2 * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
40 #include <sys/types.h>
48 #include <krb5-types.h>
61 * @page page_evp EVP - generic crypto interface
63 * See the library functions here: @ref hcrypto_evp
67 typedef int (*evp_md_init
)(EVP_MD_CTX
*);
68 typedef int (*evp_md_update
)(EVP_MD_CTX
*,const void *, size_t);
69 typedef int (*evp_md_final
)(void *, EVP_MD_CTX
*);
70 typedef int (*evp_md_cleanup
)(EVP_MD_CTX
*);
79 evp_md_cleanup cleanup
;
83 * Return the output size of the message digest function.
85 * @param md the evp message
87 * @return size output size of the message digest function.
89 * @ingroup hcrypto_evp
93 EVP_MD_size(const EVP_MD
*md
)
99 * Return the blocksize of the message digest function.
101 * @param md the evp message
103 * @return size size of the message digest block size
105 * @ingroup hcrypto_evp
109 EVP_MD_block_size(const EVP_MD
*md
)
111 return md
->block_size
;
115 * Allocate a messsage digest context object. Free with
116 * EVP_MD_CTX_destroy().
118 * @return a newly allocated message digest context object.
120 * @ingroup hcrypto_evp
124 EVP_MD_CTX_create(void)
126 return calloc(1, sizeof(EVP_MD_CTX
));
130 * Initiate a messsage digest context object. Deallocate with
131 * EVP_MD_CTX_cleanup(). Please use EVP_MD_CTX_create() instead.
133 * @param ctx variable to initiate.
135 * @ingroup hcrypto_evp
139 EVP_MD_CTX_init(EVP_MD_CTX
*ctx
)
141 memset(ctx
, 0, sizeof(*ctx
));
145 * Free a messsage digest context object.
147 * @param ctx context to free.
149 * @ingroup hcrypto_evp
153 EVP_MD_CTX_destroy(EVP_MD_CTX
*ctx
)
155 EVP_MD_CTX_cleanup(ctx
);
160 * Free the resources used by the EVP_MD context.
162 * @param ctx the context to free the resources from.
164 * @return 1 on success.
166 * @ingroup hcrypto_evp
170 EVP_MD_CTX_cleanup(EVP_MD_CTX
*ctx
)
172 if (ctx
->md
&& ctx
->md
->cleanup
)
173 (ctx
->md
->cleanup
)(ctx
);
177 memset(ctx
, 0, sizeof(*ctx
));
182 * Get the EVP_MD use for a specified context.
184 * @param ctx the EVP_MD context to get the EVP_MD for.
186 * @return the EVP_MD used for the context.
188 * @ingroup hcrypto_evp
192 EVP_MD_CTX_md(EVP_MD_CTX
*ctx
)
198 * Return the output size of the message digest function.
200 * @param ctx the evp message digest context
202 * @return size output size of the message digest function.
204 * @ingroup hcrypto_evp
208 EVP_MD_CTX_size(EVP_MD_CTX
*ctx
)
210 return EVP_MD_size(ctx
->md
);
214 * Return the blocksize of the message digest function.
216 * @param ctx the evp message digest context
218 * @return size size of the message digest block size
220 * @ingroup hcrypto_evp
224 EVP_MD_CTX_block_size(EVP_MD_CTX
*ctx
)
226 return EVP_MD_block_size(ctx
->md
);
230 * Init a EVP_MD_CTX for use a specific message digest and engine.
232 * @param ctx the message digest context to init.
233 * @param md the message digest to use.
234 * @param engine the engine to use, NULL to use the default engine.
236 * @return 1 on success.
238 * @ingroup hcrypto_evp
242 EVP_DigestInit_ex(EVP_MD_CTX
*ctx
, const EVP_MD
*md
, ENGINE
*engine
)
244 if (ctx
->md
!= md
|| ctx
->engine
!= engine
) {
245 EVP_MD_CTX_cleanup(ctx
);
247 ctx
->engine
= engine
;
249 ctx
->ptr
= calloc(1, md
->ctx_size
);
250 if (ctx
->ptr
== NULL
)
253 (ctx
->md
->init
)(ctx
->ptr
);
258 EVP_DigestUpdate(EVP_MD_CTX
*ctx
, const void *data
, size_t size
)
260 (ctx
->md
->update
)(ctx
->ptr
, data
, size
);
265 EVP_DigestFinal_ex(EVP_MD_CTX
*ctx
, void *hash
, unsigned int *size
)
267 (ctx
->md
->final
)(hash
, ctx
->ptr
);
269 *size
= ctx
->md
->hash_size
;
274 EVP_Digest(const void *data
, size_t dsize
, void *hash
, unsigned int *hsize
,
275 const EVP_MD
*md
, ENGINE
*engine
)
280 ctx
= EVP_MD_CTX_create();
283 ret
= EVP_DigestInit_ex(ctx
, md
, engine
);
286 ret
= EVP_DigestUpdate(ctx
, data
, dsize
);
289 ret
= EVP_DigestFinal_ex(ctx
, hash
, hsize
);
292 EVP_MD_CTX_destroy(ctx
);
303 static const struct hc_evp_md sha256
= {
307 (evp_md_init
)SHA256_Init
,
308 (evp_md_update
)SHA256_Update
,
309 (evp_md_final
)SHA256_Final
,
315 static const struct hc_evp_md sha1
= {
319 (evp_md_init
)SHA1_Init
,
320 (evp_md_update
)SHA1_Update
,
321 (evp_md_final
)SHA1_Final
,
340 static const struct hc_evp_md md5
= {
344 (evp_md_init
)MD5_Init
,
345 (evp_md_update
)MD5_Update
,
346 (evp_md_final
)MD5_Final
,
355 static const struct hc_evp_md md4
= {
359 (evp_md_init
)MD4_Init
,
360 (evp_md_update
)MD4_Update
,
361 (evp_md_final
)MD4_Final
,
370 static const struct hc_evp_md md2
= {
374 (evp_md_init
)MD2_Init
,
375 (evp_md_update
)MD2_Update
,
376 (evp_md_final
)MD2_Final
,
391 null_Update (void *m
, const void * data
, size_t size
)
395 null_Final(void *res
, struct md5
*m
)
402 static const struct hc_evp_md null
= {
406 (evp_md_init
)null_Init
,
407 (evp_md_update
)null_Update
,
408 (evp_md_final
)null_Final
,
415 void EVP_MD_CTX_init(EVP_MD_CTX
*ctx
);
416 int EVP_DigestInit(EVP_MD_CTX
*ctx
, const EVP_MD
*type
);
417 int EVP_DigestFinal(EVP_MD_CTX
*ctx
,unsigned char *md
,unsigned int *s
);
418 int EVP_SignFinal(EVP_MD_CTX
*, void *, size_t *, EVP_PKEY
*);
419 int EVP_VerifyFinal(EVP_MD_CTX
*, const void *, size_t, EVP_PKEY
*);
427 EVP_CIPHER_block_size(const EVP_CIPHER
*c
)
429 return c
->block_size
;
433 EVP_CIPHER_key_length(const EVP_CIPHER
*c
)
439 EVP_CIPHER_iv_length(const EVP_CIPHER
*c
)
445 EVP_CIPHER_CTX_init(EVP_CIPHER_CTX
*c
)
447 memset(c
, 0, sizeof(*c
));
451 EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX
*c
)
453 if (c
->cipher
&& c
->cipher
->cleanup
)
454 c
->cipher
->cleanup(c
);
455 if (c
->cipher_data
) {
456 free(c
->cipher_data
);
457 c
->cipher_data
= NULL
;
464 EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX
*c
, int length
)
470 EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX
*c
, int pad
)
477 EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX
*ctx
)
483 EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX
*ctx
)
485 return EVP_CIPHER_block_size(ctx
->cipher
);
489 EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX
*ctx
)
491 return EVP_CIPHER_key_length(ctx
->cipher
);
495 EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX
*ctx
)
497 return EVP_CIPHER_iv_length(ctx
->cipher
);
501 EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX
*ctx
)
503 return ctx
->cipher
->flags
;
507 EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX
*ctx
)
509 return EVP_CIPHER_CTX_flags(ctx
) & EVP_CIPH_MODE
;
513 EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX
*ctx
)
515 return ctx
->app_data
;
519 EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX
*ctx
, void *data
)
521 ctx
->app_data
= data
;
525 EVP_CipherInit_ex(EVP_CIPHER_CTX
*ctx
, const EVP_CIPHER
*c
, ENGINE
*engine
,
526 const void *key
, const void *iv
, int encp
)
531 ctx
->encrypt
= (encp
? 1 : 0);
533 if (c
&& (c
!= ctx
->cipher
)) {
534 EVP_CIPHER_CTX_cleanup(ctx
);
536 ctx
->key_len
= c
->key_len
;
538 ctx
->cipher_data
= malloc(c
->ctx_size
);
539 if (ctx
->cipher_data
== NULL
&& c
->ctx_size
!= 0)
542 } else if (ctx
->cipher
== NULL
) {
543 /* reuse of cipher, but not any cipher ever set! */
547 switch (EVP_CIPHER_CTX_flags(ctx
)) {
548 case EVP_CIPH_CBC_MODE
:
550 assert(EVP_CIPHER_CTX_iv_length(ctx
) <= sizeof(ctx
->iv
));
553 memcpy(ctx
->oiv
, iv
, EVP_CIPHER_CTX_iv_length(ctx
));
554 memcpy(ctx
->iv
, ctx
->oiv
, EVP_CIPHER_CTX_iv_length(ctx
));
560 if (key
|| (ctx
->cipher
->flags
& EVP_CIPH_ALWAYS_CALL_INIT
))
561 ctx
->cipher
->init(ctx
, key
, iv
, encp
);
567 EVP_Cipher(EVP_CIPHER_CTX
*ctx
, void *out
, const void *in
,size_t size
)
569 return ctx
->cipher
->do_cipher(ctx
, out
, in
, size
);
577 enc_null_init(EVP_CIPHER_CTX
*ctx
,
578 const unsigned char * key
,
579 const unsigned char * iv
,
586 enc_null_do_cipher(EVP_CIPHER_CTX
*ctx
,
588 const unsigned char *in
,
591 memmove(out
, in
, size
);
596 enc_null_cleanup(EVP_CIPHER_CTX
*ctx
)
604 static const EVP_CIPHER enc_null
= {
627 unsigned int maximum_effective_key
;
632 rc2_init(EVP_CIPHER_CTX
*ctx
,
633 const unsigned char * key
,
634 const unsigned char * iv
,
637 struct rc2_cbc
*k
= ctx
->cipher_data
;
638 k
->maximum_effective_key
= EVP_CIPHER_CTX_key_length(ctx
) * 8;
640 EVP_CIPHER_CTX_key_length(ctx
),
642 k
->maximum_effective_key
);
647 rc2_do_cipher(EVP_CIPHER_CTX
*ctx
,
649 const unsigned char *in
,
652 struct rc2_cbc
*k
= ctx
->cipher_data
;
653 RC2_cbc_encrypt(in
, out
, size
, &k
->key
, ctx
->iv
, ctx
->encrypt
);
658 rc2_cleanup(EVP_CIPHER_CTX
*ctx
)
660 memset(ctx
->cipher_data
, 0, sizeof(struct rc2_cbc
));
668 static const EVP_CIPHER rc2_cbc
= {
677 sizeof(struct rc2_cbc
),
689 static const EVP_CIPHER rc2_40_cbc
= {
698 sizeof(struct rc2_cbc
),
710 static const EVP_CIPHER rc2_64_cbc
= {
719 sizeof(struct rc2_cbc
),
743 printf("evp rc4_40\n");
752 struct des_ede3_cbc
{
753 DES_key_schedule ks
[3];
757 des_ede3_cbc_init(EVP_CIPHER_CTX
*ctx
,
758 const unsigned char * key
,
759 const unsigned char * iv
,
762 struct des_ede3_cbc
*k
= ctx
->cipher_data
;
764 DES_key_sched((DES_cblock
*)(key
), &k
->ks
[0]);
765 DES_key_sched((DES_cblock
*)(key
+ 8), &k
->ks
[1]);
766 DES_key_sched((DES_cblock
*)(key
+ 16), &k
->ks
[2]);
772 des_ede3_cbc_do_cipher(EVP_CIPHER_CTX
*ctx
,
774 const unsigned char *in
,
777 struct des_ede3_cbc
*k
= ctx
->cipher_data
;
778 DES_ede3_cbc_encrypt(in
, out
, size
,
779 &k
->ks
[0], &k
->ks
[1], &k
->ks
[2],
780 (DES_cblock
*)ctx
->iv
, ctx
->encrypt
);
785 des_ede3_cbc_cleanup(EVP_CIPHER_CTX
*ctx
)
787 memset(ctx
->cipher_data
, 0, sizeof(struct des_ede3_cbc
));
792 EVP_des_ede3_cbc(void)
794 static const EVP_CIPHER des_ede3_cbc
= {
801 des_ede3_cbc_do_cipher
,
802 des_ede3_cbc_cleanup
,
803 sizeof(struct des_ede3_cbc
),
809 return &des_ede3_cbc
;
817 aes_init(EVP_CIPHER_CTX
*ctx
,
818 const unsigned char * key
,
819 const unsigned char * iv
,
822 AES_KEY
*k
= ctx
->cipher_data
;
824 AES_set_encrypt_key(key
, ctx
->cipher
->key_len
* 8, k
);
826 AES_set_decrypt_key(key
, ctx
->cipher
->key_len
* 8, k
);
831 aes_do_cipher(EVP_CIPHER_CTX
*ctx
,
833 const unsigned char *in
,
836 AES_KEY
*k
= ctx
->cipher_data
;
837 AES_cbc_encrypt(in
, out
, size
, k
, ctx
->iv
, ctx
->encrypt
);
842 aes_cleanup(EVP_CIPHER_CTX
*ctx
)
844 memset(ctx
->cipher_data
, 0, sizeof(AES_KEY
));
849 EVP_aes_128_cbc(void)
851 static const EVP_CIPHER aes_128_cbc
= {
870 EVP_aes_192_cbc(void)
872 static const EVP_CIPHER aes_192_cbc
= {
892 EVP_aes_256_cbc(void)
894 static const EVP_CIPHER aes_256_cbc
= {
913 camellia_init(EVP_CIPHER_CTX
*ctx
,
914 const unsigned char * key
,
915 const unsigned char * iv
,
918 CAMELLIA_KEY
*k
= ctx
->cipher_data
;
919 k
->bits
= ctx
->cipher
->key_len
* 8;
920 CAMELLIA_set_key(key
, ctx
->cipher
->key_len
* 8, k
);
925 camellia_do_cipher(EVP_CIPHER_CTX
*ctx
,
927 const unsigned char *in
,
930 CAMELLIA_KEY
*k
= ctx
->cipher_data
;
931 CAMELLIA_cbc_encrypt(in
, out
, size
, k
, ctx
->iv
, ctx
->encrypt
);
936 camellia_cleanup(EVP_CIPHER_CTX
*ctx
)
938 memset(ctx
->cipher_data
, 0, sizeof(CAMELLIA_KEY
));
943 EVP_camellia_128_cbc(void)
945 static const EVP_CIPHER cipher
= {
954 sizeof(CAMELLIA_KEY
),
964 EVP_camellia_192_cbc(void)
966 static const EVP_CIPHER cipher
= {
975 sizeof(CAMELLIA_KEY
),
985 EVP_camellia_256_cbc(void)
987 static const EVP_CIPHER cipher
= {
996 sizeof(CAMELLIA_KEY
),
1009 static const struct cipher_name
{
1011 const EVP_CIPHER
*(*func
)(void);
1013 { "des-ede3-cbc", EVP_des_ede3_cbc
},
1014 { "aes-128-cbc", EVP_aes_128_cbc
},
1015 { "aes-192-cbc", EVP_aes_192_cbc
},
1016 { "aes-256-cbc", EVP_aes_256_cbc
},
1017 { "camellia-128-cbc", EVP_camellia_128_cbc
},
1018 { "camellia-192-cbc", EVP_camellia_192_cbc
},
1019 { "camellia-256-cbc", EVP_camellia_256_cbc
}
1024 EVP_get_cipherbyname(const char *name
)
1027 for (i
= 0; i
< sizeof(cipher_name
)/sizeof(cipher_name
[0]); i
++) {
1028 if (strcasecmp(cipher_name
[i
].name
, name
) == 0)
1029 return (*cipher_name
[i
].func
)();
1040 #define min(a,b) (((a)>(b))?(b):(a))
1044 EVP_BytesToKey(const EVP_CIPHER
*type
,
1047 const void *data
, size_t datalen
,
1052 int ivlen
, keylen
, first
= 0;
1053 unsigned int mds
= 0, i
;
1054 unsigned char *key
= keydata
;
1055 unsigned char *iv
= ivdata
;
1059 keylen
= EVP_CIPHER_key_length(type
);
1060 ivlen
= EVP_CIPHER_iv_length(type
);
1065 buf
= malloc(EVP_MD_size(md
));
1069 EVP_MD_CTX_init(&c
);
1073 EVP_DigestInit_ex(&c
, md
, NULL
);
1075 EVP_DigestUpdate(&c
, buf
, mds
);
1077 EVP_DigestUpdate(&c
,data
,datalen
);
1079 #define PKCS5_SALT_LEN 8
1082 EVP_DigestUpdate(&c
, salt
, PKCS5_SALT_LEN
);
1084 EVP_DigestFinal_ex(&c
, buf
, &mds
);
1085 assert(mds
== EVP_MD_size(md
));
1087 for (i
= 1; i
< count
; i
++) {
1088 EVP_DigestInit_ex(&c
, md
, NULL
);
1089 EVP_DigestUpdate(&c
, buf
, mds
);
1090 EVP_DigestFinal_ex(&c
, buf
, &mds
);
1091 assert(mds
== EVP_MD_size(md
));
1096 size_t sz
= min(keylen
, mds
);
1098 memcpy(key
, buf
, sz
);
1104 if (ivlen
&& mds
> i
) {
1105 size_t sz
= min(ivlen
, (mds
- i
));
1107 memcpy(iv
, &buf
[i
], sz
);
1112 if (keylen
== 0 && ivlen
== 0)
1116 EVP_MD_CTX_cleanup(&c
);
1119 return EVP_CIPHER_key_length(type
);
1127 OpenSSL_add_all_algorithms(void)
1133 OpenSSL_add_all_algorithms_conf(void)
1139 OpenSSL_add_all_algorithms_noconf(void)