1 /*
2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include "internal/cryptlib.h"
12 #include <openssl/x509.h>
13 #include <openssl/objects.h>
14 #include <openssl/evp.h>
15 #include <openssl/ui.h>
16
17 /* should be init to zeros. */
18 static char prompt_string[80];
19
EVP_set_pw_prompt(const char * prompt)20 void EVP_set_pw_prompt(const char *prompt)
21 {
22 if (prompt == NULL)
23 prompt_string[0] = '\0';
24 else {
25 strncpy(prompt_string, prompt, 79);
26 prompt_string[79] = '\0';
27 }
28 }
29
EVP_get_pw_prompt(void)30 char *EVP_get_pw_prompt(void)
31 {
32 if (prompt_string[0] == '\0')
33 return NULL;
34 else
35 return prompt_string;
36 }
37
38 /*
39 * For historical reasons, the standard function for reading passwords is in
40 * the DES library -- if someone ever wants to disable DES, this function
41 * will fail
42 */
EVP_read_pw_string(char * buf,int len,const char * prompt,int verify)43 int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
44 {
45 return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
46 }
47
EVP_read_pw_string_min(char * buf,int min,int len,const char * prompt,int verify)48 int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
49 int verify)
50 {
51 int ret = -1;
52 char buff[BUFSIZ];
53 UI *ui;
54
55 if ((prompt == NULL) && (prompt_string[0] != '\0'))
56 prompt = prompt_string;
57 ui = UI_new();
58 if (ui == NULL)
59 return ret;
60 if (UI_add_input_string(ui, prompt, 0, buf, min,
61 (len >= BUFSIZ) ? BUFSIZ - 1 : len) < 0
62 || (verify
63 && UI_add_verify_string(ui, prompt, 0, buff, min,
64 (len >= BUFSIZ) ? BUFSIZ - 1 : len,
65 buf) < 0))
66 goto end;
67 ret = UI_process(ui);
68 OPENSSL_cleanse(buff, BUFSIZ);
69 end:
70 UI_free(ui);
71 return ret;
72 }
73
EVP_BytesToKey(const EVP_CIPHER * type,const EVP_MD * md,const unsigned char * salt,const unsigned char * data,int datal,int count,unsigned char * key,unsigned char * iv)74 int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
75 const unsigned char *salt, const unsigned char *data,
76 int datal, int count, unsigned char *key,
77 unsigned char *iv)
78 {
79 EVP_MD_CTX *c;
80 unsigned char md_buf[EVP_MAX_MD_SIZE];
81 int niv, nkey, addmd = 0;
82 unsigned int mds = 0, i;
83 int rv = 0;
84 nkey = EVP_CIPHER_key_length(type);
85 niv = EVP_CIPHER_iv_length(type);
86 OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
87 OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
88
89 if (data == NULL)
90 return nkey;
91
92 c = EVP_MD_CTX_new();
93 if (c == NULL)
94 goto err;
95 for (;;) {
96 if (!EVP_DigestInit_ex(c, md, NULL))
97 goto err;
98 if (addmd++)
99 if (!EVP_DigestUpdate(c, &(md_buf[0]), mds))
100 goto err;
101 if (!EVP_DigestUpdate(c, data, datal))
102 goto err;
103 if (salt != NULL)
104 if (!EVP_DigestUpdate(c, salt, PKCS5_SALT_LEN))
105 goto err;
106 if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds))
107 goto err;
108
109 for (i = 1; i < (unsigned int)count; i++) {
110 if (!EVP_DigestInit_ex(c, md, NULL))
111 goto err;
112 if (!EVP_DigestUpdate(c, &(md_buf[0]), mds))
113 goto err;
114 if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds))
115 goto err;
116 }
117 i = 0;
118 if (nkey) {
119 for (;;) {
120 if (nkey == 0)
121 break;
122 if (i == mds)
123 break;
124 if (key != NULL)
125 *(key++) = md_buf[i];
126 nkey--;
127 i++;
128 }
129 }
130 if (niv && (i != mds)) {
131 for (;;) {
132 if (niv == 0)
133 break;
134 if (i == mds)
135 break;
136 if (iv != NULL)
137 *(iv++) = md_buf[i];
138 niv--;
139 i++;
140 }
141 }
142 if ((nkey == 0) && (niv == 0))
143 break;
144 }
145 rv = EVP_CIPHER_key_length(type);
146 err:
147 EVP_MD_CTX_free(c);
148 OPENSSL_cleanse(md_buf, sizeof(md_buf));
149 return rv;
150 }
151