crypto/pkcs12/p12_key.c - chromiumos/third_party/openssl - Git at Google

 /* p12_key.c */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
  * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
  *    the documentation and/or other materials provided with the
  *    distribution.
  *
  * 3. All advertising materials mentioning features or use of this
  *    software must display the following acknowledgment:
  *    "This product includes software developed by the OpenSSL Project
  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  *
  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  *    endorse or promote products derived from this software without
  *    prior written permission. For written permission, please contact
  *    licensing@OpenSSL.org.
  *
  * 5. Products derived from this software may not be called "OpenSSL"
  *    nor may "OpenSSL" appear in their names without prior written
  *    permission of the OpenSSL Project.
  *
  * 6. Redistributions of any form whatsoever must retain the following
  *    acknowledgment:
  *    "This product includes software developed by the OpenSSL Project
  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  *
  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  * OF THE POSSIBILITY OF SUCH DAMAGE.
  * ====================================================================
  *
  * This product includes cryptographic software written by Eric Young
  * (eay@cryptsoft.com).  This product includes software written by Tim
  * Hudson (tjh@cryptsoft.com).
  *
  */

 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/pkcs12.h>
 #include <openssl/bn.h>

 /* Uncomment out this line to get debugging info about key generation */
 /*#define DEBUG_KEYGEN*/
 #ifdef DEBUG_KEYGEN
 #include <openssl/bio.h>
 extern BIO *bio_err;
 void h__dump (unsigned char *p, int len);
 #endif

 /* PKCS12 compatible key/IV generation */
 #ifndef min
 #define min(a,b) ((a) < (b) ? (a) : (b))
 #endif

 int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
 	     int saltlen, int id, int iter, int n, unsigned char *out,
 	     const EVP_MD *md_type)
 {
 	int ret;
 	unsigned char *unipass;
 	int uniplen;

 	if(!pass) {
 		unipass = NULL;
 		uniplen = 0;
 	} else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) {
 		PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE);
 		return 0;
 	}
 	ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
 						 id, iter, n, out, md_type);
 	if (ret <= 0)
 	    return 0;
 	if(unipass) {
 		OPENSSL_cleanse(unipass, uniplen);	/* Clear password from memory */
 		OPENSSL_free(unipass);
 	}
 	return ret;
 }

 int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
 	     int saltlen, int id, int iter, int n, unsigned char *out,
 	     const EVP_MD *md_type)
 {
 	unsigned char *B, *D, *I, *p, *Ai;
 	int Slen, Plen, Ilen, Ijlen;
 	int i, j, u, v;
 	int ret = 0;
 	BIGNUM *Ij, *Bpl1;	/* These hold Ij and B + 1 */
 	EVP_MD_CTX ctx;
 #ifdef  DEBUG_KEYGEN
 	unsigned char *tmpout = out;
 	int tmpn = n;
 #endif

 #if 0
 	if (!pass) {
 		PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_PASSED_NULL_PARAMETER);
 		return 0;
 	}
 #endif

 	EVP_MD_CTX_init(&ctx);
 #ifdef  DEBUG_KEYGEN
 	fprintf(stderr, "KEYGEN DEBUG\n");
 	fprintf(stderr, "ID %d, ITER %d\n", id, iter);
 	fprintf(stderr, "Password (length %d):\n", passlen);
 	h__dump(pass, passlen);
 	fprintf(stderr, "Salt (length %d):\n", saltlen);
 	h__dump(salt, saltlen);
 #endif
 	v = EVP_MD_block_size (md_type);
 	u = EVP_MD_size (md_type);
 	if (u < 0)
 	    return 0;
 	D = OPENSSL_malloc (v);
 	Ai = OPENSSL_malloc (u);
 	B = OPENSSL_malloc (v + 1);
 	Slen = v * ((saltlen+v-1)/v);
 	if(passlen) Plen = v * ((passlen+v-1)/v);
 	else Plen = 0;
 	Ilen = Slen + Plen;
 	I = OPENSSL_malloc (Ilen);
 	Ij = BN_new();
 	Bpl1 = BN_new();
 	if (!D || !Ai || !B || !I || !Ij || !Bpl1)
 		goto err;
 	for (i = 0; i < v; i++) D[i] = id;
 	p = I;
 	for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen];
 	for (i = 0; i < Plen; i++) *p++ = pass[i % passlen];
 	for (;;) {
 		if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
 			|| !EVP_DigestUpdate(&ctx, D, v)
 			|| !EVP_DigestUpdate(&ctx, I, Ilen)
 			|| !EVP_DigestFinal_ex(&ctx, Ai, NULL))
 			goto err;
 		for (j = 1; j < iter; j++) {
 			if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
 				|| !EVP_DigestUpdate(&ctx, Ai, u)
 				|| !EVP_DigestFinal_ex(&ctx, Ai, NULL))
 			goto err;
 		}
 		memcpy (out, Ai, min (n, u));
 		if (u >= n) {
 #ifdef DEBUG_KEYGEN
 			fprintf(stderr, "Output KEY (length %d)\n", tmpn);
 			h__dump(tmpout, tmpn);
 #endif
 			ret = 1;
 			goto end;
 		}
 		n -= u;
 		out += u;
 		for (j = 0; j < v; j++) B[j] = Ai[j % u];
 		/* Work out B + 1 first then can use B as tmp space */
 		if (!BN_bin2bn (B, v, Bpl1))
 			goto err;
 		if (!BN_add_word (Bpl1, 1))
 			goto err;
 		for (j = 0; j < Ilen ; j+=v) {
 			if (!BN_bin2bn(I + j, v, Ij))
 				goto err;
 			if (!BN_add(Ij, Ij, Bpl1))
 				goto err;
 			if (!BN_bn2bin(Ij, B))
 				goto err;
 			Ijlen = BN_num_bytes (Ij);
 			/* If more than 2^(v*8) - 1 cut off MSB */
 			if (Ijlen > v) {
 				if (!BN_bn2bin (Ij, B))
 					goto err;
 				memcpy (I + j, B + 1, v);
 #ifndef PKCS12_BROKEN_KEYGEN
 			/* If less than v bytes pad with zeroes */
 			} else if (Ijlen < v) {
 				memset(I + j, 0, v - Ijlen);
 				if (!BN_bn2bin(Ij, I + j + v - Ijlen))
 					goto err;
 #endif
 			} else if (!BN_bn2bin (Ij, I + j))
 				goto err;
 		}
 	}

 err:
 	PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_MALLOC_FAILURE);

 end:
 	OPENSSL_free (Ai);
 	OPENSSL_free (B);
 	OPENSSL_free (D);
 	OPENSSL_free (I);
 	BN_free (Ij);
 	BN_free (Bpl1);
 	EVP_MD_CTX_cleanup(&ctx);
 	return ret;
 }
 #ifdef DEBUG_KEYGEN
 void h__dump (unsigned char *p, int len)
 {
 	for (; len --; p++) fprintf(stderr, "%02X", *p);
 	fprintf(stderr, "\n");
 }
 #endif
	/* p12_key.c */
	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
	* project 1999.
	*/
	/* ====================================================================
	* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
	*
	* Redistribution and use in source and binary forms, with or without
	* modification, are permitted provided that the following conditions
	* are met:
	*
	* 1. Redistributions of source code must retain the above copyright
	* notice, this list of conditions and the following disclaimer.
	*
	* 2. Redistributions in binary form must reproduce the above copyright
	* notice, this list of conditions and the following disclaimer in
	* the documentation and/or other materials provided with the
	* distribution.
	*
	* 3. All advertising materials mentioning features or use of this
	* software must display the following acknowledgment:
	* "This product includes software developed by the OpenSSL Project
	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
	*
	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	* endorse or promote products derived from this software without
	* prior written permission. For written permission, please contact
	* licensing@OpenSSL.org.
	*
	* 5. Products derived from this software may not be called "OpenSSL"
	* nor may "OpenSSL" appear in their names without prior written
	* permission of the OpenSSL Project.
	*
	* 6. Redistributions of any form whatsoever must retain the following
	* acknowledgment:
	* "This product includes software developed by the OpenSSL Project
	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
	*
	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	* OF THE POSSIBILITY OF SUCH DAMAGE.
	* ====================================================================
	*
	* This product includes cryptographic software written by Eric Young
	* (eay@cryptsoft.com). This product includes software written by Tim
	* Hudson (tjh@cryptsoft.com).
	*
	*/

	#include <stdio.h>
	#include "cryptlib.h"
	#include <openssl/pkcs12.h>
	#include <openssl/bn.h>

	/* Uncomment out this line to get debugging info about key generation */
	/#define DEBUG_KEYGEN/
	#ifdef DEBUG_KEYGEN
	#include <openssl/bio.h>
	extern BIO *bio_err;
	void h__dump (unsigned char *p, int len);
	#endif

	/* PKCS12 compatible key/IV generation */
	#ifndef min
	#define min(a,b) ((a) < (b) ? (a) : (b))
	#endif

	int PKCS12_key_gen_asc(const char pass, int passlen, unsigned char salt,
	int saltlen, int id, int iter, int n, unsigned char *out,
	const EVP_MD *md_type)
	{
	int ret;
	unsigned char *unipass;
	int uniplen;

	if(!pass) {
	unipass = NULL;
	uniplen = 0;
	} else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) {
	PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE);
	return 0;
	}
	ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
	id, iter, n, out, md_type);
	if (ret <= 0)
	return 0;
	if(unipass) {
	OPENSSL_cleanse(unipass, uniplen); /* Clear password from memory */
	OPENSSL_free(unipass);
	}
	return ret;
	}

	int PKCS12_key_gen_uni(unsigned char pass, int passlen, unsigned char salt,
	int saltlen, int id, int iter, int n, unsigned char *out,
	const EVP_MD *md_type)
	{
	unsigned char B, D, I, p, *Ai;
	int Slen, Plen, Ilen, Ijlen;
	int i, j, u, v;
	int ret = 0;
	BIGNUM Ij, Bpl1; /* These hold Ij and B + 1 */
	EVP_MD_CTX ctx;
	#ifdef DEBUG_KEYGEN
	unsigned char *tmpout = out;
	int tmpn = n;
	#endif

	#if 0
	if (!pass) {
	PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_PASSED_NULL_PARAMETER);
	return 0;
	}
	#endif

	EVP_MD_CTX_init(&ctx);
	#ifdef DEBUG_KEYGEN
	fprintf(stderr, "KEYGEN DEBUG\n");
	fprintf(stderr, "ID %d, ITER %d\n", id, iter);
	fprintf(stderr, "Password (length %d):\n", passlen);
	h__dump(pass, passlen);
	fprintf(stderr, "Salt (length %d):\n", saltlen);
	h__dump(salt, saltlen);
	#endif
	v = EVP_MD_block_size (md_type);
	u = EVP_MD_size (md_type);
	if (u < 0)
	return 0;
	D = OPENSSL_malloc (v);
	Ai = OPENSSL_malloc (u);
	B = OPENSSL_malloc (v + 1);
	Slen = v * ((saltlen+v-1)/v);
	if(passlen) Plen = v * ((passlen+v-1)/v);
	else Plen = 0;
	Ilen = Slen + Plen;
	I = OPENSSL_malloc (Ilen);
	Ij = BN_new();
	Bpl1 = BN_new();
	if (!D \|\| !Ai \|\| !B \|\| !I \|\| !Ij \|\| !Bpl1)
	goto err;
	for (i = 0; i < v; i++) D[i] = id;
	p = I;
	for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen];
	for (i = 0; i < Plen; i++) *p++ = pass[i % passlen];
	for (;;) {
	if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
	\|\| !EVP_DigestUpdate(&ctx, D, v)
	\|\| !EVP_DigestUpdate(&ctx, I, Ilen)
	\|\| !EVP_DigestFinal_ex(&ctx, Ai, NULL))
	goto err;
	for (j = 1; j < iter; j++) {
	if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
	\|\| !EVP_DigestUpdate(&ctx, Ai, u)
	\|\| !EVP_DigestFinal_ex(&ctx, Ai, NULL))
	goto err;
	}
	memcpy (out, Ai, min (n, u));
	if (u >= n) {
	#ifdef DEBUG_KEYGEN
	fprintf(stderr, "Output KEY (length %d)\n", tmpn);
	h__dump(tmpout, tmpn);
	#endif
	ret = 1;
	goto end;
	}
	n -= u;
	out += u;
	for (j = 0; j < v; j++) B[j] = Ai[j % u];
	/* Work out B + 1 first then can use B as tmp space */
	if (!BN_bin2bn (B, v, Bpl1))
	goto err;
	if (!BN_add_word (Bpl1, 1))
	goto err;
	for (j = 0; j < Ilen ; j+=v) {
	if (!BN_bin2bn(I + j, v, Ij))
	goto err;
	if (!BN_add(Ij, Ij, Bpl1))
	goto err;
	if (!BN_bn2bin(Ij, B))
	goto err;
	Ijlen = BN_num_bytes (Ij);
	/* If more than 2^(v8) - 1 cut off MSB /
	if (Ijlen > v) {
	if (!BN_bn2bin (Ij, B))
	goto err;
	memcpy (I + j, B + 1, v);
	#ifndef PKCS12_BROKEN_KEYGEN
	/* If less than v bytes pad with zeroes */
	} else if (Ijlen < v) {
	memset(I + j, 0, v - Ijlen);
	if (!BN_bn2bin(Ij, I + j + v - Ijlen))
	goto err;
	#endif
	} else if (!BN_bn2bin (Ij, I + j))
	goto err;
	}
	}

	err:
	PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_MALLOC_FAILURE);

	end:
	OPENSSL_free (Ai);
	OPENSSL_free (B);
	OPENSSL_free (D);
	OPENSSL_free (I);
	BN_free (Ij);
	BN_free (Bpl1);
	EVP_MD_CTX_cleanup(&ctx);
	return ret;
	}
	#ifdef DEBUG_KEYGEN
	void h__dump (unsigned char *p, int len)
	{
	for (; len --; p++) fprintf(stderr, "%02X", *p);
	fprintf(stderr, "\n");
	}
	#endif