diff options
author | David Benjamin <davidben@google.com> | 2016-12-28 22:39:32 -0500 |
---|---|---|
committer | Adam Langley <alangley@gmail.com> | 2017-01-11 00:54:08 +0000 |
commit | 314d81420c7aae3495d59d590b39d8d1b222ebba (patch) | |
tree | a11442581936c118da6175e8ac725639d25d2844 | |
parent | d1afc4186937edb303665f27d794e1eae1c54a7e (diff) | |
download | boringssl-314d81420c7aae3495d59d590b39d8d1b222ebba.zip boringssl-314d81420c7aae3495d59d590b39d8d1b222ebba.tar.gz boringssl-314d81420c7aae3495d59d590b39d8d1b222ebba.tar.bz2 |
Reimplement pkcs12_pbe_keyivgen with CBS.
BUG=54
Change-Id: Ie003a9635b33ad6f7e430684f0eb6975c613ebf3
Reviewed-on: https://boringssl-review.googlesource.com/13068
Reviewed-by: Adam Langley <alangley@gmail.com>
-rw-r--r-- | crypto/pkcs8/internal.h | 7 | ||||
-rw-r--r-- | crypto/pkcs8/p5_pbe.c | 12 | ||||
-rw-r--r-- | crypto/pkcs8/pkcs8.c | 46 |
3 files changed, 24 insertions, 41 deletions
diff --git a/crypto/pkcs8/internal.h b/crypto/pkcs8/internal.h index f0af8fe..7a6f057 100644 --- a/crypto/pkcs8/internal.h +++ b/crypto/pkcs8/internal.h @@ -66,13 +66,6 @@ extern "C" { #define PKCS5_DEFAULT_ITERATIONS 2048 #define PKCS5_SALT_LEN 8 -typedef struct { - ASN1_OCTET_STRING *salt; - ASN1_INTEGER *iter; -} PBEPARAM; - -DECLARE_ASN1_FUNCTIONS(PBEPARAM) - /* PKCS5_v2_PBE_keyivgen intializes the supplied |ctx| for PBKDF v2, which must * be specified by |param|. The password is specified by |pass_raw| and * |pass_raw_len|. |cipher| and |md| are ignored. diff --git a/crypto/pkcs8/p5_pbe.c b/crypto/pkcs8/p5_pbe.c index 81865cd..eff2e40 100644 --- a/crypto/pkcs8/p5_pbe.c +++ b/crypto/pkcs8/p5_pbe.c @@ -53,7 +53,7 @@ * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). */ -#include <openssl/asn1t.h> +#include <openssl/asn1.h> #include <openssl/err.h> #include <openssl/mem.h> #include <openssl/obj.h> @@ -65,16 +65,6 @@ #include "internal.h" -/* PKCS#5 password based encryption structure */ - -ASN1_SEQUENCE(PBEPARAM) = { - ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING), - ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER) -} ASN1_SEQUENCE_END(PBEPARAM) - -IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM) - - X509_ALGOR *PKCS5_pbe_set(int alg, int iter, const uint8_t *salt, size_t salt_len) { if (iter <= 0) { diff --git a/crypto/pkcs8/pkcs8.c b/crypto/pkcs8/pkcs8.c index 2e81adf..22d6369 100644 --- a/crypto/pkcs8/pkcs8.c +++ b/crypto/pkcs8/pkcs8.c @@ -227,12 +227,6 @@ static int pkcs12_pbe_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, size_t pass_raw_len, ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int is_encrypt) { - PBEPARAM *pbe; - int salt_len, iterations, ret; - uint8_t *salt; - const uint8_t *pbuf; - uint8_t key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; - /* Extract useful info from parameter */ if (param == NULL || param->type != V_ASN1_SEQUENCE || param->value.sequence == NULL) { @@ -240,34 +234,40 @@ static int pkcs12_pbe_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, return 0; } - pbuf = param->value.sequence->data; - pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length); - if (pbe == NULL) { + CBS cbs, pbe_param, salt; + uint64_t iterations; + CBS_init(&cbs, param->value.sequence->data, param->value.sequence->length); + if (!CBS_get_asn1(&cbs, &pbe_param, CBS_ASN1_SEQUENCE) || + !CBS_get_asn1(&pbe_param, &salt, CBS_ASN1_OCTETSTRING) || + !CBS_get_asn1_uint64(&pbe_param, &iterations) || + CBS_len(&pbe_param) != 0 || + CBS_len(&cbs) != 0) { OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); return 0; } - if (!pbe->iter) { - iterations = 1; - } else { - iterations = ASN1_INTEGER_get(pbe->iter); + if (iterations == 0 || iterations > INT_MAX) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_ITERATION_COUNT); + return 0; } - salt = pbe->salt->data; - salt_len = pbe->salt->length; - if (!pkcs12_key_gen_raw(pass_raw, pass_raw_len, salt, salt_len, PKCS12_KEY_ID, - iterations, EVP_CIPHER_key_length(cipher), key, md)) { + + uint8_t key[EVP_MAX_KEY_LENGTH]; + if (!pkcs12_key_gen_raw(pass_raw, pass_raw_len, CBS_data(&salt), + CBS_len(&salt), PKCS12_KEY_ID, iterations, + EVP_CIPHER_key_length(cipher), key, md)) { OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_KEY_GEN_ERROR); - PBEPARAM_free(pbe); return 0; } - if (!pkcs12_key_gen_raw(pass_raw, pass_raw_len, salt, salt_len, PKCS12_IV_ID, - iterations, EVP_CIPHER_iv_length(cipher), iv, md)) { + + uint8_t iv[EVP_MAX_IV_LENGTH]; + if (!pkcs12_key_gen_raw(pass_raw, pass_raw_len, CBS_data(&salt), + CBS_len(&salt), PKCS12_IV_ID, iterations, + EVP_CIPHER_iv_length(cipher), iv, md)) { OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_KEY_GEN_ERROR); - PBEPARAM_free(pbe); return 0; } - PBEPARAM_free(pbe); - ret = EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, is_encrypt); + + int ret = EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, is_encrypt); OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); return ret; |