mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1272 from ejohnstown/pkcs5-fix

Browse Source 
PKCS5 Fixes
This commit is contained in:
dgarske 2017-12-19 10:09:14 -08:00 committed by GitHub
commit d6472c7f71
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 119 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
wolfcrypt/src/asn.c
View File

@ -71,6 +71,9 @@ ASN Options:
#include <wolfcrypt/src/misc.c>
#endif
#ifndef NO_PWDBASED
#include <wolfssl/wolfcrypt/aes.h>
#endif
#ifndef NO_RC4
#include <wolfssl/wolfcrypt/arc4.h>
#endif
@ -722,6 +725,12 @@ static const byte hashSha256hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 1};
static const byte hashSha384hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 2};
static const byte hashSha512hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 3};
/* hmacType */
static const byte hmacSha224Oid[] = {42, 134, 72, 134, 247, 13, 2, 8};
static const byte hmacSha256Oid[] = {42, 134, 72, 134, 247, 13, 2, 9};
static const byte hmacSha384Oid[] = {42, 134, 72, 134, 247, 13, 2, 10};
static const byte hmacSha512Oid[] = {42, 134, 72, 134, 247, 13, 2, 11};
/* sigType */
#ifndef NO_DSA
static const byte sigSha1wDsaOid[] = {42, 134, 72, 206, 56, 4, 3};
@ -1190,6 +1199,27 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
}
break;
case oidHmacType:
switch (id) {
case HMAC_SHA224_OID:
oid = hmacSha224Oid;
*oidSz = sizeof(hmacSha224Oid);
break;
case HMAC_SHA256_OID:
oid = hmacSha256Oid;
*oidSz = sizeof(hmacSha256Oid);
break;
case HMAC_SHA384_OID:
oid = hmacSha384Oid;
*oidSz = sizeof(hmacSha384Oid);
break;
case HMAC_SHA512_OID:
oid = hmacSha512Oid;
*oidSz = sizeof(hmacSha512Oid);
break;
}
break;
case oidIgnoreType:
default:
break;
@ -1399,7 +1429,7 @@ int GetObjectId(const byte* input, word32* inOutIdx, word32* oid,
const byte* checkOid = NULL;
word32 checkOidSz;
#ifdef ASN_DUMP_OID
int i;
word32 i;
#endif
if (oidType != oidIgnoreType) {
@ -1876,12 +1906,15 @@ static int CheckAlgo(int first, int second, int* id, int* version)
static int CheckAlgoV2(int oid, int* id)
{
switch (oid) {
case 69:
case DESb:
*id = PBE_SHA1_DES;
return 0;
case 652:
case DES3b:
*id = PBE_SHA1_DES3;
return 0;
case AES256CBCb:
*id = PBE_AES256_CBC;
return 0;
default:
return ALGO_ID_E;
@ -1896,7 +1929,6 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
{
int typeH;
int derivedLen;
int decryptionType;
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
byte* key;
@ -1911,25 +1943,26 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
case PBE_MD5_DES:
typeH = WC_MD5;
derivedLen = 16; /* may need iv for v1.5 */
decryptionType = DES_TYPE;
break;
case PBE_SHA1_DES:
typeH = WC_SHA;
derivedLen = 16; /* may need iv for v1.5 */
decryptionType = DES_TYPE;
break;
case PBE_SHA1_DES3:
typeH = WC_SHA;
derivedLen = 32; /* may need iv for v1.5 */
decryptionType = DES3_TYPE;
break;
case PBE_SHA1_RC4_128:
typeH = WC_SHA;
derivedLen = 16;
decryptionType = RC4_TYPE;
break;
case PBE_AES256_CBC:
typeH = WC_SHA256;
derivedLen = 32;
break;
default:
@ -1971,7 +2004,7 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
ret = wc_PKCS12_PBKDF(key, unicodePasswd, idx, salt, saltSz,
iterations, derivedLen, typeH, 1);
if (decryptionType != RC4_TYPE)
if (id != PBE_SHA1_RC4_128)
ret += wc_PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt, saltSz,
iterations, 8, typeH, 2);
}
@ -1989,9 +2022,10 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
return ret;
}
switch (decryptionType) {
switch (id) {
#ifndef NO_DES3
case DES_TYPE:
case PBE_MD5_DES:
case PBE_SHA1_DES:
{
Des dec;
byte* desIv = key + 8;
@ -2011,7 +2045,7 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
break;
}
case DES3_TYPE:
case PBE_SHA1_DES3:
{
Des3 dec;
byte* desIv = key + 24;
@ -2044,7 +2078,7 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
}
#endif
#ifndef NO_RC4
case RC4_TYPE:
case PBE_SHA1_RC4_128:
{
Arc4 dec;
@ -2053,6 +2087,26 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
break;
}
#endif
#ifndef NO_AES
case PBE_AES256_CBC:
{
Aes dec;
ret = wc_AesInit(&dec, NULL, INVALID_DEVID);
if (ret == 0)
ret = wc_AesSetKey(&dec, key, derivedLen,
cbcIv, AES_DECRYPTION);
if (ret == 0)
ret = wc_AesCbcDecrypt(&dec, input, input, length);
if (ret != 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
ForceZero(&dec, sizeof(Aes));
break;
}
#endif
default:
#ifdef WOLFSSL_SMALL_STACK
@ -2169,9 +2223,9 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
of input */
int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
{
word32 inOutIdx = 0, oid;
word32 inOutIdx = 0, seqEnd, oid;
int ret = 0, first, second, length = 0, version, saltSz, id;
int iterations = 0;
int iterations = 0, keySz = 0;
#ifdef WOLFSSL_SMALL_STACK
byte* salt = NULL;
byte* cbcIv = NULL;
@ -2212,6 +2266,9 @@ int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
if (GetSequence(input, &inOutIdx, &length, sz) <= 0) {
ERROR_OUT(ASN_PARSE_E, exit_tte);
}
/* Find the end of this SEQUENCE so we can check for the OPTIONAL and
* DEFAULT items. */
seqEnd = inOutIdx + length;
ret = GetOctetString(input, &inOutIdx, &saltSz, sz);
if (ret < 0)
@ -2235,6 +2292,20 @@ int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
ERROR_OUT(ASN_PARSE_E, exit_tte);
}
/* OPTIONAL key length */
if (seqEnd > inOutIdx && input[inOutIdx] == ASN_INTEGER) {
if (GetShortInt(input, &inOutIdx, &keySz, sz) < 0) {
ERROR_OUT(ASN_PARSE_E, exit_tte);
}
}
/* DEFAULT HMAC is SHA-1 */
if (seqEnd > inOutIdx) {
if (GetAlgoId(input, &inOutIdx, &oid, oidHmacType, sz) < 0) {
ERROR_OUT(ASN_PARSE_E, exit_tte);
}
}
#ifdef WOLFSSL_SMALL_STACK
cbcIv = (byte*)XMALLOC(MAX_IV_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (cbcIv == NULL) {
@ -2244,7 +2315,6 @@ int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
if (version == PKCS5v2) {
/* get encryption algo */
/* JOHN: New type. Need a little more research. */
if (GetAlgoId(input, &inOutIdx, &oid, oidBlkType, sz) < 0) {
ERROR_OUT(ASN_PARSE_E, exit_tte);
}
@ -2289,10 +2359,10 @@ exit_tte:
/* decrypt PKCS */
int DecryptContent(byte* input, word32 sz,const char* password,int passwordSz)
{
word32 inOutIdx = 0, oid;
word32 inOutIdx = 0, seqEnd, oid;
int ret = 0;
int first, second, length = 0, version, saltSz, id;
int iterations = 0;
int iterations = 0, keySz = 0;
#ifdef WOLFSSL_SMALL_STACK
byte* salt = NULL;
byte* cbcIv = NULL;
@ -2329,6 +2399,9 @@ int DecryptContent(byte* input, word32 sz,const char* password,int passwordSz)
if (GetSequence(input, &inOutIdx, &length, sz) <= 0) {
ERROR_OUT(ASN_PARSE_E, exit_dc);
}
/* Find the end of this SEQUENCE so we can check for the OPTIONAL and
* DEFAULT items. */
seqEnd = inOutIdx + length;
ret = GetOctetString(input, &inOutIdx, &saltSz, sz);
if (ret < 0)
@ -2352,6 +2425,20 @@ int DecryptContent(byte* input, word32 sz,const char* password,int passwordSz)
ERROR_OUT(ASN_PARSE_E, exit_dc);
}
/* OPTIONAL key length */
if (seqEnd > inOutIdx && input[inOutIdx] == ASN_INTEGER) {
if (GetShortInt(input, &inOutIdx, &keySz, sz) < 0) {
ERROR_OUT(ASN_PARSE_E, exit_dc);
}
}
/* DEFAULT HMAC is SHA-1 */
if (seqEnd > inOutIdx) {
if (GetAlgoId(input, &inOutIdx, &oid, oidHmacType, sz) < 0) {
ERROR_OUT(ASN_PARSE_E, exit_dc);
}
}
#ifdef WOLFSSL_SMALL_STACK
cbcIv = (byte*)XMALLOC(MAX_IV_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (cbcIv == NULL) {
@ -2361,7 +2448,6 @@ int DecryptContent(byte* input, word32 sz,const char* password,int passwordSz)
if (version == PKCS5v2) {
/* get encryption algo */
/* JOHN: New type. Need a little more research. */
if (GetAlgoId(input, &inOutIdx, &oid, oidBlkType, sz) < 0) {
ERROR_OUT(ASN_PARSE_E, exit_dc);
}
@ -2374,6 +2460,10 @@ int DecryptContent(byte* input, word32 sz,const char* password,int passwordSz)
if (ret < 0)
goto exit_dc;
if (length > MAX_IV_SIZE) {
ERROR_OUT(ASN_PARSE_E, exit_dc);
}
XMEMCPY(cbcIv, &input[inOutIdx], length);
inOutIdx += length;
}

16
wolfssl/wolfcrypt/asn.h
View File

@ -111,15 +111,10 @@ enum PBES {
PBE_SHA1_DES = 1,
PBE_SHA1_DES3 = 2,
PBE_SHA1_RC4_128 = 3,
PBE_AES256_CBC = 4,
PBES2 = 13 /* algo ID */
};
enum ENCRYPTION_TYPES {
DES_TYPE = 0,
DES3_TYPE = 1,
RC4_TYPE = 2
};
enum ECC_TYPES {
ECC_PREFIX_0 = 160,
ECC_PREFIX_1 = 161
@ -219,6 +214,7 @@ enum Oid_Types {
oidKdfType = 11,
oidKeyWrapType = 12,
oidCmsKeyAgreeType = 13,
oidHmacType = 14,
oidIgnoreType
};
@ -306,6 +302,14 @@ enum KDF_Sum {
};
enum HMAC_Sum {
HMAC_SHA224_OID = 652,
HMAC_SHA256_OID = 653,
HMAC_SHA384_OID = 654,
HMAC_SHA512_OID = 655
};
enum Extensions_Sum {
BASIC_CA_OID = 133,
ALT_NAMES_OID = 131,