2 * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
39 #define HC_DEPRECATED_CRYPTO
41 #include <sys/types.h>
48 #include <evp-hcrypto.h>
51 #include <krb5-types.h>
53 #ifndef HCRYPTO_DEF_PROVIDER
54 #define HCRYPTO_DEF_PROVIDER hcrypto
57 #define HC_CONCAT4(x,y,z,aa) x ## y ## z ## aa
60 #define EVP_DEF_OP(_prov,_op) HC_CONCAT4(EVP_,_prov,_,_op)()
63 * @page page_evp EVP - generic crypto interface
65 * See the library functions here: @ref hcrypto_evp
67 * @section evp_cipher EVP Cipher
69 * The use of EVP_CipherInit_ex() and EVP_Cipher() is pretty easy to
70 * understand forward, then EVP_CipherUpdate() and
71 * EVP_CipherFinal_ex() really needs an example to explain @ref
72 * example_evp_cipher.c .
74 * @example example_evp_cipher.c
76 * This is an example how to use EVP_CipherInit_ex(),
77 * EVP_CipherUpdate() and EVP_CipherFinal_ex().
80 struct hc_EVP_MD_CTX
{
88 * Return the output size of the message digest function.
90 * @param md the evp message
92 * @return size output size of the message digest function.
94 * @ingroup hcrypto_evp
98 EVP_MD_size(const EVP_MD
*md
)
100 return md
->hash_size
;
104 * Return the blocksize of the message digest function.
106 * @param md the evp message
108 * @return size size of the message digest block size
110 * @ingroup hcrypto_evp
114 EVP_MD_block_size(const EVP_MD
*md
)
116 return md
->block_size
;
120 * Allocate a messsage digest context object. Free with
121 * EVP_MD_CTX_destroy().
123 * @return a newly allocated message digest context object.
125 * @ingroup hcrypto_evp
129 EVP_MD_CTX_create(void)
131 return calloc(1, sizeof(EVP_MD_CTX
));
135 * Initiate a messsage digest context object. Deallocate with
136 * EVP_MD_CTX_cleanup(). Please use EVP_MD_CTX_create() instead.
138 * @param ctx variable to initiate.
140 * @ingroup hcrypto_evp
144 EVP_MD_CTX_init(EVP_MD_CTX
*ctx
) HC_DEPRECATED
146 memset(ctx
, 0, sizeof(*ctx
));
150 * Free a messsage digest context object.
152 * @param ctx context to free.
154 * @ingroup hcrypto_evp
158 EVP_MD_CTX_destroy(EVP_MD_CTX
*ctx
)
160 EVP_MD_CTX_cleanup(ctx
);
165 * Free the resources used by the EVP_MD context.
167 * @param ctx the context to free the resources from.
169 * @return 1 on success.
171 * @ingroup hcrypto_evp
175 EVP_MD_CTX_cleanup(EVP_MD_CTX
*ctx
) HC_DEPRECATED
177 if (ctx
->md
&& ctx
->md
->cleanup
)
178 (ctx
->md
->cleanup
)(ctx
);
180 memset(ctx
->ptr
, 0, ctx
->md
->ctx_size
);
184 memset(ctx
, 0, sizeof(*ctx
));
189 * Get the EVP_MD use for a specified context.
191 * @param ctx the EVP_MD context to get the EVP_MD for.
193 * @return the EVP_MD used for the context.
195 * @ingroup hcrypto_evp
199 EVP_MD_CTX_md(EVP_MD_CTX
*ctx
)
205 * Return the output size of the message digest function.
207 * @param ctx the evp message digest context
209 * @return size output size of the message digest function.
211 * @ingroup hcrypto_evp
215 EVP_MD_CTX_size(EVP_MD_CTX
*ctx
)
217 return EVP_MD_size(ctx
->md
);
221 * Return the blocksize of the message digest function.
223 * @param ctx the evp message digest context
225 * @return size size of the message digest block size
227 * @ingroup hcrypto_evp
231 EVP_MD_CTX_block_size(EVP_MD_CTX
*ctx
)
233 return EVP_MD_block_size(ctx
->md
);
237 * Init a EVP_MD_CTX for use a specific message digest and engine.
239 * @param ctx the message digest context to init.
240 * @param md the message digest to use.
241 * @param engine the engine to use, NULL to use the default engine.
243 * @return 1 on success.
245 * @ingroup hcrypto_evp
249 EVP_DigestInit_ex(EVP_MD_CTX
*ctx
, const EVP_MD
*md
, ENGINE
*engine
)
251 if (ctx
->md
!= md
|| ctx
->engine
!= engine
) {
252 EVP_MD_CTX_cleanup(ctx
);
254 ctx
->engine
= engine
;
256 ctx
->ptr
= calloc(1, md
->ctx_size
);
257 if (ctx
->ptr
== NULL
)
260 (ctx
->md
->init
)(ctx
->ptr
);
265 * Update the digest with some data.
267 * @param ctx the context to update
268 * @param data the data to update the context with
269 * @param size length of data
271 * @return 1 on success.
273 * @ingroup hcrypto_evp
277 EVP_DigestUpdate(EVP_MD_CTX
*ctx
, const void *data
, size_t size
)
279 (ctx
->md
->update
)(ctx
->ptr
, data
, size
);
284 * Complete the message digest.
286 * @param ctx the context to complete.
287 * @param hash the output of the message digest function. At least
289 * @param size the output size of hash.
291 * @return 1 on success.
293 * @ingroup hcrypto_evp
297 EVP_DigestFinal_ex(EVP_MD_CTX
*ctx
, void *hash
, unsigned int *size
)
299 (ctx
->md
->final
)(hash
, ctx
->ptr
);
301 *size
= ctx
->md
->hash_size
;
306 * Do the whole EVP_MD_CTX_create(), EVP_DigestInit_ex(),
307 * EVP_DigestUpdate(), EVP_DigestFinal_ex(), EVP_MD_CTX_destroy()
310 * @param data the data to update the context with
311 * @param dsize length of data
312 * @param hash output data of at least EVP_MD_size() length.
313 * @param hsize output length of hash.
314 * @param md message digest to use
315 * @param engine engine to use, NULL for default engine.
317 * @return 1 on success.
319 * @ingroup hcrypto_evp
323 EVP_Digest(const void *data
, size_t dsize
, void *hash
, unsigned int *hsize
,
324 const EVP_MD
*md
, ENGINE
*engine
)
329 ctx
= EVP_MD_CTX_create();
332 ret
= EVP_DigestInit_ex(ctx
, md
, engine
);
334 EVP_MD_CTX_destroy(ctx
);
337 ret
= EVP_DigestUpdate(ctx
, data
, dsize
);
339 EVP_MD_CTX_destroy(ctx
);
342 ret
= EVP_DigestFinal_ex(ctx
, hash
, hsize
);
343 EVP_MD_CTX_destroy(ctx
);
348 * The message digest SHA256
350 * @return the message digest type.
352 * @ingroup hcrypto_evp
358 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, sha256
);
362 * The message digest SHA1
364 * @return the message digest type.
366 * @ingroup hcrypto_evp
372 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, sha1
);
376 * The message digest SHA1
378 * @return the message digest type.
380 * @ingroup hcrypto_evp
384 EVP_sha(void) HC_DEPRECATED
391 * The message digest MD5
393 * @return the message digest type.
395 * @ingroup hcrypto_evp
399 EVP_md5(void) HC_DEPRECATED_CRYPTO
401 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, md5
);
405 * The message digest MD4
407 * @return the message digest type.
409 * @ingroup hcrypto_evp
413 EVP_md4(void) HC_DEPRECATED_CRYPTO
415 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, md4
);
419 * The message digest MD2
421 * @return the message digest type.
423 * @ingroup hcrypto_evp
427 EVP_md2(void) HC_DEPRECATED_CRYPTO
429 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, md2
);
441 null_Update (void *m
, const void * data
, size_t size
)
445 null_Final(void *res
, void *m
)
450 * The null message digest
452 * @return the message digest type.
454 * @ingroup hcrypto_evp
460 static const struct hc_evp_md null
= {
464 (hc_evp_md_init
)null_Init
,
465 (hc_evp_md_update
)null_Update
,
466 (hc_evp_md_final
)null_Final
,
473 * Return the block size of the cipher.
475 * @param c cipher to get the block size from.
477 * @return the block size of the cipher.
479 * @ingroup hcrypto_evp
483 EVP_CIPHER_block_size(const EVP_CIPHER
*c
)
485 return c
->block_size
;
489 * Return the key size of the cipher.
491 * @param c cipher to get the key size from.
493 * @return the key size of the cipher.
495 * @ingroup hcrypto_evp
499 EVP_CIPHER_key_length(const EVP_CIPHER
*c
)
505 * Return the IV size of the cipher.
507 * @param c cipher to get the IV size from.
509 * @return the IV size of the cipher.
511 * @ingroup hcrypto_evp
515 EVP_CIPHER_iv_length(const EVP_CIPHER
*c
)
521 * Initiate a EVP_CIPHER_CTX context. Clean up with
522 * EVP_CIPHER_CTX_cleanup().
524 * @param c the cipher initiate.
526 * @ingroup hcrypto_evp
530 EVP_CIPHER_CTX_init(EVP_CIPHER_CTX
*c
)
532 memset(c
, 0, sizeof(*c
));
536 * Clean up the EVP_CIPHER_CTX context.
538 * @param c the cipher to clean up.
540 * @return 1 on success.
542 * @ingroup hcrypto_evp
546 EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX
*c
)
548 if (c
->cipher
&& c
->cipher
->cleanup
)
549 c
->cipher
->cleanup(c
);
550 if (c
->cipher_data
) {
551 memset(c
->cipher_data
, 0, c
->cipher
->ctx_size
);
552 free(c
->cipher_data
);
553 c
->cipher_data
= NULL
;
559 * If the cipher type supports it, change the key length
561 * @param c the cipher context to change the key length for
562 * @param length new key length
564 * @return 1 on success.
566 * @ingroup hcrypto_evp
570 EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX
*c
, int length
)
572 if ((c
->cipher
->flags
& EVP_CIPH_VARIABLE_LENGTH
) && length
> 0) {
581 EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX
*c
, int pad
)
588 * Return the EVP_CIPHER for a EVP_CIPHER_CTX context.
590 * @param ctx the context to get the cipher type from.
592 * @return the EVP_CIPHER pointer.
594 * @ingroup hcrypto_evp
598 EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX
*ctx
)
604 * Return the block size of the cipher context.
606 * @param ctx cipher context to get the block size from.
608 * @return the block size of the cipher context.
610 * @ingroup hcrypto_evp
614 EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX
*ctx
)
616 return EVP_CIPHER_block_size(ctx
->cipher
);
620 * Return the key size of the cipher context.
622 * @param ctx cipher context to get the key size from.
624 * @return the key size of the cipher context.
626 * @ingroup hcrypto_evp
630 EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX
*ctx
)
632 return EVP_CIPHER_key_length(ctx
->cipher
);
636 * Return the IV size of the cipher context.
638 * @param ctx cipher context to get the IV size from.
640 * @return the IV size of the cipher context.
642 * @ingroup hcrypto_evp
646 EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX
*ctx
)
648 return EVP_CIPHER_iv_length(ctx
->cipher
);
652 * Get the flags for an EVP_CIPHER_CTX context.
654 * @param ctx the EVP_CIPHER_CTX to get the flags from
656 * @return the flags for an EVP_CIPHER_CTX.
658 * @ingroup hcrypto_evp
662 EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX
*ctx
)
664 return ctx
->cipher
->flags
;
668 * Get the mode for an EVP_CIPHER_CTX context.
670 * @param ctx the EVP_CIPHER_CTX to get the mode from
672 * @return the mode for an EVP_CIPHER_CTX.
674 * @ingroup hcrypto_evp
678 EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX
*ctx
)
680 return EVP_CIPHER_CTX_flags(ctx
) & EVP_CIPH_MODE
;
684 * Get the app data for an EVP_CIPHER_CTX context.
686 * @param ctx the EVP_CIPHER_CTX to get the app data from
688 * @return the app data for an EVP_CIPHER_CTX.
690 * @ingroup hcrypto_evp
694 EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX
*ctx
)
696 return ctx
->app_data
;
700 * Set the app data for an EVP_CIPHER_CTX context.
702 * @param ctx the EVP_CIPHER_CTX to set the app data for
703 * @param data the app data to set for an EVP_CIPHER_CTX.
705 * @ingroup hcrypto_evp
709 EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX
*ctx
, void *data
)
711 ctx
->app_data
= data
;
715 * Initiate the EVP_CIPHER_CTX context to encrypt or decrypt data.
716 * Clean up with EVP_CIPHER_CTX_cleanup().
718 * @param ctx context to initiate
719 * @param c cipher to use.
720 * @param engine crypto engine to use, NULL to select default.
721 * @param key the crypto key to use, NULL will use the previous value.
722 * @param iv the IV to use, NULL will use the previous value.
723 * @param encp non zero will encrypt, -1 use the previous value.
725 * @return 1 on success.
727 * @ingroup hcrypto_evp
731 EVP_CipherInit_ex(EVP_CIPHER_CTX
*ctx
, const EVP_CIPHER
*c
, ENGINE
*engine
,
732 const void *key
, const void *iv
, int encp
)
739 ctx
->encrypt
= (encp
? 1 : 0);
741 if (c
&& (c
!= ctx
->cipher
)) {
742 EVP_CIPHER_CTX_cleanup(ctx
);
744 ctx
->key_len
= c
->key_len
;
746 ctx
->cipher_data
= calloc(1, c
->ctx_size
);
747 if (ctx
->cipher_data
== NULL
&& c
->ctx_size
!= 0)
750 /* assume block size is a multiple of 2 */
751 ctx
->block_mask
= EVP_CIPHER_block_size(c
) - 1;
753 } else if (ctx
->cipher
== NULL
) {
754 /* reuse of cipher, but not any cipher ever set! */
758 switch (EVP_CIPHER_CTX_mode(ctx
)) {
759 case EVP_CIPH_CBC_MODE
:
761 assert(EVP_CIPHER_CTX_iv_length(ctx
) <= sizeof(ctx
->iv
));
764 memcpy(ctx
->oiv
, iv
, EVP_CIPHER_CTX_iv_length(ctx
));
765 memcpy(ctx
->iv
, ctx
->oiv
, EVP_CIPHER_CTX_iv_length(ctx
));
768 case EVP_CIPH_STREAM_CIPHER
:
775 if (key
|| (ctx
->cipher
->flags
& EVP_CIPH_ALWAYS_CALL_INIT
))
776 ctx
->cipher
->init(ctx
, key
, iv
, encp
);
782 * Encipher/decipher partial data
784 * @param ctx the cipher context.
785 * @param out output data from the operation.
786 * @param outlen output length
787 * @param in input data to the operation.
788 * @param inlen length of data.
790 * The output buffer length should at least be EVP_CIPHER_block_size()
791 * byte longer then the input length.
793 * See @ref evp_cipher for an example how to use this function.
795 * @return 1 on success.
797 * @ingroup hcrypto_evp
801 EVP_CipherUpdate(EVP_CIPHER_CTX
*ctx
, void *out
, int *outlen
,
802 void *in
, size_t inlen
)
804 int ret
, left
, blocksize
;
809 * If there in no spare bytes in the left from last Update and the
810 * input length is on the block boundery, the EVP_CipherUpdate()
811 * function can take a shortcut (and preformance gain) and
812 * directly encrypt the data, otherwise we hav to fix it up and
813 * store extra it the EVP_CIPHER_CTX.
815 if (ctx
->buf_len
== 0 && (inlen
& ctx
->block_mask
) == 0) {
816 ret
= (*ctx
->cipher
->do_cipher
)(ctx
, out
, in
, inlen
);
825 blocksize
= EVP_CIPHER_CTX_block_size(ctx
);
826 left
= blocksize
- ctx
->buf_len
;
831 /* if total buffer is smaller then input, store locally */
833 memcpy(ctx
->buf
+ ctx
->buf_len
, in
, inlen
);
834 ctx
->buf_len
+= inlen
;
838 /* fill in local buffer and encrypt */
839 memcpy(ctx
->buf
+ ctx
->buf_len
, in
, left
);
840 ret
= (*ctx
->cipher
->do_cipher
)(ctx
, out
, ctx
->buf
, blocksize
);
841 memset(ctx
->buf
, 0, blocksize
);
845 *outlen
+= blocksize
;
847 in
= ((unsigned char *)in
) + left
;
848 out
= ((unsigned char *)out
) + blocksize
;
853 ctx
->buf_len
= (inlen
& ctx
->block_mask
);
854 inlen
&= ~ctx
->block_mask
;
856 ret
= (*ctx
->cipher
->do_cipher
)(ctx
, out
, in
, inlen
);
862 in
= ((unsigned char *)in
) + inlen
;
863 memcpy(ctx
->buf
, in
, ctx
->buf_len
);
870 * Encipher/decipher final data
872 * @param ctx the cipher context.
873 * @param out output data from the operation.
874 * @param outlen output length
876 * The input length needs to be at least EVP_CIPHER_block_size() bytes
879 * See @ref evp_cipher for an example how to use this function.
881 * @return 1 on success.
883 * @ingroup hcrypto_evp
887 EVP_CipherFinal_ex(EVP_CIPHER_CTX
*ctx
, void *out
, int *outlen
)
892 int ret
, left
, blocksize
;
894 blocksize
= EVP_CIPHER_CTX_block_size(ctx
);
896 left
= blocksize
- ctx
->buf_len
;
899 /* zero fill local buffer */
900 memset(ctx
->buf
+ ctx
->buf_len
, 0, left
);
901 ret
= (*ctx
->cipher
->do_cipher
)(ctx
, out
, ctx
->buf
, blocksize
);
902 memset(ctx
->buf
, 0, blocksize
);
906 *outlen
+= blocksize
;
913 * Encipher/decipher data
915 * @param ctx the cipher context.
916 * @param out out data from the operation.
917 * @param in in data to the operation.
918 * @param size length of data.
920 * @return 1 on success.
924 EVP_Cipher(EVP_CIPHER_CTX
*ctx
, void *out
, const void *in
,size_t size
)
926 return ctx
->cipher
->do_cipher(ctx
, out
, in
, size
);
934 enc_null_init(EVP_CIPHER_CTX
*ctx
,
935 const unsigned char * key
,
936 const unsigned char * iv
,
943 enc_null_do_cipher(EVP_CIPHER_CTX
*ctx
,
945 const unsigned char *in
,
948 memmove(out
, in
, size
);
953 enc_null_cleanup(EVP_CIPHER_CTX
*ctx
)
959 * The NULL cipher type, does no encryption/decryption.
961 * @return the null EVP_CIPHER pointer.
963 * @ingroup hcrypto_evp
969 static const EVP_CIPHER enc_null
= {
988 * The RC2 cipher type
990 * @return the RC2 EVP_CIPHER pointer.
992 * @ingroup hcrypto_evp
998 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, rc2_cbc
);
1002 * The RC2 cipher type
1004 * @return the RC2 EVP_CIPHER pointer.
1006 * @ingroup hcrypto_evp
1010 EVP_rc2_40_cbc(void)
1012 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, rc2_40_cbc
);
1016 * The RC2 cipher type
1018 * @return the RC2 EVP_CIPHER pointer.
1020 * @ingroup hcrypto_evp
1024 EVP_rc2_64_cbc(void)
1026 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, rc2_64_cbc
);
1030 * The RC4 cipher type
1032 * @return the RC4 EVP_CIPHER pointer.
1034 * @ingroup hcrypto_evp
1040 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, rc4
);
1044 * The RC4-40 cipher type
1046 * @return the RC4-40 EVP_CIPHER pointer.
1048 * @ingroup hcrypto_evp
1054 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, rc4_40
);
1058 * The DES cipher type
1060 * @return the DES-CBC EVP_CIPHER pointer.
1062 * @ingroup hcrypto_evp
1068 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, des_cbc
);
1072 * The tripple DES cipher type
1074 * @return the DES-EDE3-CBC EVP_CIPHER pointer.
1076 * @ingroup hcrypto_evp
1080 EVP_des_ede3_cbc(void)
1082 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, des_ede3_cbc
);
1086 * The AES-128 cipher type
1088 * @return the AES-128 EVP_CIPHER pointer.
1090 * @ingroup hcrypto_evp
1094 EVP_aes_128_cbc(void)
1096 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, aes_128_cbc
);
1100 * The AES-192 cipher type
1102 * @return the AES-192 EVP_CIPHER pointer.
1104 * @ingroup hcrypto_evp
1108 EVP_aes_192_cbc(void)
1110 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, aes_192_cbc
);
1114 * The AES-256 cipher type
1116 * @return the AES-256 EVP_CIPHER pointer.
1118 * @ingroup hcrypto_evp
1122 EVP_aes_256_cbc(void)
1124 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, aes_256_cbc
);
1128 * The Camellia-128 cipher type
1130 * @return the Camellia-128 EVP_CIPHER pointer.
1132 * @ingroup hcrypto_evp
1136 EVP_camellia_128_cbc(void)
1138 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, camellia_128_cbc
);
1142 * The Camellia-198 cipher type
1144 * @return the Camellia-198 EVP_CIPHER pointer.
1146 * @ingroup hcrypto_evp
1150 EVP_camellia_192_cbc(void)
1152 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, camellia_192_cbc
);
1156 * The Camellia-256 cipher type
1158 * @return the Camellia-256 EVP_CIPHER pointer.
1160 * @ingroup hcrypto_evp
1164 EVP_camellia_256_cbc(void)
1166 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER
, camellia_256_cbc
);
1173 static const struct cipher_name
{
1175 const EVP_CIPHER
*(*func
)(void);
1177 { "des-ede3-cbc", EVP_des_ede3_cbc
},
1178 { "aes-128-cbc", EVP_aes_128_cbc
},
1179 { "aes-192-cbc", EVP_aes_192_cbc
},
1180 { "aes-256-cbc", EVP_aes_256_cbc
},
1181 { "camellia-128-cbc", EVP_camellia_128_cbc
},
1182 { "camellia-192-cbc", EVP_camellia_192_cbc
},
1183 { "camellia-256-cbc", EVP_camellia_256_cbc
}
1187 * Get the cipher type using their name.
1189 * @param name the name of the cipher.
1191 * @return the selected EVP_CIPHER pointer or NULL if not found.
1193 * @ingroup hcrypto_evp
1197 EVP_get_cipherbyname(const char *name
)
1200 for (i
= 0; i
< sizeof(cipher_name
)/sizeof(cipher_name
[0]); i
++) {
1201 if (strcasecmp(cipher_name
[i
].name
, name
) == 0)
1202 return (*cipher_name
[i
].func
)();
1213 #define min(a,b) (((a)>(b))?(b):(a))
1217 * Provides a legancy string to key function, used in PEM files.
1219 * New protocols should use new string to key functions like NIST
1220 * SP56-800A or PKCS#5 v2.0 (see PKCS5_PBKDF2_HMAC_SHA1()).
1222 * @param type type of cipher to use
1223 * @param md message digest to use
1224 * @param salt salt salt string, should be an binary 8 byte buffer.
1225 * @param data the password/input key string.
1226 * @param datalen length of data parameter.
1227 * @param count iteration counter.
1228 * @param keydata output keydata, needs to of the size EVP_CIPHER_key_length().
1229 * @param ivdata output ivdata, needs to of the size EVP_CIPHER_block_size().
1231 * @return the size of derived key.
1233 * @ingroup hcrypto_evp
1237 EVP_BytesToKey(const EVP_CIPHER
*type
,
1240 const void *data
, size_t datalen
,
1245 int ivlen
, keylen
, first
= 0;
1246 unsigned int mds
= 0, i
;
1247 unsigned char *key
= keydata
;
1248 unsigned char *iv
= ivdata
;
1252 keylen
= EVP_CIPHER_key_length(type
);
1253 ivlen
= EVP_CIPHER_iv_length(type
);
1258 buf
= malloc(EVP_MD_size(md
));
1262 EVP_MD_CTX_init(&c
);
1266 EVP_DigestInit_ex(&c
, md
, NULL
);
1268 EVP_DigestUpdate(&c
, buf
, mds
);
1270 EVP_DigestUpdate(&c
,data
,datalen
);
1272 #define PKCS5_SALT_LEN 8
1275 EVP_DigestUpdate(&c
, salt
, PKCS5_SALT_LEN
);
1277 EVP_DigestFinal_ex(&c
, buf
, &mds
);
1278 assert(mds
== EVP_MD_size(md
));
1280 for (i
= 1; i
< count
; i
++) {
1281 EVP_DigestInit_ex(&c
, md
, NULL
);
1282 EVP_DigestUpdate(&c
, buf
, mds
);
1283 EVP_DigestFinal_ex(&c
, buf
, &mds
);
1284 assert(mds
== EVP_MD_size(md
));
1289 size_t sz
= min(keylen
, mds
);
1291 memcpy(key
, buf
, sz
);
1297 if (ivlen
&& mds
> i
) {
1298 size_t sz
= min(ivlen
, (mds
- i
));
1300 memcpy(iv
, &buf
[i
], sz
);
1305 if (keylen
== 0 && ivlen
== 0)
1309 EVP_MD_CTX_cleanup(&c
);
1312 return EVP_CIPHER_key_length(type
);
1316 * Generate a random key for the specificed EVP_CIPHER.
1318 * @param ctx EVP_CIPHER_CTX type to build the key for.
1319 * @param key return key, must be at least EVP_CIPHER_key_length() byte long.
1321 * @return 1 for success, 0 for failure.
1323 * @ingroup hcrypto_core
1327 EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX
*ctx
, void *key
)
1329 if (ctx
->cipher
->flags
& EVP_CIPH_RAND_KEY
)
1330 return EVP_CIPHER_CTX_ctrl(ctx
, EVP_CTRL_RAND_KEY
, 0, key
);
1331 if (RAND_bytes(key
, ctx
->key_len
) != 1)
1337 * Perform a operation on a ctx
1339 * @param ctx context to perform operation on.
1340 * @param type type of operation.
1341 * @param arg argument to operation.
1342 * @param data addition data to operation.
1344 * @return 1 for success, 0 for failure.
1346 * @ingroup hcrypto_core
1350 EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX
*ctx
, int type
, int arg
, void *data
)
1352 if (ctx
->cipher
== NULL
|| ctx
->cipher
->ctrl
== NULL
)
1354 return (*ctx
->cipher
->ctrl
)(ctx
, type
, arg
, data
);
1358 * Add all algorithms to the crypto core.
1360 * @ingroup hcrypto_core
1364 OpenSSL_add_all_algorithms(void)
1370 * Add all algorithms to the crypto core using configuration file.
1372 * @ingroup hcrypto_core
1376 OpenSSL_add_all_algorithms_conf(void)
1382 * Add all algorithms to the crypto core, but don't use the
1383 * configuration file.
1385 * @ingroup hcrypto_core
1389 OpenSSL_add_all_algorithms_noconf(void)