Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | #include <stdio.h> | - |
11 | #include "internal/cryptlib.h" | - |
12 | #include <openssl/pkcs12.h> | - |
13 | | - |
14 | | - |
15 | | - |
16 | | - |
17 | | - |
18 | | - |
19 | | - |
20 | | - |
21 | | - |
22 | | - |
23 | unsigned char *PKCS12_pbe_crypt(const X509_ALGOR *algor, | - |
24 | const char *pass, int passlen, | - |
25 | const unsigned char *in, int inlen, | - |
26 | unsigned char **data, int *datalen, int en_de) | - |
27 | { | - |
28 | unsigned char *out = NULL; | - |
29 | int outlen, i; | - |
30 | EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); | - |
31 | | - |
32 | if (ctx == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
33 | PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_MALLOC_FAILURE); | - |
34 | goto err; never executed: goto err; | 0 |
35 | } | - |
36 | | - |
37 | | - |
38 | if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
39 | algor->parameter, ctx, en_de)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
40 | PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, | - |
41 | PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR); | - |
42 | goto err; never executed: goto err; | 0 |
43 | } | - |
44 | | - |
45 | if ((out = OPENSSL_malloc(inlen + EVP_CIPHER_CTX_block_size(ctx)))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
46 | == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
47 | PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_MALLOC_FAILURE); | - |
48 | goto err; never executed: goto err; | 0 |
49 | } | - |
50 | | - |
51 | if (!EVP_CipherUpdate(ctx, out, &i, in, inlen)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
52 | OPENSSL_free(out); | - |
53 | out = NULL; | - |
54 | PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_EVP_LIB); | - |
55 | goto err; never executed: goto err; | 0 |
56 | } | - |
57 | | - |
58 | outlen = i; | - |
59 | if (!EVP_CipherFinal_ex(ctx, out + i, &i)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
60 | OPENSSL_free(out); | - |
61 | out = NULL; | - |
62 | PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, | - |
63 | PKCS12_R_PKCS12_CIPHERFINAL_ERROR); | - |
64 | goto err; never executed: goto err; | 0 |
65 | } | - |
66 | outlen += i; | - |
67 | if (datalen)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
68 | *datalen = outlen; never executed: *datalen = outlen; | 0 |
69 | if (data)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
70 | *data = out; never executed: *data = out; | 0 |
71 | err: code before this statement never executed: err: | 0 |
72 | EVP_CIPHER_CTX_free(ctx); | - |
73 | return out; never executed: return out; | 0 |
74 | | - |
75 | } | - |
76 | | - |
77 | | - |
78 | | - |
79 | | - |
80 | | - |
81 | | - |
82 | void *PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it, | - |
83 | const char *pass, int passlen, | - |
84 | const ASN1_OCTET_STRING *oct, int zbuf) | - |
85 | { | - |
86 | unsigned char *out; | - |
87 | const unsigned char *p; | - |
88 | void *ret; | - |
89 | int outlen; | - |
90 | | - |
91 | if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
92 | &out, &outlen, 0)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
93 | PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I, | - |
94 | PKCS12_R_PKCS12_PBE_CRYPT_ERROR); | - |
95 | return NULL; never executed: return ((void *)0) ; | 0 |
96 | } | - |
97 | p = out; | - |
98 | #ifdef OPENSSL_DEBUG_DECRYPT | - |
99 | { | - |
100 | FILE *op; | - |
101 | | - |
102 | char fname[30]; | - |
103 | static int fnm = 1; | - |
104 | sprintf(fname, "DER%d", fnm++); | - |
105 | op = fopen(fname, "wb"); | - |
106 | fwrite(p, 1, outlen, op); | - |
107 | fclose(op); | - |
108 | } | - |
109 | #endif | - |
110 | ret = ASN1_item_d2i(NULL, &p, outlen, it); | - |
111 | if (zbuf)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
112 | OPENSSL_cleanse(out, outlen); never executed: OPENSSL_cleanse(out, outlen); | 0 |
113 | if (!ret)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
114 | PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I, PKCS12_R_DECODE_ERROR); never executed: ERR_put_error(35,(106),(101),__FILE__,114); | 0 |
115 | OPENSSL_free(out); | - |
116 | return ret; never executed: return ret; | 0 |
117 | } | - |
118 | | - |
119 | | - |
120 | | - |
121 | | - |
122 | | - |
123 | | - |
124 | ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, | - |
125 | const ASN1_ITEM *it, | - |
126 | const char *pass, int passlen, | - |
127 | void *obj, int zbuf) | - |
128 | { | - |
129 | ASN1_OCTET_STRING *oct = NULL; | - |
130 | unsigned char *in = NULL; | - |
131 | int inlen; | - |
132 | | - |
133 | if ((oct = ASN1_OCTET_STRING_new()) == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
134 | PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, ERR_R_MALLOC_FAILURE); | - |
135 | goto err; never executed: goto err; | 0 |
136 | } | - |
137 | inlen = ASN1_item_i2d(obj, &in, it); | - |
138 | if (!in) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
139 | PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, PKCS12_R_ENCODE_ERROR); | - |
140 | goto err; never executed: goto err; | 0 |
141 | } | - |
142 | if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
143 | &oct->length, 1)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
144 | PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, PKCS12_R_ENCRYPT_ERROR); | - |
145 | OPENSSL_free(in); | - |
146 | goto err; never executed: goto err; | 0 |
147 | } | - |
148 | if (zbuf)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
149 | OPENSSL_cleanse(in, inlen); never executed: OPENSSL_cleanse(in, inlen); | 0 |
150 | OPENSSL_free(in); | - |
151 | return oct; never executed: return oct; | 0 |
152 | err: | - |
153 | ASN1_OCTET_STRING_free(oct); | - |
154 | return NULL; never executed: return ((void *)0) ; | 0 |
155 | } | - |
| | |