Commit 3d63b396 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Split PBES2 into cipher and PBKDF2 versions. This tidies the code somewhat 

and is a pre-requisite to adding password based CMS support.
parent 451038b4

CHANGES

+15 −7
Original line number Diff line number Diff line
@@ -2,14 +2,12 @@ 
 OpenSSL CHANGES

 _______________



 Changes between 0.9.8l and 1.0  [xx XXX xxxx]

 Changes between 1.0 and 1.1  [xx XXX xxxx]



  *) Add load_crls() function to apps tidying load_certs() too. Add option

     to verify utility to allow additional CRLs to be included.

     [Steve Henson]



  *) Update OCSP request code to permit adding custom headers to the request:

     some responders need this.

  *) Split password based encryption into PBES2 and PBKDF2 functions. This

     neatly separates the code into cipher and PBE sections and is required

     for some algorithms that split PBES2 into separate pieces (such as

     password based CMS).

     [Steve Henson]



  *) Extensive audit of libcrypto with DEBUG_UNUSED. Fix many cases where
@@ -25,6 +23,16 @@ 
     whose return value is often ignored. 

     [Steve Henson]



 Changes between 0.9.8l and 1.0  [xx XXX xxxx]



  *) Add load_crls() function to apps tidying load_certs() too. Add option

     to verify utility to allow additional CRLs to be included.

     [Steve Henson]



  *) Update OCSP request code to permit adding custom headers to the request:

     some responders need this.

     [Steve Henson]



  *) The function EVP_PKEY_sign() returns <=0 on error: check return code

     correctly.

     [Julia Lawall <julia@diku.dk>]

crypto/asn1/asn1.h

+1 −0
Original line number Diff line number Diff line
@@ -1266,6 +1266,7 @@ void ERR_load_ASN1_strings(void); 
#define ASN1_F_PKCS5_PBE2_SET_IV			 167

#define ASN1_F_PKCS5_PBE_SET				 202

#define ASN1_F_PKCS5_PBE_SET0_ALGOR			 215

#define ASN1_F_PKCS5_PBKDF2_SET				 219

#define ASN1_F_SMIME_READ_ASN1				 212

#define ASN1_F_SMIME_TEXT				 213

#define ASN1_F_X509_CINF_NEW				 168

crypto/asn1/asn1_err.c

+1 −0
Original line number Diff line number Diff line
@@ -179,6 +179,7 @@ static ERR_STRING_DATA ASN1_str_functs[]= 
{ERR_FUNC(ASN1_F_PKCS5_PBE2_SET_IV),	"PKCS5_pbe2_set_iv"},

{ERR_FUNC(ASN1_F_PKCS5_PBE_SET),	"PKCS5_pbe_set"},

{ERR_FUNC(ASN1_F_PKCS5_PBE_SET0_ALGOR),	"PKCS5_pbe_set0_algor"},

{ERR_FUNC(ASN1_F_PKCS5_PBKDF2_SET),	"PKCS5_pbkdf2_set"},

{ERR_FUNC(ASN1_F_SMIME_READ_ASN1),	"SMIME_read_ASN1"},

{ERR_FUNC(ASN1_F_SMIME_TEXT),	"SMIME_text"},

{ERR_FUNC(ASN1_F_X509_CINF_NEW),	"X509_CINF_NEW"},

crypto/asn1/p5_pbev2.c

+91 −49
Original line number Diff line number Diff line
@@ -91,12 +91,10 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, 
				 unsigned char *aiv, int prf_nid)

{

	X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;

	int alg_nid;

	int alg_nid, keylen;

	EVP_CIPHER_CTX ctx;

	unsigned char iv[EVP_MAX_IV_LENGTH];

	PBKDF2PARAM *kdf = NULL;

	PBE2PARAM *pbe2 = NULL;

	ASN1_OCTET_STRING *osalt = NULL;

	ASN1_OBJECT *obj;



	alg_nid = EVP_CIPHER_type(cipher);
@@ -146,55 +144,19 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, 
		}

	EVP_CIPHER_CTX_cleanup(&ctx);



	if(!(kdf = PBKDF2PARAM_new())) goto merr;

	if(!(osalt = M_ASN1_OCTET_STRING_new())) goto merr;



	if (!saltlen) saltlen = PKCS5_SALT_LEN;

	if (!(osalt->data = OPENSSL_malloc (saltlen))) goto merr;

	osalt->length = saltlen;

	if (salt) memcpy (osalt->data, salt, saltlen);

	else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr;



	if(iter <= 0) iter = PKCS5_DEFAULT_ITER;

	if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr;



	/* Now include salt in kdf structure */

	kdf->salt->value.octet_string = osalt;

	kdf->salt->type = V_ASN1_OCTET_STRING;

	osalt = NULL;



	/* If its RC2 then we'd better setup the key length */



	if(alg_nid == NID_rc2_cbc) {

		if(!(kdf->keylength = M_ASN1_INTEGER_new())) goto merr;

		if(!ASN1_INTEGER_set (kdf->keylength,

				 EVP_CIPHER_key_length(cipher))) goto merr;

	}



	/* prf can stay NULL if we are using hmacWithSHA1 */

	if (prf_nid != NID_hmacWithSHA1)

		{

		kdf->prf = X509_ALGOR_new();

		if (!kdf->prf)

			goto merr;

		X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid),

					V_ASN1_NULL, NULL);

		}



	/* Now setup the PBE2PARAM keyfunc structure */

	if(alg_nid == NID_rc2_cbc)

		keylen = EVP_CIPHER_key_length(cipher);

	else

		keylen = -1;



	pbe2->keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);

	/* Setup keyfunc */



	/* Encode PBKDF2PARAM into parameter of pbe2 */



	if(!(pbe2->keyfunc->parameter = ASN1_TYPE_new())) goto merr;

	pbe2->keyfunc = PKCS5_pbkdf2_set(iter, salt, saltlen, prf_nid, keylen);



	if(!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM),

			 &pbe2->keyfunc->parameter->value.sequence)) goto merr;

	pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE;



	PBKDF2PARAM_free(kdf);

	kdf = NULL;

	if (!pbe2->keyfunc)

		goto merr;



	/* Now set up top level AlgorithmIdentifier */
@@ -220,8 +182,6 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, 
	err:

	PBE2PARAM_free(pbe2);

	/* Note 'scheme' is freed as part of pbe2 */

	M_ASN1_OCTET_STRING_free(osalt);

	PBKDF2PARAM_free(kdf);

	X509_ALGOR_free(kalg);

	X509_ALGOR_free(ret);
@@ -234,3 +194,85 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, 
	{

	return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1);

	}



X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,

				int prf_nid, int keylen)

	{

	X509_ALGOR *keyfunc = NULL;

	PBKDF2PARAM *kdf = NULL;

	ASN1_OCTET_STRING *osalt = NULL;



	if(!(kdf = PBKDF2PARAM_new()))

		goto merr;

	if(!(osalt = M_ASN1_OCTET_STRING_new()))

		goto merr;



	kdf->salt->value.octet_string = osalt;

	kdf->salt->type = V_ASN1_OCTET_STRING;



	if (!saltlen)

		saltlen = PKCS5_SALT_LEN;

	if (!(osalt->data = OPENSSL_malloc (saltlen)))

		goto merr;



	osalt->length = saltlen;



	if (salt)

		memcpy (osalt->data, salt, saltlen);

	else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0)

		goto merr;



	if(iter <= 0)

		iter = PKCS5_DEFAULT_ITER;



	if(!ASN1_INTEGER_set(kdf->iter, iter))

		goto merr;



	/* If have a key len set it up */



	if(keylen > 0) 

		{

		if(!(kdf->keylength = M_ASN1_INTEGER_new()))

			goto merr;

		if(!ASN1_INTEGER_set (kdf->keylength, keylen))

			goto merr;

		}



	/* prf can stay NULL if we are using hmacWithSHA1 */

	if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1)

		{

		kdf->prf = X509_ALGOR_new();

		if (!kdf->prf)

			goto merr;

		X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid),

					V_ASN1_NULL, NULL);

		}



	/* Finally setup the keyfunc structure */



	keyfunc = X509_ALGOR_new();

	if (!keyfunc)

		goto merr;



	keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);



	/* Encode PBKDF2PARAM into parameter of pbe2 */



	if(!(keyfunc->parameter = ASN1_TYPE_new()))

		goto merr;



	if(!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM),

			 &keyfunc->parameter->value.sequence))

		goto merr;

	keyfunc->parameter->type = V_ASN1_SEQUENCE;



	PBKDF2PARAM_free(kdf);

	return keyfunc;



	merr:

	ASN1err(ASN1_F_PKCS5_PBKDF2_SET,ERR_R_MALLOC_FAILURE);

	PBKDF2PARAM_free(kdf);

	X509_ALGOR_free(keyfunc);

	return NULL;

	}

crypto/evp/evp.h

+1 −0
Original line number Diff line number Diff line
@@ -1236,6 +1236,7 @@ void ERR_load_EVP_strings(void); 
#define EVP_F_INT_CTX_NEW				 157

#define EVP_F_PKCS5_PBE_KEYIVGEN			 117

#define EVP_F_PKCS5_V2_PBE_KEYIVGEN			 118

#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN			 164

#define EVP_F_PKCS8_SET_BROKEN				 112

#define EVP_F_PKEY_SET_TYPE				 158

#define EVP_F_RC2_MAGIC_TO_METH				 109