.h>
643229Spst#include <openssl/x509.h>
653229Spst#include "evp_locl.h"
66
67/* Password based encryption (PBE) functions */
68
69DECLARE_STACK_OF(EVP_PBE_CTL)
70static STACK_OF(EVP_PBE_CTL) *pbe_algs;
71
72/* Setup a cipher context from a PBE algorithm */
73
74typedef struct {
75    int pbe_type;
76    int pbe_nid;
77    int cipher_nid;
78    int md_nid;
79    EVP_PBE_KEYGEN *keygen;
80} EVP_PBE_CTL;
81
82static const EVP_PBE_CTL builtin_pbe[] = {
83    {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC,
84     NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},
85    {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC,
86     NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
87    {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC,
88     NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
89
90#ifndef OPENSSL_NO_HMAC
91    {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
92#endif
93
94    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4,
95     NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},
96    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4,
97     NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen},
98    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
99     NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen},
100    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
101     NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},
102    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC,
103     NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},
104    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC,
105     NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},
106
107#ifndef OPENSSL_NO_HMAC
108    {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen},
109#endif
110    {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC,
111     NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen},
112    {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC,
113     NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},
114    {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC,
115     NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},
116
117    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0},
118    {EVP_PBE_TYPE_PRF, NID_hmacWithMD5, -1, NID_md5, 0},
119    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA224, -1, NID_sha224, 0},
120    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA256, -1, NID_sha256, 0},
121    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},
122    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},
123    {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},
124};
125
126#ifdef TEST
127int main(int argc, char **argv)
128{
129    int i, nid_md, nid_cipher;
130    EVP_PBE_CTL *tpbe, *tpbe2;
131    /*
132     * OpenSSL_add_all_algorithms();
133     */
134
135    for (i = 0; i < sizeof(builtin_pbe) / sizeof(EVP_PBE_CTL); i++) {
136        tpbe = builtin_pbe + i;
137        fprintf(stderr, "%d %d %s ", tpbe->pbe_type, tpbe->pbe_nid,
138                OBJ_nid2sn(tpbe->pbe_nid));
139        if (EVP_PBE_find(tpbe->pbe_type, tpbe->pbe_nid,
140                         &nid_cipher, &nid_md, 0))
141            fprintf(stderr, "Found %s %s\n",
142                    OBJ_nid2sn(nid_cipher), OBJ_nid2sn(nid_md));
143        else
144            fprintf(stderr, "Find ERROR!!\n");
145    }
146
147    return 0;
148}
149#endif
150
151int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
152                       ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
153{
154    const EVP_CIPHER *cipher;
155    const EVP_MD *md;
156    int cipher_nid, md_nid;
157    EVP_PBE_KEYGEN *keygen;
158
159    if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj),
160                      &cipher_nid, &md_nid, &keygen)) {
161        char obj_tmp[80];
162        EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
163        if (!pbe_obj)
164            BUF_strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
165        else
166            i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
167        ERR_add_error_data(2, "TYPE=", obj_tmp);
168        return 0;
169    }
170
171    if (!pass)
172        passlen = 0;
173    else if (passlen == -1)
174        passlen = strlen(pass);
175
176    if (cipher_nid == -1)
177        cipher = NULL;
178    else {
179        cipher = EVP_get_cipherbynid(cipher_nid);
180        if (!cipher) {
181            EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_CIPHER);
182            return 0;
183        }
184    }
185
186    if (md_nid == -1)
187        md = NULL;
188    else {
189        md = EVP_get_digestbynid(md_nid);
190        if (!md) {
191            EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_DIGEST);
192            return 0;
193        }
194    }
195
196    if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) {
197        EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_KEYGEN_FAILURE);
198        return 0;
199    }
200    return 1;
201}
202
203DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
204
205static int pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2)
206{
207    int ret = pbe1->pbe_type - pbe2->pbe_type;
208    if (ret)
209        return ret;
210    else
211        return pbe1->pbe_nid - pbe2->pbe_nid;
212}
213
214IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
215
216static int pbe_cmp(const EVP_PBE_CTL *const *a, const EVP_PBE_CTL *const *b)
217{
218    int ret = (*a)->pbe_type - (*b)->pbe_type;
219    if (ret)
220        return ret;
221    else
222        return (*a)->pbe_nid - (*b)->pbe_nid;
223}
224
225/* Add a PBE algorithm */
226
227int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
228                         int md_nid, EVP_PBE_KEYGEN *keygen)
229{
230    EVP_PBE_CTL *pbe_tmp;
231
232    if (pbe_algs == NULL) {
233        pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
234        if (pbe_algs == NULL)
235            goto err;
236    }
237
238    if ((pbe_tmp = OPENSSL_malloc(sizeof(*pbe_tmp))) == NULL)
239        goto err;
240
241    pbe_tmp->pbe_type = pbe_type;
242    pbe_tmp->pbe_nid = pbe_nid;
243    pbe_tmp->cipher_nid = cipher_nid;
244    pbe_tmp->md_nid = md_nid;
245    pbe_tmp->keygen = keygen;
246
247    sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp);
248    return 1;
249
250 err:
251    EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
252    return 0;
253}
254
255int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
256                    EVP_PBE_KEYGEN *keygen)
257{
258    int cipher_nid, md_nid;
259    if (cipher)
260        cipher_nid = EVP_CIPHER_nid(cipher);
261    else
262        cipher_nid = -1;
263    if (md)
264        md_nid = EVP_MD_type(md);
265    else
266        md_nid = -1;
267
268    return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid,
269                                cipher_nid, md_nid, keygen);
270}
271
272int EVP_PBE_find(int type, int pbe_nid,
273                 int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen)
274{
275    EVP_PBE_CTL *pbetmp = NULL, pbelu;
276    int i;
277    if (pbe_nid == NID_undef)
278        return 0;
279
280    pbelu.pbe_type = type;
281    pbelu.pbe_nid = pbe_nid;
282
283    if (pbe_algs) {
284        i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu);
285        if (i != -1)
286            pbetmp = sk_EVP_PBE_CTL_value(pbe_algs, i);
287    }
288    if (pbetmp == NULL) {
289        pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe,
290                                  sizeof(builtin_pbe) / sizeof(EVP_PBE_CTL));
291    }
292    if (pbetmp == NULL)
293        return 0;
294    if (pcnid)
295        *pcnid = pbetmp->cipher_nid;
296    if (pmnid)
297        *pmnid = pbetmp->md_nid;
298    if (pkeygen)
299        *pkeygen = pbetmp->keygen;
300    return 1;
301}
302
303static void free_evp_pbe_ctl(EVP_PBE_CTL *pbe)
304{
305    OPENSSL_freeFunc(pbe);
306}
307
308void EVP_PBE_cleanup(void)
309{
310    sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl);
311    pbe_algs = NULL;
312}
313