crypto/evp/evp_pbe.c

   1 /*
   2  * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <stdio.h>
  11 #include "internal/cryptlib.h"
  12 #include <openssl/evp.h>
  13 #include <openssl/pkcs12.h>
  14 #include <openssl/x509.h>
  15 #include "crypto/evp.h"
  16 #include "evp_local.h"
  17
  18 /* Password based encryption (PBE) functions */
  19
  20 /* Setup a cipher context from a PBE algorithm */
  21
  22 struct evp_pbe_st {
  23     int pbe_type;
  24     int pbe_nid;
  25     int cipher_nid;
  26     int md_nid;
  27     EVP_PBE_KEYGEN *keygen;
  28 };
  29
  30 static STACK_OF(EVP_PBE_CTL) *pbe_algs;
  31
  32 static const EVP_PBE_CTL builtin_pbe[] = {
  33     {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC,
  34      NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},
  35     {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC,
  36      NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
  37     {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC,
  38      NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
  39
  40     {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
  41
  42     {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4,
  43      NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},
  44     {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4,
  45      NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen},
  46     {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
  47      NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen},
  48     {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
  49      NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},
  50     {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC,
  51      NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},
  52     {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC,
  53      NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},
  54
  55     {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen},
  56
  57     {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC,
  58      NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen},
  59     {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC,
  60      NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},
  61     {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC,
  62      NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},
  63
  64     {EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0},
  65     {EVP_PBE_TYPE_PRF, NID_hmac_md5, -1, NID_md5, 0},
  66     {EVP_PBE_TYPE_PRF, NID_hmac_sha1, -1, NID_sha1, 0},
  67     {EVP_PBE_TYPE_PRF, NID_hmacWithMD5, -1, NID_md5, 0},
  68     {EVP_PBE_TYPE_PRF, NID_hmacWithSHA224, -1, NID_sha224, 0},
  69     {EVP_PBE_TYPE_PRF, NID_hmacWithSHA256, -1, NID_sha256, 0},
  70     {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},
  71     {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},
  72     {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},
  73     {EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_2012_256, -1,
  74      NID_id_GostR3411_2012_256, 0},
  75     {EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_2012_512, -1,
  76      NID_id_GostR3411_2012_512, 0},
  77     {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512_224, -1, NID_sha512_224, 0},
  78     {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512_256, -1, NID_sha512_256, 0},
  79     {EVP_PBE_TYPE_KDF, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
  80 #ifndef OPENSSL_NO_SCRYPT
  81     {EVP_PBE_TYPE_KDF, NID_id_scrypt, -1, -1, PKCS5_v2_scrypt_keyivgen}
  82 #endif
  83 };
  84
  85 int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
  86                        ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
  87 {
  88     const EVP_CIPHER *cipher;
  89     const EVP_MD *md;
  90     int cipher_nid, md_nid;
  91     EVP_PBE_KEYGEN *keygen;
  92
  93     if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj),
  94                       &cipher_nid, &md_nid, &keygen)) {
  95         char obj_tmp[80];
  96
  97         EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
  98         if (pbe_obj == NULL)
  99             OPENSSL_strlcpy(obj_tmp, "NULL", sizeof(obj_tmp));
 100         else
 101             i2t_ASN1_OBJECT(obj_tmp, sizeof(obj_tmp), pbe_obj);
 102         ERR_add_error_data(2, "TYPE=", obj_tmp);
 103         return 0;
 104     }
 105
 106     if (pass == NULL)
 107         passlen = 0;
 108     else if (passlen == -1)
 109         passlen = strlen(pass);
 110
 111     if (cipher_nid == -1)
 112         cipher = NULL;
 113     else {
 114         cipher = EVP_get_cipherbynid(cipher_nid);
 115         if (!cipher) {
 116             EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_CIPHER);
 117             return 0;
 118         }
 119     }
 120
 121     if (md_nid == -1)
 122         md = NULL;
 123     else {
 124         md = EVP_get_digestbynid(md_nid);
 125         if (!md) {
 126             EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_DIGEST);
 127             return 0;
 128         }
 129     }
 130
 131     if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) {
 132         EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_KEYGEN_FAILURE);
 133         return 0;
 134     }
 135     return 1;
 136 }
 137
 138 DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
 139
 140 static int pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2)
 141 {
 142     int ret = pbe1->pbe_type - pbe2->pbe_type;
 143     if (ret)
 144         return ret;
 145     else
 146         return pbe1->pbe_nid - pbe2->pbe_nid;
 147 }
 148
 149 IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
 150
 151 static int pbe_cmp(const EVP_PBE_CTL *const *a, const EVP_PBE_CTL *const *b)
 152 {
 153     int ret = (*a)->pbe_type - (*b)->pbe_type;
 154     if (ret)
 155         return ret;
 156     else
 157         return (*a)->pbe_nid - (*b)->pbe_nid;
 158 }
 159
 160 /* Add a PBE algorithm */
 161
 162 int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
 163                          int md_nid, EVP_PBE_KEYGEN *keygen)
 164 {
 165     EVP_PBE_CTL *pbe_tmp;
 166
 167     if (pbe_algs == NULL) {
 168         pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
 169         if (pbe_algs == NULL)
 170             goto err;
 171     }
 172
 173     if ((pbe_tmp = OPENSSL_malloc(sizeof(*pbe_tmp))) == NULL)
 174         goto err;
 175
 176     pbe_tmp->pbe_type = pbe_type;
 177     pbe_tmp->pbe_nid = pbe_nid;
 178     pbe_tmp->cipher_nid = cipher_nid;
 179     pbe_tmp->md_nid = md_nid;
 180     pbe_tmp->keygen = keygen;
 181
 182     if (!sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp)) {
 183         OPENSSL_free(pbe_tmp);
 184         goto err;
 185     }
 186     return 1;
 187
 188  err:
 189     EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
 190     return 0;
 191 }
 192
 193 int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
 194                     EVP_PBE_KEYGEN *keygen)
 195 {
 196     int cipher_nid, md_nid;
 197
 198     if (cipher)
 199         cipher_nid = EVP_CIPHER_nid(cipher);
 200     else
 201         cipher_nid = -1;
 202     if (md)
 203         md_nid = EVP_MD_type(md);
 204     else
 205         md_nid = -1;
 206
 207     return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid,
 208                                 cipher_nid, md_nid, keygen);
 209 }
 210
 211 int EVP_PBE_find(int type, int pbe_nid,
 212                  int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen)
 213 {
 214     EVP_PBE_CTL *pbetmp = NULL, pbelu;
 215     int i;
 216     if (pbe_nid == NID_undef)
 217         return 0;
 218
 219     pbelu.pbe_type = type;
 220     pbelu.pbe_nid = pbe_nid;
 221
 222     if (pbe_algs != NULL) {
 223         i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu);
 224         pbetmp = sk_EVP_PBE_CTL_value(pbe_algs, i);
 225     }
 226     if (pbetmp == NULL) {
 227         pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe, OSSL_NELEM(builtin_pbe));
 228     }
 229     if (pbetmp == NULL)
 230         return 0;
 231     if (pcnid)
 232         *pcnid = pbetmp->cipher_nid;
 233     if (pmnid)
 234         *pmnid = pbetmp->md_nid;
 235     if (pkeygen)
 236         *pkeygen = pbetmp->keygen;
 237     return 1;
 238 }
 239
 240 static void free_evp_pbe_ctl(EVP_PBE_CTL *pbe)
 241 {
 242     OPENSSL_free(pbe);
 243 }
 244
 245 void EVP_PBE_cleanup(void)
 246 {
 247     sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl);
 248     pbe_algs = NULL;
 249 }
 250
 251 int EVP_PBE_get(int *ptype, int *ppbe_nid, size_t num)
 252 {
 253     const EVP_PBE_CTL *tpbe;
 254
 255     if (num >= OSSL_NELEM(builtin_pbe))
 256         return 0;
 257
 258     tpbe = builtin_pbe + num;
 259     if (ptype)
 260         *ptype = tpbe->pbe_type;
 261     if (ppbe_nid)
 262         *ppbe_nid = tpbe->pbe_nid;
 263     return 1;
 264 }