1*0Sstevel@tonic-gate /* p12_key.c */ 2*0Sstevel@tonic-gate /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL 3*0Sstevel@tonic-gate * project 1999. 4*0Sstevel@tonic-gate */ 5*0Sstevel@tonic-gate /* ==================================================================== 6*0Sstevel@tonic-gate * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 7*0Sstevel@tonic-gate * 8*0Sstevel@tonic-gate * Redistribution and use in source and binary forms, with or without 9*0Sstevel@tonic-gate * modification, are permitted provided that the following conditions 10*0Sstevel@tonic-gate * are met: 11*0Sstevel@tonic-gate * 12*0Sstevel@tonic-gate * 1. Redistributions of source code must retain the above copyright 13*0Sstevel@tonic-gate * notice, this list of conditions and the following disclaimer. 14*0Sstevel@tonic-gate * 15*0Sstevel@tonic-gate * 2. Redistributions in binary form must reproduce the above copyright 16*0Sstevel@tonic-gate * notice, this list of conditions and the following disclaimer in 17*0Sstevel@tonic-gate * the documentation and/or other materials provided with the 18*0Sstevel@tonic-gate * distribution. 19*0Sstevel@tonic-gate * 20*0Sstevel@tonic-gate * 3. All advertising materials mentioning features or use of this 21*0Sstevel@tonic-gate * software must display the following acknowledgment: 22*0Sstevel@tonic-gate * "This product includes software developed by the OpenSSL Project 23*0Sstevel@tonic-gate * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24*0Sstevel@tonic-gate * 25*0Sstevel@tonic-gate * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26*0Sstevel@tonic-gate * endorse or promote products derived from this software without 27*0Sstevel@tonic-gate * prior written permission. For written permission, please contact 28*0Sstevel@tonic-gate * licensing@OpenSSL.org. 29*0Sstevel@tonic-gate * 30*0Sstevel@tonic-gate * 5. Products derived from this software may not be called "OpenSSL" 31*0Sstevel@tonic-gate * nor may "OpenSSL" appear in their names without prior written 32*0Sstevel@tonic-gate * permission of the OpenSSL Project. 33*0Sstevel@tonic-gate * 34*0Sstevel@tonic-gate * 6. Redistributions of any form whatsoever must retain the following 35*0Sstevel@tonic-gate * acknowledgment: 36*0Sstevel@tonic-gate * "This product includes software developed by the OpenSSL Project 37*0Sstevel@tonic-gate * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38*0Sstevel@tonic-gate * 39*0Sstevel@tonic-gate * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40*0Sstevel@tonic-gate * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41*0Sstevel@tonic-gate * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42*0Sstevel@tonic-gate * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43*0Sstevel@tonic-gate * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44*0Sstevel@tonic-gate * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45*0Sstevel@tonic-gate * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46*0Sstevel@tonic-gate * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47*0Sstevel@tonic-gate * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48*0Sstevel@tonic-gate * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49*0Sstevel@tonic-gate * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50*0Sstevel@tonic-gate * OF THE POSSIBILITY OF SUCH DAMAGE. 51*0Sstevel@tonic-gate * ==================================================================== 52*0Sstevel@tonic-gate * 53*0Sstevel@tonic-gate * This product includes cryptographic software written by Eric Young 54*0Sstevel@tonic-gate * (eay@cryptsoft.com). This product includes software written by Tim 55*0Sstevel@tonic-gate * Hudson (tjh@cryptsoft.com). 56*0Sstevel@tonic-gate * 57*0Sstevel@tonic-gate */ 58*0Sstevel@tonic-gate 59*0Sstevel@tonic-gate #include <stdio.h> 60*0Sstevel@tonic-gate #include "cryptlib.h" 61*0Sstevel@tonic-gate #include <openssl/pkcs12.h> 62*0Sstevel@tonic-gate 63*0Sstevel@tonic-gate 64*0Sstevel@tonic-gate /* Uncomment out this line to get debugging info about key generation */ 65*0Sstevel@tonic-gate /*#define DEBUG_KEYGEN*/ 66*0Sstevel@tonic-gate #ifdef DEBUG_KEYGEN 67*0Sstevel@tonic-gate #include <openssl/bio.h> 68*0Sstevel@tonic-gate extern BIO *bio_err; 69*0Sstevel@tonic-gate void h__dump (unsigned char *p, int len); 70*0Sstevel@tonic-gate #endif 71*0Sstevel@tonic-gate 72*0Sstevel@tonic-gate /* PKCS12 compatible key/IV generation */ 73*0Sstevel@tonic-gate #ifndef min 74*0Sstevel@tonic-gate #define min(a,b) ((a) < (b) ? (a) : (b)) 75*0Sstevel@tonic-gate #endif 76*0Sstevel@tonic-gate 77*0Sstevel@tonic-gate int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, 78*0Sstevel@tonic-gate int saltlen, int id, int iter, int n, unsigned char *out, 79*0Sstevel@tonic-gate const EVP_MD *md_type) 80*0Sstevel@tonic-gate { 81*0Sstevel@tonic-gate int ret; 82*0Sstevel@tonic-gate unsigned char *unipass; 83*0Sstevel@tonic-gate int uniplen; 84*0Sstevel@tonic-gate if(!pass) { 85*0Sstevel@tonic-gate unipass = NULL; 86*0Sstevel@tonic-gate uniplen = 0; 87*0Sstevel@tonic-gate } else if (!asc2uni(pass, passlen, &unipass, &uniplen)) { 88*0Sstevel@tonic-gate PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE); 89*0Sstevel@tonic-gate return 0; 90*0Sstevel@tonic-gate } 91*0Sstevel@tonic-gate ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen, 92*0Sstevel@tonic-gate id, iter, n, out, md_type); 93*0Sstevel@tonic-gate if(unipass) { 94*0Sstevel@tonic-gate OPENSSL_cleanse(unipass, uniplen); /* Clear password from memory */ 95*0Sstevel@tonic-gate OPENSSL_free(unipass); 96*0Sstevel@tonic-gate } 97*0Sstevel@tonic-gate return ret; 98*0Sstevel@tonic-gate } 99*0Sstevel@tonic-gate 100*0Sstevel@tonic-gate int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, 101*0Sstevel@tonic-gate int saltlen, int id, int iter, int n, unsigned char *out, 102*0Sstevel@tonic-gate const EVP_MD *md_type) 103*0Sstevel@tonic-gate { 104*0Sstevel@tonic-gate unsigned char *B, *D, *I, *p, *Ai; 105*0Sstevel@tonic-gate int Slen, Plen, Ilen, Ijlen; 106*0Sstevel@tonic-gate int i, j, u, v; 107*0Sstevel@tonic-gate BIGNUM *Ij, *Bpl1; /* These hold Ij and B + 1 */ 108*0Sstevel@tonic-gate EVP_MD_CTX ctx; 109*0Sstevel@tonic-gate #ifdef DEBUG_KEYGEN 110*0Sstevel@tonic-gate unsigned char *tmpout = out; 111*0Sstevel@tonic-gate int tmpn = n; 112*0Sstevel@tonic-gate #endif 113*0Sstevel@tonic-gate 114*0Sstevel@tonic-gate #if 0 115*0Sstevel@tonic-gate if (!pass) { 116*0Sstevel@tonic-gate PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_PASSED_NULL_PARAMETER); 117*0Sstevel@tonic-gate return 0; 118*0Sstevel@tonic-gate } 119*0Sstevel@tonic-gate #endif 120*0Sstevel@tonic-gate 121*0Sstevel@tonic-gate EVP_MD_CTX_init(&ctx); 122*0Sstevel@tonic-gate #ifdef DEBUG_KEYGEN 123*0Sstevel@tonic-gate fprintf(stderr, "KEYGEN DEBUG\n"); 124*0Sstevel@tonic-gate fprintf(stderr, "ID %d, ITER %d\n", id, iter); 125*0Sstevel@tonic-gate fprintf(stderr, "Password (length %d):\n", passlen); 126*0Sstevel@tonic-gate h__dump(pass, passlen); 127*0Sstevel@tonic-gate fprintf(stderr, "Salt (length %d):\n", saltlen); 128*0Sstevel@tonic-gate h__dump(salt, saltlen); 129*0Sstevel@tonic-gate #endif 130*0Sstevel@tonic-gate v = EVP_MD_block_size (md_type); 131*0Sstevel@tonic-gate u = EVP_MD_size (md_type); 132*0Sstevel@tonic-gate D = OPENSSL_malloc (v); 133*0Sstevel@tonic-gate Ai = OPENSSL_malloc (u); 134*0Sstevel@tonic-gate B = OPENSSL_malloc (v + 1); 135*0Sstevel@tonic-gate Slen = v * ((saltlen+v-1)/v); 136*0Sstevel@tonic-gate if(passlen) Plen = v * ((passlen+v-1)/v); 137*0Sstevel@tonic-gate else Plen = 0; 138*0Sstevel@tonic-gate Ilen = Slen + Plen; 139*0Sstevel@tonic-gate I = OPENSSL_malloc (Ilen); 140*0Sstevel@tonic-gate Ij = BN_new(); 141*0Sstevel@tonic-gate Bpl1 = BN_new(); 142*0Sstevel@tonic-gate if (!D || !Ai || !B || !I || !Ij || !Bpl1) { 143*0Sstevel@tonic-gate PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_MALLOC_FAILURE); 144*0Sstevel@tonic-gate return 0; 145*0Sstevel@tonic-gate } 146*0Sstevel@tonic-gate for (i = 0; i < v; i++) D[i] = id; 147*0Sstevel@tonic-gate p = I; 148*0Sstevel@tonic-gate for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen]; 149*0Sstevel@tonic-gate for (i = 0; i < Plen; i++) *p++ = pass[i % passlen]; 150*0Sstevel@tonic-gate for (;;) { 151*0Sstevel@tonic-gate EVP_DigestInit_ex(&ctx, md_type, NULL); 152*0Sstevel@tonic-gate EVP_DigestUpdate(&ctx, D, v); 153*0Sstevel@tonic-gate EVP_DigestUpdate(&ctx, I, Ilen); 154*0Sstevel@tonic-gate EVP_DigestFinal_ex(&ctx, Ai, NULL); 155*0Sstevel@tonic-gate for (j = 1; j < iter; j++) { 156*0Sstevel@tonic-gate EVP_DigestInit_ex(&ctx, md_type, NULL); 157*0Sstevel@tonic-gate EVP_DigestUpdate(&ctx, Ai, u); 158*0Sstevel@tonic-gate EVP_DigestFinal_ex(&ctx, Ai, NULL); 159*0Sstevel@tonic-gate } 160*0Sstevel@tonic-gate memcpy (out, Ai, min (n, u)); 161*0Sstevel@tonic-gate if (u >= n) { 162*0Sstevel@tonic-gate OPENSSL_free (Ai); 163*0Sstevel@tonic-gate OPENSSL_free (B); 164*0Sstevel@tonic-gate OPENSSL_free (D); 165*0Sstevel@tonic-gate OPENSSL_free (I); 166*0Sstevel@tonic-gate BN_free (Ij); 167*0Sstevel@tonic-gate BN_free (Bpl1); 168*0Sstevel@tonic-gate EVP_MD_CTX_cleanup(&ctx); 169*0Sstevel@tonic-gate #ifdef DEBUG_KEYGEN 170*0Sstevel@tonic-gate fprintf(stderr, "Output KEY (length %d)\n", tmpn); 171*0Sstevel@tonic-gate h__dump(tmpout, tmpn); 172*0Sstevel@tonic-gate #endif 173*0Sstevel@tonic-gate return 1; 174*0Sstevel@tonic-gate } 175*0Sstevel@tonic-gate n -= u; 176*0Sstevel@tonic-gate out += u; 177*0Sstevel@tonic-gate for (j = 0; j < v; j++) B[j] = Ai[j % u]; 178*0Sstevel@tonic-gate /* Work out B + 1 first then can use B as tmp space */ 179*0Sstevel@tonic-gate BN_bin2bn (B, v, Bpl1); 180*0Sstevel@tonic-gate BN_add_word (Bpl1, 1); 181*0Sstevel@tonic-gate for (j = 0; j < Ilen ; j+=v) { 182*0Sstevel@tonic-gate BN_bin2bn (I + j, v, Ij); 183*0Sstevel@tonic-gate BN_add (Ij, Ij, Bpl1); 184*0Sstevel@tonic-gate BN_bn2bin (Ij, B); 185*0Sstevel@tonic-gate Ijlen = BN_num_bytes (Ij); 186*0Sstevel@tonic-gate /* If more than 2^(v*8) - 1 cut off MSB */ 187*0Sstevel@tonic-gate if (Ijlen > v) { 188*0Sstevel@tonic-gate BN_bn2bin (Ij, B); 189*0Sstevel@tonic-gate memcpy (I + j, B + 1, v); 190*0Sstevel@tonic-gate #ifndef PKCS12_BROKEN_KEYGEN 191*0Sstevel@tonic-gate /* If less than v bytes pad with zeroes */ 192*0Sstevel@tonic-gate } else if (Ijlen < v) { 193*0Sstevel@tonic-gate memset(I + j, 0, v - Ijlen); 194*0Sstevel@tonic-gate BN_bn2bin(Ij, I + j + v - Ijlen); 195*0Sstevel@tonic-gate #endif 196*0Sstevel@tonic-gate } else BN_bn2bin (Ij, I + j); 197*0Sstevel@tonic-gate } 198*0Sstevel@tonic-gate } 199*0Sstevel@tonic-gate } 200*0Sstevel@tonic-gate #ifdef DEBUG_KEYGEN 201*0Sstevel@tonic-gate void h__dump (unsigned char *p, int len) 202*0Sstevel@tonic-gate { 203*0Sstevel@tonic-gate for (; len --; p++) fprintf(stderr, "%02X", *p); 204*0Sstevel@tonic-gate fprintf(stderr, "\n"); 205*0Sstevel@tonic-gate } 206*0Sstevel@tonic-gate #endif 207