Nitin Shukla / LED_Demo

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Dependencies:   MAX44000 nexpaq_mdk

Fork of LED_Demo by Maxim nexpaq

mbd_os/features/mbedtls/src/pkcs12.c@1:55a6170b404f, 2016-09-17 (annotated)

Committer:
nexpaq
Date:
Sat Sep 17 16:32:05 2016 +0000
Revision:
1:55a6170b404f
checking in for sharing

Who changed what in which revision?

UserRevisionLine numberNew contents of line
nexpaq 1:55a6170b404f 1 /*
nexpaq 1:55a6170b404f 2 * PKCS#12 Personal Information Exchange Syntax
nexpaq 1:55a6170b404f 3 *
nexpaq 1:55a6170b404f 4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
nexpaq 1:55a6170b404f 5 * SPDX-License-Identifier: Apache-2.0
nexpaq 1:55a6170b404f 6 *
nexpaq 1:55a6170b404f 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
nexpaq 1:55a6170b404f 8 * not use this file except in compliance with the License.
nexpaq 1:55a6170b404f 9 * You may obtain a copy of the License at
nexpaq 1:55a6170b404f 10 *
nexpaq 1:55a6170b404f 11 * http://www.apache.org/licenses/LICENSE-2.0
nexpaq 1:55a6170b404f 12 *
nexpaq 1:55a6170b404f 13 * Unless required by applicable law or agreed to in writing, software
nexpaq 1:55a6170b404f 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
nexpaq 1:55a6170b404f 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
nexpaq 1:55a6170b404f 16 * See the License for the specific language governing permissions and
nexpaq 1:55a6170b404f 17 * limitations under the License.
nexpaq 1:55a6170b404f 18 *
nexpaq 1:55a6170b404f 19 * This file is part of mbed TLS (https://tls.mbed.org)
nexpaq 1:55a6170b404f 20 */
nexpaq 1:55a6170b404f 21 /*
nexpaq 1:55a6170b404f 22 * The PKCS #12 Personal Information Exchange Syntax Standard v1.1
nexpaq 1:55a6170b404f 23 *
nexpaq 1:55a6170b404f 24 * http://www.rsa.com/rsalabs/pkcs/files/h11301-wp-pkcs-12v1-1-personal-information-exchange-syntax.pdf
nexpaq 1:55a6170b404f 25 * ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1-1.asn
nexpaq 1:55a6170b404f 26 */
nexpaq 1:55a6170b404f 27
nexpaq 1:55a6170b404f 28 #if !defined(MBEDTLS_CONFIG_FILE)
nexpaq 1:55a6170b404f 29 #include "mbedtls/config.h"
nexpaq 1:55a6170b404f 30 #else
nexpaq 1:55a6170b404f 31 #include MBEDTLS_CONFIG_FILE
nexpaq 1:55a6170b404f 32 #endif
nexpaq 1:55a6170b404f 33
nexpaq 1:55a6170b404f 34 #if defined(MBEDTLS_PKCS12_C)
nexpaq 1:55a6170b404f 35
nexpaq 1:55a6170b404f 36 #include "mbedtls/pkcs12.h"
nexpaq 1:55a6170b404f 37 #include "mbedtls/asn1.h"
nexpaq 1:55a6170b404f 38 #include "mbedtls/cipher.h"
nexpaq 1:55a6170b404f 39
nexpaq 1:55a6170b404f 40 #include <string.h>
nexpaq 1:55a6170b404f 41
nexpaq 1:55a6170b404f 42 #if defined(MBEDTLS_ARC4_C)
nexpaq 1:55a6170b404f 43 #include "mbedtls/arc4.h"
nexpaq 1:55a6170b404f 44 #endif
nexpaq 1:55a6170b404f 45
nexpaq 1:55a6170b404f 46 #if defined(MBEDTLS_DES_C)
nexpaq 1:55a6170b404f 47 #include "mbedtls/des.h"
nexpaq 1:55a6170b404f 48 #endif
nexpaq 1:55a6170b404f 49
nexpaq 1:55a6170b404f 50 /* Implementation that should never be optimized out by the compiler */
nexpaq 1:55a6170b404f 51 static void mbedtls_zeroize( void *v, size_t n ) {
nexpaq 1:55a6170b404f 52 volatile unsigned char *p = v; while( n-- ) *p++ = 0;
nexpaq 1:55a6170b404f 53 }
nexpaq 1:55a6170b404f 54
nexpaq 1:55a6170b404f 55 static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params,
nexpaq 1:55a6170b404f 56 mbedtls_asn1_buf *salt, int *iterations )
nexpaq 1:55a6170b404f 57 {
nexpaq 1:55a6170b404f 58 int ret;
nexpaq 1:55a6170b404f 59 unsigned char **p = &params->p;
nexpaq 1:55a6170b404f 60 const unsigned char *end = params->p + params->len;
nexpaq 1:55a6170b404f 61
nexpaq 1:55a6170b404f 62 /*
nexpaq 1:55a6170b404f 63 * pkcs-12PbeParams ::= SEQUENCE {
nexpaq 1:55a6170b404f 64 * salt OCTET STRING,
nexpaq 1:55a6170b404f 65 * iterations INTEGER
nexpaq 1:55a6170b404f 66 * }
nexpaq 1:55a6170b404f 67 *
nexpaq 1:55a6170b404f 68 */
nexpaq 1:55a6170b404f 69 if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
nexpaq 1:55a6170b404f 70 return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT +
nexpaq 1:55a6170b404f 71 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
nexpaq 1:55a6170b404f 72
nexpaq 1:55a6170b404f 73 if( ( ret = mbedtls_asn1_get_tag( p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
nexpaq 1:55a6170b404f 74 return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret );
nexpaq 1:55a6170b404f 75
nexpaq 1:55a6170b404f 76 salt->p = *p;
nexpaq 1:55a6170b404f 77 *p += salt->len;
nexpaq 1:55a6170b404f 78
nexpaq 1:55a6170b404f 79 if( ( ret = mbedtls_asn1_get_int( p, end, iterations ) ) != 0 )
nexpaq 1:55a6170b404f 80 return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret );
nexpaq 1:55a6170b404f 81
nexpaq 1:55a6170b404f 82 if( *p != end )
nexpaq 1:55a6170b404f 83 return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT +
nexpaq 1:55a6170b404f 84 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
nexpaq 1:55a6170b404f 85
nexpaq 1:55a6170b404f 86 return( 0 );
nexpaq 1:55a6170b404f 87 }
nexpaq 1:55a6170b404f 88
nexpaq 1:55a6170b404f 89 #define PKCS12_MAX_PWDLEN 128
nexpaq 1:55a6170b404f 90
nexpaq 1:55a6170b404f 91 static int pkcs12_pbe_derive_key_iv( mbedtls_asn1_buf *pbe_params, mbedtls_md_type_t md_type,
nexpaq 1:55a6170b404f 92 const unsigned char *pwd, size_t pwdlen,
nexpaq 1:55a6170b404f 93 unsigned char *key, size_t keylen,
nexpaq 1:55a6170b404f 94 unsigned char *iv, size_t ivlen )
nexpaq 1:55a6170b404f 95 {
nexpaq 1:55a6170b404f 96 int ret, iterations = 0;
nexpaq 1:55a6170b404f 97 mbedtls_asn1_buf salt;
nexpaq 1:55a6170b404f 98 size_t i;
nexpaq 1:55a6170b404f 99 unsigned char unipwd[PKCS12_MAX_PWDLEN * 2 + 2];
nexpaq 1:55a6170b404f 100
nexpaq 1:55a6170b404f 101 if( pwdlen > PKCS12_MAX_PWDLEN )
nexpaq 1:55a6170b404f 102 return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA );
nexpaq 1:55a6170b404f 103
nexpaq 1:55a6170b404f 104 memset( &salt, 0, sizeof(mbedtls_asn1_buf) );
nexpaq 1:55a6170b404f 105 memset( &unipwd, 0, sizeof(unipwd) );
nexpaq 1:55a6170b404f 106
nexpaq 1:55a6170b404f 107 if( ( ret = pkcs12_parse_pbe_params( pbe_params, &salt,
nexpaq 1:55a6170b404f 108 &iterations ) ) != 0 )
nexpaq 1:55a6170b404f 109 return( ret );
nexpaq 1:55a6170b404f 110
nexpaq 1:55a6170b404f 111 for( i = 0; i < pwdlen; i++ )
nexpaq 1:55a6170b404f 112 unipwd[i * 2 + 1] = pwd[i];
nexpaq 1:55a6170b404f 113
nexpaq 1:55a6170b404f 114 if( ( ret = mbedtls_pkcs12_derivation( key, keylen, unipwd, pwdlen * 2 + 2,
nexpaq 1:55a6170b404f 115 salt.p, salt.len, md_type,
nexpaq 1:55a6170b404f 116 MBEDTLS_PKCS12_DERIVE_KEY, iterations ) ) != 0 )
nexpaq 1:55a6170b404f 117 {
nexpaq 1:55a6170b404f 118 return( ret );
nexpaq 1:55a6170b404f 119 }
nexpaq 1:55a6170b404f 120
nexpaq 1:55a6170b404f 121 if( iv == NULL || ivlen == 0 )
nexpaq 1:55a6170b404f 122 return( 0 );
nexpaq 1:55a6170b404f 123
nexpaq 1:55a6170b404f 124 if( ( ret = mbedtls_pkcs12_derivation( iv, ivlen, unipwd, pwdlen * 2 + 2,
nexpaq 1:55a6170b404f 125 salt.p, salt.len, md_type,
nexpaq 1:55a6170b404f 126 MBEDTLS_PKCS12_DERIVE_IV, iterations ) ) != 0 )
nexpaq 1:55a6170b404f 127 {
nexpaq 1:55a6170b404f 128 return( ret );
nexpaq 1:55a6170b404f 129 }
nexpaq 1:55a6170b404f 130 return( 0 );
nexpaq 1:55a6170b404f 131 }
nexpaq 1:55a6170b404f 132
nexpaq 1:55a6170b404f 133 #undef PKCS12_MAX_PWDLEN
nexpaq 1:55a6170b404f 134
nexpaq 1:55a6170b404f 135 int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
nexpaq 1:55a6170b404f 136 const unsigned char *pwd, size_t pwdlen,
nexpaq 1:55a6170b404f 137 const unsigned char *data, size_t len,
nexpaq 1:55a6170b404f 138 unsigned char *output )
nexpaq 1:55a6170b404f 139 {
nexpaq 1:55a6170b404f 140 #if !defined(MBEDTLS_ARC4_C)
nexpaq 1:55a6170b404f 141 ((void) pbe_params);
nexpaq 1:55a6170b404f 142 ((void) mode);
nexpaq 1:55a6170b404f 143 ((void) pwd);
nexpaq 1:55a6170b404f 144 ((void) pwdlen);
nexpaq 1:55a6170b404f 145 ((void) data);
nexpaq 1:55a6170b404f 146 ((void) len);
nexpaq 1:55a6170b404f 147 ((void) output);
nexpaq 1:55a6170b404f 148 return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
nexpaq 1:55a6170b404f 149 #else
nexpaq 1:55a6170b404f 150 int ret;
nexpaq 1:55a6170b404f 151 unsigned char key[16];
nexpaq 1:55a6170b404f 152 mbedtls_arc4_context ctx;
nexpaq 1:55a6170b404f 153 ((void) mode);
nexpaq 1:55a6170b404f 154
nexpaq 1:55a6170b404f 155 mbedtls_arc4_init( &ctx );
nexpaq 1:55a6170b404f 156
nexpaq 1:55a6170b404f 157 if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, MBEDTLS_MD_SHA1,
nexpaq 1:55a6170b404f 158 pwd, pwdlen,
nexpaq 1:55a6170b404f 159 key, 16, NULL, 0 ) ) != 0 )
nexpaq 1:55a6170b404f 160 {
nexpaq 1:55a6170b404f 161 return( ret );
nexpaq 1:55a6170b404f 162 }
nexpaq 1:55a6170b404f 163
nexpaq 1:55a6170b404f 164 mbedtls_arc4_setup( &ctx, key, 16 );
nexpaq 1:55a6170b404f 165 if( ( ret = mbedtls_arc4_crypt( &ctx, len, data, output ) ) != 0 )
nexpaq 1:55a6170b404f 166 goto exit;
nexpaq 1:55a6170b404f 167
nexpaq 1:55a6170b404f 168 exit:
nexpaq 1:55a6170b404f 169 mbedtls_zeroize( key, sizeof( key ) );
nexpaq 1:55a6170b404f 170 mbedtls_arc4_free( &ctx );
nexpaq 1:55a6170b404f 171
nexpaq 1:55a6170b404f 172 return( ret );
nexpaq 1:55a6170b404f 173 #endif /* MBEDTLS_ARC4_C */
nexpaq 1:55a6170b404f 174 }
nexpaq 1:55a6170b404f 175
nexpaq 1:55a6170b404f 176 int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
nexpaq 1:55a6170b404f 177 mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
nexpaq 1:55a6170b404f 178 const unsigned char *pwd, size_t pwdlen,
nexpaq 1:55a6170b404f 179 const unsigned char *data, size_t len,
nexpaq 1:55a6170b404f 180 unsigned char *output )
nexpaq 1:55a6170b404f 181 {
nexpaq 1:55a6170b404f 182 int ret, keylen = 0;
nexpaq 1:55a6170b404f 183 unsigned char key[32];
nexpaq 1:55a6170b404f 184 unsigned char iv[16];
nexpaq 1:55a6170b404f 185 const mbedtls_cipher_info_t *cipher_info;
nexpaq 1:55a6170b404f 186 mbedtls_cipher_context_t cipher_ctx;
nexpaq 1:55a6170b404f 187 size_t olen = 0;
nexpaq 1:55a6170b404f 188
nexpaq 1:55a6170b404f 189 cipher_info = mbedtls_cipher_info_from_type( cipher_type );
nexpaq 1:55a6170b404f 190 if( cipher_info == NULL )
nexpaq 1:55a6170b404f 191 return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
nexpaq 1:55a6170b404f 192
nexpaq 1:55a6170b404f 193 keylen = cipher_info->key_bitlen / 8;
nexpaq 1:55a6170b404f 194
nexpaq 1:55a6170b404f 195 if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, md_type, pwd, pwdlen,
nexpaq 1:55a6170b404f 196 key, keylen,
nexpaq 1:55a6170b404f 197 iv, cipher_info->iv_size ) ) != 0 )
nexpaq 1:55a6170b404f 198 {
nexpaq 1:55a6170b404f 199 return( ret );
nexpaq 1:55a6170b404f 200 }
nexpaq 1:55a6170b404f 201
nexpaq 1:55a6170b404f 202 mbedtls_cipher_init( &cipher_ctx );
nexpaq 1:55a6170b404f 203
nexpaq 1:55a6170b404f 204 if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 )
nexpaq 1:55a6170b404f 205 goto exit;
nexpaq 1:55a6170b404f 206
nexpaq 1:55a6170b404f 207 if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, (mbedtls_operation_t) mode ) ) != 0 )
nexpaq 1:55a6170b404f 208 goto exit;
nexpaq 1:55a6170b404f 209
nexpaq 1:55a6170b404f 210 if( ( ret = mbedtls_cipher_set_iv( &cipher_ctx, iv, cipher_info->iv_size ) ) != 0 )
nexpaq 1:55a6170b404f 211 goto exit;
nexpaq 1:55a6170b404f 212
nexpaq 1:55a6170b404f 213 if( ( ret = mbedtls_cipher_reset( &cipher_ctx ) ) != 0 )
nexpaq 1:55a6170b404f 214 goto exit;
nexpaq 1:55a6170b404f 215
nexpaq 1:55a6170b404f 216 if( ( ret = mbedtls_cipher_update( &cipher_ctx, data, len,
nexpaq 1:55a6170b404f 217 output, &olen ) ) != 0 )
nexpaq 1:55a6170b404f 218 {
nexpaq 1:55a6170b404f 219 goto exit;
nexpaq 1:55a6170b404f 220 }
nexpaq 1:55a6170b404f 221
nexpaq 1:55a6170b404f 222 if( ( ret = mbedtls_cipher_finish( &cipher_ctx, output + olen, &olen ) ) != 0 )
nexpaq 1:55a6170b404f 223 ret = MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH;
nexpaq 1:55a6170b404f 224
nexpaq 1:55a6170b404f 225 exit:
nexpaq 1:55a6170b404f 226 mbedtls_zeroize( key, sizeof( key ) );
nexpaq 1:55a6170b404f 227 mbedtls_zeroize( iv, sizeof( iv ) );
nexpaq 1:55a6170b404f 228 mbedtls_cipher_free( &cipher_ctx );
nexpaq 1:55a6170b404f 229
nexpaq 1:55a6170b404f 230 return( ret );
nexpaq 1:55a6170b404f 231 }
nexpaq 1:55a6170b404f 232
nexpaq 1:55a6170b404f 233 static void pkcs12_fill_buffer( unsigned char *data, size_t data_len,
nexpaq 1:55a6170b404f 234 const unsigned char *filler, size_t fill_len )
nexpaq 1:55a6170b404f 235 {
nexpaq 1:55a6170b404f 236 unsigned char *p = data;
nexpaq 1:55a6170b404f 237 size_t use_len;
nexpaq 1:55a6170b404f 238
nexpaq 1:55a6170b404f 239 while( data_len > 0 )
nexpaq 1:55a6170b404f 240 {
nexpaq 1:55a6170b404f 241 use_len = ( data_len > fill_len ) ? fill_len : data_len;
nexpaq 1:55a6170b404f 242 memcpy( p, filler, use_len );
nexpaq 1:55a6170b404f 243 p += use_len;
nexpaq 1:55a6170b404f 244 data_len -= use_len;
nexpaq 1:55a6170b404f 245 }
nexpaq 1:55a6170b404f 246 }
nexpaq 1:55a6170b404f 247
nexpaq 1:55a6170b404f 248 int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
nexpaq 1:55a6170b404f 249 const unsigned char *pwd, size_t pwdlen,
nexpaq 1:55a6170b404f 250 const unsigned char *salt, size_t saltlen,
nexpaq 1:55a6170b404f 251 mbedtls_md_type_t md_type, int id, int iterations )
nexpaq 1:55a6170b404f 252 {
nexpaq 1:55a6170b404f 253 int ret;
nexpaq 1:55a6170b404f 254 unsigned int j;
nexpaq 1:55a6170b404f 255
nexpaq 1:55a6170b404f 256 unsigned char diversifier[128];
nexpaq 1:55a6170b404f 257 unsigned char salt_block[128], pwd_block[128], hash_block[128];
nexpaq 1:55a6170b404f 258 unsigned char hash_output[MBEDTLS_MD_MAX_SIZE];
nexpaq 1:55a6170b404f 259 unsigned char *p;
nexpaq 1:55a6170b404f 260 unsigned char c;
nexpaq 1:55a6170b404f 261
nexpaq 1:55a6170b404f 262 size_t hlen, use_len, v, i;
nexpaq 1:55a6170b404f 263
nexpaq 1:55a6170b404f 264 const mbedtls_md_info_t *md_info;
nexpaq 1:55a6170b404f 265 mbedtls_md_context_t md_ctx;
nexpaq 1:55a6170b404f 266
nexpaq 1:55a6170b404f 267 // This version only allows max of 64 bytes of password or salt
nexpaq 1:55a6170b404f 268 if( datalen > 128 || pwdlen > 64 || saltlen > 64 )
nexpaq 1:55a6170b404f 269 return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA );
nexpaq 1:55a6170b404f 270
nexpaq 1:55a6170b404f 271 md_info = mbedtls_md_info_from_type( md_type );
nexpaq 1:55a6170b404f 272 if( md_info == NULL )
nexpaq 1:55a6170b404f 273 return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
nexpaq 1:55a6170b404f 274
nexpaq 1:55a6170b404f 275 mbedtls_md_init( &md_ctx );
nexpaq 1:55a6170b404f 276
nexpaq 1:55a6170b404f 277 if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
nexpaq 1:55a6170b404f 278 return( ret );
nexpaq 1:55a6170b404f 279 hlen = mbedtls_md_get_size( md_info );
nexpaq 1:55a6170b404f 280
nexpaq 1:55a6170b404f 281 if( hlen <= 32 )
nexpaq 1:55a6170b404f 282 v = 64;
nexpaq 1:55a6170b404f 283 else
nexpaq 1:55a6170b404f 284 v = 128;
nexpaq 1:55a6170b404f 285
nexpaq 1:55a6170b404f 286 memset( diversifier, (unsigned char) id, v );
nexpaq 1:55a6170b404f 287
nexpaq 1:55a6170b404f 288 pkcs12_fill_buffer( salt_block, v, salt, saltlen );
nexpaq 1:55a6170b404f 289 pkcs12_fill_buffer( pwd_block, v, pwd, pwdlen );
nexpaq 1:55a6170b404f 290
nexpaq 1:55a6170b404f 291 p = data;
nexpaq 1:55a6170b404f 292 while( datalen > 0 )
nexpaq 1:55a6170b404f 293 {
nexpaq 1:55a6170b404f 294 // Calculate hash( diversifier || salt_block || pwd_block )
nexpaq 1:55a6170b404f 295 if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 )
nexpaq 1:55a6170b404f 296 goto exit;
nexpaq 1:55a6170b404f 297
nexpaq 1:55a6170b404f 298 if( ( ret = mbedtls_md_update( &md_ctx, diversifier, v ) ) != 0 )
nexpaq 1:55a6170b404f 299 goto exit;
nexpaq 1:55a6170b404f 300
nexpaq 1:55a6170b404f 301 if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v ) ) != 0 )
nexpaq 1:55a6170b404f 302 goto exit;
nexpaq 1:55a6170b404f 303
nexpaq 1:55a6170b404f 304 if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v ) ) != 0 )
nexpaq 1:55a6170b404f 305 goto exit;
nexpaq 1:55a6170b404f 306
nexpaq 1:55a6170b404f 307 if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 )
nexpaq 1:55a6170b404f 308 goto exit;
nexpaq 1:55a6170b404f 309
nexpaq 1:55a6170b404f 310 // Perform remaining ( iterations - 1 ) recursive hash calculations
nexpaq 1:55a6170b404f 311 for( i = 1; i < (size_t) iterations; i++ )
nexpaq 1:55a6170b404f 312 {
nexpaq 1:55a6170b404f 313 if( ( ret = mbedtls_md( md_info, hash_output, hlen, hash_output ) ) != 0 )
nexpaq 1:55a6170b404f 314 goto exit;
nexpaq 1:55a6170b404f 315 }
nexpaq 1:55a6170b404f 316
nexpaq 1:55a6170b404f 317 use_len = ( datalen > hlen ) ? hlen : datalen;
nexpaq 1:55a6170b404f 318 memcpy( p, hash_output, use_len );
nexpaq 1:55a6170b404f 319 datalen -= use_len;
nexpaq 1:55a6170b404f 320 p += use_len;
nexpaq 1:55a6170b404f 321
nexpaq 1:55a6170b404f 322 if( datalen == 0 )
nexpaq 1:55a6170b404f 323 break;
nexpaq 1:55a6170b404f 324
nexpaq 1:55a6170b404f 325 // Concatenating copies of hash_output into hash_block (B)
nexpaq 1:55a6170b404f 326 pkcs12_fill_buffer( hash_block, v, hash_output, hlen );
nexpaq 1:55a6170b404f 327
nexpaq 1:55a6170b404f 328 // B += 1
nexpaq 1:55a6170b404f 329 for( i = v; i > 0; i-- )
nexpaq 1:55a6170b404f 330 if( ++hash_block[i - 1] != 0 )
nexpaq 1:55a6170b404f 331 break;
nexpaq 1:55a6170b404f 332
nexpaq 1:55a6170b404f 333 // salt_block += B
nexpaq 1:55a6170b404f 334 c = 0;
nexpaq 1:55a6170b404f 335 for( i = v; i > 0; i-- )
nexpaq 1:55a6170b404f 336 {
nexpaq 1:55a6170b404f 337 j = salt_block[i - 1] + hash_block[i - 1] + c;
nexpaq 1:55a6170b404f 338 c = (unsigned char) (j >> 8);
nexpaq 1:55a6170b404f 339 salt_block[i - 1] = j & 0xFF;
nexpaq 1:55a6170b404f 340 }
nexpaq 1:55a6170b404f 341
nexpaq 1:55a6170b404f 342 // pwd_block += B
nexpaq 1:55a6170b404f 343 c = 0;
nexpaq 1:55a6170b404f 344 for( i = v; i > 0; i-- )
nexpaq 1:55a6170b404f 345 {
nexpaq 1:55a6170b404f 346 j = pwd_block[i - 1] + hash_block[i - 1] + c;
nexpaq 1:55a6170b404f 347 c = (unsigned char) (j >> 8);
nexpaq 1:55a6170b404f 348 pwd_block[i - 1] = j & 0xFF;
nexpaq 1:55a6170b404f 349 }
nexpaq 1:55a6170b404f 350 }
nexpaq 1:55a6170b404f 351
nexpaq 1:55a6170b404f 352 ret = 0;
nexpaq 1:55a6170b404f 353
nexpaq 1:55a6170b404f 354 exit:
nexpaq 1:55a6170b404f 355 mbedtls_zeroize( salt_block, sizeof( salt_block ) );
nexpaq 1:55a6170b404f 356 mbedtls_zeroize( pwd_block, sizeof( pwd_block ) );
nexpaq 1:55a6170b404f 357 mbedtls_zeroize( hash_block, sizeof( hash_block ) );
nexpaq 1:55a6170b404f 358 mbedtls_zeroize( hash_output, sizeof( hash_output ) );
nexpaq 1:55a6170b404f 359
nexpaq 1:55a6170b404f 360 mbedtls_md_free( &md_ctx );
nexpaq 1:55a6170b404f 361
nexpaq 1:55a6170b404f 362 return( ret );
nexpaq 1:55a6170b404f 363 }
nexpaq 1:55a6170b404f 364
nexpaq 1:55a6170b404f 365 #endif /* MBEDTLS_PKCS12_C */