search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
clean better
[heimdal.git] / lib / hcrypto / evp.c
blob5946e848d3dd5fb8940fb1b2ffce546c21129972
1 /*
2 * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #ifdef HAVE_CONFIG_H
35 #include <config.h>
36 #endif
37
38 #define HC_DEPRECATED
39 #define HC_DEPRECATED_CRYPTO
40
41 #include <sys/types.h>
42 #include <stdio.h>
43 #include <stdlib.h>
44 #include <string.h>
45 #include <assert.h>
46
47 #include <evp.h>
48 #include <evp-hcrypto.h>
49 #include <evp-cc.h>
50
51 #include <krb5-types.h>
52 #include <roken.h>
53
54 #ifndef HCRYPTO_DEF_PROVIDER
55 #define HCRYPTO_DEF_PROVIDER hcrypto
56 #endif
57
58 #define HC_CONCAT4(x,y,z,aa) x ## y ## z ## aa
59
60
61 #define EVP_DEF_OP(_prov,_op) HC_CONCAT4(EVP_,_prov,_,_op)()
62
63 /**
64 * @page page_evp EVP - generic crypto interface
65 *
66 * See the library functions here: @ref hcrypto_evp
67 *
68 * @section evp_cipher EVP Cipher
69 *
70 * The use of EVP_CipherInit_ex() and EVP_Cipher() is pretty easy to
71 * understand forward, then EVP_CipherUpdate() and
72 * EVP_CipherFinal_ex() really needs an example to explain @ref
73 * example_evp_cipher.c .
74 *
75 * @example example_evp_cipher.c
76 *
77 * This is an example how to use EVP_CipherInit_ex(),
78 * EVP_CipherUpdate() and EVP_CipherFinal_ex().
79 */
80
81 struct hc_EVP_MD_CTX {
82 const EVP_MD *md;
83 ENGINE *engine;
84 void *ptr;
85 };
86
87
88 /**
89 * Return the output size of the message digest function.
90 *
91 * @param md the evp message
92 *
93 * @return size output size of the message digest function.
94 *
95 * @ingroup hcrypto_evp
96 */
97
98 size_t
99 EVP_MD_size(const EVP_MD *md)
100 {
101 return md->hash_size;
102 }
103
104 /**
105 * Return the blocksize of the message digest function.
106 *
107 * @param md the evp message
108 *
109 * @return size size of the message digest block size
110 *
111 * @ingroup hcrypto_evp
112 */
113
114 size_t
115 EVP_MD_block_size(const EVP_MD *md)
116 {
117 return md->block_size;
118 }
119
120 /**
121 * Allocate a messsage digest context object. Free with
122 * EVP_MD_CTX_destroy().
123 *
124 * @return a newly allocated message digest context object.
125 *
126 * @ingroup hcrypto_evp
127 */
128
129 EVP_MD_CTX *
130 EVP_MD_CTX_create(void)
131 {
132 return calloc(1, sizeof(EVP_MD_CTX));
133 }
134
135 /**
136 * Initiate a messsage digest context object. Deallocate with
137 * EVP_MD_CTX_cleanup(). Please use EVP_MD_CTX_create() instead.
138 *
139 * @param ctx variable to initiate.
140 *
141 * @ingroup hcrypto_evp
142 */
143
144 void
145 EVP_MD_CTX_init(EVP_MD_CTX *ctx) HC_DEPRECATED
146 {
147 memset(ctx, 0, sizeof(*ctx));
148 }
149
150 /**
151 * Free a messsage digest context object.
152 *
153 * @param ctx context to free.
154 *
155 * @ingroup hcrypto_evp
156 */
157
158 void
159 EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
160 {
161 EVP_MD_CTX_cleanup(ctx);
162 free(ctx);
163 }
164
165 /**
166 * Free the resources used by the EVP_MD context.
167 *
168 * @param ctx the context to free the resources from.
169 *
170 * @return 1 on success.
171 *
172 * @ingroup hcrypto_evp
173 */
174
175 int
176 EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) HC_DEPRECATED
177 {
178 if (ctx->md && ctx->md->cleanup)
179 (ctx->md->cleanup)(ctx);
180 else if (ctx->md)
181 memset(ctx->ptr, 0, ctx->md->ctx_size);
182 ctx->md = NULL;
183 ctx->engine = NULL;
184 free(ctx->ptr);
185 memset(ctx, 0, sizeof(*ctx));
186 return 1;
187 }
188
189 /**
190 * Get the EVP_MD use for a specified context.
191 *
192 * @param ctx the EVP_MD context to get the EVP_MD for.
193 *
194 * @return the EVP_MD used for the context.
195 *
196 * @ingroup hcrypto_evp
197 */
198
199 const EVP_MD *
200 EVP_MD_CTX_md(EVP_MD_CTX *ctx)
201 {
202 return ctx->md;
203 }
204
205 /**
206 * Return the output size of the message digest function.
207 *
208 * @param ctx the evp message digest context
209 *
210 * @return size output size of the message digest function.
211 *
212 * @ingroup hcrypto_evp
213 */
214
215 size_t
216 EVP_MD_CTX_size(EVP_MD_CTX *ctx)
217 {
218 return EVP_MD_size(ctx->md);
219 }
220
221 /**
222 * Return the blocksize of the message digest function.
223 *
224 * @param ctx the evp message digest context
225 *
226 * @return size size of the message digest block size
227 *
228 * @ingroup hcrypto_evp
229 */
230
231 size_t
232 EVP_MD_CTX_block_size(EVP_MD_CTX *ctx)
233 {
234 return EVP_MD_block_size(ctx->md);
235 }
236
237 /**
238 * Init a EVP_MD_CTX for use a specific message digest and engine.
239 *
240 * @param ctx the message digest context to init.
241 * @param md the message digest to use.
242 * @param engine the engine to use, NULL to use the default engine.
243 *
244 * @return 1 on success.
245 *
246 * @ingroup hcrypto_evp
247 */
248
249 int
250 EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *md, ENGINE *engine)
251 {
252 if (ctx->md != md || ctx->engine != engine) {
253 EVP_MD_CTX_cleanup(ctx);
254 ctx->md = md;
255 ctx->engine = engine;
256
257 ctx->ptr = calloc(1, md->ctx_size);
258 if (ctx->ptr == NULL)
259 return 0;
260 }
261 (ctx->md->init)(ctx->ptr);
262 return 1;
263 }
264
265 /**
266 * Update the digest with some data.
267 *
268 * @param ctx the context to update
269 * @param data the data to update the context with
270 * @param size length of data
271 *
272 * @return 1 on success.
273 *
274 * @ingroup hcrypto_evp
275 */
276
277 int
278 EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t size)
279 {
280 (ctx->md->update)(ctx->ptr, data, size);
281 return 1;
282 }
283
284 /**
285 * Complete the message digest.
286 *
287 * @param ctx the context to complete.
288 * @param hash the output of the message digest function. At least
289 * EVP_MD_size().
290 * @param size the output size of hash.
291 *
292 * @return 1 on success.
293 *
294 * @ingroup hcrypto_evp
295 */
296
297 int
298 EVP_DigestFinal_ex(EVP_MD_CTX *ctx, void *hash, unsigned int *size)
299 {
300 (ctx->md->final)(hash, ctx->ptr);
301 if (size)
302 *size = ctx->md->hash_size;
303 return 1;
304 }
305
306 /**
307 * Do the whole EVP_MD_CTX_create(), EVP_DigestInit_ex(),
308 * EVP_DigestUpdate(), EVP_DigestFinal_ex(), EVP_MD_CTX_destroy()
309 * dance in one call.
310 *
311 * @param data the data to update the context with
312 * @param dsize length of data
313 * @param hash output data of at least EVP_MD_size() length.
314 * @param hsize output length of hash.
315 * @param md message digest to use
316 * @param engine engine to use, NULL for default engine.
317 *
318 * @return 1 on success.
319 *
320 * @ingroup hcrypto_evp
321 */
322
323 int
324 EVP_Digest(const void *data, size_t dsize, void *hash, unsigned int *hsize,
325 const EVP_MD *md, ENGINE *engine)
326 {
327 EVP_MD_CTX *ctx;
328 int ret;
329
330 ctx = EVP_MD_CTX_create();
331 if (ctx == NULL)
332 return 0;
333 ret = EVP_DigestInit_ex(ctx, md, engine);
334 if (ret != 1) {
335 EVP_MD_CTX_destroy(ctx);
336 return ret;
337 }
338 ret = EVP_DigestUpdate(ctx, data, dsize);
339 if (ret != 1) {
340 EVP_MD_CTX_destroy(ctx);
341 return ret;
342 }
343 ret = EVP_DigestFinal_ex(ctx, hash, hsize);
344 EVP_MD_CTX_destroy(ctx);
345 return ret;
346 }
347
348 /**
349 * The message digest SHA256
350 *
351 * @return the message digest type.
352 *
353 * @ingroup hcrypto_evp
354 */
355
356 const EVP_MD *
357 EVP_sha256(void)
358 {
359 hcrypto_validate();
360 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha256);
361 }
362
363 /**
364 * The message digest SHA1
365 *
366 * @return the message digest type.
367 *
368 * @ingroup hcrypto_evp
369 */
370
371 const EVP_MD *
372 EVP_sha1(void)
373 {
374 hcrypto_validate();
375 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha1);
376 }
377
378 /**
379 * The message digest SHA1
380 *
381 * @return the message digest type.
382 *
383 * @ingroup hcrypto_evp
384 */
385
386 const EVP_MD *
387 EVP_sha(void) HC_DEPRECATED
388
389 {
390 hcrypto_validate();
391 return EVP_sha1();
392 }
393
394 /**
395 * The message digest MD5
396 *
397 * @return the message digest type.
398 *
399 * @ingroup hcrypto_evp
400 */
401
402 const EVP_MD *
403 EVP_md5(void) HC_DEPRECATED_CRYPTO
404 {
405 hcrypto_validate();
406 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md5);
407 }
408
409 /**
410 * The message digest MD4
411 *
412 * @return the message digest type.
413 *
414 * @ingroup hcrypto_evp
415 */
416
417 const EVP_MD *
418 EVP_md4(void) HC_DEPRECATED_CRYPTO
419 {
420 hcrypto_validate();
421 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md4);
422 }
423
424 /**
425 * The message digest MD2
426 *
427 * @return the message digest type.
428 *
429 * @ingroup hcrypto_evp
430 */
431
432 const EVP_MD *
433 EVP_md2(void) HC_DEPRECATED_CRYPTO
434 {
435 hcrypto_validate();
436 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md2);
437 }
438
439 /*
440 *
441 */
442
443 static void
444 null_Init (void *m)
445 {
446 }
447 static void
448 null_Update (void *m, const void * data, size_t size)
449 {
450 }
451 static void
452 null_Final(void *res, void *m)
453 {
454 }
455
456 /**
457 * The null message digest
458 *
459 * @return the message digest type.
460 *
461 * @ingroup hcrypto_evp
462 */
463
464 const EVP_MD *
465 EVP_md_null(void)
466 {
467 static const struct hc_evp_md null = {
468 0,
469 0,
470 0,
471 (hc_evp_md_init)null_Init,
472 (hc_evp_md_update)null_Update,
473 (hc_evp_md_final)null_Final,
474 NULL
475 };
476 return &null;
477 }
478
479 /**
480 * Return the block size of the cipher.
481 *
482 * @param c cipher to get the block size from.
483 *
484 * @return the block size of the cipher.
485 *
486 * @ingroup hcrypto_evp
487 */
488
489 size_t
490 EVP_CIPHER_block_size(const EVP_CIPHER *c)
491 {
492 return c->block_size;
493 }
494
495 /**
496 * Return the key size of the cipher.
497 *
498 * @param c cipher to get the key size from.
499 *
500 * @return the key size of the cipher.
501 *
502 * @ingroup hcrypto_evp
503 */
504
505 size_t
506 EVP_CIPHER_key_length(const EVP_CIPHER *c)
507 {
508 return c->key_len;
509 }
510
511 /**
512 * Return the IV size of the cipher.
513 *
514 * @param c cipher to get the IV size from.
515 *
516 * @return the IV size of the cipher.
517 *
518 * @ingroup hcrypto_evp
519 */
520
521 size_t
522 EVP_CIPHER_iv_length(const EVP_CIPHER *c)
523 {
524 return c->iv_len;
525 }
526
527 /**
528 * Initiate a EVP_CIPHER_CTX context. Clean up with
529 * EVP_CIPHER_CTX_cleanup().
530 *
531 * @param c the cipher initiate.
532 *
533 * @ingroup hcrypto_evp
534 */
535
536 void
537 EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *c)
538 {
539 memset(c, 0, sizeof(*c));
540 }
541
542 /**
543 * Clean up the EVP_CIPHER_CTX context.
544 *
545 * @param c the cipher to clean up.
546 *
547 * @return 1 on success.
548 *
549 * @ingroup hcrypto_evp
550 */
551
552 int
553 EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
554 {
555 if (c->cipher && c->cipher->cleanup)
556 c->cipher->cleanup(c);
557 if (c->cipher_data) {
558 memset(c->cipher_data, 0, c->cipher->ctx_size);
559 free(c->cipher_data);
560 c->cipher_data = NULL;
561 }
562 return 1;
563 }
564
565 /**
566 * If the cipher type supports it, change the key length
567 *
568 * @param c the cipher context to change the key length for
569 * @param length new key length
570 *
571 * @return 1 on success.
572 *
573 * @ingroup hcrypto_evp
574 */
575
576 int
577 EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int length)
578 {
579 if ((c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH) && length > 0) {
580 c->key_len = length;
581 return 1;
582 }
583 return 0;
584 }
585
586 #if 0
587 int
588 EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad)
589 {
590 return 0;
591 }
592 #endif
593
594 /**
595 * Return the EVP_CIPHER for a EVP_CIPHER_CTX context.
596 *
597 * @param ctx the context to get the cipher type from.
598 *
599 * @return the EVP_CIPHER pointer.
600 *
601 * @ingroup hcrypto_evp
602 */
603
604 const EVP_CIPHER *
605 EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX *ctx)
606 {
607 return ctx->cipher;
608 }
609
610 /**
611 * Return the block size of the cipher context.
612 *
613 * @param ctx cipher context to get the block size from.
614 *
615 * @return the block size of the cipher context.
616 *
617 * @ingroup hcrypto_evp
618 */
619
620 size_t
621 EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
622 {
623 return EVP_CIPHER_block_size(ctx->cipher);
624 }
625
626 /**
627 * Return the key size of the cipher context.
628 *
629 * @param ctx cipher context to get the key size from.
630 *
631 * @return the key size of the cipher context.
632 *
633 * @ingroup hcrypto_evp
634 */
635
636 size_t
637 EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
638 {
639 return EVP_CIPHER_key_length(ctx->cipher);
640 }
641
642 /**
643 * Return the IV size of the cipher context.
644 *
645 * @param ctx cipher context to get the IV size from.
646 *
647 * @return the IV size of the cipher context.
648 *
649 * @ingroup hcrypto_evp
650 */
651
652 size_t
653 EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
654 {
655 return EVP_CIPHER_iv_length(ctx->cipher);
656 }
657
658 /**
659 * Get the flags for an EVP_CIPHER_CTX context.
660 *
661 * @param ctx the EVP_CIPHER_CTX to get the flags from
662 *
663 * @return the flags for an EVP_CIPHER_CTX.
664 *
665 * @ingroup hcrypto_evp
666 */
667
668 unsigned long
669 EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
670 {
671 return ctx->cipher->flags;
672 }
673
674 /**
675 * Get the mode for an EVP_CIPHER_CTX context.
676 *
677 * @param ctx the EVP_CIPHER_CTX to get the mode from
678 *
679 * @return the mode for an EVP_CIPHER_CTX.
680 *
681 * @ingroup hcrypto_evp
682 */
683
684 int
685 EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx)
686 {
687 return EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_MODE;
688 }
689
690 /**
691 * Get the app data for an EVP_CIPHER_CTX context.
692 *
693 * @param ctx the EVP_CIPHER_CTX to get the app data from
694 *
695 * @return the app data for an EVP_CIPHER_CTX.
696 *
697 * @ingroup hcrypto_evp
698 */
699
700 void *
701 EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX *ctx)
702 {
703 return ctx->app_data;
704 }
705
706 /**
707 * Set the app data for an EVP_CIPHER_CTX context.
708 *
709 * @param ctx the EVP_CIPHER_CTX to set the app data for
710 * @param data the app data to set for an EVP_CIPHER_CTX.
711 *
712 * @ingroup hcrypto_evp
713 */
714
715 void
716 EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
717 {
718 ctx->app_data = data;
719 }
720
721 /**
722 * Initiate the EVP_CIPHER_CTX context to encrypt or decrypt data.
723 * Clean up with EVP_CIPHER_CTX_cleanup().
724 *
725 * @param ctx context to initiate
726 * @param c cipher to use.
727 * @param engine crypto engine to use, NULL to select default.
728 * @param key the crypto key to use, NULL will use the previous value.
729 * @param iv the IV to use, NULL will use the previous value.
730 * @param encp non zero will encrypt, -1 use the previous value.
731 *
732 * @return 1 on success.
733 *
734 * @ingroup hcrypto_evp
735 */
736
737 int
738 EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *c, ENGINE *engine,
739 const void *key, const void *iv, int encp)
740 {
741 ctx->buf_len = 0;
742
743 if (encp == -1)
744 encp = ctx->encrypt;
745 else
746 ctx->encrypt = (encp ? 1 : 0);
747
748 if (c && (c != ctx->cipher)) {
749 EVP_CIPHER_CTX_cleanup(ctx);
750 ctx->cipher = c;
751 ctx->key_len = c->key_len;
752
753 ctx->cipher_data = calloc(1, c->ctx_size);
754 if (ctx->cipher_data == NULL && c->ctx_size != 0)
755 return 0;
756
757 /* assume block size is a multiple of 2 */
758 ctx->block_mask = EVP_CIPHER_block_size(c) - 1;
759
760 } else if (ctx->cipher == NULL) {
761 /* reuse of cipher, but not any cipher ever set! */
762 return 0;
763 }
764
765 switch (EVP_CIPHER_CTX_mode(ctx)) {
766 case EVP_CIPH_CBC_MODE:
767
768 assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof(ctx->iv));
769
770 if (iv)
771 memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
772 memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
773 break;
774
775 case EVP_CIPH_STREAM_CIPHER:
776 break;
777 case EVP_CIPH_CFB8_MODE:
778 if (iv)
779 memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
780 break;
781
782 default:
783 return 0;
784 }
785
786 if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT))
787 ctx->cipher->init(ctx, key, iv, encp);
788
789 return 1;
790 }
791
792 /**
793 * Encipher/decipher partial data
794 *
795 * @param ctx the cipher context.
796 * @param out output data from the operation.
797 * @param outlen output length
798 * @param in input data to the operation.
799 * @param inlen length of data.
800 *
801 * The output buffer length should at least be EVP_CIPHER_block_size()
802 * byte longer then the input length.
803 *
804 * See @ref evp_cipher for an example how to use this function.
805 *
806 * @return 1 on success.
807 *
808 * @ingroup hcrypto_evp
809 */
810
811 int
812 EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, void *out, int *outlen,
813 void *in, size_t inlen)
814 {
815 int ret, left, blocksize;
816
817 *outlen = 0;
818
819 /**
820 * If there in no spare bytes in the left from last Update and the
821 * input length is on the block boundery, the EVP_CipherUpdate()
822 * function can take a shortcut (and preformance gain) and
823 * directly encrypt the data, otherwise we hav to fix it up and
824 * store extra it the EVP_CIPHER_CTX.
825 */
826 if (ctx->buf_len == 0 && (inlen & ctx->block_mask) == 0) {
827 ret = (*ctx->cipher->do_cipher)(ctx, out, in, inlen);
828 if (ret == 1)
829 *outlen = inlen;
830 else
831 *outlen = 0;
832 return ret;
833 }
834
835
836 blocksize = EVP_CIPHER_CTX_block_size(ctx);
837 left = blocksize - ctx->buf_len;
838 assert(left > 0);
839
840 if (ctx->buf_len) {
841
842 /* if total buffer is smaller then input, store locally */
843 if (inlen < left) {
844 memcpy(ctx->buf + ctx->buf_len, in, inlen);
845 ctx->buf_len += inlen;
846 return 1;
847 }
848
849 /* fill in local buffer and encrypt */
850 memcpy(ctx->buf + ctx->buf_len, in, left);
851 ret = (*ctx->cipher->do_cipher)(ctx, out, ctx->buf, blocksize);
852 memset(ctx->buf, 0, blocksize);
853 if (ret != 1)
854 return ret;
855
856 *outlen += blocksize;
857 inlen -= left;
858 in = ((unsigned char *)in) + left;
859 out = ((unsigned char *)out) + blocksize;
860 ctx->buf_len = 0;
861 }
862
863 if (inlen) {
864 ctx->buf_len = (inlen & ctx->block_mask);
865 inlen &= ~ctx->block_mask;
866
867 ret = (*ctx->cipher->do_cipher)(ctx, out, in, inlen);
868 if (ret != 1)
869 return ret;
870
871 *outlen += inlen;
872
873 in = ((unsigned char *)in) + inlen;
874 memcpy(ctx->buf, in, ctx->buf_len);
875 }
876
877 return 1;
878 }
879
880 /**
881 * Encipher/decipher final data
882 *
883 * @param ctx the cipher context.
884 * @param out output data from the operation.
885 * @param outlen output length
886 *
887 * The input length needs to be at least EVP_CIPHER_block_size() bytes
888 * long.
889 *
890 * See @ref evp_cipher for an example how to use this function.
891 *
892 * @return 1 on success.
893 *
894 * @ingroup hcrypto_evp
895 */
896
897 int
898 EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, void *out, int *outlen)
899 {
900 *outlen = 0;
901
902 if (ctx->buf_len) {
903 int ret, left, blocksize;
904
905 blocksize = EVP_CIPHER_CTX_block_size(ctx);
906
907 left = blocksize - ctx->buf_len;
908 assert(left > 0);
909
910 /* zero fill local buffer */
911 memset(ctx->buf + ctx->buf_len, 0, left);
912 ret = (*ctx->cipher->do_cipher)(ctx, out, ctx->buf, blocksize);
913 memset(ctx->buf, 0, blocksize);
914 if (ret != 1)
915 return ret;
916
917 *outlen += blocksize;
918 }
919
920 return 1;
921 }
922
923 /**
924 * Encipher/decipher data
925 *
926 * @param ctx the cipher context.
927 * @param out out data from the operation.
928 * @param in in data to the operation.
929 * @param size length of data.
930 *
931 * @return 1 on success.
932 */
933
934 int
935 EVP_Cipher(EVP_CIPHER_CTX *ctx, void *out, const void *in,size_t size)
936 {
937 return ctx->cipher->do_cipher(ctx, out, in, size);
938 }
939
940 /*
941 *
942 */
943
944 static int
945 enc_null_init(EVP_CIPHER_CTX *ctx,
946 const unsigned char * key,
947 const unsigned char * iv,
948 int encp)
949 {
950 return 1;
951 }
952
953 static int
954 enc_null_do_cipher(EVP_CIPHER_CTX *ctx,
955 unsigned char *out,
956 const unsigned char *in,
957 unsigned int size)
958 {
959 memmove(out, in, size);
960 return 1;
961 }
962
963 static int
964 enc_null_cleanup(EVP_CIPHER_CTX *ctx)
965 {
966 return 1;
967 }
968
969 /**
970 * The NULL cipher type, does no encryption/decryption.
971 *
972 * @return the null EVP_CIPHER pointer.
973 *
974 * @ingroup hcrypto_evp
975 */
976
977 const EVP_CIPHER *
978 EVP_enc_null(void)
979 {
980 static const EVP_CIPHER enc_null = {
981 0,
982 0,
983 0,
984 0,
985 EVP_CIPH_CBC_MODE,
986 enc_null_init,
987 enc_null_do_cipher,
988 enc_null_cleanup,
989 0,
990 NULL,
991 NULL,
992 NULL,
993 NULL
994 };
995 return &enc_null;
996 }
997
998 /**
999 * The RC2 cipher type
1000 *
1001 * @return the RC2 EVP_CIPHER pointer.
1002 *
1003 * @ingroup hcrypto_evp
1004 */
1005
1006 const EVP_CIPHER *
1007 EVP_rc2_cbc(void)
1008 {
1009 hcrypto_validate();
1010 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_cbc);
1011 }
1012
1013 /**
1014 * The RC2 cipher type
1015 *
1016 * @return the RC2 EVP_CIPHER pointer.
1017 *
1018 * @ingroup hcrypto_evp
1019 */
1020
1021 const EVP_CIPHER *
1022 EVP_rc2_40_cbc(void)
1023 {
1024 hcrypto_validate();
1025 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_40_cbc);
1026 }
1027
1028 /**
1029 * The RC2 cipher type
1030 *
1031 * @return the RC2 EVP_CIPHER pointer.
1032 *
1033 * @ingroup hcrypto_evp
1034 */
1035
1036 const EVP_CIPHER *
1037 EVP_rc2_64_cbc(void)
1038 {
1039 hcrypto_validate();
1040 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_64_cbc);
1041 }
1042
1043 /**
1044 * The RC4 cipher type
1045 *
1046 * @return the RC4 EVP_CIPHER pointer.
1047 *
1048 * @ingroup hcrypto_evp
1049 */
1050
1051 const EVP_CIPHER *
1052 EVP_rc4(void)
1053 {
1054 hcrypto_validate();
1055 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc4);
1056 }
1057
1058 /**
1059 * The RC4-40 cipher type
1060 *
1061 * @return the RC4-40 EVP_CIPHER pointer.
1062 *
1063 * @ingroup hcrypto_evp
1064 */
1065
1066 const EVP_CIPHER *
1067 EVP_rc4_40(void)
1068 {
1069 hcrypto_validate();
1070 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc4_40);
1071 }
1072
1073 /**
1074 * The DES cipher type
1075 *
1076 * @return the DES-CBC EVP_CIPHER pointer.
1077 *
1078 * @ingroup hcrypto_evp
1079 */
1080
1081 const EVP_CIPHER *
1082 EVP_des_cbc(void)
1083 {
1084 hcrypto_validate();
1085 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, des_cbc);
1086 }
1087
1088 /**
1089 * The tripple DES cipher type
1090 *
1091 * @return the DES-EDE3-CBC EVP_CIPHER pointer.
1092 *
1093 * @ingroup hcrypto_evp
1094 */
1095
1096 const EVP_CIPHER *
1097 EVP_des_ede3_cbc(void)
1098 {
1099 hcrypto_validate();
1100 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, des_ede3_cbc);
1101 }
1102
1103 /**
1104 * The AES-128 cipher type
1105 *
1106 * @return the AES-128 EVP_CIPHER pointer.
1107 *
1108 * @ingroup hcrypto_evp
1109 */
1110
1111 const EVP_CIPHER *
1112 EVP_aes_128_cbc(void)
1113 {
1114 hcrypto_validate();
1115 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_128_cbc);
1116 }
1117
1118 /**
1119 * The AES-192 cipher type
1120 *
1121 * @return the AES-192 EVP_CIPHER pointer.
1122 *
1123 * @ingroup hcrypto_evp
1124 */
1125
1126 const EVP_CIPHER *
1127 EVP_aes_192_cbc(void)
1128 {
1129 hcrypto_validate();
1130 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_192_cbc);
1131 }
1132
1133 /**
1134 * The AES-256 cipher type
1135 *
1136 * @return the AES-256 EVP_CIPHER pointer.
1137 *
1138 * @ingroup hcrypto_evp
1139 */
1140
1141 const EVP_CIPHER *
1142 EVP_aes_256_cbc(void)
1143 {
1144 hcrypto_validate();
1145 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_256_cbc);
1146 }
1147
1148 /**
1149 * The AES-128 cipher type
1150 *
1151 * @return the AES-128 EVP_CIPHER pointer.
1152 *
1153 * @ingroup hcrypto_evp
1154 */
1155
1156 const EVP_CIPHER *
1157 EVP_aes_128_cfb8(void)
1158 {
1159 hcrypto_validate();
1160 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_128_cfb8);
1161 }
1162
1163 /**
1164 * The AES-192 cipher type
1165 *
1166 * @return the AES-192 EVP_CIPHER pointer.
1167 *
1168 * @ingroup hcrypto_evp
1169 */
1170
1171 const EVP_CIPHER *
1172 EVP_aes_192_cfb8(void)
1173 {
1174 hcrypto_validate();
1175 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_192_cfb8);
1176 }
1177
1178 /**
1179 * The AES-256 cipher type
1180 *
1181 * @return the AES-256 EVP_CIPHER pointer.
1182 *
1183 * @ingroup hcrypto_evp
1184 */
1185
1186 const EVP_CIPHER *
1187 EVP_aes_256_cfb8(void)
1188 {
1189 hcrypto_validate();
1190 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_256_cfb8);
1191 }
1192
1193 /**
1194 * The Camellia-128 cipher type
1195 *
1196 * @return the Camellia-128 EVP_CIPHER pointer.
1197 *
1198 * @ingroup hcrypto_evp
1199 */
1200
1201 const EVP_CIPHER *
1202 EVP_camellia_128_cbc(void)
1203 {
1204 hcrypto_validate();
1205 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_128_cbc);
1206 }
1207
1208 /**
1209 * The Camellia-198 cipher type
1210 *
1211 * @return the Camellia-198 EVP_CIPHER pointer.
1212 *
1213 * @ingroup hcrypto_evp
1214 */
1215
1216 const EVP_CIPHER *
1217 EVP_camellia_192_cbc(void)
1218 {
1219 hcrypto_validate();
1220 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_192_cbc);
1221 }
1222
1223 /**
1224 * The Camellia-256 cipher type
1225 *
1226 * @return the Camellia-256 EVP_CIPHER pointer.
1227 *
1228 * @ingroup hcrypto_evp
1229 */
1230
1231 const EVP_CIPHER *
1232 EVP_camellia_256_cbc(void)
1233 {
1234 hcrypto_validate();
1235 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_256_cbc);
1236 }
1237
1238 /*
1239 *
1240 */
1241
1242 static const struct cipher_name {
1243 const char *name;
1244 const EVP_CIPHER *(*func)(void);
1245 } cipher_name[] = {
1246 { "des-ede3-cbc", EVP_des_ede3_cbc },
1247 { "aes-128-cbc", EVP_aes_128_cbc },
1248 { "aes-192-cbc", EVP_aes_192_cbc },
1249 { "aes-256-cbc", EVP_aes_256_cbc },
1250 { "aes-128-cfb8", EVP_aes_128_cfb8 },
1251 { "aes-192-cfb8", EVP_aes_192_cfb8 },
1252 { "aes-256-cfb8", EVP_aes_256_cfb8 },
1253 { "camellia-128-cbc", EVP_camellia_128_cbc },
1254 { "camellia-192-cbc", EVP_camellia_192_cbc },
1255 { "camellia-256-cbc", EVP_camellia_256_cbc }
1256 };
1257
1258 /**
1259 * Get the cipher type using their name.
1260 *
1261 * @param name the name of the cipher.
1262 *
1263 * @return the selected EVP_CIPHER pointer or NULL if not found.
1264 *
1265 * @ingroup hcrypto_evp
1266 */
1267
1268 const EVP_CIPHER *
1269 EVP_get_cipherbyname(const char *name)
1270 {
1271 int i;
1272 for (i = 0; i < sizeof(cipher_name)/sizeof(cipher_name[0]); i++) {
1273 if (strcasecmp(cipher_name[i].name, name) == 0)
1274 return (*cipher_name[i].func)();
1275 }
1276 return NULL;
1277 }
1278
1279
1280 /*
1281 *
1282 */
1283
1284 #ifndef min
1285 #define min(a,b) (((a)>(b))?(b):(a))
1286 #endif
1287
1288 /**
1289 * Provides a legancy string to key function, used in PEM files.
1290 *
1291 * New protocols should use new string to key functions like NIST
1292 * SP56-800A or PKCS#5 v2.0 (see PKCS5_PBKDF2_HMAC_SHA1()).
1293 *
1294 * @param type type of cipher to use
1295 * @param md message digest to use
1296 * @param salt salt salt string, should be an binary 8 byte buffer.
1297 * @param data the password/input key string.
1298 * @param datalen length of data parameter.
1299 * @param count iteration counter.
1300 * @param keydata output keydata, needs to of the size EVP_CIPHER_key_length().
1301 * @param ivdata output ivdata, needs to of the size EVP_CIPHER_block_size().
1302 *
1303 * @return the size of derived key.
1304 *
1305 * @ingroup hcrypto_evp
1306 */
1307
1308 int
1309 EVP_BytesToKey(const EVP_CIPHER *type,
1310 const EVP_MD *md,
1311 const void *salt,
1312 const void *data, size_t datalen,
1313 unsigned int count,
1314 void *keydata,
1315 void *ivdata)
1316 {
1317 int ivlen, keylen, first = 0;
1318 unsigned int mds = 0, i;
1319 unsigned char *key = keydata;
1320 unsigned char *iv = ivdata;
1321 unsigned char *buf;
1322 EVP_MD_CTX c;
1323
1324 keylen = EVP_CIPHER_key_length(type);
1325 ivlen = EVP_CIPHER_iv_length(type);
1326
1327 if (data == NULL)
1328 return keylen;
1329
1330 buf = malloc(EVP_MD_size(md));
1331 if (buf == NULL)
1332 return -1;
1333
1334 EVP_MD_CTX_init(&c);
1335
1336 first = 1;
1337 while (1) {
1338 EVP_DigestInit_ex(&c, md, NULL);
1339 if (!first)
1340 EVP_DigestUpdate(&c, buf, mds);
1341 first = 0;
1342 EVP_DigestUpdate(&c,data,datalen);
1343
1344 #define PKCS5_SALT_LEN 8
1345
1346 if (salt)
1347 EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN);
1348
1349 EVP_DigestFinal_ex(&c, buf, &mds);
1350 assert(mds == EVP_MD_size(md));
1351
1352 for (i = 1; i < count; i++) {
1353 EVP_DigestInit_ex(&c, md, NULL);
1354 EVP_DigestUpdate(&c, buf, mds);
1355 EVP_DigestFinal_ex(&c, buf, &mds);
1356 assert(mds == EVP_MD_size(md));
1357 }
1358
1359 i = 0;
1360 if (keylen) {
1361 size_t sz = min(keylen, mds);
1362 if (key) {
1363 memcpy(key, buf, sz);
1364 key += sz;
1365 }
1366 keylen -= sz;
1367 i += sz;
1368 }
1369 if (ivlen && mds > i) {
1370 size_t sz = min(ivlen, (mds - i));
1371 if (iv) {
1372 memcpy(iv, &buf[i], sz);
1373 iv += sz;
1374 }
1375 ivlen -= sz;
1376 }
1377 if (keylen == 0 && ivlen == 0)
1378 break;
1379 }
1380
1381 EVP_MD_CTX_cleanup(&c);
1382 free(buf);
1383
1384 return EVP_CIPHER_key_length(type);
1385 }
1386
1387 /**
1388 * Generate a random key for the specificed EVP_CIPHER.
1389 *
1390 * @param ctx EVP_CIPHER_CTX type to build the key for.
1391 * @param key return key, must be at least EVP_CIPHER_key_length() byte long.
1392 *
1393 * @return 1 for success, 0 for failure.
1394 *
1395 * @ingroup hcrypto_core
1396 */
1397
1398 int
1399 EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, void *key)
1400 {
1401 if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
1402 return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
1403 if (RAND_bytes(key, ctx->key_len) != 1)
1404 return 0;
1405 return 1;
1406 }
1407
1408 /**
1409 * Perform a operation on a ctx
1410 *
1411 * @param ctx context to perform operation on.
1412 * @param type type of operation.
1413 * @param arg argument to operation.
1414 * @param data addition data to operation.
1415
1416 * @return 1 for success, 0 for failure.
1417 *
1418 * @ingroup hcrypto_core
1419 */
1420
1421 int
1422 EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *data)
1423 {
1424 if (ctx->cipher == NULL || ctx->cipher->ctrl == NULL)
1425 return 0;
1426 return (*ctx->cipher->ctrl)(ctx, type, arg, data);
1427 }
1428
1429 /**
1430 * Add all algorithms to the crypto core.
1431 *
1432 * @ingroup hcrypto_core
1433 */
1434
1435 void
1436 OpenSSL_add_all_algorithms(void)
1437 {
1438 return;
1439 }
1440
1441 /**
1442 * Add all algorithms to the crypto core using configuration file.
1443 *
1444 * @ingroup hcrypto_core
1445 */
1446
1447 void
1448 OpenSSL_add_all_algorithms_conf(void)
1449 {
1450 return;
1451 }
1452
1453 /**
1454 * Add all algorithms to the crypto core, but don't use the
1455 * configuration file.
1456 *
1457 * @ingroup hcrypto_core
1458 */
1459
1460 void
1461 OpenSSL_add_all_algorithms_noconf(void)
1462 {
1463 return;
1464 }
Heimdal