1 /* 2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include "internal/cryptlib.h" 12 #include <openssl/x509.h> 13 #include <openssl/objects.h> 14 #include <openssl/evp.h> 15 #include <openssl/ui.h> 16 17 /* should be init to zeros. */ 18 static char prompt_string[80]; 19 20 void EVP_set_pw_prompt(const char *prompt) 21 { 22 if (prompt == NULL) 23 prompt_string[0] = '\0'; 24 else { 25 strncpy(prompt_string, prompt, 79); 26 prompt_string[79] = '\0'; 27 } 28 } 29 30 char *EVP_get_pw_prompt(void) 31 { 32 if (prompt_string[0] == '\0') 33 return NULL; 34 else 35 return prompt_string; 36 } 37 38 /* 39 * For historical reasons, the standard function for reading passwords is in 40 * the DES library -- if someone ever wants to disable DES, this function 41 * will fail 42 */ 43 int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) 44 { 45 return EVP_read_pw_string_min(buf, 0, len, prompt, verify); 46 } 47 48 int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, 49 int verify) 50 { 51 int ret = -1; 52 char buff[BUFSIZ]; 53 UI *ui; 54 55 if ((prompt == NULL) && (prompt_string[0] != '\0')) 56 prompt = prompt_string; 57 ui = UI_new(); 58 if (ui == NULL) 59 return ret; 60 if (UI_add_input_string(ui, prompt, 0, buf, min, 61 (len >= BUFSIZ) ? BUFSIZ - 1 : len) < 0 62 || (verify 63 && UI_add_verify_string(ui, prompt, 0, buff, min, 64 (len >= BUFSIZ) ? BUFSIZ - 1 : len, 65 buf) < 0)) 66 goto end; 67 ret = UI_process(ui); 68 OPENSSL_cleanse(buff, BUFSIZ); 69 end: 70 UI_free(ui); 71 return ret; 72 } 73 74 int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, 75 const unsigned char *salt, const unsigned char *data, 76 int datal, int count, unsigned char *key, 77 unsigned char *iv) 78 { 79 EVP_MD_CTX *c; 80 unsigned char md_buf[EVP_MAX_MD_SIZE]; 81 int niv, nkey, addmd = 0; 82 unsigned int mds = 0, i; 83 int rv = 0; 84 nkey = EVP_CIPHER_key_length(type); 85 niv = EVP_CIPHER_iv_length(type); 86 OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH); 87 OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH); 88 89 if (data == NULL) 90 return nkey; 91 92 c = EVP_MD_CTX_new(); 93 if (c == NULL) 94 goto err; 95 for (;;) { 96 if (!EVP_DigestInit_ex(c, md, NULL)) 97 goto err; 98 if (addmd++) 99 if (!EVP_DigestUpdate(c, &(md_buf[0]), mds)) 100 goto err; 101 if (!EVP_DigestUpdate(c, data, datal)) 102 goto err; 103 if (salt != NULL) 104 if (!EVP_DigestUpdate(c, salt, PKCS5_SALT_LEN)) 105 goto err; 106 if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds)) 107 goto err; 108 109 for (i = 1; i < (unsigned int)count; i++) { 110 if (!EVP_DigestInit_ex(c, md, NULL)) 111 goto err; 112 if (!EVP_DigestUpdate(c, &(md_buf[0]), mds)) 113 goto err; 114 if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds)) 115 goto err; 116 } 117 i = 0; 118 if (nkey) { 119 for (;;) { 120 if (nkey == 0) 121 break; 122 if (i == mds) 123 break; 124 if (key != NULL) 125 *(key++) = md_buf[i]; 126 nkey--; 127 i++; 128 } 129 } 130 if (niv && (i != mds)) { 131 for (;;) { 132 if (niv == 0) 133 break; 134 if (i == mds) 135 break; 136 if (iv != NULL) 137 *(iv++) = md_buf[i]; 138 niv--; 139 i++; 140 } 141 } 142 if ((nkey == 0) && (niv == 0)) 143 break; 144 } 145 rv = EVP_CIPHER_key_length(type); 146 err: 147 EVP_MD_CTX_free(c); 148 OPENSSL_cleanse(md_buf, sizeof(md_buf)); 149 return rv; 150 } 151