diff options
Diffstat (limited to 'crypto/pem/pvkfmt.c')
| -rw-r--r-- | crypto/pem/pvkfmt.c | 432 |
1 files changed, 210 insertions, 222 deletions
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c index 1ce5a1e319c5..e39c2438140d 100644 --- a/crypto/pem/pvkfmt.c +++ b/crypto/pem/pvkfmt.c @@ -1,59 +1,10 @@ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project - * 2005. - */ -/* ==================================================================== - * Copyright (c) 2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ /* @@ -61,7 +12,7 @@ * and PRIVATEKEYBLOB). */ -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/pem.h> #include <openssl/rand.h> #include <openssl/bn.h> @@ -93,23 +44,11 @@ static unsigned int read_ledword(const unsigned char **in) static int read_lebn(const unsigned char **in, unsigned int nbyte, BIGNUM **r) { - const unsigned char *p; - unsigned char *tmpbuf, *q; - unsigned int i; - p = *in + nbyte - 1; - tmpbuf = OPENSSL_malloc(nbyte); - if (!tmpbuf) - return 0; - q = tmpbuf; - for (i = 0; i < nbyte; i++) - *q++ = *p--; - *r = BN_bin2bn(tmpbuf, nbyte, NULL); - OPENSSL_free(tmpbuf); - if (*r) { - *in += nbyte; - return 1; - } else + *r = BN_lebin2bn(*in, nbyte, NULL); + if (*r == NULL) return 0; + *in += nbyte; + return 1; } /* Convert private key blob to EVP_PKEY: RSA and DSA keys supported */ @@ -139,9 +78,9 @@ static int read_lebn(const unsigned char **in, unsigned int nbyte, BIGNUM **r) /* Maximum salt length */ # define PVK_MAX_SALTLEN 10240 -static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length, +static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int bitlen, int ispub); -static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length, +static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int bitlen, int ispub); static int do_blob_header(const unsigned char **in, unsigned int length, @@ -181,6 +120,7 @@ static int do_blob_header(const unsigned char **in, unsigned int length, case MS_DSS1MAGIC: *pisdss = 1; + /* fall thru */ case MS_RSA1MAGIC: if (*pispub == 0) { PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB); @@ -190,6 +130,7 @@ static int do_blob_header(const unsigned char **in, unsigned int length, case MS_DSS2MAGIC: *pisdss = 1; + /* fall thru */ case MS_RSA2MAGIC: if (*pispub == 1) { PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB); @@ -254,9 +195,9 @@ static EVP_PKEY *do_b2i(const unsigned char **in, unsigned int length, return NULL; } if (isdss) - return b2i_dss(&p, length, bitlen, ispub); + return b2i_dss(&p, bitlen, ispub); else - return b2i_rsa(&p, length, bitlen, ispub); + return b2i_rsa(&p, bitlen, ispub); } static EVP_PKEY *do_b2i_bio(BIO *in, int ispub) @@ -280,7 +221,7 @@ static EVP_PKEY *do_b2i_bio(BIO *in, int ispub) return NULL; } buf = OPENSSL_malloc(length); - if (!buf) { + if (buf == NULL) { PEMerr(PEM_F_DO_B2I_BIO, ERR_R_MALLOC_FAILURE); goto err; } @@ -291,17 +232,16 @@ static EVP_PKEY *do_b2i_bio(BIO *in, int ispub) } if (isdss) - ret = b2i_dss(&p, length, bitlen, ispub); + ret = b2i_dss(&p, bitlen, ispub); else - ret = b2i_rsa(&p, length, bitlen, ispub); + ret = b2i_rsa(&p, bitlen, ispub); err: - if (buf) - OPENSSL_free(buf); + OPENSSL_free(buf); return ret; } -static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length, +static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int bitlen, int ispub) { const unsigned char *p = *in; @@ -309,97 +249,133 @@ static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length, DSA *dsa = NULL; BN_CTX *ctx = NULL; unsigned int nbyte; + BIGNUM *pbn = NULL, *qbn = NULL, *gbn = NULL, *priv_key = NULL; + BIGNUM *pub_key = NULL; + nbyte = (bitlen + 7) >> 3; dsa = DSA_new(); ret = EVP_PKEY_new(); - if (!dsa || !ret) + if (dsa == NULL || ret == NULL) goto memerr; - if (!read_lebn(&p, nbyte, &dsa->p)) + if (!read_lebn(&p, nbyte, &pbn)) goto memerr; - if (!read_lebn(&p, 20, &dsa->q)) + + if (!read_lebn(&p, 20, &qbn)) goto memerr; - if (!read_lebn(&p, nbyte, &dsa->g)) + + if (!read_lebn(&p, nbyte, &gbn)) goto memerr; + if (ispub) { - if (!read_lebn(&p, nbyte, &dsa->pub_key)) + if (!read_lebn(&p, nbyte, &pub_key)) goto memerr; } else { - if (!read_lebn(&p, 20, &dsa->priv_key)) + if (!read_lebn(&p, 20, &priv_key)) goto memerr; + /* Calculate public key */ - if (!(dsa->pub_key = BN_new())) + pub_key = BN_new(); + if (pub_key == NULL) goto memerr; - if (!(ctx = BN_CTX_new())) + if ((ctx = BN_CTX_new()) == NULL) goto memerr; - if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) - + if (!BN_mod_exp(pub_key, gbn, priv_key, pbn, ctx)) goto memerr; + BN_CTX_free(ctx); + ctx = NULL; } + if (!DSA_set0_pqg(dsa, pbn, qbn, gbn)) + goto memerr; + pbn = qbn = gbn = NULL; + if (!DSA_set0_key(dsa, pub_key, priv_key)) + goto memerr; + pub_key = priv_key = NULL; - EVP_PKEY_set1_DSA(ret, dsa); + if (!EVP_PKEY_set1_DSA(ret, dsa)) + goto memerr; DSA_free(dsa); *in = p; return ret; memerr: PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE); - if (dsa) - DSA_free(dsa); - if (ret) - EVP_PKEY_free(ret); - if (ctx) - BN_CTX_free(ctx); + DSA_free(dsa); + BN_free(pbn); + BN_free(qbn); + BN_free(gbn); + BN_free(pub_key); + BN_free(priv_key); + EVP_PKEY_free(ret); + BN_CTX_free(ctx); return NULL; } -static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length, +static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int bitlen, int ispub) { - const unsigned char *p = *in; + const unsigned char *pin = *in; EVP_PKEY *ret = NULL; + BIGNUM *e = NULL, *n = NULL, *d = NULL; + BIGNUM *p = NULL, *q = NULL, *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL; RSA *rsa = NULL; unsigned int nbyte, hnbyte; nbyte = (bitlen + 7) >> 3; hnbyte = (bitlen + 15) >> 4; rsa = RSA_new(); ret = EVP_PKEY_new(); - if (!rsa || !ret) + if (rsa == NULL || ret == NULL) goto memerr; - rsa->e = BN_new(); - if (!rsa->e) + e = BN_new(); + if (e == NULL) goto memerr; - if (!BN_set_word(rsa->e, read_ledword(&p))) + if (!BN_set_word(e, read_ledword(&pin))) goto memerr; - if (!read_lebn(&p, nbyte, &rsa->n)) + if (!read_lebn(&pin, nbyte, &n)) goto memerr; if (!ispub) { - if (!read_lebn(&p, hnbyte, &rsa->p)) + if (!read_lebn(&pin, hnbyte, &p)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->q)) + if (!read_lebn(&pin, hnbyte, &q)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->dmp1)) + if (!read_lebn(&pin, hnbyte, &dmp1)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->dmq1)) + if (!read_lebn(&pin, hnbyte, &dmq1)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->iqmp)) + if (!read_lebn(&pin, hnbyte, &iqmp)) goto memerr; - if (!read_lebn(&p, nbyte, &rsa->d)) + if (!read_lebn(&pin, nbyte, &d)) goto memerr; + if (!RSA_set0_factors(rsa, p, q)) + goto memerr; + p = q = NULL; + if (!RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp)) + goto memerr; + dmp1 = dmq1 = iqmp = NULL; } + if (!RSA_set0_key(rsa, n, e, d)) + goto memerr; + n = e = d = NULL; - EVP_PKEY_set1_RSA(ret, rsa); + if (!EVP_PKEY_set1_RSA(ret, rsa)) + goto memerr; RSA_free(rsa); - *in = p; + *in = pin; return ret; memerr: PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE); - if (rsa) - RSA_free(rsa); - if (ret) - EVP_PKEY_free(ret); + BN_free(e); + BN_free(n); + BN_free(p); + BN_free(q); + BN_free(dmp1); + BN_free(dmq1); + BN_free(iqmp); + BN_free(d); + RSA_free(rsa); + EVP_PKEY_free(ret); return NULL; } @@ -435,26 +411,8 @@ static void write_ledword(unsigned char **out, unsigned int dw) static void write_lebn(unsigned char **out, const BIGNUM *bn, int len) { - int nb, i; - unsigned char *p = *out, *q, c; - nb = BN_num_bytes(bn); - BN_bn2bin(bn, p); - q = p + nb - 1; - /* In place byte order reversal */ - for (i = 0; i < nb / 2; i++) { - c = *p; - *p++ = *q; - *q-- = c; - } - *out += nb; - /* Pad with zeroes if we have to */ - if (len > 0) { - len -= nb; - if (len > 0) { - memset(*out, 0, len); - *out += len; - } - } + BN_bn2lebinpad(bn, *out, len); + *out += len; } static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *magic); @@ -468,11 +426,12 @@ static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub) unsigned char *p; unsigned int bitlen, magic = 0, keyalg; int outlen, noinc = 0; - if (pk->type == EVP_PKEY_DSA) { - bitlen = check_bitlen_dsa(pk->pkey.dsa, ispub, &magic); + int pktype = EVP_PKEY_id(pk); + if (pktype == EVP_PKEY_DSA) { + bitlen = check_bitlen_dsa(EVP_PKEY_get0_DSA(pk), ispub, &magic); keyalg = MS_KEYALG_DSS_SIGN; - } else if (pk->type == EVP_PKEY_RSA) { - bitlen = check_bitlen_rsa(pk->pkey.rsa, ispub, &magic); + } else if (pktype == EVP_PKEY_RSA) { + bitlen = check_bitlen_rsa(EVP_PKEY_get0_RSA(pk), ispub, &magic); keyalg = MS_KEYALG_RSA_KEYX; } else return -1; @@ -485,9 +444,10 @@ static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub) if (*out) p = *out; else { - p = OPENSSL_malloc(outlen); - if (!p) + if ((p = OPENSSL_malloc(outlen)) == NULL) { + PEMerr(PEM_F_DO_I2B, ERR_R_MALLOC_FAILURE); return -1; + } *out = p; noinc = 1; } @@ -502,9 +462,9 @@ static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub) write_ledword(&p, magic); write_ledword(&p, bitlen); if (keyalg == MS_KEYALG_DSS_SIGN) - write_dsa(&p, pk->pkey.dsa, ispub); + write_dsa(&p, EVP_PKEY_get0_DSA(pk), ispub); else - write_rsa(&p, pk->pkey.rsa, ispub); + write_rsa(&p, EVP_PKEY_get0_RSA(pk), ispub); if (!noinc) *out += outlen; return outlen; @@ -527,16 +487,21 @@ static int do_i2b_bio(BIO *out, EVP_PKEY *pk, int ispub) static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic) { int bitlen; - bitlen = BN_num_bits(dsa->p); - if ((bitlen & 7) || (BN_num_bits(dsa->q) != 160) - || (BN_num_bits(dsa->g) > bitlen)) + const BIGNUM *p = NULL, *q = NULL, *g = NULL; + const BIGNUM *pub_key = NULL, *priv_key = NULL; + + DSA_get0_pqg(dsa, &p, &q, &g); + DSA_get0_key(dsa, &pub_key, &priv_key); + bitlen = BN_num_bits(p); + if ((bitlen & 7) || (BN_num_bits(q) != 160) + || (BN_num_bits(g) > bitlen)) goto badkey; if (ispub) { - if (BN_num_bits(dsa->pub_key) > bitlen) + if (BN_num_bits(pub_key) > bitlen) goto badkey; *pmagic = MS_DSS1MAGIC; } else { - if (BN_num_bits(dsa->priv_key) > 160) + if (BN_num_bits(priv_key) > 160) goto badkey; *pmagic = MS_DSS2MAGIC; } @@ -550,26 +515,35 @@ static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic) static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic) { int nbyte, hnbyte, bitlen; - if (BN_num_bits(rsa->e) > 32) + const BIGNUM *e; + + RSA_get0_key(rsa, NULL, &e, NULL); + if (BN_num_bits(e) > 32) goto badkey; - bitlen = BN_num_bits(rsa->n); - nbyte = BN_num_bytes(rsa->n); - hnbyte = (BN_num_bits(rsa->n) + 15) >> 4; + bitlen = RSA_bits(rsa); + nbyte = RSA_size(rsa); + hnbyte = (bitlen + 15) >> 4; if (ispub) { *pmagic = MS_RSA1MAGIC; return bitlen; } else { + const BIGNUM *d, *p, *q, *iqmp, *dmp1, *dmq1; + *pmagic = MS_RSA2MAGIC; + /* * For private key each component must fit within nbyte or hnbyte. */ - if (BN_num_bytes(rsa->d) > nbyte) + RSA_get0_key(rsa, NULL, NULL, &d); + if (BN_num_bytes(d) > nbyte) goto badkey; - if ((BN_num_bytes(rsa->iqmp) > hnbyte) - || (BN_num_bytes(rsa->p) > hnbyte) - || (BN_num_bytes(rsa->q) > hnbyte) - || (BN_num_bytes(rsa->dmp1) > hnbyte) - || (BN_num_bytes(rsa->dmq1) > hnbyte)) + RSA_get0_factors(rsa, &p, &q); + RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); + if ((BN_num_bytes(iqmp) > hnbyte) + || (BN_num_bytes(p) > hnbyte) + || (BN_num_bytes(q) > hnbyte) + || (BN_num_bytes(dmp1) > hnbyte) + || (BN_num_bytes(dmq1) > hnbyte)) goto badkey; } return bitlen; @@ -581,31 +555,41 @@ static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic) static void write_rsa(unsigned char **out, RSA *rsa, int ispub) { int nbyte, hnbyte; - nbyte = BN_num_bytes(rsa->n); - hnbyte = (BN_num_bits(rsa->n) + 15) >> 4; - write_lebn(out, rsa->e, 4); - write_lebn(out, rsa->n, -1); + const BIGNUM *n, *d, *e, *p, *q, *iqmp, *dmp1, *dmq1; + + nbyte = RSA_size(rsa); + hnbyte = (RSA_bits(rsa) + 15) >> 4; + RSA_get0_key(rsa, &n, &e, &d); + write_lebn(out, e, 4); + write_lebn(out, n, nbyte); if (ispub) return; - write_lebn(out, rsa->p, hnbyte); - write_lebn(out, rsa->q, hnbyte); - write_lebn(out, rsa->dmp1, hnbyte); - write_lebn(out, rsa->dmq1, hnbyte); - write_lebn(out, rsa->iqmp, hnbyte); - write_lebn(out, rsa->d, nbyte); + RSA_get0_factors(rsa, &p, &q); + RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); + write_lebn(out, p, hnbyte); + write_lebn(out, q, hnbyte); + write_lebn(out, dmp1, hnbyte); + write_lebn(out, dmq1, hnbyte); + write_lebn(out, iqmp, hnbyte); + write_lebn(out, d, nbyte); } static void write_dsa(unsigned char **out, DSA *dsa, int ispub) { int nbyte; - nbyte = BN_num_bytes(dsa->p); - write_lebn(out, dsa->p, nbyte); - write_lebn(out, dsa->q, 20); - write_lebn(out, dsa->g, nbyte); + const BIGNUM *p = NULL, *q = NULL, *g = NULL; + const BIGNUM *pub_key = NULL, *priv_key = NULL; + + DSA_get0_pqg(dsa, &p, &q, &g); + DSA_get0_key(dsa, &pub_key, &priv_key); + nbyte = BN_num_bytes(p); + write_lebn(out, p, nbyte); + write_lebn(out, q, 20); + write_lebn(out, g, nbyte); if (ispub) - write_lebn(out, dsa->pub_key, nbyte); + write_lebn(out, pub_key, nbyte); else - write_lebn(out, dsa->priv_key, 20); + write_lebn(out, priv_key, 20); /* Set "invalid" for seed structure values */ memset(*out, 0xff, 24); *out += 24; @@ -671,16 +655,16 @@ static int derive_pvk_key(unsigned char *key, const unsigned char *salt, unsigned int saltlen, const unsigned char *pass, int passlen) { - EVP_MD_CTX mctx; + EVP_MD_CTX *mctx = EVP_MD_CTX_new(); int rv = 1; - EVP_MD_CTX_init(&mctx); - if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL) - || !EVP_DigestUpdate(&mctx, salt, saltlen) - || !EVP_DigestUpdate(&mctx, pass, passlen) - || !EVP_DigestFinal_ex(&mctx, key, NULL)) + if (mctx == NULL + || !EVP_DigestInit_ex(mctx, EVP_sha1(), NULL) + || !EVP_DigestUpdate(mctx, salt, saltlen) + || !EVP_DigestUpdate(mctx, pass, passlen) + || !EVP_DigestFinal_ex(mctx, key, NULL)) rv = 0; - EVP_MD_CTX_cleanup(&mctx); + EVP_MD_CTX_free(mctx); return rv; } @@ -692,22 +676,22 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, const unsigned char *p = *in; unsigned int magic; unsigned char *enctmp = NULL, *q; - EVP_CIPHER_CTX cctx; - EVP_CIPHER_CTX_init(&cctx); + unsigned char keybuf[20]; + + EVP_CIPHER_CTX *cctx = EVP_CIPHER_CTX_new(); if (saltlen) { char psbuf[PEM_BUFSIZE]; - unsigned char keybuf[20]; int enctmplen, inlen; if (cb) inlen = cb(psbuf, PEM_BUFSIZE, 0, u); else inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u); - if (inlen <= 0) { + if (inlen < 0) { PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_PASSWORD_READ); goto err; } enctmp = OPENSSL_malloc(keylen + 8); - if (!enctmp) { + if (enctmp == NULL) { PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE); goto err; } @@ -724,38 +708,38 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, } inlen = keylen - 8; q = enctmp + 8; - if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL)) + if (!EVP_DecryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, NULL)) goto err; - if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen)) + if (!EVP_DecryptUpdate(cctx, q, &enctmplen, p, inlen)) goto err; - if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen)) + if (!EVP_DecryptFinal_ex(cctx, q + enctmplen, &enctmplen)) goto err; magic = read_ledword((const unsigned char **)&q); if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) { q = enctmp + 8; memset(keybuf + 5, 0, 11); - if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL)) + if (!EVP_DecryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, NULL)) goto err; - OPENSSL_cleanse(keybuf, 20); - if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen)) + if (!EVP_DecryptUpdate(cctx, q, &enctmplen, p, inlen)) goto err; - if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen)) + if (!EVP_DecryptFinal_ex(cctx, q + enctmplen, &enctmplen)) goto err; magic = read_ledword((const unsigned char **)&q); if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) { PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT); goto err; } - } else - OPENSSL_cleanse(keybuf, 20); + } p = enctmp; } ret = b2i_PrivateKey(&p, keylen); err: - EVP_CIPHER_CTX_cleanup(&cctx); - if (enctmp && saltlen) + EVP_CIPHER_CTX_free(cctx); + if (enctmp != NULL) { + OPENSSL_cleanse(keybuf, sizeof(keybuf)); OPENSSL_free(enctmp); + } return ret; } @@ -776,7 +760,7 @@ EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u) return 0; buflen = (int)keylen + saltlen; buf = OPENSSL_malloc(buflen); - if (!buf) { + if (buf == NULL) { PEMerr(PEM_F_B2I_PVK_BIO, ERR_R_MALLOC_FAILURE); return 0; } @@ -788,10 +772,7 @@ EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u) ret = do_PVK_body(&p, saltlen, keylen, cb, u); err: - if (buf) { - OPENSSL_cleanse(buf, buflen); - OPENSSL_free(buf); - } + OPENSSL_clear_free(buf, buflen); return ret; } @@ -799,31 +780,33 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel, pem_password_cb *cb, void *u) { int outlen = 24, pklen; - unsigned char *p, *salt = NULL; - EVP_CIPHER_CTX cctx; - EVP_CIPHER_CTX_init(&cctx); + unsigned char *p = NULL, *start = NULL, *salt = NULL; + EVP_CIPHER_CTX *cctx = NULL; if (enclevel) outlen += PVK_SALTLEN; pklen = do_i2b(NULL, pk, 0); if (pklen < 0) return -1; outlen += pklen; - if (!out) + if (out == NULL) return outlen; - if (*out) + if (*out != NULL) { p = *out; - else { - p = OPENSSL_malloc(outlen); - if (!p) { + } else { + start = p = OPENSSL_malloc(outlen); + if (p == NULL) { PEMerr(PEM_F_I2B_PVK, ERR_R_MALLOC_FAILURE); return -1; } - *out = p; } + cctx = EVP_CIPHER_CTX_new(); + if (cctx == NULL) + goto error; + write_ledword(&p, MS_PVKMAGIC); write_ledword(&p, 0); - if (pk->type == EVP_PKEY_DSA) + if (EVP_PKEY_id(pk) == EVP_PKEY_DSA) write_ledword(&p, MS_KEYTYPE_SIGN); else write_ledword(&p, MS_KEYTYPE_KEYX); @@ -837,9 +820,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel, p += PVK_SALTLEN; } do_i2b(&p, pk, 0); - if (enclevel == 0) - return outlen; - else { + if (enclevel != 0) { char psbuf[PEM_BUFSIZE]; unsigned char keybuf[20]; int enctmplen, inlen; @@ -857,19 +838,26 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel, if (enclevel == 1) memset(keybuf + 5, 0, 11); p = salt + PVK_SALTLEN + 8; - if (!EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL)) + if (!EVP_EncryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, NULL)) goto error; OPENSSL_cleanse(keybuf, 20); - if (!EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8)) + if (!EVP_DecryptUpdate(cctx, p, &enctmplen, p, pklen - 8)) goto error; - if (!EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen)) + if (!EVP_DecryptFinal_ex(cctx, p + enctmplen, &enctmplen)) goto error; } - EVP_CIPHER_CTX_cleanup(&cctx); + + EVP_CIPHER_CTX_free(cctx); + + if (*out == NULL) + *out = start; + return outlen; error: - EVP_CIPHER_CTX_cleanup(&cctx); + EVP_CIPHER_CTX_free(cctx); + if (*out == NULL) + OPENSSL_free(start); return -1; } |