GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: lib/libcrypto/pkcs12/p12_key.c Lines: 52 77 67.5 %
Date: 2017-11-13 Branches: 22 60 36.7 %

Line Branch Exec Source
1
/* $OpenBSD: p12_key.c,v 1.26 2017/05/02 03:59:45 deraadt Exp $ */
2
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3
 * project 1999.
4
 */
5
/* ====================================================================
6
 * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
7
 *
8
 * Redistribution and use in source and binary forms, with or without
9
 * modification, are permitted provided that the following conditions
10
 * are met:
11
 *
12
 * 1. Redistributions of source code must retain the above copyright
13
 *    notice, this list of conditions and the following disclaimer.
14
 *
15
 * 2. Redistributions in binary form must reproduce the above copyright
16
 *    notice, this list of conditions and the following disclaimer in
17
 *    the documentation and/or other materials provided with the
18
 *    distribution.
19
 *
20
 * 3. All advertising materials mentioning features or use of this
21
 *    software must display the following acknowledgment:
22
 *    "This product includes software developed by the OpenSSL Project
23
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24
 *
25
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26
 *    endorse or promote products derived from this software without
27
 *    prior written permission. For written permission, please contact
28
 *    licensing@OpenSSL.org.
29
 *
30
 * 5. Products derived from this software may not be called "OpenSSL"
31
 *    nor may "OpenSSL" appear in their names without prior written
32
 *    permission of the OpenSSL Project.
33
 *
34
 * 6. Redistributions of any form whatsoever must retain the following
35
 *    acknowledgment:
36
 *    "This product includes software developed by the OpenSSL Project
37
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38
 *
39
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50
 * OF THE POSSIBILITY OF SUCH DAMAGE.
51
 * ====================================================================
52
 *
53
 * This product includes cryptographic software written by Eric Young
54
 * (eay@cryptsoft.com).  This product includes software written by Tim
55
 * Hudson (tjh@cryptsoft.com).
56
 *
57
 */
58
59
#include <stdio.h>
60
#include <string.h>
61
62
#include <openssl/bn.h>
63
#include <openssl/err.h>
64
#include <openssl/pkcs12.h>
65
66
/* PKCS12 compatible key/IV generation */
67
#ifndef min
68
#define min(a,b) ((a) < (b) ? (a) : (b))
69
#endif
70
71
int
72
PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
73
    int saltlen, int id, int iter, int n, unsigned char *out,
74
    const EVP_MD *md_type)
75
{
76
	int ret;
77
12
	unsigned char *unipass;
78
6
	int uniplen;
79
80
6
	if (!pass) {
81
		unipass = NULL;
82
		uniplen = 0;
83
6
	} else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) {
84
		PKCS12error(ERR_R_MALLOC_FAILURE);
85
		return 0;
86
	}
87
6
	ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
88
	    id, iter, n, out, md_type);
89
6
	if (ret <= 0)
90
		return 0;
91
6
	freezero(unipass, uniplen);
92
6
	return ret;
93
6
}
94
95
int
96
PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
97
    int saltlen, int id, int iter, int n, unsigned char *out,
98
    const EVP_MD *md_type)
99
{
100
	unsigned char *B, *D, *I, *p, *Ai;
101
	int Slen, Plen, Ilen, Ijlen;
102
	int i, j, u, v;
103
	int ret = 0;
104
	BIGNUM *Ij, *Bpl1;	/* These hold Ij and B + 1 */
105
12
	EVP_MD_CTX ctx;
106
107
6
	v = EVP_MD_block_size(md_type);
108
6
	u = EVP_MD_size(md_type);
109
6
	if (u < 0)
110
		return 0;
111
112
6
	EVP_MD_CTX_init(&ctx);
113
6
	D = malloc(v);
114
6
	Ai = malloc(u);
115
6
	B = malloc(v + 1);
116
6
	Slen = v * ((saltlen + v - 1) / v);
117
6
	if (passlen)
118
6
		Plen = v * ((passlen + v - 1)/v);
119
	else
120
		Plen = 0;
121
6
	Ilen = Slen + Plen;
122
6
	I = malloc(Ilen);
123
6
	Ij = BN_new();
124
6
	Bpl1 = BN_new();
125
6
	if (!D || !Ai || !B || !I || !Ij || !Bpl1)
126
		goto err;
127
780
	for (i = 0; i < v; i++)
128
384
		D[i] = id;
129
	p = I;
130
780
	for (i = 0; i < Slen; i++)
131
384
		*p++ = salt[i % saltlen];
132
780
	for (i = 0; i < Plen; i++)
133
384
		*p++ = pass[i % passlen];
134
6
	for (;;) {
135

12
		if (!EVP_DigestInit_ex(&ctx, md_type, NULL) ||
136
6
		    !EVP_DigestUpdate(&ctx, D, v) ||
137
6
		    !EVP_DigestUpdate(&ctx, I, Ilen) ||
138
6
		    !EVP_DigestFinal_ex(&ctx, Ai, NULL))
139
			goto err;
140
24576
		for (j = 1; j < iter; j++) {
141

24564
			if (!EVP_DigestInit_ex(&ctx, md_type, NULL) ||
142
12282
			    !EVP_DigestUpdate(&ctx, Ai, u) ||
143
12282
			    !EVP_DigestFinal_ex(&ctx, Ai, NULL))
144
				goto err;
145
		}
146
6
		memcpy (out, Ai, min (n, u));
147
6
		if (u >= n) {
148
			ret = 1;
149
6
			goto end;
150
		}
151
		n -= u;
152
		out += u;
153
		for (j = 0; j < v; j++)
154
			B[j] = Ai[j % u];
155
		/* Work out B + 1 first then can use B as tmp space */
156
		if (!BN_bin2bn (B, v, Bpl1))
157
			goto err;
158
		if (!BN_add_word (Bpl1, 1))
159
			goto err;
160
		for (j = 0; j < Ilen; j += v) {
161
			if (!BN_bin2bn(I + j, v, Ij))
162
				goto err;
163
			if (!BN_add(Ij, Ij, Bpl1))
164
				goto err;
165
			if (!BN_bn2bin(Ij, B))
166
				goto err;
167
			Ijlen = BN_num_bytes (Ij);
168
			/* If more than 2^(v*8) - 1 cut off MSB */
169
			if (Ijlen > v) {
170
				if (!BN_bn2bin (Ij, B))
171
					goto err;
172
				memcpy (I + j, B + 1, v);
173
#ifndef PKCS12_BROKEN_KEYGEN
174
				/* If less than v bytes pad with zeroes */
175
			} else if (Ijlen < v) {
176
				memset(I + j, 0, v - Ijlen);
177
				if (!BN_bn2bin(Ij, I + j + v - Ijlen))
178
					goto err;
179
#endif
180
			} else if (!BN_bn2bin (Ij, I + j))
181
				goto err;
182
		}
183
	}
184
185
err:
186
	PKCS12error(ERR_R_MALLOC_FAILURE);
187
188
end:
189
6
	free(Ai);
190
6
	free(B);
191
6
	free(D);
192
6
	free(I);
193
6
	BN_free(Ij);
194
6
	BN_free(Bpl1);
195
6
	EVP_MD_CTX_cleanup(&ctx);
196
6
	return ret;
197
6
}