xref: /openssl/crypto/pkcs12/p12_decr.c (revision b6461792)
1 /*
2  * Copyright 1999-2024 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include <stdio.h>
11 #include "internal/cryptlib.h"
12 #include <openssl/pkcs12.h>
13 #include <openssl/trace.h>
14 
15 /*
16  * Encrypt/Decrypt a buffer based on password and algor, result in a
17  * OPENSSL_malloc'ed buffer
18  */
PKCS12_pbe_crypt_ex(const X509_ALGOR * algor,const char * pass,int passlen,const unsigned char * in,int inlen,unsigned char ** data,int * datalen,int en_de,OSSL_LIB_CTX * libctx,const char * propq)19 unsigned char *PKCS12_pbe_crypt_ex(const X509_ALGOR *algor,
20                                    const char *pass, int passlen,
21                                    const unsigned char *in, int inlen,
22                                    unsigned char **data, int *datalen, int en_de,
23                                    OSSL_LIB_CTX *libctx, const char *propq)
24 {
25     unsigned char *out = NULL;
26     int outlen, i;
27     EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
28     int max_out_len, mac_len = 0;
29     int block_size;
30 
31     if (ctx == NULL) {
32         ERR_raise(ERR_LIB_PKCS12, ERR_R_EVP_LIB);
33         goto err;
34     }
35 
36     /* Process data */
37     if (!EVP_PBE_CipherInit_ex(algor->algorithm, pass, passlen,
38                                algor->parameter, ctx, en_de, libctx, propq))
39         goto err;
40 
41     /*
42      * GOST algorithm specifics:
43      * OMAC algorithm calculate and encrypt MAC of the encrypted objects
44      * It's appended to encrypted text on encrypting
45      * MAC should be processed on decrypting separately from plain text
46      */
47     block_size = EVP_CIPHER_CTX_get_block_size(ctx);
48 
49     if (block_size == 0) {
50         ERR_raise(ERR_LIB_PKCS12, ERR_R_PASSED_NULL_PARAMETER);
51         goto err;
52     }
53 
54     max_out_len = inlen + block_size;
55     if ((EVP_CIPHER_get_flags(EVP_CIPHER_CTX_get0_cipher(ctx))
56                 & EVP_CIPH_FLAG_CIPHER_WITH_MAC) != 0) {
57         if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD, 0, &mac_len) < 0) {
58             ERR_raise(ERR_LIB_PKCS12, ERR_R_INTERNAL_ERROR);
59             goto err;
60         }
61 
62         if (EVP_CIPHER_CTX_is_encrypting(ctx)) {
63             max_out_len += mac_len;
64         } else {
65             if (inlen < mac_len) {
66                 ERR_raise(ERR_LIB_PKCS12, PKCS12_R_UNSUPPORTED_PKCS12_MODE);
67                 goto err;
68             }
69             inlen -= mac_len;
70             if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
71                                     (int)mac_len, (unsigned char *)in+inlen) < 0) {
72                 ERR_raise(ERR_LIB_PKCS12, ERR_R_INTERNAL_ERROR);
73                 goto err;
74             }
75         }
76     }
77 
78     if ((out = OPENSSL_malloc(max_out_len)) == NULL)
79         goto err;
80 
81     if (!EVP_CipherUpdate(ctx, out, &i, in, inlen)) {
82         OPENSSL_free(out);
83         out = NULL;
84         ERR_raise(ERR_LIB_PKCS12, ERR_R_EVP_LIB);
85         goto err;
86     }
87 
88     outlen = i;
89     if (!EVP_CipherFinal_ex(ctx, out + i, &i)) {
90         OPENSSL_free(out);
91         out = NULL;
92         ERR_raise_data(ERR_LIB_PKCS12, PKCS12_R_PKCS12_CIPHERFINAL_ERROR,
93                        passlen == 0 ? "empty password"
94                        : "maybe wrong password");
95         goto err;
96     }
97     outlen += i;
98     if ((EVP_CIPHER_get_flags(EVP_CIPHER_CTX_get0_cipher(ctx))
99                 & EVP_CIPH_FLAG_CIPHER_WITH_MAC) != 0) {
100         if (EVP_CIPHER_CTX_is_encrypting(ctx)) {
101             if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
102                 (int)mac_len, out+outlen) < 0) {
103                 OPENSSL_free(out);
104                 out = NULL;
105                 ERR_raise(ERR_LIB_PKCS12, ERR_R_INTERNAL_ERROR);
106                 goto err;
107             }
108             outlen += mac_len;
109         }
110     }
111     if (datalen)
112         *datalen = outlen;
113     if (data)
114         *data = out;
115  err:
116     EVP_CIPHER_CTX_free(ctx);
117     return out;
118 
119 }
120 
PKCS12_pbe_crypt(const X509_ALGOR * algor,const char * pass,int passlen,const unsigned char * in,int inlen,unsigned char ** data,int * datalen,int en_de)121 unsigned char *PKCS12_pbe_crypt(const X509_ALGOR *algor,
122                                 const char *pass, int passlen,
123                                 const unsigned char *in, int inlen,
124                                 unsigned char **data, int *datalen, int en_de)
125 {
126     return PKCS12_pbe_crypt_ex(algor, pass, passlen, in, inlen, data, datalen,
127                                en_de, NULL, NULL);
128 }
129 
130 /*
131  * Decrypt an OCTET STRING and decode ASN1 structure if zbuf set zero buffer
132  * after use.
133  */
134 
PKCS12_item_decrypt_d2i_ex(const X509_ALGOR * algor,const ASN1_ITEM * it,const char * pass,int passlen,const ASN1_OCTET_STRING * oct,int zbuf,OSSL_LIB_CTX * libctx,const char * propq)135 void *PKCS12_item_decrypt_d2i_ex(const X509_ALGOR *algor, const ASN1_ITEM *it,
136                                  const char *pass, int passlen,
137                                  const ASN1_OCTET_STRING *oct, int zbuf,
138                                  OSSL_LIB_CTX *libctx,
139                                  const char *propq)
140 {
141     unsigned char *out = NULL;
142     const unsigned char *p;
143     void *ret;
144     int outlen = 0;
145 
146     if (!PKCS12_pbe_crypt_ex(algor, pass, passlen, oct->data, oct->length,
147                              &out, &outlen, 0, libctx, propq))
148         return NULL;
149     p = out;
150     OSSL_TRACE_BEGIN(PKCS12_DECRYPT) {
151         BIO_printf(trc_out, "\n");
152         BIO_dump(trc_out, out, outlen);
153         BIO_printf(trc_out, "\n");
154     } OSSL_TRACE_END(PKCS12_DECRYPT);
155     ret = ASN1_item_d2i(NULL, &p, outlen, it);
156     if (zbuf)
157         OPENSSL_cleanse(out, outlen);
158     if (!ret)
159         ERR_raise(ERR_LIB_PKCS12, PKCS12_R_DECODE_ERROR);
160     OPENSSL_free(out);
161     return ret;
162 }
163 
PKCS12_item_decrypt_d2i(const X509_ALGOR * algor,const ASN1_ITEM * it,const char * pass,int passlen,const ASN1_OCTET_STRING * oct,int zbuf)164 void *PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it,
165                               const char *pass, int passlen,
166                               const ASN1_OCTET_STRING *oct, int zbuf)
167 {
168     return PKCS12_item_decrypt_d2i_ex(algor, it, pass, passlen, oct, zbuf,
169                                       NULL, NULL);
170 }
171 
172 /*
173  * Encode ASN1 structure and encrypt, return OCTET STRING if zbuf set zero
174  * encoding.
175  */
176 
PKCS12_item_i2d_encrypt_ex(X509_ALGOR * algor,const ASN1_ITEM * it,const char * pass,int passlen,void * obj,int zbuf,OSSL_LIB_CTX * ctx,const char * propq)177 ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt_ex(X509_ALGOR *algor,
178                                               const ASN1_ITEM *it,
179                                               const char *pass, int passlen,
180                                               void *obj, int zbuf,
181                                               OSSL_LIB_CTX *ctx,
182                                               const char *propq)
183 {
184     ASN1_OCTET_STRING *oct = NULL;
185     unsigned char *in = NULL;
186     int inlen;
187 
188     if ((oct = ASN1_OCTET_STRING_new()) == NULL) {
189         ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB);
190         goto err;
191     }
192     inlen = ASN1_item_i2d(obj, &in, it);
193     if (!in) {
194         ERR_raise(ERR_LIB_PKCS12, PKCS12_R_ENCODE_ERROR);
195         goto err;
196     }
197     if (!PKCS12_pbe_crypt_ex(algor, pass, passlen, in, inlen, &oct->data,
198                              &oct->length, 1, ctx, propq)) {
199         ERR_raise(ERR_LIB_PKCS12, PKCS12_R_ENCRYPT_ERROR);
200         OPENSSL_free(in);
201         goto err;
202     }
203     if (zbuf)
204         OPENSSL_cleanse(in, inlen);
205     OPENSSL_free(in);
206     return oct;
207  err:
208     ASN1_OCTET_STRING_free(oct);
209     return NULL;
210 }
211 
PKCS12_item_i2d_encrypt(X509_ALGOR * algor,const ASN1_ITEM * it,const char * pass,int passlen,void * obj,int zbuf)212 ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
213                                            const ASN1_ITEM *it,
214                                            const char *pass, int passlen,
215                                            void *obj, int zbuf)
216 {
217     return PKCS12_item_i2d_encrypt_ex(algor, it, pass, passlen, obj, zbuf, NULL, NULL);
218 }
219