1/* 2 * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10#include <stdio.h> 11#include "internal/cryptlib.h" 12#include <openssl/x509.h> 13#include <openssl/objects.h> 14#include <openssl/evp.h> 15#include <openssl/ui.h> 16 17#ifndef BUFSIZ 18# define BUFSIZ 256 19#endif 20 21/* should be init to zeros. */ 22static char prompt_string[80]; 23 24void EVP_set_pw_prompt(const char *prompt) 25{ 26 if (prompt == NULL) 27 prompt_string[0] = '\0'; 28 else { 29 strncpy(prompt_string, prompt, 79); 30 prompt_string[79] = '\0'; 31 } 32} 33 34char *EVP_get_pw_prompt(void) 35{ 36 if (prompt_string[0] == '\0') 37 return NULL; 38 else 39 return prompt_string; 40} 41 42/* 43 * For historical reasons, the standard function for reading passwords is in 44 * the DES library -- if someone ever wants to disable DES, this function 45 * will fail 46 */ 47int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) 48{ 49 return EVP_read_pw_string_min(buf, 0, len, prompt, verify); 50} 51 52int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, 53 int verify) 54{ 55 int ret = -1; 56 char buff[BUFSIZ]; 57 UI *ui; 58 59 if ((prompt == NULL) && (prompt_string[0] != '\0')) 60 prompt = prompt_string; 61 ui = UI_new(); 62 if (ui == NULL) 63 return ret; 64 if (UI_add_input_string(ui, prompt, 0, buf, min, 65 (len >= BUFSIZ) ? BUFSIZ - 1 : len) < 0 66 || (verify 67 && UI_add_verify_string(ui, prompt, 0, buff, min, 68 (len >= BUFSIZ) ? BUFSIZ - 1 : len, 69 buf) < 0)) 70 goto end; 71 ret = UI_process(ui); 72 OPENSSL_cleanse(buff, BUFSIZ); 73 end: 74 UI_free(ui); 75 return ret; 76} 77 78int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, 79 const unsigned char *salt, const unsigned char *data, 80 int datal, int count, unsigned char *key, 81 unsigned char *iv) 82{ 83 EVP_MD_CTX *c; 84 unsigned char md_buf[EVP_MAX_MD_SIZE]; 85 int niv, nkey, addmd = 0; 86 unsigned int mds = 0, i; 87 int rv = 0; 88 nkey = EVP_CIPHER_get_key_length(type); 89 niv = EVP_CIPHER_get_iv_length(type); 90 OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH); 91 OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH); 92 93 if (data == NULL) 94 return nkey; 95 96 c = EVP_MD_CTX_new(); 97 if (c == NULL) 98 goto err; 99 for (;;) { 100 if (!EVP_DigestInit_ex(c, md, NULL)) 101 goto err; 102 if (addmd++) 103 if (!EVP_DigestUpdate(c, &(md_buf[0]), mds)) 104 goto err; 105 if (!EVP_DigestUpdate(c, data, datal)) 106 goto err; 107 if (salt != NULL) 108 if (!EVP_DigestUpdate(c, salt, PKCS5_SALT_LEN)) 109 goto err; 110 if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds)) 111 goto err; 112 113 for (i = 1; i < (unsigned int)count; i++) { 114 if (!EVP_DigestInit_ex(c, md, NULL)) 115 goto err; 116 if (!EVP_DigestUpdate(c, &(md_buf[0]), mds)) 117 goto err; 118 if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds)) 119 goto err; 120 } 121 i = 0; 122 if (nkey) { 123 for (;;) { 124 if (nkey == 0) 125 break; 126 if (i == mds) 127 break; 128 if (key != NULL) 129 *(key++) = md_buf[i]; 130 nkey--; 131 i++; 132 } 133 } 134 if (niv && (i != mds)) { 135 for (;;) { 136 if (niv == 0) 137 break; 138 if (i == mds) 139 break; 140 if (iv != NULL) 141 *(iv++) = md_buf[i]; 142 niv--; 143 i++; 144 } 145 } 146 if ((nkey == 0) && (niv == 0)) 147 break; 148 } 149 rv = EVP_CIPHER_get_key_length(type); 150 err: 151 EVP_MD_CTX_free(c); 152 OPENSSL_cleanse(md_buf, sizeof(md_buf)); 153 return rv; 154} 155