OLD | NEW |
1 /* p5_pbe.c */ | 1 /* p5_pbe.c */ |
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 * project 1999. | 3 * project 1999. |
4 */ | 4 */ |
5 /* ==================================================================== | 5 /* ==================================================================== |
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. |
7 * | 7 * |
8 * Redistribution and use in source and binary forms, with or without | 8 * Redistribution and use in source and binary forms, with or without |
9 * modification, are permitted provided that the following conditions | 9 * modification, are permitted provided that the following conditions |
10 * are met: | 10 * are met: |
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
64 | 64 |
65 /* PKCS#5 password based encryption structure */ | 65 /* PKCS#5 password based encryption structure */ |
66 | 66 |
67 ASN1_SEQUENCE(PBEPARAM) = { | 67 ASN1_SEQUENCE(PBEPARAM) = { |
68 ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING), | 68 ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING), |
69 ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER) | 69 ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER) |
70 } ASN1_SEQUENCE_END(PBEPARAM) | 70 } ASN1_SEQUENCE_END(PBEPARAM) |
71 | 71 |
72 IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM) | 72 IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM) |
73 | 73 |
| 74 |
| 75 /* Set an algorithm identifier for a PKCS#5 PBE algorithm */ |
| 76 |
| 77 int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, |
| 78 const unsigned char *salt, int saltlen) |
| 79 { |
| 80 PBEPARAM *pbe=NULL; |
| 81 ASN1_STRING *pbe_str=NULL; |
| 82 unsigned char *sstr; |
| 83 |
| 84 pbe = PBEPARAM_new(); |
| 85 if (!pbe) |
| 86 { |
| 87 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); |
| 88 goto err; |
| 89 } |
| 90 if(iter <= 0) |
| 91 iter = PKCS5_DEFAULT_ITER; |
| 92 if (!ASN1_INTEGER_set(pbe->iter, iter)) |
| 93 { |
| 94 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); |
| 95 goto err; |
| 96 } |
| 97 if (!saltlen) |
| 98 saltlen = PKCS5_SALT_LEN; |
| 99 if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) |
| 100 { |
| 101 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); |
| 102 goto err; |
| 103 } |
| 104 sstr = ASN1_STRING_data(pbe->salt); |
| 105 if (salt) |
| 106 memcpy(sstr, salt, saltlen); |
| 107 else if (RAND_pseudo_bytes(sstr, saltlen) < 0) |
| 108 goto err; |
| 109 |
| 110 if(!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) |
| 111 { |
| 112 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); |
| 113 goto err; |
| 114 } |
| 115 |
| 116 PBEPARAM_free(pbe); |
| 117 pbe = NULL; |
| 118 |
| 119 if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str)) |
| 120 return 1; |
| 121 |
| 122 err: |
| 123 if (pbe != NULL) |
| 124 PBEPARAM_free(pbe); |
| 125 if (pbe_str != NULL) |
| 126 ASN1_STRING_free(pbe_str); |
| 127 return 0; |
| 128 } |
| 129 |
74 /* Return an algorithm identifier for a PKCS#5 PBE algorithm */ | 130 /* Return an algorithm identifier for a PKCS#5 PBE algorithm */ |
75 | 131 |
76 X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, | 132 X509_ALGOR *PKCS5_pbe_set(int alg, int iter, |
77 » int saltlen) | 133 » » » » const unsigned char *salt, int saltlen) |
78 { | 134 » { |
79 » PBEPARAM *pbe=NULL; | 135 » X509_ALGOR *ret; |
80 » ASN1_OBJECT *al; | 136 » ret = X509_ALGOR_new(); |
81 » X509_ALGOR *algor; | 137 » if (!ret) |
82 » ASN1_TYPE *astype=NULL; | 138 » » { |
| 139 » » ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); |
| 140 » » return NULL; |
| 141 » » } |
83 | 142 |
84 » if (!(pbe = PBEPARAM_new ())) { | 143 » if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen)) |
85 » » ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); | 144 » » return ret; |
86 » » goto err; | 145 |
| 146 » X509_ALGOR_free(ret); |
| 147 » return NULL; |
87 } | 148 } |
88 if(iter <= 0) iter = PKCS5_DEFAULT_ITER; | |
89 if (!ASN1_INTEGER_set(pbe->iter, iter)) { | |
90 ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); | |
91 goto err; | |
92 } | |
93 if (!saltlen) saltlen = PKCS5_SALT_LEN; | |
94 if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) { | |
95 ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); | |
96 goto err; | |
97 } | |
98 pbe->salt->length = saltlen; | |
99 if (salt) memcpy (pbe->salt->data, salt, saltlen); | |
100 else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) < 0) | |
101 goto err; | |
102 | |
103 if (!(astype = ASN1_TYPE_new())) { | |
104 ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); | |
105 goto err; | |
106 } | |
107 | |
108 astype->type = V_ASN1_SEQUENCE; | |
109 if(!ASN1_pack_string_of(PBEPARAM, pbe, i2d_PBEPARAM, | |
110 &astype->value.sequence)) { | |
111 ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); | |
112 goto err; | |
113 } | |
114 PBEPARAM_free (pbe); | |
115 pbe = NULL; | |
116 | |
117 al = OBJ_nid2obj(alg); /* never need to free al */ | |
118 if (!(algor = X509_ALGOR_new())) { | |
119 ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); | |
120 goto err; | |
121 } | |
122 ASN1_OBJECT_free(algor->algorithm); | |
123 algor->algorithm = al; | |
124 algor->parameter = astype; | |
125 | |
126 return (algor); | |
127 err: | |
128 if (pbe != NULL) PBEPARAM_free(pbe); | |
129 if (astype != NULL) ASN1_TYPE_free(astype); | |
130 return NULL; | |
131 } | |
OLD | NEW |