source-git / gnutls

Clone
Source Code
GIT

Files

  1.   aea12fd77cb6cf3676e0fc1d41047f68003fa033
  2.   lib
  3.   x509
  4.   privkey_pkcs8_pbes1.c
Blob Blame History Raw 
/*
 * Copyright (C) 2016 Red Hat
 *
 * Author: Nikos Mavrogiannopoulos
 *
 * This file is part of GnuTLS.
 *
 * The GnuTLS is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public License
 * as published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>
 *
 */

#include "gnutls_int.h"

#include <datum.h>
#include <global.h>
#include "errors.h"
#include <common.h>
#include <x509.h>
#include <x509_b64.h>
#include "x509_int.h"
#include "pkcs7_int.h"
#include <algorithms.h>
#include <nettle/md5.h>

/* This file includes support for PKCS#8 PBES1 with DES and MD5.
 * We only support decryption for compatibility with other software.
 */

int _gnutls_read_pbkdf1_params(const uint8_t * data, int data_size,
		       struct pbkdf2_params *kdf_params,
		       struct pbe_enc_params *enc_params)
{
	ASN1_TYPE pasn = ASN1_TYPE_EMPTY;
	int len;
	int ret, result;

	memset(kdf_params, 0, sizeof(*kdf_params));
	memset(enc_params, 0, sizeof(*enc_params));

	if ((result =
		     asn1_create_element(_gnutls_get_pkix(),
					 "PKIX1.pkcs-5-PBE-params",
					 &pasn)) != ASN1_SUCCESS) {
		gnutls_assert();
		return _gnutls_asn2err(result);
	}

	/* Decode the parameters.
	 */
	result =
	    _asn1_strict_der_decode(&pasn, data, data_size, NULL);
	if (result != ASN1_SUCCESS) {
		gnutls_assert();
		ret = _gnutls_asn2err(result);
		goto error;
	}

	ret =
	    _gnutls_x509_read_uint(pasn, "iterationCount",
			   &kdf_params->iter_count);
	if (ret < 0) {
		gnutls_assert();
		goto error;
	}

	if (kdf_params->iter_count >= MAX_ITER_COUNT || kdf_params->iter_count == 0) {
		ret = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
		goto error;
	}

	len = sizeof(kdf_params->salt);
	result =
	    asn1_read_value(pasn, "salt",
		    kdf_params->salt, &len);
	if (result != ASN1_SUCCESS) {
		gnutls_assert();
		ret = _gnutls_asn2err(result);
		goto error;
	}

	if (len != 8) {
		gnutls_assert();
		ret = GNUTLS_E_ILLEGAL_PARAMETER;
		goto error;
	}

	enc_params->cipher = GNUTLS_CIPHER_DES_CBC;

	ret = 0;
 error:
	asn1_delete_structure2(&pasn, ASN1_DELETE_FLAG_ZEROIZE);
	return ret;

}

static void pbkdf1_md5(const char *password, unsigned password_len,
	const uint8_t salt[8], unsigned iter_count, unsigned key_size, uint8_t *key)
{
	struct md5_ctx ctx;
	uint8_t tmp[16];
	unsigned i;

	if (key_size > sizeof(tmp))
		abort();

	for (i=0;i<iter_count;i++) {
		md5_init(&ctx);
		if (i==0) {
			md5_update(&ctx, password_len, (uint8_t*)password);
			md5_update(&ctx, 8, salt);
			md5_digest(&ctx, 16, tmp);
		} else {
			md5_update(&ctx, 16, tmp);
			md5_digest(&ctx, 16, tmp);
		}
	}

	memcpy(key, tmp, key_size);
	return;
}

int
_gnutls_decrypt_pbes1_des_md5_data(const char *password,
			   unsigned password_len,
			   const struct pbkdf2_params *kdf_params,
			   const struct pbe_enc_params *enc_params,
			   gnutls_datum_t *encrypted_data, /* we re-use it */
			   gnutls_datum_t *decrypted_data)
{
	int result;
	gnutls_datum_t dkey, d_iv;
	cipher_hd_st ch;
	uint8_t key[16];
	const unsigned block_size = 8;

	if (enc_params->cipher != GNUTLS_CIPHER_DES_CBC)
		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);

	if (encrypted_data->size % block_size != 0)
		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);

	/* generate the key
	 */
	pbkdf1_md5(password, password_len, kdf_params->salt, kdf_params->iter_count, sizeof(key), key);

	dkey.data = key;
	dkey.size = 8;
	d_iv.data = &key[8];
	d_iv.size = 8;
	result =
	    _gnutls_cipher_init(&ch, cipher_to_entry(GNUTLS_CIPHER_DES_CBC),
				&dkey, &d_iv, 0);
	if (result < 0)
		return gnutls_assert_val(result);

	result = _gnutls_cipher_decrypt(&ch, encrypted_data->data, encrypted_data->size);
	if (result < 0) {
		gnutls_assert();
		goto error;
	}

	if ((int)encrypted_data->size - encrypted_data->data[encrypted_data->size - 1] < 0) {
		gnutls_assert();
		result = GNUTLS_E_ILLEGAL_PARAMETER;
		goto error;
	}

	decrypted_data->data = encrypted_data->data;
	decrypted_data->size = encrypted_data->size - encrypted_data->data[encrypted_data->size - 1];

	result = 0;
 error:
	_gnutls_cipher_deinit(&ch);

	return result;
}

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation