OpenCoverage

evp_pbe.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/evp/evp_pbe.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: evp_pbe.c,v 1.25 2017/01/29 17:49:23 beck Exp $ */-
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL-
3 * project 1999.-
4 */-
5/* ====================================================================-
6 * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.-
7 *-
8 * Redistribution and use in source and binary forms, with or without-
9 * modification, are permitted provided that the following conditions-
10 * are met:-
11 *-
12 * 1. Redistributions of source code must retain the above copyright-
13 * notice, this list of conditions and the following disclaimer.-
14 *-
15 * 2. Redistributions in binary form must reproduce the above copyright-
16 * notice, this list of conditions and the following disclaimer in-
17 * the documentation and/or other materials provided with the-
18 * distribution.-
19 *-
20 * 3. All advertising materials mentioning features or use of this-
21 * software must display the following acknowledgment:-
22 * "This product includes software developed by the OpenSSL Project-
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"-
24 *-
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to-
26 * endorse or promote products derived from this software without-
27 * prior written permission. For written permission, please contact-
28 * licensing@OpenSSL.org.-
29 *-
30 * 5. Products derived from this software may not be called "OpenSSL"-
31 * nor may "OpenSSL" appear in their names without prior written-
32 * permission of the OpenSSL Project.-
33 *-
34 * 6. Redistributions of any form whatsoever must retain the following-
35 * acknowledgment:-
36 * "This product includes software developed by the OpenSSL Project-
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"-
38 *-
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY-
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE-
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR-
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR-
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,-
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT-
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;-
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)-
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,-
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)-
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED-
50 * OF THE POSSIBILITY OF SUCH DAMAGE.-
51 * ====================================================================-
52 *-
53 * This product includes cryptographic software written by Eric Young-
54 * (eay@cryptsoft.com). This product includes software written by Tim-
55 * Hudson (tjh@cryptsoft.com).-
56 *-
57 */-
58-
59#include <stdio.h>-
60#include <string.h>-
61-
62#include <openssl/opensslconf.h>-
63-
64#include <openssl/err.h>-
65#include <openssl/evp.h>-
66#include <openssl/pkcs12.h>-
67#include <openssl/x509.h>-
68-
69#include "evp_locl.h"-
70-
71/* Password based encryption (PBE) functions */-
72-
73DECLARE_STACK_OF(EVP_PBE_CTL)-
74static STACK_OF(EVP_PBE_CTL) *pbe_algs;-
75-
76/* Setup a cipher context from a PBE algorithm */-
77-
78typedef struct {-
79 int pbe_type;-
80 int pbe_nid;-
81 int cipher_nid;-
82 int md_nid;-
83 EVP_PBE_KEYGEN *keygen;-
84} EVP_PBE_CTL;-
85-
86static const EVP_PBE_CTL builtin_pbe[] = {-
87 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC, NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},-
88 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC, NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},-
89 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC, NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},-
90-
91#ifndef OPENSSL_NO_HMAC-
92 {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},-
93#endif-
94-
95 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4, NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},-
96 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4, NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen},-
97 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen},-
98 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC, NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},-
99 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC, NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},-
100 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC, NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},-
101-
102#ifndef OPENSSL_NO_HMAC-
103 {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen},-
104#endif-
105 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC, NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen},-
106 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC, NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},-
107 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC, NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},-
108-
109-
110 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0},-
111 {EVP_PBE_TYPE_PRF, NID_hmacWithMD5, -1, NID_md5, 0},-
112 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA224, -1, NID_sha224, 0},-
113 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA256, -1, NID_sha256, 0},-
114 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},-
115 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},-
116 {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},-
117};-
118-
119int-
120EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,-
121 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)-
122{-
123 const EVP_CIPHER *cipher;-
124 const EVP_MD *md;-
125 int cipher_nid, md_nid;-
126 EVP_PBE_KEYGEN *keygen;-
127-
128 if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj),
!EVP_PBE_find(..._nid, &keygen)Description
TRUEnever evaluated
FALSEnever evaluated
0
129 &cipher_nid, &md_nid, &keygen)) {
!EVP_PBE_find(..._nid, &keygen)Description
TRUEnever evaluated
FALSEnever evaluated
0
130 char obj_tmp[80];-
131 EVPerror(EVP_R_UNKNOWN_PBE_ALGORITHM);-
132 if (!pbe_obj)
!pbe_objDescription
TRUEnever evaluated
FALSEnever evaluated
0
133 strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
never executed: strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
0
134 else-
135 i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
never executed: i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
0
136 ERR_asprintf_error_data("TYPE=%s", obj_tmp);-
137 return 0;
never executed: return 0;
0
138 }-
139-
140 if (!pass)
!passDescription
TRUEnever evaluated
FALSEnever evaluated
0
141 passlen = 0;
never executed: passlen = 0;
0
142 else if (passlen == -1)
passlen == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
143 passlen = strlen(pass);
never executed: passlen = strlen(pass);
0
144-
145 if (cipher_nid == -1)
cipher_nid == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
146 cipher = NULL;
never executed: cipher = ((void *)0) ;
0
147 else {-
148 cipher = EVP_get_cipherbynid(cipher_nid);-
149 if (!cipher) {
!cipherDescription
TRUEnever evaluated
FALSEnever evaluated
0
150 EVPerror(EVP_R_UNKNOWN_CIPHER);-
151 return 0;
never executed: return 0;
0
152 }-
153 }
never executed: end of block
0
154-
155 if (md_nid == -1)
md_nid == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
156 md = NULL;
never executed: md = ((void *)0) ;
0
157 else {-
158 md = EVP_get_digestbynid(md_nid);-
159 if (!md) {
!mdDescription
TRUEnever evaluated
FALSEnever evaluated
0
160 EVPerror(EVP_R_UNKNOWN_DIGEST);-
161 return 0;
never executed: return 0;
0
162 }-
163 }
never executed: end of block
0
164-
165 if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) {
!keygen(ctx, p...er, md, en_de)Description
TRUEnever evaluated
FALSEnever evaluated
0
166 EVPerror(EVP_R_KEYGEN_FAILURE);-
167 return 0;
never executed: return 0;
0
168 }-
169 return 1;
never executed: return 1;
0
170}-
171-
172static int pbe2_cmp_BSEARCH_CMP_FN(const void *, const void *);-
173static int pbe2_cmp(EVP_PBE_CTL const *, EVP_PBE_CTL const *);-
174static EVP_PBE_CTL *OBJ_bsearch_pbe2(EVP_PBE_CTL *key, EVP_PBE_CTL const *base, int num);-
175-
176static int-
177pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2)-
178{-
179 int ret = pbe1->pbe_type - pbe2->pbe_type;-
180-
181 if (ret)
retDescription
TRUEnever evaluated
FALSEnever evaluated
0
182 return ret;
never executed: return ret;
0
183 else-
184 return pbe1->pbe_nid - pbe2->pbe_nid;
never executed: return pbe1->pbe_nid - pbe2->pbe_nid;
0
185}-
186-
187-
188static int-
189pbe2_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)-
190{-
191 EVP_PBE_CTL const *a = a_;-
192 EVP_PBE_CTL const *b = b_;-
193 return pbe2_cmp(a, b);
never executed: return pbe2_cmp(a, b);
0
194}-
195-
196static EVP_PBE_CTL *-
197OBJ_bsearch_pbe2(EVP_PBE_CTL *key, EVP_PBE_CTL const *base, int num)-
198{-
199 return (EVP_PBE_CTL *)OBJ_bsearch_(key, base, num, sizeof(EVP_PBE_CTL),
never executed: return (EVP_PBE_CTL *)OBJ_bsearch_(key, base, num, sizeof(EVP_PBE_CTL), pbe2_cmp_BSEARCH_CMP_FN);
0
200 pbe2_cmp_BSEARCH_CMP_FN);
never executed: return (EVP_PBE_CTL *)OBJ_bsearch_(key, base, num, sizeof(EVP_PBE_CTL), pbe2_cmp_BSEARCH_CMP_FN);
0
201}-
202-
203static int-
204pbe_cmp(const EVP_PBE_CTL * const *a, const EVP_PBE_CTL * const *b)-
205{-
206 int ret = (*a)->pbe_type - (*b)->pbe_type;-
207-
208 if (ret)
retDescription
TRUEnever evaluated
FALSEnever evaluated
0
209 return ret;
never executed: return ret;
0
210 else-
211 return (*a)->pbe_nid - (*b)->pbe_nid;
never executed: return (*a)->pbe_nid - (*b)->pbe_nid;
0
212}-
213-
214/* Add a PBE algorithm */-
215-
216int-
217EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,-
218 EVP_PBE_KEYGEN *keygen)-
219{-
220 EVP_PBE_CTL *pbe_tmp;-
221-
222 if (pbe_algs == NULL) {
pbe_algs == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
223 pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);-
224 if (pbe_algs == NULL) {
pbe_algs == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
225 EVPerror(ERR_R_MALLOC_FAILURE);-
226 return 0;
never executed: return 0;
0
227 }-
228 }
never executed: end of block
0
229 pbe_tmp = malloc(sizeof(EVP_PBE_CTL));-
230 if (pbe_tmp == NULL) {
pbe_tmp == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
231 EVPerror(ERR_R_MALLOC_FAILURE);-
232 return 0;
never executed: return 0;
0
233 }-
234 pbe_tmp->pbe_type = pbe_type;-
235 pbe_tmp->pbe_nid = pbe_nid;-
236 pbe_tmp->cipher_nid = cipher_nid;-
237 pbe_tmp->md_nid = md_nid;-
238 pbe_tmp->keygen = keygen;-
239-
240 if (sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp) == 0) {
sk_push(((_STA...CTL*)0))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
241 free(pbe_tmp);-
242 EVPerror(ERR_R_MALLOC_FAILURE);-
243 return 0;
never executed: return 0;
0
244 }-
245 return 1;
never executed: return 1;
0
246}-
247-
248int-
249EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,-
250 EVP_PBE_KEYGEN *keygen)-
251{-
252 int cipher_nid, md_nid;-
253-
254 if (cipher)
cipherDescription
TRUEnever evaluated
FALSEnever evaluated
0
255 cipher_nid = EVP_CIPHER_nid(cipher);
never executed: cipher_nid = EVP_CIPHER_nid(cipher);
0
256 else-
257 cipher_nid = -1;
never executed: cipher_nid = -1;
0
258 if (md)
mdDescription
TRUEnever evaluated
FALSEnever evaluated
0
259 md_nid = EVP_MD_type(md);
never executed: md_nid = EVP_MD_type(md);
0
260 else-
261 md_nid = -1;
never executed: md_nid = -1;
0
262-
263 return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid,
never executed: return EVP_PBE_alg_add_type(0x0, nid, cipher_nid, md_nid, keygen);
0
264 cipher_nid, md_nid, keygen);
never executed: return EVP_PBE_alg_add_type(0x0, nid, cipher_nid, md_nid, keygen);
0
265}-
266-
267int-
268EVP_PBE_find(int type, int pbe_nid,-
269 int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen)-
270{-
271 EVP_PBE_CTL *pbetmp = NULL, pbelu;-
272 int i;-
273 if (pbe_nid == NID_undef)
pbe_nid == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
274 return 0;
never executed: return 0;
0
275-
276 pbelu.pbe_type = type;-
277 pbelu.pbe_nid = pbe_nid;-
278-
279 if (pbe_algs) {
pbe_algsDescription
TRUEnever evaluated
FALSEnever evaluated
0
280 i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu);-
281 if (i != -1)
i != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
282 pbetmp = sk_EVP_PBE_CTL_value (pbe_algs, i);
never executed: pbetmp = ((EVP_PBE_CTL *)sk_value(((_STACK*) (1 ? (pbe_algs) : (struct stack_st_EVP_PBE_CTL*)0)), (i)));
0
283 }
never executed: end of block
0
284 if (pbetmp == NULL) {
pbetmp == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
285 pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe,-
286 sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL));-
287 }
never executed: end of block
0
288 if (pbetmp == NULL)
pbetmp == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
289 return 0;
never executed: return 0;
0
290 if (pcnid)
pcnidDescription
TRUEnever evaluated
FALSEnever evaluated
0
291 *pcnid = pbetmp->cipher_nid;
never executed: *pcnid = pbetmp->cipher_nid;
0
292 if (pmnid)
pmnidDescription
TRUEnever evaluated
FALSEnever evaluated
0
293 *pmnid = pbetmp->md_nid;
never executed: *pmnid = pbetmp->md_nid;
0
294 if (pkeygen)
pkeygenDescription
TRUEnever evaluated
FALSEnever evaluated
0
295 *pkeygen = pbetmp->keygen;
never executed: *pkeygen = pbetmp->keygen;
0
296 return 1;
never executed: return 1;
0
297}-
298-
299static void-
300free_evp_pbe_ctl(EVP_PBE_CTL *pbe)-
301{-
302 free(pbe);-
303}
never executed: end of block
0
304-
305void-
306EVP_PBE_cleanup(void)-
307{-
308 sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl);-
309 pbe_algs = NULL;-
310}
executed 263 times by 4 tests: end of block
Executed by:
  • evptest
  • libcrypto.so.44.0.1
  • pbkdf2
  • ssltest
263
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2