diff options
author | Jon Spillett <jon.spillett@oracle.com> | 2021-02-17 17:56:36 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-04-30 09:15:50 +1000 |
commit | b536880c45722777df5ebe62897a6efcef757945 (patch) | |
tree | 015ad29f74586e3407079864fa686ffcde658fad /crypto/pkcs12/p12_key.c | |
parent | d77ba503a2cf1c83098baca345327761b991d191 (diff) |
Add library context and property query support into the PKCS12 API
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14434)
Diffstat (limited to 'crypto/pkcs12/p12_key.c')
-rw-r--r-- | crypto/pkcs12/p12_key.c | 66 |
1 files changed, 42 insertions, 24 deletions
diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c index fd7f7a926b..a4ed0e516c 100644 --- a/crypto/pkcs12/p12_key.c +++ b/crypto/pkcs12/p12_key.c @@ -16,9 +16,10 @@ #include <openssl/core_names.h> #include "internal/provider.h" -int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, - int saltlen, int id, int iter, int n, - unsigned char *out, const EVP_MD *md_type) +int PKCS12_key_gen_asc_ex(const char *pass, int passlen, unsigned char *salt, + int saltlen, int id, int iter, int n, + unsigned char *out, const EVP_MD *md_type, + OSSL_LIB_CTX *ctx, const char *propq) { int ret; unsigned char *unipass; @@ -31,15 +32,24 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); return 0; } - ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen, - id, iter, n, out, md_type); + ret = PKCS12_key_gen_uni_ex(unipass, uniplen, salt, saltlen, id, iter, + n, out, md_type, ctx, propq); OPENSSL_clear_free(unipass, uniplen); return ret > 0; } -int PKCS12_key_gen_utf8(const char *pass, int passlen, unsigned char *salt, - int saltlen, int id, int iter, int n, - unsigned char *out, const EVP_MD *md_type) +int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, + int saltlen, int id, int iter, int n, + unsigned char *out, const EVP_MD *md_type) +{ + return PKCS12_key_gen_asc_ex(pass, passlen, salt, saltlen, id, iter, n, + out, md_type, NULL, NULL); +} + +int PKCS12_key_gen_utf8_ex(const char *pass, int passlen, unsigned char *salt, + int saltlen, int id, int iter, int n, + unsigned char *out, const EVP_MD *md_type, + OSSL_LIB_CTX *ctx, const char *propq) { int ret; unsigned char *unipass; @@ -52,15 +62,24 @@ int PKCS12_key_gen_utf8(const char *pass, int passlen, unsigned char *salt, ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); return 0; } - ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen, - id, iter, n, out, md_type); + ret = PKCS12_key_gen_uni_ex(unipass, uniplen, salt, saltlen, id, iter, + n, out, md_type, ctx, propq); OPENSSL_clear_free(unipass, uniplen); return ret > 0; } -int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, - int saltlen, int id, int iter, int n, - unsigned char *out, const EVP_MD *md_type) +int PKCS12_key_gen_utf8(const char *pass, int passlen, unsigned char *salt, + int saltlen, int id, int iter, int n, + unsigned char *out, const EVP_MD *md_type) +{ + return PKCS12_key_gen_utf8_ex(pass, passlen, salt, saltlen, id, iter, n, + out, md_type, NULL, NULL); +} + +int PKCS12_key_gen_uni_ex(unsigned char *pass, int passlen, unsigned char *salt, + int saltlen, int id, int iter, int n, + unsigned char *out, const EVP_MD *md_type, + OSSL_LIB_CTX *libctx, const char *propq) { int res = 0; EVP_KDF *kdf; @@ -70,12 +89,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, if (n <= 0) return 0; - /* - * The parameter query isn't available but the library context can be - * extracted from the passed digest. - */ - kdf = EVP_KDF_fetch(ossl_provider_libctx(EVP_MD_provider(md_type)), - "PKCS12KDF", NULL); + kdf = EVP_KDF_fetch(libctx, "PKCS12KDF", propq); if (kdf == NULL) return 0; ctx = EVP_KDF_CTX_new(kdf); @@ -92,11 +106,9 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, *p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_PKCS12_ID, &id); *p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_ITER, &iter); *p = OSSL_PARAM_construct_end(); - if (!EVP_KDF_CTX_set_params(ctx, params)) - goto err; OSSL_TRACE_BEGIN(PKCS12_KEYGEN) { - BIO_printf(trc_out, "PKCS12_key_gen_uni(): ID %d, ITER %d\n", id, iter); + BIO_printf(trc_out, "PKCS12_key_gen_uni_ex(): ID %d, ITER %d\n", id, iter); BIO_printf(trc_out, "Password (length %d):\n", passlen); BIO_hex_string(trc_out, 0, passlen, pass, passlen); BIO_printf(trc_out, "\n"); @@ -105,7 +117,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, BIO_printf(trc_out, "\n"); } OSSL_TRACE_END(PKCS12_KEYGEN); - if (EVP_KDF_derive(ctx, out, (size_t)n, NULL)) { + if (EVP_KDF_derive(ctx, out, (size_t)n, params)) { res = 1; OSSL_TRACE_BEGIN(PKCS12_KEYGEN) { BIO_printf(trc_out, "Output KEY (length %d)\n", n); @@ -113,7 +125,13 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, BIO_printf(trc_out, "\n"); } OSSL_TRACE_END(PKCS12_KEYGEN); } - err: EVP_KDF_CTX_free(ctx); return res; } + +int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, + int saltlen, int id, int iter, int n, + unsigned char *out, const EVP_MD *md_type) +{ + return PKCS12_key_gen_uni_ex(pass, passlen, salt, saltlen, id, iter, n, out, md_type, NULL, NULL); +} |