Change PBE handling a bit more: now the key and iv generator does calls (2bd83ca1) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/evp/evp.h

+5 −5

Original line number	Diff line number	Diff line
		@@ -395,9 +395,9 @@ typedef struct evp_Encode_Ctx_st
		} EVP_ENCODE_CTX;

		/* Password based encryption function */
		typedef int (EVP_PBE_KEYGEN)(const char *pass, int passlen,
		typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX ctx, const char pass, int passlen,
		ASN1_TYPE param, EVP_CIPHER cipher,
		EVP_MD md, unsigned char key, unsigned char *iv);
		EVP_MD *md, int en_de);

		#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
		(char *)(rsa))
		@@ -635,9 +635,9 @@ int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX c,ASN1_TYPE type);
		int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX c,ASN1_TYPE type);

		/* PKCS5 password based encryption */
		int PKCS5_PBE_keyivgen(const char pass, int passlen, ASN1_TYPE param,
		EVP_CIPHER cipher, EVP_MD md,
		unsigned char key, unsigned char iv);
		int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX ctx, const char pass, int passlen,
		ASN1_TYPE param, EVP_CIPHER cipher, EVP_MD *md,
		int en_de);

		void PKCS5_PBE_add(void);

+2 −4

Original line number	Diff line number	Diff line
		@@ -79,7 +79,6 @@ int EVP_PBE_CipherInit (ASN1_OBJECT pbe_obj, const char pass, int passlen,
		{

		EVP_PBE_CTL *pbetmp, pbelu;
		unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
		int i;
		pbelu.pbe_nid = OBJ_obj2nid(pbe_obj);
		if (pbelu.pbe_nid != NID_undef) i = sk_find(pbe_algs, (char *)&pbelu);
		@@ -95,13 +94,12 @@ int EVP_PBE_CipherInit (ASN1_OBJECT pbe_obj, const char pass, int passlen,
		}
		if (passlen == -1) passlen = strlen(pass);
		pbetmp = (EVP_PBE_CTL *)sk_value (pbe_algs, i);
		i = (*pbetmp->keygen)(pass, passlen, param, pbetmp->cipher,
		pbetmp->md, key, iv);
		i = (*pbetmp->keygen)(ctx, pass, passlen, param, pbetmp->cipher,
		pbetmp->md, en_de);
		if (!i) {
		EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE);
		return 0;
		}
		EVP_CipherInit (ctx, pbetmp->cipher, key, iv, en_de);
		return 1;
		}

+8 −3

Original line number	Diff line number	Diff line
		@@ -85,12 +85,13 @@ EVP_PBE_alg_add(NID_pbeWithSHA1AndRC2_CBC, EVP_rc2_64_cbc(), EVP_sha1(),
		#endif
		}

		int PKCS5_PBE_keyivgen(const char pass, int passlen, ASN1_TYPE param,
		EVP_CIPHER cipher, EVP_MD md,
		unsigned char key, unsigned char iv)
		int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX cctx, const char pass, int passlen,
		ASN1_TYPE param, EVP_CIPHER cipher, EVP_MD *md,
		int en_de)
		{
		EVP_MD_CTX ctx;
		unsigned char md_tmp[EVP_MAX_MD_SIZE];
		unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
		int i;
		PBEPARAM *pbe;
		int saltlen, iter;
		@@ -122,5 +123,9 @@ int PKCS5_PBE_keyivgen(const char pass, int passlen, ASN1_TYPE param,
		memcpy (key, md_tmp, EVP_CIPHER_key_length(cipher));
		memcpy (iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
		EVP_CIPHER_iv_length(cipher));
		EVP_CipherInit(cctx, cipher, key, iv, en_de);
		memset(md_tmp, 0, EVP_MAX_MD_SIZE);
		memset(key, 0, EVP_MAX_KEY_LENGTH);
		memset(iv, 0, EVP_MAX_IV_LENGTH);
		return 1;
		}

+6 −3

Original line number	Diff line number	Diff line
		@@ -82,13 +82,13 @@ EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc(),
		#endif
		}

		int PKCS12_PBE_keyivgen (const char pass, int passlen, ASN1_TYPE param,
		EVP_CIPHER cipher, EVP_MD md,
		unsigned char key, unsigned char iv)
		int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX ctx, const char pass, int passlen,
		ASN1_TYPE param, EVP_CIPHER cipher, EVP_MD *md, int en_de)
		{
		PBEPARAM *pbe;
		int saltlen, iter;
		unsigned char salt, pbuf;
		unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];

		/* Extract useful info from parameter */
		pbuf = param->value.sequence->data;
		@@ -115,5 +115,8 @@ int PKCS12_PBE_keyivgen (const char pass, int passlen, ASN1_TYPE param,
		return 0;
		}
		PBEPARAM_free(pbe);
		EVP_CipherInit(ctx, cipher, key, iv, en_de);
		memset(key, 0, EVP_MAX_KEY_LENGTH);
		memset(iv, 0, EVP_MAX_IV_LENGTH);
		return 1;
		}

+3 −3

Original line number	Diff line number	Diff line
		@@ -230,9 +230,9 @@ int PKCS12_key_gen_asc(const char pass, int passlen, unsigned char salt,
		int saltlen, int id, int iter, int n,
		unsigned char out, const EVP_MD md_type);
		int PKCS12_key_gen_uni(unsigned char pass, int passlen, unsigned char salt, int saltlen, int id, int iter, int n, unsigned char out, const EVP_MD md_type);
		int PKCS12_PBE_keyivgen(const char pass, int passlen, ASN1_TYPE param,
		EVP_CIPHER cipher, EVP_MD md_type,
		unsigned char key, unsigned char iv);
		int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX ctx, const char pass, int passlen,
		ASN1_TYPE param, EVP_CIPHER cipher, EVP_MD *md_type,
		int en_de);
		int PKCS12_gen_mac(PKCS12 p12, const char pass, int passlen,
		unsigned char mac, unsigned int maclen);
		int PKCS12_verify_mac(PKCS12 p12, const char pass, int passlen);

Original line number	Diff line number	Diff line
		@@ -230,9 +230,9 @@ int PKCS12_key_gen_asc(const char pass, int passlen, unsigned char salt,
		int saltlen, int id, int iter, int n,
		unsigned char out, const EVP_MD md_type);
		int PKCS12_key_gen_uni(unsigned char pass, int passlen, unsigned char salt, int saltlen, int id, int iter, int n, unsigned char out, const EVP_MD md_type);
		int PKCS12_PBE_keyivgen(const char pass, int passlen, ASN1_TYPE param,
		EVP_CIPHER cipher, EVP_MD md_type,
		unsigned char key, unsigned char iv);
		int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX ctx, const char pass, int passlen,
		ASN1_TYPE param, EVP_CIPHER cipher, EVP_MD *md_type,
		int en_de);
		int PKCS12_gen_mac(PKCS12 p12, const char pass, int passlen,
		unsigned char mac, unsigned int maclen);
		int PKCS12_verify_mac(PKCS12 p12, const char pass, int passlen);