summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp
diff options
context:
space:
mode:
authorcvs2svn <admin@example.com>2002-05-15 02:29:24 +0000
committercvs2svn <admin@example.com>2002-05-15 02:29:24 +0000
commit027351f729b9e837200dae6e1520cda6577ab930 (patch)
treee25a717057aa4529e433fc3b1fac8d4df8db3a5c /src/lib/libcrypto/evp
parentaeeae06a79815dc190061534d47236cec09f9e32 (diff)
downloadopenbsd-027351f729b9e837200dae6e1520cda6577ab930.tar.gz
openbsd-027351f729b9e837200dae6e1520cda6577ab930.tar.bz2
openbsd-027351f729b9e837200dae6e1520cda6577ab930.zip
This commit was manufactured by cvs2git to create branch 'unlabeled-1.1.1'.
Diffstat (limited to 'src/lib/libcrypto/evp')
-rw-r--r--src/lib/libcrypto/evp/e_aes.c99
-rw-r--r--src/lib/libcrypto/evp/e_bf.c80
-rw-r--r--src/lib/libcrypto/evp/e_cast.c82
-rw-r--r--src/lib/libcrypto/evp/e_des.c118
-rw-r--r--src/lib/libcrypto/evp/e_des3.c165
-rw-r--r--src/lib/libcrypto/evp/e_idea.c112
-rw-r--r--src/lib/libcrypto/evp/e_rc2.c222
-rw-r--r--src/lib/libcrypto/evp/evp_locl.h168
-rw-r--r--src/lib/libcrypto/evp/evp_pbe.c134
-rw-r--r--src/lib/libcrypto/evp/evp_pkey.c298
-rw-r--r--src/lib/libcrypto/evp/m_md4.c83
-rw-r--r--src/lib/libcrypto/evp/p5_crpt.c146
-rw-r--r--src/lib/libcrypto/evp/p5_crpt2.c247
13 files changed, 1954 insertions, 0 deletions
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
new file mode 100644
index 0000000000..9d03a9602f
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_aes.c
@@ -0,0 +1,99 @@
1/* ====================================================================
2 * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 *
49 */
50
51#ifndef OPENSSL_NO_AES
52#include <openssl/evp.h>
53#include <openssl/err.h>
54#include <string.h>
55#include <assert.h>
56#include <openssl/aes.h>
57#include "evp_locl.h"
58
59static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
60 const unsigned char *iv, int enc);
61
62typedef struct
63 {
64 AES_KEY ks;
65 } EVP_AES_KEY;
66
67#define data(ctx) EVP_C_DATA(EVP_AES_KEY,ctx)
68
69IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY,
70 NID_aes_128, 16, 16, 16, 128,
71 0, aes_init_key, NULL,
72 EVP_CIPHER_set_asn1_iv,
73 EVP_CIPHER_get_asn1_iv,
74 NULL)
75IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY,
76 NID_aes_192, 16, 24, 16, 128,
77 0, aes_init_key, NULL,
78 EVP_CIPHER_set_asn1_iv,
79 EVP_CIPHER_get_asn1_iv,
80 NULL)
81IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
82 NID_aes_256, 16, 32, 16, 128,
83 0, aes_init_key, NULL,
84 EVP_CIPHER_set_asn1_iv,
85 EVP_CIPHER_get_asn1_iv,
86 NULL)
87
88static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
89 const unsigned char *iv, int enc) {
90
91 if (enc)
92 AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
93 else
94 AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
95
96 return 1;
97}
98
99#endif
diff --git a/src/lib/libcrypto/evp/e_bf.c b/src/lib/libcrypto/evp/e_bf.c
new file mode 100644
index 0000000000..72047f64da
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_bf.c
@@ -0,0 +1,80 @@
1/* crypto/evp/e_bf.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_BF
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/evp.h>
63#include "evp_locl.h"
64#include <openssl/objects.h>
65
66static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
67 const unsigned char *iv, int enc);
68
69IMPLEMENT_BLOCK_CIPHER(bf, bf_ks, BF, bf_ks, NID_bf, 8, 16, 8,
70 0, bf_init_key, NULL,
71 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
72
73static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
74 const unsigned char *iv, int enc)
75 {
76 BF_set_key(&(ctx->c.bf_ks),EVP_CIPHER_CTX_key_length(ctx),key);
77 return 1;
78 }
79
80#endif
diff --git a/src/lib/libcrypto/evp/e_cast.c b/src/lib/libcrypto/evp/e_cast.c
new file mode 100644
index 0000000000..e5af7fb4ed
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_cast.c
@@ -0,0 +1,82 @@
1/* crypto/evp/e_cast.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_CAST
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65#include "evp_locl.h"
66
67static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
68 const unsigned char *iv,int enc);
69
70IMPLEMENT_BLOCK_CIPHER(cast5, cast_ks, CAST, cast_ks,
71 NID_cast5, 8, EVP_CAST5_KEY_SIZE, 8,
72 EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL,
73 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
74
75static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
76 const unsigned char *iv, int enc)
77 {
78 CAST_set_key(&(ctx->c.cast_ks),EVP_CIPHER_CTX_key_length(ctx),key);
79 return 1;
80 }
81
82#endif
diff --git a/src/lib/libcrypto/evp/e_des.c b/src/lib/libcrypto/evp/e_des.c
new file mode 100644
index 0000000000..f4e998b81c
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_des.c
@@ -0,0 +1,118 @@
1/* crypto/evp/e_des.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_DES
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include "evp_locl.h"
65
66static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
67 const unsigned char *iv, int enc);
68
69/* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */
70
71static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
72 const unsigned char *in, unsigned int inl)
73{
74 BLOCK_CIPHER_ecb_loop()
75 des_ecb_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i), ctx->c.des_ks, ctx->encrypt);
76 return 1;
77}
78
79static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
80 const unsigned char *in, unsigned int inl)
81{
82 des_ofb64_encrypt(in, out, (long)inl, ctx->c.des_ks, (des_cblock *)ctx->iv, &ctx->num);
83 return 1;
84}
85
86static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
87 const unsigned char *in, unsigned int inl)
88{
89 des_ncbc_encrypt(in, out, (long)inl, ctx->c.des_ks,
90 (des_cblock *)ctx->iv, ctx->encrypt);
91 return 1;
92}
93
94static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
95 const unsigned char *in, unsigned int inl)
96{
97 des_cfb64_encrypt(in, out, (long)inl, ctx->c.des_ks,
98 (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
99 return 1;
100}
101
102BLOCK_CIPHER_defs(des, des_ks, NID_des, 8, 8, 8,
103 0, des_init_key, NULL,
104 EVP_CIPHER_set_asn1_iv,
105 EVP_CIPHER_get_asn1_iv,
106 NULL)
107
108
109static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
110 const unsigned char *iv, int enc)
111 {
112 des_cblock *deskey = (des_cblock *)key;
113
114 des_set_key_unchecked(deskey,ctx->c.des_ks);
115 return 1;
116 }
117
118#endif
diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c
new file mode 100644
index 0000000000..a9aba4ae70
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_des3.c
@@ -0,0 +1,165 @@
1/* crypto/evp/e_des3.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_DES
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include "evp_locl.h"
65
66static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
67 const unsigned char *iv,int enc);
68
69static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
70 const unsigned char *iv,int enc);
71
72/* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */
73
74static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
75 const unsigned char *in, unsigned int inl)
76{
77 BLOCK_CIPHER_ecb_loop()
78 des_ecb3_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i),
79 ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
80 ctx->encrypt);
81 return 1;
82}
83
84static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
85 const unsigned char *in, unsigned int inl)
86{
87 des_ede3_ofb64_encrypt(in, out, (long)inl,
88 ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
89 (des_cblock *)ctx->iv, &ctx->num);
90 return 1;
91}
92
93static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
94 const unsigned char *in, unsigned int inl)
95{
96 des_ede3_cbc_encrypt(in, out, (long)inl,
97 ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
98 (des_cblock *)ctx->iv, ctx->encrypt);
99 return 1;
100}
101
102static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
103 const unsigned char *in, unsigned int inl)
104{
105 des_ede3_cfb64_encrypt(in, out, (long)inl,
106 ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
107 (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
108 return 1;
109}
110
111#define NID_des_ede_ecb NID_des_ede
112
113BLOCK_CIPHER_defs(des_ede, des_ede, NID_des_ede, 8, 16, 8,
114 0, des_ede_init_key, NULL,
115 EVP_CIPHER_set_asn1_iv,
116 EVP_CIPHER_get_asn1_iv,
117 NULL)
118
119#define NID_des_ede3_ecb NID_des_ede3
120#define des_ede3_cfb_cipher des_ede_cfb_cipher
121#define des_ede3_ofb_cipher des_ede_ofb_cipher
122#define des_ede3_cbc_cipher des_ede_cbc_cipher
123#define des_ede3_ecb_cipher des_ede_ecb_cipher
124
125BLOCK_CIPHER_defs(des_ede3, des_ede, NID_des_ede3, 8, 24, 8,
126 0, des_ede3_init_key, NULL,
127 EVP_CIPHER_set_asn1_iv,
128 EVP_CIPHER_get_asn1_iv,
129 NULL)
130
131static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
132 const unsigned char *iv, int enc)
133 {
134 des_cblock *deskey = (des_cblock *)key;
135
136 des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
137 des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
138 memcpy( (char *)ctx->c.des_ede.ks3,
139 (char *)ctx->c.des_ede.ks1,
140 sizeof(ctx->c.des_ede.ks1));
141 return 1;
142 }
143
144static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
145 const unsigned char *iv, int enc)
146 {
147 des_cblock *deskey = (des_cblock *)key;
148
149 des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
150 des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
151 des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3);
152
153 return 1;
154 }
155
156EVP_CIPHER *EVP_des_ede(void)
157{
158 return &des_ede_ecb;
159}
160
161EVP_CIPHER *EVP_des_ede3(void)
162{
163 return &des_ede3_ecb;
164}
165#endif
diff --git a/src/lib/libcrypto/evp/e_idea.c b/src/lib/libcrypto/evp/e_idea.c
new file mode 100644
index 0000000000..8d3c88deb7
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_idea.c
@@ -0,0 +1,112 @@
1/* crypto/evp/e_idea.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_IDEA
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65#include "evp_locl.h"
66
67static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
68 const unsigned char *iv,int enc);
69
70/* NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a special
71 * case
72 */
73
74static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
75 const unsigned char *in, unsigned int inl)
76{
77 BLOCK_CIPHER_ecb_loop()
78 idea_ecb_encrypt(in + i, out + i, &ctx->c.idea_ks);
79 return 1;
80}
81
82/* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */
83
84BLOCK_CIPHER_func_cbc(idea, idea, idea_ks)
85BLOCK_CIPHER_func_ofb(idea, idea, idea_ks)
86BLOCK_CIPHER_func_cfb(idea, idea, idea_ks)
87
88BLOCK_CIPHER_defs(idea, idea_ks, NID_idea, 8, 16, 8,
89 0, idea_init_key, NULL,
90 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
91
92static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
93 const unsigned char *iv, int enc)
94 {
95 if(!enc) {
96 if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) enc = 1;
97 else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE) enc = 1;
98 }
99 if (enc) idea_set_encrypt_key(key,&(ctx->c.idea_ks));
100 else
101 {
102 IDEA_KEY_SCHEDULE tmp;
103
104 idea_set_encrypt_key(key,&tmp);
105 idea_set_decrypt_key(&tmp,&(ctx->c.idea_ks));
106 memset((unsigned char *)&tmp,0,
107 sizeof(IDEA_KEY_SCHEDULE));
108 }
109 return 1;
110 }
111
112#endif
diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c
new file mode 100644
index 0000000000..3955c3ef84
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_rc2.c
@@ -0,0 +1,222 @@
1/* crypto/evp/e_rc2.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_RC2
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65#include "evp_locl.h"
66
67static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
68 const unsigned char *iv,int enc);
69static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx);
70static int rc2_magic_to_meth(int i);
71static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
72static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
73static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
74
75IMPLEMENT_BLOCK_CIPHER(rc2, rc2.ks, RC2, rc2, NID_rc2,
76 8,
77 EVP_RC2_KEY_SIZE, 8,
78 EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
79 rc2_init_key, NULL,
80 rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv,
81 rc2_ctrl)
82
83#define RC2_40_MAGIC 0xa0
84#define RC2_64_MAGIC 0x78
85#define RC2_128_MAGIC 0x3a
86
87static EVP_CIPHER r2_64_cbc_cipher=
88 {
89 NID_rc2_64_cbc,
90 8,8 /* 64 bit */,8,
91 EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
92 rc2_init_key,
93 rc2_cbc_cipher,
94 NULL,
95 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
96 sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)),
97 rc2_set_asn1_type_and_iv,
98 rc2_get_asn1_type_and_iv,
99 rc2_ctrl,
100 NULL
101 };
102
103static EVP_CIPHER r2_40_cbc_cipher=
104 {
105 NID_rc2_40_cbc,
106 8,5 /* 40 bit */,8,
107 EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
108 rc2_init_key,
109 rc2_cbc_cipher,
110 NULL,
111 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
112 sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)),
113 rc2_set_asn1_type_and_iv,
114 rc2_get_asn1_type_and_iv,
115 rc2_ctrl,
116 NULL
117 };
118
119EVP_CIPHER *EVP_rc2_64_cbc(void)
120 {
121 return(&r2_64_cbc_cipher);
122 }
123
124EVP_CIPHER *EVP_rc2_40_cbc(void)
125 {
126 return(&r2_40_cbc_cipher);
127 }
128
129static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
130 const unsigned char *iv, int enc)
131 {
132 RC2_set_key(&(ctx->c.rc2.ks),EVP_CIPHER_CTX_key_length(ctx),
133 key,ctx->c.rc2.key_bits);
134 return 1;
135 }
136
137static int rc2_meth_to_magic(EVP_CIPHER_CTX *e)
138 {
139 int i;
140
141 EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i);
142 if (i == 128) return(RC2_128_MAGIC);
143 else if (i == 64) return(RC2_64_MAGIC);
144 else if (i == 40) return(RC2_40_MAGIC);
145 else return(0);
146 }
147
148static int rc2_magic_to_meth(int i)
149 {
150 if (i == RC2_128_MAGIC) return 128;
151 else if (i == RC2_64_MAGIC) return 64;
152 else if (i == RC2_40_MAGIC) return 40;
153 else
154 {
155 EVPerr(EVP_F_RC2_MAGIC_TO_METH,EVP_R_UNSUPPORTED_KEY_SIZE);
156 return(0);
157 }
158 }
159
160static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
161 {
162 long num=0;
163 int i=0,l;
164 int key_bits;
165 unsigned char iv[EVP_MAX_IV_LENGTH];
166
167 if (type != NULL)
168 {
169 l=EVP_CIPHER_CTX_iv_length(c);
170 i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l);
171 if (i != l)
172 return(-1);
173 key_bits =rc2_magic_to_meth((int)num);
174 if (!key_bits)
175 return(-1);
176 if(i > 0) EVP_CipherInit(c, NULL, NULL, iv, -1);
177 EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
178 EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
179 }
180 return(i);
181 }
182
183static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
184 {
185 long num;
186 int i=0,j;
187
188 if (type != NULL)
189 {
190 num=rc2_meth_to_magic(c);
191 j=EVP_CIPHER_CTX_iv_length(c);
192 i=ASN1_TYPE_set_int_octetstring(type,num,c->oiv,j);
193 }
194 return(i);
195 }
196
197static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
198 {
199 switch(type) {
200
201 case EVP_CTRL_INIT:
202 c->c.rc2.key_bits = EVP_CIPHER_CTX_key_length(c) * 8;
203 return 1;
204
205 case EVP_CTRL_GET_RC2_KEY_BITS:
206 *(int *)ptr = c->c.rc2.key_bits;
207 return 1;
208
209
210 case EVP_CTRL_SET_RC2_KEY_BITS:
211 if(arg > 0) {
212 c->c.rc2.key_bits = arg;
213 return 1;
214 }
215 return 0;
216
217 default:
218 return -1;
219 }
220 }
221
222#endif
diff --git a/src/lib/libcrypto/evp/evp_locl.h b/src/lib/libcrypto/evp/evp_locl.h
new file mode 100644
index 0000000000..ce49d5b7d8
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp_locl.h
@@ -0,0 +1,168 @@
1/* evp_locl.h */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59/* Macros to code block cipher wrappers */
60
61/* Wrapper functions for each cipher mode */
62
63#define BLOCK_CIPHER_ecb_loop() \
64 unsigned int i; \
65 if(inl < 8) return 1;\
66 inl -= 8; \
67 for(i=0; i <= inl; i+=8) \
68
69#define BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \
70static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
71{\
72 BLOCK_CIPHER_ecb_loop() \
73 cprefix##_ecb_encrypt(in + i, out + i, &ctx->c.kname, ctx->encrypt);\
74 return 1;\
75}
76
77#define BLOCK_CIPHER_func_ofb(cname, cprefix, kname) \
78static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
79{\
80 cprefix##_ofb64_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, &ctx->num);\
81 return 1;\
82}
83
84#define BLOCK_CIPHER_func_cbc(cname, cprefix, kname) \
85static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
86{\
87 cprefix##_cbc_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, ctx->encrypt);\
88 return 1;\
89}
90
91#define BLOCK_CIPHER_func_cfb(cname, cprefix, kname) \
92static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
93{\
94 cprefix##_cfb64_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, &ctx->num, ctx->encrypt);\
95 return 1;\
96}
97
98#define BLOCK_CIPHER_all_funcs(cname, cprefix, kname) \
99 BLOCK_CIPHER_func_cbc(cname, cprefix, kname) \
100 BLOCK_CIPHER_func_cfb(cname, cprefix, kname) \
101 BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \
102 BLOCK_CIPHER_func_ofb(cname, cprefix, kname)
103
104#define BLOCK_CIPHER_defs(cname, kstruct, \
105 nid, block_size, key_len, iv_len, flags,\
106 init_key, cleanup, set_asn1, get_asn1, ctrl)\
107static EVP_CIPHER cname##_cbc = {\
108 nid##_cbc, block_size, key_len, iv_len, \
109 flags | EVP_CIPH_CBC_MODE,\
110 init_key,\
111 cname##_cbc_cipher,\
112 cleanup,\
113 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
114 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
115 set_asn1, get_asn1,\
116 ctrl, \
117 NULL \
118};\
119EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
120static EVP_CIPHER cname##_cfb = {\
121 nid##_cfb64, 1, key_len, iv_len, \
122 flags | EVP_CIPH_CFB_MODE,\
123 init_key,\
124 cname##_cfb_cipher,\
125 cleanup,\
126 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
127 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
128 set_asn1, get_asn1,\
129 ctrl,\
130 NULL \
131};\
132EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
133static EVP_CIPHER cname##_ofb = {\
134 nid##_ofb64, 1, key_len, iv_len, \
135 flags | EVP_CIPH_OFB_MODE,\
136 init_key,\
137 cname##_ofb_cipher,\
138 cleanup,\
139 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
140 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
141 set_asn1, get_asn1,\
142 ctrl,\
143 NULL \
144};\
145EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
146static EVP_CIPHER cname##_ecb = {\
147 nid##_ecb, block_size, key_len, iv_len, \
148 flags | EVP_CIPH_ECB_MODE,\
149 init_key,\
150 cname##_ecb_cipher,\
151 cleanup,\
152 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
153 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
154 set_asn1, get_asn1,\
155 ctrl,\
156 NULL \
157};\
158EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
159
160
161
162#define IMPLEMENT_BLOCK_CIPHER(cname, kname, cprefix, kstruct, \
163 nid, block_size, key_len, iv_len, flags, \
164 init_key, cleanup, set_asn1, get_asn1, ctrl) \
165 BLOCK_CIPHER_all_funcs(cname, cprefix, kname) \
166 BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, flags,\
167 init_key, cleanup, set_asn1, get_asn1, ctrl)
168
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c
new file mode 100644
index 0000000000..353c3ad667
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp_pbe.c
@@ -0,0 +1,134 @@
1/* evp_pbe.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <openssl/evp.h>
61#include <openssl/x509.h>
62#include "cryptlib.h"
63
64/* Password based encryption (PBE) functions */
65
66static STACK *pbe_algs;
67
68/* Setup a cipher context from a PBE algorithm */
69
70typedef struct {
71int pbe_nid;
72EVP_CIPHER *cipher;
73EVP_MD *md;
74EVP_PBE_KEYGEN *keygen;
75} EVP_PBE_CTL;
76
77int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
78 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
79{
80
81 EVP_PBE_CTL *pbetmp, pbelu;
82 int i;
83 pbelu.pbe_nid = OBJ_obj2nid(pbe_obj);
84 if (pbelu.pbe_nid != NID_undef) i = sk_find(pbe_algs, (char *)&pbelu);
85 else i = -1;
86
87 if (i == -1) {
88 char obj_tmp[80];
89 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM);
90 if (!pbe_obj) strcpy (obj_tmp, "NULL");
91 else i2t_ASN1_OBJECT(obj_tmp, 80, pbe_obj);
92 ERR_add_error_data(2, "TYPE=", obj_tmp);
93 return 0;
94 }
95 if (passlen == -1) passlen = strlen(pass);
96 pbetmp = (EVP_PBE_CTL *)sk_value (pbe_algs, i);
97 i = (*pbetmp->keygen)(ctx, pass, passlen, param, pbetmp->cipher,
98 pbetmp->md, en_de);
99 if (!i) {
100 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE);
101 return 0;
102 }
103 return 1;
104}
105
106static int pbe_cmp (EVP_PBE_CTL **pbe1, EVP_PBE_CTL **pbe2)
107{
108 return ((*pbe1)->pbe_nid - (*pbe2)->pbe_nid);
109}
110
111/* Add a PBE algorithm */
112
113int EVP_PBE_alg_add (int nid, EVP_CIPHER *cipher, EVP_MD *md,
114 EVP_PBE_KEYGEN *keygen)
115{
116 EVP_PBE_CTL *pbe_tmp;
117 if (!pbe_algs) pbe_algs = sk_new (pbe_cmp);
118 if (!(pbe_tmp = (EVP_PBE_CTL*) Malloc (sizeof(EVP_PBE_CTL)))) {
119 EVPerr(EVP_F_EVP_PBE_ALG_ADD,ERR_R_MALLOC_FAILURE);
120 return 0;
121 }
122 pbe_tmp->pbe_nid = nid;
123 pbe_tmp->cipher = cipher;
124 pbe_tmp->md = md;
125 pbe_tmp->keygen = keygen;
126 sk_push (pbe_algs, (char *)pbe_tmp);
127 return 1;
128}
129
130void EVP_PBE_cleanup(void)
131{
132 sk_pop_free(pbe_algs, FreeFunc);
133 pbe_algs = NULL;
134}
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c
new file mode 100644
index 0000000000..421e452db1
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp_pkey.c
@@ -0,0 +1,298 @@
1/* evp_pkey.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include "cryptlib.h"
62#include <openssl/x509.h>
63#include <openssl/rand.h>
64
65/* Extract a private key from a PKCS8 structure */
66
67EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
68{
69 EVP_PKEY *pkey;
70#ifndef NO_RSA
71 RSA *rsa;
72#endif
73#ifndef NO_DSA
74 DSA *dsa;
75 ASN1_INTEGER *dsapriv;
76 STACK *ndsa;
77 BN_CTX *ctx;
78 int plen;
79#endif
80 X509_ALGOR *a;
81 unsigned char *p;
82 int pkeylen;
83 char obj_tmp[80];
84
85 switch (p8->broken) {
86 case PKCS8_OK:
87 p = p8->pkey->value.octet_string->data;
88 pkeylen = p8->pkey->value.octet_string->length;
89 break;
90
91 case PKCS8_NO_OCTET:
92 p = p8->pkey->value.sequence->data;
93 pkeylen = p8->pkey->value.sequence->length;
94 break;
95
96 default:
97 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
98 return NULL;
99 break;
100 }
101 if (!(pkey = EVP_PKEY_new())) {
102 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
103 return NULL;
104 }
105 a = p8->pkeyalg;
106 switch (OBJ_obj2nid(a->algorithm))
107 {
108#ifndef NO_RSA
109 case NID_rsaEncryption:
110 if (!(rsa = d2i_RSAPrivateKey (NULL, &p, pkeylen))) {
111 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
112 return NULL;
113 }
114 EVP_PKEY_assign_RSA (pkey, rsa);
115 break;
116#endif
117#ifndef NO_DSA
118 case NID_dsa:
119 /* PKCS#8 DSA is weird: you just get a private key integer
120 * and parameters in the AlgorithmIdentifier the pubkey must
121 * be recalculated.
122 */
123
124 /* Check for broken Netscape Database DSA PKCS#8, UGH! */
125 if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) {
126 if(!(ndsa = ASN1_seq_unpack(p, pkeylen,
127 (char *(*)())d2i_ASN1_INTEGER,
128 ASN1_STRING_free))) {
129 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
130 return NULL;
131 }
132 if(sk_num(ndsa) != 2 ) {
133 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
134 sk_pop_free(ndsa, ASN1_STRING_free);
135 return NULL;
136 }
137 dsapriv = (ASN1_INTEGER *) sk_pop(ndsa);
138 sk_pop_free(ndsa, ASN1_STRING_free);
139 } else if (!(dsapriv=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) {
140 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
141 return NULL;
142 }
143 /* Retrieve parameters */
144 if (a->parameter->type != V_ASN1_SEQUENCE) {
145 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_NO_DSA_PARAMETERS);
146 return NULL;
147 }
148 p = a->parameter->value.sequence->data;
149 plen = a->parameter->value.sequence->length;
150 if (!(dsa = d2i_DSAparams (NULL, &p, plen))) {
151 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
152 return NULL;
153 }
154 /* We have parameters now set private key */
155 if (!(dsa->priv_key = ASN1_INTEGER_to_BN(dsapriv, NULL))) {
156 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR);
157 DSA_free (dsa);
158 return NULL;
159 }
160 /* Calculate public key (ouch!) */
161 if (!(dsa->pub_key = BN_new())) {
162 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
163 DSA_free (dsa);
164 return NULL;
165 }
166 if (!(ctx = BN_CTX_new())) {
167 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
168 DSA_free (dsa);
169 return NULL;
170 }
171
172 if (!BN_mod_exp(dsa->pub_key, dsa->g,
173 dsa->priv_key, dsa->p, ctx)) {
174
175 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR);
176 BN_CTX_free (ctx);
177 DSA_free (dsa);
178 return NULL;
179 }
180
181 EVP_PKEY_assign_DSA (pkey, dsa);
182 BN_CTX_free (ctx);
183 break;
184#endif
185 default:
186 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
187 if (!a->algorithm) strcpy (obj_tmp, "NULL");
188 else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm);
189 ERR_add_error_data(2, "TYPE=", obj_tmp);
190 EVP_PKEY_free (pkey);
191 return NULL;
192 }
193 return pkey;
194}
195
196/* Turn a private key into a PKCS8 structure */
197
198PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
199{
200 PKCS8_PRIV_KEY_INFO *p8;
201#ifndef NO_DSA
202 ASN1_INTEGER *dpkey;
203 unsigned char *p, *q;
204 int len;
205#endif
206 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {
207 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
208 return NULL;
209 }
210 ASN1_INTEGER_set (p8->version, 0);
211 if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) {
212 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
213 PKCS8_PRIV_KEY_INFO_free (p8);
214 return NULL;
215 }
216 switch (EVP_PKEY_type(pkey->type)) {
217#ifndef NO_RSA
218 case EVP_PKEY_RSA:
219
220 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption);
221 p8->pkeyalg->parameter->type = V_ASN1_NULL;
222 if (!ASN1_pack_string ((char *)pkey, i2d_PrivateKey,
223 &p8->pkey->value.octet_string)) {
224 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
225 PKCS8_PRIV_KEY_INFO_free (p8);
226 return NULL;
227 }
228 break;
229#endif
230#ifndef NO_DSA
231 case EVP_PKEY_DSA:
232 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa);
233
234 /* get paramaters and place in AlgorithmIdentifier */
235 len = i2d_DSAparams (pkey->pkey.dsa, NULL);
236 if (!(p = Malloc(len))) {
237 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
238 PKCS8_PRIV_KEY_INFO_free (p8);
239 return NULL;
240 }
241 q = p;
242 i2d_DSAparams (pkey->pkey.dsa, &q);
243 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
244 p8->pkeyalg->parameter->value.sequence = ASN1_STRING_new();
245 ASN1_STRING_set(p8->pkeyalg->parameter->value.sequence, p, len);
246 Free(p);
247 /* Get private key into an integer and pack */
248 if (!(dpkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) {
249 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
250 PKCS8_PRIV_KEY_INFO_free (p8);
251 return NULL;
252 }
253
254 if (!ASN1_pack_string((char *)dpkey, i2d_ASN1_INTEGER,
255 &p8->pkey->value.octet_string)) {
256 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
257 ASN1_INTEGER_free (dpkey);
258 PKCS8_PRIV_KEY_INFO_free (p8);
259 return NULL;
260 }
261 ASN1_INTEGER_free (dpkey);
262 break;
263#endif
264 default:
265 EVPerr(EVP_F_EVP_PKEY2PKCS8, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
266 PKCS8_PRIV_KEY_INFO_free (p8);
267 return NULL;
268 }
269 p8->pkey->type = V_ASN1_OCTET_STRING;
270 RAND_seed (p8->pkey->value.octet_string->data,
271 p8->pkey->value.octet_string->length);
272 return p8;
273}
274
275PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
276{
277 switch (broken) {
278
279 case PKCS8_OK:
280 p8->broken = PKCS8_OK;
281 return p8;
282 break;
283
284 case PKCS8_NO_OCTET:
285 p8->broken = PKCS8_NO_OCTET;
286 p8->pkey->type = V_ASN1_SEQUENCE;
287 return p8;
288 break;
289
290 default:
291 EVPerr(EVP_F_EVP_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
292 return NULL;
293 break;
294
295 }
296}
297
298
diff --git a/src/lib/libcrypto/evp/m_md4.c b/src/lib/libcrypto/evp/m_md4.c
new file mode 100644
index 0000000000..6a24ceb86d
--- /dev/null
+++ b/src/lib/libcrypto/evp/m_md4.c
@@ -0,0 +1,83 @@
1/* crypto/evp/m_md4.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_MD4
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65
66static EVP_MD md4_md=
67 {
68 NID_md4,
69 0,
70 MD4_DIGEST_LENGTH,
71 MD4_Init,
72 MD4_Update,
73 MD4_Final,
74 EVP_PKEY_RSA_method,
75 MD4_CBLOCK,
76 sizeof(EVP_MD *)+sizeof(MD4_CTX),
77 };
78
79EVP_MD *EVP_md4(void)
80 {
81 return(&md4_md);
82 }
83#endif
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c
new file mode 100644
index 0000000000..e3dae52d4d
--- /dev/null
+++ b/src/lib/libcrypto/evp/p5_crpt.c
@@ -0,0 +1,146 @@
1/* p5_crpt.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/x509.h>
62#include <openssl/evp.h>
63#include "cryptlib.h"
64
65/* PKCS#5 v1.5 compatible PBE functions: see PKCS#5 v2.0 for more info.
66 */
67
68void PKCS5_PBE_add(void)
69{
70#ifndef NO_DES
71# ifndef NO_MD5
72EVP_PBE_alg_add(NID_pbeWithMD5AndDES_CBC, EVP_des_cbc(), EVP_md5(),
73 PKCS5_PBE_keyivgen);
74# endif
75# ifndef NO_MD2
76EVP_PBE_alg_add(NID_pbeWithMD2AndDES_CBC, EVP_des_cbc(), EVP_md2(),
77 PKCS5_PBE_keyivgen);
78# endif
79# ifndef NO_SHA
80EVP_PBE_alg_add(NID_pbeWithSHA1AndDES_CBC, EVP_des_cbc(), EVP_sha1(),
81 PKCS5_PBE_keyivgen);
82# endif
83#endif
84#ifndef NO_RC2
85# ifndef NO_MD5
86EVP_PBE_alg_add(NID_pbeWithMD5AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md5(),
87 PKCS5_PBE_keyivgen);
88# endif
89# ifndef NO_MD2
90EVP_PBE_alg_add(NID_pbeWithMD2AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md2(),
91 PKCS5_PBE_keyivgen);
92# endif
93# ifndef NO_SHA
94EVP_PBE_alg_add(NID_pbeWithSHA1AndRC2_CBC, EVP_rc2_64_cbc(), EVP_sha1(),
95 PKCS5_PBE_keyivgen);
96# endif
97#endif
98#ifndef NO_HMAC
99EVP_PBE_alg_add(NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen);
100#endif
101}
102
103int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
104 ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
105 int en_de)
106{
107 EVP_MD_CTX ctx;
108 unsigned char md_tmp[EVP_MAX_MD_SIZE];
109 unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
110 int i;
111 PBEPARAM *pbe;
112 int saltlen, iter;
113 unsigned char *salt, *pbuf;
114
115 /* Extract useful info from parameter */
116 pbuf = param->value.sequence->data;
117 if (!param || (param->type != V_ASN1_SEQUENCE) ||
118 !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) {
119 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
120 return 0;
121 }
122
123 if (!pbe->iter) iter = 1;
124 else iter = ASN1_INTEGER_get (pbe->iter);
125 salt = pbe->salt->data;
126 saltlen = pbe->salt->length;
127
128 EVP_DigestInit (&ctx, md);
129 EVP_DigestUpdate (&ctx, pass, passlen);
130 EVP_DigestUpdate (&ctx, salt, saltlen);
131 PBEPARAM_free(pbe);
132 EVP_DigestFinal (&ctx, md_tmp, NULL);
133 for (i = 1; i < iter; i++) {
134 EVP_DigestInit(&ctx, md);
135 EVP_DigestUpdate(&ctx, md_tmp, EVP_MD_size(md));
136 EVP_DigestFinal (&ctx, md_tmp, NULL);
137 }
138 memcpy (key, md_tmp, EVP_CIPHER_key_length(cipher));
139 memcpy (iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
140 EVP_CIPHER_iv_length(cipher));
141 EVP_CipherInit(cctx, cipher, key, iv, en_de);
142 memset(md_tmp, 0, EVP_MAX_MD_SIZE);
143 memset(key, 0, EVP_MAX_KEY_LENGTH);
144 memset(iv, 0, EVP_MAX_IV_LENGTH);
145 return 1;
146}
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c
new file mode 100644
index 0000000000..27a2c518be
--- /dev/null
+++ b/src/lib/libcrypto/evp/p5_crpt2.c
@@ -0,0 +1,247 @@
1/* p5_crpt2.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58#if !defined(NO_HMAC) && !defined(NO_SHA)
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/x509.h>
62#include <openssl/evp.h>
63#include <openssl/hmac.h>
64#include "cryptlib.h"
65
66/* set this to print out info about the keygen algorithm */
67/* #define DEBUG_PKCS5V2 */
68
69#ifdef DEBUG_PKCS5V2
70 static void h__dump (const unsigned char *p, int len);
71#endif
72
73/* This is an implementation of PKCS#5 v2.0 password based encryption key
74 * derivation function PBKDF2 using the only currently defined function HMAC
75 * with SHA1. Verified against test vectors posted by Peter Gutmann
76 * <pgut001@cs.auckland.ac.nz> to the PKCS-TNG <pkcs-tng@rsa.com> mailing list.
77 */
78
79int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
80 unsigned char *salt, int saltlen, int iter,
81 int keylen, unsigned char *out)
82{
83 unsigned char digtmp[SHA_DIGEST_LENGTH], *p, itmp[4];
84 int cplen, j, k, tkeylen;
85 unsigned long i = 1;
86 HMAC_CTX hctx;
87 p = out;
88 tkeylen = keylen;
89 if(passlen == -1) passlen = strlen(pass);
90 while(tkeylen) {
91 if(tkeylen > SHA_DIGEST_LENGTH) cplen = SHA_DIGEST_LENGTH;
92 else cplen = tkeylen;
93 /* We are unlikely to ever use more than 256 blocks (5120 bits!)
94 * but just in case...
95 */
96 itmp[0] = (unsigned char)((i >> 24) & 0xff);
97 itmp[1] = (unsigned char)((i >> 16) & 0xff);
98 itmp[2] = (unsigned char)((i >> 8) & 0xff);
99 itmp[3] = (unsigned char)(i & 0xff);
100 HMAC_Init(&hctx, pass, passlen, EVP_sha1());
101 HMAC_Update(&hctx, salt, saltlen);
102 HMAC_Update(&hctx, itmp, 4);
103 HMAC_Final(&hctx, digtmp, NULL);
104 memcpy(p, digtmp, cplen);
105 for(j = 1; j < iter; j++) {
106 HMAC(EVP_sha1(), pass, passlen,
107 digtmp, SHA_DIGEST_LENGTH, digtmp, NULL);
108 for(k = 0; k < cplen; k++) p[k] ^= digtmp[k];
109 }
110 tkeylen-= cplen;
111 i++;
112 p+= cplen;
113 }
114 HMAC_cleanup(&hctx);
115#ifdef DEBUG_PKCS5V2
116 fprintf(stderr, "Password:\n");
117 h__dump (pass, passlen);
118 fprintf(stderr, "Salt:\n");
119 h__dump (salt, saltlen);
120 fprintf(stderr, "Iteration count %d\n", iter);
121 fprintf(stderr, "Key:\n");
122 h__dump (out, keylen);
123#endif
124 return 1;
125}
126
127#ifdef DO_TEST
128main()
129{
130 unsigned char out[4];
131 unsigned char salt[] = {0x12, 0x34, 0x56, 0x78};
132 PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out);
133 fprintf(stderr, "Out %02X %02X %02X %02X\n",
134 out[0], out[1], out[2], out[3]);
135}
136
137#endif
138
139/* Now the key derivation function itself. This is a bit evil because
140 * it has to check the ASN1 parameters are valid: and there are quite a
141 * few of them...
142 */
143
144int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
145 ASN1_TYPE *param, EVP_CIPHER *c, EVP_MD *md,
146 int en_de)
147{
148 unsigned char *pbuf, *salt, key[EVP_MAX_KEY_LENGTH];
149 int saltlen, keylen, iter, plen;
150 PBE2PARAM *pbe2 = NULL;
151 const EVP_CIPHER *cipher;
152 PBKDF2PARAM *kdf = NULL;
153
154 pbuf = param->value.sequence->data;
155 plen = param->value.sequence->length;
156 if(!param || (param->type != V_ASN1_SEQUENCE) ||
157 !(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
158 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
159 return 0;
160 }
161
162 /* See if we recognise the key derivation function */
163
164 if(OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) {
165 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
166 EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
167 goto err;
168 }
169
170 /* lets see if we recognise the encryption algorithm.
171 */
172
173 cipher = EVP_get_cipherbyname(
174 OBJ_nid2sn(OBJ_obj2nid(pbe2->encryption->algorithm)));
175
176 if(!cipher) {
177 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
178 EVP_R_UNSUPPORTED_CIPHER);
179 goto err;
180 }
181
182 /* Fixup cipher based on AlgorithmIdentifier */
183 EVP_CipherInit(ctx, cipher, NULL, NULL, en_de);
184 if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
185 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
186 EVP_R_CIPHER_PARAMETER_ERROR);
187 goto err;
188 }
189 keylen = EVP_CIPHER_CTX_key_length(ctx);
190
191 /* Now decode key derivation function */
192
193 pbuf = pbe2->keyfunc->parameter->value.sequence->data;
194 plen = pbe2->keyfunc->parameter->value.sequence->length;
195 if(!pbe2->keyfunc->parameter ||
196 (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE) ||
197 !(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
198 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
199 goto err;
200 }
201
202 PBE2PARAM_free(pbe2);
203 pbe2 = NULL;
204
205 /* Now check the parameters of the kdf */
206
207 if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != keylen)){
208 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
209 EVP_R_UNSUPPORTED_KEYLENGTH);
210 goto err;
211 }
212
213 if(kdf->prf && (OBJ_obj2nid(kdf->prf->algorithm) != NID_hmacWithSHA1)) {
214 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
215 goto err;
216 }
217
218 if(kdf->salt->type != V_ASN1_OCTET_STRING) {
219 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
220 EVP_R_UNSUPPORTED_SALT_TYPE);
221 goto err;
222 }
223
224 /* it seems that its all OK */
225 salt = kdf->salt->value.octet_string->data;
226 saltlen = kdf->salt->value.octet_string->length;
227 iter = ASN1_INTEGER_get(kdf->iter);
228 PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key);
229 EVP_CipherInit(ctx, NULL, key, NULL, en_de);
230 memset(key, 0, keylen);
231 PBKDF2PARAM_free(kdf);
232 return 1;
233
234 err:
235 PBE2PARAM_free(pbe2);
236 PBKDF2PARAM_free(kdf);
237 return 0;
238}
239
240#ifdef DEBUG_PKCS5V2
241static void h__dump (const unsigned char *p, int len)
242{
243 for (; len --; p++) fprintf(stderr, "%02X ", *p);
244 fprintf(stderr, "\n");
245}
246#endif
247#endif
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 11:09:02 +0000