]> git.proxmox.com Git - efi-boot-shim.git/blob - Cryptlib/OpenSSL/crypto/evp/evp_key.c
projects / efi-boot-shim.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
New upstream version 15+1533136590.3beb971
[efi-boot-shim.git] / Cryptlib / OpenSSL / crypto / evp / evp_key.c
1 /*
2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include "internal/cryptlib.h"
12 #include <openssl/x509.h>
13 #include <openssl/objects.h>
14 #include <openssl/evp.h>
15 #include <openssl/ui.h>
16
17 #ifndef OPENSSL_NO_UI
18 /* should be init to zeros. */
19 static char prompt_string[80];
20
21 void EVP_set_pw_prompt(const char *prompt)
22 {
23 if (prompt == NULL)
24 prompt_string[0] = '\0';
25 else {
26 strncpy(prompt_string, prompt, 79);
27 prompt_string[79] = '\0';
28 }
29 }
30
31 char *EVP_get_pw_prompt(void)
32 {
33 if (prompt_string[0] == '\0')
34 return (NULL);
35 else
36 return (prompt_string);
37 }
38
39 /*
40 * For historical reasons, the standard function for reading passwords is in
41 * the DES library -- if someone ever wants to disable DES, this function
42 * will fail
43 */
44 int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
45 {
46 return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
47 }
48
49 int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
50 int verify)
51 {
52 int ret;
53 char buff[BUFSIZ];
54 UI *ui;
55
56 if ((prompt == NULL) && (prompt_string[0] != '\0'))
57 prompt = prompt_string;
58 ui = UI_new();
59 if (ui == NULL)
60 return -1;
61 UI_add_input_string(ui, prompt, 0, buf, min,
62 (len >= BUFSIZ) ? BUFSIZ - 1 : len);
63 if (verify)
64 UI_add_verify_string(ui, prompt, 0,
65 buff, min, (len >= BUFSIZ) ? BUFSIZ - 1 : len,
66 buf);
67 ret = UI_process(ui);
68 UI_free(ui);
69 OPENSSL_cleanse(buff, BUFSIZ);
70 return ret;
71 }
72 #endif /* OPENSSL_NO_UI */
73
74 int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
75 const unsigned char *salt, const unsigned char *data,
76 int datal, int count, unsigned char *key,
77 unsigned char *iv)
78 {
79 EVP_MD_CTX *c;
80 unsigned char md_buf[EVP_MAX_MD_SIZE];
81 int niv, nkey, addmd = 0;
82 unsigned int mds = 0, i;
83 int rv = 0;
84 nkey = EVP_CIPHER_key_length(type);
85 niv = EVP_CIPHER_iv_length(type);
86 OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
87 OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
88
89 if (data == NULL)
90 return (nkey);
91
92 c = EVP_MD_CTX_new();
93 if (c == NULL)
94 goto err;
95 for (;;) {
96 if (!EVP_DigestInit_ex(c, md, NULL))
97 goto err;
98 if (addmd++)
99 if (!EVP_DigestUpdate(c, &(md_buf[0]), mds))
100 goto err;
101 if (!EVP_DigestUpdate(c, data, datal))
102 goto err;
103 if (salt != NULL)
104 if (!EVP_DigestUpdate(c, salt, PKCS5_SALT_LEN))
105 goto err;
106 if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds))
107 goto err;
108
109 for (i = 1; i < (unsigned int)count; i++) {
110 if (!EVP_DigestInit_ex(c, md, NULL))
111 goto err;
112 if (!EVP_DigestUpdate(c, &(md_buf[0]), mds))
113 goto err;
114 if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds))
115 goto err;
116 }
117 i = 0;
118 if (nkey) {
119 for (;;) {
120 if (nkey == 0)
121 break;
122 if (i == mds)
123 break;
124 if (key != NULL)
125 *(key++) = md_buf[i];
126 nkey--;
127 i++;
128 }
129 }
130 if (niv && (i != mds)) {
131 for (;;) {
132 if (niv == 0)
133 break;
134 if (i == mds)
135 break;
136 if (iv != NULL)
137 *(iv++) = md_buf[i];
138 niv--;
139 i++;
140 }
141 }
142 if ((nkey == 0) && (niv == 0))
143 break;
144 }
145 rv = EVP_CIPHER_key_length(type);
146 err:
147 EVP_MD_CTX_free(c);
148 OPENSSL_cleanse(md_buf, sizeof(md_buf));
149 return rv;
150 }
shim, a first-stage UEFI bootloader adapted for Proxmox projects