search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
roken: getuserinfo WIN32 fix username string termination
[heimdal.git] / lib / hcrypto / evp.c
blob23838709c8e9e178c90955d1a1ec598d1609d199
1 /*
2 * Copyright (c) 2006 - 2016 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #ifdef HAVE_CONFIG_H
35 #include <config.h>
36 #endif
37 #include <roken.h>
38
39 #define HC_DEPRECATED
40 #define HC_DEPRECATED_CRYPTO
41
42 #include <assert.h>
43
44 #include <evp.h>
45 #include <evp-hcrypto.h>
46 #include <evp-cc.h>
47 #if defined(_WIN32)
48 #include <evp-w32.h>
49 #endif
50 #include <evp-pkcs11.h>
51 #include <evp-openssl.h>
52
53 #include <krb5-types.h>
54
55 #ifndef HCRYPTO_DEF_PROVIDER
56 # ifdef __APPLE__
57 # define HCRYPTO_DEF_PROVIDER cc
58 # elif __sun
59 # define HCRYPTO_DEF_PROVIDER pkcs11_hcrypto
60 # elif HAVE_HCRYPTO_W_OPENSSL
61 # define HCRYPTO_DEF_PROVIDER ossl
62 # else
63 # define HCRYPTO_DEF_PROVIDER hcrypto
64 # endif
65 #endif
66
67 #define HC_CONCAT4(x,y,z,aa) x ## y ## z ## aa
68
69
70 #define EVP_DEF_OP(_prov,_op) HC_CONCAT4(EVP_,_prov,_,_op)()
71
72 /**
73 * @page page_evp EVP - generic crypto interface
74 *
75 * See the library functions here: @ref hcrypto_evp
76 *
77 * @section evp_cipher EVP Cipher
78 *
79 * The use of EVP_CipherInit_ex() and EVP_Cipher() is pretty easy to
80 * understand forward, then EVP_CipherUpdate() and
81 * EVP_CipherFinal_ex() really needs an example to explain @ref
82 * example_evp_cipher.c .
83 *
84 * @example example_evp_cipher.c
85 *
86 * This is an example how to use EVP_CipherInit_ex(),
87 * EVP_CipherUpdate() and EVP_CipherFinal_ex().
88 */
89
90 struct hc_EVP_MD_CTX {
91 const EVP_MD *md;
92 ENGINE *engine;
93 void *ptr;
94 };
95
96
97 /**
98 * Return the output size of the message digest function.
99 *
100 * @param md the evp message
101 *
102 * @return size output size of the message digest function.
103 *
104 * @ingroup hcrypto_evp
105 */
106
107 size_t
108 EVP_MD_size(const EVP_MD *md)
109 {
110 return md->hash_size;
111 }
112
113 /**
114 * Return the blocksize of the message digest function.
115 *
116 * @param md the evp message
117 *
118 * @return size size of the message digest block size
119 *
120 * @ingroup hcrypto_evp
121 */
122
123 size_t
124 EVP_MD_block_size(const EVP_MD *md)
125 {
126 return md->block_size;
127 }
128
129 /**
130 * Allocate a messsage digest context object. Free with
131 * EVP_MD_CTX_destroy().
132 *
133 * @return a newly allocated message digest context object.
134 *
135 * @ingroup hcrypto_evp
136 */
137
138 EVP_MD_CTX *
139 EVP_MD_CTX_create(void)
140 {
141 return calloc(1, sizeof(EVP_MD_CTX));
142 }
143
144 /**
145 * Initiate a messsage digest context object. Deallocate with
146 * EVP_MD_CTX_cleanup(). Please use EVP_MD_CTX_create() instead.
147 *
148 * @param ctx variable to initiate.
149 *
150 * @ingroup hcrypto_evp
151 */
152
153 void
154 EVP_MD_CTX_init(EVP_MD_CTX *ctx) HC_DEPRECATED
155 {
156 memset(ctx, 0, sizeof(*ctx));
157 }
158
159 /**
160 * Free a messsage digest context object.
161 *
162 * @param ctx context to free.
163 *
164 * @ingroup hcrypto_evp
165 */
166
167 void
168 EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
169 {
170 EVP_MD_CTX_cleanup(ctx);
171 free(ctx);
172 }
173
174 /**
175 * Free the resources used by the EVP_MD context.
176 *
177 * @param ctx the context to free the resources from.
178 *
179 * @return 1 on success.
180 *
181 * @ingroup hcrypto_evp
182 */
183
184 int
185 EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) HC_DEPRECATED
186 {
187 if (ctx->md && ctx->md->cleanup) {
188 int ret = (ctx->md->cleanup)(ctx->ptr);
189 if (!ret)
190 return ret;
191 } else if (ctx->md) {
192 memset(ctx->ptr, 0, ctx->md->ctx_size);
193 }
194 ctx->md = NULL;
195 ctx->engine = NULL;
196 free(ctx->ptr);
197 memset(ctx, 0, sizeof(*ctx));
198 return 1;
199 }
200
201 /**
202 * Get the EVP_MD use for a specified context.
203 *
204 * @param ctx the EVP_MD context to get the EVP_MD for.
205 *
206 * @return the EVP_MD used for the context.
207 *
208 * @ingroup hcrypto_evp
209 */
210
211 const EVP_MD *
212 EVP_MD_CTX_md(EVP_MD_CTX *ctx)
213 {
214 return ctx->md;
215 }
216
217 /**
218 * Return the output size of the message digest function.
219 *
220 * @param ctx the evp message digest context
221 *
222 * @return size output size of the message digest function.
223 *
224 * @ingroup hcrypto_evp
225 */
226
227 size_t
228 EVP_MD_CTX_size(EVP_MD_CTX *ctx)
229 {
230 return EVP_MD_size(ctx->md);
231 }
232
233 /**
234 * Return the blocksize of the message digest function.
235 *
236 * @param ctx the evp message digest context
237 *
238 * @return size size of the message digest block size
239 *
240 * @ingroup hcrypto_evp
241 */
242
243 size_t
244 EVP_MD_CTX_block_size(EVP_MD_CTX *ctx)
245 {
246 return EVP_MD_block_size(ctx->md);
247 }
248
249 /**
250 * Init a EVP_MD_CTX for use a specific message digest and engine.
251 *
252 * @param ctx the message digest context to init.
253 * @param md the message digest to use.
254 * @param engine the engine to use, NULL to use the default engine.
255 *
256 * @return 1 on success.
257 *
258 * @ingroup hcrypto_evp
259 */
260
261 int
262 EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *md, ENGINE *engine)
263 {
264 if (ctx->md != md || ctx->engine != engine) {
265 EVP_MD_CTX_cleanup(ctx);
266 ctx->md = md;
267 ctx->engine = engine;
268 if (md == NULL)
269 return 0;
270
271 ctx->ptr = calloc(1, md->ctx_size);
272 if (ctx->ptr == NULL)
273 return 0;
274 }
275 if (ctx->md == 0)
276 return 0;
277 return (ctx->md->init)(ctx->ptr);
278 }
279
280 /**
281 * Update the digest with some data.
282 *
283 * @param ctx the context to update
284 * @param data the data to update the context with
285 * @param size length of data
286 *
287 * @return 1 on success.
288 *
289 * @ingroup hcrypto_evp
290 */
291
292 int
293 EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t size)
294 {
295 (ctx->md->update)(ctx->ptr, data, size);
296 return 1;
297 }
298
299 /**
300 * Complete the message digest.
301 *
302 * @param ctx the context to complete.
303 * @param hash the output of the message digest function. At least
304 * EVP_MD_size().
305 * @param size the output size of hash.
306 *
307 * @return 1 on success.
308 *
309 * @ingroup hcrypto_evp
310 */
311
312 int
313 EVP_DigestFinal_ex(EVP_MD_CTX *ctx, void *hash, unsigned int *size)
314 {
315 (ctx->md->final)(hash, ctx->ptr);
316 if (size)
317 *size = ctx->md->hash_size;
318 return 1;
319 }
320
321 /**
322 * Do the whole EVP_MD_CTX_create(), EVP_DigestInit_ex(),
323 * EVP_DigestUpdate(), EVP_DigestFinal_ex(), EVP_MD_CTX_destroy()
324 * dance in one call.
325 *
326 * @param data the data to update the context with
327 * @param dsize length of data
328 * @param hash output data of at least EVP_MD_size() length.
329 * @param hsize output length of hash.
330 * @param md message digest to use
331 * @param engine engine to use, NULL for default engine.
332 *
333 * @return 1 on success.
334 *
335 * @ingroup hcrypto_evp
336 */
337
338 int
339 EVP_Digest(const void *data, size_t dsize, void *hash, unsigned int *hsize,
340 const EVP_MD *md, ENGINE *engine)
341 {
342 EVP_MD_CTX *ctx;
343 int ret;
344
345 ctx = EVP_MD_CTX_create();
346 if (ctx == NULL)
347 return 0;
348 ret = EVP_DigestInit_ex(ctx, md, engine);
349 if (ret != 1) {
350 EVP_MD_CTX_destroy(ctx);
351 return ret;
352 }
353 ret = EVP_DigestUpdate(ctx, data, dsize);
354 if (ret != 1) {
355 EVP_MD_CTX_destroy(ctx);
356 return ret;
357 }
358 ret = EVP_DigestFinal_ex(ctx, hash, hsize);
359 EVP_MD_CTX_destroy(ctx);
360 return ret;
361 }
362
363 /**
364 * The message digest SHA256
365 *
366 * @return the message digest type.
367 *
368 * @ingroup hcrypto_evp
369 */
370
371 const EVP_MD *
372 EVP_sha256(void)
373 {
374 hcrypto_validate();
375 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha256);
376 }
377
378 /**
379 * The message digest SHA384
380 *
381 * @return the message digest type.
382 *
383 * @ingroup hcrypto_evp
384 */
385
386 const EVP_MD *
387 EVP_sha384(void)
388 {
389 hcrypto_validate();
390 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha384);
391 }
392
393 /**
394 * The message digest SHA512
395 *
396 * @return the message digest type.
397 *
398 * @ingroup hcrypto_evp
399 */
400
401 const EVP_MD *
402 EVP_sha512(void)
403 {
404 hcrypto_validate();
405 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha512);
406 }
407
408 /**
409 * The message digest SHA1
410 *
411 * @return the message digest type.
412 *
413 * @ingroup hcrypto_evp
414 */
415
416 const EVP_MD *
417 EVP_sha1(void)
418 {
419 hcrypto_validate();
420 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha1);
421 }
422
423 /**
424 * The message digest SHA1
425 *
426 * @return the message digest type.
427 *
428 * @ingroup hcrypto_evp
429 */
430
431 const EVP_MD *
432 EVP_sha(void) HC_DEPRECATED
433
434 {
435 hcrypto_validate();
436 return EVP_sha1();
437 }
438
439 /**
440 * The message digest MD5
441 *
442 * @return the message digest type.
443 *
444 * @ingroup hcrypto_evp
445 */
446
447 const EVP_MD *
448 EVP_md5(void) HC_DEPRECATED_CRYPTO
449 {
450 hcrypto_validate();
451 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md5);
452 }
453
454 /**
455 * The message digest MD4
456 *
457 * @return the message digest type.
458 *
459 * @ingroup hcrypto_evp
460 */
461
462 const EVP_MD *
463 EVP_md4(void) HC_DEPRECATED_CRYPTO
464 {
465 hcrypto_validate();
466 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md4);
467 }
468
469 /**
470 * The message digest MD2
471 *
472 * @return the message digest type.
473 *
474 * @ingroup hcrypto_evp
475 */
476
477 const EVP_MD *
478 EVP_md2(void) HC_DEPRECATED_CRYPTO
479 {
480 hcrypto_validate();
481 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md2);
482 }
483
484 /*
485 *
486 */
487
488 static void
489 null_Init (void *m)
490 {
491 }
492 static void
493 null_Update (void *m, const void * data, size_t size)
494 {
495 }
496 static void
497 null_Final(void *res, void *m)
498 {
499 }
500
501 /**
502 * The null message digest
503 *
504 * @return the message digest type.
505 *
506 * @ingroup hcrypto_evp
507 */
508
509 const EVP_MD *
510 EVP_md_null(void)
511 {
512 static const struct hc_evp_md null = {
513 0,
514 0,
515 0,
516 (hc_evp_md_init)null_Init,
517 (hc_evp_md_update)null_Update,
518 (hc_evp_md_final)null_Final,
519 NULL
520 };
521 return &null;
522 }
523
524 /**
525 * Return the block size of the cipher.
526 *
527 * @param c cipher to get the block size from.
528 *
529 * @return the block size of the cipher.
530 *
531 * @ingroup hcrypto_evp
532 */
533
534 size_t
535 EVP_CIPHER_block_size(const EVP_CIPHER *c)
536 {
537 return c->block_size;
538 }
539
540 /**
541 * Return the key size of the cipher.
542 *
543 * @param c cipher to get the key size from.
544 *
545 * @return the key size of the cipher.
546 *
547 * @ingroup hcrypto_evp
548 */
549
550 size_t
551 EVP_CIPHER_key_length(const EVP_CIPHER *c)
552 {
553 return c->key_len;
554 }
555
556 /**
557 * Return the IV size of the cipher.
558 *
559 * @param c cipher to get the IV size from.
560 *
561 * @return the IV size of the cipher.
562 *
563 * @ingroup hcrypto_evp
564 */
565
566 size_t
567 EVP_CIPHER_iv_length(const EVP_CIPHER *c)
568 {
569 return c->iv_len;
570 }
571
572 /**
573 * Initiate a EVP_CIPHER_CTX context. Clean up with
574 * EVP_CIPHER_CTX_cleanup().
575 *
576 * @param c the cipher initiate.
577 *
578 * @ingroup hcrypto_evp
579 */
580
581 void
582 EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *c)
583 {
584 memset(c, 0, sizeof(*c));
585 }
586
587 /**
588 * Clean up the EVP_CIPHER_CTX context.
589 *
590 * @param c the cipher to clean up.
591 *
592 * @return 1 on success.
593 *
594 * @ingroup hcrypto_evp
595 */
596
597 int
598 EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
599 {
600 if (c->cipher && c->cipher->cleanup) {
601 int ret = c->cipher->cleanup(c);
602 if (!ret)
603 return ret;
604 }
605 if (c->cipher_data) {
606 if (c->cipher)
607 memset(c->cipher_data, 0, c->cipher->ctx_size);
608 free(c->cipher_data);
609 c->cipher_data = NULL;
610 }
611 return 1;
612 }
613
614 /**
615 * If the cipher type supports it, change the key length
616 *
617 * @param c the cipher context to change the key length for
618 * @param length new key length
619 *
620 * @return 1 on success.
621 *
622 * @ingroup hcrypto_evp
623 */
624
625 int
626 EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int length)
627 {
628 if ((c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH) && length > 0) {
629 c->key_len = length;
630 return 1;
631 }
632 return 0;
633 }
634
635 #if 0
636 int
637 EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad)
638 {
639 return 0;
640 }
641 #endif
642
643 /**
644 * Return the EVP_CIPHER for a EVP_CIPHER_CTX context.
645 *
646 * @param ctx the context to get the cipher type from.
647 *
648 * @return the EVP_CIPHER pointer.
649 *
650 * @ingroup hcrypto_evp
651 */
652
653 const EVP_CIPHER *
654 EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX *ctx)
655 {
656 return ctx->cipher;
657 }
658
659 /**
660 * Return the block size of the cipher context.
661 *
662 * @param ctx cipher context to get the block size from.
663 *
664 * @return the block size of the cipher context.
665 *
666 * @ingroup hcrypto_evp
667 */
668
669 size_t
670 EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
671 {
672 return EVP_CIPHER_block_size(ctx->cipher);
673 }
674
675 /**
676 * Return the key size of the cipher context.
677 *
678 * @param ctx cipher context to get the key size from.
679 *
680 * @return the key size of the cipher context.
681 *
682 * @ingroup hcrypto_evp
683 */
684
685 size_t
686 EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
687 {
688 return EVP_CIPHER_key_length(ctx->cipher);
689 }
690
691 /**
692 * Return the IV size of the cipher context.
693 *
694 * @param ctx cipher context to get the IV size from.
695 *
696 * @return the IV size of the cipher context.
697 *
698 * @ingroup hcrypto_evp
699 */
700
701 size_t
702 EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
703 {
704 return EVP_CIPHER_iv_length(ctx->cipher);
705 }
706
707 /**
708 * Get the flags for an EVP_CIPHER_CTX context.
709 *
710 * @param ctx the EVP_CIPHER_CTX to get the flags from
711 *
712 * @return the flags for an EVP_CIPHER_CTX.
713 *
714 * @ingroup hcrypto_evp
715 */
716
717 unsigned long
718 EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
719 {
720 return ctx->cipher->flags;
721 }
722
723 /**
724 * Get the mode for an EVP_CIPHER_CTX context.
725 *
726 * @param ctx the EVP_CIPHER_CTX to get the mode from
727 *
728 * @return the mode for an EVP_CIPHER_CTX.
729 *
730 * @ingroup hcrypto_evp
731 */
732
733 int
734 EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx)
735 {
736 return EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_MODE;
737 }
738
739 /**
740 * Get the app data for an EVP_CIPHER_CTX context.
741 *
742 * @param ctx the EVP_CIPHER_CTX to get the app data from
743 *
744 * @return the app data for an EVP_CIPHER_CTX.
745 *
746 * @ingroup hcrypto_evp
747 */
748
749 void *
750 EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX *ctx)
751 {
752 return ctx->app_data;
753 }
754
755 /**
756 * Set the app data for an EVP_CIPHER_CTX context.
757 *
758 * @param ctx the EVP_CIPHER_CTX to set the app data for
759 * @param data the app data to set for an EVP_CIPHER_CTX.
760 *
761 * @ingroup hcrypto_evp
762 */
763
764 void
765 EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
766 {
767 ctx->app_data = data;
768 }
769
770 /**
771 * Initiate the EVP_CIPHER_CTX context to encrypt or decrypt data.
772 * Clean up with EVP_CIPHER_CTX_cleanup().
773 *
774 * @param ctx context to initiate
775 * @param c cipher to use.
776 * @param engine crypto engine to use, NULL to select default.
777 * @param key the crypto key to use, NULL will use the previous value.
778 * @param iv the IV to use, NULL will use the previous value.
779 * @param encp non zero will encrypt, -1 use the previous value.
780 *
781 * @return 1 on success.
782 *
783 * @ingroup hcrypto_evp
784 */
785
786 int
787 EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *c, ENGINE *engine,
788 const void *key, const void *iv, int encp)
789 {
790 ctx->buf_len = 0;
791
792 if (encp == -1)
793 encp = ctx->encrypt;
794 else
795 ctx->encrypt = (encp ? 1 : 0);
796
797 if (c && (c != ctx->cipher)) {
798 EVP_CIPHER_CTX_cleanup(ctx);
799 ctx->cipher = c;
800 ctx->key_len = c->key_len;
801
802 ctx->cipher_data = calloc(1, c->ctx_size);
803 if (ctx->cipher_data == NULL && c->ctx_size != 0)
804 return 0;
805
806 /* assume block size is a multiple of 2 */
807 ctx->block_mask = EVP_CIPHER_block_size(c) - 1;
808
809 if ((ctx->cipher->flags & EVP_CIPH_CTRL_INIT) &&
810 !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL))
811 return 0;
812
813 } else if (ctx->cipher == NULL) {
814 /* reuse of cipher, but not any cipher ever set! */
815 return 0;
816 }
817
818 switch (EVP_CIPHER_CTX_mode(ctx)) {
819 case EVP_CIPH_CBC_MODE:
820
821 assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof(ctx->iv));
822
823 if (iv)
824 memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
825 memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
826 break;
827
828 case EVP_CIPH_STREAM_CIPHER:
829 break;
830 case EVP_CIPH_CFB8_MODE:
831 if (iv)
832 memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
833 break;
834
835 default:
836 return 0;
837 }
838
839 if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT))
840 return ctx->cipher->init(ctx, key, iv, encp);
841
842 return 1;
843 }
844
845 /**
846 * Encipher/decipher partial data
847 *
848 * @param ctx the cipher context.
849 * @param out output data from the operation.
850 * @param outlen output length
851 * @param in input data to the operation.
852 * @param inlen length of data.
853 *
854 * The output buffer length should at least be EVP_CIPHER_block_size()
855 * byte longer then the input length.
856 *
857 * See @ref evp_cipher for an example how to use this function.
858 *
859 * @return 1 on success.
860 *
861 * @ingroup hcrypto_evp
862 */
863
864 int
865 EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, void *out, int *outlen,
866 void *in, size_t inlen)
867 {
868 int ret, left, blocksize;
869
870 *outlen = 0;
871
872 /**
873 * If there in no spare bytes in the left from last Update and the
874 * input length is on the block boundery, the EVP_CipherUpdate()
875 * function can take a shortcut (and preformance gain) and
876 * directly encrypt the data, otherwise we hav to fix it up and
877 * store extra it the EVP_CIPHER_CTX.
878 */
879 if (ctx->buf_len == 0 && (inlen & ctx->block_mask) == 0) {
880 ret = (*ctx->cipher->do_cipher)(ctx, out, in, inlen);
881 if (ret == 1)
882 *outlen = inlen;
883 else
884 *outlen = 0;
885 return ret;
886 }
887
888
889 blocksize = EVP_CIPHER_CTX_block_size(ctx);
890 left = blocksize - ctx->buf_len;
891 assert(left > 0);
892
893 if (ctx->buf_len) {
894
895 /* if total buffer is smaller then input, store locally */
896 if (inlen < left) {
897 memcpy(ctx->buf + ctx->buf_len, in, inlen);
898 ctx->buf_len += inlen;
899 return 1;
900 }
901
902 /* fill in local buffer and encrypt */
903 memcpy(ctx->buf + ctx->buf_len, in, left);
904 ret = (*ctx->cipher->do_cipher)(ctx, out, ctx->buf, blocksize);
905 memset(ctx->buf, 0, blocksize);
906 if (ret != 1)
907 return ret;
908
909 *outlen += blocksize;
910 inlen -= left;
911 in = ((unsigned char *)in) + left;
912 out = ((unsigned char *)out) + blocksize;
913 ctx->buf_len = 0;
914 }
915
916 if (inlen) {
917 ctx->buf_len = (inlen & ctx->block_mask);
918 inlen &= ~ctx->block_mask;
919
920 ret = (*ctx->cipher->do_cipher)(ctx, out, in, inlen);
921 if (ret != 1)
922 return ret;
923
924 *outlen += inlen;
925
926 in = ((unsigned char *)in) + inlen;
927 memcpy(ctx->buf, in, ctx->buf_len);
928 }
929
930 return 1;
931 }
932
933 /**
934 * Encipher/decipher final data
935 *
936 * @param ctx the cipher context.
937 * @param out output data from the operation.
938 * @param outlen output length
939 *
940 * The input length needs to be at least EVP_CIPHER_block_size() bytes
941 * long.
942 *
943 * See @ref evp_cipher for an example how to use this function.
944 *
945 * @return 1 on success.
946 *
947 * @ingroup hcrypto_evp
948 */
949
950 int
951 EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, void *out, int *outlen)
952 {
953 *outlen = 0;
954
955 if (ctx->buf_len) {
956 int ret, left, blocksize;
957
958 blocksize = EVP_CIPHER_CTX_block_size(ctx);
959
960 left = blocksize - ctx->buf_len;
961 assert(left > 0);
962
963 /* zero fill local buffer */
964 memset(ctx->buf + ctx->buf_len, 0, left);
965 ret = (*ctx->cipher->do_cipher)(ctx, out, ctx->buf, blocksize);
966 memset(ctx->buf, 0, blocksize);
967 if (ret != 1)
968 return ret;
969
970 *outlen += blocksize;
971 }
972
973 return 1;
974 }
975
976 /**
977 * Encipher/decipher data
978 *
979 * @param ctx the cipher context.
980 * @param out out data from the operation.
981 * @param in in data to the operation.
982 * @param size length of data.
983 *
984 * @return 1 on success.
985 */
986
987 int
988 EVP_Cipher(EVP_CIPHER_CTX *ctx, void *out, const void *in,size_t size)
989 {
990 return ctx->cipher->do_cipher(ctx, out, in, size);
991 }
992
993 /*
994 *
995 */
996
997 static int
998 enc_null_init(EVP_CIPHER_CTX *ctx,
999 const unsigned char * key,
1000 const unsigned char * iv,
1001 int encp)
1002 {
1003 return 1;
1004 }
1005
1006 static int
1007 enc_null_do_cipher(EVP_CIPHER_CTX *ctx,
1008 unsigned char *out,
1009 const unsigned char *in,
1010 unsigned int size)
1011 {
1012 memmove(out, in, size);
1013 return 1;
1014 }
1015
1016 static int
1017 enc_null_cleanup(EVP_CIPHER_CTX *ctx)
1018 {
1019 return 1;
1020 }
1021
1022 /**
1023 * The NULL cipher type, does no encryption/decryption.
1024 *
1025 * @return the null EVP_CIPHER pointer.
1026 *
1027 * @ingroup hcrypto_evp
1028 */
1029
1030 const EVP_CIPHER *
1031 EVP_enc_null(void)
1032 {
1033 static const EVP_CIPHER enc_null = {
1034 0,
1035 0,
1036 0,
1037 0,
1038 EVP_CIPH_CBC_MODE,
1039 enc_null_init,
1040 enc_null_do_cipher,
1041 enc_null_cleanup,
1042 0,
1043 NULL,
1044 NULL,
1045 NULL,
1046 NULL
1047 };
1048 return &enc_null;
1049 }
1050
1051 /**
1052 * The RC2 cipher type
1053 *
1054 * @return the RC2 EVP_CIPHER pointer.
1055 *
1056 * @ingroup hcrypto_evp
1057 */
1058
1059 const EVP_CIPHER *
1060 EVP_rc2_cbc(void)
1061 {
1062 hcrypto_validate();
1063 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_cbc);
1064 }
1065
1066 /**
1067 * The RC2 cipher type
1068 *
1069 * @return the RC2 EVP_CIPHER pointer.
1070 *
1071 * @ingroup hcrypto_evp
1072 */
1073
1074 const EVP_CIPHER *
1075 EVP_rc2_40_cbc(void)
1076 {
1077 hcrypto_validate();
1078 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_40_cbc);
1079 }
1080
1081 /**
1082 * The RC2 cipher type
1083 *
1084 * @return the RC2 EVP_CIPHER pointer.
1085 *
1086 * @ingroup hcrypto_evp
1087 */
1088
1089 const EVP_CIPHER *
1090 EVP_rc2_64_cbc(void)
1091 {
1092 hcrypto_validate();
1093 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_64_cbc);
1094 }
1095
1096 /**
1097 * The RC4 cipher type
1098 *
1099 * @return the RC4 EVP_CIPHER pointer.
1100 *
1101 * @ingroup hcrypto_evp
1102 */
1103
1104 const EVP_CIPHER *
1105 EVP_rc4(void)
1106 {
1107 hcrypto_validate();
1108 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc4);
1109 }
1110
1111 /**
1112 * The RC4-40 cipher type
1113 *
1114 * @return the RC4-40 EVP_CIPHER pointer.
1115 *
1116 * @ingroup hcrypto_evp
1117 */
1118
1119 const EVP_CIPHER *
1120 EVP_rc4_40(void)
1121 {
1122 hcrypto_validate();
1123 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc4_40);
1124 }
1125
1126 /**
1127 * The DES cipher type
1128 *
1129 * @return the DES-CBC EVP_CIPHER pointer.
1130 *
1131 * @ingroup hcrypto_evp
1132 */
1133
1134 const EVP_CIPHER *
1135 EVP_des_cbc(void)
1136 {
1137 hcrypto_validate();
1138 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, des_cbc);
1139 }
1140
1141 /**
1142 * The triple DES cipher type
1143 *
1144 * @return the DES-EDE3-CBC EVP_CIPHER pointer.
1145 *
1146 * @ingroup hcrypto_evp
1147 */
1148
1149 const EVP_CIPHER *
1150 EVP_des_ede3_cbc(void)
1151 {
1152 hcrypto_validate();
1153 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, des_ede3_cbc);
1154 }
1155
1156 /**
1157 * The AES-128 cipher type
1158 *
1159 * @return the AES-128 EVP_CIPHER pointer.
1160 *
1161 * @ingroup hcrypto_evp
1162 */
1163
1164 const EVP_CIPHER *
1165 EVP_aes_128_cbc(void)
1166 {
1167 hcrypto_validate();
1168 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_128_cbc);
1169 }
1170
1171 /**
1172 * The AES-192 cipher type
1173 *
1174 * @return the AES-192 EVP_CIPHER pointer.
1175 *
1176 * @ingroup hcrypto_evp
1177 */
1178
1179 const EVP_CIPHER *
1180 EVP_aes_192_cbc(void)
1181 {
1182 hcrypto_validate();
1183 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_192_cbc);
1184 }
1185
1186 /**
1187 * The AES-256 cipher type
1188 *
1189 * @return the AES-256 EVP_CIPHER pointer.
1190 *
1191 * @ingroup hcrypto_evp
1192 */
1193
1194 const EVP_CIPHER *
1195 EVP_aes_256_cbc(void)
1196 {
1197 hcrypto_validate();
1198 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_256_cbc);
1199 }
1200
1201 /**
1202 * The AES-128 cipher type
1203 *
1204 * @return the AES-128 EVP_CIPHER pointer.
1205 *
1206 * @ingroup hcrypto_evp
1207 */
1208
1209 const EVP_CIPHER *
1210 EVP_aes_128_cfb8(void)
1211 {
1212 hcrypto_validate();
1213 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_128_cfb8);
1214 }
1215
1216 /**
1217 * The AES-192 cipher type
1218 *
1219 * @return the AES-192 EVP_CIPHER pointer.
1220 *
1221 * @ingroup hcrypto_evp
1222 */
1223
1224 const EVP_CIPHER *
1225 EVP_aes_192_cfb8(void)
1226 {
1227 hcrypto_validate();
1228 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_192_cfb8);
1229 }
1230
1231 /**
1232 * The AES-256 cipher type
1233 *
1234 * @return the AES-256 EVP_CIPHER pointer.
1235 *
1236 * @ingroup hcrypto_evp
1237 */
1238
1239 const EVP_CIPHER *
1240 EVP_aes_256_cfb8(void)
1241 {
1242 hcrypto_validate();
1243 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_256_cfb8);
1244 }
1245
1246 /**
1247 * The Camellia-128 cipher type
1248 *
1249 * @return the Camellia-128 EVP_CIPHER pointer.
1250 *
1251 * @ingroup hcrypto_evp
1252 */
1253
1254 const EVP_CIPHER *
1255 EVP_camellia_128_cbc(void)
1256 {
1257 hcrypto_validate();
1258 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_128_cbc);
1259 }
1260
1261 /**
1262 * The Camellia-198 cipher type
1263 *
1264 * @return the Camellia-198 EVP_CIPHER pointer.
1265 *
1266 * @ingroup hcrypto_evp
1267 */
1268
1269 const EVP_CIPHER *
1270 EVP_camellia_192_cbc(void)
1271 {
1272 hcrypto_validate();
1273 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_192_cbc);
1274 }
1275
1276 /**
1277 * The Camellia-256 cipher type
1278 *
1279 * @return the Camellia-256 EVP_CIPHER pointer.
1280 *
1281 * @ingroup hcrypto_evp
1282 */
1283
1284 const EVP_CIPHER *
1285 EVP_camellia_256_cbc(void)
1286 {
1287 hcrypto_validate();
1288 return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_256_cbc);
1289 }
1290
1291 /*
1292 *
1293 */
1294
1295 static const struct cipher_name {
1296 const char *name;
1297 const EVP_CIPHER *(*func)(void);
1298 } cipher_name[] = {
1299 { "des-ede3-cbc", EVP_des_ede3_cbc },
1300 { "aes-128-cbc", EVP_aes_128_cbc },
1301 { "aes-192-cbc", EVP_aes_192_cbc },
1302 { "aes-256-cbc", EVP_aes_256_cbc },
1303 { "aes-128-cfb8", EVP_aes_128_cfb8 },
1304 { "aes-192-cfb8", EVP_aes_192_cfb8 },
1305 { "aes-256-cfb8", EVP_aes_256_cfb8 },
1306 { "camellia-128-cbc", EVP_camellia_128_cbc },
1307 { "camellia-192-cbc", EVP_camellia_192_cbc },
1308 { "camellia-256-cbc", EVP_camellia_256_cbc }
1309 };
1310
1311 /**
1312 * Get the cipher type using their name.
1313 *
1314 * @param name the name of the cipher.
1315 *
1316 * @return the selected EVP_CIPHER pointer or NULL if not found.
1317 *
1318 * @ingroup hcrypto_evp
1319 */
1320
1321 const EVP_CIPHER *
1322 EVP_get_cipherbyname(const char *name)
1323 {
1324 int i;
1325 for (i = 0; i < sizeof(cipher_name)/sizeof(cipher_name[0]); i++) {
1326 if (strcasecmp(cipher_name[i].name, name) == 0)
1327 return (*cipher_name[i].func)();
1328 }
1329 return NULL;
1330 }
1331
1332
1333 /*
1334 *
1335 */
1336
1337 #ifndef min
1338 #define min(a,b) (((a)>(b))?(b):(a))
1339 #endif
1340
1341 /**
1342 * Provides a legancy string to key function, used in PEM files.
1343 *
1344 * New protocols should use new string to key functions like NIST
1345 * SP56-800A or PKCS#5 v2.0 (see PKCS5_PBKDF2_HMAC_SHA1()).
1346 *
1347 * @param type type of cipher to use
1348 * @param md message digest to use
1349 * @param salt salt salt string, should be an binary 8 byte buffer.
1350 * @param data the password/input key string.
1351 * @param datalen length of data parameter.
1352 * @param count iteration counter.
1353 * @param keydata output keydata, needs to of the size EVP_CIPHER_key_length().
1354 * @param ivdata output ivdata, needs to of the size EVP_CIPHER_block_size().
1355 *
1356 * @return the size of derived key.
1357 *
1358 * @ingroup hcrypto_evp
1359 */
1360
1361 int
1362 EVP_BytesToKey(const EVP_CIPHER *type,
1363 const EVP_MD *md,
1364 const void *salt,
1365 const void *data, size_t datalen,
1366 unsigned int count,
1367 void *keydata,
1368 void *ivdata)
1369 {
1370 unsigned int ivlen, keylen;
1371 int first = 0;
1372 unsigned int mds = 0, i;
1373 unsigned char *key = keydata;
1374 unsigned char *iv = ivdata;
1375 unsigned char *buf;
1376 EVP_MD_CTX c;
1377
1378 keylen = EVP_CIPHER_key_length(type);
1379 ivlen = EVP_CIPHER_iv_length(type);
1380
1381 if (data == NULL)
1382 return keylen;
1383
1384 buf = malloc(EVP_MD_size(md));
1385 if (buf == NULL)
1386 return -1;
1387
1388 EVP_MD_CTX_init(&c);
1389
1390 first = 1;
1391 while (1) {
1392 EVP_DigestInit_ex(&c, md, NULL);
1393 if (!first)
1394 EVP_DigestUpdate(&c, buf, mds);
1395 first = 0;
1396 EVP_DigestUpdate(&c,data,datalen);
1397
1398 #define PKCS5_SALT_LEN 8
1399
1400 if (salt)
1401 EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN);
1402
1403 EVP_DigestFinal_ex(&c, buf, &mds);
1404 assert(mds == EVP_MD_size(md));
1405
1406 for (i = 1; i < count; i++) {
1407 EVP_DigestInit_ex(&c, md, NULL);
1408 EVP_DigestUpdate(&c, buf, mds);
1409 EVP_DigestFinal_ex(&c, buf, &mds);
1410 assert(mds == EVP_MD_size(md));
1411 }
1412
1413 i = 0;
1414 if (keylen) {
1415 size_t sz = min(keylen, mds);
1416 if (key) {
1417 memcpy(key, buf, sz);
1418 key += sz;
1419 }
1420 keylen -= sz;
1421 i += sz;
1422 }
1423 if (ivlen && mds > i) {
1424 size_t sz = min(ivlen, (mds - i));
1425 if (iv) {
1426 memcpy(iv, &buf[i], sz);
1427 iv += sz;
1428 }
1429 ivlen -= sz;
1430 }
1431 if (keylen == 0 && ivlen == 0)
1432 break;
1433 }
1434
1435 EVP_MD_CTX_cleanup(&c);
1436 free(buf);
1437
1438 return EVP_CIPHER_key_length(type);
1439 }
1440
1441 /**
1442 * Generate a random key for the specificed EVP_CIPHER.
1443 *
1444 * @param ctx EVP_CIPHER_CTX type to build the key for.
1445 * @param key return key, must be at least EVP_CIPHER_key_length() byte long.
1446 *
1447 * @return 1 for success, 0 for failure.
1448 *
1449 * @ingroup hcrypto_core
1450 */
1451
1452 int
1453 EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, void *key)
1454 {
1455 if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
1456 return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
1457 if (RAND_bytes(key, ctx->key_len) != 1)
1458 return 0;
1459 return 1;
1460 }
1461
1462 /**
1463 * Perform a operation on a ctx
1464 *
1465 * @param ctx context to perform operation on.
1466 * @param type type of operation.
1467 * @param arg argument to operation.
1468 * @param data addition data to operation.
1469
1470 * @return 1 for success, 0 for failure.
1471 *
1472 * @ingroup hcrypto_core
1473 */
1474
1475 int
1476 EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *data)
1477 {
1478 if (ctx->cipher == NULL || ctx->cipher->ctrl == NULL)
1479 return 0;
1480 return (*ctx->cipher->ctrl)(ctx, type, arg, data);
1481 }
1482
1483 /**
1484 * Add all algorithms to the crypto core.
1485 *
1486 * @ingroup hcrypto_core
1487 */
1488
1489 void
1490 OpenSSL_add_all_algorithms(void)
1491 {
1492 return;
1493 }
1494
1495 /**
1496 * Add all algorithms to the crypto core using configuration file.
1497 *
1498 * @ingroup hcrypto_core
1499 */
1500
1501 void
1502 OpenSSL_add_all_algorithms_conf(void)
1503 {
1504 return;
1505 }
1506
1507 /**
1508 * Add all algorithms to the crypto core, but don't use the
1509 * configuration file.
1510 *
1511 * @ingroup hcrypto_core
1512 */
1513
1514 void
1515 OpenSSL_add_all_algorithms_noconf(void)
1516 {
1517 return;
1518 }
Heimdal