generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Change PBE handling a bit more: now the key and iv generator does calls

Browse Source 
EVP_CipherInit() this because the IV wont be easily available when doing
PKCS#5 v2.0
This commit is contained in:
Dr. Stephen Henson 1999-06-06 18:41:52 +00:00
parent 69cbf46811
commit 2bd83ca1c9
5 changed files with 24 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
crypto/evp/evp.h
View File

@ -395,9 +395,9 @@ typedef struct evp_Encode_Ctx_st
} EVP_ENCODE_CTX; } EVP_ENCODE_CTX;
/* Password based encryption function */ /* Password based encryption function */
typedef int (EVP_PBE_KEYGEN)(const char *pass, int passlen, typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER *cipher, ASN1_TYPE *param, EVP_CIPHER *cipher,
EVP_MD *md, unsigned char *key, unsigned char *iv); EVP_MD *md, int en_de);
#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ #define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
(char *)(rsa)) (char *)(rsa))
@ -635,9 +635,9 @@ int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type); int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
/* PKCS5 password based encryption */ /* PKCS5 password based encryption */
int PKCS5_PBE_keyivgen(const char *pass, int passlen, ASN1_TYPE *param, int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
EVP_CIPHER *cipher, EVP_MD *md, ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
unsigned char *key, unsigned char *iv); int en_de);
void PKCS5_PBE_add(void); void PKCS5_PBE_add(void);

6
crypto/evp/evp_pbe.c
View File

@ -79,7 +79,6 @@ int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
{ {
EVP_PBE_CTL *pbetmp, pbelu; EVP_PBE_CTL *pbetmp, pbelu;
unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
int i; int i;
pbelu.pbe_nid = OBJ_obj2nid(pbe_obj); pbelu.pbe_nid = OBJ_obj2nid(pbe_obj);
if (pbelu.pbe_nid != NID_undef) i = sk_find(pbe_algs, (char *)&pbelu); if (pbelu.pbe_nid != NID_undef) i = sk_find(pbe_algs, (char *)&pbelu);
@ -95,13 +94,12 @@ int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
} }
if (passlen == -1) passlen = strlen(pass); if (passlen == -1) passlen = strlen(pass);
pbetmp = (EVP_PBE_CTL *)sk_value (pbe_algs, i); pbetmp = (EVP_PBE_CTL *)sk_value (pbe_algs, i);
i = (*pbetmp->keygen)(pass, passlen, param, pbetmp->cipher, i = (*pbetmp->keygen)(ctx, pass, passlen, param, pbetmp->cipher,
pbetmp->md, key, iv); pbetmp->md, en_de);
if (!i) { if (!i) {
EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE); EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE);
return 0; return 0;
} }
EVP_CipherInit (ctx, pbetmp->cipher, key, iv, en_de);
return 1; return 1;
} }

11
crypto/evp/p5_crpt.c
View File

@ -85,12 +85,13 @@ EVP_PBE_alg_add(NID_pbeWithSHA1AndRC2_CBC, EVP_rc2_64_cbc(), EVP_sha1(),
#endif #endif
} }
int PKCS5_PBE_keyivgen(const char *pass, int passlen, ASN1_TYPE *param, int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
EVP_CIPHER *cipher, EVP_MD *md, ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
unsigned char *key, unsigned char *iv) int en_de)
{ {
EVP_MD_CTX ctx; EVP_MD_CTX ctx;
unsigned char md_tmp[EVP_MAX_MD_SIZE]; unsigned char md_tmp[EVP_MAX_MD_SIZE];
unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
int i; int i;
PBEPARAM *pbe; PBEPARAM *pbe;
int saltlen, iter; int saltlen, iter;
@ -122,5 +123,9 @@ int PKCS5_PBE_keyivgen(const char *pass, int passlen, ASN1_TYPE *param,
memcpy (key, md_tmp, EVP_CIPHER_key_length(cipher)); memcpy (key, md_tmp, EVP_CIPHER_key_length(cipher));
memcpy (iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), memcpy (iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
EVP_CIPHER_iv_length(cipher)); EVP_CIPHER_iv_length(cipher));
EVP_CipherInit(cctx, cipher, key, iv, en_de);
memset(md_tmp, 0, EVP_MAX_MD_SIZE);
memset(key, 0, EVP_MAX_KEY_LENGTH);
memset(iv, 0, EVP_MAX_IV_LENGTH);
return 1; return 1;
} }

9
crypto/pkcs12/p12_crpt.c
View File

@ -82,13 +82,13 @@ EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc(),
#endif #endif
} }
int PKCS12_PBE_keyivgen (const char *pass, int passlen, ASN1_TYPE *param, int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
EVP_CIPHER *cipher, EVP_MD *md, ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md, int en_de)
unsigned char *key, unsigned char *iv)
{ {
PBEPARAM *pbe; PBEPARAM *pbe;
int saltlen, iter; int saltlen, iter;
unsigned char *salt, *pbuf; unsigned char *salt, *pbuf;
unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
/* Extract useful info from parameter */ /* Extract useful info from parameter */
pbuf = param->value.sequence->data; pbuf = param->value.sequence->data;
@ -115,5 +115,8 @@ int PKCS12_PBE_keyivgen (const char *pass, int passlen, ASN1_TYPE *param,
return 0; return 0;
} }
PBEPARAM_free(pbe); PBEPARAM_free(pbe);
EVP_CipherInit(ctx, cipher, key, iv, en_de);
memset(key, 0, EVP_MAX_KEY_LENGTH);
memset(iv, 0, EVP_MAX_IV_LENGTH);
return 1; return 1;
} }

6
crypto/pkcs12/pkcs12.h
View File

@ -230,9 +230,9 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
int saltlen, int id, int iter, int n, int saltlen, int id, int iter, int n,
unsigned char *out, const EVP_MD *md_type); unsigned char *out, const EVP_MD *md_type);
int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, const EVP_MD *md_type); int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, const EVP_MD *md_type);
int PKCS12_PBE_keyivgen(const char *pass, int passlen, ASN1_TYPE *param, int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
EVP_CIPHER *cipher, EVP_MD *md_type, ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md_type,
unsigned char *key, unsigned char *iv); int en_de);
int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
unsigned char *mac, unsigned int *maclen); unsigned char *mac, unsigned int *maclen);
int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen); int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);