Maxim nexpaq / nexpaq_dev

Preliminary main mbed library for nexpaq development

features/mbedtls/src/pkcs12.c@1:d96dbedaebdb, 2016-11-04 (annotated)

Committer:
nexpaq
Date:
Fri Nov 04 20:54:50 2016 +0000
Revision:
1:d96dbedaebdb
Parent:
0:6c56fb4bc5f0 
Removed extra directories for other platforms

Who changed what in which revision?

UserRevisionLine numberNew contents of line
nexpaq 0:6c56fb4bc5f0 1 /*
nexpaq 0:6c56fb4bc5f0 2 * PKCS#12 Personal Information Exchange Syntax
nexpaq 0:6c56fb4bc5f0 3 *
nexpaq 0:6c56fb4bc5f0 4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
nexpaq 0:6c56fb4bc5f0 5 * SPDX-License-Identifier: Apache-2.0
nexpaq 0:6c56fb4bc5f0 6 *
nexpaq 0:6c56fb4bc5f0 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
nexpaq 0:6c56fb4bc5f0 8 * not use this file except in compliance with the License.
nexpaq 0:6c56fb4bc5f0 9 * You may obtain a copy of the License at
nexpaq 0:6c56fb4bc5f0 10 *
nexpaq 0:6c56fb4bc5f0 11 * http://www.apache.org/licenses/LICENSE-2.0
nexpaq 0:6c56fb4bc5f0 12 *
nexpaq 0:6c56fb4bc5f0 13 * Unless required by applicable law or agreed to in writing, software
nexpaq 0:6c56fb4bc5f0 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
nexpaq 0:6c56fb4bc5f0 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
nexpaq 0:6c56fb4bc5f0 16 * See the License for the specific language governing permissions and
nexpaq 0:6c56fb4bc5f0 17 * limitations under the License.
nexpaq 0:6c56fb4bc5f0 18 *
nexpaq 0:6c56fb4bc5f0 19 * This file is part of mbed TLS (https://tls.mbed.org)
nexpaq 0:6c56fb4bc5f0 20 */
nexpaq 0:6c56fb4bc5f0 21 /*
nexpaq 0:6c56fb4bc5f0 22 * The PKCS #12 Personal Information Exchange Syntax Standard v1.1
nexpaq 0:6c56fb4bc5f0 23 *
nexpaq 0:6c56fb4bc5f0 24 * http://www.rsa.com/rsalabs/pkcs/files/h11301-wp-pkcs-12v1-1-personal-information-exchange-syntax.pdf
nexpaq 0:6c56fb4bc5f0 25 * ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1-1.asn
nexpaq 0:6c56fb4bc5f0 26 */
nexpaq 0:6c56fb4bc5f0 27
nexpaq 0:6c56fb4bc5f0 28 #if !defined(MBEDTLS_CONFIG_FILE)
nexpaq 0:6c56fb4bc5f0 29 #include "mbedtls/config.h"
nexpaq 0:6c56fb4bc5f0 30 #else
nexpaq 0:6c56fb4bc5f0 31 #include MBEDTLS_CONFIG_FILE
nexpaq 0:6c56fb4bc5f0 32 #endif
nexpaq 0:6c56fb4bc5f0 33
nexpaq 0:6c56fb4bc5f0 34 #if defined(MBEDTLS_PKCS12_C)
nexpaq 0:6c56fb4bc5f0 35
nexpaq 0:6c56fb4bc5f0 36 #include "mbedtls/pkcs12.h"
nexpaq 0:6c56fb4bc5f0 37 #include "mbedtls/asn1.h"
nexpaq 0:6c56fb4bc5f0 38 #include "mbedtls/cipher.h"
nexpaq 0:6c56fb4bc5f0 39
nexpaq 0:6c56fb4bc5f0 40 #include <string.h>
nexpaq 0:6c56fb4bc5f0 41
nexpaq 0:6c56fb4bc5f0 42 #if defined(MBEDTLS_ARC4_C)
nexpaq 0:6c56fb4bc5f0 43 #include "mbedtls/arc4.h"
nexpaq 0:6c56fb4bc5f0 44 #endif
nexpaq 0:6c56fb4bc5f0 45
nexpaq 0:6c56fb4bc5f0 46 #if defined(MBEDTLS_DES_C)
nexpaq 0:6c56fb4bc5f0 47 #include "mbedtls/des.h"
nexpaq 0:6c56fb4bc5f0 48 #endif
nexpaq 0:6c56fb4bc5f0 49
nexpaq 0:6c56fb4bc5f0 50 /* Implementation that should never be optimized out by the compiler */
nexpaq 0:6c56fb4bc5f0 51 static void mbedtls_zeroize( void *v, size_t n ) {
nexpaq 0:6c56fb4bc5f0 52 volatile unsigned char *p = v; while( n-- ) *p++ = 0;
nexpaq 0:6c56fb4bc5f0 53 }
nexpaq 0:6c56fb4bc5f0 54
nexpaq 0:6c56fb4bc5f0 55 static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params,
nexpaq 0:6c56fb4bc5f0 56 mbedtls_asn1_buf *salt, int *iterations )
nexpaq 0:6c56fb4bc5f0 57 {
nexpaq 0:6c56fb4bc5f0 58 int ret;
nexpaq 0:6c56fb4bc5f0 59 unsigned char **p = &params->p;
nexpaq 0:6c56fb4bc5f0 60 const unsigned char *end = params->p + params->len;
nexpaq 0:6c56fb4bc5f0 61
nexpaq 0:6c56fb4bc5f0 62 /*
nexpaq 0:6c56fb4bc5f0 63 * pkcs-12PbeParams ::= SEQUENCE {
nexpaq 0:6c56fb4bc5f0 64 * salt OCTET STRING,
nexpaq 0:6c56fb4bc5f0 65 * iterations INTEGER
nexpaq 0:6c56fb4bc5f0 66 * }
nexpaq 0:6c56fb4bc5f0 67 *
nexpaq 0:6c56fb4bc5f0 68 */
nexpaq 0:6c56fb4bc5f0 69 if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
nexpaq 0:6c56fb4bc5f0 70 return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT +
nexpaq 0:6c56fb4bc5f0 71 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
nexpaq 0:6c56fb4bc5f0 72
nexpaq 0:6c56fb4bc5f0 73 if( ( ret = mbedtls_asn1_get_tag( p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 74 return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret );
nexpaq 0:6c56fb4bc5f0 75
nexpaq 0:6c56fb4bc5f0 76 salt->p = *p;
nexpaq 0:6c56fb4bc5f0 77 *p += salt->len;
nexpaq 0:6c56fb4bc5f0 78
nexpaq 0:6c56fb4bc5f0 79 if( ( ret = mbedtls_asn1_get_int( p, end, iterations ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 80 return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret );
nexpaq 0:6c56fb4bc5f0 81
nexpaq 0:6c56fb4bc5f0 82 if( *p != end )
nexpaq 0:6c56fb4bc5f0 83 return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT +
nexpaq 0:6c56fb4bc5f0 84 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
nexpaq 0:6c56fb4bc5f0 85
nexpaq 0:6c56fb4bc5f0 86 return( 0 );
nexpaq 0:6c56fb4bc5f0 87 }
nexpaq 0:6c56fb4bc5f0 88
nexpaq 0:6c56fb4bc5f0 89 #define PKCS12_MAX_PWDLEN 128
nexpaq 0:6c56fb4bc5f0 90
nexpaq 0:6c56fb4bc5f0 91 static int pkcs12_pbe_derive_key_iv( mbedtls_asn1_buf *pbe_params, mbedtls_md_type_t md_type,
nexpaq 0:6c56fb4bc5f0 92 const unsigned char *pwd, size_t pwdlen,
nexpaq 0:6c56fb4bc5f0 93 unsigned char *key, size_t keylen,
nexpaq 0:6c56fb4bc5f0 94 unsigned char *iv, size_t ivlen )
nexpaq 0:6c56fb4bc5f0 95 {
nexpaq 0:6c56fb4bc5f0 96 int ret, iterations = 0;
nexpaq 0:6c56fb4bc5f0 97 mbedtls_asn1_buf salt;
nexpaq 0:6c56fb4bc5f0 98 size_t i;
nexpaq 0:6c56fb4bc5f0 99 unsigned char unipwd[PKCS12_MAX_PWDLEN * 2 + 2];
nexpaq 0:6c56fb4bc5f0 100
nexpaq 0:6c56fb4bc5f0 101 if( pwdlen > PKCS12_MAX_PWDLEN )
nexpaq 0:6c56fb4bc5f0 102 return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA );
nexpaq 0:6c56fb4bc5f0 103
nexpaq 0:6c56fb4bc5f0 104 memset( &salt, 0, sizeof(mbedtls_asn1_buf) );
nexpaq 0:6c56fb4bc5f0 105 memset( &unipwd, 0, sizeof(unipwd) );
nexpaq 0:6c56fb4bc5f0 106
nexpaq 0:6c56fb4bc5f0 107 if( ( ret = pkcs12_parse_pbe_params( pbe_params, &salt,
nexpaq 0:6c56fb4bc5f0 108 &iterations ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 109 return( ret );
nexpaq 0:6c56fb4bc5f0 110
nexpaq 0:6c56fb4bc5f0 111 for( i = 0; i < pwdlen; i++ )
nexpaq 0:6c56fb4bc5f0 112 unipwd[i * 2 + 1] = pwd[i];
nexpaq 0:6c56fb4bc5f0 113
nexpaq 0:6c56fb4bc5f0 114 if( ( ret = mbedtls_pkcs12_derivation( key, keylen, unipwd, pwdlen * 2 + 2,
nexpaq 0:6c56fb4bc5f0 115 salt.p, salt.len, md_type,
nexpaq 0:6c56fb4bc5f0 116 MBEDTLS_PKCS12_DERIVE_KEY, iterations ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 117 {
nexpaq 0:6c56fb4bc5f0 118 return( ret );
nexpaq 0:6c56fb4bc5f0 119 }
nexpaq 0:6c56fb4bc5f0 120
nexpaq 0:6c56fb4bc5f0 121 if( iv == NULL || ivlen == 0 )
nexpaq 0:6c56fb4bc5f0 122 return( 0 );
nexpaq 0:6c56fb4bc5f0 123
nexpaq 0:6c56fb4bc5f0 124 if( ( ret = mbedtls_pkcs12_derivation( iv, ivlen, unipwd, pwdlen * 2 + 2,
nexpaq 0:6c56fb4bc5f0 125 salt.p, salt.len, md_type,
nexpaq 0:6c56fb4bc5f0 126 MBEDTLS_PKCS12_DERIVE_IV, iterations ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 127 {
nexpaq 0:6c56fb4bc5f0 128 return( ret );
nexpaq 0:6c56fb4bc5f0 129 }
nexpaq 0:6c56fb4bc5f0 130 return( 0 );
nexpaq 0:6c56fb4bc5f0 131 }
nexpaq 0:6c56fb4bc5f0 132
nexpaq 0:6c56fb4bc5f0 133 #undef PKCS12_MAX_PWDLEN
nexpaq 0:6c56fb4bc5f0 134
nexpaq 0:6c56fb4bc5f0 135 int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
nexpaq 0:6c56fb4bc5f0 136 const unsigned char *pwd, size_t pwdlen,
nexpaq 0:6c56fb4bc5f0 137 const unsigned char *data, size_t len,
nexpaq 0:6c56fb4bc5f0 138 unsigned char *output )
nexpaq 0:6c56fb4bc5f0 139 {
nexpaq 0:6c56fb4bc5f0 140 #if !defined(MBEDTLS_ARC4_C)
nexpaq 0:6c56fb4bc5f0 141 ((void) pbe_params);
nexpaq 0:6c56fb4bc5f0 142 ((void) mode);
nexpaq 0:6c56fb4bc5f0 143 ((void) pwd);
nexpaq 0:6c56fb4bc5f0 144 ((void) pwdlen);
nexpaq 0:6c56fb4bc5f0 145 ((void) data);
nexpaq 0:6c56fb4bc5f0 146 ((void) len);
nexpaq 0:6c56fb4bc5f0 147 ((void) output);
nexpaq 0:6c56fb4bc5f0 148 return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
nexpaq 0:6c56fb4bc5f0 149 #else
nexpaq 0:6c56fb4bc5f0 150 int ret;
nexpaq 0:6c56fb4bc5f0 151 unsigned char key[16];
nexpaq 0:6c56fb4bc5f0 152 mbedtls_arc4_context ctx;
nexpaq 0:6c56fb4bc5f0 153 ((void) mode);
nexpaq 0:6c56fb4bc5f0 154
nexpaq 0:6c56fb4bc5f0 155 mbedtls_arc4_init( &ctx );
nexpaq 0:6c56fb4bc5f0 156
nexpaq 0:6c56fb4bc5f0 157 if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, MBEDTLS_MD_SHA1,
nexpaq 0:6c56fb4bc5f0 158 pwd, pwdlen,
nexpaq 0:6c56fb4bc5f0 159 key, 16, NULL, 0 ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 160 {
nexpaq 0:6c56fb4bc5f0 161 return( ret );
nexpaq 0:6c56fb4bc5f0 162 }
nexpaq 0:6c56fb4bc5f0 163
nexpaq 0:6c56fb4bc5f0 164 mbedtls_arc4_setup( &ctx, key, 16 );
nexpaq 0:6c56fb4bc5f0 165 if( ( ret = mbedtls_arc4_crypt( &ctx, len, data, output ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 166 goto exit;
nexpaq 0:6c56fb4bc5f0 167
nexpaq 0:6c56fb4bc5f0 168 exit:
nexpaq 0:6c56fb4bc5f0 169 mbedtls_zeroize( key, sizeof( key ) );
nexpaq 0:6c56fb4bc5f0 170 mbedtls_arc4_free( &ctx );
nexpaq 0:6c56fb4bc5f0 171
nexpaq 0:6c56fb4bc5f0 172 return( ret );
nexpaq 0:6c56fb4bc5f0 173 #endif /* MBEDTLS_ARC4_C */
nexpaq 0:6c56fb4bc5f0 174 }
nexpaq 0:6c56fb4bc5f0 175
nexpaq 0:6c56fb4bc5f0 176 int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
nexpaq 0:6c56fb4bc5f0 177 mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
nexpaq 0:6c56fb4bc5f0 178 const unsigned char *pwd, size_t pwdlen,
nexpaq 0:6c56fb4bc5f0 179 const unsigned char *data, size_t len,
nexpaq 0:6c56fb4bc5f0 180 unsigned char *output )
nexpaq 0:6c56fb4bc5f0 181 {
nexpaq 0:6c56fb4bc5f0 182 int ret, keylen = 0;
nexpaq 0:6c56fb4bc5f0 183 unsigned char key[32];
nexpaq 0:6c56fb4bc5f0 184 unsigned char iv[16];
nexpaq 0:6c56fb4bc5f0 185 const mbedtls_cipher_info_t *cipher_info;
nexpaq 0:6c56fb4bc5f0 186 mbedtls_cipher_context_t cipher_ctx;
nexpaq 0:6c56fb4bc5f0 187 size_t olen = 0;
nexpaq 0:6c56fb4bc5f0 188
nexpaq 0:6c56fb4bc5f0 189 cipher_info = mbedtls_cipher_info_from_type( cipher_type );
nexpaq 0:6c56fb4bc5f0 190 if( cipher_info == NULL )
nexpaq 0:6c56fb4bc5f0 191 return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
nexpaq 0:6c56fb4bc5f0 192
nexpaq 0:6c56fb4bc5f0 193 keylen = cipher_info->key_bitlen / 8;
nexpaq 0:6c56fb4bc5f0 194
nexpaq 0:6c56fb4bc5f0 195 if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, md_type, pwd, pwdlen,
nexpaq 0:6c56fb4bc5f0 196 key, keylen,
nexpaq 0:6c56fb4bc5f0 197 iv, cipher_info->iv_size ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 198 {
nexpaq 0:6c56fb4bc5f0 199 return( ret );
nexpaq 0:6c56fb4bc5f0 200 }
nexpaq 0:6c56fb4bc5f0 201
nexpaq 0:6c56fb4bc5f0 202 mbedtls_cipher_init( &cipher_ctx );
nexpaq 0:6c56fb4bc5f0 203
nexpaq 0:6c56fb4bc5f0 204 if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 205 goto exit;
nexpaq 0:6c56fb4bc5f0 206
nexpaq 0:6c56fb4bc5f0 207 if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, (mbedtls_operation_t) mode ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 208 goto exit;
nexpaq 0:6c56fb4bc5f0 209
nexpaq 0:6c56fb4bc5f0 210 if( ( ret = mbedtls_cipher_set_iv( &cipher_ctx, iv, cipher_info->iv_size ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 211 goto exit;
nexpaq 0:6c56fb4bc5f0 212
nexpaq 0:6c56fb4bc5f0 213 if( ( ret = mbedtls_cipher_reset( &cipher_ctx ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 214 goto exit;
nexpaq 0:6c56fb4bc5f0 215
nexpaq 0:6c56fb4bc5f0 216 if( ( ret = mbedtls_cipher_update( &cipher_ctx, data, len,
nexpaq 0:6c56fb4bc5f0 217 output, &olen ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 218 {
nexpaq 0:6c56fb4bc5f0 219 goto exit;
nexpaq 0:6c56fb4bc5f0 220 }
nexpaq 0:6c56fb4bc5f0 221
nexpaq 0:6c56fb4bc5f0 222 if( ( ret = mbedtls_cipher_finish( &cipher_ctx, output + olen, &olen ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 223 ret = MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH;
nexpaq 0:6c56fb4bc5f0 224
nexpaq 0:6c56fb4bc5f0 225 exit:
nexpaq 0:6c56fb4bc5f0 226 mbedtls_zeroize( key, sizeof( key ) );
nexpaq 0:6c56fb4bc5f0 227 mbedtls_zeroize( iv, sizeof( iv ) );
nexpaq 0:6c56fb4bc5f0 228 mbedtls_cipher_free( &cipher_ctx );
nexpaq 0:6c56fb4bc5f0 229
nexpaq 0:6c56fb4bc5f0 230 return( ret );
nexpaq 0:6c56fb4bc5f0 231 }
nexpaq 0:6c56fb4bc5f0 232
nexpaq 0:6c56fb4bc5f0 233 static void pkcs12_fill_buffer( unsigned char *data, size_t data_len,
nexpaq 0:6c56fb4bc5f0 234 const unsigned char *filler, size_t fill_len )
nexpaq 0:6c56fb4bc5f0 235 {
nexpaq 0:6c56fb4bc5f0 236 unsigned char *p = data;
nexpaq 0:6c56fb4bc5f0 237 size_t use_len;
nexpaq 0:6c56fb4bc5f0 238
nexpaq 0:6c56fb4bc5f0 239 while( data_len > 0 )
nexpaq 0:6c56fb4bc5f0 240 {
nexpaq 0:6c56fb4bc5f0 241 use_len = ( data_len > fill_len ) ? fill_len : data_len;
nexpaq 0:6c56fb4bc5f0 242 memcpy( p, filler, use_len );
nexpaq 0:6c56fb4bc5f0 243 p += use_len;
nexpaq 0:6c56fb4bc5f0 244 data_len -= use_len;
nexpaq 0:6c56fb4bc5f0 245 }
nexpaq 0:6c56fb4bc5f0 246 }
nexpaq 0:6c56fb4bc5f0 247
nexpaq 0:6c56fb4bc5f0 248 int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
nexpaq 0:6c56fb4bc5f0 249 const unsigned char *pwd, size_t pwdlen,
nexpaq 0:6c56fb4bc5f0 250 const unsigned char *salt, size_t saltlen,
nexpaq 0:6c56fb4bc5f0 251 mbedtls_md_type_t md_type, int id, int iterations )
nexpaq 0:6c56fb4bc5f0 252 {
nexpaq 0:6c56fb4bc5f0 253 int ret;
nexpaq 0:6c56fb4bc5f0 254 unsigned int j;
nexpaq 0:6c56fb4bc5f0 255
nexpaq 0:6c56fb4bc5f0 256 unsigned char diversifier[128];
nexpaq 0:6c56fb4bc5f0 257 unsigned char salt_block[128], pwd_block[128], hash_block[128];
nexpaq 0:6c56fb4bc5f0 258 unsigned char hash_output[MBEDTLS_MD_MAX_SIZE];
nexpaq 0:6c56fb4bc5f0 259 unsigned char *p;
nexpaq 0:6c56fb4bc5f0 260 unsigned char c;
nexpaq 0:6c56fb4bc5f0 261
nexpaq 0:6c56fb4bc5f0 262 size_t hlen, use_len, v, i;
nexpaq 0:6c56fb4bc5f0 263
nexpaq 0:6c56fb4bc5f0 264 const mbedtls_md_info_t *md_info;
nexpaq 0:6c56fb4bc5f0 265 mbedtls_md_context_t md_ctx;
nexpaq 0:6c56fb4bc5f0 266
nexpaq 0:6c56fb4bc5f0 267 // This version only allows max of 64 bytes of password or salt
nexpaq 0:6c56fb4bc5f0 268 if( datalen > 128 || pwdlen > 64 || saltlen > 64 )
nexpaq 0:6c56fb4bc5f0 269 return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA );
nexpaq 0:6c56fb4bc5f0 270
nexpaq 0:6c56fb4bc5f0 271 md_info = mbedtls_md_info_from_type( md_type );
nexpaq 0:6c56fb4bc5f0 272 if( md_info == NULL )
nexpaq 0:6c56fb4bc5f0 273 return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
nexpaq 0:6c56fb4bc5f0 274
nexpaq 0:6c56fb4bc5f0 275 mbedtls_md_init( &md_ctx );
nexpaq 0:6c56fb4bc5f0 276
nexpaq 0:6c56fb4bc5f0 277 if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 278 return( ret );
nexpaq 0:6c56fb4bc5f0 279 hlen = mbedtls_md_get_size( md_info );
nexpaq 0:6c56fb4bc5f0 280
nexpaq 0:6c56fb4bc5f0 281 if( hlen <= 32 )
nexpaq 0:6c56fb4bc5f0 282 v = 64;
nexpaq 0:6c56fb4bc5f0 283 else
nexpaq 0:6c56fb4bc5f0 284 v = 128;
nexpaq 0:6c56fb4bc5f0 285
nexpaq 0:6c56fb4bc5f0 286 memset( diversifier, (unsigned char) id, v );
nexpaq 0:6c56fb4bc5f0 287
nexpaq 0:6c56fb4bc5f0 288 pkcs12_fill_buffer( salt_block, v, salt, saltlen );
nexpaq 0:6c56fb4bc5f0 289 pkcs12_fill_buffer( pwd_block, v, pwd, pwdlen );
nexpaq 0:6c56fb4bc5f0 290
nexpaq 0:6c56fb4bc5f0 291 p = data;
nexpaq 0:6c56fb4bc5f0 292 while( datalen > 0 )
nexpaq 0:6c56fb4bc5f0 293 {
nexpaq 0:6c56fb4bc5f0 294 // Calculate hash( diversifier || salt_block || pwd_block )
nexpaq 0:6c56fb4bc5f0 295 if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 296 goto exit;
nexpaq 0:6c56fb4bc5f0 297
nexpaq 0:6c56fb4bc5f0 298 if( ( ret = mbedtls_md_update( &md_ctx, diversifier, v ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 299 goto exit;
nexpaq 0:6c56fb4bc5f0 300
nexpaq 0:6c56fb4bc5f0 301 if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 302 goto exit;
nexpaq 0:6c56fb4bc5f0 303
nexpaq 0:6c56fb4bc5f0 304 if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 305 goto exit;
nexpaq 0:6c56fb4bc5f0 306
nexpaq 0:6c56fb4bc5f0 307 if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 308 goto exit;
nexpaq 0:6c56fb4bc5f0 309
nexpaq 0:6c56fb4bc5f0 310 // Perform remaining ( iterations - 1 ) recursive hash calculations
nexpaq 0:6c56fb4bc5f0 311 for( i = 1; i < (size_t) iterations; i++ )
nexpaq 0:6c56fb4bc5f0 312 {
nexpaq 0:6c56fb4bc5f0 313 if( ( ret = mbedtls_md( md_info, hash_output, hlen, hash_output ) ) != 0 )
nexpaq 0:6c56fb4bc5f0 314 goto exit;
nexpaq 0:6c56fb4bc5f0 315 }
nexpaq 0:6c56fb4bc5f0 316
nexpaq 0:6c56fb4bc5f0 317 use_len = ( datalen > hlen ) ? hlen : datalen;
nexpaq 0:6c56fb4bc5f0 318 memcpy( p, hash_output, use_len );
nexpaq 0:6c56fb4bc5f0 319 datalen -= use_len;
nexpaq 0:6c56fb4bc5f0 320 p += use_len;
nexpaq 0:6c56fb4bc5f0 321
nexpaq 0:6c56fb4bc5f0 322 if( datalen == 0 )
nexpaq 0:6c56fb4bc5f0 323 break;
nexpaq 0:6c56fb4bc5f0 324
nexpaq 0:6c56fb4bc5f0 325 // Concatenating copies of hash_output into hash_block (B)
nexpaq 0:6c56fb4bc5f0 326 pkcs12_fill_buffer( hash_block, v, hash_output, hlen );
nexpaq 0:6c56fb4bc5f0 327
nexpaq 0:6c56fb4bc5f0 328 // B += 1
nexpaq 0:6c56fb4bc5f0 329 for( i = v; i > 0; i-- )
nexpaq 0:6c56fb4bc5f0 330 if( ++hash_block[i - 1] != 0 )
nexpaq 0:6c56fb4bc5f0 331 break;
nexpaq 0:6c56fb4bc5f0 332
nexpaq 0:6c56fb4bc5f0 333 // salt_block += B
nexpaq 0:6c56fb4bc5f0 334 c = 0;
nexpaq 0:6c56fb4bc5f0 335 for( i = v; i > 0; i-- )
nexpaq 0:6c56fb4bc5f0 336 {
nexpaq 0:6c56fb4bc5f0 337 j = salt_block[i - 1] + hash_block[i - 1] + c;
nexpaq 0:6c56fb4bc5f0 338 c = (unsigned char) (j >> 8);
nexpaq 0:6c56fb4bc5f0 339 salt_block[i - 1] = j & 0xFF;
nexpaq 0:6c56fb4bc5f0 340 }
nexpaq 0:6c56fb4bc5f0 341
nexpaq 0:6c56fb4bc5f0 342 // pwd_block += B
nexpaq 0:6c56fb4bc5f0 343 c = 0;
nexpaq 0:6c56fb4bc5f0 344 for( i = v; i > 0; i-- )
nexpaq 0:6c56fb4bc5f0 345 {
nexpaq 0:6c56fb4bc5f0 346 j = pwd_block[i - 1] + hash_block[i - 1] + c;
nexpaq 0:6c56fb4bc5f0 347 c = (unsigned char) (j >> 8);
nexpaq 0:6c56fb4bc5f0 348 pwd_block[i - 1] = j & 0xFF;
nexpaq 0:6c56fb4bc5f0 349 }
nexpaq 0:6c56fb4bc5f0 350 }
nexpaq 0:6c56fb4bc5f0 351
nexpaq 0:6c56fb4bc5f0 352 ret = 0;
nexpaq 0:6c56fb4bc5f0 353
nexpaq 0:6c56fb4bc5f0 354 exit:
nexpaq 0:6c56fb4bc5f0 355 mbedtls_zeroize( salt_block, sizeof( salt_block ) );
nexpaq 0:6c56fb4bc5f0 356 mbedtls_zeroize( pwd_block, sizeof( pwd_block ) );
nexpaq 0:6c56fb4bc5f0 357 mbedtls_zeroize( hash_block, sizeof( hash_block ) );
nexpaq 0:6c56fb4bc5f0 358 mbedtls_zeroize( hash_output, sizeof( hash_output ) );
nexpaq 0:6c56fb4bc5f0 359
nexpaq 0:6c56fb4bc5f0 360 mbedtls_md_free( &md_ctx );
nexpaq 0:6c56fb4bc5f0 361
nexpaq 0:6c56fb4bc5f0 362 return( ret );
nexpaq 0:6c56fb4bc5f0 363 }
nexpaq 0:6c56fb4bc5f0 364
nexpaq 0:6c56fb4bc5f0 365 #endif /* MBEDTLS_PKCS12_C */