1 /* $NetBSD: evp.c,v 1.1.1.2 2014/04/24 12:45:30 pettai Exp $ */
2
3 /*
4 * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan
5 * (Royal Institute of Technology, Stockholm, Sweden).
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
35
36 #ifdef HAVE_CONFIG_H
37 #include <config.h>
38 #endif
39
40 #define HC_DEPRECATED
41 #define HC_DEPRECATED_CRYPTO
42
43 #include <sys/types.h>
44 #include <stdio.h>
45 #include <stdlib.h>
46 #include <string.h>
47 #include <assert.h>
48
49 #include <evp.h>
50 #include <evp-hcrypto.h>
51 #include <evp-cc.h>
52
53 #include <krb5/krb5-types.h>
54 #include <krb5/roken.h>
55
56 #ifndef HCRYPTO_DEF_PROVIDER
57 #define HCRYPTO_DEF_PROVIDER hcrypto
58 #endif
59
60 #define HC_CONCAT4(x,y,z,aa) x ## y ## z ## aa
61
62
63 #define EVP_DEF_OP(_prov,_op) HC_CONCAT4(EVP_,_prov,_,_op)()
64
65 /**
66 * @page page_evp EVP - generic crypto interface
67 *
68 * See the library functions here: @ref hcrypto_evp
69 *
70 * @section evp_cipher EVP Cipher
71 *
72 * The use of EVP_CipherInit_ex() and EVP_Cipher() is pretty easy to
73 * understand forward, then EVP_CipherUpdate() and
74 * EVP_CipherFinal_ex() really needs an example to explain @ref
75 * example_evp_cipher.c .
76 *
77 * @example example_evp_cipher.c
78 *
79 * This is an example how to use EVP_CipherInit_ex(),
80 * EVP_CipherUpdate() and EVP_CipherFinal_ex().
81 */
82
83 struct hc_EVP_MD_CTX {
84 const EVP_MD *md;
85 ENGINE *engine;
86 void *ptr;
87 };
88
89
90 /**
91 * Return the output size of the message digest function.
92 *
93 * @param md the evp message
94 *
95 * @return size output size of the message digest function.
96 *
97 * @ingroup hcrypto_evp
98 */
99
100 size_t
EVP_MD_size(const EVP_MD * md)101 EVP_MD_size(const EVP_MD *md)
102 {
103 return md->hash_size;
104 }
105
106 /**
107 * Return the blocksize of the message digest function.
108 *
109 * @param md the evp message
110 *
111 * @return size size of the message digest block size
112 *
113 * @ingroup hcrypto_evp
114 */
115
116 size_t
EVP_MD_block_size(const EVP_MD * md)117 EVP_MD_block_size(const EVP_MD *md)
118 {
119 return md->block_size;
120 }
121
122 /**
123 * Allocate a messsage digest context object. Free with
124 * EVP_MD_CTX_destroy().
125 *
126 * @return a newly allocated message digest context object.
127 *
128 * @ingroup hcrypto_evp
129 */
130
131 EVP_MD_CTX *
EVP_MD_CTX_create(void)132 EVP_MD_CTX_create(void)
133 {
134 return calloc(1, sizeof(EVP_MD_CTX));
135 }
136
137 /**
138 * Initiate a messsage digest context object. Deallocate with
139 * EVP_MD_CTX_cleanup(). Please use EVP_MD_CTX_create() instead.
140 *
141 * @param ctx variable to initiate.
142 *
143 * @ingroup hcrypto_evp
144 */
145
146 void
EVP_MD_CTX_init(EVP_MD_CTX * ctx)147 EVP_MD_CTX_init(EVP_MD_CTX *ctx) HC_DEPRECATED
148 {
149 memset(ctx, 0, sizeof(*ctx));
150 }
151
152 /**
153 * Free a messsage digest context object.
154 *
155 * @param ctx context to free.
156 *
157 * @ingroup hcrypto_evp
158 */
159
160 void
EVP_MD_CTX_destroy(EVP_MD_CTX * ctx)161 EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
162 {
163 EVP_MD_CTX_cleanup(ctx);
164 free(ctx);
165 }
166
167 /**
168 * Free the resources used by the EVP_MD context.
169 *
170 * @param ctx the context to free the resources from.
171 *
172 * @return 1 on success.
173 *
174 * @ingroup hcrypto_evp
175 */
176
177 int
EVP_MD_CTX_cleanup(EVP_MD_CTX * ctx)178 EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) HC_DEPRECATED
179 {
180 if (ctx->md && ctx->md->cleanup)
181 (ctx->md->cleanup)(ctx);
182 else if (ctx->md)
183 memset(ctx->ptr, 0, ctx->md->ctx_size);
184 ctx->md = NULL;
185 ctx->engine = NULL;
186 free(ctx->ptr);
187 memset(ctx, 0, sizeof(*ctx));
188 return 1;
189 }
190
191 /**
192 * Get the EVP_MD use for a specified context.
193 *
194 * @param ctx the EVP_MD context to get the EVP_MD for.
195 *
196 * @return the EVP_MD used for the context.
197 *
198 * @ingroup hcrypto_evp
199 */
200
201 const EVP_MD *
EVP_MD_CTX_md(EVP_MD_CTX * ctx)202 EVP_MD_CTX_md(EVP_MD_CTX *ctx)
203 {
204 return ctx->md;
205 }
206
207 /**
208 * Return the output size of the message digest function.
209 *
210 * @param ctx the evp message digest context
211 *
212 * @return size output size of the message digest function.
213 *
214 * @ingroup hcrypto_evp
215 */
216
217 size_t
EVP_MD_CTX_size(EVP_MD_CTX * ctx)218 EVP_MD_CTX_size(EVP_MD_CTX *ctx)
219 {
220 return EVP_MD_size(ctx->md);
221 }
222
223 /**
224 * Return the blocksize of the message digest function.
225 *
226 * @param ctx the evp message digest context
227 *
228 * @return size size of the message digest block size
229 *
230 * @ingroup hcrypto_evp
231 */
232
233 size_t
EVP_MD_CTX_block_size(EVP_MD_CTX * ctx)234 EVP_MD_CTX_block_size(EVP_MD_CTX *ctx)
235 {
236 return EVP_MD_block_size(ctx->md);
237 }
238
239 /**
240 * Init a EVP_MD_CTX for use a specific message digest and engine.
241 *
242 * @param ctx the message digest context to init.
243 * @param md the message digest to use.
244 * @param engine the engine to use, NULL to use the default engine.
245 *
246 * @return 1 on success.
247 *
248 * @ingroup hcrypto_evp
249 */
250
251 int
EVP_DigestInit_ex(EVP_MD_CTX * ctx,const EVP_MD * md,ENGINE * engine)252 EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *md, ENGINE *engine)
253 {
254 if (ctx->md != md || ctx->engine != engine) {
255 EVP_MD_CTX_cleanup(ctx);
256 ctx->md = md;
257 ctx->engine = engine;
258
259 ctx->ptr = calloc(1, md->ctx_size);
260 if (ctx->ptr == NULL)
261 return 0;
262 }
263 (ctx->md->init)(ctx->ptr);
264 return 1;
265 }
266
267 /**
268 * Update the digest with some data.
269 *
270 * @param ctx the context to update
271 * @param data the data to update the context with
272 * @param size length of data
273 *
274 * @return 1 on success.
275 *
276 * @ingroup hcrypto_evp
277 */
278
279 int
EVP_DigestUpdate(EVP_MD_CTX * ctx,const void * data,size_t size)280 EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t size)
281 {
282 (ctx->md->update)(ctx->ptr, data, size);
283 return 1;
284 }
285
286 /**
287 * Complete the message digest.
288 *
289 * @param ctx the context to complete.
290 * @param hash the output of the message digest function. At least
291 * EVP_MD_size().
292 * @param size the output size of hash.
293 *
294 * @return 1 on success.
295 *
296 * @ingroup hcrypto_evp
297 */
298
299 int
EVP_DigestFinal_ex(EVP_MD_CTX * ctx,void * hash,unsigned int * size)300 EVP_DigestFinal_ex(EVP_MD_CTX *ctx, void *hash, unsigned int *size)
301 {
302 (ctx->md->final)(hash, ctx->ptr);
303 if (size)
304 *size = ctx->md->hash_size;
305 return 1;
306 }
307
308 /**
309 * Do the whole EVP_MD_CTX_create(), EVP_DigestInit_ex(),
310 * EVP_DigestUpdate(), EVP_DigestFinal_ex(), EVP_MD_CTX_destroy()
311 * dance in one call.
312 *
313 * @param data the data to update the context with
314 * @param dsize length of data
315 * @param hash output data of at least EVP_MD_size() length.
316 * @param hsize output length of hash.
317 * @param md message digest to use
318 * @param engine engine to use, NULL for default engine.
319 *
320 * @return 1 on success.
321 *
322 * @ingroup hcrypto_evp
323 */
324
325 int
EVP_Digest(const void * data,size_t dsize,void * hash,unsigned int * hsize,const EVP_MD * md,ENGINE * engine)326 EVP_Digest(const void *data, size_t dsize, void *hash, unsigned int *hsize,
327 const EVP_MD *md, ENGINE *engine)
328 {
329 EVP_MD_CTX *ctx;
330 int ret;
331
332 ctx = EVP_MD_CTX_create();
333 if (ctx == NULL)
334 return 0;
335 ret = EVP_DigestInit_ex(ctx, md, engine);
336 if (ret != 1) {
337 EVP_MD_CTX_destroy(ctx);
338 return ret;
339 }
340 ret = EVP_DigestUpdate(ctx, data, dsize);
341 if (ret != 1) {
342 EVP_MD_CTX_destroy(ctx);
343 return ret;
344 }
345 ret = EVP_DigestFinal_ex(ctx, hash, hsize);
346 EVP_MD_CTX_destroy(ctx);
347 return ret;
348 }
349
350 /**
351 * The message digest SHA256
352 *
353 * @return the message digest type.
354 *
355 * @ingroup hcrypto_evp
356 */
357
358 const EVP_MD *
EVP_sha256(void)359 EVP_sha256(void)
360 {
361 hcrypto_validate();
362 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha256);
363 }
364
365 /**
366 * The message digest SHA384
367 *
368 * @return the message digest type.
369 *
370 * @ingroup hcrypto_evp
371 */
372
373 const EVP_MD *
EVP_sha384(void)374 EVP_sha384(void)
375 {
376 hcrypto_validate();
377 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha384);
378 }
379
380 /**
381 * The message digest SHA512
382 *
383 * @return the message digest type.
384 *
385 * @ingroup hcrypto_evp
386 */
387
388 const EVP_MD *
EVP_sha512(void)389 EVP_sha512(void)
390 {
391 hcrypto_validate();
392 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha512);
393 }
394
395 /**
396 * The message digest SHA1
397 *
398 * @return the message digest type.
399 *
400 * @ingroup hcrypto_evp
401 */
402
403 const EVP_MD *
EVP_sha1(void)404 EVP_sha1(void)
405 {
406 hcrypto_validate();
407 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha1);
408 }
409
410 /**
411 * The message digest SHA1
412 *
413 * @return the message digest type.
414 *
415 * @ingroup hcrypto_evp
416 */
417
418 const EVP_MD *
EVP_sha(void)419 EVP_sha(void) HC_DEPRECATED
420
421 {
422 hcrypto_validate();
423 return EVP_sha1();
424 }
425
426 /**
427 * The message digest MD5
428 *
429 * @return the message digest type.
430 *
431 * @ingroup hcrypto_evp
432 */
433
434 const EVP_MD *
EVP_md5(void)435 EVP_md5(void) HC_DEPRECATED_CRYPTO
436 {
437 hcrypto_validate();
438 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md5);
439 }
440
441 /**
442 * The message digest MD4
443 *
444 * @return the message digest type.
445 *
446 * @ingroup hcrypto_evp
447 */
448
449 const EVP_MD *
EVP_md4(void)450 EVP_md4(void) HC_DEPRECATED_CRYPTO
451 {
452 hcrypto_validate();
453 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md4);
454 }
455
456 /**
457 * The message digest MD2
458 *
459 * @return the message digest type.
460 *
461 * @ingroup hcrypto_evp
462 */
463
464 const EVP_MD *
EVP_md2(void)465 EVP_md2(void) HC_DEPRECATED_CRYPTO
466 {
467 hcrypto_validate();
468 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md2);
469 }
470
471 /*
472 *
473 */
474
475 static void
null_Init(void * m)476 null_Init (void *m)
477 {
478 }
479 static void
null_Update(void * m,const void * data,size_t size)480 null_Update (void *m, const void * data, size_t size)
481 {
482 }
483 static void
null_Final(void * res,void * m)484 null_Final(void *res, void *m)
485 {
486 }
487
488 /**
489 * The null message digest
490 *
491 * @return the message digest type.
492 *
493 * @ingroup hcrypto_evp
494 */
495
496 const EVP_MD *
EVP_md_null(void)497 EVP_md_null(void)
498 {
499 static const struct hc_evp_md null = {
500 0,
501 0,
502 0,
503 (hc_evp_md_init)null_Init,
504 (hc_evp_md_update)null_Update,
505 (hc_evp_md_final)null_Final,
506 NULL
507 };
508 return &null;
509 }
510
511 /**
512 * Return the block size of the cipher.
513 *
514 * @param c cipher to get the block size from.
515 *
516 * @return the block size of the cipher.
517 *
518 * @ingroup hcrypto_evp
519 */
520
521 size_t
EVP_CIPHER_block_size(const EVP_CIPHER * c)522 EVP_CIPHER_block_size(const EVP_CIPHER *c)
523 {
524 return c->block_size;
525 }
526
527 /**
528 * Return the key size of the cipher.
529 *
530 * @param c cipher to get the key size from.
531 *
532 * @return the key size of the cipher.
533 *
534 * @ingroup hcrypto_evp
535 */
536
537 size_t
EVP_CIPHER_key_length(const EVP_CIPHER * c)538 EVP_CIPHER_key_length(const EVP_CIPHER *c)
539 {
540 return c->key_len;
541 }
542
543 /**
544 * Return the IV size of the cipher.
545 *
546 * @param c cipher to get the IV size from.
547 *
548 * @return the IV size of the cipher.
549 *
550 * @ingroup hcrypto_evp
551 */
552
553 size_t
EVP_CIPHER_iv_length(const EVP_CIPHER * c)554 EVP_CIPHER_iv_length(const EVP_CIPHER *c)
555 {
556 return c->iv_len;
557 }
558
559 /**
560 * Initiate a EVP_CIPHER_CTX context. Clean up with
561 * EVP_CIPHER_CTX_cleanup().
562 *
563 * @param c the cipher initiate.
564 *
565 * @ingroup hcrypto_evp
566 */
567
568 void
EVP_CIPHER_CTX_init(EVP_CIPHER_CTX * c)569 EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *c)
570 {
571 memset(c, 0, sizeof(*c));
572 }
573
574 /**
575 * Clean up the EVP_CIPHER_CTX context.
576 *
577 * @param c the cipher to clean up.
578 *
579 * @return 1 on success.
580 *
581 * @ingroup hcrypto_evp
582 */
583
584 int
EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX * c)585 EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
586 {
587 if (c->cipher && c->cipher->cleanup)
588 c->cipher->cleanup(c);
589 if (c->cipher_data) {
590 memset(c->cipher_data, 0, c->cipher->ctx_size);
591 free(c->cipher_data);
592 c->cipher_data = NULL;
593 }
594 return 1;
595 }
596
597 /**
598 * If the cipher type supports it, change the key length
599 *
600 * @param c the cipher context to change the key length for
601 * @param length new key length
602 *
603 * @return 1 on success.
604 *
605 * @ingroup hcrypto_evp
606 */
607
608 int
EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX * c,int length)609 EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int length)
610 {
611 if ((c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH) && length > 0) {
612 c->key_len = length;
613 return 1;
614 }
615 return 0;
616 }
617
618 #if 0
619 int
620 EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad)
621 {
622 return 0;
623 }
624 #endif
625
626 /**
627 * Return the EVP_CIPHER for a EVP_CIPHER_CTX context.
628 *
629 * @param ctx the context to get the cipher type from.
630 *
631 * @return the EVP_CIPHER pointer.
632 *
633 * @ingroup hcrypto_evp
634 */
635
636 const EVP_CIPHER *
EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX * ctx)637 EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX *ctx)
638 {
639 return ctx->cipher;
640 }
641
642 /**
643 * Return the block size of the cipher context.
644 *
645 * @param ctx cipher context to get the block size from.
646 *
647 * @return the block size of the cipher context.
648 *
649 * @ingroup hcrypto_evp
650 */
651
652 size_t
EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX * ctx)653 EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
654 {
655 return EVP_CIPHER_block_size(ctx->cipher);
656 }
657
658 /**
659 * Return the key size of the cipher context.
660 *
661 * @param ctx cipher context to get the key size from.
662 *
663 * @return the key size of the cipher context.
664 *
665 * @ingroup hcrypto_evp
666 */
667
668 size_t
EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX * ctx)669 EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
670 {
671 return EVP_CIPHER_key_length(ctx->cipher);
672 }
673
674 /**
675 * Return the IV size of the cipher context.
676 *
677 * @param ctx cipher context to get the IV size from.
678 *
679 * @return the IV size of the cipher context.
680 *
681 * @ingroup hcrypto_evp
682 */
683
684 size_t
EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX * ctx)685 EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
686 {
687 return EVP_CIPHER_iv_length(ctx->cipher);
688 }
689
690 /**
691 * Get the flags for an EVP_CIPHER_CTX context.
692 *
693 * @param ctx the EVP_CIPHER_CTX to get the flags from
694 *
695 * @return the flags for an EVP_CIPHER_CTX.
696 *
697 * @ingroup hcrypto_evp
698 */
699
700 unsigned long
EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX * ctx)701 EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
702 {
703 return ctx->cipher->flags;
704 }
705
706 /**
707 * Get the mode for an EVP_CIPHER_CTX context.
708 *
709 * @param ctx the EVP_CIPHER_CTX to get the mode from
710 *
711 * @return the mode for an EVP_CIPHER_CTX.
712 *
713 * @ingroup hcrypto_evp
714 */
715
716 int
EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX * ctx)717 EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx)
718 {
719 return EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_MODE;
720 }
721
722 /**
723 * Get the app data for an EVP_CIPHER_CTX context.
724 *
725 * @param ctx the EVP_CIPHER_CTX to get the app data from
726 *
727 * @return the app data for an EVP_CIPHER_CTX.
728 *
729 * @ingroup hcrypto_evp
730 */
731
732 void *
EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX * ctx)733 EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX *ctx)
734 {
735 return ctx->app_data;
736 }
737
738 /**
739 * Set the app data for an EVP_CIPHER_CTX context.
740 *
741 * @param ctx the EVP_CIPHER_CTX to set the app data for
742 * @param data the app data to set for an EVP_CIPHER_CTX.
743 *
744 * @ingroup hcrypto_evp
745 */
746
747 void
EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX * ctx,void * data)748 EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
749 {
750 ctx->app_data = data;
751 }
752
753 /**
754 * Initiate the EVP_CIPHER_CTX context to encrypt or decrypt data.
755 * Clean up with EVP_CIPHER_CTX_cleanup().
756 *
757 * @param ctx context to initiate
758 * @param c cipher to use.
759 * @param engine crypto engine to use, NULL to select default.
760 * @param key the crypto key to use, NULL will use the previous value.
761 * @param iv the IV to use, NULL will use the previous value.
762 * @param encp non zero will encrypt, -1 use the previous value.
763 *
764 * @return 1 on success.
765 *
766 * @ingroup hcrypto_evp
767 */
768
769 int
EVP_CipherInit_ex(EVP_CIPHER_CTX * ctx,const EVP_CIPHER * c,ENGINE * engine,const void * key,const void * iv,int encp)770 EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *c, ENGINE *engine,
771 const void *key, const void *iv, int encp)
772 {
773 ctx->buf_len = 0;
774
775 if (encp == -1)
776 encp = ctx->encrypt;
777 else
778 ctx->encrypt = (encp ? 1 : 0);
779
780 if (c && (c != ctx->cipher)) {
781 EVP_CIPHER_CTX_cleanup(ctx);
782 ctx->cipher = c;
783 ctx->key_len = c->key_len;
784
785 ctx->cipher_data = calloc(1, c->ctx_size);
786 if (ctx->cipher_data == NULL && c->ctx_size != 0)
787 return 0;
788
789 /* assume block size is a multiple of 2 */
790 ctx->block_mask = EVP_CIPHER_block_size(c) - 1;
791
792 } else if (ctx->cipher == NULL) {
793 /* reuse of cipher, but not any cipher ever set! */
794 return 0;
795 }
796
797 switch (EVP_CIPHER_CTX_mode(ctx)) {
798 case EVP_CIPH_CBC_MODE:
799
800 assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof(ctx->iv));
801
802 if (iv)
803 memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
804 memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
805 break;
806
807 case EVP_CIPH_STREAM_CIPHER:
808 break;
809 case EVP_CIPH_CFB8_MODE:
810 if (iv)
811 memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
812 break;
813
814 default:
815 return 0;
816 }
817
818 if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT))
819 ctx->cipher->init(ctx, key, iv, encp);
820
821 return 1;
822 }
823
824 /**
825 * Encipher/decipher partial data
826 *
827 * @param ctx the cipher context.
828 * @param out output data from the operation.
829 * @param outlen output length
830 * @param in input data to the operation.
831 * @param inlen length of data.
832 *
833 * The output buffer length should at least be EVP_CIPHER_block_size()
834 * byte longer then the input length.
835 *
836 * See @ref evp_cipher for an example how to use this function.
837 *
838 * @return 1 on success.
839 *
840 * @ingroup hcrypto_evp
841 */
842
843 int
EVP_CipherUpdate(EVP_CIPHER_CTX * ctx,void * out,int * outlen,void * in,size_t inlen)844 EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, void *out, int *outlen,
845 void *in, size_t inlen)
846 {
847 int ret, left, blocksize;
848
849 *outlen = 0;
850
851 /**
852 * If there in no spare bytes in the left from last Update and the
853 * input length is on the block boundery, the EVP_CipherUpdate()
854 * function can take a shortcut (and preformance gain) and
855 * directly encrypt the data, otherwise we hav to fix it up and
856 * store extra it the EVP_CIPHER_CTX.
857 */
858 if (ctx->buf_len == 0 && (inlen & ctx->block_mask) == 0) {
859 ret = (*ctx->cipher->do_cipher)(ctx, out, in, inlen);
860 if (ret == 1)
861 *outlen = inlen;
862 else
863 *outlen = 0;
864 return ret;
865 }
866
867
868 blocksize = EVP_CIPHER_CTX_block_size(ctx);
869 left = blocksize - ctx->buf_len;
870 assert(left > 0);
871
872 if (ctx->buf_len) {
873
874 /* if total buffer is smaller then input, store locally */
875 if (inlen < left) {
876 memcpy(ctx->buf + ctx->buf_len, in, inlen);
877 ctx->buf_len += inlen;
878 return 1;
879 }
880
881 /* fill in local buffer and encrypt */
882 memcpy(ctx->buf + ctx->buf_len, in, left);
883 ret = (*ctx->cipher->do_cipher)(ctx, out, ctx->buf, blocksize);
884 memset(ctx->buf, 0, blocksize);
885 if (ret != 1)
886 return ret;
887
888 *outlen += blocksize;
889 inlen -= left;
890 in = ((unsigned char *)in) + left;
891 out = ((unsigned char *)out) + blocksize;
892 ctx->buf_len = 0;
893 }
894
895 if (inlen) {
896 ctx->buf_len = (inlen & ctx->block_mask);
897 inlen &= ~ctx->block_mask;
898
899 ret = (*ctx->cipher->do_cipher)(ctx, out, in, inlen);
900 if (ret != 1)
901 return ret;
902
903 *outlen += inlen;
904
905 in = ((unsigned char *)in) + inlen;
906 memcpy(ctx->buf, in, ctx->buf_len);
907 }
908
909 return 1;
910 }
911
912 /**
913 * Encipher/decipher final data
914 *
915 * @param ctx the cipher context.
916 * @param out output data from the operation.
917 * @param outlen output length
918 *
919 * The input length needs to be at least EVP_CIPHER_block_size() bytes
920 * long.
921 *
922 * See @ref evp_cipher for an example how to use this function.
923 *
924 * @return 1 on success.
925 *
926 * @ingroup hcrypto_evp
927 */
928
929 int
EVP_CipherFinal_ex(EVP_CIPHER_CTX * ctx,void * out,int * outlen)930 EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, void *out, int *outlen)
931 {
932 *outlen = 0;
933
934 if (ctx->buf_len) {
935 int ret, left, blocksize;
936
937 blocksize = EVP_CIPHER_CTX_block_size(ctx);
938
939 left = blocksize - ctx->buf_len;
940 assert(left > 0);
941
942 /* zero fill local buffer */
943 memset(ctx->buf + ctx->buf_len, 0, left);
944 ret = (*ctx->cipher->do_cipher)(ctx, out, ctx->buf, blocksize);
945 memset(ctx->buf, 0, blocksize);
946 if (ret != 1)
947 return ret;
948
949 *outlen += blocksize;
950 }
951
952 return 1;
953 }
954
955 /**
956 * Encipher/decipher data
957 *
958 * @param ctx the cipher context.
959 * @param out out data from the operation.
960 * @param in in data to the operation.
961 * @param size length of data.
962 *
963 * @return 1 on success.
964 */
965
966 int
EVP_Cipher(EVP_CIPHER_CTX * ctx,void * out,const void * in,size_t size)967 EVP_Cipher(EVP_CIPHER_CTX *ctx, void *out, const void *in,size_t size)
968 {
969 return ctx->cipher->do_cipher(ctx, out, in, size);
970 }
971
972 /*
973 *
974 */
975
976 static int
enc_null_init(EVP_CIPHER_CTX * ctx,const unsigned char * key,const unsigned char * iv,int encp)977 enc_null_init(EVP_CIPHER_CTX *ctx,
978 const unsigned char * key,
979 const unsigned char * iv,
980 int encp)
981 {
982 return 1;
983 }
984
985 static int
enc_null_do_cipher(EVP_CIPHER_CTX * ctx,unsigned char * out,const unsigned char * in,unsigned int size)986 enc_null_do_cipher(EVP_CIPHER_CTX *ctx,
987 unsigned char *out,
988 const unsigned char *in,
989 unsigned int size)
990 {
991 memmove(out, in, size);
992 return 1;
993 }
994
995 static int
enc_null_cleanup(EVP_CIPHER_CTX * ctx)996 enc_null_cleanup(EVP_CIPHER_CTX *ctx)
997 {
998 return 1;
999 }
1000
1001 /**
1002 * The NULL cipher type, does no encryption/decryption.
1003 *
1004 * @return the null EVP_CIPHER pointer.
1005 *
1006 * @ingroup hcrypto_evp
1007 */
1008
1009 const EVP_CIPHER *
EVP_enc_null(void)1010 EVP_enc_null(void)
1011 {
1012 static const EVP_CIPHER enc_null = {
1013 0,
1014 0,
1015 0,
1016 0,
1017 EVP_CIPH_CBC_MODE,
1018 enc_null_init,
1019 enc_null_do_cipher,
1020 enc_null_cleanup,
1021 0,
1022 NULL,
1023 NULL,
1024 NULL,
1025 NULL
1026 };
1027 return &enc_null;
1028 }
1029
1030 /**
1031 * The RC2 cipher type
1032 *
1033 * @return the RC2 EVP_CIPHER pointer.
1034 *
1035 * @ingroup hcrypto_evp
1036 */
1037
1038 const EVP_CIPHER *
EVP_rc2_cbc(void)1039 EVP_rc2_cbc(void)
1040 {
1041 hcrypto_validate();
1042 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_cbc);
1043 }
1044
1045 /**
1046 * The RC2 cipher type
1047 *
1048 * @return the RC2 EVP_CIPHER pointer.
1049 *
1050 * @ingroup hcrypto_evp
1051 */
1052
1053 const EVP_CIPHER *
EVP_rc2_40_cbc(void)1054 EVP_rc2_40_cbc(void)
1055 {
1056 hcrypto_validate();
1057 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_40_cbc);
1058 }
1059
1060 /**
1061 * The RC2 cipher type
1062 *
1063 * @return the RC2 EVP_CIPHER pointer.
1064 *
1065 * @ingroup hcrypto_evp
1066 */
1067
1068 const EVP_CIPHER *
EVP_rc2_64_cbc(void)1069 EVP_rc2_64_cbc(void)
1070 {
1071 hcrypto_validate();
1072 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_64_cbc);
1073 }
1074
1075 /**
1076 * The RC4 cipher type
1077 *
1078 * @return the RC4 EVP_CIPHER pointer.
1079 *
1080 * @ingroup hcrypto_evp
1081 */
1082
1083 const EVP_CIPHER *
EVP_rc4(void)1084 EVP_rc4(void)
1085 {
1086 hcrypto_validate();
1087 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc4);
1088 }
1089
1090 /**
1091 * The RC4-40 cipher type
1092 *
1093 * @return the RC4-40 EVP_CIPHER pointer.
1094 *
1095 * @ingroup hcrypto_evp
1096 */
1097
1098 const EVP_CIPHER *
EVP_rc4_40(void)1099 EVP_rc4_40(void)
1100 {
1101 hcrypto_validate();
1102 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc4_40);
1103 }
1104
1105 /**
1106 * The DES cipher type
1107 *
1108 * @return the DES-CBC EVP_CIPHER pointer.
1109 *
1110 * @ingroup hcrypto_evp
1111 */
1112
1113 const EVP_CIPHER *
EVP_des_cbc(void)1114 EVP_des_cbc(void)
1115 {
1116 hcrypto_validate();
1117 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, des_cbc);
1118 }
1119
1120 /**
1121 * The tripple DES cipher type
1122 *
1123 * @return the DES-EDE3-CBC EVP_CIPHER pointer.
1124 *
1125 * @ingroup hcrypto_evp
1126 */
1127
1128 const EVP_CIPHER *
EVP_des_ede3_cbc(void)1129 EVP_des_ede3_cbc(void)
1130 {
1131 hcrypto_validate();
1132 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, des_ede3_cbc);
1133 }
1134
1135 /**
1136 * The AES-128 cipher type
1137 *
1138 * @return the AES-128 EVP_CIPHER pointer.
1139 *
1140 * @ingroup hcrypto_evp
1141 */
1142
1143 const EVP_CIPHER *
EVP_aes_128_cbc(void)1144 EVP_aes_128_cbc(void)
1145 {
1146 hcrypto_validate();
1147 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_128_cbc);
1148 }
1149
1150 /**
1151 * The AES-192 cipher type
1152 *
1153 * @return the AES-192 EVP_CIPHER pointer.
1154 *
1155 * @ingroup hcrypto_evp
1156 */
1157
1158 const EVP_CIPHER *
EVP_aes_192_cbc(void)1159 EVP_aes_192_cbc(void)
1160 {
1161 hcrypto_validate();
1162 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_192_cbc);
1163 }
1164
1165 /**
1166 * The AES-256 cipher type
1167 *
1168 * @return the AES-256 EVP_CIPHER pointer.
1169 *
1170 * @ingroup hcrypto_evp
1171 */
1172
1173 const EVP_CIPHER *
EVP_aes_256_cbc(void)1174 EVP_aes_256_cbc(void)
1175 {
1176 hcrypto_validate();
1177 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_256_cbc);
1178 }
1179
1180 /**
1181 * The AES-128 cipher type
1182 *
1183 * @return the AES-128 EVP_CIPHER pointer.
1184 *
1185 * @ingroup hcrypto_evp
1186 */
1187
1188 const EVP_CIPHER *
EVP_aes_128_cfb8(void)1189 EVP_aes_128_cfb8(void)
1190 {
1191 hcrypto_validate();
1192 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_128_cfb8);
1193 }
1194
1195 /**
1196 * The AES-192 cipher type
1197 *
1198 * @return the AES-192 EVP_CIPHER pointer.
1199 *
1200 * @ingroup hcrypto_evp
1201 */
1202
1203 const EVP_CIPHER *
EVP_aes_192_cfb8(void)1204 EVP_aes_192_cfb8(void)
1205 {
1206 hcrypto_validate();
1207 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_192_cfb8);
1208 }
1209
1210 /**
1211 * The AES-256 cipher type
1212 *
1213 * @return the AES-256 EVP_CIPHER pointer.
1214 *
1215 * @ingroup hcrypto_evp
1216 */
1217
1218 const EVP_CIPHER *
EVP_aes_256_cfb8(void)1219 EVP_aes_256_cfb8(void)
1220 {
1221 hcrypto_validate();
1222 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_256_cfb8);
1223 }
1224
1225 /**
1226 * The Camellia-128 cipher type
1227 *
1228 * @return the Camellia-128 EVP_CIPHER pointer.
1229 *
1230 * @ingroup hcrypto_evp
1231 */
1232
1233 const EVP_CIPHER *
EVP_camellia_128_cbc(void)1234 EVP_camellia_128_cbc(void)
1235 {
1236 hcrypto_validate();
1237 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_128_cbc);
1238 }
1239
1240 /**
1241 * The Camellia-198 cipher type
1242 *
1243 * @return the Camellia-198 EVP_CIPHER pointer.
1244 *
1245 * @ingroup hcrypto_evp
1246 */
1247
1248 const EVP_CIPHER *
EVP_camellia_192_cbc(void)1249 EVP_camellia_192_cbc(void)
1250 {
1251 hcrypto_validate();
1252 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_192_cbc);
1253 }
1254
1255 /**
1256 * The Camellia-256 cipher type
1257 *
1258 * @return the Camellia-256 EVP_CIPHER pointer.
1259 *
1260 * @ingroup hcrypto_evp
1261 */
1262
1263 const EVP_CIPHER *
EVP_camellia_256_cbc(void)1264 EVP_camellia_256_cbc(void)
1265 {
1266 hcrypto_validate();
1267 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_256_cbc);
1268 }
1269
1270 /*
1271 *
1272 */
1273
1274 static const struct cipher_name {
1275 const char *name;
1276 const EVP_CIPHER *(*func)(void);
1277 } cipher_name[] = {
1278 { "des-ede3-cbc", EVP_des_ede3_cbc },
1279 { "aes-128-cbc", EVP_aes_128_cbc },
1280 { "aes-192-cbc", EVP_aes_192_cbc },
1281 { "aes-256-cbc", EVP_aes_256_cbc },
1282 { "aes-128-cfb8", EVP_aes_128_cfb8 },
1283 { "aes-192-cfb8", EVP_aes_192_cfb8 },
1284 { "aes-256-cfb8", EVP_aes_256_cfb8 },
1285 { "camellia-128-cbc", EVP_camellia_128_cbc },
1286 { "camellia-192-cbc", EVP_camellia_192_cbc },
1287 { "camellia-256-cbc", EVP_camellia_256_cbc }
1288 };
1289
1290 /**
1291 * Get the cipher type using their name.
1292 *
1293 * @param name the name of the cipher.
1294 *
1295 * @return the selected EVP_CIPHER pointer or NULL if not found.
1296 *
1297 * @ingroup hcrypto_evp
1298 */
1299
1300 const EVP_CIPHER *
EVP_get_cipherbyname(const char * name)1301 EVP_get_cipherbyname(const char *name)
1302 {
1303 int i;
1304 for (i = 0; i < sizeof(cipher_name)/sizeof(cipher_name[0]); i++) {
1305 if (strcasecmp(cipher_name[i].name, name) == 0)
1306 return (*cipher_name[i].func)();
1307 }
1308 return NULL;
1309 }
1310
1311
1312 /*
1313 *
1314 */
1315
1316 #ifndef min
1317 #define min(a,b) (((a)>(b))?(b):(a))
1318 #endif
1319
1320 /**
1321 * Provides a legancy string to key function, used in PEM files.
1322 *
1323 * New protocols should use new string to key functions like NIST
1324 * SP56-800A or PKCS#5 v2.0 (see PKCS5_PBKDF2_HMAC_SHA1()).
1325 *
1326 * @param type type of cipher to use
1327 * @param md message digest to use
1328 * @param salt salt salt string, should be an binary 8 byte buffer.
1329 * @param data the password/input key string.
1330 * @param datalen length of data parameter.
1331 * @param count iteration counter.
1332 * @param keydata output keydata, needs to of the size EVP_CIPHER_key_length().
1333 * @param ivdata output ivdata, needs to of the size EVP_CIPHER_block_size().
1334 *
1335 * @return the size of derived key.
1336 *
1337 * @ingroup hcrypto_evp
1338 */
1339
1340 int
EVP_BytesToKey(const EVP_CIPHER * type,const EVP_MD * md,const void * salt,const void * data,size_t datalen,unsigned int count,void * keydata,void * ivdata)1341 EVP_BytesToKey(const EVP_CIPHER *type,
1342 const EVP_MD *md,
1343 const void *salt,
1344 const void *data, size_t datalen,
1345 unsigned int count,
1346 void *keydata,
1347 void *ivdata)
1348 {
1349 unsigned int ivlen, keylen;
1350 int first = 0;
1351 unsigned int mds = 0, i;
1352 unsigned char *key = keydata;
1353 unsigned char *iv = ivdata;
1354 unsigned char *buf;
1355 EVP_MD_CTX c;
1356
1357 keylen = EVP_CIPHER_key_length(type);
1358 ivlen = EVP_CIPHER_iv_length(type);
1359
1360 if (data == NULL)
1361 return keylen;
1362
1363 buf = malloc(EVP_MD_size(md));
1364 if (buf == NULL)
1365 return -1;
1366
1367 EVP_MD_CTX_init(&c);
1368
1369 first = 1;
1370 while (1) {
1371 EVP_DigestInit_ex(&c, md, NULL);
1372 if (!first)
1373 EVP_DigestUpdate(&c, buf, mds);
1374 first = 0;
1375 EVP_DigestUpdate(&c,data,datalen);
1376
1377 #define PKCS5_SALT_LEN 8
1378
1379 if (salt)
1380 EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN);
1381
1382 EVP_DigestFinal_ex(&c, buf, &mds);
1383 assert(mds == EVP_MD_size(md));
1384
1385 for (i = 1; i < count; i++) {
1386 EVP_DigestInit_ex(&c, md, NULL);
1387 EVP_DigestUpdate(&c, buf, mds);
1388 EVP_DigestFinal_ex(&c, buf, &mds);
1389 assert(mds == EVP_MD_size(md));
1390 }
1391
1392 i = 0;
1393 if (keylen) {
1394 size_t sz = min(keylen, mds);
1395 if (key) {
1396 memcpy(key, buf, sz);
1397 key += sz;
1398 }
1399 keylen -= sz;
1400 i += sz;
1401 }
1402 if (ivlen && mds > i) {
1403 size_t sz = min(ivlen, (mds - i));
1404 if (iv) {
1405 memcpy(iv, &buf[i], sz);
1406 iv += sz;
1407 }
1408 ivlen -= sz;
1409 }
1410 if (keylen == 0 && ivlen == 0)
1411 break;
1412 }
1413
1414 EVP_MD_CTX_cleanup(&c);
1415 free(buf);
1416
1417 return EVP_CIPHER_key_length(type);
1418 }
1419
1420 /**
1421 * Generate a random key for the specificed EVP_CIPHER.
1422 *
1423 * @param ctx EVP_CIPHER_CTX type to build the key for.
1424 * @param key return key, must be at least EVP_CIPHER_key_length() byte long.
1425 *
1426 * @return 1 for success, 0 for failure.
1427 *
1428 * @ingroup hcrypto_core
1429 */
1430
1431 int
EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX * ctx,void * key)1432 EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, void *key)
1433 {
1434 if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
1435 return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
1436 if (RAND_bytes(key, ctx->key_len) != 1)
1437 return 0;
1438 return 1;
1439 }
1440
1441 /**
1442 * Perform a operation on a ctx
1443 *
1444 * @param ctx context to perform operation on.
1445 * @param type type of operation.
1446 * @param arg argument to operation.
1447 * @param data addition data to operation.
1448
1449 * @return 1 for success, 0 for failure.
1450 *
1451 * @ingroup hcrypto_core
1452 */
1453
1454 int
EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX * ctx,int type,int arg,void * data)1455 EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *data)
1456 {
1457 if (ctx->cipher == NULL || ctx->cipher->ctrl == NULL)
1458 return 0;
1459 return (*ctx->cipher->ctrl)(ctx, type, arg, data);
1460 }
1461
1462 /**
1463 * Add all algorithms to the crypto core.
1464 *
1465 * @ingroup hcrypto_core
1466 */
1467
1468 void
OpenSSL_add_all_algorithms(void)1469 OpenSSL_add_all_algorithms(void)
1470 {
1471 return;
1472 }
1473
1474 /**
1475 * Add all algorithms to the crypto core using configuration file.
1476 *
1477 * @ingroup hcrypto_core
1478 */
1479
1480 void
OpenSSL_add_all_algorithms_conf(void)1481 OpenSSL_add_all_algorithms_conf(void)
1482 {
1483 return;
1484 }
1485
1486 /**
1487 * Add all algorithms to the crypto core, but don't use the
1488 * configuration file.
1489 *
1490 * @ingroup hcrypto_core
1491 */
1492
1493 void
OpenSSL_add_all_algorithms_noconf(void)1494 OpenSSL_add_all_algorithms_noconf(void)
1495 {
1496 return;
1497 }
1498