search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Ensure DER form of hxtool ca random serial numbers
[heimdal.git] / lib / hcrypto / evp.c
blobc564353e4232edd9dc52f907a3e42847a37b162f
1 /*
2 * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #ifdef HAVE_CONFIG_H
35 #include <config.h>
36 #endif
37
38 #define HC_DEPRECATED
39 #define HC_DEPRECATED_CRYPTO
40
41 #include <sys/types.h>
42 #include <stdio.h>
43 #include <stdlib.h>
44 #include <string.h>
45 #include <assert.h>
46
47 #include <evp.h>
48 #include <evp-hcrypto.h>
49 #include <evp-cc.h>
50 #include <evp-w32.h>
51
52 #include <krb5-types.h>
53 #include <roken.h>
54
55 #ifndef HCRYPTO_DEF_PROVIDER
56 #define HCRYPTO_DEF_PROVIDER hcrypto
57 #endif
58
59 #define HC_CONCAT4(x,y,z,aa) x ## y ## z ## aa
60
61
62 #define EVP_DEF_OP(_prov,_op) HC_CONCAT4(EVP_,_prov,_,_op)()
63
64 /**
65 * @page page_evp EVP - generic crypto interface
66 *
67 * See the library functions here: @ref hcrypto_evp
68 *
69 * @section evp_cipher EVP Cipher
70 *
71 * The use of EVP_CipherInit_ex() and EVP_Cipher() is pretty easy to
72 * understand forward, then EVP_CipherUpdate() and
73 * EVP_CipherFinal_ex() really needs an example to explain @ref
74 * example_evp_cipher.c .
75 *
76 * @example example_evp_cipher.c
77 *
78 * This is an example how to use EVP_CipherInit_ex(),
79 * EVP_CipherUpdate() and EVP_CipherFinal_ex().
80 */
81
82 struct hc_EVP_MD_CTX {
83 const EVP_MD *md;
84 ENGINE *engine;
85 void *ptr;
86 };
87
88
89 /**
90 * Return the output size of the message digest function.
91 *
92 * @param md the evp message
93 *
94 * @return size output size of the message digest function.
95 *
96 * @ingroup hcrypto_evp
97 */
98
99 size_t
100 EVP_MD_size(const EVP_MD *md)
101 {
102 return md->hash_size;
103 }
104
105 /**
106 * Return the blocksize of the message digest function.
107 *
108 * @param md the evp message
109 *
110 * @return size size of the message digest block size
111 *
112 * @ingroup hcrypto_evp
113 */
114
115 size_t
116 EVP_MD_block_size(const EVP_MD *md)
117 {
118 return md->block_size;
119 }
120
121 /**
122 * Allocate a messsage digest context object. Free with
123 * EVP_MD_CTX_destroy().
124 *
125 * @return a newly allocated message digest context object.
126 *
127 * @ingroup hcrypto_evp
128 */
129
130 EVP_MD_CTX *
131 EVP_MD_CTX_create(void)
132 {
133 return calloc(1, sizeof(EVP_MD_CTX));
134 }
135
136 /**
137 * Initiate a messsage digest context object. Deallocate with
138 * EVP_MD_CTX_cleanup(). Please use EVP_MD_CTX_create() instead.
139 *
140 * @param ctx variable to initiate.
141 *
142 * @ingroup hcrypto_evp
143 */
144
145 void
146 EVP_MD_CTX_init(EVP_MD_CTX *ctx) HC_DEPRECATED
147 {
148 memset(ctx, 0, sizeof(*ctx));
149 }
150
151 /**
152 * Free a messsage digest context object.
153 *
154 * @param ctx context to free.
155 *
156 * @ingroup hcrypto_evp
157 */
158
159 void
160 EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
161 {
162 EVP_MD_CTX_cleanup(ctx);
163 free(ctx);
164 }
165
166 /**
167 * Free the resources used by the EVP_MD context.
168 *
169 * @param ctx the context to free the resources from.
170 *
171 * @return 1 on success.
172 *
173 * @ingroup hcrypto_evp
174 */
175
176 int
177 EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) HC_DEPRECATED
178 {
179 if (ctx->md && ctx->md->cleanup) {
180 int ret = (ctx->md->cleanup)(ctx);
181 if (!ret)
182 return ret;
183 } else if (ctx->md) {
184 memset(ctx->ptr, 0, ctx->md->ctx_size);
185 }
186 ctx->md = NULL;
187 ctx->engine = NULL;
188 free(ctx->ptr);
189 memset(ctx, 0, sizeof(*ctx));
190 return 1;
191 }
192
193 /**
194 * Get the EVP_MD use for a specified context.
195 *
196 * @param ctx the EVP_MD context to get the EVP_MD for.
197 *
198 * @return the EVP_MD used for the context.
199 *
200 * @ingroup hcrypto_evp
201 */
202
203 const EVP_MD *
204 EVP_MD_CTX_md(EVP_MD_CTX *ctx)
205 {
206 return ctx->md;
207 }
208
209 /**
210 * Return the output size of the message digest function.
211 *
212 * @param ctx the evp message digest context
213 *
214 * @return size output size of the message digest function.
215 *
216 * @ingroup hcrypto_evp
217 */
218
219 size_t
220 EVP_MD_CTX_size(EVP_MD_CTX *ctx)
221 {
222 return EVP_MD_size(ctx->md);
223 }
224
225 /**
226 * Return the blocksize of the message digest function.
227 *
228 * @param ctx the evp message digest context
229 *
230 * @return size size of the message digest block size
231 *
232 * @ingroup hcrypto_evp
233 */
234
235 size_t
236 EVP_MD_CTX_block_size(EVP_MD_CTX *ctx)
237 {
238 return EVP_MD_block_size(ctx->md);
239 }
240
241 /**
242 * Init a EVP_MD_CTX for use a specific message digest and engine.
243 *
244 * @param ctx the message digest context to init.
245 * @param md the message digest to use.
246 * @param engine the engine to use, NULL to use the default engine.
247 *
248 * @return 1 on success.
249 *
250 * @ingroup hcrypto_evp
251 */
252
253 int
254 EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *md, ENGINE *engine)
255 {
256 if (ctx->md != md || ctx->engine != engine) {
257 EVP_MD_CTX_cleanup(ctx);
258 ctx->md = md;
259 ctx->engine = engine;
260
261 ctx->ptr = calloc(1, md->ctx_size);
262 if (ctx->ptr == NULL)
263 return 0;
264 }
265 return (ctx->md->init)(ctx->ptr);
266 }
267
268 /**
269 * Update the digest with some data.
270 *
271 * @param ctx the context to update
272 * @param data the data to update the context with
273 * @param size length of data
274 *
275 * @return 1 on success.
276 *
277 * @ingroup hcrypto_evp
278 */
279
280 int
281 EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t size)
282 {
283 (ctx->md->update)(ctx->ptr, data, size);
284 return 1;
285 }
286
287 /**
288 * Complete the message digest.
289 *
290 * @param ctx the context to complete.
291 * @param hash the output of the message digest function. At least
292 * EVP_MD_size().
293 * @param size the output size of hash.
294 *
295 * @return 1 on success.
296 *
297 * @ingroup hcrypto_evp
298 */
299
300 int
301 EVP_DigestFinal_ex(EVP_MD_CTX *ctx, void *hash, unsigned int *size)
302 {
303 (ctx->md->final)(hash, ctx->ptr);
304 if (size)
305 *size = ctx->md->hash_size;
306 return 1;
307 }
308
309 /**
310 * Do the whole EVP_MD_CTX_create(), EVP_DigestInit_ex(),
311 * EVP_DigestUpdate(), EVP_DigestFinal_ex(), EVP_MD_CTX_destroy()
312 * dance in one call.
313 *
314 * @param data the data to update the context with
315 * @param dsize length of data
316 * @param hash output data of at least EVP_MD_size() length.
317 * @param hsize output length of hash.
318 * @param md message digest to use
319 * @param engine engine to use, NULL for default engine.
320 *
321 * @return 1 on success.
322 *
323 * @ingroup hcrypto_evp
324 */
325
326 int
327 EVP_Digest(const void *data, size_t dsize, void *hash, unsigned int *hsize,
328 const EVP_MD *md, ENGINE *engine)
329 {
330 EVP_MD_CTX *ctx;
331 int ret;
332
333 ctx = EVP_MD_CTX_create();
334 if (ctx == NULL)
335 return 0;
336 ret = EVP_DigestInit_ex(ctx, md, engine);
337 if (ret != 1) {
338 EVP_MD_CTX_destroy(ctx);
339 return ret;
340 }
341 ret = EVP_DigestUpdate(ctx, data, dsize);
342 if (ret != 1) {
343 EVP_MD_CTX_destroy(ctx);
344 return ret;
345 }
346 ret = EVP_DigestFinal_ex(ctx, hash, hsize);
347 EVP_MD_CTX_destroy(ctx);
348 return ret;
349 }
350
351 /**
352 * The message digest SHA256
353 *
354 * @return the message digest type.
355 *
356 * @ingroup hcrypto_evp
357 */
358
359 const EVP_MD *
360 EVP_sha256(void)
361 {
362 hcrypto_validate();
363 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha256);
364 }
365
366 /**
367 * The message digest SHA384
368 *
369 * @return the message digest type.
370 *
371 * @ingroup hcrypto_evp
372 */
373
374 const EVP_MD *
375 EVP_sha384(void)
376 {
377 hcrypto_validate();
378 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha384);
379 }
380
381 /**
382 * The message digest SHA512
383 *
384 * @return the message digest type.
385 *
386 * @ingroup hcrypto_evp
387 */
388
389 const EVP_MD *
390 EVP_sha512(void)
391 {
392 hcrypto_validate();
393 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha512);
394 }
395
396 /**
397 * The message digest SHA1
398 *
399 * @return the message digest type.
400 *
401 * @ingroup hcrypto_evp
402 */
403
404 const EVP_MD *
405 EVP_sha1(void)
406 {
407 hcrypto_validate();
408 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha1);
409 }
410
411 /**
412 * The message digest SHA1
413 *
414 * @return the message digest type.
415 *
416 * @ingroup hcrypto_evp
417 */
418
419 const EVP_MD *
420 EVP_sha(void) HC_DEPRECATED
421
422 {
423 hcrypto_validate();
424 return EVP_sha1();
425 }
426
427 /**
428 * The message digest MD5
429 *
430 * @return the message digest type.
431 *
432 * @ingroup hcrypto_evp
433 */
434
435 const EVP_MD *
436 EVP_md5(void) HC_DEPRECATED_CRYPTO
437 {
438 hcrypto_validate();
439 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md5);
440 }
441
442 /**
443 * The message digest MD4
444 *
445 * @return the message digest type.
446 *
447 * @ingroup hcrypto_evp
448 */
449
450 const EVP_MD *
451 EVP_md4(void) HC_DEPRECATED_CRYPTO
452 {
453 hcrypto_validate();
454 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md4);
455 }
456
457 /**
458 * The message digest MD2
459 *
460 * @return the message digest type.
461 *
462 * @ingroup hcrypto_evp
463 */
464
465 const EVP_MD *
466 EVP_md2(void) HC_DEPRECATED_CRYPTO
467 {
468 hcrypto_validate();
469 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md2);
470 }
471
472 /*
473 *
474 */
475
476 static void
477 null_Init (void *m)
478 {
479 }
480 static void
481 null_Update (void *m, const void * data, size_t size)
482 {
483 }
484 static void
485 null_Final(void *res, void *m)
486 {
487 }
488
489 /**
490 * The null message digest
491 *
492 * @return the message digest type.
493 *
494 * @ingroup hcrypto_evp
495 */
496
497 const EVP_MD *
498 EVP_md_null(void)
499 {
500 static const struct hc_evp_md null = {
501 0,
502 0,
503 0,
504 (hc_evp_md_init)null_Init,
505 (hc_evp_md_update)null_Update,
506 (hc_evp_md_final)null_Final,
507 NULL
508 };
509 return &null;
510 }
511
512 /**
513 * Return the block size of the cipher.
514 *
515 * @param c cipher to get the block size from.
516 *
517 * @return the block size of the cipher.
518 *
519 * @ingroup hcrypto_evp
520 */
521
522 size_t
523 EVP_CIPHER_block_size(const EVP_CIPHER *c)
524 {
525 return c->block_size;
526 }
527
528 /**
529 * Return the key size of the cipher.
530 *
531 * @param c cipher to get the key size from.
532 *
533 * @return the key size of the cipher.
534 *
535 * @ingroup hcrypto_evp
536 */
537
538 size_t
539 EVP_CIPHER_key_length(const EVP_CIPHER *c)
540 {
541 return c->key_len;
542 }
543
544 /**
545 * Return the IV size of the cipher.
546 *
547 * @param c cipher to get the IV size from.
548 *
549 * @return the IV size of the cipher.
550 *
551 * @ingroup hcrypto_evp
552 */
553
554 size_t
555 EVP_CIPHER_iv_length(const EVP_CIPHER *c)
556 {
557 return c->iv_len;
558 }
559
560 /**
561 * Initiate a EVP_CIPHER_CTX context. Clean up with
562 * EVP_CIPHER_CTX_cleanup().
563 *
564 * @param c the cipher initiate.
565 *
566 * @ingroup hcrypto_evp
567 */
568
569 void
570 EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *c)
571 {
572 memset(c, 0, sizeof(*c));
573 }
574
575 /**
576 * Clean up the EVP_CIPHER_CTX context.
577 *
578 * @param c the cipher to clean up.
579 *
580 * @return 1 on success.
581 *
582 * @ingroup hcrypto_evp
583 */
584
585 int
586 EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
587 {
588 if (c->cipher && c->cipher->cleanup) {
589 int ret = c->cipher->cleanup(c);
590 if (!ret)
591 return ret;
592 }
593 if (c->cipher_data) {
594 memset(c->cipher_data, 0, c->cipher->ctx_size);
595 free(c->cipher_data);
596 c->cipher_data = NULL;
597 }
598 return 1;
599 }
600
601 /**
602 * If the cipher type supports it, change the key length
603 *
604 * @param c the cipher context to change the key length for
605 * @param length new key length
606 *
607 * @return 1 on success.
608 *
609 * @ingroup hcrypto_evp
610 */
611
612 int
613 EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int length)
614 {
615 if ((c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH) && length > 0) {
616 c->key_len = length;
617 return 1;
618 }
619 return 0;
620 }
621
622 #if 0
623 int
624 EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad)
625 {
626 return 0;
627 }
628 #endif
629
630 /**
631 * Return the EVP_CIPHER for a EVP_CIPHER_CTX context.
632 *
633 * @param ctx the context to get the cipher type from.
634 *
635 * @return the EVP_CIPHER pointer.
636 *
637 * @ingroup hcrypto_evp
638 */
639
640 const EVP_CIPHER *
641 EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX *ctx)
642 {
643 return ctx->cipher;
644 }
645
646 /**
647 * Return the block size of the cipher context.
648 *
649 * @param ctx cipher context to get the block size from.
650 *
651 * @return the block size of the cipher context.
652 *
653 * @ingroup hcrypto_evp
654 */
655
656 size_t
657 EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
658 {
659 return EVP_CIPHER_block_size(ctx->cipher);
660 }
661
662 /**
663 * Return the key size of the cipher context.
664 *
665 * @param ctx cipher context to get the key size from.
666 *
667 * @return the key size of the cipher context.
668 *
669 * @ingroup hcrypto_evp
670 */
671
672 size_t
673 EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
674 {
675 return EVP_CIPHER_key_length(ctx->cipher);
676 }
677
678 /**
679 * Return the IV size of the cipher context.
680 *
681 * @param ctx cipher context to get the IV size from.
682 *
683 * @return the IV size of the cipher context.
684 *
685 * @ingroup hcrypto_evp
686 */
687
688 size_t
689 EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
690 {
691 return EVP_CIPHER_iv_length(ctx->cipher);
692 }
693
694 /**
695 * Get the flags for an EVP_CIPHER_CTX context.
696 *
697 * @param ctx the EVP_CIPHER_CTX to get the flags from
698 *
699 * @return the flags for an EVP_CIPHER_CTX.
700 *
701 * @ingroup hcrypto_evp
702 */
703
704 unsigned long
705 EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
706 {
707 return ctx->cipher->flags;
708 }
709
710 /**
711 * Get the mode for an EVP_CIPHER_CTX context.
712 *
713 * @param ctx the EVP_CIPHER_CTX to get the mode from
714 *
715 * @return the mode for an EVP_CIPHER_CTX.
716 *
717 * @ingroup hcrypto_evp
718 */
719
720 int
721 EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx)
722 {
723 return EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_MODE;
724 }
725
726 /**
727 * Get the app data for an EVP_CIPHER_CTX context.
728 *
729 * @param ctx the EVP_CIPHER_CTX to get the app data from
730 *
731 * @return the app data for an EVP_CIPHER_CTX.
732 *
733 * @ingroup hcrypto_evp
734 */
735
736 void *
737 EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX *ctx)
738 {
739 return ctx->app_data;
740 }
741
742 /**
743 * Set the app data for an EVP_CIPHER_CTX context.
744 *
745 * @param ctx the EVP_CIPHER_CTX to set the app data for
746 * @param data the app data to set for an EVP_CIPHER_CTX.
747 *
748 * @ingroup hcrypto_evp
749 */
750
751 void
752 EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
753 {
754 ctx->app_data = data;
755 }
756
757 /**
758 * Initiate the EVP_CIPHER_CTX context to encrypt or decrypt data.
759 * Clean up with EVP_CIPHER_CTX_cleanup().
760 *
761 * @param ctx context to initiate
762 * @param c cipher to use.
763 * @param engine crypto engine to use, NULL to select default.
764 * @param key the crypto key to use, NULL will use the previous value.
765 * @param iv the IV to use, NULL will use the previous value.
766 * @param encp non zero will encrypt, -1 use the previous value.
767 *
768 * @return 1 on success.
769 *
770 * @ingroup hcrypto_evp
771 */
772
773 int
774 EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *c, ENGINE *engine,
775 const void *key, const void *iv, int encp)
776 {
777 ctx->buf_len = 0;
778
779 if (encp == -1)
780 encp = ctx->encrypt;
781 else
782 ctx->encrypt = (encp ? 1 : 0);
783
784 if (c && (c != ctx->cipher)) {
785 EVP_CIPHER_CTX_cleanup(ctx);
786 ctx->cipher = c;
787 ctx->key_len = c->key_len;
788
789 ctx->cipher_data = calloc(1, c->ctx_size);
790 if (ctx->cipher_data == NULL && c->ctx_size != 0)
791 return 0;
792
793 /* assume block size is a multiple of 2 */
794 ctx->block_mask = EVP_CIPHER_block_size(c) - 1;
795
796 } else if (ctx->cipher == NULL) {
797 /* reuse of cipher, but not any cipher ever set! */
798 return 0;
799 }
800
801 switch (EVP_CIPHER_CTX_mode(ctx)) {
802 case EVP_CIPH_CBC_MODE:
803
804 assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof(ctx->iv));
805
806 if (iv)
807 memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
808 memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
809 break;
810
811 case EVP_CIPH_STREAM_CIPHER:
812 break;
813 case EVP_CIPH_CFB8_MODE:
814 if (iv)
815 memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
816 break;
817
818 default:
819 return 0;
820 }
821
822 if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT))
823 return ctx->cipher->init(ctx, key, iv, encp);
824
825 return 1;
826 }
827
828 /**
829 * Encipher/decipher partial data
830 *
831 * @param ctx the cipher context.
832 * @param out output data from the operation.
833 * @param outlen output length
834 * @param in input data to the operation.
835 * @param inlen length of data.
836 *
837 * The output buffer length should at least be EVP_CIPHER_block_size()
838 * byte longer then the input length.
839 *
840 * See @ref evp_cipher for an example how to use this function.
841 *
842 * @return 1 on success.
843 *
844 * @ingroup hcrypto_evp
845 */
846
847 int
848 EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, void *out, int *outlen,
849 void *in, size_t inlen)
850 {
851 int ret, left, blocksize;
852
853 *outlen = 0;
854
855 /**
856 * If there in no spare bytes in the left from last Update and the
857 * input length is on the block boundery, the EVP_CipherUpdate()
858 * function can take a shortcut (and preformance gain) and
859 * directly encrypt the data, otherwise we hav to fix it up and
860 * store extra it the EVP_CIPHER_CTX.
861 */
862 if (ctx->buf_len == 0 && (inlen & ctx->block_mask) == 0) {
863 ret = (*ctx->cipher->do_cipher)(ctx, out, in, inlen);
864 if (ret == 1)
865 *outlen = inlen;
866 else
867 *outlen = 0;
868 return ret;
869 }
870
871
872 blocksize = EVP_CIPHER_CTX_block_size(ctx);
873 left = blocksize - ctx->buf_len;
874 assert(left > 0);
875
876 if (ctx->buf_len) {
877
878 /* if total buffer is smaller then input, store locally */
879 if (inlen < left) {
880 memcpy(ctx->buf + ctx->buf_len, in, inlen);
881 ctx->buf_len += inlen;
882 return 1;
883 }
884
885 /* fill in local buffer and encrypt */
886 memcpy(ctx->buf + ctx->buf_len, in, left);
887 ret = (*ctx->cipher->do_cipher)(ctx, out, ctx->buf, blocksize);
888 memset(ctx->buf, 0, blocksize);
889 if (ret != 1)
890 return ret;
891
892 *outlen += blocksize;
893 inlen -= left;
894 in = ((unsigned char *)in) + left;
895 out = ((unsigned char *)out) + blocksize;
896 ctx->buf_len = 0;
897 }
898
899 if (inlen) {
900 ctx->buf_len = (inlen & ctx->block_mask);
901 inlen &= ~ctx->block_mask;
902
903 ret = (*ctx->cipher->do_cipher)(ctx, out, in, inlen);
904 if (ret != 1)
905 return ret;
906
907 *outlen += inlen;
908
909 in = ((unsigned char *)in) + inlen;
910 memcpy(ctx->buf, in, ctx->buf_len);
911 }
912
913 return 1;
914 }
915
916 /**
917 * Encipher/decipher final data
918 *
919 * @param ctx the cipher context.
920 * @param out output data from the operation.
921 * @param outlen output length
922 *
923 * The input length needs to be at least EVP_CIPHER_block_size() bytes
924 * long.
925 *
926 * See @ref evp_cipher for an example how to use this function.
927 *
928 * @return 1 on success.
929 *
930 * @ingroup hcrypto_evp
931 */
932
933 int
934 EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, void *out, int *outlen)
935 {
936 *outlen = 0;
937
938 if (ctx->buf_len) {
939 int ret, left, blocksize;
940
941 blocksize = EVP_CIPHER_CTX_block_size(ctx);
942
943 left = blocksize - ctx->buf_len;
944 assert(left > 0);
945
946 /* zero fill local buffer */
947 memset(ctx->buf + ctx->buf_len, 0, left);
948 ret = (*ctx->cipher->do_cipher)(ctx, out, ctx->buf, blocksize);
949 memset(ctx->buf, 0, blocksize);
950 if (ret != 1)
951 return ret;
952
953 *outlen += blocksize;
954 }
955
956 return 1;
957 }
958
959 /**
960 * Encipher/decipher data
961 *
962 * @param ctx the cipher context.
963 * @param out out data from the operation.
964 * @param in in data to the operation.
965 * @param size length of data.
966 *
967 * @return 1 on success.
968 */
969
970 int
971 EVP_Cipher(EVP_CIPHER_CTX *ctx, void *out, const void *in,size_t size)
972 {
973 return ctx->cipher->do_cipher(ctx, out, in, size);
974 }
975
976 /*
977 *
978 */
979
980 static int
981 enc_null_init(EVP_CIPHER_CTX *ctx,
982 const unsigned char * key,
983 const unsigned char * iv,
984 int encp)
985 {
986 return 1;
987 }
988
989 static int
990 enc_null_do_cipher(EVP_CIPHER_CTX *ctx,
991 unsigned char *out,
992 const unsigned char *in,
993 unsigned int size)
994 {
995 memmove(out, in, size);
996 return 1;
997 }
998
999 static int
1000 enc_null_cleanup(EVP_CIPHER_CTX *ctx)
1001 {
1002 return 1;
1003 }
1004
1005 /**
1006 * The NULL cipher type, does no encryption/decryption.
1007 *
1008 * @return the null EVP_CIPHER pointer.
1009 *
1010 * @ingroup hcrypto_evp
1011 */
1012
1013 const EVP_CIPHER *
1014 EVP_enc_null(void)
1015 {
1016 static const EVP_CIPHER enc_null = {
1017 0,
1018 0,
1019 0,
1020 0,
1021 EVP_CIPH_CBC_MODE,
1022 enc_null_init,
1023 enc_null_do_cipher,
1024 enc_null_cleanup,
1025 0,
1026 NULL,
1027 NULL,
1028 NULL,
1029 NULL
1030 };
1031 return &enc_null;
1032 }
1033
1034 /**
1035 * The RC2 cipher type
1036 *
1037 * @return the RC2 EVP_CIPHER pointer.
1038 *
1039 * @ingroup hcrypto_evp
1040 */
1041
1042 const EVP_CIPHER *
1043 EVP_rc2_cbc(void)
1044 {
1045 hcrypto_validate();
1046 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_cbc);
1047 }
1048
1049 /**
1050 * The RC2 cipher type
1051 *
1052 * @return the RC2 EVP_CIPHER pointer.
1053 *
1054 * @ingroup hcrypto_evp
1055 */
1056
1057 const EVP_CIPHER *
1058 EVP_rc2_40_cbc(void)
1059 {
1060 hcrypto_validate();
1061 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_40_cbc);
1062 }
1063
1064 /**
1065 * The RC2 cipher type
1066 *
1067 * @return the RC2 EVP_CIPHER pointer.
1068 *
1069 * @ingroup hcrypto_evp
1070 */
1071
1072 const EVP_CIPHER *
1073 EVP_rc2_64_cbc(void)
1074 {
1075 hcrypto_validate();
1076 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_64_cbc);
1077 }
1078
1079 /**
1080 * The RC4 cipher type
1081 *
1082 * @return the RC4 EVP_CIPHER pointer.
1083 *
1084 * @ingroup hcrypto_evp
1085 */
1086
1087 const EVP_CIPHER *
1088 EVP_rc4(void)
1089 {
1090 hcrypto_validate();
1091 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc4);
1092 }
1093
1094 /**
1095 * The RC4-40 cipher type
1096 *
1097 * @return the RC4-40 EVP_CIPHER pointer.
1098 *
1099 * @ingroup hcrypto_evp
1100 */
1101
1102 const EVP_CIPHER *
1103 EVP_rc4_40(void)
1104 {
1105 hcrypto_validate();
1106 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc4_40);
1107 }
1108
1109 /**
1110 * The DES cipher type
1111 *
1112 * @return the DES-CBC EVP_CIPHER pointer.
1113 *
1114 * @ingroup hcrypto_evp
1115 */
1116
1117 const EVP_CIPHER *
1118 EVP_des_cbc(void)
1119 {
1120 hcrypto_validate();
1121 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, des_cbc);
1122 }
1123
1124 /**
1125 * The tripple DES cipher type
1126 *
1127 * @return the DES-EDE3-CBC EVP_CIPHER pointer.
1128 *
1129 * @ingroup hcrypto_evp
1130 */
1131
1132 const EVP_CIPHER *
1133 EVP_des_ede3_cbc(void)
1134 {
1135 hcrypto_validate();
1136 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, des_ede3_cbc);
1137 }
1138
1139 /**
1140 * The AES-128 cipher type
1141 *
1142 * @return the AES-128 EVP_CIPHER pointer.
1143 *
1144 * @ingroup hcrypto_evp
1145 */
1146
1147 const EVP_CIPHER *
1148 EVP_aes_128_cbc(void)
1149 {
1150 hcrypto_validate();
1151 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_128_cbc);
1152 }
1153
1154 /**
1155 * The AES-192 cipher type
1156 *
1157 * @return the AES-192 EVP_CIPHER pointer.
1158 *
1159 * @ingroup hcrypto_evp
1160 */
1161
1162 const EVP_CIPHER *
1163 EVP_aes_192_cbc(void)
1164 {
1165 hcrypto_validate();
1166 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_192_cbc);
1167 }
1168
1169 /**
1170 * The AES-256 cipher type
1171 *
1172 * @return the AES-256 EVP_CIPHER pointer.
1173 *
1174 * @ingroup hcrypto_evp
1175 */
1176
1177 const EVP_CIPHER *
1178 EVP_aes_256_cbc(void)
1179 {
1180 hcrypto_validate();
1181 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_256_cbc);
1182 }
1183
1184 /**
1185 * The AES-128 cipher type
1186 *
1187 * @return the AES-128 EVP_CIPHER pointer.
1188 *
1189 * @ingroup hcrypto_evp
1190 */
1191
1192 const EVP_CIPHER *
1193 EVP_aes_128_cfb8(void)
1194 {
1195 hcrypto_validate();
1196 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_128_cfb8);
1197 }
1198
1199 /**
1200 * The AES-192 cipher type
1201 *
1202 * @return the AES-192 EVP_CIPHER pointer.
1203 *
1204 * @ingroup hcrypto_evp
1205 */
1206
1207 const EVP_CIPHER *
1208 EVP_aes_192_cfb8(void)
1209 {
1210 hcrypto_validate();
1211 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_192_cfb8);
1212 }
1213
1214 /**
1215 * The AES-256 cipher type
1216 *
1217 * @return the AES-256 EVP_CIPHER pointer.
1218 *
1219 * @ingroup hcrypto_evp
1220 */
1221
1222 const EVP_CIPHER *
1223 EVP_aes_256_cfb8(void)
1224 {
1225 hcrypto_validate();
1226 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_256_cfb8);
1227 }
1228
1229 /**
1230 * The Camellia-128 cipher type
1231 *
1232 * @return the Camellia-128 EVP_CIPHER pointer.
1233 *
1234 * @ingroup hcrypto_evp
1235 */
1236
1237 const EVP_CIPHER *
1238 EVP_camellia_128_cbc(void)
1239 {
1240 hcrypto_validate();
1241 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_128_cbc);
1242 }
1243
1244 /**
1245 * The Camellia-198 cipher type
1246 *
1247 * @return the Camellia-198 EVP_CIPHER pointer.
1248 *
1249 * @ingroup hcrypto_evp
1250 */
1251
1252 const EVP_CIPHER *
1253 EVP_camellia_192_cbc(void)
1254 {
1255 hcrypto_validate();
1256 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_192_cbc);
1257 }
1258
1259 /**
1260 * The Camellia-256 cipher type
1261 *
1262 * @return the Camellia-256 EVP_CIPHER pointer.
1263 *
1264 * @ingroup hcrypto_evp
1265 */
1266
1267 const EVP_CIPHER *
1268 EVP_camellia_256_cbc(void)
1269 {
1270 hcrypto_validate();
1271 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_256_cbc);
1272 }
1273
1274 /*
1275 *
1276 */
1277
1278 static const struct cipher_name {
1279 const char *name;
1280 const EVP_CIPHER *(*func)(void);
1281 } cipher_name[] = {
1282 { "des-ede3-cbc", EVP_des_ede3_cbc },
1283 { "aes-128-cbc", EVP_aes_128_cbc },
1284 { "aes-192-cbc", EVP_aes_192_cbc },
1285 { "aes-256-cbc", EVP_aes_256_cbc },
1286 { "aes-128-cfb8", EVP_aes_128_cfb8 },
1287 { "aes-192-cfb8", EVP_aes_192_cfb8 },
1288 { "aes-256-cfb8", EVP_aes_256_cfb8 },
1289 { "camellia-128-cbc", EVP_camellia_128_cbc },
1290 { "camellia-192-cbc", EVP_camellia_192_cbc },
1291 { "camellia-256-cbc", EVP_camellia_256_cbc }
1292 };
1293
1294 /**
1295 * Get the cipher type using their name.
1296 *
1297 * @param name the name of the cipher.
1298 *
1299 * @return the selected EVP_CIPHER pointer or NULL if not found.
1300 *
1301 * @ingroup hcrypto_evp
1302 */
1303
1304 const EVP_CIPHER *
1305 EVP_get_cipherbyname(const char *name)
1306 {
1307 int i;
1308 for (i = 0; i < sizeof(cipher_name)/sizeof(cipher_name[0]); i++) {
1309 if (strcasecmp(cipher_name[i].name, name) == 0)
1310 return (*cipher_name[i].func)();
1311 }
1312 return NULL;
1313 }
1314
1315
1316 /*
1317 *
1318 */
1319
1320 #ifndef min
1321 #define min(a,b) (((a)>(b))?(b):(a))
1322 #endif
1323
1324 /**
1325 * Provides a legancy string to key function, used in PEM files.
1326 *
1327 * New protocols should use new string to key functions like NIST
1328 * SP56-800A or PKCS#5 v2.0 (see PKCS5_PBKDF2_HMAC_SHA1()).
1329 *
1330 * @param type type of cipher to use
1331 * @param md message digest to use
1332 * @param salt salt salt string, should be an binary 8 byte buffer.
1333 * @param data the password/input key string.
1334 * @param datalen length of data parameter.
1335 * @param count iteration counter.
1336 * @param keydata output keydata, needs to of the size EVP_CIPHER_key_length().
1337 * @param ivdata output ivdata, needs to of the size EVP_CIPHER_block_size().
1338 *
1339 * @return the size of derived key.
1340 *
1341 * @ingroup hcrypto_evp
1342 */
1343
1344 int
1345 EVP_BytesToKey(const EVP_CIPHER *type,
1346 const EVP_MD *md,
1347 const void *salt,
1348 const void *data, size_t datalen,
1349 unsigned int count,
1350 void *keydata,
1351 void *ivdata)
1352 {
1353 unsigned int ivlen, keylen;
1354 int first = 0;
1355 unsigned int mds = 0, i;
1356 unsigned char *key = keydata;
1357 unsigned char *iv = ivdata;
1358 unsigned char *buf;
1359 EVP_MD_CTX c;
1360
1361 keylen = EVP_CIPHER_key_length(type);
1362 ivlen = EVP_CIPHER_iv_length(type);
1363
1364 if (data == NULL)
1365 return keylen;
1366
1367 buf = malloc(EVP_MD_size(md));
1368 if (buf == NULL)
1369 return -1;
1370
1371 EVP_MD_CTX_init(&c);
1372
1373 first = 1;
1374 while (1) {
1375 EVP_DigestInit_ex(&c, md, NULL);
1376 if (!first)
1377 EVP_DigestUpdate(&c, buf, mds);
1378 first = 0;
1379 EVP_DigestUpdate(&c,data,datalen);
1380
1381 #define PKCS5_SALT_LEN 8
1382
1383 if (salt)
1384 EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN);
1385
1386 EVP_DigestFinal_ex(&c, buf, &mds);
1387 assert(mds == EVP_MD_size(md));
1388
1389 for (i = 1; i < count; i++) {
1390 EVP_DigestInit_ex(&c, md, NULL);
1391 EVP_DigestUpdate(&c, buf, mds);
1392 EVP_DigestFinal_ex(&c, buf, &mds);
1393 assert(mds == EVP_MD_size(md));
1394 }
1395
1396 i = 0;
1397 if (keylen) {
1398 size_t sz = min(keylen, mds);
1399 if (key) {
1400 memcpy(key, buf, sz);
1401 key += sz;
1402 }
1403 keylen -= sz;
1404 i += sz;
1405 }
1406 if (ivlen && mds > i) {
1407 size_t sz = min(ivlen, (mds - i));
1408 if (iv) {
1409 memcpy(iv, &buf[i], sz);
1410 iv += sz;
1411 }
1412 ivlen -= sz;
1413 }
1414 if (keylen == 0 && ivlen == 0)
1415 break;
1416 }
1417
1418 EVP_MD_CTX_cleanup(&c);
1419 free(buf);
1420
1421 return EVP_CIPHER_key_length(type);
1422 }
1423
1424 /**
1425 * Generate a random key for the specificed EVP_CIPHER.
1426 *
1427 * @param ctx EVP_CIPHER_CTX type to build the key for.
1428 * @param key return key, must be at least EVP_CIPHER_key_length() byte long.
1429 *
1430 * @return 1 for success, 0 for failure.
1431 *
1432 * @ingroup hcrypto_core
1433 */
1434
1435 int
1436 EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, void *key)
1437 {
1438 if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
1439 return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
1440 if (RAND_bytes(key, ctx->key_len) != 1)
1441 return 0;
1442 return 1;
1443 }
1444
1445 /**
1446 * Perform a operation on a ctx
1447 *
1448 * @param ctx context to perform operation on.
1449 * @param type type of operation.
1450 * @param arg argument to operation.
1451 * @param data addition data to operation.
1452
1453 * @return 1 for success, 0 for failure.
1454 *
1455 * @ingroup hcrypto_core
1456 */
1457
1458 int
1459 EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *data)
1460 {
1461 if (ctx->cipher == NULL || ctx->cipher->ctrl == NULL)
1462 return 0;
1463 return (*ctx->cipher->ctrl)(ctx, type, arg, data);
1464 }
1465
1466 /**
1467 * Add all algorithms to the crypto core.
1468 *
1469 * @ingroup hcrypto_core
1470 */
1471
1472 void
1473 OpenSSL_add_all_algorithms(void)
1474 {
1475 return;
1476 }
1477
1478 /**
1479 * Add all algorithms to the crypto core using configuration file.
1480 *
1481 * @ingroup hcrypto_core
1482 */
1483
1484 void
1485 OpenSSL_add_all_algorithms_conf(void)
1486 {
1487 return;
1488 }
1489
1490 /**
1491 * Add all algorithms to the crypto core, but don't use the
1492 * configuration file.
1493 *
1494 * @ingroup hcrypto_core
1495 */
1496
1497 void
1498 OpenSSL_add_all_algorithms_noconf(void)
1499 {
1500 return;
1501 }
Heimdal