From e15c95ce8596bcc2a5f5e163ff78ccf469dbf994 Mon Sep 17 00:00:00 2001 From: Hubert Kario Date: Wed, 26 Jul 2017 15:05:59 +0200 Subject: [PATCH] make scrypt ASN.1 parameter functions public Since scrypt PBKDF can be used both in PKCS#5 and PKCS#12 files, do share the code between them. Reviewed-by: Richard Levitte Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/1334) --- crypto/asn1/asn1_item_list.h | 3 +++ crypto/asn1/p5_scrypt.c | 13 ++----------- include/openssl/x509.h | 13 +++++++++++++ util/libcrypto.num | 6 ++++++ 4 files changed, 24 insertions(+), 11 deletions(-) diff --git a/crypto/asn1/asn1_item_list.h b/crypto/asn1/asn1_item_list.h index 27608b788c..db8107ed1b 100644 --- a/crypto/asn1/asn1_item_list.h +++ b/crypto/asn1/asn1_item_list.h @@ -139,6 +139,9 @@ static ASN1_ITEM_EXP *asn1_item_list[] = { ASN1_ITEM_ref(RSAPublicKey), ASN1_ITEM_ref(RSA_OAEP_PARAMS), ASN1_ITEM_ref(RSA_PSS_PARAMS), +#endif +#ifndef OPENSSL_NO_SCRYPT + ASN1_ITEM_ref(SCRYPT_PARAMS), #endif ASN1_ITEM_ref(SXNETID), ASN1_ITEM_ref(SXNET), diff --git a/crypto/asn1/p5_scrypt.c b/crypto/asn1/p5_scrypt.c index 4cb7837498..c556d017f1 100644 --- a/crypto/asn1/p5_scrypt.c +++ b/crypto/asn1/p5_scrypt.c @@ -18,24 +18,15 @@ #ifndef OPENSSL_NO_SCRYPT /* PKCS#5 scrypt password based encryption structures */ -typedef struct { - ASN1_OCTET_STRING *salt; - ASN1_INTEGER *costParameter; - ASN1_INTEGER *blockSize; - ASN1_INTEGER *parallelizationParameter; - ASN1_INTEGER *keyLength; -} SCRYPT_PARAMS; - ASN1_SEQUENCE(SCRYPT_PARAMS) = { ASN1_SIMPLE(SCRYPT_PARAMS, salt, ASN1_OCTET_STRING), ASN1_SIMPLE(SCRYPT_PARAMS, costParameter, ASN1_INTEGER), ASN1_SIMPLE(SCRYPT_PARAMS, blockSize, ASN1_INTEGER), ASN1_SIMPLE(SCRYPT_PARAMS, parallelizationParameter, ASN1_INTEGER), ASN1_OPT(SCRYPT_PARAMS, keyLength, ASN1_INTEGER), -} static_ASN1_SEQUENCE_END(SCRYPT_PARAMS) +} ASN1_SEQUENCE_END(SCRYPT_PARAMS) -DECLARE_ASN1_ALLOC_FUNCTIONS(SCRYPT_PARAMS) -IMPLEMENT_ASN1_ALLOC_FUNCTIONS(SCRYPT_PARAMS) +IMPLEMENT_ASN1_FUNCTIONS(SCRYPT_PARAMS) static X509_ALGOR *pkcs5_scrypt_set(const unsigned char *salt, size_t saltlen, size_t keylen, uint64_t N, uint64_t r, diff --git a/include/openssl/x509.h b/include/openssl/x509.h index 286c399aa2..e4e46397b3 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -305,6 +305,16 @@ typedef struct PBKDF2PARAM_st { X509_ALGOR *prf; } PBKDF2PARAM; +#ifndef OPENSSL_NO_SCRYPT +typedef struct SCRYPT_PARAMS_st { + ASN1_OCTET_STRING *salt; + ASN1_INTEGER *costParameter; + ASN1_INTEGER *blockSize; + ASN1_INTEGER *parallelizationParameter; + ASN1_INTEGER *keyLength; +} SCRYPT_PARAMS; +#endif + #ifdef __cplusplus } #endif @@ -971,6 +981,9 @@ X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name); DECLARE_ASN1_FUNCTIONS(PBEPARAM) DECLARE_ASN1_FUNCTIONS(PBE2PARAM) DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM) +#ifndef OPENSSL_NO_SCRYPT +DECLARE_ASN1_FUNCTIONS(SCRYPT_PARAMS) +#endif int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, const unsigned char *salt, int saltlen); diff --git a/util/libcrypto.num b/util/libcrypto.num index c103d12494..1c754b47a6 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4364,3 +4364,9 @@ EVP_sha3_384 4306 1_1_1 EXIST::FUNCTION: EVP_sha3_512 4307 1_1_1 EXIST::FUNCTION: EVP_shake128 4308 1_1_1 EXIST::FUNCTION: EVP_shake256 4309 1_1_1 EXIST::FUNCTION: +SCRYPT_PARAMS_new 4310 1_1_1 EXIST::FUNCTION:SCRYPT +SCRYPT_PARAMS_free 4311 1_1_1 EXIST::FUNCTION:SCRYPT +i2d_SCRYPT_PARAMS 4312 1_1_1 EXIST::FUNCTION:SCRYPT +d2i_SCRYPT_PARAMS 4313 1_1_1 EXIST::FUNCTION:SCRYPT +SCRYPT_PARAMS_it 4314 1_1_1 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:SCRYPT +SCRYPT_PARAMS_it 4314 1_1_1 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:SCRYPT -- 2.25.1