summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp
diff options
context:
space:
mode:
authormarkus <>2002-09-05 12:51:50 +0000
committermarkus <>2002-09-05 12:51:50 +0000
commit15b5d84f9da2ce4bfae8580e56e34a859f74ad71 (patch)
treebf939e82d7fd73cc8a01cf6959002209972091bc /src/lib/libcrypto/evp
parent027351f729b9e837200dae6e1520cda6577ab930 (diff)
downloadopenbsd-15b5d84f9da2ce4bfae8580e56e34a859f74ad71.tar.gz
openbsd-15b5d84f9da2ce4bfae8580e56e34a859f74ad71.tar.bz2
openbsd-15b5d84f9da2ce4bfae8580e56e34a859f74ad71.zip
import openssl-0.9.7-beta1
Diffstat (limited to 'src/lib/libcrypto/evp')
-rw-r--r--src/lib/libcrypto/evp/bio_b64.c93
-rw-r--r--src/lib/libcrypto/evp/bio_enc.c126
-rw-r--r--src/lib/libcrypto/evp/bio_md.c101
-rw-r--r--src/lib/libcrypto/evp/c_all.c130
-rw-r--r--src/lib/libcrypto/evp/digest.c259
-rw-r--r--src/lib/libcrypto/evp/e_aes.c4
-rw-r--r--src/lib/libcrypto/evp/e_bf.c16
-rw-r--r--src/lib/libcrypto/evp/e_cast.c16
-rw-r--r--src/lib/libcrypto/evp/e_des.c21
-rw-r--r--src/lib/libcrypto/evp/e_des3.c88
-rw-r--r--src/lib/libcrypto/evp/e_idea.c22
-rw-r--r--src/lib/libcrypto/evp/e_null.c42
-rw-r--r--src/lib/libcrypto/evp/e_rc2.c67
-rw-r--r--src/lib/libcrypto/evp/e_rc4.c75
-rw-r--r--src/lib/libcrypto/evp/e_xcbc_d.c82
-rw-r--r--src/lib/libcrypto/evp/encode.c74
-rw-r--r--src/lib/libcrypto/evp/evp.h875
-rw-r--r--src/lib/libcrypto/evp/evp_enc.c452
-rw-r--r--src/lib/libcrypto/evp/evp_err.c174
-rw-r--r--src/lib/libcrypto/evp/evp_key.c67
-rw-r--r--src/lib/libcrypto/evp/evp_lib.c55
-rw-r--r--src/lib/libcrypto/evp/evp_locl.h125
-rw-r--r--src/lib/libcrypto/evp/evp_pbe.c18
-rw-r--r--src/lib/libcrypto/evp/evp_pkey.c296
-rw-r--r--src/lib/libcrypto/evp/m_dss.c31
-rw-r--r--src/lib/libcrypto/evp/m_dss1.c30
-rw-r--r--src/lib/libcrypto/evp/m_md4.c27
-rw-r--r--src/lib/libcrypto/evp/m_md5.c31
-rw-r--r--src/lib/libcrypto/evp/m_null.c31
-rw-r--r--src/lib/libcrypto/evp/m_ripemd.c31
-rw-r--r--src/lib/libcrypto/evp/m_sha1.c30
-rw-r--r--src/lib/libcrypto/evp/names.c244
-rw-r--r--src/lib/libcrypto/evp/p5_crpt.c43
-rw-r--r--src/lib/libcrypto/evp/p5_crpt2.c17
-rw-r--r--src/lib/libcrypto/evp/p_dec.c23
-rw-r--r--src/lib/libcrypto/evp/p_enc.c23
-rw-r--r--src/lib/libcrypto/evp/p_lib.c145
-rw-r--r--src/lib/libcrypto/evp/p_open.c52
-rw-r--r--src/lib/libcrypto/evp/p_seal.c52
-rw-r--r--src/lib/libcrypto/evp/p_sign.c31
-rw-r--r--src/lib/libcrypto/evp/p_verify.c19
41 files changed, 2403 insertions, 1735 deletions
diff --git a/src/lib/libcrypto/evp/bio_b64.c b/src/lib/libcrypto/evp/bio_b64.c
index 73172b9a07..f12eac1b55 100644
--- a/src/lib/libcrypto/evp/bio_b64.c
+++ b/src/lib/libcrypto/evp/bio_b64.c
@@ -59,27 +59,17 @@
59#include <stdio.h> 59#include <stdio.h>
60#include <errno.h> 60#include <errno.h>
61#include "cryptlib.h" 61#include "cryptlib.h"
62#include "buffer.h" 62#include <openssl/buffer.h>
63#include "evp.h" 63#include <openssl/evp.h>
64 64
65#ifndef NOPROTO 65static int b64_write(BIO *h, const char *buf, int num);
66static int b64_write(BIO *h,char *buf,int num); 66static int b64_read(BIO *h, char *buf, int size);
67static int b64_read(BIO *h,char *buf,int size); 67/*static int b64_puts(BIO *h, const char *str); */
68/*static int b64_puts(BIO *h,char *str); */ 68/*static int b64_gets(BIO *h, char *str, int size); */
69/*static int b64_gets(BIO *h,char *str,int size); */ 69static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2);
70static long b64_ctrl(BIO *h,int cmd,long arg1,char *arg2);
71static int b64_new(BIO *h); 70static int b64_new(BIO *h);
72static int b64_free(BIO *data); 71static int b64_free(BIO *data);
73#else 72static long b64_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
74static int b64_write();
75static int b64_read();
76/*static int b64_puts(); */
77/*static int b64_gets(); */
78static long b64_ctrl();
79static int b64_new();
80static int b64_free();
81#endif
82
83#define B64_BLOCK_SIZE 1024 73#define B64_BLOCK_SIZE 1024
84#define B64_BLOCK_SIZE2 768 74#define B64_BLOCK_SIZE2 768
85#define B64_NONE 0 75#define B64_NONE 0
@@ -111,19 +101,19 @@ static BIO_METHOD methods_b64=
111 b64_ctrl, 101 b64_ctrl,
112 b64_new, 102 b64_new,
113 b64_free, 103 b64_free,
104 b64_callback_ctrl,
114 }; 105 };
115 106
116BIO_METHOD *BIO_f_base64() 107BIO_METHOD *BIO_f_base64(void)
117 { 108 {
118 return(&methods_b64); 109 return(&methods_b64);
119 } 110 }
120 111
121static int b64_new(bi) 112static int b64_new(BIO *bi)
122BIO *bi;
123 { 113 {
124 BIO_B64_CTX *ctx; 114 BIO_B64_CTX *ctx;
125 115
126 ctx=(BIO_B64_CTX *)Malloc(sizeof(BIO_B64_CTX)); 116 ctx=(BIO_B64_CTX *)OPENSSL_malloc(sizeof(BIO_B64_CTX));
127 if (ctx == NULL) return(0); 117 if (ctx == NULL) return(0);
128 118
129 ctx->buf_len=0; 119 ctx->buf_len=0;
@@ -140,21 +130,17 @@ BIO *bi;
140 return(1); 130 return(1);
141 } 131 }
142 132
143static int b64_free(a) 133static int b64_free(BIO *a)
144BIO *a;
145 { 134 {
146 if (a == NULL) return(0); 135 if (a == NULL) return(0);
147 Free(a->ptr); 136 OPENSSL_free(a->ptr);
148 a->ptr=NULL; 137 a->ptr=NULL;
149 a->init=0; 138 a->init=0;
150 a->flags=0; 139 a->flags=0;
151 return(1); 140 return(1);
152 } 141 }
153 142
154static int b64_read(b,out,outl) 143static int b64_read(BIO *b, char *out, int outl)
155BIO *b;
156char *out;
157int outl;
158 { 144 {
159 int ret=0,i,ii,j,k,x,n,num,ret_code=0; 145 int ret=0,i,ii,j,k,x,n,num,ret_code=0;
160 BIO_B64_CTX *ctx; 146 BIO_B64_CTX *ctx;
@@ -253,8 +239,8 @@ int outl;
253 &(ctx->tmp[0])); 239 &(ctx->tmp[0]));
254 for (x=0; x < i; x++) 240 for (x=0; x < i; x++)
255 ctx->tmp[x]=p[x]; 241 ctx->tmp[x]=p[x];
256 EVP_DecodeInit(&ctx->base64);
257 } 242 }
243 EVP_DecodeInit(&ctx->base64);
258 ctx->start=0; 244 ctx->start=0;
259 break; 245 break;
260 } 246 }
@@ -354,10 +340,7 @@ int outl;
354 return((ret == 0)?ret_code:ret); 340 return((ret == 0)?ret_code:ret);
355 } 341 }
356 342
357static int b64_write(b,in,inl) 343static int b64_write(BIO *b, const char *in, int inl)
358BIO *b;
359char *in;
360int inl;
361 { 344 {
362 int ret=inl,n,i; 345 int ret=inl,n,i;
363 BIO_B64_CTX *ctx; 346 BIO_B64_CTX *ctx;
@@ -387,10 +370,11 @@ int inl;
387 n-=i; 370 n-=i;
388 } 371 }
389 /* at this point all pending data has been written */ 372 /* at this point all pending data has been written */
373 ctx->buf_off=0;
374 ctx->buf_len=0;
390 375
391 if ((in == NULL) || (inl <= 0)) return(0); 376 if ((in == NULL) || (inl <= 0)) return(0);
392 377
393 ctx->buf_off=0;
394 while (inl > 0) 378 while (inl > 0)
395 { 379 {
396 n=(inl > B64_BLOCK_SIZE)?B64_BLOCK_SIZE:inl; 380 n=(inl > B64_BLOCK_SIZE)?B64_BLOCK_SIZE:inl;
@@ -400,14 +384,20 @@ int inl;
400 if (ctx->tmp_len > 0) 384 if (ctx->tmp_len > 0)
401 { 385 {
402 n=3-ctx->tmp_len; 386 n=3-ctx->tmp_len;
387 /* There's a teoretical possibility for this */
388 if (n > inl)
389 n=inl;
403 memcpy(&(ctx->tmp[ctx->tmp_len]),in,n); 390 memcpy(&(ctx->tmp[ctx->tmp_len]),in,n);
404 ctx->tmp_len+=n; 391 ctx->tmp_len+=n;
405 n=ctx->tmp_len; 392 if (ctx->tmp_len < 3)
406 if (n < 3)
407 break; 393 break;
408 ctx->buf_len=EVP_EncodeBlock( 394 ctx->buf_len=EVP_EncodeBlock(
409 (unsigned char *)ctx->buf, 395 (unsigned char *)ctx->buf,
410 (unsigned char *)ctx->tmp,n); 396 (unsigned char *)ctx->tmp,
397 ctx->tmp_len);
398 /* Since we're now done using the temporary
399 buffer, the length should be 0'd */
400 ctx->tmp_len=0;
411 } 401 }
412 else 402 else
413 { 403 {
@@ -451,11 +441,7 @@ int inl;
451 return(ret); 441 return(ret);
452 } 442 }
453 443
454static long b64_ctrl(b,cmd,num,ptr) 444static long b64_ctrl(BIO *b, int cmd, long num, void *ptr)
455BIO *b;
456int cmd;
457long num;
458char *ptr;
459 { 445 {
460 BIO_B64_CTX *ctx; 446 BIO_B64_CTX *ctx;
461 long ret=1; 447 long ret=1;
@@ -479,7 +465,8 @@ char *ptr;
479 break; 465 break;
480 case BIO_CTRL_WPENDING: /* More to write in buffer */ 466 case BIO_CTRL_WPENDING: /* More to write in buffer */
481 ret=ctx->buf_len-ctx->buf_off; 467 ret=ctx->buf_len-ctx->buf_off;
482 if ((ret == 0) && (ctx->base64.num != 0)) 468 if ((ret == 0) && (ctx->encode != B64_NONE)
469 && (ctx->base64.num != 0))
483 ret=1; 470 ret=1;
484 else if (ret <= 0) 471 else if (ret <= 0)
485 ret=BIO_ctrl(b->next_bio,cmd,num,ptr); 472 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
@@ -514,7 +501,7 @@ again:
514 goto again; 501 goto again;
515 } 502 }
516 } 503 }
517 else if (ctx->base64.num != 0) 504 else if (ctx->encode != B64_NONE && ctx->base64.num != 0)
518 { 505 {
519 ctx->buf_off=0; 506 ctx->buf_off=0;
520 EVP_EncodeFinal(&(ctx->base64), 507 EVP_EncodeFinal(&(ctx->base64),
@@ -545,3 +532,17 @@ again:
545 return(ret); 532 return(ret);
546 } 533 }
547 534
535static long b64_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
536 {
537 long ret=1;
538
539 if (b->next_bio == NULL) return(0);
540 switch (cmd)
541 {
542 default:
543 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
544 break;
545 }
546 return(ret);
547 }
548
diff --git a/src/lib/libcrypto/evp/bio_enc.c b/src/lib/libcrypto/evp/bio_enc.c
index 6c30ddfc54..64fb2353af 100644
--- a/src/lib/libcrypto/evp/bio_enc.c
+++ b/src/lib/libcrypto/evp/bio_enc.c
@@ -59,28 +59,19 @@
59#include <stdio.h> 59#include <stdio.h>
60#include <errno.h> 60#include <errno.h>
61#include "cryptlib.h" 61#include "cryptlib.h"
62#include "buffer.h" 62#include <openssl/buffer.h>
63#include "evp.h" 63#include <openssl/evp.h>
64 64
65#ifndef NOPROTO 65static int enc_write(BIO *h, const char *buf, int num);
66static int enc_write(BIO *h,char *buf,int num); 66static int enc_read(BIO *h, char *buf, int size);
67static int enc_read(BIO *h,char *buf,int size); 67/*static int enc_puts(BIO *h, const char *str); */
68/*static int enc_puts(BIO *h,char *str); */ 68/*static int enc_gets(BIO *h, char *str, int size); */
69/*static int enc_gets(BIO *h,char *str,int size); */ 69static long enc_ctrl(BIO *h, int cmd, long arg1, void *arg2);
70static long enc_ctrl(BIO *h,int cmd,long arg1,char *arg2);
71static int enc_new(BIO *h); 70static int enc_new(BIO *h);
72static int enc_free(BIO *data); 71static int enc_free(BIO *data);
73#else 72static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
74static int enc_write();
75static int enc_read();
76/*static int enc_puts(); */
77/*static int enc_gets(); */
78static long enc_ctrl();
79static int enc_new();
80static int enc_free();
81#endif
82
83#define ENC_BLOCK_SIZE (1024*4) 73#define ENC_BLOCK_SIZE (1024*4)
74#define BUF_OFFSET EVP_MAX_BLOCK_LENGTH
84 75
85typedef struct enc_struct 76typedef struct enc_struct
86 { 77 {
@@ -90,7 +81,10 @@ typedef struct enc_struct
90 int finished; 81 int finished;
91 int ok; /* bad decrypt */ 82 int ok; /* bad decrypt */
92 EVP_CIPHER_CTX cipher; 83 EVP_CIPHER_CTX cipher;
93 char buf[ENC_BLOCK_SIZE+10]; 84 /* buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate
85 * can return up to a block more data than is presented to it
86 */
87 char buf[ENC_BLOCK_SIZE+BUF_OFFSET+2];
94 } BIO_ENC_CTX; 88 } BIO_ENC_CTX;
95 89
96static BIO_METHOD methods_enc= 90static BIO_METHOD methods_enc=
@@ -103,21 +97,21 @@ static BIO_METHOD methods_enc=
103 enc_ctrl, 97 enc_ctrl,
104 enc_new, 98 enc_new,
105 enc_free, 99 enc_free,
100 enc_callback_ctrl,
106 }; 101 };
107 102
108BIO_METHOD *BIO_f_cipher() 103BIO_METHOD *BIO_f_cipher(void)
109 { 104 {
110 return(&methods_enc); 105 return(&methods_enc);
111 } 106 }
112 107
113static int enc_new(bi) 108static int enc_new(BIO *bi)
114BIO *bi;
115 { 109 {
116 BIO_ENC_CTX *ctx; 110 BIO_ENC_CTX *ctx;
117 111
118 ctx=(BIO_ENC_CTX *)Malloc(sizeof(BIO_ENC_CTX)); 112 ctx=(BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX));
119 EVP_CIPHER_CTX_init(&ctx->cipher);
120 if (ctx == NULL) return(0); 113 if (ctx == NULL) return(0);
114 EVP_CIPHER_CTX_init(&ctx->cipher);
121 115
122 ctx->buf_len=0; 116 ctx->buf_len=0;
123 ctx->buf_off=0; 117 ctx->buf_off=0;
@@ -131,8 +125,7 @@ BIO *bi;
131 return(1); 125 return(1);
132 } 126 }
133 127
134static int enc_free(a) 128static int enc_free(BIO *a)
135BIO *a;
136 { 129 {
137 BIO_ENC_CTX *b; 130 BIO_ENC_CTX *b;
138 131
@@ -140,17 +133,14 @@ BIO *a;
140 b=(BIO_ENC_CTX *)a->ptr; 133 b=(BIO_ENC_CTX *)a->ptr;
141 EVP_CIPHER_CTX_cleanup(&(b->cipher)); 134 EVP_CIPHER_CTX_cleanup(&(b->cipher));
142 memset(a->ptr,0,sizeof(BIO_ENC_CTX)); 135 memset(a->ptr,0,sizeof(BIO_ENC_CTX));
143 Free(a->ptr); 136 OPENSSL_free(a->ptr);
144 a->ptr=NULL; 137 a->ptr=NULL;
145 a->init=0; 138 a->init=0;
146 a->flags=0; 139 a->flags=0;
147 return(1); 140 return(1);
148 } 141 }
149 142
150static int enc_read(b,out,outl) 143static int enc_read(BIO *b, char *out, int outl)
151BIO *b;
152char *out;
153int outl;
154 { 144 {
155 int ret=0,i; 145 int ret=0,i;
156 BIO_ENC_CTX *ctx; 146 BIO_ENC_CTX *ctx;
@@ -184,9 +174,9 @@ int outl;
184 { 174 {
185 if (ctx->cont <= 0) break; 175 if (ctx->cont <= 0) break;
186 176
187 /* read in at offset 8, read the EVP_Cipher 177 /* read in at IV offset, read the EVP_Cipher
188 * documentation about why */ 178 * documentation about why */
189 i=BIO_read(b->next_bio,&(ctx->buf[8]),ENC_BLOCK_SIZE); 179 i=BIO_read(b->next_bio,&(ctx->buf[BUF_OFFSET]),ENC_BLOCK_SIZE);
190 180
191 if (i <= 0) 181 if (i <= 0)
192 { 182 {
@@ -194,29 +184,37 @@ int outl;
194 if (!BIO_should_retry(b->next_bio)) 184 if (!BIO_should_retry(b->next_bio))
195 { 185 {
196 ctx->cont=i; 186 ctx->cont=i;
197 i=EVP_CipherFinal(&(ctx->cipher), 187 i=EVP_CipherFinal_ex(&(ctx->cipher),
198 (unsigned char *)ctx->buf, 188 (unsigned char *)ctx->buf,
199 &(ctx->buf_len)); 189 &(ctx->buf_len));
200 ctx->ok=i; 190 ctx->ok=i;
201 ctx->buf_off=0; 191 ctx->buf_off=0;
202 } 192 }
203 else 193 else
194 {
204 ret=(ret == 0)?i:ret; 195 ret=(ret == 0)?i:ret;
205 break; 196 break;
197 }
206 } 198 }
207 else 199 else
208 { 200 {
209 EVP_CipherUpdate(&(ctx->cipher), 201 EVP_CipherUpdate(&(ctx->cipher),
210 (unsigned char *)ctx->buf,&ctx->buf_len, 202 (unsigned char *)ctx->buf,&ctx->buf_len,
211 (unsigned char *)&(ctx->buf[8]),i); 203 (unsigned char *)&(ctx->buf[BUF_OFFSET]),i);
212 ctx->cont=1; 204 ctx->cont=1;
205 /* Note: it is possible for EVP_CipherUpdate to
206 * decrypt zero bytes because this is or looks like
207 * the final block: if this happens we should retry
208 * and either read more data or decrypt the final
209 * block
210 */
211 if(ctx->buf_len == 0) continue;
213 } 212 }
214 213
215 if (ctx->buf_len <= outl) 214 if (ctx->buf_len <= outl)
216 i=ctx->buf_len; 215 i=ctx->buf_len;
217 else 216 else
218 i=outl; 217 i=outl;
219
220 if (i <= 0) break; 218 if (i <= 0) break;
221 memcpy(out,ctx->buf,i); 219 memcpy(out,ctx->buf,i);
222 ret+=i; 220 ret+=i;
@@ -230,10 +228,7 @@ int outl;
230 return((ret == 0)?ctx->cont:ret); 228 return((ret == 0)?ctx->cont:ret);
231 } 229 }
232 230
233static int enc_write(b,in,inl) 231static int enc_write(BIO *b, const char *in, int inl)
234BIO *b;
235char *in;
236int inl;
237 { 232 {
238 int ret=0,n,i; 233 int ret=0,n,i;
239 BIO_ENC_CTX *ctx; 234 BIO_ENC_CTX *ctx;
@@ -288,16 +283,13 @@ int inl;
288 return(ret); 283 return(ret);
289 } 284 }
290 285
291static long enc_ctrl(b,cmd,num,ptr) 286static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)
292BIO *b;
293int cmd;
294long num;
295char *ptr;
296 { 287 {
297 BIO *dbio; 288 BIO *dbio;
298 BIO_ENC_CTX *ctx,*dctx; 289 BIO_ENC_CTX *ctx,*dctx;
299 long ret=1; 290 long ret=1;
300 int i; 291 int i;
292 EVP_CIPHER_CTX **c_ctx;
301 293
302 ctx=(BIO_ENC_CTX *)b->ptr; 294 ctx=(BIO_ENC_CTX *)b->ptr;
303 295
@@ -306,7 +298,7 @@ char *ptr;
306 case BIO_CTRL_RESET: 298 case BIO_CTRL_RESET:
307 ctx->ok=1; 299 ctx->ok=1;
308 ctx->finished=0; 300 ctx->finished=0;
309 EVP_CipherInit(&(ctx->cipher),NULL,NULL,NULL, 301 EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL,
310 ctx->cipher.encrypt); 302 ctx->cipher.encrypt);
311 ret=BIO_ctrl(b->next_bio,cmd,num,ptr); 303 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
312 break; 304 break;
@@ -343,7 +335,7 @@ again:
343 { 335 {
344 ctx->finished=1; 336 ctx->finished=1;
345 ctx->buf_off=0; 337 ctx->buf_off=0;
346 ret=EVP_CipherFinal(&(ctx->cipher), 338 ret=EVP_CipherFinal_ex(&(ctx->cipher),
347 (unsigned char *)ctx->buf, 339 (unsigned char *)ctx->buf,
348 &(ctx->buf_len)); 340 &(ctx->buf_len));
349 ctx->ok=(int)ret; 341 ctx->ok=(int)ret;
@@ -364,7 +356,11 @@ again:
364 ret=BIO_ctrl(b->next_bio,cmd,num,ptr); 356 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
365 BIO_copy_next_retry(b); 357 BIO_copy_next_retry(b);
366 break; 358 break;
367 359 case BIO_C_GET_CIPHER_CTX:
360 c_ctx=(EVP_CIPHER_CTX **)ptr;
361 (*c_ctx)= &(ctx->cipher);
362 b->init=1;
363 break;
368 case BIO_CTRL_DUP: 364 case BIO_CTRL_DUP:
369 dbio=(BIO *)ptr; 365 dbio=(BIO *)ptr;
370 dctx=(BIO_ENC_CTX *)dbio->ptr; 366 dctx=(BIO_ENC_CTX *)dbio->ptr;
@@ -378,6 +374,20 @@ again:
378 return(ret); 374 return(ret);
379 } 375 }
380 376
377static long enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
378 {
379 long ret=1;
380
381 if (b->next_bio == NULL) return(0);
382 switch (cmd)
383 {
384 default:
385 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
386 break;
387 }
388 return(ret);
389 }
390
381/* 391/*
382void BIO_set_cipher_ctx(b,c) 392void BIO_set_cipher_ctx(b,c)
383BIO *b; 393BIO *b;
@@ -398,26 +408,22 @@ EVP_CIPHER_ctx *c;
398 } 408 }
399*/ 409*/
400 410
401void BIO_set_cipher(b,c,k,i,e) 411void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, unsigned char *k,
402BIO *b; 412 unsigned char *i, int e)
403EVP_CIPHER *c;
404unsigned char *k;
405unsigned char *i;
406int e;
407 { 413 {
408 BIO_ENC_CTX *ctx; 414 BIO_ENC_CTX *ctx;
409 415
410 if (b == NULL) return; 416 if (b == NULL) return;
411 417
412 if ((b->callback != NULL) && 418 if ((b->callback != NULL) &&
413 (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0)) 419 (b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,0L) <= 0))
414 return; 420 return;
415 421
416 b->init=1; 422 b->init=1;
417 ctx=(BIO_ENC_CTX *)b->ptr; 423 ctx=(BIO_ENC_CTX *)b->ptr;
418 EVP_CipherInit(&(ctx->cipher),c,k,i,e); 424 EVP_CipherInit_ex(&(ctx->cipher),c,NULL, k,i,e);
419 425
420 if (b->callback != NULL) 426 if (b->callback != NULL)
421 b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L); 427 b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,1L);
422 } 428 }
423 429
diff --git a/src/lib/libcrypto/evp/bio_md.c b/src/lib/libcrypto/evp/bio_md.c
index fa5fdc055b..c632dfb202 100644
--- a/src/lib/libcrypto/evp/bio_md.c
+++ b/src/lib/libcrypto/evp/bio_md.c
@@ -59,29 +59,20 @@
59#include <stdio.h> 59#include <stdio.h>
60#include <errno.h> 60#include <errno.h>
61#include "cryptlib.h" 61#include "cryptlib.h"
62#include "buffer.h" 62#include <openssl/buffer.h>
63#include "evp.h" 63#include <openssl/evp.h>
64 64
65/* BIO_put and BIO_get both add to the digest, 65/* BIO_put and BIO_get both add to the digest,
66 * BIO_gets returns the digest */ 66 * BIO_gets returns the digest */
67 67
68#ifndef NOPROTO 68static int md_write(BIO *h, char const *buf, int num);
69static int md_write(BIO *h,char *buf,int num); 69static int md_read(BIO *h, char *buf, int size);
70static int md_read(BIO *h,char *buf,int size); 70/*static int md_puts(BIO *h, const char *str); */
71/*static int md_puts(BIO *h,char *str); */ 71static int md_gets(BIO *h, char *str, int size);
72static int md_gets(BIO *h,char *str,int size); 72static long md_ctrl(BIO *h, int cmd, long arg1, void *arg2);
73static long md_ctrl(BIO *h,int cmd,long arg1,char *arg2);
74static int md_new(BIO *h); 73static int md_new(BIO *h);
75static int md_free(BIO *data); 74static int md_free(BIO *data);
76#else 75static long md_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
77static int md_write();
78static int md_read();
79/*static int md_puts(); */
80static int md_gets();
81static long md_ctrl();
82static int md_new();
83static int md_free();
84#endif
85 76
86static BIO_METHOD methods_md= 77static BIO_METHOD methods_md=
87 { 78 {
@@ -93,19 +84,19 @@ static BIO_METHOD methods_md=
93 md_ctrl, 84 md_ctrl,
94 md_new, 85 md_new,
95 md_free, 86 md_free,
87 md_callback_ctrl,
96 }; 88 };
97 89
98BIO_METHOD *BIO_f_md() 90BIO_METHOD *BIO_f_md(void)
99 { 91 {
100 return(&methods_md); 92 return(&methods_md);
101 } 93 }
102 94
103static int md_new(bi) 95static int md_new(BIO *bi)
104BIO *bi;
105 { 96 {
106 EVP_MD_CTX *ctx; 97 EVP_MD_CTX *ctx;
107 98
108 ctx=(EVP_MD_CTX *)Malloc(sizeof(EVP_MD_CTX)); 99 ctx=EVP_MD_CTX_create();
109 if (ctx == NULL) return(0); 100 if (ctx == NULL) return(0);
110 101
111 bi->init=0; 102 bi->init=0;
@@ -114,27 +105,23 @@ BIO *bi;
114 return(1); 105 return(1);
115 } 106 }
116 107
117static int md_free(a) 108static int md_free(BIO *a)
118BIO *a;
119 { 109 {
120 if (a == NULL) return(0); 110 if (a == NULL) return(0);
121 Free(a->ptr); 111 EVP_MD_CTX_destroy(a->ptr);
122 a->ptr=NULL; 112 a->ptr=NULL;
123 a->init=0; 113 a->init=0;
124 a->flags=0; 114 a->flags=0;
125 return(1); 115 return(1);
126 } 116 }
127 117
128static int md_read(b,out,outl) 118static int md_read(BIO *b, char *out, int outl)
129BIO *b;
130char *out;
131int outl;
132 { 119 {
133 int ret=0; 120 int ret=0;
134 EVP_MD_CTX *ctx; 121 EVP_MD_CTX *ctx;
135 122
136 if (out == NULL) return(0); 123 if (out == NULL) return(0);
137 ctx=(EVP_MD_CTX *)b->ptr; 124 ctx=b->ptr;
138 125
139 if ((ctx == NULL) || (b->next_bio == NULL)) return(0); 126 if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
140 127
@@ -152,16 +139,13 @@ int outl;
152 return(ret); 139 return(ret);
153 } 140 }
154 141
155static int md_write(b,in,inl) 142static int md_write(BIO *b, const char *in, int inl)
156BIO *b;
157char *in;
158int inl;
159 { 143 {
160 int ret=0; 144 int ret=0;
161 EVP_MD_CTX *ctx; 145 EVP_MD_CTX *ctx;
162 146
163 if ((in == NULL) || (inl <= 0)) return(0); 147 if ((in == NULL) || (inl <= 0)) return(0);
164 ctx=(EVP_MD_CTX *)b->ptr; 148 ctx=b->ptr;
165 149
166 if ((ctx != NULL) && (b->next_bio != NULL)) 150 if ((ctx != NULL) && (b->next_bio != NULL))
167 ret=BIO_write(b->next_bio,in,inl); 151 ret=BIO_write(b->next_bio,in,inl);
@@ -178,25 +162,21 @@ int inl;
178 return(ret); 162 return(ret);
179 } 163 }
180 164
181static long md_ctrl(b,cmd,num,ptr) 165static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
182BIO *b;
183int cmd;
184long num;
185char *ptr;
186 { 166 {
187 EVP_MD_CTX *ctx,*dctx,**pctx; 167 EVP_MD_CTX *ctx,*dctx,**pctx;
188 EVP_MD **ppmd; 168 const EVP_MD **ppmd;
189 EVP_MD *md; 169 EVP_MD *md;
190 long ret=1; 170 long ret=1;
191 BIO *dbio; 171 BIO *dbio;
192 172
193 ctx=(EVP_MD_CTX *)b->ptr; 173 ctx=b->ptr;
194 174
195 switch (cmd) 175 switch (cmd)
196 { 176 {
197 case BIO_CTRL_RESET: 177 case BIO_CTRL_RESET:
198 if (b->init) 178 if (b->init)
199 EVP_DigestInit(ctx,ctx->digest); 179 EVP_DigestInit_ex(ctx,ctx->digest, NULL);
200 else 180 else
201 ret=0; 181 ret=0;
202 ret=BIO_ctrl(b->next_bio,cmd,num,ptr); 182 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
@@ -204,7 +184,7 @@ char *ptr;
204 case BIO_C_GET_MD: 184 case BIO_C_GET_MD:
205 if (b->init) 185 if (b->init)
206 { 186 {
207 ppmd=(EVP_MD **)ptr; 187 ppmd=ptr;
208 *ppmd=ctx->digest; 188 *ppmd=ctx->digest;
209 } 189 }
210 else 190 else
@@ -213,7 +193,7 @@ char *ptr;
213 case BIO_C_GET_MD_CTX: 193 case BIO_C_GET_MD_CTX:
214 if (b->init) 194 if (b->init)
215 { 195 {
216 pctx=(EVP_MD_CTX **)ptr; 196 pctx=ptr;
217 *pctx=ctx; 197 *pctx=ctx;
218 } 198 }
219 else 199 else
@@ -226,14 +206,14 @@ char *ptr;
226 break; 206 break;
227 207
228 case BIO_C_SET_MD: 208 case BIO_C_SET_MD:
229 md=(EVP_MD *)ptr; 209 md=ptr;
230 EVP_DigestInit(ctx,md); 210 EVP_DigestInit_ex(ctx,md, NULL);
231 b->init=1; 211 b->init=1;
232 break; 212 break;
233 case BIO_CTRL_DUP: 213 case BIO_CTRL_DUP:
234 dbio=(BIO *)ptr; 214 dbio=ptr;
235 dctx=(EVP_MD_CTX *)dbio->ptr; 215 dctx=dbio->ptr;
236 memcpy(dctx,ctx,sizeof(ctx)); 216 EVP_MD_CTX_copy_ex(dctx,ctx);
237 b->init=1; 217 b->init=1;
238 break; 218 break;
239 default: 219 default:
@@ -243,19 +223,30 @@ char *ptr;
243 return(ret); 223 return(ret);
244 } 224 }
245 225
246static int md_gets(bp,buf,size) 226static long md_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
247BIO *bp; 227 {
248char *buf; 228 long ret=1;
249int size; 229
230 if (b->next_bio == NULL) return(0);
231 switch (cmd)
232 {
233 default:
234 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
235 break;
236 }
237 return(ret);
238 }
239
240static int md_gets(BIO *bp, char *buf, int size)
250 { 241 {
251 EVP_MD_CTX *ctx; 242 EVP_MD_CTX *ctx;
252 unsigned int ret; 243 unsigned int ret;
253 244
254 245
255 ctx=(EVP_MD_CTX *)bp->ptr; 246 ctx=bp->ptr;
256 if (size < ctx->digest->md_size) 247 if (size < ctx->digest->md_size)
257 return(0); 248 return(0);
258 EVP_DigestFinal(ctx,(unsigned char *)buf,&ret); 249 EVP_DigestFinal_ex(ctx,(unsigned char *)buf,&ret);
259 return((int)ret); 250 return((int)ret);
260 } 251 }
261 252
diff --git a/src/lib/libcrypto/evp/c_all.c b/src/lib/libcrypto/evp/c_all.c
index e77d1c896b..5ffd352ea0 100644
--- a/src/lib/libcrypto/evp/c_all.c
+++ b/src/lib/libcrypto/evp/c_all.c
@@ -58,133 +58,17 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "evp.h" 61#include <openssl/evp.h>
62#include "objects.h"
63 62
64void SSLeay_add_all_algorithms() 63#undef OpenSSL_add_all_algorithms
65 {
66 SSLeay_add_all_ciphers();
67 SSLeay_add_all_digests();
68 }
69 64
70void SSLeay_add_all_ciphers() 65void OpenSSL_add_all_algorithms(void)
71 { 66 {
72#ifndef NO_DES 67 OPENSSL_add_all_algorithms_noconf();
73 EVP_add_cipher(EVP_des_cfb());
74 EVP_add_cipher(EVP_des_ede_cfb());
75 EVP_add_cipher(EVP_des_ede3_cfb());
76
77 EVP_add_cipher(EVP_des_ofb());
78 EVP_add_cipher(EVP_des_ede_ofb());
79 EVP_add_cipher(EVP_des_ede3_ofb());
80
81 EVP_add_cipher(EVP_desx_cbc());
82 EVP_add_alias(SN_desx_cbc,"DESX");
83 EVP_add_alias(SN_desx_cbc,"desx");
84
85 EVP_add_cipher(EVP_des_cbc());
86 EVP_add_alias(SN_des_cbc,"DES");
87 EVP_add_alias(SN_des_cbc,"des");
88 EVP_add_cipher(EVP_des_ede_cbc());
89 EVP_add_cipher(EVP_des_ede3_cbc());
90 EVP_add_alias(SN_des_ede3_cbc,"DES3");
91 EVP_add_alias(SN_des_ede3_cbc,"des3");
92
93 EVP_add_cipher(EVP_des_ecb());
94 EVP_add_cipher(EVP_des_ede());
95 EVP_add_cipher(EVP_des_ede3());
96#endif
97
98#ifndef NO_RC4
99 EVP_add_cipher(EVP_rc4());
100 EVP_add_cipher(EVP_rc4_40());
101#endif
102
103#ifndef NO_IDEA
104 EVP_add_cipher(EVP_idea_ecb());
105 EVP_add_cipher(EVP_idea_cfb());
106 EVP_add_cipher(EVP_idea_ofb());
107 EVP_add_cipher(EVP_idea_cbc());
108 EVP_add_alias(SN_idea_cbc,"IDEA");
109 EVP_add_alias(SN_idea_cbc,"idea");
110#endif
111
112#ifndef NO_RC2
113 EVP_add_cipher(EVP_rc2_ecb());
114 EVP_add_cipher(EVP_rc2_cfb());
115 EVP_add_cipher(EVP_rc2_ofb());
116 EVP_add_cipher(EVP_rc2_cbc());
117 EVP_add_cipher(EVP_rc2_40_cbc());
118 EVP_add_alias(SN_rc2_cbc,"RC2");
119 EVP_add_alias(SN_rc2_cbc,"rc2");
120#endif
121
122#ifndef NO_BLOWFISH
123 EVP_add_cipher(EVP_bf_ecb());
124 EVP_add_cipher(EVP_bf_cfb());
125 EVP_add_cipher(EVP_bf_ofb());
126 EVP_add_cipher(EVP_bf_cbc());
127 EVP_add_alias(SN_bf_cbc,"BF");
128 EVP_add_alias(SN_bf_cbc,"bf");
129 EVP_add_alias(SN_bf_cbc,"blowfish");
130#endif
131
132#ifndef NO_CAST
133 EVP_add_cipher(EVP_cast5_ecb());
134 EVP_add_cipher(EVP_cast5_cfb());
135 EVP_add_cipher(EVP_cast5_ofb());
136 EVP_add_cipher(EVP_cast5_cbc());
137 EVP_add_alias(SN_cast5_cbc,"CAST");
138 EVP_add_alias(SN_cast5_cbc,"cast");
139 EVP_add_alias(SN_cast5_cbc,"CAST-cbc");
140 EVP_add_alias(SN_cast5_cbc,"cast-cbc");
141#endif
142
143#ifndef NO_RC5
144 EVP_add_cipher(EVP_rc5_32_12_16_ecb());
145 EVP_add_cipher(EVP_rc5_32_12_16_cfb());
146 EVP_add_cipher(EVP_rc5_32_12_16_ofb());
147 EVP_add_cipher(EVP_rc5_32_12_16_cbc());
148 EVP_add_alias(SN_rc5_cbc,"rc5");
149 EVP_add_alias(SN_rc5_cbc,"RC5");
150 EVP_add_alias(SN_rc5_cbc,"rc5-cbc");
151 EVP_add_alias(SN_rc5_cbc,"RC5-cbc");
152#endif
153 } 68 }
154 69
155 70void OPENSSL_add_all_algorithms_noconf(void)
156void SSLeay_add_all_digests()
157 { 71 {
158#ifndef NO_MD2 72 OpenSSL_add_all_ciphers();
159 EVP_add_digest(EVP_md2()); 73 OpenSSL_add_all_digests();
160#endif
161#ifndef NO_MD5
162 EVP_add_digest(EVP_md5());
163 EVP_add_alias(SN_md5,"ssl2-md5");
164 EVP_add_alias(SN_md5,"ssl3-md5");
165#endif
166#ifndef NO_SHA
167 EVP_add_digest(EVP_sha());
168#ifndef NO_DSA
169 EVP_add_digest(EVP_dss());
170#endif
171#endif
172#ifndef NO_SHA1
173 EVP_add_digest(EVP_sha1());
174 EVP_add_alias(SN_sha1,"ssl3-sha1");
175#ifndef NO_DSA
176 EVP_add_digest(EVP_dss1());
177 EVP_add_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
178 EVP_add_alias(SN_dsaWithSHA1,"DSS1");
179 EVP_add_alias(SN_dsaWithSHA1,"dss1");
180#endif
181#endif
182#if !defined(NO_MDC2) && !defined(NO_DES)
183 EVP_add_digest(EVP_mdc2());
184#endif
185#ifndef NO_RIPEMD160
186 EVP_add_digest(EVP_ripemd160());
187 EVP_add_alias(SN_ripemd160,"ripemd");
188 EVP_add_alias(SN_ripemd160,"rmd160");
189#endif
190 } 74 }
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
index d65f0036f7..a969ac69ed 100644
--- a/src/lib/libcrypto/evp/digest.c
+++ b/src/lib/libcrypto/evp/digest.c
@@ -55,35 +55,258 @@
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
58 111
59#include <stdio.h> 112#include <stdio.h>
60#include "cryptlib.h" 113#include "cryptlib.h"
61#include "objects.h" 114#include <openssl/objects.h>
62#include "evp.h" 115#include <openssl/evp.h>
116#include <openssl/engine.h>
117
118void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
119 {
120 memset(ctx,'\0',sizeof *ctx);
121 }
122
123EVP_MD_CTX *EVP_MD_CTX_create(void)
124 {
125 EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx);
126
127 EVP_MD_CTX_init(ctx);
128
129 return ctx;
130 }
63 131
64void EVP_DigestInit(ctx,type) 132int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
65EVP_MD_CTX *ctx;
66EVP_MD *type;
67 { 133 {
68 ctx->digest=type; 134 EVP_MD_CTX_init(ctx);
69 type->init(&(ctx->md)); 135 return EVP_DigestInit_ex(ctx, type, NULL);
70 } 136 }
71 137
72void EVP_DigestUpdate(ctx,data,count) 138int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
73EVP_MD_CTX *ctx;
74unsigned char *data;
75unsigned int count;
76 { 139 {
77 ctx->digest->update(&(ctx->md.base[0]),data,(unsigned long)count); 140 EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
141 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
142 * so this context may already have an ENGINE! Try to avoid releasing
143 * the previous handle, re-querying for an ENGINE, and having a
144 * reinitialisation, when it may all be unecessary. */
145 if (ctx->engine && ctx->digest && (!type ||
146 (type && (type->type == ctx->digest->type))))
147 goto skip_to_init;
148 if (type)
149 {
150 /* Ensure an ENGINE left lying around from last time is cleared
151 * (the previous check attempted to avoid this if the same
152 * ENGINE and EVP_MD could be used). */
153 if(ctx->engine)
154 ENGINE_finish(ctx->engine);
155 if(impl)
156 {
157 if (!ENGINE_init(impl))
158 {
159 EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR);
160 return 0;
161 }
162 }
163 else
164 /* Ask if an ENGINE is reserved for this job */
165 impl = ENGINE_get_digest_engine(type->type);
166 if(impl)
167 {
168 /* There's an ENGINE for this job ... (apparently) */
169 const EVP_MD *d = ENGINE_get_digest(impl, type->type);
170 if(!d)
171 {
172 /* Same comment from evp_enc.c */
173 EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR);
174 return 0;
175 }
176 /* We'll use the ENGINE's private digest definition */
177 type = d;
178 /* Store the ENGINE functional reference so we know
179 * 'type' came from an ENGINE and we need to release
180 * it when done. */
181 ctx->engine = impl;
182 }
183 else
184 ctx->engine = NULL;
185 }
186 else if(!ctx->digest)
187 {
188 EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET);
189 return 0;
190 }
191 if (ctx->digest != type)
192 {
193 if (ctx->digest && ctx->digest->ctx_size)
194 OPENSSL_free(ctx->md_data);
195 ctx->digest=type;
196 if (type->ctx_size)
197 ctx->md_data=OPENSSL_malloc(type->ctx_size);
198 }
199skip_to_init:
200 return ctx->digest->init(ctx);
78 } 201 }
79 202
80void EVP_DigestFinal(ctx,md,size) 203int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data,
81EVP_MD_CTX *ctx; 204 unsigned int count)
82unsigned char *md;
83unsigned int *size;
84 { 205 {
85 ctx->digest->final(md,&(ctx->md.base[0])); 206 return ctx->digest->update(ctx,data,(unsigned long)count);
207 }
208
209/* The caller can assume that this removes any secret data from the context */
210int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
211 {
212 int ret;
213 ret = EVP_DigestFinal_ex(ctx, md, size);
214 EVP_MD_CTX_cleanup(ctx);
215 return ret;
216 }
217
218/* The caller can assume that this removes any secret data from the context */
219int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
220 {
221 int ret;
222 ret=ctx->digest->final(ctx,md);
86 if (size != NULL) 223 if (size != NULL)
87 *size=ctx->digest->md_size; 224 *size=ctx->digest->md_size;
88 memset(&(ctx->md),0,sizeof(ctx->md)); 225 if (ctx->digest->cleanup)
226 {
227 ctx->digest->cleanup(ctx);
228 EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
229 }
230 memset(ctx->md_data,0,ctx->digest->ctx_size);
231 return ret;
232 }
233
234int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
235 {
236 EVP_MD_CTX_init(out);
237 return EVP_MD_CTX_copy_ex(out, in);
238 }
239
240int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
241 {
242 if ((in == NULL) || (in->digest == NULL))
243 {
244 EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
245 return 0;
246 }
247 /* Make sure it's safe to copy a digest context using an ENGINE */
248 if (in->engine && !ENGINE_init(in->engine))
249 {
250 EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB);
251 return 0;
252 }
253
254 EVP_MD_CTX_cleanup(out);
255 memcpy(out,in,sizeof *out);
256
257 if (out->digest->ctx_size)
258 {
259 out->md_data=OPENSSL_malloc(out->digest->ctx_size);
260 memcpy(out->md_data,in->md_data,out->digest->ctx_size);
261 }
262
263 if (out->digest->copy)
264 return out->digest->copy(out,in);
265
266 return 1;
267 }
268
269int EVP_Digest(void *data, unsigned int count,
270 unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl)
271 {
272 EVP_MD_CTX ctx;
273 int ret;
274
275 EVP_MD_CTX_init(&ctx);
276 EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT);
277 ret=EVP_DigestInit_ex(&ctx, type, impl)
278 && EVP_DigestUpdate(&ctx, data, count)
279 && EVP_DigestFinal_ex(&ctx, md, size);
280 EVP_MD_CTX_cleanup(&ctx);
281
282 return ret;
283 }
284
285void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
286 {
287 EVP_MD_CTX_cleanup(ctx);
288 OPENSSL_free(ctx);
289 }
290
291/* This call frees resources associated with the context */
292int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
293 {
294 /* Don't assume ctx->md_data was cleaned in EVP_Digest_Final,
295 * because sometimes only copies of the context are ever finalised.
296 */
297 if (ctx->digest && ctx->digest->cleanup
298 && !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED))
299 ctx->digest->cleanup(ctx);
300 if (ctx->digest && ctx->digest->ctx_size && ctx->md_data)
301 {
302 memset(ctx->md_data,0,ctx->digest->ctx_size);
303 OPENSSL_free(ctx->md_data);
304 }
305 if(ctx->engine)
306 /* The EVP_MD we used belongs to an ENGINE, release the
307 * functional reference we held for this reason. */
308 ENGINE_finish(ctx->engine);
309 memset(ctx,'\0',sizeof *ctx);
310
311 return 1;
89 } 312 }
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
index 9d03a9602f..c323fa2892 100644
--- a/src/lib/libcrypto/evp/e_aes.c
+++ b/src/lib/libcrypto/evp/e_aes.c
@@ -88,7 +88,9 @@ IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
88static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 88static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
89 const unsigned char *iv, int enc) { 89 const unsigned char *iv, int enc) {
90 90
91 if (enc) 91 if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE
92 || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE
93 || enc)
92 AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data); 94 AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
93 else 95 else
94 AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data); 96 AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
diff --git a/src/lib/libcrypto/evp/e_bf.c b/src/lib/libcrypto/evp/e_bf.c
index 72047f64da..e74337567b 100644
--- a/src/lib/libcrypto/evp/e_bf.c
+++ b/src/lib/libcrypto/evp/e_bf.c
@@ -56,24 +56,32 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef NO_BF 59#ifndef OPENSSL_NO_BF
60#include <stdio.h> 60#include <stdio.h>
61#include "cryptlib.h" 61#include "cryptlib.h"
62#include <openssl/evp.h> 62#include <openssl/evp.h>
63#include "evp_locl.h" 63#include "evp_locl.h"
64#include <openssl/objects.h> 64#include <openssl/objects.h>
65#include <openssl/blowfish.h>
65 66
66static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 67static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
67 const unsigned char *iv, int enc); 68 const unsigned char *iv, int enc);
68 69
69IMPLEMENT_BLOCK_CIPHER(bf, bf_ks, BF, bf_ks, NID_bf, 8, 16, 8, 70typedef struct
70 0, bf_init_key, NULL, 71 {
72 BF_KEY ks;
73 } EVP_BF_KEY;
74
75#define data(ctx) EVP_C_DATA(EVP_BF_KEY,ctx)
76
77IMPLEMENT_BLOCK_CIPHER(bf, ks, BF, EVP_BF_KEY, NID_bf, 8, 16, 8, 64,
78 EVP_CIPH_VARIABLE_LENGTH, bf_init_key, NULL,
71 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) 79 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
72 80
73static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 81static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
74 const unsigned char *iv, int enc) 82 const unsigned char *iv, int enc)
75 { 83 {
76 BF_set_key(&(ctx->c.bf_ks),EVP_CIPHER_CTX_key_length(ctx),key); 84 BF_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),key);
77 return 1; 85 return 1;
78 } 86 }
79 87
diff --git a/src/lib/libcrypto/evp/e_cast.c b/src/lib/libcrypto/evp/e_cast.c
index e5af7fb4ed..3400fef187 100644
--- a/src/lib/libcrypto/evp/e_cast.c
+++ b/src/lib/libcrypto/evp/e_cast.c
@@ -56,26 +56,34 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef NO_CAST 59#ifndef OPENSSL_NO_CAST
60 60
61#include <stdio.h> 61#include <stdio.h>
62#include "cryptlib.h" 62#include "cryptlib.h"
63#include <openssl/evp.h> 63#include <openssl/evp.h>
64#include <openssl/objects.h> 64#include <openssl/objects.h>
65#include "evp_locl.h" 65#include "evp_locl.h"
66#include <openssl/cast.h>
66 67
67static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 68static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
68 const unsigned char *iv,int enc); 69 const unsigned char *iv,int enc);
69 70
70IMPLEMENT_BLOCK_CIPHER(cast5, cast_ks, CAST, cast_ks, 71typedef struct
71 NID_cast5, 8, EVP_CAST5_KEY_SIZE, 8, 72 {
73 CAST_KEY ks;
74 } EVP_CAST_KEY;
75
76#define data(ctx) EVP_C_DATA(EVP_CAST_KEY,ctx)
77
78IMPLEMENT_BLOCK_CIPHER(cast5, ks, CAST, EVP_CAST_KEY,
79 NID_cast5, 8, CAST_KEY_LENGTH, 8, 64,
72 EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL, 80 EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL,
73 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) 81 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
74 82
75static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 83static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
76 const unsigned char *iv, int enc) 84 const unsigned char *iv, int enc)
77 { 85 {
78 CAST_set_key(&(ctx->c.cast_ks),EVP_CIPHER_CTX_key_length(ctx),key); 86 CAST_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),key);
79 return 1; 87 return 1;
80 } 88 }
81 89
diff --git a/src/lib/libcrypto/evp/e_des.c b/src/lib/libcrypto/evp/e_des.c
index f4e998b81c..105266a4b3 100644
--- a/src/lib/libcrypto/evp/e_des.c
+++ b/src/lib/libcrypto/evp/e_des.c
@@ -56,12 +56,13 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef NO_DES 59#ifndef OPENSSL_NO_DES
60#include <stdio.h> 60#include <stdio.h>
61#include "cryptlib.h" 61#include "cryptlib.h"
62#include <openssl/evp.h> 62#include <openssl/evp.h>
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64#include "evp_locl.h" 64#include "evp_locl.h"
65#include <openssl/des.h>
65 66
66static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 67static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
67 const unsigned char *iv, int enc); 68 const unsigned char *iv, int enc);
@@ -72,34 +73,34 @@ static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
72 const unsigned char *in, unsigned int inl) 73 const unsigned char *in, unsigned int inl)
73{ 74{
74 BLOCK_CIPHER_ecb_loop() 75 BLOCK_CIPHER_ecb_loop()
75 des_ecb_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i), ctx->c.des_ks, ctx->encrypt); 76 DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), ctx->cipher_data, ctx->encrypt);
76 return 1; 77 return 1;
77} 78}
78 79
79static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 80static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
80 const unsigned char *in, unsigned int inl) 81 const unsigned char *in, unsigned int inl)
81{ 82{
82 des_ofb64_encrypt(in, out, (long)inl, ctx->c.des_ks, (des_cblock *)ctx->iv, &ctx->num); 83 DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data, (DES_cblock *)ctx->iv, &ctx->num);
83 return 1; 84 return 1;
84} 85}
85 86
86static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 87static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
87 const unsigned char *in, unsigned int inl) 88 const unsigned char *in, unsigned int inl)
88{ 89{
89 des_ncbc_encrypt(in, out, (long)inl, ctx->c.des_ks, 90 DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data,
90 (des_cblock *)ctx->iv, ctx->encrypt); 91 (DES_cblock *)ctx->iv, ctx->encrypt);
91 return 1; 92 return 1;
92} 93}
93 94
94static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 95static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
95 const unsigned char *in, unsigned int inl) 96 const unsigned char *in, unsigned int inl)
96{ 97{
97 des_cfb64_encrypt(in, out, (long)inl, ctx->c.des_ks, 98 DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data,
98 (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt); 99 (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
99 return 1; 100 return 1;
100} 101}
101 102
102BLOCK_CIPHER_defs(des, des_ks, NID_des, 8, 8, 8, 103BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64,
103 0, des_init_key, NULL, 104 0, des_init_key, NULL,
104 EVP_CIPHER_set_asn1_iv, 105 EVP_CIPHER_set_asn1_iv,
105 EVP_CIPHER_get_asn1_iv, 106 EVP_CIPHER_get_asn1_iv,
@@ -109,9 +110,9 @@ BLOCK_CIPHER_defs(des, des_ks, NID_des, 8, 8, 8,
109static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 110static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
110 const unsigned char *iv, int enc) 111 const unsigned char *iv, int enc)
111 { 112 {
112 des_cblock *deskey = (des_cblock *)key; 113 DES_cblock *deskey = (DES_cblock *)key;
113 114
114 des_set_key_unchecked(deskey,ctx->c.des_ks); 115 DES_set_key_unchecked(deskey,ctx->cipher_data);
115 return 1; 116 return 1;
116 } 117 }
117 118
diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c
index a9aba4ae70..077860e7b6 100644
--- a/src/lib/libcrypto/evp/e_des3.c
+++ b/src/lib/libcrypto/evp/e_des3.c
@@ -56,12 +56,13 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef NO_DES 59#ifndef OPENSSL_NO_DES
60#include <stdio.h> 60#include <stdio.h>
61#include "cryptlib.h" 61#include "cryptlib.h"
62#include <openssl/evp.h> 62#include <openssl/evp.h>
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64#include "evp_locl.h" 64#include "evp_locl.h"
65#include <openssl/des.h>
65 66
66static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 67static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
67 const unsigned char *iv,int enc); 68 const unsigned char *iv,int enc);
@@ -69,60 +70,78 @@ static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
69static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 70static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
70 const unsigned char *iv,int enc); 71 const unsigned char *iv,int enc);
71 72
73typedef struct
74 {
75 DES_key_schedule ks1;/* key schedule */
76 DES_key_schedule ks2;/* key schedule (for ede) */
77 DES_key_schedule ks3;/* key schedule (for ede3) */
78 } DES_EDE_KEY;
79
80#define data(ctx) ((DES_EDE_KEY *)(ctx)->cipher_data)
81
72/* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */ 82/* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */
73 83
74static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 84static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
75 const unsigned char *in, unsigned int inl) 85 const unsigned char *in, unsigned int inl)
76{ 86{
77 BLOCK_CIPHER_ecb_loop() 87 BLOCK_CIPHER_ecb_loop()
78 des_ecb3_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i), 88 DES_ecb3_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i),
79 ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, 89 &data(ctx)->ks1, &data(ctx)->ks2,
80 ctx->encrypt); 90 &data(ctx)->ks3,
91 ctx->encrypt);
81 return 1; 92 return 1;
82} 93}
83 94
84static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 95static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
85 const unsigned char *in, unsigned int inl) 96 const unsigned char *in, unsigned int inl)
86{ 97{
87 des_ede3_ofb64_encrypt(in, out, (long)inl, 98 DES_ede3_ofb64_encrypt(in, out, (long)inl,
88 ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, 99 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
89 (des_cblock *)ctx->iv, &ctx->num); 100 (DES_cblock *)ctx->iv, &ctx->num);
90 return 1; 101 return 1;
91} 102}
92 103
93static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 104static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
94 const unsigned char *in, unsigned int inl) 105 const unsigned char *in, unsigned int inl)
95{ 106{
96 des_ede3_cbc_encrypt(in, out, (long)inl, 107#ifdef KSSL_DEBUG
97 ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, 108 {
98 (des_cblock *)ctx->iv, ctx->encrypt); 109 int i;
110 char *cp;
111 printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len);
112 printf("\t iv= ");
113 for(i=0;i<8;i++)
114 printf("%02X",ctx->iv[i]);
115 printf("\n");
116 }
117#endif /* KSSL_DEBUG */
118 DES_ede3_cbc_encrypt(in, out, (long)inl,
119 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
120 (DES_cblock *)ctx->iv, ctx->encrypt);
99 return 1; 121 return 1;
100} 122}
101 123
102static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 124static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
103 const unsigned char *in, unsigned int inl) 125 const unsigned char *in, unsigned int inl)
104{ 126{
105 des_ede3_cfb64_encrypt(in, out, (long)inl, 127 DES_ede3_cfb64_encrypt(in, out, (long)inl,
106 ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, 128 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
107 (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt); 129 (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
108 return 1; 130 return 1;
109} 131}
110 132
111#define NID_des_ede_ecb NID_des_ede 133BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
112
113BLOCK_CIPHER_defs(des_ede, des_ede, NID_des_ede, 8, 16, 8,
114 0, des_ede_init_key, NULL, 134 0, des_ede_init_key, NULL,
115 EVP_CIPHER_set_asn1_iv, 135 EVP_CIPHER_set_asn1_iv,
116 EVP_CIPHER_get_asn1_iv, 136 EVP_CIPHER_get_asn1_iv,
117 NULL) 137 NULL)
118 138
119#define NID_des_ede3_ecb NID_des_ede3
120#define des_ede3_cfb_cipher des_ede_cfb_cipher 139#define des_ede3_cfb_cipher des_ede_cfb_cipher
121#define des_ede3_ofb_cipher des_ede_ofb_cipher 140#define des_ede3_ofb_cipher des_ede_ofb_cipher
122#define des_ede3_cbc_cipher des_ede_cbc_cipher 141#define des_ede3_cbc_cipher des_ede_cbc_cipher
123#define des_ede3_ecb_cipher des_ede_ecb_cipher 142#define des_ede3_ecb_cipher des_ede_ecb_cipher
124 143
125BLOCK_CIPHER_defs(des_ede3, des_ede, NID_des_ede3, 8, 24, 8, 144BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
126 0, des_ede3_init_key, NULL, 145 0, des_ede3_init_key, NULL,
127 EVP_CIPHER_set_asn1_iv, 146 EVP_CIPHER_set_asn1_iv,
128 EVP_CIPHER_get_asn1_iv, 147 EVP_CIPHER_get_asn1_iv,
@@ -131,34 +150,43 @@ BLOCK_CIPHER_defs(des_ede3, des_ede, NID_des_ede3, 8, 24, 8,
131static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 150static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
132 const unsigned char *iv, int enc) 151 const unsigned char *iv, int enc)
133 { 152 {
134 des_cblock *deskey = (des_cblock *)key; 153 DES_cblock *deskey = (DES_cblock *)key;
135 154
136 des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1); 155 DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
137 des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2); 156 DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
138 memcpy( (char *)ctx->c.des_ede.ks3, 157 memcpy(&data(ctx)->ks3,&data(ctx)->ks1,
139 (char *)ctx->c.des_ede.ks1, 158 sizeof(data(ctx)->ks1));
140 sizeof(ctx->c.des_ede.ks1));
141 return 1; 159 return 1;
142 } 160 }
143 161
144static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 162static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
145 const unsigned char *iv, int enc) 163 const unsigned char *iv, int enc)
146 { 164 {
147 des_cblock *deskey = (des_cblock *)key; 165 DES_cblock *deskey = (DES_cblock *)key;
166#ifdef KSSL_DEBUG
167 {
168 int i;
169 printf("des_ede3_init_key(ctx=%lx)\n", ctx);
170 printf("\tKEY= ");
171 for(i=0;i<24;i++) printf("%02X",key[i]); printf("\n");
172 printf("\t IV= ");
173 for(i=0;i<8;i++) printf("%02X",iv[i]); printf("\n");
174 }
175#endif /* KSSL_DEBUG */
148 176
149 des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1); 177 DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
150 des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2); 178 DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
151 des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3); 179 DES_set_key_unchecked(&deskey[2],&data(ctx)->ks3);
152 180
153 return 1; 181 return 1;
154 } 182 }
155 183
156EVP_CIPHER *EVP_des_ede(void) 184const EVP_CIPHER *EVP_des_ede(void)
157{ 185{
158 return &des_ede_ecb; 186 return &des_ede_ecb;
159} 187}
160 188
161EVP_CIPHER *EVP_des_ede3(void) 189const EVP_CIPHER *EVP_des_ede3(void)
162{ 190{
163 return &des_ede3_ecb; 191 return &des_ede3_ecb;
164} 192}
diff --git a/src/lib/libcrypto/evp/e_idea.c b/src/lib/libcrypto/evp/e_idea.c
index 8d3c88deb7..ed838d3e62 100644
--- a/src/lib/libcrypto/evp/e_idea.c
+++ b/src/lib/libcrypto/evp/e_idea.c
@@ -56,13 +56,14 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef NO_IDEA 59#ifndef OPENSSL_NO_IDEA
60 60
61#include <stdio.h> 61#include <stdio.h>
62#include "cryptlib.h" 62#include "cryptlib.h"
63#include <openssl/evp.h> 63#include <openssl/evp.h>
64#include <openssl/objects.h> 64#include <openssl/objects.h>
65#include "evp_locl.h" 65#include "evp_locl.h"
66#include <openssl/idea.h>
66 67
67static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 68static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
68 const unsigned char *iv,int enc); 69 const unsigned char *iv,int enc);
@@ -75,17 +76,22 @@ static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
75 const unsigned char *in, unsigned int inl) 76 const unsigned char *in, unsigned int inl)
76{ 77{
77 BLOCK_CIPHER_ecb_loop() 78 BLOCK_CIPHER_ecb_loop()
78 idea_ecb_encrypt(in + i, out + i, &ctx->c.idea_ks); 79 idea_ecb_encrypt(in + i, out + i, ctx->cipher_data);
79 return 1; 80 return 1;
80} 81}
81 82
82/* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */ 83/* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */
83 84
84BLOCK_CIPHER_func_cbc(idea, idea, idea_ks) 85typedef struct
85BLOCK_CIPHER_func_ofb(idea, idea, idea_ks) 86 {
86BLOCK_CIPHER_func_cfb(idea, idea, idea_ks) 87 IDEA_KEY_SCHEDULE ks;
88 } EVP_IDEA_KEY;
89
90BLOCK_CIPHER_func_cbc(idea, idea, EVP_IDEA_KEY, ks)
91BLOCK_CIPHER_func_ofb(idea, idea, 64, EVP_IDEA_KEY, ks)
92BLOCK_CIPHER_func_cfb(idea, idea, 64, EVP_IDEA_KEY, ks)
87 93
88BLOCK_CIPHER_defs(idea, idea_ks, NID_idea, 8, 16, 8, 94BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64,
89 0, idea_init_key, NULL, 95 0, idea_init_key, NULL,
90 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) 96 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
91 97
@@ -96,13 +102,13 @@ static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
96 if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) enc = 1; 102 if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) enc = 1;
97 else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE) enc = 1; 103 else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE) enc = 1;
98 } 104 }
99 if (enc) idea_set_encrypt_key(key,&(ctx->c.idea_ks)); 105 if (enc) idea_set_encrypt_key(key,ctx->cipher_data);
100 else 106 else
101 { 107 {
102 IDEA_KEY_SCHEDULE tmp; 108 IDEA_KEY_SCHEDULE tmp;
103 109
104 idea_set_encrypt_key(key,&tmp); 110 idea_set_encrypt_key(key,&tmp);
105 idea_set_decrypt_key(&tmp,&(ctx->c.idea_ks)); 111 idea_set_decrypt_key(&tmp,ctx->cipher_data);
106 memset((unsigned char *)&tmp,0, 112 memset((unsigned char *)&tmp,0,
107 sizeof(IDEA_KEY_SCHEDULE)); 113 sizeof(IDEA_KEY_SCHEDULE));
108 } 114 }
diff --git a/src/lib/libcrypto/evp/e_null.c b/src/lib/libcrypto/evp/e_null.c
index e4e7ca7606..2420d7e5af 100644
--- a/src/lib/libcrypto/evp/e_null.c
+++ b/src/lib/libcrypto/evp/e_null.c
@@ -58,52 +58,44 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "evp.h" 61#include <openssl/evp.h>
62#include "objects.h" 62#include <openssl/objects.h>
63 63
64#ifndef NOPROTO 64static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
65static void null_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, 65 const unsigned char *iv,int enc);
66 unsigned char *iv,int enc); 66static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
67static void null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 67 const unsigned char *in, unsigned int inl);
68 unsigned char *in, unsigned int inl); 68static const EVP_CIPHER n_cipher=
69#else
70static void null_init_key();
71static void null_cipher();
72#endif
73
74static EVP_CIPHER n_cipher=
75 { 69 {
76 NID_undef, 70 NID_undef,
77 1,0,0, 71 1,0,0,
72 0,
78 null_init_key, 73 null_init_key,
79 null_cipher, 74 null_cipher,
80 NULL, 75 NULL,
81 0, 76 0,
82 NULL, 77 NULL,
83 NULL, 78 NULL,
79 NULL
84 }; 80 };
85 81
86EVP_CIPHER *EVP_enc_null() 82const EVP_CIPHER *EVP_enc_null(void)
87 { 83 {
88 return(&n_cipher); 84 return(&n_cipher);
89 } 85 }
90 86
91static void null_init_key(ctx,key,iv,enc) 87static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
92EVP_CIPHER_CTX *ctx; 88 const unsigned char *iv, int enc)
93unsigned char *key;
94unsigned char *iv;
95int enc;
96 { 89 {
97 memset(&(ctx->c),0,sizeof(ctx->c)); 90 /* memset(&(ctx->c),0,sizeof(ctx->c));*/
91 return 1;
98 } 92 }
99 93
100static void null_cipher(ctx,out,in,inl) 94static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
101EVP_CIPHER_CTX *ctx; 95 const unsigned char *in, unsigned int inl)
102unsigned char *out;
103unsigned char *in;
104unsigned int inl;
105 { 96 {
106 if (in != out) 97 if (in != out)
107 memcpy((char *)out,(char *)in,(int)inl); 98 memcpy((char *)out,(char *)in,(int)inl);
99 return 1;
108 } 100 }
109 101
diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c
index 3955c3ef84..4685198e2e 100644
--- a/src/lib/libcrypto/evp/e_rc2.c
+++ b/src/lib/libcrypto/evp/e_rc2.c
@@ -56,13 +56,14 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef NO_RC2 59#ifndef OPENSSL_NO_RC2
60 60
61#include <stdio.h> 61#include <stdio.h>
62#include "cryptlib.h" 62#include "cryptlib.h"
63#include <openssl/evp.h> 63#include <openssl/evp.h>
64#include <openssl/objects.h> 64#include <openssl/objects.h>
65#include "evp_locl.h" 65#include "evp_locl.h"
66#include <openssl/rc2.h>
66 67
67static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 68static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
68 const unsigned char *iv,int enc); 69 const unsigned char *iv,int enc);
@@ -72,9 +73,17 @@ static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
72static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); 73static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
73static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); 74static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
74 75
75IMPLEMENT_BLOCK_CIPHER(rc2, rc2.ks, RC2, rc2, NID_rc2, 76typedef struct
77 {
78 int key_bits; /* effective key bits */
79 RC2_KEY ks; /* key schedule */
80 } EVP_RC2_KEY;
81
82#define data(ctx) ((EVP_RC2_KEY *)(ctx)->cipher_data)
83
84IMPLEMENT_BLOCK_CIPHER(rc2, ks, RC2, EVP_RC2_KEY, NID_rc2,
76 8, 85 8,
77 EVP_RC2_KEY_SIZE, 8, 86 RC2_KEY_LENGTH, 8, 64,
78 EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, 87 EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
79 rc2_init_key, NULL, 88 rc2_init_key, NULL,
80 rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv, 89 rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv,
@@ -84,7 +93,7 @@ IMPLEMENT_BLOCK_CIPHER(rc2, rc2.ks, RC2, rc2, NID_rc2,
84#define RC2_64_MAGIC 0x78 93#define RC2_64_MAGIC 0x78
85#define RC2_128_MAGIC 0x3a 94#define RC2_128_MAGIC 0x3a
86 95
87static EVP_CIPHER r2_64_cbc_cipher= 96static const EVP_CIPHER r2_64_cbc_cipher=
88 { 97 {
89 NID_rc2_64_cbc, 98 NID_rc2_64_cbc,
90 8,8 /* 64 bit */,8, 99 8,8 /* 64 bit */,8,
@@ -92,15 +101,14 @@ static EVP_CIPHER r2_64_cbc_cipher=
92 rc2_init_key, 101 rc2_init_key,
93 rc2_cbc_cipher, 102 rc2_cbc_cipher,
94 NULL, 103 NULL,
95 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ 104 sizeof(EVP_RC2_KEY),
96 sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)),
97 rc2_set_asn1_type_and_iv, 105 rc2_set_asn1_type_and_iv,
98 rc2_get_asn1_type_and_iv, 106 rc2_get_asn1_type_and_iv,
99 rc2_ctrl, 107 rc2_ctrl,
100 NULL 108 NULL
101 }; 109 };
102 110
103static EVP_CIPHER r2_40_cbc_cipher= 111static const EVP_CIPHER r2_40_cbc_cipher=
104 { 112 {
105 NID_rc2_40_cbc, 113 NID_rc2_40_cbc,
106 8,5 /* 40 bit */,8, 114 8,5 /* 40 bit */,8,
@@ -108,20 +116,19 @@ static EVP_CIPHER r2_40_cbc_cipher=
108 rc2_init_key, 116 rc2_init_key,
109 rc2_cbc_cipher, 117 rc2_cbc_cipher,
110 NULL, 118 NULL,
111 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ 119 sizeof(EVP_RC2_KEY),
112 sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)),
113 rc2_set_asn1_type_and_iv, 120 rc2_set_asn1_type_and_iv,
114 rc2_get_asn1_type_and_iv, 121 rc2_get_asn1_type_and_iv,
115 rc2_ctrl, 122 rc2_ctrl,
116 NULL 123 NULL
117 }; 124 };
118 125
119EVP_CIPHER *EVP_rc2_64_cbc(void) 126const EVP_CIPHER *EVP_rc2_64_cbc(void)
120 { 127 {
121 return(&r2_64_cbc_cipher); 128 return(&r2_64_cbc_cipher);
122 } 129 }
123 130
124EVP_CIPHER *EVP_rc2_40_cbc(void) 131const EVP_CIPHER *EVP_rc2_40_cbc(void)
125 { 132 {
126 return(&r2_40_cbc_cipher); 133 return(&r2_40_cbc_cipher);
127 } 134 }
@@ -129,8 +136,8 @@ EVP_CIPHER *EVP_rc2_40_cbc(void)
129static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 136static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
130 const unsigned char *iv, int enc) 137 const unsigned char *iv, int enc)
131 { 138 {
132 RC2_set_key(&(ctx->c.rc2.ks),EVP_CIPHER_CTX_key_length(ctx), 139 RC2_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
133 key,ctx->c.rc2.key_bits); 140 key,data(ctx)->key_bits);
134 return 1; 141 return 1;
135 } 142 }
136 143
@@ -173,7 +180,7 @@ static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
173 key_bits =rc2_magic_to_meth((int)num); 180 key_bits =rc2_magic_to_meth((int)num);
174 if (!key_bits) 181 if (!key_bits)
175 return(-1); 182 return(-1);
176 if(i > 0) EVP_CipherInit(c, NULL, NULL, iv, -1); 183 if(i > 0) EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1);
177 EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL); 184 EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
178 EVP_CIPHER_CTX_set_key_length(c, key_bits / 8); 185 EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
179 } 186 }
@@ -196,26 +203,26 @@ static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
196 203
197static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) 204static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
198 { 205 {
199 switch(type) { 206 switch(type)
200 207 {
201 case EVP_CTRL_INIT: 208 case EVP_CTRL_INIT:
202 c->c.rc2.key_bits = EVP_CIPHER_CTX_key_length(c) * 8; 209 data(c)->key_bits = EVP_CIPHER_CTX_key_length(c) * 8;
203 return 1; 210 return 1;
204 211
205 case EVP_CTRL_GET_RC2_KEY_BITS: 212 case EVP_CTRL_GET_RC2_KEY_BITS:
206 *(int *)ptr = c->c.rc2.key_bits; 213 *(int *)ptr = data(c)->key_bits;
207 return 1; 214 return 1;
208 215
209 216 case EVP_CTRL_SET_RC2_KEY_BITS:
210 case EVP_CTRL_SET_RC2_KEY_BITS: 217 if(arg > 0)
211 if(arg > 0) { 218 {
212 c->c.rc2.key_bits = arg; 219 data(c)->key_bits = arg;
213 return 1; 220 return 1;
214 } 221 }
215 return 0; 222 return 0;
216 223
217 default: 224 default:
218 return -1; 225 return -1;
219 } 226 }
220 } 227 }
221 228
diff --git a/src/lib/libcrypto/evp/e_rc4.c b/src/lib/libcrypto/evp/e_rc4.c
index 7e9790a94c..4064cc5fa0 100644
--- a/src/lib/libcrypto/evp/e_rc4.c
+++ b/src/lib/libcrypto/evp/e_rc4.c
@@ -56,72 +56,81 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef NO_RC4 59#ifndef OPENSSL_NO_RC4
60 60
61#include <stdio.h> 61#include <stdio.h>
62#include "cryptlib.h" 62#include "cryptlib.h"
63#include "evp.h" 63#include <openssl/evp.h>
64#include "objects.h" 64#include <openssl/objects.h>
65#include <openssl/rc4.h>
65 66
66#ifndef NOPROTO 67/* FIXME: surely this is available elsewhere? */
67static void rc4_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, 68#define EVP_RC4_KEY_SIZE 16
68 unsigned char *iv,int enc); 69
69static void rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 70typedef struct
70 unsigned char *in, unsigned int inl); 71 {
71#else 72 /* FIXME: what is the key for? */
72static void rc4_init_key(); 73 unsigned char key[EVP_RC4_KEY_SIZE];
73static void rc4_cipher(); 74 RC4_KEY ks; /* working key */
74#endif 75 } EVP_RC4_KEY;
76
77#define data(ctx) ((EVP_RC4_KEY *)(ctx)->cipher_data)
75 78
76static EVP_CIPHER r4_cipher= 79static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
80 const unsigned char *iv,int enc);
81static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
82 const unsigned char *in, unsigned int inl);
83static const EVP_CIPHER r4_cipher=
77 { 84 {
78 NID_rc4, 85 NID_rc4,
79 1,EVP_RC4_KEY_SIZE,0, 86 1,EVP_RC4_KEY_SIZE,0,
87 EVP_CIPH_VARIABLE_LENGTH,
80 rc4_init_key, 88 rc4_init_key,
81 rc4_cipher, 89 rc4_cipher,
82 NULL, 90 NULL,
83 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ 91 sizeof(EVP_RC4_KEY),
84 sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc4)),
85 NULL, 92 NULL,
86 NULL, 93 NULL,
94 NULL
87 }; 95 };
88 96
89static EVP_CIPHER r4_40_cipher= 97static const EVP_CIPHER r4_40_cipher=
90 { 98 {
91 NID_rc4_40, 99 NID_rc4_40,
92 1,5 /* 40 bit */,0, 100 1,5 /* 40 bit */,0,
101 EVP_CIPH_VARIABLE_LENGTH,
93 rc4_init_key, 102 rc4_init_key,
94 rc4_cipher, 103 rc4_cipher,
104 NULL,
105 sizeof(EVP_RC4_KEY),
106 NULL,
107 NULL,
108 NULL
95 }; 109 };
96 110
97EVP_CIPHER *EVP_rc4() 111const EVP_CIPHER *EVP_rc4(void)
98 { 112 {
99 return(&r4_cipher); 113 return(&r4_cipher);
100 } 114 }
101 115
102EVP_CIPHER *EVP_rc4_40() 116const EVP_CIPHER *EVP_rc4_40(void)
103 { 117 {
104 return(&r4_40_cipher); 118 return(&r4_40_cipher);
105 } 119 }
106 120
107static void rc4_init_key(ctx,key,iv,enc) 121static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
108EVP_CIPHER_CTX *ctx; 122 const unsigned char *iv, int enc)
109unsigned char *key;
110unsigned char *iv;
111int enc;
112 { 123 {
113 if (key != NULL) 124 memcpy(&data(ctx)->key[0],key,EVP_CIPHER_CTX_key_length(ctx));
114 memcpy(&(ctx->c.rc4.key[0]),key,EVP_CIPHER_CTX_key_length(ctx)); 125 RC4_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
115 RC4_set_key(&(ctx->c.rc4.ks),EVP_CIPHER_CTX_key_length(ctx), 126 data(ctx)->key);
116 ctx->c.rc4.key); 127 return 1;
117 } 128 }
118 129
119static void rc4_cipher(ctx,out,in,inl) 130static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
120EVP_CIPHER_CTX *ctx; 131 const unsigned char *in, unsigned int inl)
121unsigned char *out;
122unsigned char *in;
123unsigned int inl;
124 { 132 {
125 RC4(&(ctx->c.rc4.ks),inl,in,out); 133 RC4(&data(ctx)->ks,inl,in,out);
134 return 1;
126 } 135 }
127#endif 136#endif
diff --git a/src/lib/libcrypto/evp/e_xcbc_d.c b/src/lib/libcrypto/evp/e_xcbc_d.c
index 0d7fda0c47..a6f849e93d 100644
--- a/src/lib/libcrypto/evp/e_xcbc_d.c
+++ b/src/lib/libcrypto/evp/e_xcbc_d.c
@@ -56,67 +56,67 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef OPENSSL_NO_DES
59#include <stdio.h> 60#include <stdio.h>
60#include "cryptlib.h" 61#include "cryptlib.h"
61#include "evp.h" 62#include <openssl/evp.h>
62#include "objects.h" 63#include <openssl/objects.h>
64#include <openssl/des.h>
63 65
64#ifndef NOPROTO 66static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
65static void desx_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, 67 const unsigned char *iv,int enc);
66 unsigned char *iv,int enc); 68static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
67static void desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 69 const unsigned char *in, unsigned int inl);
68 unsigned char *in, unsigned int inl); 70
69#else 71
70static void desx_cbc_init_key(); 72typedef struct
71static void desx_cbc_cipher(); 73 {
72#endif 74 DES_key_schedule ks;/* key schedule */
75 DES_cblock inw;
76 DES_cblock outw;
77 } DESX_CBC_KEY;
78
79#define data(ctx) ((DESX_CBC_KEY *)(ctx)->cipher_data)
73 80
74static EVP_CIPHER d_xcbc_cipher= 81static const EVP_CIPHER d_xcbc_cipher=
75 { 82 {
76 NID_desx_cbc, 83 NID_desx_cbc,
77 8,24,8, 84 8,24,8,
85 EVP_CIPH_CBC_MODE,
78 desx_cbc_init_key, 86 desx_cbc_init_key,
79 desx_cbc_cipher, 87 desx_cbc_cipher,
80 NULL, 88 NULL,
81 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ 89 sizeof(DESX_CBC_KEY),
82 sizeof((((EVP_CIPHER_CTX *)NULL)->c.desx_cbc)),
83 EVP_CIPHER_set_asn1_iv, 90 EVP_CIPHER_set_asn1_iv,
84 EVP_CIPHER_get_asn1_iv, 91 EVP_CIPHER_get_asn1_iv,
92 NULL
85 }; 93 };
86 94
87EVP_CIPHER *EVP_desx_cbc() 95const EVP_CIPHER *EVP_desx_cbc(void)
88 { 96 {
89 return(&d_xcbc_cipher); 97 return(&d_xcbc_cipher);
90 } 98 }
91 99
92static void desx_cbc_init_key(ctx,key,iv,enc) 100static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
93EVP_CIPHER_CTX *ctx; 101 const unsigned char *iv, int enc)
94unsigned char *key;
95unsigned char *iv;
96int enc;
97 { 102 {
98 if (iv != NULL) 103 DES_cblock *deskey = (DES_cblock *)key;
99 memcpy(&(ctx->oiv[0]),iv,8); 104
100 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8); 105 DES_set_key_unchecked(deskey,&data(ctx)->ks);
101 if (key != NULL) 106 memcpy(&data(ctx)->inw[0],&key[8],8);
102 { 107 memcpy(&data(ctx)->outw[0],&key[16],8);
103 des_set_key((des_cblock *)key,ctx->c.desx_cbc.ks); 108
104 memcpy(&(ctx->c.desx_cbc.inw[0]),&(key[8]),8); 109 return 1;
105 memcpy(&(ctx->c.desx_cbc.outw[0]),&(key[16]),8);
106 }
107 } 110 }
108 111
109static void desx_cbc_cipher(ctx,out,in,inl) 112static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
110EVP_CIPHER_CTX *ctx; 113 const unsigned char *in, unsigned int inl)
111unsigned char *out;
112unsigned char *in;
113unsigned int inl;
114 { 114 {
115 des_xcbc_encrypt( 115 DES_xcbc_encrypt(in,out,inl,&data(ctx)->ks,
116 (des_cblock *)in,(des_cblock *)out, 116 (DES_cblock *)&(ctx->iv[0]),
117 (long)inl, ctx->c.desx_cbc.ks, 117 &data(ctx)->inw,
118 (des_cblock *)&(ctx->iv[0]), 118 &data(ctx)->outw,
119 (des_cblock *)&(ctx->c.desx_cbc.inw[0]), 119 ctx->encrypt);
120 (des_cblock *)&(ctx->c.desx_cbc.outw[0]), 120 return 1;
121 ctx->encrypt);
122 } 121 }
122#endif
diff --git a/src/lib/libcrypto/evp/encode.c b/src/lib/libcrypto/evp/encode.c
index 14d47c1eed..12c6379df1 100644
--- a/src/lib/libcrypto/evp/encode.c
+++ b/src/lib/libcrypto/evp/encode.c
@@ -58,10 +58,21 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "evp.h" 61#include <openssl/evp.h>
62 62
63#ifndef CHARSET_EBCDIC
63#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f]) 64#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
64#define conv_ascii2bin(a) (data_ascii2bin[(a)&0x7f]) 65#define conv_ascii2bin(a) (data_ascii2bin[(a)&0x7f])
66#else
67/* We assume that PEM encoded files are EBCDIC files
68 * (i.e., printable text files). Convert them here while decoding.
69 * When encoding, output is EBCDIC (text) format again.
70 * (No need for conversion in the conv_bin2ascii macro, as the
71 * underlying textstring data_bin2ascii[] is already EBCDIC)
72 */
73#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
74#define conv_ascii2bin(a) (data_ascii2bin[os_toascii[a]&0x7f])
75#endif
65 76
66/* 64 char lines 77/* 64 char lines
67 * pad input with 0 78 * pad input with 0
@@ -110,20 +121,15 @@ static unsigned char data_ascii2bin[128]={
110 0x31,0x32,0x33,0xFF,0xFF,0xFF,0xFF,0xFF, 121 0x31,0x32,0x33,0xFF,0xFF,0xFF,0xFF,0xFF,
111 }; 122 };
112 123
113void EVP_EncodeInit(ctx) 124void EVP_EncodeInit(EVP_ENCODE_CTX *ctx)
114EVP_ENCODE_CTX *ctx;
115 { 125 {
116 ctx->length=48; 126 ctx->length=48;
117 ctx->num=0; 127 ctx->num=0;
118 ctx->line_num=0; 128 ctx->line_num=0;
119 } 129 }
120 130
121void EVP_EncodeUpdate(ctx,out,outl,in,inl) 131void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
122EVP_ENCODE_CTX *ctx; 132 unsigned char *in, int inl)
123unsigned char *out;
124int *outl;
125unsigned char *in;
126int inl;
127 { 133 {
128 int i,j; 134 int i,j;
129 unsigned int total=0; 135 unsigned int total=0;
@@ -165,10 +171,7 @@ int inl;
165 *outl=total; 171 *outl=total;
166 } 172 }
167 173
168void EVP_EncodeFinal(ctx,out,outl) 174void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
169EVP_ENCODE_CTX *ctx;
170unsigned char *out;
171int *outl;
172 { 175 {
173 unsigned int ret=0; 176 unsigned int ret=0;
174 177
@@ -182,9 +185,7 @@ int *outl;
182 *outl=ret; 185 *outl=ret;
183 } 186 }
184 187
185int EVP_EncodeBlock(t,f,dlen) 188int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen)
186unsigned char *t,*f;
187int dlen;
188 { 189 {
189 int i,ret=0; 190 int i,ret=0;
190 unsigned long l; 191 unsigned long l;
@@ -218,8 +219,7 @@ int dlen;
218 return(ret); 219 return(ret);
219 } 220 }
220 221
221void EVP_DecodeInit(ctx) 222void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
222EVP_ENCODE_CTX *ctx;
223 { 223 {
224 ctx->length=30; 224 ctx->length=30;
225 ctx->num=0; 225 ctx->num=0;
@@ -231,12 +231,8 @@ EVP_ENCODE_CTX *ctx;
231 * 0 for last line 231 * 0 for last line
232 * 1 for full line 232 * 1 for full line
233 */ 233 */
234int EVP_DecodeUpdate(ctx,out,outl,in,inl) 234int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
235EVP_ENCODE_CTX *ctx; 235 unsigned char *in, int inl)
236unsigned char *out;
237int *outl;
238unsigned char *in;
239int inl;
240 { 236 {
241 int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl; 237 int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl;
242 unsigned char *d; 238 unsigned char *d;
@@ -281,6 +277,13 @@ int inl;
281 eof++; 277 eof++;
282 } 278 }
283 279
280 if (v == B64_CR)
281 {
282 ln = 0;
283 if (exp_nl)
284 continue;
285 }
286
284 /* eoln */ 287 /* eoln */
285 if (v == B64_EOLN) 288 if (v == B64_EOLN)
286 { 289 {
@@ -296,7 +299,17 @@ int inl;
296 /* If we are at the end of input and it looks like a 299 /* If we are at the end of input and it looks like a
297 * line, process it. */ 300 * line, process it. */
298 if (((i+1) == inl) && (((n&3) == 0) || eof)) 301 if (((i+1) == inl) && (((n&3) == 0) || eof))
302 {
299 v=B64_EOF; 303 v=B64_EOF;
304 /* In case things were given us in really small
305 records (so two '=' were given in separate
306 updates), eof may contain the incorrect number
307 of ending bytes to skip, so let's redo the count */
308 eof = 0;
309 if (d[n-1] == '=') eof++;
310 if (d[n-2] == '=') eof++;
311 /* There will never be more than two '=' */
312 }
300 313
301 if ((v == B64_EOF) || (n >= 64)) 314 if ((v == B64_EOF) || (n >= 64))
302 { 315 {
@@ -341,9 +354,7 @@ end:
341 return(rv); 354 return(rv);
342 } 355 }
343 356
344int EVP_DecodeBlock(t,f,n) 357int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n)
345unsigned char *t,*f;
346int n;
347 { 358 {
348 int i,ret=0,a,b,c,d; 359 int i,ret=0,a,b,c,d;
349 unsigned long l; 360 unsigned long l;
@@ -383,10 +394,7 @@ int n;
383 return(ret); 394 return(ret);
384 } 395 }
385 396
386int EVP_DecodeFinal(ctx,out,outl) 397int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
387EVP_ENCODE_CTX *ctx;
388unsigned char *out;
389int *outl;
390 { 398 {
391 int i; 399 int i;
392 400
@@ -404,9 +412,7 @@ int *outl;
404 } 412 }
405 413
406#ifdef undef 414#ifdef undef
407int EVP_DecodeValid(buf,len) 415int EVP_DecodeValid(unsigned char *buf, int len)
408unsigned char *buf;
409int len;
410 { 416 {
411 int i,num=0,bad=0; 417 int i,num=0,bad=0;
412 418
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index b39fad93a4..fb16de6852 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -59,75 +59,39 @@
59#ifndef HEADER_ENVELOPE_H 59#ifndef HEADER_ENVELOPE_H
60#define HEADER_ENVELOPE_H 60#define HEADER_ENVELOPE_H
61 61
62#ifdef __cplusplus 62#ifdef OPENSSL_ALGORITHM_DEFINES
63extern "C" { 63# include <openssl/opensslconf.h>
64#else
65# define OPENSSL_ALGORITHM_DEFINES
66# include <openssl/opensslconf.h>
67# undef OPENSSL_ALGORITHM_DEFINES
64#endif 68#endif
65 69
66#ifndef NO_MD2 70#include <openssl/ossl_typ.h>
67#include "md2.h" 71
68#endif 72#include <openssl/symhacks.h>
69#ifndef NO_MD5 73
70#include "md5.h" 74#ifndef OPENSSL_NO_BIO
71#endif 75#include <openssl/bio.h>
72#if !defined(NO_SHA) || !defined(NO_SHA1)
73#include "sha.h"
74#endif
75#ifndef NO_RIPEMD
76#include "ripemd.h"
77#endif
78#ifndef NO_DES
79#include "des.h"
80#endif
81#ifndef NO_RC4
82#include "rc4.h"
83#endif
84#ifndef NO_RC2
85#include "rc2.h"
86#endif
87#ifndef NO_RC5
88#include "rc5.h"
89#endif
90#ifndef NO_BLOWFISH
91#include "blowfish.h"
92#endif
93#ifndef NO_CAST
94#include "cast.h"
95#endif
96#ifndef NO_IDEA
97#include "idea.h"
98#endif
99#ifndef NO_MDC2
100#include "mdc2.h"
101#endif 76#endif
102 77
78/*
103#define EVP_RC2_KEY_SIZE 16 79#define EVP_RC2_KEY_SIZE 16
104#define EVP_RC4_KEY_SIZE 16 80#define EVP_RC4_KEY_SIZE 16
105#define EVP_BLOWFISH_KEY_SIZE 16 81#define EVP_BLOWFISH_KEY_SIZE 16
106#define EVP_CAST5_KEY_SIZE 16 82#define EVP_CAST5_KEY_SIZE 16
107#define EVP_RC5_32_12_16_KEY_SIZE 16 83#define EVP_RC5_32_12_16_KEY_SIZE 16
84*/
108#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */ 85#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
109#define EVP_MAX_KEY_LENGTH 24 86#define EVP_MAX_KEY_LENGTH 32
110#define EVP_MAX_IV_LENGTH 8 87#define EVP_MAX_IV_LENGTH 16
111 88#define EVP_MAX_BLOCK_LENGTH 32
112#ifndef NO_RSA
113#include "rsa.h"
114#else
115#define RSA long
116#endif
117
118#ifndef NO_DSA
119#include "dsa.h"
120#else
121#define DSA long
122#endif
123 89
124#ifndef NO_DH 90#define PKCS5_SALT_LEN 8
125#include "dh.h" 91/* Default PKCS#5 iteration count */
126#else 92#define PKCS5_DEFAULT_ITER 2048
127#define DH long
128#endif
129 93
130#include "objects.h" 94#include <openssl/objects.h>
131 95
132#define EVP_PK_RSA 0x0001 96#define EVP_PK_RSA 0x0001
133#define EVP_PK_DSA 0x0002 97#define EVP_PK_DSA 0x0002
@@ -149,27 +113,33 @@ extern "C" {
149#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2 113#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
150#define EVP_PKEY_DH NID_dhKeyAgreement 114#define EVP_PKEY_DH NID_dhKeyAgreement
151 115
116#ifdef __cplusplus
117extern "C" {
118#endif
119
152/* Type needs to be a bit field 120/* Type needs to be a bit field
153 * Sub-type needs to be for variations on the method, as in, can it do 121 * Sub-type needs to be for variations on the method, as in, can it do
154 * arbitary encryption.... */ 122 * arbitrary encryption.... */
155typedef struct evp_pkey_st 123struct evp_pkey_st
156 { 124 {
157 int type; 125 int type;
158 int save_type; 126 int save_type;
159 int references; 127 int references;
160 union { 128 union {
161 char *ptr; 129 char *ptr;
130#ifndef OPENSSL_NO_RSA
162 struct rsa_st *rsa; /* RSA */ 131 struct rsa_st *rsa; /* RSA */
132#endif
133#ifndef OPENSSL_NO_DSA
163 struct dsa_st *dsa; /* DSA */ 134 struct dsa_st *dsa; /* DSA */
135#endif
136#ifndef OPENSSL_NO_DH
164 struct dh_st *dh; /* DH */ 137 struct dh_st *dh; /* DH */
138#endif
165 } pkey; 139 } pkey;
166 int save_parameters; 140 int save_parameters;
167#ifdef HEADER_STACK_H 141 STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
168 STACK /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */ 142 } /* EVP_PKEY */;
169#else
170 char /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */
171#endif
172 } EVP_PKEY;
173 143
174#define EVP_PKEY_MO_SIGN 0x0001 144#define EVP_PKEY_MO_SIGN 0x0001
175#define EVP_PKEY_MO_VERIFY 0x0002 145#define EVP_PKEY_MO_VERIFY 0x0002
@@ -183,7 +153,7 @@ typedef struct evp_pkey_st
183 * This is required because for various smart-card perform the digest and 153 * This is required because for various smart-card perform the digest and
184 * signing/verification on-board. To handle this case, the specific 154 * signing/verification on-board. To handle this case, the specific
185 * EVP_MD and EVP_PKEY_METHODs need to be closely associated. 155 * EVP_MD and EVP_PKEY_METHODs need to be closely associated.
186 * When a PKEY is created, it will have a EVP_PKEY_METHOD ossociated with it. 156 * When a PKEY is created, it will have a EVP_PKEY_METHOD associated with it.
187 * This can either be software or a token to provide the required low level 157 * This can either be software or a token to provide the required low level
188 * routines. 158 * routines.
189 */ 159 */
@@ -194,28 +164,28 @@ typedef struct evp_pkey_md_st
194 EVP_PKEY_METHOD *pkey; 164 EVP_PKEY_METHOD *pkey;
195 } EVP_PKEY_MD; 165 } EVP_PKEY_MD;
196 166
197#define EVP_rsa_md2() 167#define EVP_rsa_md2() \
198 EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\ 168 EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\
199 EVP_rsa_pkcs1(),EVP_md2()) 169 EVP_rsa_pkcs1(),EVP_md2())
200#define EVP_rsa_md5() 170#define EVP_rsa_md5() \
201 EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\ 171 EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\
202 EVP_rsa_pkcs1(),EVP_md5()) 172 EVP_rsa_pkcs1(),EVP_md5())
203#define EVP_rsa_sha0() 173#define EVP_rsa_sha0() \
204 EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\ 174 EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\
205 EVP_rsa_pkcs1(),EVP_sha()) 175 EVP_rsa_pkcs1(),EVP_sha())
206#define EVP_rsa_sha1() 176#define EVP_rsa_sha1() \
207 EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\ 177 EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\
208 EVP_rsa_pkcs1(),EVP_sha1()) 178 EVP_rsa_pkcs1(),EVP_sha1())
209#define EVP_rsa_ripemd160() 179#define EVP_rsa_ripemd160() \
210 EVP_PKEY_MD_add(NID_ripemd160WithRSA,\ 180 EVP_PKEY_MD_add(NID_ripemd160WithRSA,\
211 EVP_rsa_pkcs1(),EVP_ripemd160()) 181 EVP_rsa_pkcs1(),EVP_ripemd160())
212#define EVP_rsa_mdc2() 182#define EVP_rsa_mdc2() \
213 EVP_PKEY_MD_add(NID_mdc2WithRSA,\ 183 EVP_PKEY_MD_add(NID_mdc2WithRSA,\
214 EVP_rsa_octet_string(),EVP_mdc2()) 184 EVP_rsa_octet_string(),EVP_mdc2())
215#define EVP_dsa_sha() 185#define EVP_dsa_sha() \
216 EVP_PKEY_MD_add(NID_dsaWithSHA,\ 186 EVP_PKEY_MD_add(NID_dsaWithSHA,\
217 EVP_dsa(),EVP_mdc2()) 187 EVP_dsa(),EVP_sha())
218#define EVP_dsa_sha1() 188#define EVP_dsa_sha1() \
219 EVP_PKEY_MD_add(NID_dsaWithSHA1,\ 189 EVP_PKEY_MD_add(NID_dsaWithSHA1,\
220 EVP_dsa(),EVP_sha1()) 190 EVP_dsa(),EVP_sha1())
221 191
@@ -230,7 +200,6 @@ typedef struct evp_pkey_method_st
230 int (*sign)(); 200 int (*sign)();
231 int (*verify)(); 201 int (*verify)();
232 struct { 202 struct {
233 int
234 int (*set)(); /* get and/or set the underlying type */ 203 int (*set)(); /* get and/or set the underlying type */
235 int (*get)(); 204 int (*get)();
236 int (*encrypt)(); 205 int (*encrypt)();
@@ -245,25 +214,32 @@ typedef struct evp_pkey_method_st
245#endif 214#endif
246 215
247#ifndef EVP_MD 216#ifndef EVP_MD
248typedef struct env_md_st 217struct env_md_st
249 { 218 {
250 int type; 219 int type;
251 int pkey_type; 220 int pkey_type;
252 int md_size; 221 int md_size;
253 void (*init)(); 222 unsigned long flags;
254 void (*update)(); 223 int (*init)(EVP_MD_CTX *ctx);
255 void (*final)(); 224 int (*update)(EVP_MD_CTX *ctx,const void *data,unsigned long count);
256 225 int (*final)(EVP_MD_CTX *ctx,unsigned char *md);
226 int (*copy)(EVP_MD_CTX *to,const EVP_MD_CTX *from);
227 int (*cleanup)(EVP_MD_CTX *ctx);
228
229 /* FIXME: prototype these some day */
257 int (*sign)(); 230 int (*sign)();
258 int (*verify)(); 231 int (*verify)();
259 int required_pkey_type[5]; /*EVP_PKEY_xxx */ 232 int required_pkey_type[5]; /*EVP_PKEY_xxx */
260 int block_size; 233 int block_size;
261 int ctx_size; /* how big does the ctx need to be */ 234 int ctx_size; /* how big does the ctx->md_data need to be */
262 } EVP_MD; 235 } /* EVP_MD */;
236
237#define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single
238 * block */
263 239
264#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} 240#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
265 241
266#ifndef NO_DSA 242#ifndef OPENSSL_NO_DSA
267#define EVP_PKEY_DSA_method DSA_sign,DSA_verify, \ 243#define EVP_PKEY_DSA_method DSA_sign,DSA_verify, \
268 {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \ 244 {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
269 EVP_PKEY_DSA4,0} 245 EVP_PKEY_DSA4,0}
@@ -271,7 +247,7 @@ typedef struct env_md_st
271#define EVP_PKEY_DSA_method EVP_PKEY_NULL_method 247#define EVP_PKEY_DSA_method EVP_PKEY_NULL_method
272#endif 248#endif
273 249
274#ifndef NO_RSA 250#ifndef OPENSSL_NO_RSA
275#define EVP_PKEY_RSA_method RSA_sign,RSA_verify, \ 251#define EVP_PKEY_RSA_method RSA_sign,RSA_verify, \
276 {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} 252 {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
277#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \ 253#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
@@ -285,103 +261,98 @@ typedef struct env_md_st
285 261
286#endif /* !EVP_MD */ 262#endif /* !EVP_MD */
287 263
288typedef struct env_md_ctx_st 264struct env_md_ctx_st
289 { 265 {
290 EVP_MD *digest; 266 const EVP_MD *digest;
291 union { 267 ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */
292 unsigned char base[4]; 268 unsigned long flags;
293#ifndef NO_MD2 269 void *md_data;
294 MD2_CTX md2; 270 } /* EVP_MD_CTX */;
295#endif 271
296#ifndef NO_MD5 272/* values for EVP_MD_CTX flags */
297 MD5_CTX md5;
298#endif
299#ifndef NO_MD5
300 RIPEMD160_CTX ripemd160;
301#endif
302#if !defined(NO_SHA) || !defined(NO_SHA1)
303 SHA_CTX sha;
304#endif
305#ifndef NO_MDC2
306 MDC2_CTX mdc2;
307#endif
308 } md;
309 } EVP_MD_CTX;
310 273
311typedef struct evp_cipher_st 274#define EVP_MD_CTX_FLAG_ONESHOT 0x0001 /* digest update will be called
275 * once only */
276#define EVP_MD_CTX_FLAG_CLEANED 0x0002 /* context has already been
277 * cleaned */
278
279struct evp_cipher_st
312 { 280 {
313 int nid; 281 int nid;
314 int block_size; 282 int block_size;
315 int key_len; 283 int key_len; /* Default value for variable length ciphers */
316 int iv_len; 284 int iv_len;
317 void (*init)(); /* init for encryption */ 285 unsigned long flags; /* Various flags */
318 void (*do_cipher)(); /* encrypt data */ 286 int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
319 void (*cleanup)(); /* used by cipher method */ 287 const unsigned char *iv, int enc); /* init key */
320 int ctx_size; /* how big the ctx needs to be */ 288 int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
321 /* int set_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */ 289 const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */
322 int (*set_asn1_parameters)(); /* Populate a ASN1_TYPE with parameters */ 290 int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
323 /* int get_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */ 291 int ctx_size; /* how big ctx->cipher_data needs to be */
324 int (*get_asn1_parameters)(); /* Get parameters from a ASN1_TYPE */ 292 int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
325 } EVP_CIPHER; 293 int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
294 int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
295 void *app_data; /* Application data */
296 } /* EVP_CIPHER */;
297
298/* Values for cipher flags */
299
300/* Modes for ciphers */
301
302#define EVP_CIPH_STREAM_CIPHER 0x0
303#define EVP_CIPH_ECB_MODE 0x1
304#define EVP_CIPH_CBC_MODE 0x2
305#define EVP_CIPH_CFB_MODE 0x3
306#define EVP_CIPH_OFB_MODE 0x4
307#define EVP_CIPH_MODE 0x7
308/* Set if variable length cipher */
309#define EVP_CIPH_VARIABLE_LENGTH 0x8
310/* Set if the iv handling should be done by the cipher itself */
311#define EVP_CIPH_CUSTOM_IV 0x10
312/* Set if the cipher's init() function should be called if key is NULL */
313#define EVP_CIPH_ALWAYS_CALL_INIT 0x20
314/* Call ctrl() to init cipher parameters */
315#define EVP_CIPH_CTRL_INIT 0x40
316/* Don't use standard key length function */
317#define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80
318/* Don't use standard block padding */
319#define EVP_CIPH_NO_PADDING 0x100
320
321/* ctrl() values */
322
323#define EVP_CTRL_INIT 0x0
324#define EVP_CTRL_SET_KEY_LENGTH 0x1
325#define EVP_CTRL_GET_RC2_KEY_BITS 0x2
326#define EVP_CTRL_SET_RC2_KEY_BITS 0x3
327#define EVP_CTRL_GET_RC5_ROUNDS 0x4
328#define EVP_CTRL_SET_RC5_ROUNDS 0x5
326 329
327typedef struct evp_cipher_info_st 330typedef struct evp_cipher_info_st
328 { 331 {
329 EVP_CIPHER *cipher; 332 const EVP_CIPHER *cipher;
330 unsigned char iv[EVP_MAX_IV_LENGTH]; 333 unsigned char iv[EVP_MAX_IV_LENGTH];
331 } EVP_CIPHER_INFO; 334 } EVP_CIPHER_INFO;
332 335
333typedef struct evp_cipher_ctx_st 336struct evp_cipher_ctx_st
334 { 337 {
335 EVP_CIPHER *cipher; 338 const EVP_CIPHER *cipher;
339 ENGINE *engine; /* functional reference if 'cipher' is ENGINE-provided */
336 int encrypt; /* encrypt or decrypt */ 340 int encrypt; /* encrypt or decrypt */
337 int buf_len; /* number we have left */ 341 int buf_len; /* number we have left */
338 342
339 unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */ 343 unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
340 unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */ 344 unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
341 unsigned char buf[EVP_MAX_IV_LENGTH]; /* saved partial block */ 345 unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
342 int num; /* used by cfb/ofb mode */ 346 int num; /* used by cfb/ofb mode */
343 347
344 char *app_data; /* aplication stuff */ 348 void *app_data; /* application stuff */
345 union { 349 int key_len; /* May change for variable length cipher */
346#ifndef NO_RC4 350 unsigned long flags; /* Various flags */
347 struct 351 void *cipher_data; /* per EVP data */
348 { 352 int final_used;
349 unsigned char key[EVP_RC4_KEY_SIZE]; 353 int block_mask;
350 RC4_KEY ks; /* working key */ 354 unsigned char final[EVP_MAX_BLOCK_LENGTH];/* possible final block */
351 } rc4; 355 } /* EVP_CIPHER_CTX */;
352#endif
353#ifndef NO_DES
354 des_key_schedule des_ks;/* key schedule */
355 struct
356 {
357 des_key_schedule ks;/* key schedule */
358 C_Block inw;
359 C_Block outw;
360 } desx_cbc;
361 struct
362 {
363 des_key_schedule ks1;/* key schedule */
364 des_key_schedule ks2;/* key schedule (for ede) */
365 des_key_schedule ks3;/* key schedule (for ede3) */
366 } des_ede;
367#endif
368#ifndef NO_IDEA
369 IDEA_KEY_SCHEDULE idea_ks;/* key schedule */
370#endif
371#ifndef NO_RC2
372 RC2_KEY rc2_ks;/* key schedule */
373#endif
374#ifndef NO_RC5
375 RC5_32_KEY rc5_ks;/* key schedule */
376#endif
377#ifndef NO_BLOWFISH
378 BF_KEY bf_ks;/* key schedule */
379#endif
380#ifndef NO_CAST
381 CAST_KEY cast_ks;/* key schedule */
382#endif
383 } c;
384 } EVP_CIPHER_CTX;
385 356
386typedef struct evp_Encode_Ctx_st 357typedef struct evp_Encode_Ctx_st
387 { 358 {
@@ -396,12 +367,25 @@ typedef struct evp_Encode_Ctx_st
396 int expect_nl; 367 int expect_nl;
397 } EVP_ENCODE_CTX; 368 } EVP_ENCODE_CTX;
398 369
370/* Password based encryption function */
371typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
372 ASN1_TYPE *param, const EVP_CIPHER *cipher,
373 const EVP_MD *md, int en_de);
374
375#ifndef OPENSSL_NO_RSA
399#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ 376#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
400 (char *)(rsa)) 377 (char *)(rsa))
378#endif
379
380#ifndef OPENSSL_NO_DSA
401#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\ 381#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
402 (char *)(dsa)) 382 (char *)(dsa))
383#endif
384
385#ifndef OPENSSL_NO_DH
403#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\ 386#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
404 (char *)(dh)) 387 (char *)(dh))
388#endif
405 389
406/* Add some extra combinations */ 390/* Add some extra combinations */
407#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a)) 391#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
@@ -410,77 +394,124 @@ typedef struct evp_Encode_Ctx_st
410#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) 394#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
411 395
412#define EVP_MD_type(e) ((e)->type) 396#define EVP_MD_type(e) ((e)->type)
397#define EVP_MD_nid(e) EVP_MD_type(e)
398#define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e))
413#define EVP_MD_pkey_type(e) ((e)->pkey_type) 399#define EVP_MD_pkey_type(e) ((e)->pkey_type)
414#define EVP_MD_size(e) ((e)->md_size) 400#define EVP_MD_size(e) ((e)->md_size)
415#define EVP_MD_block_size(e) ((e)->block_size) 401#define EVP_MD_block_size(e) ((e)->block_size)
416 402
403#define EVP_MD_CTX_md(e) ((e)->digest)
417#define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest) 404#define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest)
418#define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest) 405#define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest)
419#define EVP_MD_CTX_type(e) ((e)->digest) 406#define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest)
420 407
421#define EVP_CIPHER_nid(e) ((e)->nid) 408#define EVP_CIPHER_nid(e) ((e)->nid)
409#define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e))
422#define EVP_CIPHER_block_size(e) ((e)->block_size) 410#define EVP_CIPHER_block_size(e) ((e)->block_size)
423#define EVP_CIPHER_key_length(e) ((e)->key_len) 411#define EVP_CIPHER_key_length(e) ((e)->key_len)
424#define EVP_CIPHER_iv_length(e) ((e)->iv_len) 412#define EVP_CIPHER_iv_length(e) ((e)->iv_len)
413#define EVP_CIPHER_flags(e) ((e)->flags)
414#define EVP_CIPHER_mode(e) (((e)->flags) & EVP_CIPH_MODE)
425 415
426#define EVP_CIPHER_CTX_cipher(e) ((e)->cipher) 416#define EVP_CIPHER_CTX_cipher(e) ((e)->cipher)
427#define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid) 417#define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid)
428#define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size) 418#define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size)
429#define EVP_CIPHER_CTX_key_length(e) ((e)->cipher->key_len) 419#define EVP_CIPHER_CTX_key_length(e) ((e)->key_len)
430#define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len) 420#define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len)
431#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) 421#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
432#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d)) 422#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
423#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
424#define EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags)
425#define EVP_CIPHER_CTX_mode(e) ((e)->cipher->flags & EVP_CIPH_MODE)
433 426
434#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80) 427#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
435#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80) 428#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80)
436 429
430#define EVP_SignInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c)
437#define EVP_SignInit(a,b) EVP_DigestInit(a,b) 431#define EVP_SignInit(a,b) EVP_DigestInit(a,b)
438#define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c) 432#define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
433#define EVP_VerifyInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c)
439#define EVP_VerifyInit(a,b) EVP_DigestInit(a,b) 434#define EVP_VerifyInit(a,b) EVP_DigestInit(a,b)
440#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) 435#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
441#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e) 436#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
442#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e) 437#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
443 438
444#define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md) 439#ifdef CONST_STRICT
440void BIO_set_md(BIO *,const EVP_MD *md);
441#else
442# define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
443#endif
445#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp) 444#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
446#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp) 445#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
447#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL) 446#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
447#define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
448 448
449#define EVP_Cipher(c,o,i,l) (c)->cipher->do_cipher((c),(o),(i),(l)) 449#define EVP_Cipher(c,o,i,l) (c)->cipher->do_cipher((c),(o),(i),(l))
450 450
451#ifndef NOPROTO 451#define EVP_add_cipher_alias(n,alias) \
452 452 OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
453void EVP_DigestInit(EVP_MD_CTX *ctx, EVP_MD *type); 453#define EVP_add_digest_alias(n,alias) \
454void EVP_DigestUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt); 454 OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
455void EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); 455#define EVP_delete_cipher_alias(alias) \
456 456 OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
457int EVP_read_pw_string(char *buf,int length,char *prompt,int verify); 457#define EVP_delete_digest_alias(alias) \
458 OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
459
460void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
461int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
462EVP_MD_CTX *EVP_MD_CTX_create(void);
463void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
464int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);
465#define EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
466#define EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs))
467#define EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs))
468int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
469int EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
470 unsigned int cnt);
471int EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
472int EVP_Digest(void *data, unsigned int count,
473 unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl);
474
475int EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in);
476int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
477int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
478
479int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
458void EVP_set_pw_prompt(char *prompt); 480void EVP_set_pw_prompt(char *prompt);
459char * EVP_get_pw_prompt(void); 481char * EVP_get_pw_prompt(void);
460 482
461int EVP_BytesToKey(EVP_CIPHER *type,EVP_MD *md,unsigned char *salt, 483int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
462 unsigned char *data, int datal, int count, 484 const unsigned char *salt, const unsigned char *data,
463 unsigned char *key,unsigned char *iv); 485 int datal, int count, unsigned char *key,unsigned char *iv);
464 486
465EVP_CIPHER *EVP_get_cipherbyname(char *name); 487int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
466 488 const unsigned char *key, const unsigned char *iv);
467void EVP_EncryptInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type, 489int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
468 unsigned char *key, unsigned char *iv); 490 const unsigned char *key, const unsigned char *iv);
469void EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, 491int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
470 int *outl, unsigned char *in, int inl); 492 int *outl, const unsigned char *in, int inl);
471void EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); 493int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
472 494int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
473void EVP_DecryptInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type, 495
474 unsigned char *key, unsigned char *iv); 496int EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
475void EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, 497 const unsigned char *key, const unsigned char *iv);
476 int *outl, unsigned char *in, int inl); 498int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
499 const unsigned char *key, const unsigned char *iv);
500int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
501 int *outl, const unsigned char *in, int inl);
477int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); 502int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
478 503int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
479void EVP_CipherInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type, unsigned char *key, 504
480 unsigned char *iv,int enc); 505int EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
481void EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, 506 const unsigned char *key,const unsigned char *iv,
482 int *outl, unsigned char *in, int inl); 507 int enc);
508int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
509 const unsigned char *key,const unsigned char *iv,
510 int enc);
511int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
512 int *outl, const unsigned char *in, int inl);
483int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); 513int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
514int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
484 515
485int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s, 516int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
486 EVP_PKEY *pkey); 517 EVP_PKEY *pkey);
@@ -488,100 +519,171 @@ int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
488int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, 519int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf,
489 unsigned int siglen,EVP_PKEY *pkey); 520 unsigned int siglen,EVP_PKEY *pkey);
490 521
491int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek, 522int EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,unsigned char *ek,
492 int ekl,unsigned char *iv,EVP_PKEY *priv); 523 int ekl,unsigned char *iv,EVP_PKEY *priv);
493int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); 524int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
494 525
495int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek, 526int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
496 int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk); 527 int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
497void EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl); 528int EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
498 529
499void EVP_EncodeInit(EVP_ENCODE_CTX *ctx); 530void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
500void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out, 531void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,
501 int *outl,unsigned char *in,int inl); 532 int *outl,unsigned char *in,int inl);
502void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl); 533void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl);
503int EVP_EncodeBlock(unsigned char *t, unsigned char *f, int n); 534int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
504 535
505void EVP_DecodeInit(EVP_ENCODE_CTX *ctx); 536void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
506int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl, 537int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
507 unsigned char *in, int inl); 538 unsigned char *in, int inl);
508int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned 539int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
509 char *out, int *outl); 540 char *out, int *outl);
510int EVP_DecodeBlock(unsigned char *t, unsigned 541int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
511 char *f, int n);
512
513void ERR_load_EVP_strings(void );
514 542
515void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a); 543void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
516void EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); 544int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
545int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
546int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad);
547int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
517 548
518#ifdef HEADER_BIO_H 549#ifndef OPENSSL_NO_BIO
519BIO_METHOD *BIO_f_md(void); 550BIO_METHOD *BIO_f_md(void);
520BIO_METHOD *BIO_f_base64(void); 551BIO_METHOD *BIO_f_base64(void);
521BIO_METHOD *BIO_f_cipher(void); 552BIO_METHOD *BIO_f_cipher(void);
522void BIO_set_cipher(BIO *b,EVP_CIPHER *c,unsigned char *k, 553BIO_METHOD *BIO_f_reliable(void);
554void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,unsigned char *k,
523 unsigned char *i, int enc); 555 unsigned char *i, int enc);
524#endif 556#endif
525 557
526EVP_MD *EVP_md_null(void); 558const EVP_MD *EVP_md_null(void);
527EVP_MD *EVP_md2(void); 559#ifndef OPENSSL_NO_MD2
528EVP_MD *EVP_md5(void); 560const EVP_MD *EVP_md2(void);
529EVP_MD *EVP_sha(void); 561#endif
530EVP_MD *EVP_sha1(void); 562#ifndef OPENSSL_NO_MD4
531EVP_MD *EVP_dss(void); 563const EVP_MD *EVP_md4(void);
532EVP_MD *EVP_dss1(void); 564#endif
533EVP_MD *EVP_mdc2(void); 565#ifndef OPENSSL_NO_MD5
534EVP_MD *EVP_ripemd160(void); 566const EVP_MD *EVP_md5(void);
535 567#endif
536EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */ 568#ifndef OPENSSL_NO_SHA
537EVP_CIPHER *EVP_des_ecb(void); 569const EVP_MD *EVP_sha(void);
538EVP_CIPHER *EVP_des_ede(void); 570const EVP_MD *EVP_sha1(void);
539EVP_CIPHER *EVP_des_ede3(void); 571const EVP_MD *EVP_dss(void);
540EVP_CIPHER *EVP_des_cfb(void); 572const EVP_MD *EVP_dss1(void);
541EVP_CIPHER *EVP_des_ede_cfb(void); 573#endif
542EVP_CIPHER *EVP_des_ede3_cfb(void); 574#ifndef OPENSSL_NO_MDC2
543EVP_CIPHER *EVP_des_ofb(void); 575const EVP_MD *EVP_mdc2(void);
544EVP_CIPHER *EVP_des_ede_ofb(void); 576#endif
545EVP_CIPHER *EVP_des_ede3_ofb(void); 577#ifndef OPENSSL_NO_RIPEMD
546EVP_CIPHER *EVP_des_cbc(void); 578const EVP_MD *EVP_ripemd160(void);
547EVP_CIPHER *EVP_des_ede_cbc(void); 579#endif
548EVP_CIPHER *EVP_des_ede3_cbc(void); 580const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
549EVP_CIPHER *EVP_desx_cbc(void); 581#ifndef OPENSSL_NO_DES
550EVP_CIPHER *EVP_rc4(void); 582const EVP_CIPHER *EVP_des_ecb(void);
551EVP_CIPHER *EVP_rc4_40(void); 583const EVP_CIPHER *EVP_des_ede(void);
552EVP_CIPHER *EVP_idea_ecb(void); 584const EVP_CIPHER *EVP_des_ede3(void);
553EVP_CIPHER *EVP_idea_cfb(void); 585const EVP_CIPHER *EVP_des_cfb(void);
554EVP_CIPHER *EVP_idea_ofb(void); 586const EVP_CIPHER *EVP_des_ede_cfb(void);
555EVP_CIPHER *EVP_idea_cbc(void); 587const EVP_CIPHER *EVP_des_ede3_cfb(void);
556EVP_CIPHER *EVP_rc2_ecb(void); 588const EVP_CIPHER *EVP_des_ofb(void);
557EVP_CIPHER *EVP_rc2_cbc(void); 589const EVP_CIPHER *EVP_des_ede_ofb(void);
558EVP_CIPHER *EVP_rc2_40_cbc(void); 590const EVP_CIPHER *EVP_des_ede3_ofb(void);
559EVP_CIPHER *EVP_rc2_cfb(void); 591const EVP_CIPHER *EVP_des_cbc(void);
560EVP_CIPHER *EVP_rc2_ofb(void); 592const EVP_CIPHER *EVP_des_ede_cbc(void);
561EVP_CIPHER *EVP_bf_ecb(void); 593const EVP_CIPHER *EVP_des_ede3_cbc(void);
562EVP_CIPHER *EVP_bf_cbc(void); 594const EVP_CIPHER *EVP_desx_cbc(void);
563EVP_CIPHER *EVP_bf_cfb(void); 595/* This should now be supported through the dev_crypto ENGINE. But also, why are
564EVP_CIPHER *EVP_bf_ofb(void); 596 * rc4 and md5 declarations made here inside a "NO_DES" precompiler branch? */
565EVP_CIPHER *EVP_cast5_ecb(void); 597#if 0
566EVP_CIPHER *EVP_cast5_cbc(void); 598# ifdef OPENSSL_OPENBSD_DEV_CRYPTO
567EVP_CIPHER *EVP_cast5_cfb(void); 599const EVP_CIPHER *EVP_dev_crypto_des_ede3_cbc(void);
568EVP_CIPHER *EVP_cast5_ofb(void); 600const EVP_CIPHER *EVP_dev_crypto_rc4(void);
569EVP_CIPHER *EVP_rc5_32_12_16_cbc(void); 601const EVP_MD *EVP_dev_crypto_md5(void);
570EVP_CIPHER *EVP_rc5_32_12_16_ecb(void); 602# endif
571EVP_CIPHER *EVP_rc5_32_12_16_cfb(void); 603#endif
572EVP_CIPHER *EVP_rc5_32_12_16_ofb(void); 604#endif
573 605#ifndef OPENSSL_NO_RC4
574void SSLeay_add_all_algorithms(void); 606const EVP_CIPHER *EVP_rc4(void);
575void SSLeay_add_all_ciphers(void); 607const EVP_CIPHER *EVP_rc4_40(void);
576void SSLeay_add_all_digests(void); 608#endif
577 609#ifndef OPENSSL_NO_IDEA
578int EVP_add_cipher(EVP_CIPHER *cipher); 610const EVP_CIPHER *EVP_idea_ecb(void);
579int EVP_add_digest(EVP_MD *digest); 611const EVP_CIPHER *EVP_idea_cfb(void);
580int EVP_add_alias(char *name,char *alias); 612const EVP_CIPHER *EVP_idea_ofb(void);
581int EVP_delete_alias(char *name); 613const EVP_CIPHER *EVP_idea_cbc(void);
582 614#endif
583EVP_CIPHER *EVP_get_cipherbyname(char *name); 615#ifndef OPENSSL_NO_RC2
584EVP_MD *EVP_get_digestbyname(char *name); 616const EVP_CIPHER *EVP_rc2_ecb(void);
617const EVP_CIPHER *EVP_rc2_cbc(void);
618const EVP_CIPHER *EVP_rc2_40_cbc(void);
619const EVP_CIPHER *EVP_rc2_64_cbc(void);
620const EVP_CIPHER *EVP_rc2_cfb(void);
621const EVP_CIPHER *EVP_rc2_ofb(void);
622#endif
623#ifndef OPENSSL_NO_BF
624const EVP_CIPHER *EVP_bf_ecb(void);
625const EVP_CIPHER *EVP_bf_cbc(void);
626const EVP_CIPHER *EVP_bf_cfb(void);
627const EVP_CIPHER *EVP_bf_ofb(void);
628#endif
629#ifndef OPENSSL_NO_CAST
630const EVP_CIPHER *EVP_cast5_ecb(void);
631const EVP_CIPHER *EVP_cast5_cbc(void);
632const EVP_CIPHER *EVP_cast5_cfb(void);
633const EVP_CIPHER *EVP_cast5_ofb(void);
634#endif
635#ifndef OPENSSL_NO_RC5
636const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
637const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
638const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
639const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
640#endif
641#ifndef OPENSSL_NO_AES
642const EVP_CIPHER *EVP_aes_128_ecb(void);
643const EVP_CIPHER *EVP_aes_128_cbc(void);
644const EVP_CIPHER *EVP_aes_128_cfb(void);
645const EVP_CIPHER *EVP_aes_128_ofb(void);
646#if 0
647const EVP_CIPHER *EVP_aes_128_ctr(void);
648#endif
649const EVP_CIPHER *EVP_aes_192_ecb(void);
650const EVP_CIPHER *EVP_aes_192_cbc(void);
651const EVP_CIPHER *EVP_aes_192_cfb(void);
652const EVP_CIPHER *EVP_aes_192_ofb(void);
653#if 0
654const EVP_CIPHER *EVP_aes_192_ctr(void);
655#endif
656const EVP_CIPHER *EVP_aes_256_ecb(void);
657const EVP_CIPHER *EVP_aes_256_cbc(void);
658const EVP_CIPHER *EVP_aes_256_cfb(void);
659const EVP_CIPHER *EVP_aes_256_ofb(void);
660#if 0
661const EVP_CIPHER *EVP_aes_256_ctr(void);
662#endif
663#endif
664
665void OPENSSL_add_all_algorithms_noconf(void);
666void OPENSSL_add_all_algorithms_conf(void);
667
668#ifdef OPENSSL_LOAD_CONF
669#define OpenSSL_add_all_algorithms() \
670 OPENSSL_add_all_algorithms_conf()
671#else
672#define OpenSSL_add_all_algorithms() \
673 OPENSSL_add_all_algorithms_noconf()
674#endif
675
676void OpenSSL_add_all_ciphers(void);
677void OpenSSL_add_all_digests(void);
678#define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
679#define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
680#define SSLeay_add_all_digests() OpenSSL_add_all_digests()
681
682int EVP_add_cipher(const EVP_CIPHER *cipher);
683int EVP_add_digest(const EVP_MD *digest);
684
685const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
686const EVP_MD *EVP_get_digestbyname(const char *name);
585void EVP_cleanup(void); 687void EVP_cleanup(void);
586 688
587int EVP_PKEY_decrypt(unsigned char *dec_key,unsigned char *enc_key, 689int EVP_PKEY_decrypt(unsigned char *dec_key,unsigned char *enc_key,
@@ -592,6 +694,24 @@ int EVP_PKEY_type(int type);
592int EVP_PKEY_bits(EVP_PKEY *pkey); 694int EVP_PKEY_bits(EVP_PKEY *pkey);
593int EVP_PKEY_size(EVP_PKEY *pkey); 695int EVP_PKEY_size(EVP_PKEY *pkey);
594int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key); 696int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
697
698#ifndef OPENSSL_NO_RSA
699struct rsa_st;
700int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,struct rsa_st *key);
701struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
702#endif
703#ifndef OPENSSL_NO_DSA
704struct dsa_st;
705int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,struct dsa_st *key);
706struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
707#endif
708#ifndef OPENSSL_NO_DH
709struct dh_st;
710int EVP_PKEY_set1_DH(EVP_PKEY *pkey,struct dh_st *key);
711struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
712#endif
713
714
595EVP_PKEY * EVP_PKEY_new(void); 715EVP_PKEY * EVP_PKEY_new(void);
596void EVP_PKEY_free(EVP_PKEY *pkey); 716void EVP_PKEY_free(EVP_PKEY *pkey);
597EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp, 717EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp,
@@ -600,6 +720,8 @@ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
600 720
601EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp, 721EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp,
602 long length); 722 long length);
723EVP_PKEY * d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp,
724 long length);
603int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp); 725int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
604 726
605int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from); 727int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from);
@@ -607,6 +729,8 @@ int EVP_PKEY_missing_parameters(EVP_PKEY *pkey);
607int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode); 729int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode);
608int EVP_PKEY_cmp_parameters(EVP_PKEY *a,EVP_PKEY *b); 730int EVP_PKEY_cmp_parameters(EVP_PKEY *a,EVP_PKEY *b);
609 731
732int EVP_CIPHER_type(const EVP_CIPHER *ctx);
733
610/* calls methods */ 734/* calls methods */
611int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type); 735int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
612int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type); 736int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
@@ -615,179 +739,106 @@ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
615int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type); 739int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
616int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type); 740int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
617 741
618#else 742/* PKCS5 password based encryption */
619 743int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
620void EVP_DigestInit(); 744 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
621void EVP_DigestUpdate(); 745 int en_de);
622void EVP_DigestFinal(); 746int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
623 747 unsigned char *salt, int saltlen, int iter,
624int EVP_read_pw_string(); 748 int keylen, unsigned char *out);
625void EVP_set_pw_prompt(); 749int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
626char * EVP_get_pw_prompt(); 750 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
627 751 int en_de);
628int EVP_BytesToKey(); 752
629 753void PKCS5_PBE_add(void);
630EVP_CIPHER *EVP_get_cipherbyname(); 754
631 755int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
632void EVP_EncryptInit(); 756 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
633void EVP_EncryptUpdate(); 757int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
634void EVP_EncryptFinal(); 758 EVP_PBE_KEYGEN *keygen);
635 759void EVP_PBE_cleanup(void);
636void EVP_DecryptInit();
637void EVP_DecryptUpdate();
638int EVP_DecryptFinal();
639
640void EVP_CipherInit();
641void EVP_CipherUpdate();
642int EVP_CipherFinal();
643
644int EVP_SignFinal();
645
646int EVP_VerifyFinal();
647
648int EVP_OpenInit();
649int EVP_OpenFinal();
650
651int EVP_SealInit();
652void EVP_SealFinal();
653
654void EVP_EncodeInit();
655void EVP_EncodeUpdate();
656void EVP_EncodeFinal();
657int EVP_EncodeBlock();
658
659void EVP_DecodeInit();
660int EVP_DecodeUpdate();
661int EVP_DecodeFinal();
662int EVP_DecodeBlock();
663
664void ERR_load_EVP_strings();
665
666void EVP_CIPHER_CTX_init();
667void EVP_CIPHER_CTX_cleanup();
668
669#ifdef HEADER_BIO_H
670BIO_METHOD *BIO_f_md();
671BIO_METHOD *BIO_f_base64();
672BIO_METHOD *BIO_f_cipher();
673void BIO_set_cipher();
674#endif
675
676EVP_MD *EVP_md_null();
677EVP_MD *EVP_md2();
678EVP_MD *EVP_md5();
679EVP_MD *EVP_sha();
680EVP_MD *EVP_sha1();
681EVP_MD *EVP_dss();
682EVP_MD *EVP_dss1();
683EVP_MD *EVP_mdc2();
684
685EVP_CIPHER *EVP_enc_null();
686EVP_CIPHER *EVP_des_ecb();
687EVP_CIPHER *EVP_des_ede();
688EVP_CIPHER *EVP_des_ede3();
689EVP_CIPHER *EVP_des_cfb();
690EVP_CIPHER *EVP_des_ede_cfb();
691EVP_CIPHER *EVP_des_ede3_cfb();
692EVP_CIPHER *EVP_des_ofb();
693EVP_CIPHER *EVP_des_ede_ofb();
694EVP_CIPHER *EVP_des_ede3_ofb();
695EVP_CIPHER *EVP_des_cbc();
696EVP_CIPHER *EVP_des_ede_cbc();
697EVP_CIPHER *EVP_des_ede3_cbc();
698EVP_CIPHER *EVP_desx_cbc();
699EVP_CIPHER *EVP_rc4();
700EVP_CIPHER *EVP_rc4_40();
701EVP_CIPHER *EVP_idea_ecb();
702EVP_CIPHER *EVP_idea_cfb();
703EVP_CIPHER *EVP_idea_ofb();
704EVP_CIPHER *EVP_idea_cbc();
705EVP_CIPHER *EVP_rc2_ecb();
706EVP_CIPHER *EVP_rc2_cbc();
707EVP_CIPHER *EVP_rc2_40_cbc();
708EVP_CIPHER *EVP_rc2_cfb();
709EVP_CIPHER *EVP_rc2_ofb();
710EVP_CIPHER *EVP_bf_ecb();
711EVP_CIPHER *EVP_bf_cbc();
712EVP_CIPHER *EVP_bf_cfb();
713EVP_CIPHER *EVP_bf_ofb();
714EVP_CIPHER *EVP_cast5_ecb();
715EVP_CIPHER *EVP_cast5_cbc();
716EVP_CIPHER *EVP_cast5_cfb();
717EVP_CIPHER *EVP_cast5_ofb();
718EVP_CIPHER *EVP_rc5_32_12_16_cbc();
719EVP_CIPHER *EVP_rc5_32_12_16_ecb();
720EVP_CIPHER *EVP_rc5_32_12_16_cfb();
721EVP_CIPHER *EVP_rc5_32_12_16_ofb();
722
723void SSLeay_add_all_algorithms();
724void SSLeay_add_all_ciphers();
725void SSLeay_add_all_digests();
726
727int EVP_add_cipher();
728int EVP_add_digest();
729int EVP_add_alias();
730int EVP_delete_alias();
731
732EVP_CIPHER *EVP_get_cipherbyname();
733EVP_MD *EVP_get_digestbyname();
734void EVP_cleanup();
735
736int EVP_PKEY_decrypt();
737int EVP_PKEY_encrypt();
738int EVP_PKEY_type();
739int EVP_PKEY_bits();
740int EVP_PKEY_size();
741int EVP_PKEY_assign();
742EVP_PKEY * EVP_PKEY_new();
743void EVP_PKEY_free();
744EVP_PKEY * d2i_PublicKey();
745int i2d_PublicKey();
746
747EVP_PKEY * d2i_PrivateKey();
748int i2d_PrivateKey();
749
750int EVP_PKEY_copy_parameters();
751int EVP_PKEY_missing_parameters();
752int EVP_PKEY_save_parameters();
753int EVP_PKEY_cmp_parameters();
754
755int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
756int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
757
758int EVP_CIPHER_set_asn1_iv();
759int EVP_CIPHER_get_asn1_iv();
760
761#endif
762 760
763/* BEGIN ERROR CODES */ 761/* BEGIN ERROR CODES */
762/* The following lines are auto generated by the script mkerr.pl. Any changes
763 * made after this point may be overwritten when the script is next run.
764 */
765void ERR_load_EVP_strings(void);
766
764/* Error codes for the EVP functions. */ 767/* Error codes for the EVP functions. */
765 768
766/* Function codes. */ 769/* Function codes. */
767#define EVP_F_D2I_PKEY 100 770#define EVP_F_D2I_PKEY 100
771#define EVP_F_EVP_CIPHERINIT 123
772#define EVP_F_EVP_CIPHER_CTX_CTRL 124
773#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
768#define EVP_F_EVP_DECRYPTFINAL 101 774#define EVP_F_EVP_DECRYPTFINAL 101
775#define EVP_F_EVP_DIGESTINIT 128
776#define EVP_F_EVP_ENCRYPTFINAL 127
777#define EVP_F_EVP_MD_CTX_COPY 110
769#define EVP_F_EVP_OPENINIT 102 778#define EVP_F_EVP_OPENINIT 102
779#define EVP_F_EVP_PBE_ALG_ADD 115
780#define EVP_F_EVP_PBE_CIPHERINIT 116
781#define EVP_F_EVP_PKCS82PKEY 111
782#define EVP_F_EVP_PKCS8_SET_BROKEN 112
783#define EVP_F_EVP_PKEY2PKCS8 113
770#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103 784#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
771#define EVP_F_EVP_PKEY_DECRYPT 104 785#define EVP_F_EVP_PKEY_DECRYPT 104
772#define EVP_F_EVP_PKEY_ENCRYPT 105 786#define EVP_F_EVP_PKEY_ENCRYPT 105
787#define EVP_F_EVP_PKEY_GET1_DH 119
788#define EVP_F_EVP_PKEY_GET1_DSA 120
789#define EVP_F_EVP_PKEY_GET1_RSA 121
773#define EVP_F_EVP_PKEY_NEW 106 790#define EVP_F_EVP_PKEY_NEW 106
791#define EVP_F_EVP_RIJNDAEL 126
774#define EVP_F_EVP_SIGNFINAL 107 792#define EVP_F_EVP_SIGNFINAL 107
775#define EVP_F_EVP_VERIFYFINAL 108 793#define EVP_F_EVP_VERIFYFINAL 108
794#define EVP_F_PKCS5_PBE_KEYIVGEN 117
795#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
796#define EVP_F_RC2_MAGIC_TO_METH 109
797#define EVP_F_RC5_CTRL 125
776 798
777/* Reason codes. */ 799/* Reason codes. */
800#define EVP_R_BAD_BLOCK_LENGTH 136
778#define EVP_R_BAD_DECRYPT 100 801#define EVP_R_BAD_DECRYPT 100
802#define EVP_R_BAD_KEY_LENGTH 137
803#define EVP_R_BN_DECODE_ERROR 112
804#define EVP_R_BN_PUBKEY_ERROR 113
805#define EVP_R_CIPHER_PARAMETER_ERROR 122
806#define EVP_R_CTRL_NOT_IMPLEMENTED 132
807#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
808#define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138
809#define EVP_R_DECODE_ERROR 114
779#define EVP_R_DIFFERENT_KEY_TYPES 101 810#define EVP_R_DIFFERENT_KEY_TYPES 101
811#define EVP_R_ENCODE_ERROR 115
812#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
813#define EVP_R_EXPECTING_AN_RSA_KEY 127
814#define EVP_R_EXPECTING_A_DH_KEY 128
815#define EVP_R_EXPECTING_A_DSA_KEY 129
816#define EVP_R_INITIALIZATION_ERROR 134
817#define EVP_R_INPUT_NOT_INITIALIZED 111
818#define EVP_R_INVALID_KEY_LENGTH 130
780#define EVP_R_IV_TOO_LARGE 102 819#define EVP_R_IV_TOO_LARGE 102
781#define EVP_R_MISSING_PARMATERS 103 820#define EVP_R_KEYGEN_FAILURE 120
821#define EVP_R_MISSING_PARAMETERS 103
822#define EVP_R_NO_CIPHER_SET 131
823#define EVP_R_NO_DIGEST_SET 139
824#define EVP_R_NO_DSA_PARAMETERS 116
782#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104 825#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
783#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105 826#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
827#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
784#define EVP_R_PUBLIC_KEY_NOT_RSA 106 828#define EVP_R_PUBLIC_KEY_NOT_RSA 106
829#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
830#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
785#define EVP_R_UNSUPPORTED_CIPHER 107 831#define EVP_R_UNSUPPORTED_CIPHER 107
786#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 108 832#define EVP_R_UNSUPPORTED_KEYLENGTH 123
787#define EVP_R_WRONG_PUBLIC_KEY_TYPE 109 833#define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
788 834#define EVP_R_UNSUPPORTED_KEY_SIZE 108
835#define EVP_R_UNSUPPORTED_PRF 125
836#define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118
837#define EVP_R_UNSUPPORTED_SALT_TYPE 126
838#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
839#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
840
789#ifdef __cplusplus 841#ifdef __cplusplus
790} 842}
791#endif 843#endif
792#endif 844#endif
793
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index 93cc3a9464..32a1c7a2e9 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -58,218 +58,369 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "evp.h" 61#include <openssl/evp.h>
62#include <openssl/err.h>
63#include <openssl/engine.h>
64#include "evp_locl.h"
62 65
63char *EVP_version="EVP part of SSLeay 0.9.0b 29-Jun-1998"; 66#include <assert.h>
64 67
65void EVP_CIPHER_CTX_init(ctx) 68const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT;
66EVP_CIPHER_CTX *ctx; 69
70void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
67 { 71 {
68 memset(ctx,0,sizeof(EVP_CIPHER_CTX)); 72 memset(ctx,0,sizeof(EVP_CIPHER_CTX));
69 /* ctx->cipher=NULL; */ 73 /* ctx->cipher=NULL; */
70 } 74 }
71 75
72void EVP_CipherInit(ctx,data,key,iv,enc) 76
73EVP_CIPHER_CTX *ctx; 77int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
74EVP_CIPHER *data; 78 const unsigned char *key, const unsigned char *iv, int enc)
75unsigned char *key;
76unsigned char *iv;
77int enc;
78 { 79 {
79 if (enc) 80 if (cipher)
80 EVP_EncryptInit(ctx,data,key,iv); 81 EVP_CIPHER_CTX_init(ctx);
81 else 82 return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc);
82 EVP_DecryptInit(ctx,data,key,iv);
83 } 83 }
84 84
85void EVP_CipherUpdate(ctx,out,outl,in,inl) 85int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
86EVP_CIPHER_CTX *ctx; 86 const unsigned char *key, const unsigned char *iv, int enc)
87unsigned char *out; 87 {
88int *outl; 88 if (enc == -1)
89unsigned char *in; 89 enc = ctx->encrypt;
90int inl; 90 else
91 {
92 if (enc)
93 enc = 1;
94 ctx->encrypt = enc;
95 }
96 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
97 * so this context may already have an ENGINE! Try to avoid releasing
98 * the previous handle, re-querying for an ENGINE, and having a
99 * reinitialisation, when it may all be unecessary. */
100 if (ctx->engine && ctx->cipher && (!cipher ||
101 (cipher && (cipher->nid == ctx->cipher->nid))))
102 goto skip_to_init;
103 if (cipher)
104 {
105 /* Ensure a context left lying around from last time is cleared
106 * (the previous check attempted to avoid this if the same
107 * ENGINE and EVP_CIPHER could be used). */
108 EVP_CIPHER_CTX_cleanup(ctx);
109
110 /* Restore encrypt field: it is zeroed by cleanup */
111 ctx->encrypt = enc;
112 if(impl)
113 {
114 if (!ENGINE_init(impl))
115 {
116 EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
117 return 0;
118 }
119 }
120 else
121 /* Ask if an ENGINE is reserved for this job */
122 impl = ENGINE_get_cipher_engine(cipher->nid);
123 if(impl)
124 {
125 /* There's an ENGINE for this job ... (apparently) */
126 const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid);
127 if(!c)
128 {
129 /* One positive side-effect of US's export
130 * control history, is that we should at least
131 * be able to avoid using US mispellings of
132 * "initialisation"? */
133 EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
134 return 0;
135 }
136 /* We'll use the ENGINE's private cipher definition */
137 cipher = c;
138 /* Store the ENGINE functional reference so we know
139 * 'cipher' came from an ENGINE and we need to release
140 * it when done. */
141 ctx->engine = impl;
142 }
143 else
144 ctx->engine = NULL;
145
146 ctx->cipher=cipher;
147 ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
148 ctx->key_len = cipher->key_len;
149 ctx->flags = 0;
150 if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT)
151 {
152 if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL))
153 {
154 EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
155 return 0;
156 }
157 }
158 }
159 else if(!ctx->cipher)
160 {
161 EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET);
162 return 0;
163 }
164skip_to_init:
165 /* we assume block size is a power of 2 in *cryptUpdate */
166 assert(ctx->cipher->block_size == 1
167 || ctx->cipher->block_size == 8
168 || ctx->cipher->block_size == 16);
169
170 if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
171 switch(EVP_CIPHER_CTX_mode(ctx)) {
172
173 case EVP_CIPH_STREAM_CIPHER:
174 case EVP_CIPH_ECB_MODE:
175 break;
176
177 case EVP_CIPH_CFB_MODE:
178 case EVP_CIPH_OFB_MODE:
179
180 ctx->num = 0;
181
182 case EVP_CIPH_CBC_MODE:
183
184 if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
185 memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
186 break;
187
188 default:
189 return 0;
190 break;
191 }
192 }
193
194 if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
195 if(!ctx->cipher->init(ctx,key,iv,enc)) return 0;
196 }
197 ctx->buf_len=0;
198 ctx->final_used=0;
199 ctx->block_mask=ctx->cipher->block_size-1;
200 return 1;
201 }
202
203int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
204 const unsigned char *in, int inl)
91 { 205 {
92 if (ctx->encrypt) 206 if (ctx->encrypt)
93 EVP_EncryptUpdate(ctx,out,outl,in,inl); 207 return EVP_EncryptUpdate(ctx,out,outl,in,inl);
94 else EVP_DecryptUpdate(ctx,out,outl,in,inl); 208 else return EVP_DecryptUpdate(ctx,out,outl,in,inl);
95 } 209 }
96 210
97int EVP_CipherFinal(ctx,out,outl) 211int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
98EVP_CIPHER_CTX *ctx;
99unsigned char *out;
100int *outl;
101 { 212 {
102 if (ctx->encrypt) 213 if (ctx->encrypt)
103 { 214 return EVP_EncryptFinal_ex(ctx,out,outl);
104 EVP_EncryptFinal(ctx,out,outl); 215 else return EVP_DecryptFinal_ex(ctx,out,outl);
105 return(1);
106 }
107 else return(EVP_DecryptFinal(ctx,out,outl));
108 } 216 }
109 217
110void EVP_EncryptInit(ctx,cipher,key,iv) 218int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
111EVP_CIPHER_CTX *ctx;
112EVP_CIPHER *cipher;
113unsigned char *key;
114unsigned char *iv;
115 { 219 {
116 if (cipher != NULL) 220 if (ctx->encrypt)
117 ctx->cipher=cipher; 221 return EVP_EncryptFinal(ctx,out,outl);
118 ctx->cipher->init(ctx,key,iv,1); 222 else return EVP_DecryptFinal(ctx,out,outl);
119 ctx->encrypt=1;
120 ctx->buf_len=0;
121 } 223 }
122 224
123void EVP_DecryptInit(ctx,cipher,key,iv) 225int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
124EVP_CIPHER_CTX *ctx; 226 const unsigned char *key, const unsigned char *iv)
125EVP_CIPHER *cipher;
126unsigned char *key;
127unsigned char *iv;
128 { 227 {
129 if (cipher != NULL) 228 return EVP_CipherInit(ctx, cipher, key, iv, 1);
130 ctx->cipher=cipher; 229 }
131 ctx->cipher->init(ctx,key,iv,0); 230
132 ctx->encrypt=0; 231int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
133 ctx->buf_len=0; 232 const unsigned char *key, const unsigned char *iv)
233 {
234 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
235 }
236
237int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
238 const unsigned char *key, const unsigned char *iv)
239 {
240 return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 0);
134 } 241 }
135 242
243int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
244 const unsigned char *key, const unsigned char *iv)
245 {
246 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
247 }
136 248
137void EVP_EncryptUpdate(ctx,out,outl,in,inl) 249int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
138EVP_CIPHER_CTX *ctx; 250 const unsigned char *in, int inl)
139unsigned char *out;
140int *outl;
141unsigned char *in;
142int inl;
143 { 251 {
144 int i,j,bl; 252 int i,j,bl;
145 253
254 if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0)
255 {
256 if(ctx->cipher->do_cipher(ctx,out,in,inl))
257 {
258 *outl=inl;
259 return 1;
260 }
261 else
262 {
263 *outl=0;
264 return 0;
265 }
266 }
146 i=ctx->buf_len; 267 i=ctx->buf_len;
147 bl=ctx->cipher->block_size; 268 bl=ctx->cipher->block_size;
148 *outl=0;
149 if ((inl == 0) && (i != bl)) return;
150 if (i != 0) 269 if (i != 0)
151 { 270 {
152 if (i+inl < bl) 271 if (i+inl < bl)
153 { 272 {
154 memcpy(&(ctx->buf[i]),in,inl); 273 memcpy(&(ctx->buf[i]),in,inl);
155 ctx->buf_len+=inl; 274 ctx->buf_len+=inl;
156 return; 275 *outl=0;
276 return 1;
157 } 277 }
158 else 278 else
159 { 279 {
160 j=bl-i; 280 j=bl-i;
161 if (j != 0) memcpy(&(ctx->buf[i]),in,j); 281 memcpy(&(ctx->buf[i]),in,j);
162 ctx->cipher->do_cipher(ctx,out,ctx->buf,bl); 282 if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,bl)) return 0;
163 inl-=j; 283 inl-=j;
164 in+=j; 284 in+=j;
165 out+=bl; 285 out+=bl;
166 *outl+=bl; 286 *outl=bl;
167 } 287 }
168 } 288 }
169 i=inl%bl; /* how much is left */ 289 else
290 *outl = 0;
291 i=inl&(bl-1);
170 inl-=i; 292 inl-=i;
171 if (inl > 0) 293 if (inl > 0)
172 { 294 {
173 ctx->cipher->do_cipher(ctx,out,in,inl); 295 if(!ctx->cipher->do_cipher(ctx,out,in,inl)) return 0;
174 *outl+=inl; 296 *outl+=inl;
175 } 297 }
176 298
177 if (i != 0) 299 if (i != 0)
178 memcpy(ctx->buf,&(in[inl]),i); 300 memcpy(ctx->buf,&(in[inl]),i);
179 ctx->buf_len=i; 301 ctx->buf_len=i;
302 return 1;
180 } 303 }
181 304
182void EVP_EncryptFinal(ctx,out,outl) 305int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
183EVP_CIPHER_CTX *ctx;
184unsigned char *out;
185int *outl;
186 { 306 {
187 int i,n,b,bl; 307 int ret;
308 ret = EVP_EncryptFinal_ex(ctx, out, outl);
309 return ret;
310 }
311
312int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
313 {
314 int i,n,b,bl,ret;
188 315
189 b=ctx->cipher->block_size; 316 b=ctx->cipher->block_size;
190 if (b == 1) 317 if (b == 1)
191 { 318 {
192 *outl=0; 319 *outl=0;
193 return; 320 return 1;
194 } 321 }
195 bl=ctx->buf_len; 322 bl=ctx->buf_len;
323 if (ctx->flags & EVP_CIPH_NO_PADDING)
324 {
325 if(bl)
326 {
327 EVPerr(EVP_F_EVP_ENCRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
328 return 0;
329 }
330 *outl = 0;
331 return 1;
332 }
333
196 n=b-bl; 334 n=b-bl;
197 for (i=bl; i<b; i++) 335 for (i=bl; i<b; i++)
198 ctx->buf[i]=n; 336 ctx->buf[i]=n;
199 ctx->cipher->do_cipher(ctx,out,ctx->buf,b); 337 ret=ctx->cipher->do_cipher(ctx,out,ctx->buf,b);
200 *outl=b; 338
339
340 if(ret)
341 *outl=b;
342
343 return ret;
201 } 344 }
202 345
203void EVP_DecryptUpdate(ctx,out,outl,in,inl) 346int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
204EVP_CIPHER_CTX *ctx; 347 const unsigned char *in, int inl)
205unsigned char *out;
206int *outl;
207unsigned char *in;
208int inl;
209 { 348 {
210 int b,bl,n; 349 int b, fix_len;
211 int keep_last=0;
212 350
213 *outl=0; 351 if (inl == 0)
214 if (inl == 0) return; 352 {
353 *outl=0;
354 return 1;
355 }
356
357 if (ctx->flags & EVP_CIPH_NO_PADDING)
358 return EVP_EncryptUpdate(ctx, out, outl, in, inl);
215 359
216 b=ctx->cipher->block_size; 360 b=ctx->cipher->block_size;
217 if (b > 1) 361
362 if(ctx->final_used)
218 { 363 {
219 /* Is the input a multiple of the block size? */ 364 memcpy(out,ctx->final,b);
220 bl=ctx->buf_len; 365 out+=b;
221 n=inl+bl; 366 fix_len = 1;
222 if (n%b == 0)
223 {
224 if (inl < b) /* must be 'just one' buff */
225 {
226 memcpy(&(ctx->buf[bl]),in,inl);
227 ctx->buf_len=b;
228 *outl=0;
229 return;
230 }
231 keep_last=1;
232 inl-=b; /* don't do the last block */
233 }
234 } 367 }
235 EVP_EncryptUpdate(ctx,out,outl,in,inl); 368 else
369 fix_len = 0;
370
371
372 if(!EVP_EncryptUpdate(ctx,out,outl,in,inl))
373 return 0;
236 374
237 /* if we have 'decrypted' a multiple of block size, make sure 375 /* if we have 'decrypted' a multiple of block size, make sure
238 * we have a copy of this last block */ 376 * we have a copy of this last block */
239 if (keep_last) 377 if (b > 1 && !ctx->buf_len)
240 { 378 {
241 memcpy(&(ctx->buf[0]),&(in[inl]),b); 379 *outl-=b;
242#ifdef DEBUG 380 ctx->final_used=1;
243 if (ctx->buf_len != 0) 381 memcpy(ctx->final,&out[*outl],b);
244 {
245 abort();
246 }
247#endif
248 ctx->buf_len=b;
249 } 382 }
383 else
384 ctx->final_used = 0;
385
386 if (fix_len)
387 *outl += b;
388
389 return 1;
250 } 390 }
251 391
252int EVP_DecryptFinal(ctx,out,outl) 392int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
253EVP_CIPHER_CTX *ctx; 393 {
254unsigned char *out; 394 int ret;
255int *outl; 395 ret = EVP_DecryptFinal_ex(ctx, out, outl);
396 return ret;
397 }
398
399int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
256 { 400 {
257 int i,b; 401 int i,b;
258 int n; 402 int n;
259 403
260 *outl=0; 404 *outl=0;
261 b=ctx->cipher->block_size; 405 b=ctx->cipher->block_size;
406 if (ctx->flags & EVP_CIPH_NO_PADDING)
407 {
408 if(ctx->buf_len)
409 {
410 EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
411 return 0;
412 }
413 *outl = 0;
414 return 1;
415 }
262 if (b > 1) 416 if (b > 1)
263 { 417 {
264 if (ctx->buf_len != b) 418 if (ctx->buf_len || !ctx->final_used)
265 { 419 {
266 EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH); 420 EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
267 return(0); 421 return(0);
268 } 422 }
269 EVP_EncryptUpdate(ctx,ctx->buf,&n,ctx->buf,0); 423 n=ctx->final[b-1];
270 if (n != b)
271 return(0);
272 n=ctx->buf[b-1];
273 if (n > b) 424 if (n > b)
274 { 425 {
275 EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT); 426 EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
@@ -277,7 +428,7 @@ int *outl;
277 } 428 }
278 for (i=0; i<n; i++) 429 for (i=0; i<n; i++)
279 { 430 {
280 if (ctx->buf[--b] != n) 431 if (ctx->final[--b] != n)
281 { 432 {
282 EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT); 433 EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
283 return(0); 434 return(0);
@@ -285,7 +436,7 @@ int *outl;
285 } 436 }
286 n=ctx->cipher->block_size-n; 437 n=ctx->cipher->block_size-n;
287 for (i=0; i<n; i++) 438 for (i=0; i<n; i++)
288 out[i]=ctx->buf[i]; 439 out[i]=ctx->final[i];
289 *outl=n; 440 *outl=n;
290 } 441 }
291 else 442 else
@@ -293,11 +444,64 @@ int *outl;
293 return(1); 444 return(1);
294 } 445 }
295 446
296void EVP_CIPHER_CTX_cleanup(c) 447int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
297EVP_CIPHER_CTX *c;
298 { 448 {
299 if ((c->cipher != NULL) && (c->cipher->cleanup != NULL)) 449 if (c->cipher != NULL)
300 c->cipher->cleanup(c); 450 {
451 if(c->cipher->cleanup && !c->cipher->cleanup(c))
452 return 0;
453 /* Zero cipher context data */
454 if (c->cipher_data)
455 memset(c->cipher_data, 0, c->cipher->ctx_size);
456 }
457 if (c->cipher_data)
458 OPENSSL_free(c->cipher_data);
459 if (c->engine)
460 /* The EVP_CIPHER we used belongs to an ENGINE, release the
461 * functional reference we held for this reason. */
462 ENGINE_finish(c->engine);
301 memset(c,0,sizeof(EVP_CIPHER_CTX)); 463 memset(c,0,sizeof(EVP_CIPHER_CTX));
464 return 1;
465 }
466
467int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
468 {
469 if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
470 return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL);
471 if(c->key_len == keylen) return 1;
472 if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH))
473 {
474 c->key_len = keylen;
475 return 1;
476 }
477 EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH);
478 return 0;
479 }
480
481int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
482 {
483 if (pad) ctx->flags &= ~EVP_CIPH_NO_PADDING;
484 else ctx->flags |= EVP_CIPH_NO_PADDING;
485 return 1;
486 }
487
488int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
489{
490 int ret;
491 if(!ctx->cipher) {
492 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
493 return 0;
302 } 494 }
303 495
496 if(!ctx->cipher->ctrl) {
497 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
498 return 0;
499 }
500
501 ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
502 if(ret == -1) {
503 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
504 return 0;
505 }
506 return ret;
507}
diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c
index 2b0a0ab93f..3a23d21c21 100644
--- a/src/lib/libcrypto/evp/evp_err.c
+++ b/src/lib/libcrypto/evp/evp_err.c
@@ -1,105 +1,157 @@
1/* lib/evp/evp_err.c */ 1/* crypto/evp/evp_err.c */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) 2/* ====================================================================
3 * All rights reserved. 3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
25 * are met: 7 * are met:
26 * 1. Redistributions of source code must retain the copyright 8 *
27 * notice, this list of conditions and the following disclaimer. 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
28 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the 13 * notice, this list of conditions and the following disclaimer in
30 * documentation and/or other materials provided with the distribution. 14 * the documentation and/or other materials provided with the
31 * 3. All advertising materials mentioning features or use of this software 15 * distribution.
32 * must display the following acknowledgement: 16 *
33 * "This product includes cryptographic software written by 17 * 3. All advertising materials mentioning features or use of this
34 * Eric Young (eay@cryptsoft.com)" 18 * software must display the following acknowledgment:
35 * The word 'cryptographic' can be left out if the rouines from the library 19 * "This product includes software developed by the OpenSSL Project
36 * being used are not cryptographic related :-). 20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
37 * 4. If you include any Windows specific code (or a derivative thereof) from 21 *
38 * the apps directory (application code) you must include an acknowledgement: 22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 23 * endorse or promote products derived from this software without
40 * 24 * prior written permission. For written permission, please contact
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 25 * openssl-core@OpenSSL.org.
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 *
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * 5. Products derived from this software may not be called "OpenSSL"
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 28 * nor may "OpenSSL" appear in their names without prior written
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * permission of the OpenSSL Project.
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 *
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * 6. Redistributions of any form whatsoever must retain the following
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * acknowledgment:
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * "This product includes software developed by the OpenSSL Project
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
51 * SUCH DAMAGE. 35 *
52 * 36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
53 * The licence and distribution terms for any publically available version or 37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
55 * copied and put under another distribution licence 39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
56 * [including the GNU Public Licence.] 40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
57 */ 54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
58#include <stdio.h> 61#include <stdio.h>
59#include "err.h" 62#include <openssl/err.h>
60#include "evp.h" 63#include <openssl/evp.h>
61 64
62/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
63#ifndef NO_ERR 66#ifndef OPENSSL_NO_ERR
64static ERR_STRING_DATA EVP_str_functs[]= 67static ERR_STRING_DATA EVP_str_functs[]=
65 { 68 {
66{ERR_PACK(0,EVP_F_D2I_PKEY,0), "D2I_PKEY"}, 69{ERR_PACK(0,EVP_F_D2I_PKEY,0), "D2I_PKEY"},
70{ERR_PACK(0,EVP_F_EVP_CIPHERINIT,0), "EVP_CipherInit"},
71{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_CTRL,0), "EVP_CIPHER_CTX_ctrl"},
72{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0), "EVP_CIPHER_CTX_set_key_length"},
67{ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0), "EVP_DecryptFinal"}, 73{ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0), "EVP_DecryptFinal"},
74{ERR_PACK(0,EVP_F_EVP_DIGESTINIT,0), "EVP_DigestInit"},
75{ERR_PACK(0,EVP_F_EVP_ENCRYPTFINAL,0), "EVP_EncryptFinal"},
76{ERR_PACK(0,EVP_F_EVP_MD_CTX_COPY,0), "EVP_MD_CTX_copy"},
68{ERR_PACK(0,EVP_F_EVP_OPENINIT,0), "EVP_OpenInit"}, 77{ERR_PACK(0,EVP_F_EVP_OPENINIT,0), "EVP_OpenInit"},
78{ERR_PACK(0,EVP_F_EVP_PBE_ALG_ADD,0), "EVP_PBE_alg_add"},
79{ERR_PACK(0,EVP_F_EVP_PBE_CIPHERINIT,0), "EVP_PBE_CipherInit"},
80{ERR_PACK(0,EVP_F_EVP_PKCS82PKEY,0), "EVP_PKCS82PKEY"},
81{ERR_PACK(0,EVP_F_EVP_PKCS8_SET_BROKEN,0), "EVP_PKCS8_SET_BROKEN"},
82{ERR_PACK(0,EVP_F_EVP_PKEY2PKCS8,0), "EVP_PKEY2PKCS8"},
69{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0), "EVP_PKEY_copy_parameters"}, 83{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0), "EVP_PKEY_copy_parameters"},
70{ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0), "EVP_PKEY_decrypt"}, 84{ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0), "EVP_PKEY_decrypt"},
71{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0), "EVP_PKEY_encrypt"}, 85{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0), "EVP_PKEY_encrypt"},
86{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DH,0), "EVP_PKEY_get1_DH"},
87{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DSA,0), "EVP_PKEY_get1_DSA"},
88{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_RSA,0), "EVP_PKEY_get1_RSA"},
72{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0), "EVP_PKEY_new"}, 89{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0), "EVP_PKEY_new"},
90{ERR_PACK(0,EVP_F_EVP_RIJNDAEL,0), "EVP_RIJNDAEL"},
73{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0), "EVP_SignFinal"}, 91{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0), "EVP_SignFinal"},
74{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0), "EVP_VerifyFinal"}, 92{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0), "EVP_VerifyFinal"},
75{0,NULL}, 93{ERR_PACK(0,EVP_F_PKCS5_PBE_KEYIVGEN,0), "PKCS5_PBE_keyivgen"},
94{ERR_PACK(0,EVP_F_PKCS5_V2_PBE_KEYIVGEN,0), "PKCS5_v2_PBE_keyivgen"},
95{ERR_PACK(0,EVP_F_RC2_MAGIC_TO_METH,0), "RC2_MAGIC_TO_METH"},
96{ERR_PACK(0,EVP_F_RC5_CTRL,0), "RC5_CTRL"},
97{0,NULL}
76 }; 98 };
77 99
78static ERR_STRING_DATA EVP_str_reasons[]= 100static ERR_STRING_DATA EVP_str_reasons[]=
79 { 101 {
102{EVP_R_BAD_BLOCK_LENGTH ,"bad block length"},
80{EVP_R_BAD_DECRYPT ,"bad decrypt"}, 103{EVP_R_BAD_DECRYPT ,"bad decrypt"},
104{EVP_R_BAD_KEY_LENGTH ,"bad key length"},
105{EVP_R_BN_DECODE_ERROR ,"bn decode error"},
106{EVP_R_BN_PUBKEY_ERROR ,"bn pubkey error"},
107{EVP_R_CIPHER_PARAMETER_ERROR ,"cipher parameter error"},
108{EVP_R_CTRL_NOT_IMPLEMENTED ,"ctrl not implemented"},
109{EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED ,"ctrl operation not implemented"},
110{EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH ,"data not multiple of block length"},
111{EVP_R_DECODE_ERROR ,"decode error"},
81{EVP_R_DIFFERENT_KEY_TYPES ,"different key types"}, 112{EVP_R_DIFFERENT_KEY_TYPES ,"different key types"},
113{EVP_R_ENCODE_ERROR ,"encode error"},
114{EVP_R_EVP_PBE_CIPHERINIT_ERROR ,"evp pbe cipherinit error"},
115{EVP_R_EXPECTING_AN_RSA_KEY ,"expecting an rsa key"},
116{EVP_R_EXPECTING_A_DH_KEY ,"expecting a dh key"},
117{EVP_R_EXPECTING_A_DSA_KEY ,"expecting a dsa key"},
118{EVP_R_INITIALIZATION_ERROR ,"initialization error"},
119{EVP_R_INPUT_NOT_INITIALIZED ,"input not initialized"},
120{EVP_R_INVALID_KEY_LENGTH ,"invalid key length"},
82{EVP_R_IV_TOO_LARGE ,"iv too large"}, 121{EVP_R_IV_TOO_LARGE ,"iv too large"},
83{EVP_R_MISSING_PARMATERS ,"missing parmaters"}, 122{EVP_R_KEYGEN_FAILURE ,"keygen failure"},
123{EVP_R_MISSING_PARAMETERS ,"missing parameters"},
124{EVP_R_NO_CIPHER_SET ,"no cipher set"},
125{EVP_R_NO_DIGEST_SET ,"no digest set"},
126{EVP_R_NO_DSA_PARAMETERS ,"no dsa parameters"},
84{EVP_R_NO_SIGN_FUNCTION_CONFIGURED ,"no sign function configured"}, 127{EVP_R_NO_SIGN_FUNCTION_CONFIGURED ,"no sign function configured"},
85{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED ,"no verify function configured"}, 128{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED ,"no verify function configured"},
129{EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE ,"pkcs8 unknown broken type"},
86{EVP_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"}, 130{EVP_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"},
131{EVP_R_UNKNOWN_PBE_ALGORITHM ,"unknown pbe algorithm"},
132{EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS ,"unsuported number of rounds"},
87{EVP_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, 133{EVP_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
134{EVP_R_UNSUPPORTED_KEYLENGTH ,"unsupported keylength"},
135{EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION,"unsupported key derivation function"},
136{EVP_R_UNSUPPORTED_KEY_SIZE ,"unsupported key size"},
137{EVP_R_UNSUPPORTED_PRF ,"unsupported prf"},
138{EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM ,"unsupported private key algorithm"},
139{EVP_R_UNSUPPORTED_SALT_TYPE ,"unsupported salt type"},
88{EVP_R_WRONG_FINAL_BLOCK_LENGTH ,"wrong final block length"}, 140{EVP_R_WRONG_FINAL_BLOCK_LENGTH ,"wrong final block length"},
89{EVP_R_WRONG_PUBLIC_KEY_TYPE ,"wrong public key type"}, 141{EVP_R_WRONG_PUBLIC_KEY_TYPE ,"wrong public key type"},
90{0,NULL}, 142{0,NULL}
91 }; 143 };
92 144
93#endif 145#endif
94 146
95void ERR_load_EVP_strings() 147void ERR_load_EVP_strings(void)
96 { 148 {
97 static int init=1; 149 static int init=1;
98 150
99 if (init); 151 if (init)
100 {; 152 {
101 init=0; 153 init=0;
102#ifndef NO_ERR 154#ifndef OPENSSL_NO_ERR
103 ERR_load_strings(ERR_LIB_EVP,EVP_str_functs); 155 ERR_load_strings(ERR_LIB_EVP,EVP_str_functs);
104 ERR_load_strings(ERR_LIB_EVP,EVP_str_reasons); 156 ERR_load_strings(ERR_LIB_EVP,EVP_str_reasons);
105#endif 157#endif
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c
index dafa686f64..4271393069 100644
--- a/src/lib/libcrypto/evp/evp_key.c
+++ b/src/lib/libcrypto/evp/evp_key.c
@@ -58,23 +58,26 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "x509.h" 61#include <openssl/x509.h>
62#include "objects.h" 62#include <openssl/objects.h>
63#include "evp.h" 63#include <openssl/evp.h>
64#include <openssl/ui.h>
64 65
65/* should be init to zeros. */ 66/* should be init to zeros. */
66static char prompt_string[80]; 67static char prompt_string[80];
67 68
68void EVP_set_pw_prompt(prompt) 69void EVP_set_pw_prompt(char *prompt)
69char *prompt;
70 { 70 {
71 if (prompt == NULL) 71 if (prompt == NULL)
72 prompt_string[0]='\0'; 72 prompt_string[0]='\0';
73 else 73 else
74 {
74 strncpy(prompt_string,prompt,79); 75 strncpy(prompt_string,prompt,79);
76 prompt_string[79]='\0';
77 }
75 } 78 }
76 79
77char *EVP_get_pw_prompt() 80char *EVP_get_pw_prompt(void)
78 { 81 {
79 if (prompt_string[0] == '\0') 82 if (prompt_string[0] == '\0')
80 return(NULL); 83 return(NULL);
@@ -82,30 +85,31 @@ char *EVP_get_pw_prompt()
82 return(prompt_string); 85 return(prompt_string);
83 } 86 }
84 87
85#ifdef NO_DES 88/* For historical reasons, the standard function for reading passwords is
86int des_read_pw_string(char *buf,int len,char *prompt,int verify); 89 * in the DES library -- if someone ever wants to disable DES,
87#endif 90 * this function will fail */
88 91int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
89int EVP_read_pw_string(buf,len,prompt,verify)
90char *buf;
91int len;
92char *prompt;
93int verify;
94 { 92 {
93 int ret;
94 char buff[BUFSIZ];
95 UI *ui;
96
95 if ((prompt == NULL) && (prompt_string[0] != '\0')) 97 if ((prompt == NULL) && (prompt_string[0] != '\0'))
96 prompt=prompt_string; 98 prompt=prompt_string;
97 return(des_read_pw_string(buf,len,prompt,verify)); 99 ui = UI_new();
100 UI_add_input_string(ui,prompt,0,buf,0,(len>=BUFSIZ)?BUFSIZ-1:len);
101 if (verify)
102 UI_add_verify_string(ui,prompt,0,
103 buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
104 ret = UI_process(ui);
105 UI_free(ui);
106 memset(buff,0,BUFSIZ);
107 return ret;
98 } 108 }
99 109
100int EVP_BytesToKey(type,md,salt,data,datal,count,key,iv) 110int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
101EVP_CIPHER *type; 111 const unsigned char *salt, const unsigned char *data, int datal,
102EVP_MD *md; 112 int count, unsigned char *key, unsigned char *iv)
103unsigned char *salt;
104unsigned char *data;
105int datal;
106int count;
107unsigned char *key;
108unsigned char *iv;
109 { 113 {
110 EVP_MD_CTX c; 114 EVP_MD_CTX c;
111 unsigned char md_buf[EVP_MAX_MD_SIZE]; 115 unsigned char md_buf[EVP_MAX_MD_SIZE];
@@ -117,21 +121,22 @@ unsigned char *iv;
117 121
118 if (data == NULL) return(nkey); 122 if (data == NULL) return(nkey);
119 123
124 EVP_MD_CTX_init(&c);
120 for (;;) 125 for (;;)
121 { 126 {
122 EVP_DigestInit(&c,md); 127 EVP_DigestInit_ex(&c,md, NULL);
123 if (addmd++) 128 if (addmd++)
124 EVP_DigestUpdate(&c,&(md_buf[0]),mds); 129 EVP_DigestUpdate(&c,&(md_buf[0]),mds);
125 EVP_DigestUpdate(&c,data,datal); 130 EVP_DigestUpdate(&c,data,datal);
126 if (salt != NULL) 131 if (salt != NULL)
127 EVP_DigestUpdate(&c,salt,8); 132 EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN);
128 EVP_DigestFinal(&c,&(md_buf[0]),&mds); 133 EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
129 134
130 for (i=1; i<(unsigned int)count; i++) 135 for (i=1; i<(unsigned int)count; i++)
131 { 136 {
132 EVP_DigestInit(&c,md); 137 EVP_DigestInit_ex(&c,md, NULL);
133 EVP_DigestUpdate(&c,&(md_buf[0]),mds); 138 EVP_DigestUpdate(&c,&(md_buf[0]),mds);
134 EVP_DigestFinal(&c,&(md_buf[0]),&mds); 139 EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
135 } 140 }
136 i=0; 141 i=0;
137 if (nkey) 142 if (nkey)
@@ -160,7 +165,7 @@ unsigned char *iv;
160 } 165 }
161 if ((nkey == 0) && (niv == 0)) break; 166 if ((nkey == 0) && (niv == 0)) break;
162 } 167 }
163 memset(&c,0,sizeof(c)); 168 EVP_MD_CTX_cleanup(&c);
164 memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE); 169 memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE);
165 return(type->key_len); 170 return(type->key_len);
166 } 171 }
diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c
index 69784eb555..a431945ef5 100644
--- a/src/lib/libcrypto/evp/evp_lib.c
+++ b/src/lib/libcrypto/evp/evp_lib.c
@@ -58,12 +58,10 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "evp.h" 61#include <openssl/evp.h>
62#include "objects.h" 62#include <openssl/objects.h>
63 63
64int EVP_CIPHER_param_to_asn1(c,type) 64int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
65EVP_CIPHER_CTX *c;
66ASN1_TYPE *type;
67 { 65 {
68 int ret; 66 int ret;
69 67
@@ -74,9 +72,7 @@ ASN1_TYPE *type;
74 return(ret); 72 return(ret);
75 } 73 }
76 74
77int EVP_CIPHER_asn1_to_param(c,type) 75int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
78EVP_CIPHER_CTX *c;
79ASN1_TYPE *type;
80 { 76 {
81 int ret; 77 int ret;
82 78
@@ -87,9 +83,7 @@ ASN1_TYPE *type;
87 return(ret); 83 return(ret);
88 } 84 }
89 85
90int EVP_CIPHER_get_asn1_iv(c,type) 86int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
91EVP_CIPHER_CTX *c;
92ASN1_TYPE *type;
93 { 87 {
94 int i=0,l; 88 int i=0,l;
95 89
@@ -97,14 +91,15 @@ ASN1_TYPE *type;
97 { 91 {
98 l=EVP_CIPHER_CTX_iv_length(c); 92 l=EVP_CIPHER_CTX_iv_length(c);
99 i=ASN1_TYPE_get_octetstring(type,c->oiv,l); 93 i=ASN1_TYPE_get_octetstring(type,c->oiv,l);
100 memcpy(c->iv,c->oiv,l); 94 if (i != l)
95 return(-1);
96 else if (i > 0)
97 memcpy(c->iv,c->oiv,l);
101 } 98 }
102 return(i); 99 return(i);
103 } 100 }
104 101
105int EVP_CIPHER_set_asn1_iv(c,type) 102int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
106EVP_CIPHER_CTX *c;
107ASN1_TYPE *type;
108 { 103 {
109 int i=0,j; 104 int i=0,j;
110 105
@@ -115,3 +110,33 @@ ASN1_TYPE *type;
115 } 110 }
116 return(i); 111 return(i);
117 } 112 }
113
114/* Convert the various cipher NIDs and dummies to a proper OID NID */
115int EVP_CIPHER_type(const EVP_CIPHER *ctx)
116{
117 int nid;
118 ASN1_OBJECT *otmp;
119 nid = EVP_CIPHER_nid(ctx);
120
121 switch(nid) {
122
123 case NID_rc2_cbc:
124 case NID_rc2_64_cbc:
125 case NID_rc2_40_cbc:
126
127 return NID_rc2_cbc;
128
129 case NID_rc4:
130 case NID_rc4_40:
131
132 return NID_rc4;
133
134 default:
135 /* Check it has an OID and it is valid */
136 otmp = OBJ_nid2obj(nid);
137 if(!otmp || !otmp->data) nid = NID_undef;
138 ASN1_OBJECT_free(otmp);
139 return nid;
140 }
141}
142
diff --git a/src/lib/libcrypto/evp/evp_locl.h b/src/lib/libcrypto/evp/evp_locl.h
index ce49d5b7d8..7b088b4848 100644
--- a/src/lib/libcrypto/evp/evp_locl.h
+++ b/src/lib/libcrypto/evp/evp_locl.h
@@ -61,50 +61,107 @@
61/* Wrapper functions for each cipher mode */ 61/* Wrapper functions for each cipher mode */
62 62
63#define BLOCK_CIPHER_ecb_loop() \ 63#define BLOCK_CIPHER_ecb_loop() \
64 unsigned int i; \ 64 unsigned int i, bl; \
65 if(inl < 8) return 1;\ 65 bl = ctx->cipher->block_size;\
66 inl -= 8; \ 66 if(inl < bl) return 1;\
67 for(i=0; i <= inl; i+=8) \ 67 inl -= bl; \
68 for(i=0; i <= inl; i+=bl) \
68 69
69#define BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \ 70#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
70static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ 71static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
71{\ 72{\
72 BLOCK_CIPHER_ecb_loop() \ 73 BLOCK_CIPHER_ecb_loop() \
73 cprefix##_ecb_encrypt(in + i, out + i, &ctx->c.kname, ctx->encrypt);\ 74 cprefix##_ecb_encrypt(in + i, out + i, &((kstruct *)ctx->cipher_data)->ksched, ctx->encrypt);\
74 return 1;\ 75 return 1;\
75} 76}
76 77
77#define BLOCK_CIPHER_func_ofb(cname, cprefix, kname) \ 78#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
78static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ 79static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
79{\ 80{\
80 cprefix##_ofb64_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, &ctx->num);\ 81 cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
81 return 1;\ 82 return 1;\
82} 83}
83 84
84#define BLOCK_CIPHER_func_cbc(cname, cprefix, kname) \ 85#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
85static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ 86static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
86{\ 87{\
87 cprefix##_cbc_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, ctx->encrypt);\ 88 cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
88 return 1;\ 89 return 1;\
89} 90}
90 91
91#define BLOCK_CIPHER_func_cfb(cname, cprefix, kname) \ 92#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
92static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ 93static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
93{\ 94{\
94 cprefix##_cfb64_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, &ctx->num, ctx->encrypt);\ 95 cprefix##_cfb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
95 return 1;\ 96 return 1;\
96} 97}
97 98
98#define BLOCK_CIPHER_all_funcs(cname, cprefix, kname) \ 99#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
99 BLOCK_CIPHER_func_cbc(cname, cprefix, kname) \ 100 BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
100 BLOCK_CIPHER_func_cfb(cname, cprefix, kname) \ 101 BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
101 BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \ 102 BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
102 BLOCK_CIPHER_func_ofb(cname, cprefix, kname) 103 BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
103 104
105#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
106 key_len, iv_len, flags, init_key, cleanup, \
107 set_asn1, get_asn1, ctrl) \
108static const EVP_CIPHER cname##_##mode = { \
109 nid##_##nmode, block_size, key_len, iv_len, \
110 flags | EVP_CIPH_##MODE##_MODE, \
111 init_key, \
112 cname##_##mode##_cipher, \
113 cleanup, \
114 sizeof(kstruct), \
115 set_asn1, get_asn1,\
116 ctrl, \
117 NULL \
118}; \
119const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
120
121#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
122 iv_len, flags, init_key, cleanup, set_asn1, \
123 get_asn1, ctrl) \
124BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
125 iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
126
127#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, block_size, key_len, \
128 iv_len, cbits, flags, init_key, cleanup, \
129 set_asn1, get_asn1, ctrl) \
130BLOCK_CIPHER_def1(cname, cfb##cbits, cfb, CFB, kstruct, nid, block_size, \
131 key_len, iv_len, flags, init_key, cleanup, set_asn1, \
132 get_asn1, ctrl)
133
134#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, block_size, key_len, \
135 iv_len, cbits, flags, init_key, cleanup, \
136 set_asn1, get_asn1, ctrl) \
137BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, block_size, \
138 key_len, iv_len, flags, init_key, cleanup, set_asn1, \
139 get_asn1, ctrl)
140
141#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
142 iv_len, flags, init_key, cleanup, set_asn1, \
143 get_asn1, ctrl) \
144BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
145 iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
146
147#define BLOCK_CIPHER_defs(cname, kstruct, \
148 nid, block_size, key_len, iv_len, cbits, flags, \
149 init_key, cleanup, set_asn1, get_asn1, ctrl) \
150BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
151 init_key, cleanup, set_asn1, get_asn1, ctrl) \
152BLOCK_CIPHER_def_cfb(cname, kstruct, nid, block_size, key_len, iv_len, cbits, \
153 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
154BLOCK_CIPHER_def_ofb(cname, kstruct, nid, block_size, key_len, iv_len, cbits, \
155 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
156BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
157 init_key, cleanup, set_asn1, get_asn1, ctrl)
158
159
160/*
104#define BLOCK_CIPHER_defs(cname, kstruct, \ 161#define BLOCK_CIPHER_defs(cname, kstruct, \
105 nid, block_size, key_len, iv_len, flags,\ 162 nid, block_size, key_len, iv_len, flags,\
106 init_key, cleanup, set_asn1, get_asn1, ctrl)\ 163 init_key, cleanup, set_asn1, get_asn1, ctrl)\
107static EVP_CIPHER cname##_cbc = {\ 164static const EVP_CIPHER cname##_cbc = {\
108 nid##_cbc, block_size, key_len, iv_len, \ 165 nid##_cbc, block_size, key_len, iv_len, \
109 flags | EVP_CIPH_CBC_MODE,\ 166 flags | EVP_CIPH_CBC_MODE,\
110 init_key,\ 167 init_key,\
@@ -116,8 +173,8 @@ static EVP_CIPHER cname##_cbc = {\
116 ctrl, \ 173 ctrl, \
117 NULL \ 174 NULL \
118};\ 175};\
119EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\ 176const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
120static EVP_CIPHER cname##_cfb = {\ 177static const EVP_CIPHER cname##_cfb = {\
121 nid##_cfb64, 1, key_len, iv_len, \ 178 nid##_cfb64, 1, key_len, iv_len, \
122 flags | EVP_CIPH_CFB_MODE,\ 179 flags | EVP_CIPH_CFB_MODE,\
123 init_key,\ 180 init_key,\
@@ -129,8 +186,8 @@ static EVP_CIPHER cname##_cfb = {\
129 ctrl,\ 186 ctrl,\
130 NULL \ 187 NULL \
131};\ 188};\
132EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\ 189const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
133static EVP_CIPHER cname##_ofb = {\ 190static const EVP_CIPHER cname##_ofb = {\
134 nid##_ofb64, 1, key_len, iv_len, \ 191 nid##_ofb64, 1, key_len, iv_len, \
135 flags | EVP_CIPH_OFB_MODE,\ 192 flags | EVP_CIPH_OFB_MODE,\
136 init_key,\ 193 init_key,\
@@ -142,8 +199,8 @@ static EVP_CIPHER cname##_ofb = {\
142 ctrl,\ 199 ctrl,\
143 NULL \ 200 NULL \
144};\ 201};\
145EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\ 202const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
146static EVP_CIPHER cname##_ecb = {\ 203static const EVP_CIPHER cname##_ecb = {\
147 nid##_ecb, block_size, key_len, iv_len, \ 204 nid##_ecb, block_size, key_len, iv_len, \
148 flags | EVP_CIPH_ECB_MODE,\ 205 flags | EVP_CIPH_ECB_MODE,\
149 init_key,\ 206 init_key,\
@@ -155,14 +212,16 @@ static EVP_CIPHER cname##_ecb = {\
155 ctrl,\ 212 ctrl,\
156 NULL \ 213 NULL \
157};\ 214};\
158EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } 215const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
159 216*/
160
161 217
162#define IMPLEMENT_BLOCK_CIPHER(cname, kname, cprefix, kstruct, \ 218#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
163 nid, block_size, key_len, iv_len, flags, \ 219 block_size, key_len, iv_len, cbits, \
164 init_key, cleanup, set_asn1, get_asn1, ctrl) \ 220 flags, init_key, \
165 BLOCK_CIPHER_all_funcs(cname, cprefix, kname) \ 221 cleanup, set_asn1, get_asn1, ctrl) \
166 BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, flags,\ 222 BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
167 init_key, cleanup, set_asn1, get_asn1, ctrl) 223 BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
224 cbits, flags, init_key, cleanup, set_asn1, \
225 get_asn1, ctrl)
168 226
227#define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data)
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c
index 353c3ad667..06afb9d152 100644
--- a/src/lib/libcrypto/evp/evp_pbe.c
+++ b/src/lib/libcrypto/evp/evp_pbe.c
@@ -69,8 +69,8 @@ static STACK *pbe_algs;
69 69
70typedef struct { 70typedef struct {
71int pbe_nid; 71int pbe_nid;
72EVP_CIPHER *cipher; 72const EVP_CIPHER *cipher;
73EVP_MD *md; 73const EVP_MD *md;
74EVP_PBE_KEYGEN *keygen; 74EVP_PBE_KEYGEN *keygen;
75} EVP_PBE_CTL; 75} EVP_PBE_CTL;
76 76
@@ -92,7 +92,8 @@ int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
92 ERR_add_error_data(2, "TYPE=", obj_tmp); 92 ERR_add_error_data(2, "TYPE=", obj_tmp);
93 return 0; 93 return 0;
94 } 94 }
95 if (passlen == -1) passlen = strlen(pass); 95 if(!pass) passlen = 0;
96 else if (passlen == -1) passlen = strlen(pass);
96 pbetmp = (EVP_PBE_CTL *)sk_value (pbe_algs, i); 97 pbetmp = (EVP_PBE_CTL *)sk_value (pbe_algs, i);
97 i = (*pbetmp->keygen)(ctx, pass, passlen, param, pbetmp->cipher, 98 i = (*pbetmp->keygen)(ctx, pass, passlen, param, pbetmp->cipher,
98 pbetmp->md, en_de); 99 pbetmp->md, en_de);
@@ -103,19 +104,20 @@ int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
103 return 1; 104 return 1;
104} 105}
105 106
106static int pbe_cmp (EVP_PBE_CTL **pbe1, EVP_PBE_CTL **pbe2) 107static int pbe_cmp(const char * const *a, const char * const *b)
107{ 108{
109 EVP_PBE_CTL **pbe1 = (EVP_PBE_CTL **) a, **pbe2 = (EVP_PBE_CTL **)b;
108 return ((*pbe1)->pbe_nid - (*pbe2)->pbe_nid); 110 return ((*pbe1)->pbe_nid - (*pbe2)->pbe_nid);
109} 111}
110 112
111/* Add a PBE algorithm */ 113/* Add a PBE algorithm */
112 114
113int EVP_PBE_alg_add (int nid, EVP_CIPHER *cipher, EVP_MD *md, 115int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
114 EVP_PBE_KEYGEN *keygen) 116 EVP_PBE_KEYGEN *keygen)
115{ 117{
116 EVP_PBE_CTL *pbe_tmp; 118 EVP_PBE_CTL *pbe_tmp;
117 if (!pbe_algs) pbe_algs = sk_new (pbe_cmp); 119 if (!pbe_algs) pbe_algs = sk_new(pbe_cmp);
118 if (!(pbe_tmp = (EVP_PBE_CTL*) Malloc (sizeof(EVP_PBE_CTL)))) { 120 if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL)))) {
119 EVPerr(EVP_F_EVP_PBE_ALG_ADD,ERR_R_MALLOC_FAILURE); 121 EVPerr(EVP_F_EVP_PBE_ALG_ADD,ERR_R_MALLOC_FAILURE);
120 return 0; 122 return 0;
121 } 123 }
@@ -129,6 +131,6 @@ int EVP_PBE_alg_add (int nid, EVP_CIPHER *cipher, EVP_MD *md,
129 131
130void EVP_PBE_cleanup(void) 132void EVP_PBE_cleanup(void)
131{ 133{
132 sk_pop_free(pbe_algs, FreeFunc); 134 sk_pop_free(pbe_algs, OPENSSL_freeFunc);
133 pbe_algs = NULL; 135 pbe_algs = NULL;
134} 136}
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c
index 421e452db1..34b5b1d21c 100644
--- a/src/lib/libcrypto/evp/evp_pkey.c
+++ b/src/lib/libcrypto/evp/evp_pkey.c
@@ -62,41 +62,40 @@
62#include <openssl/x509.h> 62#include <openssl/x509.h>
63#include <openssl/rand.h> 63#include <openssl/rand.h>
64 64
65#ifndef OPENSSL_NO_DSA
66static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
67#endif
68
65/* Extract a private key from a PKCS8 structure */ 69/* Extract a private key from a PKCS8 structure */
66 70
67EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) 71EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
68{ 72{
69 EVP_PKEY *pkey; 73 EVP_PKEY *pkey = NULL;
70#ifndef NO_RSA 74#ifndef OPENSSL_NO_RSA
71 RSA *rsa; 75 RSA *rsa = NULL;
72#endif 76#endif
73#ifndef NO_DSA 77#ifndef OPENSSL_NO_DSA
74 DSA *dsa; 78 DSA *dsa = NULL;
75 ASN1_INTEGER *dsapriv; 79 ASN1_INTEGER *privkey;
76 STACK *ndsa; 80 ASN1_TYPE *t1, *t2, *param = NULL;
77 BN_CTX *ctx; 81 STACK_OF(ASN1_TYPE) *ndsa = NULL;
82 BN_CTX *ctx = NULL;
78 int plen; 83 int plen;
79#endif 84#endif
80 X509_ALGOR *a; 85 X509_ALGOR *a;
81 unsigned char *p; 86 unsigned char *p;
87 const unsigned char *cp;
82 int pkeylen; 88 int pkeylen;
83 char obj_tmp[80]; 89 char obj_tmp[80];
84 90
85 switch (p8->broken) { 91 if(p8->pkey->type == V_ASN1_OCTET_STRING) {
86 case PKCS8_OK: 92 p8->broken = PKCS8_OK;
87 p = p8->pkey->value.octet_string->data; 93 p = p8->pkey->value.octet_string->data;
88 pkeylen = p8->pkey->value.octet_string->length; 94 pkeylen = p8->pkey->value.octet_string->length;
89 break; 95 } else {
90 96 p8->broken = PKCS8_NO_OCTET;
91 case PKCS8_NO_OCTET:
92 p = p8->pkey->value.sequence->data; 97 p = p8->pkey->value.sequence->data;
93 pkeylen = p8->pkey->value.sequence->length; 98 pkeylen = p8->pkey->value.sequence->length;
94 break;
95
96 default:
97 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
98 return NULL;
99 break;
100 } 99 }
101 if (!(pkey = EVP_PKEY_new())) { 100 if (!(pkey = EVP_PKEY_new())) {
102 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); 101 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
@@ -105,81 +104,108 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
105 a = p8->pkeyalg; 104 a = p8->pkeyalg;
106 switch (OBJ_obj2nid(a->algorithm)) 105 switch (OBJ_obj2nid(a->algorithm))
107 { 106 {
108#ifndef NO_RSA 107#ifndef OPENSSL_NO_RSA
109 case NID_rsaEncryption: 108 case NID_rsaEncryption:
110 if (!(rsa = d2i_RSAPrivateKey (NULL, &p, pkeylen))) { 109 cp = p;
110 if (!(rsa = d2i_RSAPrivateKey (NULL,&cp, pkeylen))) {
111 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 111 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
112 return NULL; 112 return NULL;
113 } 113 }
114 EVP_PKEY_assign_RSA (pkey, rsa); 114 EVP_PKEY_assign_RSA (pkey, rsa);
115 break; 115 break;
116#endif 116#endif
117#ifndef NO_DSA 117#ifndef OPENSSL_NO_DSA
118 case NID_dsa: 118 case NID_dsa:
119 /* PKCS#8 DSA is weird: you just get a private key integer 119 /* PKCS#8 DSA is weird: you just get a private key integer
120 * and parameters in the AlgorithmIdentifier the pubkey must 120 * and parameters in the AlgorithmIdentifier the pubkey must
121 * be recalculated. 121 * be recalculated.
122 */ 122 */
123 123
124 /* Check for broken Netscape Database DSA PKCS#8, UGH! */ 124 /* Check for broken DSA PKCS#8, UGH! */
125 if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) { 125 if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) {
126 if(!(ndsa = ASN1_seq_unpack(p, pkeylen, 126 if(!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen,
127 (char *(*)())d2i_ASN1_INTEGER, 127 d2i_ASN1_TYPE,
128 ASN1_STRING_free))) { 128 ASN1_TYPE_free))) {
129 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 129 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
130 return NULL; 130 goto dsaerr;
131 } 131 }
132 if(sk_num(ndsa) != 2 ) { 132 if(sk_ASN1_TYPE_num(ndsa) != 2 ) {
133 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 133 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
134 sk_pop_free(ndsa, ASN1_STRING_free); 134 goto dsaerr;
135 return NULL;
136 } 135 }
137 dsapriv = (ASN1_INTEGER *) sk_pop(ndsa); 136 /* Handle Two broken types:
138 sk_pop_free(ndsa, ASN1_STRING_free); 137 * SEQUENCE {parameters, priv_key}
139 } else if (!(dsapriv=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) { 138 * SEQUENCE {pub_key, priv_key}
139 */
140
141 t1 = sk_ASN1_TYPE_value(ndsa, 0);
142 t2 = sk_ASN1_TYPE_value(ndsa, 1);
143 if(t1->type == V_ASN1_SEQUENCE) {
144 p8->broken = PKCS8_EMBEDDED_PARAM;
145 param = t1;
146 } else if(a->parameter->type == V_ASN1_SEQUENCE) {
147 p8->broken = PKCS8_NS_DB;
148 param = a->parameter;
149 } else {
140 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 150 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
141 return NULL; 151 goto dsaerr;
152 }
153
154 if(t2->type != V_ASN1_INTEGER) {
155 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
156 goto dsaerr;
157 }
158 privkey = t2->value.integer;
159 } else {
160 if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) {
161 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
162 goto dsaerr;
163 }
164 param = p8->pkeyalg->parameter;
142 } 165 }
143 /* Retrieve parameters */ 166 if (!param || (param->type != V_ASN1_SEQUENCE)) {
144 if (a->parameter->type != V_ASN1_SEQUENCE) { 167 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
145 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_NO_DSA_PARAMETERS); 168 goto dsaerr;
146 return NULL;
147 } 169 }
148 p = a->parameter->value.sequence->data; 170 cp = p = param->value.sequence->data;
149 plen = a->parameter->value.sequence->length; 171 plen = param->value.sequence->length;
150 if (!(dsa = d2i_DSAparams (NULL, &p, plen))) { 172 if (!(dsa = d2i_DSAparams (NULL, &cp, plen))) {
151 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 173 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
152 return NULL; 174 goto dsaerr;
153 } 175 }
154 /* We have parameters now set private key */ 176 /* We have parameters now set private key */
155 if (!(dsa->priv_key = ASN1_INTEGER_to_BN(dsapriv, NULL))) { 177 if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
156 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR); 178 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR);
157 DSA_free (dsa); 179 goto dsaerr;
158 return NULL;
159 } 180 }
160 /* Calculate public key (ouch!) */ 181 /* Calculate public key (ouch!) */
161 if (!(dsa->pub_key = BN_new())) { 182 if (!(dsa->pub_key = BN_new())) {
162 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); 183 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
163 DSA_free (dsa); 184 goto dsaerr;
164 return NULL;
165 } 185 }
166 if (!(ctx = BN_CTX_new())) { 186 if (!(ctx = BN_CTX_new())) {
167 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); 187 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
168 DSA_free (dsa); 188 goto dsaerr;
169 return NULL;
170 } 189 }
171 190
172 if (!BN_mod_exp(dsa->pub_key, dsa->g, 191 if (!BN_mod_exp(dsa->pub_key, dsa->g,
173 dsa->priv_key, dsa->p, ctx)) { 192 dsa->priv_key, dsa->p, ctx)) {
174 193
175 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR); 194 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR);
176 BN_CTX_free (ctx); 195 goto dsaerr;
177 DSA_free (dsa);
178 return NULL;
179 } 196 }
180 197
181 EVP_PKEY_assign_DSA (pkey, dsa); 198 EVP_PKEY_assign_DSA(pkey, dsa);
182 BN_CTX_free (ctx); 199 BN_CTX_free (ctx);
200 if(ndsa) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
201 else ASN1_INTEGER_free(privkey);
202 break;
203 dsaerr:
204 BN_CTX_free (ctx);
205 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
206 DSA_free(dsa);
207 EVP_PKEY_free(pkey);
208 return NULL;
183 break; 209 break;
184#endif 210#endif
185 default: 211 default:
@@ -193,30 +219,35 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
193 return pkey; 219 return pkey;
194} 220}
195 221
222PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
223{
224 return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
225}
226
196/* Turn a private key into a PKCS8 structure */ 227/* Turn a private key into a PKCS8 structure */
197 228
198PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) 229PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
199{ 230{
200 PKCS8_PRIV_KEY_INFO *p8; 231 PKCS8_PRIV_KEY_INFO *p8;
201#ifndef NO_DSA 232
202 ASN1_INTEGER *dpkey;
203 unsigned char *p, *q;
204 int len;
205#endif
206 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) { 233 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {
207 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 234 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
208 return NULL; 235 return NULL;
209 } 236 }
237 p8->broken = broken;
210 ASN1_INTEGER_set (p8->version, 0); 238 ASN1_INTEGER_set (p8->version, 0);
211 if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) { 239 if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) {
212 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 240 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
213 PKCS8_PRIV_KEY_INFO_free (p8); 241 PKCS8_PRIV_KEY_INFO_free (p8);
214 return NULL; 242 return NULL;
215 } 243 }
244 p8->pkey->type = V_ASN1_OCTET_STRING;
216 switch (EVP_PKEY_type(pkey->type)) { 245 switch (EVP_PKEY_type(pkey->type)) {
217#ifndef NO_RSA 246#ifndef OPENSSL_NO_RSA
218 case EVP_PKEY_RSA: 247 case EVP_PKEY_RSA:
219 248
249 if(p8->broken == PKCS8_NO_OCTET) p8->pkey->type = V_ASN1_SEQUENCE;
250
220 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption); 251 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption);
221 p8->pkeyalg->parameter->type = V_ASN1_NULL; 252 p8->pkeyalg->parameter->type = V_ASN1_NULL;
222 if (!ASN1_pack_string ((char *)pkey, i2d_PrivateKey, 253 if (!ASN1_pack_string ((char *)pkey, i2d_PrivateKey,
@@ -227,38 +258,13 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
227 } 258 }
228 break; 259 break;
229#endif 260#endif
230#ifndef NO_DSA 261#ifndef OPENSSL_NO_DSA
231 case EVP_PKEY_DSA: 262 case EVP_PKEY_DSA:
232 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa); 263 if(!dsa_pkey2pkcs8(p8, pkey)) {
233
234 /* get paramaters and place in AlgorithmIdentifier */
235 len = i2d_DSAparams (pkey->pkey.dsa, NULL);
236 if (!(p = Malloc(len))) {
237 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
238 PKCS8_PRIV_KEY_INFO_free (p8);
239 return NULL;
240 }
241 q = p;
242 i2d_DSAparams (pkey->pkey.dsa, &q);
243 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
244 p8->pkeyalg->parameter->value.sequence = ASN1_STRING_new();
245 ASN1_STRING_set(p8->pkeyalg->parameter->value.sequence, p, len);
246 Free(p);
247 /* Get private key into an integer and pack */
248 if (!(dpkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) {
249 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
250 PKCS8_PRIV_KEY_INFO_free (p8); 264 PKCS8_PRIV_KEY_INFO_free (p8);
251 return NULL; 265 return NULL;
252 } 266 }
253 267
254 if (!ASN1_pack_string((char *)dpkey, i2d_ASN1_INTEGER,
255 &p8->pkey->value.octet_string)) {
256 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
257 ASN1_INTEGER_free (dpkey);
258 PKCS8_PRIV_KEY_INFO_free (p8);
259 return NULL;
260 }
261 ASN1_INTEGER_free (dpkey);
262 break; 268 break;
263#endif 269#endif
264 default: 270 default:
@@ -266,9 +272,8 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
266 PKCS8_PRIV_KEY_INFO_free (p8); 272 PKCS8_PRIV_KEY_INFO_free (p8);
267 return NULL; 273 return NULL;
268 } 274 }
269 p8->pkey->type = V_ASN1_OCTET_STRING; 275 RAND_add(p8->pkey->value.octet_string->data,
270 RAND_seed (p8->pkey->value.octet_string->data, 276 p8->pkey->value.octet_string->length, 0);
271 p8->pkey->value.octet_string->length);
272 return p8; 277 return p8;
273} 278}
274 279
@@ -295,4 +300,113 @@ PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
295 } 300 }
296} 301}
297 302
303#ifndef OPENSSL_NO_DSA
304static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
305{
306 ASN1_STRING *params;
307 ASN1_INTEGER *prkey;
308 ASN1_TYPE *ttmp;
309 STACK_OF(ASN1_TYPE) *ndsa;
310 unsigned char *p, *q;
311 int len;
312
313 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa);
314 len = i2d_DSAparams (pkey->pkey.dsa, NULL);
315 if (!(p = OPENSSL_malloc(len))) {
316 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
317 PKCS8_PRIV_KEY_INFO_free (p8);
318 return 0;
319 }
320 q = p;
321 i2d_DSAparams (pkey->pkey.dsa, &q);
322 params = ASN1_STRING_new();
323 ASN1_STRING_set(params, p, len);
324 OPENSSL_free(p);
325 /* Get private key into integer */
326 if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) {
327 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
328 return 0;
329 }
330
331 switch(p8->broken) {
332
333 case PKCS8_OK:
334 case PKCS8_NO_OCTET:
335
336 if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER,
337 &p8->pkey->value.octet_string)) {
338 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
339 M_ASN1_INTEGER_free (prkey);
340 return 0;
341 }
342
343 M_ASN1_INTEGER_free (prkey);
344 p8->pkeyalg->parameter->value.sequence = params;
345 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
346
347 break;
348
349 case PKCS8_NS_DB:
350
351 p8->pkeyalg->parameter->value.sequence = params;
352 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
353 ndsa = sk_ASN1_TYPE_new_null();
354 ttmp = ASN1_TYPE_new();
355 if (!(ttmp->value.integer = BN_to_ASN1_INTEGER (pkey->pkey.dsa->pub_key, NULL))) {
356 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
357 PKCS8_PRIV_KEY_INFO_free(p8);
358 return 0;
359 }
360 ttmp->type = V_ASN1_INTEGER;
361 sk_ASN1_TYPE_push(ndsa, ttmp);
362
363 ttmp = ASN1_TYPE_new();
364 ttmp->value.integer = prkey;
365 ttmp->type = V_ASN1_INTEGER;
366 sk_ASN1_TYPE_push(ndsa, ttmp);
367
368 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
369
370 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
371 &p8->pkey->value.octet_string->data,
372 &p8->pkey->value.octet_string->length)) {
373
374 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
375 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
376 M_ASN1_INTEGER_free(prkey);
377 return 0;
378 }
379 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
380 break;
298 381
382 case PKCS8_EMBEDDED_PARAM:
383
384 p8->pkeyalg->parameter->type = V_ASN1_NULL;
385 ndsa = sk_ASN1_TYPE_new_null();
386 ttmp = ASN1_TYPE_new();
387 ttmp->value.sequence = params;
388 ttmp->type = V_ASN1_SEQUENCE;
389 sk_ASN1_TYPE_push(ndsa, ttmp);
390
391 ttmp = ASN1_TYPE_new();
392 ttmp->value.integer = prkey;
393 ttmp->type = V_ASN1_INTEGER;
394 sk_ASN1_TYPE_push(ndsa, ttmp);
395
396 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
397
398 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
399 &p8->pkey->value.octet_string->data,
400 &p8->pkey->value.octet_string->length)) {
401
402 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
403 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
404 M_ASN1_INTEGER_free (prkey);
405 return 0;
406 }
407 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
408 break;
409 }
410 return 1;
411}
412#endif
diff --git a/src/lib/libcrypto/evp/m_dss.c b/src/lib/libcrypto/evp/m_dss.c
index 3549b1699c..beb8d7fc5c 100644
--- a/src/lib/libcrypto/evp/m_dss.c
+++ b/src/lib/libcrypto/evp/m_dss.c
@@ -58,25 +58,38 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "evp.h" 61#include <openssl/evp.h>
62#include "objects.h" 62#include <openssl/objects.h>
63#include "x509.h" 63#include <openssl/x509.h>
64 64
65static EVP_MD dsa_md= 65#ifndef OPENSSL_NO_SHA
66static int init(EVP_MD_CTX *ctx)
67 { return SHA1_Init(ctx->md_data); }
68
69static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
70 { return SHA1_Update(ctx->md_data,data,count); }
71
72static int final(EVP_MD_CTX *ctx,unsigned char *md)
73 { return SHA1_Final(md,ctx->md_data); }
74
75static const EVP_MD dsa_md=
66 { 76 {
67 NID_dsaWithSHA, 77 NID_dsaWithSHA,
68 NID_dsaWithSHA, 78 NID_dsaWithSHA,
69 SHA_DIGEST_LENGTH, 79 SHA_DIGEST_LENGTH,
70 SHA1_Init, 80 0,
71 SHA1_Update, 81 init,
72 SHA1_Final, 82 update,
83 final,
84 NULL,
85 NULL,
73 EVP_PKEY_DSA_method, 86 EVP_PKEY_DSA_method,
74 SHA_CBLOCK, 87 SHA_CBLOCK,
75 sizeof(EVP_MD *)+sizeof(SHA_CTX), 88 sizeof(EVP_MD *)+sizeof(SHA_CTX),
76 }; 89 };
77 90
78EVP_MD *EVP_dss() 91const EVP_MD *EVP_dss(void)
79 { 92 {
80 return(&dsa_md); 93 return(&dsa_md);
81 } 94 }
82 95#endif
diff --git a/src/lib/libcrypto/evp/m_dss1.c b/src/lib/libcrypto/evp/m_dss1.c
index ff256b7b20..f5668ebda0 100644
--- a/src/lib/libcrypto/evp/m_dss1.c
+++ b/src/lib/libcrypto/evp/m_dss1.c
@@ -56,26 +56,40 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef OPENSSL_NO_SHA
59#include <stdio.h> 60#include <stdio.h>
60#include "cryptlib.h" 61#include "cryptlib.h"
61#include "evp.h" 62#include <openssl/evp.h>
62#include "objects.h" 63#include <openssl/objects.h>
63#include "x509.h" 64#include <openssl/x509.h>
64 65
65static EVP_MD dss1_md= 66static int init(EVP_MD_CTX *ctx)
67 { return SHA1_Init(ctx->md_data); }
68
69static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
70 { return SHA1_Update(ctx->md_data,data,count); }
71
72static int final(EVP_MD_CTX *ctx,unsigned char *md)
73 { return SHA1_Final(md,ctx->md_data); }
74
75static const EVP_MD dss1_md=
66 { 76 {
67 NID_dsa, 77 NID_dsa,
68 NID_dsaWithSHA1, 78 NID_dsaWithSHA1,
69 SHA_DIGEST_LENGTH, 79 SHA_DIGEST_LENGTH,
70 SHA1_Init, 80 0,
71 SHA1_Update, 81 init,
72 SHA1_Final, 82 update,
83 final,
84 NULL,
85 NULL,
73 EVP_PKEY_DSA_method, 86 EVP_PKEY_DSA_method,
74 SHA_CBLOCK, 87 SHA_CBLOCK,
75 sizeof(EVP_MD *)+sizeof(SHA_CTX), 88 sizeof(EVP_MD *)+sizeof(SHA_CTX),
76 }; 89 };
77 90
78EVP_MD *EVP_dss1() 91const EVP_MD *EVP_dss1(void)
79 { 92 {
80 return(&dss1_md); 93 return(&dss1_md);
81 } 94 }
95#endif
diff --git a/src/lib/libcrypto/evp/m_md4.c b/src/lib/libcrypto/evp/m_md4.c
index 6a24ceb86d..e19b663754 100644
--- a/src/lib/libcrypto/evp/m_md4.c
+++ b/src/lib/libcrypto/evp/m_md4.c
@@ -56,27 +56,40 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef NO_MD4 59#ifndef OPENSSL_NO_MD4
60#include <stdio.h> 60#include <stdio.h>
61#include "cryptlib.h" 61#include "cryptlib.h"
62#include <openssl/evp.h> 62#include <openssl/evp.h>
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64#include <openssl/x509.h> 64#include <openssl/x509.h>
65#include <openssl/md4.h>
65 66
66static EVP_MD md4_md= 67static int init(EVP_MD_CTX *ctx)
68 { return MD4_Init(ctx->md_data); }
69
70static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
71 { return MD4_Update(ctx->md_data,data,count); }
72
73static int final(EVP_MD_CTX *ctx,unsigned char *md)
74 { return MD4_Final(md,ctx->md_data); }
75
76static const EVP_MD md4_md=
67 { 77 {
68 NID_md4, 78 NID_md4,
69 0, 79 NID_md4WithRSAEncryption,
70 MD4_DIGEST_LENGTH, 80 MD4_DIGEST_LENGTH,
71 MD4_Init, 81 0,
72 MD4_Update, 82 init,
73 MD4_Final, 83 update,
84 final,
85 NULL,
86 NULL,
74 EVP_PKEY_RSA_method, 87 EVP_PKEY_RSA_method,
75 MD4_CBLOCK, 88 MD4_CBLOCK,
76 sizeof(EVP_MD *)+sizeof(MD4_CTX), 89 sizeof(EVP_MD *)+sizeof(MD4_CTX),
77 }; 90 };
78 91
79EVP_MD *EVP_md4(void) 92const EVP_MD *EVP_md4(void)
80 { 93 {
81 return(&md4_md); 94 return(&md4_md);
82 } 95 }
diff --git a/src/lib/libcrypto/evp/m_md5.c b/src/lib/libcrypto/evp/m_md5.c
index d65db9aa1d..b00a03e048 100644
--- a/src/lib/libcrypto/evp/m_md5.c
+++ b/src/lib/libcrypto/evp/m_md5.c
@@ -56,26 +56,41 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef OPENSSL_NO_MD5
59#include <stdio.h> 60#include <stdio.h>
60#include "cryptlib.h" 61#include "cryptlib.h"
61#include "evp.h" 62#include <openssl/evp.h>
62#include "objects.h" 63#include <openssl/objects.h>
63#include "x509.h" 64#include <openssl/x509.h>
65#include <openssl/md5.h>
64 66
65static EVP_MD md5_md= 67static int init(EVP_MD_CTX *ctx)
68 { return MD5_Init(ctx->md_data); }
69
70static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
71 { return MD5_Update(ctx->md_data,data,count); }
72
73static int final(EVP_MD_CTX *ctx,unsigned char *md)
74 { return MD5_Final(md,ctx->md_data); }
75
76static const EVP_MD md5_md=
66 { 77 {
67 NID_md5, 78 NID_md5,
68 NID_md5WithRSAEncryption, 79 NID_md5WithRSAEncryption,
69 MD5_DIGEST_LENGTH, 80 MD5_DIGEST_LENGTH,
70 MD5_Init, 81 0,
71 MD5_Update, 82 init,
72 MD5_Final, 83 update,
84 final,
85 NULL,
86 NULL,
73 EVP_PKEY_RSA_method, 87 EVP_PKEY_RSA_method,
74 MD5_CBLOCK, 88 MD5_CBLOCK,
75 sizeof(EVP_MD *)+sizeof(MD5_CTX), 89 sizeof(EVP_MD *)+sizeof(MD5_CTX),
76 }; 90 };
77 91
78EVP_MD *EVP_md5() 92const EVP_MD *EVP_md5(void)
79 { 93 {
80 return(&md5_md); 94 return(&md5_md);
81 } 95 }
96#endif
diff --git a/src/lib/libcrypto/evp/m_null.c b/src/lib/libcrypto/evp/m_null.c
index 6d80560df2..f6f0a1d2c0 100644
--- a/src/lib/libcrypto/evp/m_null.c
+++ b/src/lib/libcrypto/evp/m_null.c
@@ -58,29 +58,36 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "evp.h" 61#include <openssl/evp.h>
62#include "objects.h" 62#include <openssl/objects.h>
63#include "x509.h" 63#include <openssl/x509.h>
64 64
65static void function() 65static int init(EVP_MD_CTX *ctx)
66 { 66 { return 1; }
67 } 67
68static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
69 { return 1; }
68 70
69static EVP_MD null_md= 71static int final(EVP_MD_CTX *ctx,unsigned char *md)
72 { return 1; }
73
74static const EVP_MD null_md=
70 { 75 {
71 NID_undef, 76 NID_undef,
72 NID_undef, 77 NID_undef,
73 0, 78 0,
74 function, 79 0,
75 function, 80 init,
76 function, 81 update,
77 82 final,
83 NULL,
84 NULL,
78 EVP_PKEY_NULL_method, 85 EVP_PKEY_NULL_method,
79 0, 86 0,
80 sizeof(EVP_MD *), 87 sizeof(EVP_MD *),
81 }; 88 };
82 89
83EVP_MD *EVP_md_null() 90const EVP_MD *EVP_md_null(void)
84 { 91 {
85 return(&null_md); 92 return(&null_md);
86 } 93 }
diff --git a/src/lib/libcrypto/evp/m_ripemd.c b/src/lib/libcrypto/evp/m_ripemd.c
index 04c5d8897b..64725528dc 100644
--- a/src/lib/libcrypto/evp/m_ripemd.c
+++ b/src/lib/libcrypto/evp/m_ripemd.c
@@ -56,26 +56,41 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef OPENSSL_NO_RIPEMD
59#include <stdio.h> 60#include <stdio.h>
60#include "cryptlib.h" 61#include "cryptlib.h"
61#include "evp.h" 62#include <openssl/ripemd.h>
62#include "objects.h" 63#include <openssl/evp.h>
63#include "x509.h" 64#include <openssl/objects.h>
65#include <openssl/x509.h>
64 66
65static EVP_MD ripemd160_md= 67static int init(EVP_MD_CTX *ctx)
68 { return RIPEMD160_Init(ctx->md_data); }
69
70static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
71 { return RIPEMD160_Update(ctx->md_data,data,count); }
72
73static int final(EVP_MD_CTX *ctx,unsigned char *md)
74 { return RIPEMD160_Final(md,ctx->md_data); }
75
76static const EVP_MD ripemd160_md=
66 { 77 {
67 NID_ripemd160, 78 NID_ripemd160,
68 NID_ripemd160WithRSA, 79 NID_ripemd160WithRSA,
69 RIPEMD160_DIGEST_LENGTH, 80 RIPEMD160_DIGEST_LENGTH,
70 RIPEMD160_Init, 81 0,
71 RIPEMD160_Update, 82 init,
72 RIPEMD160_Final, 83 update,
84 final,
85 NULL,
86 NULL,
73 EVP_PKEY_RSA_method, 87 EVP_PKEY_RSA_method,
74 RIPEMD160_CBLOCK, 88 RIPEMD160_CBLOCK,
75 sizeof(EVP_MD *)+sizeof(RIPEMD160_CTX), 89 sizeof(EVP_MD *)+sizeof(RIPEMD160_CTX),
76 }; 90 };
77 91
78EVP_MD *EVP_ripemd160() 92const EVP_MD *EVP_ripemd160(void)
79 { 93 {
80 return(&ripemd160_md); 94 return(&ripemd160_md);
81 } 95 }
96#endif
diff --git a/src/lib/libcrypto/evp/m_sha1.c b/src/lib/libcrypto/evp/m_sha1.c
index 87135a9cf2..d6be3502f0 100644
--- a/src/lib/libcrypto/evp/m_sha1.c
+++ b/src/lib/libcrypto/evp/m_sha1.c
@@ -56,26 +56,40 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef OPENSSL_NO_SHA
59#include <stdio.h> 60#include <stdio.h>
60#include "cryptlib.h" 61#include "cryptlib.h"
61#include "evp.h" 62#include <openssl/evp.h>
62#include "objects.h" 63#include <openssl/objects.h>
63#include "x509.h" 64#include <openssl/x509.h>
64 65
65static EVP_MD sha1_md= 66static int init(EVP_MD_CTX *ctx)
67 { return SHA1_Init(ctx->md_data); }
68
69static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
70 { return SHA1_Update(ctx->md_data,data,count); }
71
72static int final(EVP_MD_CTX *ctx,unsigned char *md)
73 { return SHA1_Final(md,ctx->md_data); }
74
75static const EVP_MD sha1_md=
66 { 76 {
67 NID_sha1, 77 NID_sha1,
68 NID_sha1WithRSAEncryption, 78 NID_sha1WithRSAEncryption,
69 SHA_DIGEST_LENGTH, 79 SHA_DIGEST_LENGTH,
70 SHA1_Init, 80 0,
71 SHA1_Update, 81 init,
72 SHA1_Final, 82 update,
83 final,
84 NULL,
85 NULL,
73 EVP_PKEY_RSA_method, 86 EVP_PKEY_RSA_method,
74 SHA_CBLOCK, 87 SHA_CBLOCK,
75 sizeof(EVP_MD *)+sizeof(SHA_CTX), 88 sizeof(EVP_MD *)+sizeof(SHA_CTX),
76 }; 89 };
77 90
78EVP_MD *EVP_sha1() 91const EVP_MD *EVP_sha1(void)
79 { 92 {
80 return(&sha1_md); 93 return(&sha1_md);
81 } 94 }
95#endif
diff --git a/src/lib/libcrypto/evp/names.c b/src/lib/libcrypto/evp/names.c
index e0774da20d..eb9f4329cd 100644
--- a/src/lib/libcrypto/evp/names.c
+++ b/src/lib/libcrypto/evp/names.c
@@ -58,228 +58,66 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "evp.h" 61#include <openssl/evp.h>
62#include "objects.h" 62#include <openssl/objects.h>
63#include <openssl/x509.h>
63 64
64typedef struct aliases_st { 65int EVP_add_cipher(const EVP_CIPHER *c)
65 char *alias;
66 /* This must be the last field becaue I will allocate things
67 * so they go off the end of it */
68 char name[4];
69 } ALIASES;
70
71static STACK /* ALIASES */ *aliases=NULL;
72static STACK /* EVP_CIPHERS */ *ciphers=NULL;
73static STACK /* EVP_MD */ *digests=NULL;
74
75static int cipher_nid_cmp(a,b)
76EVP_CIPHER **a,**b;
77 { return((*a)->nid - (*b)->nid); }
78
79static int digest_type_cmp(a,b)
80EVP_MD **a,**b;
81 { return((*a)->pkey_type - (*b)->pkey_type); }
82
83int EVP_add_cipher(c)
84EVP_CIPHER *c;
85 {
86 int i;
87
88 if (ciphers == NULL)
89 {
90 ciphers=sk_new(cipher_nid_cmp);
91 if (ciphers == NULL) return(0);
92 }
93 if ((i=sk_find(ciphers,(char *)c)) >= 0)
94 {
95 if (sk_value(ciphers,i) == (char *)c)
96 return(1);
97 sk_delete(ciphers,i);
98 }
99 return(sk_push(ciphers,(char *)c));
100 }
101
102int EVP_add_digest(md)
103EVP_MD *md;
104 { 66 {
105 int i; 67 int r;
106 char *n;
107 68
108 if (digests == NULL) 69 r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c);
109 { 70 if (r == 0) return(0);
110 digests=sk_new(digest_type_cmp); 71 r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c);
111 if (digests == NULL) return(0); 72 return(r);
112 }
113 if ((i=sk_find(digests,(char *)md)) >= 0)
114 {
115 if (sk_value(digests,i) == (char *)md)
116 return(1);
117 sk_delete(digests,i);
118 }
119 if (md->type != md->pkey_type)
120 {
121 n=OBJ_nid2sn(md->pkey_type);
122 EVP_add_alias(n,OBJ_nid2sn(md->type));
123 EVP_add_alias(n,OBJ_nid2ln(md->type));
124 }
125 sk_push(digests,(char *)md);
126 return(1);
127 }
128
129static int alias_cmp(a,b)
130ALIASES **a,**b;
131 {
132 return(strcmp((*a)->alias,(*b)->alias));
133 } 73 }
134 74
135int EVP_add_alias(name,aname) 75int EVP_add_digest(const EVP_MD *md)
136char *name;
137char *aname;
138 { 76 {
139 int l1,l2,i; 77 int r;
140 ALIASES *a; 78 const char *name;
141 char *p;
142 79
143 if ((name == NULL) || (aname == NULL)) return(0); 80 name=OBJ_nid2sn(md->type);
144 l1=strlen(name)+1; 81 r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(char *)md);
145 l2=strlen(aname)+1; 82 if (r == 0) return(0);
146 i=sizeof(ALIASES)+l1+l2; 83 r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(char *)md);
147 if ((a=(ALIASES *)Malloc(i)) == NULL) 84 if (r == 0) return(0);
148 return(0);
149 strcpy(a->name,name);
150 p= &(a->name[l1]);
151 strcpy(p,aname);
152 a->alias=p;
153 85
154 if (aliases == NULL) 86 if (md->type != md->pkey_type)
155 {
156 aliases=sk_new(alias_cmp);
157 if (aliases == NULL) goto err;
158 }
159
160 if ((i=sk_find(aliases,(char *)a)) >= 0)
161 { 87 {
162 Free(sk_delete(aliases,i)); 88 r=OBJ_NAME_add(OBJ_nid2sn(md->pkey_type),
89 OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name);
90 if (r == 0) return(0);
91 r=OBJ_NAME_add(OBJ_nid2ln(md->pkey_type),
92 OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name);
163 } 93 }
164 if (!sk_push(aliases,(char *)a)) goto err; 94 return(r);
165 return(1);
166err:
167 return(0);
168 } 95 }
169 96
170int EVP_delete_alias(name) 97const EVP_CIPHER *EVP_get_cipherbyname(const char *name)
171char *name;
172 { 98 {
173 ALIASES a; 99 const EVP_CIPHER *cp;
174 int i;
175 100
176 if (aliases != NULL) 101 cp=(const EVP_CIPHER *)OBJ_NAME_get(name,OBJ_NAME_TYPE_CIPHER_METH);
177 { 102 return(cp);
178 a.alias=name;
179 if ((i=sk_find(aliases,(char *)&a)) >= 0)
180 {
181 Free(sk_delete(aliases,i));
182 return(1);
183 }
184 }
185 return(0);
186 } 103 }
187 104
188EVP_CIPHER *EVP_get_cipherbyname(name) 105const EVP_MD *EVP_get_digestbyname(const char *name)
189char *name;
190 { 106 {
191 int nid,num=6,i; 107 const EVP_MD *cp;
192 EVP_CIPHER c,*cp;
193 ALIASES a,*ap;
194
195 if (ciphers == NULL) return(NULL);
196 for (;;)
197 {
198 if (num-- <= 0) return(NULL);
199 if (aliases != NULL)
200 {
201 a.alias=name;
202 i=sk_find(aliases,(char *)&a);
203 if (i >= 0)
204 {
205 ap=(ALIASES *)sk_value(aliases,i);
206 name=ap->name;
207 continue;
208 }
209 }
210 108
211 nid=OBJ_txt2nid(name); 109 cp=(const EVP_MD *)OBJ_NAME_get(name,OBJ_NAME_TYPE_MD_METH);
212 if (nid == NID_undef) return(NULL); 110 return(cp);
213 c.nid=nid;
214 i=sk_find(ciphers,(char *)&c);
215 if (i >= 0)
216 {
217 cp=(EVP_CIPHER *)sk_value(ciphers,i);
218 return(cp);
219 }
220 else
221 return(NULL);
222 }
223 } 111 }
224 112
225EVP_MD *EVP_get_digestbyname(name) 113void EVP_cleanup(void)
226char *name;
227 { 114 {
228 int nid,num=6,i; 115 OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH);
229 EVP_MD c,*cp; 116 OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH);
230 ALIASES a,*ap; 117 /* The above calls will only clean out the contents of the name
231 118 hash table, but not the hash table itself. The following line
232 if (digests == NULL) return(NULL); 119 does that part. -- Richard Levitte */
233 120 OBJ_NAME_cleanup(-1);
234 for (;;) 121
235 { 122 EVP_PBE_cleanup();
236 if (num-- <= 0) return(NULL);
237
238 if (aliases != NULL)
239 {
240 a.alias=name;
241 i=sk_find(aliases,(char *)&a);
242 if (i >= 0)
243 {
244 ap=(ALIASES *)sk_value(aliases,i);
245 name=ap->name;
246 continue;
247 }
248 }
249
250 nid=OBJ_txt2nid(name);
251 if (nid == NID_undef) return(NULL);
252 c.pkey_type=nid;
253 i=sk_find(digests,(char *)&c);
254 if (i >= 0)
255 {
256 cp=(EVP_MD *)sk_value(digests,i);
257 return(cp);
258 }
259 else
260 return(NULL);
261 }
262 }
263
264void EVP_cleanup()
265 {
266 int i;
267
268 if (aliases != NULL)
269 {
270 for (i=0; i<sk_num(aliases); i++)
271 Free(sk_value(aliases,i));
272 sk_free(aliases);
273 aliases=NULL;
274 }
275 if (ciphers != NULL)
276 {
277 sk_free(ciphers);
278 ciphers=NULL;
279 }
280 if (digests != NULL)
281 {
282 sk_free(digests);
283 digests=NULL;
284 }
285 } 123 }
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c
index e3dae52d4d..113c60fedb 100644
--- a/src/lib/libcrypto/evp/p5_crpt.c
+++ b/src/lib/libcrypto/evp/p5_crpt.c
@@ -67,41 +67,41 @@
67 67
68void PKCS5_PBE_add(void) 68void PKCS5_PBE_add(void)
69{ 69{
70#ifndef NO_DES 70#ifndef OPENSSL_NO_DES
71# ifndef NO_MD5 71# ifndef OPENSSL_NO_MD5
72EVP_PBE_alg_add(NID_pbeWithMD5AndDES_CBC, EVP_des_cbc(), EVP_md5(), 72EVP_PBE_alg_add(NID_pbeWithMD5AndDES_CBC, EVP_des_cbc(), EVP_md5(),
73 PKCS5_PBE_keyivgen); 73 PKCS5_PBE_keyivgen);
74# endif 74# endif
75# ifndef NO_MD2 75# ifndef OPENSSL_NO_MD2
76EVP_PBE_alg_add(NID_pbeWithMD2AndDES_CBC, EVP_des_cbc(), EVP_md2(), 76EVP_PBE_alg_add(NID_pbeWithMD2AndDES_CBC, EVP_des_cbc(), EVP_md2(),
77 PKCS5_PBE_keyivgen); 77 PKCS5_PBE_keyivgen);
78# endif 78# endif
79# ifndef NO_SHA 79# ifndef OPENSSL_NO_SHA
80EVP_PBE_alg_add(NID_pbeWithSHA1AndDES_CBC, EVP_des_cbc(), EVP_sha1(), 80EVP_PBE_alg_add(NID_pbeWithSHA1AndDES_CBC, EVP_des_cbc(), EVP_sha1(),
81 PKCS5_PBE_keyivgen); 81 PKCS5_PBE_keyivgen);
82# endif 82# endif
83#endif 83#endif
84#ifndef NO_RC2 84#ifndef OPENSSL_NO_RC2
85# ifndef NO_MD5 85# ifndef OPENSSL_NO_MD5
86EVP_PBE_alg_add(NID_pbeWithMD5AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md5(), 86EVP_PBE_alg_add(NID_pbeWithMD5AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md5(),
87 PKCS5_PBE_keyivgen); 87 PKCS5_PBE_keyivgen);
88# endif 88# endif
89# ifndef NO_MD2 89# ifndef OPENSSL_NO_MD2
90EVP_PBE_alg_add(NID_pbeWithMD2AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md2(), 90EVP_PBE_alg_add(NID_pbeWithMD2AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md2(),
91 PKCS5_PBE_keyivgen); 91 PKCS5_PBE_keyivgen);
92# endif 92# endif
93# ifndef NO_SHA 93# ifndef OPENSSL_NO_SHA
94EVP_PBE_alg_add(NID_pbeWithSHA1AndRC2_CBC, EVP_rc2_64_cbc(), EVP_sha1(), 94EVP_PBE_alg_add(NID_pbeWithSHA1AndRC2_CBC, EVP_rc2_64_cbc(), EVP_sha1(),
95 PKCS5_PBE_keyivgen); 95 PKCS5_PBE_keyivgen);
96# endif 96# endif
97#endif 97#endif
98#ifndef NO_HMAC 98#ifndef OPENSSL_NO_HMAC
99EVP_PBE_alg_add(NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen); 99EVP_PBE_alg_add(NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen);
100#endif 100#endif
101} 101}
102 102
103int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, 103int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
104 ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md, 104 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
105 int en_de) 105 int en_de)
106{ 106{
107 EVP_MD_CTX ctx; 107 EVP_MD_CTX ctx;
@@ -125,20 +125,25 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
125 salt = pbe->salt->data; 125 salt = pbe->salt->data;
126 saltlen = pbe->salt->length; 126 saltlen = pbe->salt->length;
127 127
128 EVP_DigestInit (&ctx, md); 128 if(!pass) passlen = 0;
129 EVP_DigestUpdate (&ctx, pass, passlen); 129 else if(passlen == -1) passlen = strlen(pass);
130 EVP_DigestUpdate (&ctx, salt, saltlen); 130
131 EVP_MD_CTX_init(&ctx);
132 EVP_DigestInit_ex(&ctx, md, NULL);
133 EVP_DigestUpdate(&ctx, pass, passlen);
134 EVP_DigestUpdate(&ctx, salt, saltlen);
131 PBEPARAM_free(pbe); 135 PBEPARAM_free(pbe);
132 EVP_DigestFinal (&ctx, md_tmp, NULL); 136 EVP_DigestFinal_ex(&ctx, md_tmp, NULL);
133 for (i = 1; i < iter; i++) { 137 for (i = 1; i < iter; i++) {
134 EVP_DigestInit(&ctx, md); 138 EVP_DigestInit_ex(&ctx, md, NULL);
135 EVP_DigestUpdate(&ctx, md_tmp, EVP_MD_size(md)); 139 EVP_DigestUpdate(&ctx, md_tmp, EVP_MD_size(md));
136 EVP_DigestFinal (&ctx, md_tmp, NULL); 140 EVP_DigestFinal_ex (&ctx, md_tmp, NULL);
137 } 141 }
138 memcpy (key, md_tmp, EVP_CIPHER_key_length(cipher)); 142 EVP_MD_CTX_cleanup(&ctx);
139 memcpy (iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), 143 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
144 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
140 EVP_CIPHER_iv_length(cipher)); 145 EVP_CIPHER_iv_length(cipher));
141 EVP_CipherInit(cctx, cipher, key, iv, en_de); 146 EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de);
142 memset(md_tmp, 0, EVP_MAX_MD_SIZE); 147 memset(md_tmp, 0, EVP_MAX_MD_SIZE);
143 memset(key, 0, EVP_MAX_KEY_LENGTH); 148 memset(key, 0, EVP_MAX_KEY_LENGTH);
144 memset(iv, 0, EVP_MAX_IV_LENGTH); 149 memset(iv, 0, EVP_MAX_IV_LENGTH);
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c
index 27a2c518be..7881860b53 100644
--- a/src/lib/libcrypto/evp/p5_crpt2.c
+++ b/src/lib/libcrypto/evp/p5_crpt2.c
@@ -55,7 +55,7 @@
55 * Hudson (tjh@cryptsoft.com). 55 * Hudson (tjh@cryptsoft.com).
56 * 56 *
57 */ 57 */
58#if !defined(NO_HMAC) && !defined(NO_SHA) 58#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA)
59#include <stdio.h> 59#include <stdio.h>
60#include <stdlib.h> 60#include <stdlib.h>
61#include <openssl/x509.h> 61#include <openssl/x509.h>
@@ -84,9 +84,12 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
84 int cplen, j, k, tkeylen; 84 int cplen, j, k, tkeylen;
85 unsigned long i = 1; 85 unsigned long i = 1;
86 HMAC_CTX hctx; 86 HMAC_CTX hctx;
87
88 HMAC_CTX_init(&hctx);
87 p = out; 89 p = out;
88 tkeylen = keylen; 90 tkeylen = keylen;
89 if(passlen == -1) passlen = strlen(pass); 91 if(!pass) passlen = 0;
92 else if(passlen == -1) passlen = strlen(pass);
90 while(tkeylen) { 93 while(tkeylen) {
91 if(tkeylen > SHA_DIGEST_LENGTH) cplen = SHA_DIGEST_LENGTH; 94 if(tkeylen > SHA_DIGEST_LENGTH) cplen = SHA_DIGEST_LENGTH;
92 else cplen = tkeylen; 95 else cplen = tkeylen;
@@ -97,7 +100,7 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
97 itmp[1] = (unsigned char)((i >> 16) & 0xff); 100 itmp[1] = (unsigned char)((i >> 16) & 0xff);
98 itmp[2] = (unsigned char)((i >> 8) & 0xff); 101 itmp[2] = (unsigned char)((i >> 8) & 0xff);
99 itmp[3] = (unsigned char)(i & 0xff); 102 itmp[3] = (unsigned char)(i & 0xff);
100 HMAC_Init(&hctx, pass, passlen, EVP_sha1()); 103 HMAC_Init_ex(&hctx, pass, passlen, EVP_sha1(), NULL);
101 HMAC_Update(&hctx, salt, saltlen); 104 HMAC_Update(&hctx, salt, saltlen);
102 HMAC_Update(&hctx, itmp, 4); 105 HMAC_Update(&hctx, itmp, 4);
103 HMAC_Final(&hctx, digtmp, NULL); 106 HMAC_Final(&hctx, digtmp, NULL);
@@ -111,7 +114,7 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
111 i++; 114 i++;
112 p+= cplen; 115 p+= cplen;
113 } 116 }
114 HMAC_cleanup(&hctx); 117 HMAC_CTX_cleanup(&hctx);
115#ifdef DEBUG_PKCS5V2 118#ifdef DEBUG_PKCS5V2
116 fprintf(stderr, "Password:\n"); 119 fprintf(stderr, "Password:\n");
117 h__dump (pass, passlen); 120 h__dump (pass, passlen);
@@ -142,7 +145,7 @@ main()
142 */ 145 */
143 146
144int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, 147int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
145 ASN1_TYPE *param, EVP_CIPHER *c, EVP_MD *md, 148 ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md,
146 int en_de) 149 int en_de)
147{ 150{
148 unsigned char *pbuf, *salt, key[EVP_MAX_KEY_LENGTH]; 151 unsigned char *pbuf, *salt, key[EVP_MAX_KEY_LENGTH];
@@ -180,7 +183,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
180 } 183 }
181 184
182 /* Fixup cipher based on AlgorithmIdentifier */ 185 /* Fixup cipher based on AlgorithmIdentifier */
183 EVP_CipherInit(ctx, cipher, NULL, NULL, en_de); 186 EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de);
184 if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) { 187 if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
185 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, 188 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
186 EVP_R_CIPHER_PARAMETER_ERROR); 189 EVP_R_CIPHER_PARAMETER_ERROR);
@@ -226,7 +229,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
226 saltlen = kdf->salt->value.octet_string->length; 229 saltlen = kdf->salt->value.octet_string->length;
227 iter = ASN1_INTEGER_get(kdf->iter); 230 iter = ASN1_INTEGER_get(kdf->iter);
228 PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key); 231 PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key);
229 EVP_CipherInit(ctx, NULL, key, NULL, en_de); 232 EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
230 memset(key, 0, keylen); 233 memset(key, 0, keylen);
231 PBKDF2PARAM_free(kdf); 234 PBKDF2PARAM_free(kdf);
232 return 1; 235 return 1;
diff --git a/src/lib/libcrypto/evp/p_dec.c b/src/lib/libcrypto/evp/p_dec.c
index e845ce70c7..8af620400e 100644
--- a/src/lib/libcrypto/evp/p_dec.c
+++ b/src/lib/libcrypto/evp/p_dec.c
@@ -58,27 +58,30 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "rand.h" 61#include <openssl/rand.h>
62#include "rsa.h" 62#ifndef OPENSSL_NO_RSA
63#include "evp.h" 63#include <openssl/rsa.h>
64#include "objects.h" 64#endif
65#include "x509.h" 65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
66 68
67int EVP_PKEY_decrypt(key,ek,ekl,priv) 69int EVP_PKEY_decrypt(unsigned char *key, unsigned char *ek, int ekl,
68unsigned char *key; 70 EVP_PKEY *priv)
69unsigned char *ek;
70int ekl;
71EVP_PKEY *priv;
72 { 71 {
73 int ret= -1; 72 int ret= -1;
74 73
74#ifndef OPENSSL_NO_RSA
75 if (priv->type != EVP_PKEY_RSA) 75 if (priv->type != EVP_PKEY_RSA)
76 { 76 {
77#endif
77 EVPerr(EVP_F_EVP_PKEY_DECRYPT,EVP_R_PUBLIC_KEY_NOT_RSA); 78 EVPerr(EVP_F_EVP_PKEY_DECRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
79#ifndef OPENSSL_NO_RSA
78 goto err; 80 goto err;
79 } 81 }
80 82
81 ret=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING); 83 ret=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING);
82err: 84err:
85#endif
83 return(ret); 86 return(ret);
84 } 87 }
diff --git a/src/lib/libcrypto/evp/p_enc.c b/src/lib/libcrypto/evp/p_enc.c
index a26bfad02a..656883b996 100644
--- a/src/lib/libcrypto/evp/p_enc.c
+++ b/src/lib/libcrypto/evp/p_enc.c
@@ -58,26 +58,29 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "rand.h" 61#include <openssl/rand.h>
62#include "rsa.h" 62#ifndef OPENSSL_NO_RSA
63#include "evp.h" 63#include <openssl/rsa.h>
64#include "objects.h" 64#endif
65#include "x509.h" 65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
66 68
67int EVP_PKEY_encrypt(ek,key,key_len,pubk) 69int EVP_PKEY_encrypt(unsigned char *ek, unsigned char *key, int key_len,
68unsigned char *ek; 70 EVP_PKEY *pubk)
69unsigned char *key;
70int key_len;
71EVP_PKEY *pubk;
72 { 71 {
73 int ret=0; 72 int ret=0;
74 73
74#ifndef OPENSSL_NO_RSA
75 if (pubk->type != EVP_PKEY_RSA) 75 if (pubk->type != EVP_PKEY_RSA)
76 { 76 {
77#endif
77 EVPerr(EVP_F_EVP_PKEY_ENCRYPT,EVP_R_PUBLIC_KEY_NOT_RSA); 78 EVPerr(EVP_F_EVP_PKEY_ENCRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
79#ifndef OPENSSL_NO_RSA
78 goto err; 80 goto err;
79 } 81 }
80 ret=RSA_public_encrypt(key_len,key,ek,pubk->pkey.rsa,RSA_PKCS1_PADDING); 82 ret=RSA_public_encrypt(key_len,key,ek,pubk->pkey.rsa,RSA_PKCS1_PADDING);
81err: 83err:
84#endif
82 return(ret); 85 return(ret);
83 } 86 }
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c
index 395351b373..215b94292a 100644
--- a/src/lib/libcrypto/evp/p_lib.c
+++ b/src/lib/libcrypto/evp/p_lib.c
@@ -58,58 +58,49 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "objects.h" 61#include <openssl/objects.h>
62#include "evp.h" 62#include <openssl/evp.h>
63#include "asn1_mac.h" 63#include <openssl/asn1_mac.h>
64#include "x509.h" 64#include <openssl/x509.h>
65 65
66/* EVPerr(EVP_F_D2I_PKEY,EVP_R_UNSUPPORTED_CIPHER); */
67/* EVPerr(EVP_F_D2I_PKEY,EVP_R_IV_TOO_LARGE); */
68
69#ifndef NOPROTO
70static void EVP_PKEY_free_it(EVP_PKEY *x); 66static void EVP_PKEY_free_it(EVP_PKEY *x);
71#else
72static void EVP_PKEY_free_it();
73#endif
74 67
75int EVP_PKEY_bits(pkey) 68int EVP_PKEY_bits(EVP_PKEY *pkey)
76EVP_PKEY *pkey;
77 { 69 {
78#ifndef NO_RSA 70#ifndef OPENSSL_NO_RSA
79 if (pkey->type == EVP_PKEY_RSA) 71 if (pkey->type == EVP_PKEY_RSA)
80 return(BN_num_bits(pkey->pkey.rsa->n)); 72 return(BN_num_bits(pkey->pkey.rsa->n));
81 else 73 else
82#endif 74#endif
83#ifndef NO_DSA 75#ifndef OPENSSL_NO_DSA
84 if (pkey->type == EVP_PKEY_DSA) 76 if (pkey->type == EVP_PKEY_DSA)
85 return(BN_num_bits(pkey->pkey.dsa->p)); 77 return(BN_num_bits(pkey->pkey.dsa->p));
86#endif 78#endif
87 return(0); 79 return(0);
88 } 80 }
89 81
90int EVP_PKEY_size(pkey) 82int EVP_PKEY_size(EVP_PKEY *pkey)
91EVP_PKEY *pkey;
92 { 83 {
93#ifndef NO_RSA 84 if (pkey == NULL)
85 return(0);
86#ifndef OPENSSL_NO_RSA
94 if (pkey->type == EVP_PKEY_RSA) 87 if (pkey->type == EVP_PKEY_RSA)
95 return(RSA_size(pkey->pkey.rsa)); 88 return(RSA_size(pkey->pkey.rsa));
96 else 89 else
97#endif 90#endif
98#ifndef NO_DSA 91#ifndef OPENSSL_NO_DSA
99 if (pkey->type == EVP_PKEY_DSA) 92 if (pkey->type == EVP_PKEY_DSA)
100 return(DSA_size(pkey->pkey.dsa)); 93 return(DSA_size(pkey->pkey.dsa));
101#endif 94#endif
102 return(0); 95 return(0);
103 } 96 }
104 97
105int EVP_PKEY_save_parameters(pkey,mode) 98int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
106EVP_PKEY *pkey;
107int mode;
108 { 99 {
109#ifndef NO_DSA 100#ifndef OPENSSL_NO_DSA
110 if (pkey->type == EVP_PKEY_DSA) 101 if (pkey->type == EVP_PKEY_DSA)
111 { 102 {
112 int ret=pkey->save_parameters=mode; 103 int ret=pkey->save_parameters;
113 104
114 if (mode >= 0) 105 if (mode >= 0)
115 pkey->save_parameters=mode; 106 pkey->save_parameters=mode;
@@ -119,8 +110,7 @@ int mode;
119 return(0); 110 return(0);
120 } 111 }
121 112
122int EVP_PKEY_copy_parameters(to,from) 113int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from)
123EVP_PKEY *to,*from;
124 { 114 {
125 if (to->type != from->type) 115 if (to->type != from->type)
126 { 116 {
@@ -130,10 +120,10 @@ EVP_PKEY *to,*from;
130 120
131 if (EVP_PKEY_missing_parameters(from)) 121 if (EVP_PKEY_missing_parameters(from))
132 { 122 {
133 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARMATERS); 123 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS);
134 goto err; 124 goto err;
135 } 125 }
136#ifndef NO_DSA 126#ifndef OPENSSL_NO_DSA
137 if (to->type == EVP_PKEY_DSA) 127 if (to->type == EVP_PKEY_DSA)
138 { 128 {
139 BIGNUM *a; 129 BIGNUM *a;
@@ -156,10 +146,9 @@ err:
156 return(0); 146 return(0);
157 } 147 }
158 148
159int EVP_PKEY_missing_parameters(pkey) 149int EVP_PKEY_missing_parameters(EVP_PKEY *pkey)
160EVP_PKEY *pkey;
161 { 150 {
162#ifndef NO_DSA 151#ifndef OPENSSL_NO_DSA
163 if (pkey->type == EVP_PKEY_DSA) 152 if (pkey->type == EVP_PKEY_DSA)
164 { 153 {
165 DSA *dsa; 154 DSA *dsa;
@@ -172,10 +161,9 @@ EVP_PKEY *pkey;
172 return(0); 161 return(0);
173 } 162 }
174 163
175int EVP_PKEY_cmp_parameters(a,b) 164int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b)
176EVP_PKEY *a,*b;
177 { 165 {
178#ifndef NO_DSA 166#ifndef OPENSSL_NO_DSA
179 if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA)) 167 if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA))
180 { 168 {
181 if ( BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) || 169 if ( BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
@@ -189,11 +177,11 @@ EVP_PKEY *a,*b;
189 return(-1); 177 return(-1);
190 } 178 }
191 179
192EVP_PKEY *EVP_PKEY_new() 180EVP_PKEY *EVP_PKEY_new(void)
193 { 181 {
194 EVP_PKEY *ret; 182 EVP_PKEY *ret;
195 183
196 ret=(EVP_PKEY *)Malloc(sizeof(EVP_PKEY)); 184 ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY));
197 if (ret == NULL) 185 if (ret == NULL)
198 { 186 {
199 EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE); 187 EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE);
@@ -207,10 +195,7 @@ EVP_PKEY *EVP_PKEY_new()
207 return(ret); 195 return(ret);
208 } 196 }
209 197
210int EVP_PKEY_assign(pkey,type,key) 198int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key)
211EVP_PKEY *pkey;
212int type;
213char *key;
214 { 199 {
215 if (pkey == NULL) return(0); 200 if (pkey == NULL) return(0);
216 if (pkey->pkey.ptr != NULL) 201 if (pkey->pkey.ptr != NULL)
@@ -218,11 +203,71 @@ char *key;
218 pkey->type=EVP_PKEY_type(type); 203 pkey->type=EVP_PKEY_type(type);
219 pkey->save_type=type; 204 pkey->save_type=type;
220 pkey->pkey.ptr=key; 205 pkey->pkey.ptr=key;
221 return(1); 206 return(key != NULL);
207 }
208
209#ifndef OPENSSL_NO_RSA
210int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
211{
212 int ret = EVP_PKEY_assign_RSA(pkey, key);
213 if(ret)
214 RSA_up_ref(key);
215 return ret;
216}
217
218RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
219 {
220 if(pkey->type != EVP_PKEY_RSA) {
221 EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
222 return NULL;
222 } 223 }
224 RSA_up_ref(pkey->pkey.rsa);
225 return pkey->pkey.rsa;
226}
227#endif
228
229#ifndef OPENSSL_NO_DSA
230int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
231{
232 int ret = EVP_PKEY_assign_DSA(pkey, key);
233 if(ret)
234 DSA_up_ref(key);
235 return ret;
236}
237
238DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
239 {
240 if(pkey->type != EVP_PKEY_DSA) {
241 EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
242 return NULL;
243 }
244 DSA_up_ref(pkey->pkey.dsa);
245 return pkey->pkey.dsa;
246}
247#endif
248
249#ifndef OPENSSL_NO_DH
250
251int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
252{
253 int ret = EVP_PKEY_assign_DH(pkey, key);
254 if(ret)
255 DH_up_ref(key);
256 return ret;
257}
258
259DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
260 {
261 if(pkey->type != EVP_PKEY_DH) {
262 EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
263 return NULL;
264 }
265 DH_up_ref(pkey->pkey.dh);
266 return pkey->pkey.dh;
267}
268#endif
223 269
224int EVP_PKEY_type(type) 270int EVP_PKEY_type(int type)
225int type;
226 { 271 {
227 switch (type) 272 switch (type)
228 { 273 {
@@ -242,8 +287,7 @@ int type;
242 } 287 }
243 } 288 }
244 289
245void EVP_PKEY_free(x) 290void EVP_PKEY_free(EVP_PKEY *x)
246EVP_PKEY *x;
247 { 291 {
248 int i; 292 int i;
249 293
@@ -262,21 +306,20 @@ EVP_PKEY *x;
262 } 306 }
263#endif 307#endif
264 EVP_PKEY_free_it(x); 308 EVP_PKEY_free_it(x);
265 Free((char *)x); 309 OPENSSL_free(x);
266 } 310 }
267 311
268static void EVP_PKEY_free_it(x) 312static void EVP_PKEY_free_it(EVP_PKEY *x)
269EVP_PKEY *x;
270 { 313 {
271 switch (x->type) 314 switch (x->type)
272 { 315 {
273#ifndef NO_RSA 316#ifndef OPENSSL_NO_RSA
274 case EVP_PKEY_RSA: 317 case EVP_PKEY_RSA:
275 case EVP_PKEY_RSA2: 318 case EVP_PKEY_RSA2:
276 RSA_free(x->pkey.rsa); 319 RSA_free(x->pkey.rsa);
277 break; 320 break;
278#endif 321#endif
279#ifndef NO_DSA 322#ifndef OPENSSL_NO_DSA
280 case EVP_PKEY_DSA: 323 case EVP_PKEY_DSA:
281 case EVP_PKEY_DSA2: 324 case EVP_PKEY_DSA2:
282 case EVP_PKEY_DSA3: 325 case EVP_PKEY_DSA3:
@@ -284,7 +327,7 @@ EVP_PKEY *x;
284 DSA_free(x->pkey.dsa); 327 DSA_free(x->pkey.dsa);
285 break; 328 break;
286#endif 329#endif
287#ifndef NO_DH 330#ifndef OPENSSL_NO_DH
288 case EVP_PKEY_DH: 331 case EVP_PKEY_DH:
289 DH_free(x->pkey.dh); 332 DH_free(x->pkey.dh);
290 break; 333 break;
diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c
index 28a8e02252..6976f2a867 100644
--- a/src/lib/libcrypto/evp/p_open.c
+++ b/src/lib/libcrypto/evp/p_open.c
@@ -56,64 +56,68 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef OPENSSL_NO_RSA
59#include <stdio.h> 60#include <stdio.h>
60#include "cryptlib.h" 61#include "cryptlib.h"
61#include "evp.h" 62#include <openssl/evp.h>
62#include "objects.h" 63#include <openssl/objects.h>
63#include "x509.h" 64#include <openssl/x509.h>
64 65
65int EVP_OpenInit(ctx,type,ek,ekl,iv,priv) 66int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *ek,
66EVP_CIPHER_CTX *ctx; 67 int ekl, unsigned char *iv, EVP_PKEY *priv)
67EVP_CIPHER *type;
68unsigned char *ek;
69int ekl;
70unsigned char *iv;
71EVP_PKEY *priv;
72 { 68 {
73 unsigned char *key=NULL; 69 unsigned char *key=NULL;
74 int i,size=0,ret=0; 70 int i,size=0,ret=0;
75 71
72 if(type) {
73 EVP_CIPHER_CTX_init(ctx);
74 if(!EVP_DecryptInit_ex(ctx,type,NULL, NULL,NULL)) return 0;
75 }
76
77 if(!priv) return 1;
78
76 if (priv->type != EVP_PKEY_RSA) 79 if (priv->type != EVP_PKEY_RSA)
77 { 80 {
78 EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA); 81 EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
79 ret= -1;
80 goto err; 82 goto err;
81 } 83 }
82 84
83 size=RSA_size(priv->pkey.rsa); 85 size=RSA_size(priv->pkey.rsa);
84 key=(unsigned char *)Malloc(size+2); 86 key=(unsigned char *)OPENSSL_malloc(size+2);
85 if (key == NULL) 87 if (key == NULL)
86 { 88 {
87 /* ERROR */ 89 /* ERROR */
88 EVPerr(EVP_F_EVP_OPENINIT,ERR_R_MALLOC_FAILURE); 90 EVPerr(EVP_F_EVP_OPENINIT,ERR_R_MALLOC_FAILURE);
89 ret= -1;
90 goto err; 91 goto err;
91 } 92 }
92 93
93 i=EVP_PKEY_decrypt(key,ek,ekl,priv); 94 i=EVP_PKEY_decrypt(key,ek,ekl,priv);
94 if (i != type->key_len) 95 if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i))
95 { 96 {
96 /* ERROR */ 97 /* ERROR */
97 goto err; 98 goto err;
98 } 99 }
100 if(!EVP_DecryptInit_ex(ctx,NULL,NULL,key,iv)) goto err;
99 101
100 EVP_CIPHER_CTX_init(ctx);
101 EVP_DecryptInit(ctx,type,key,iv);
102 ret=1; 102 ret=1;
103err: 103err:
104 if (key != NULL) memset(key,0,size); 104 if (key != NULL) memset(key,0,size);
105 Free(key); 105 OPENSSL_free(key);
106 return(ret); 106 return(ret);
107 } 107 }
108 108
109int EVP_OpenFinal(ctx,out,outl) 109int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
110EVP_CIPHER_CTX *ctx;
111unsigned char *out;
112int *outl;
113 { 110 {
114 int i; 111 int i;
115 112
116 i=EVP_DecryptFinal(ctx,out,outl); 113 i=EVP_DecryptFinal_ex(ctx,out,outl);
117 EVP_DecryptInit(ctx,NULL,NULL,NULL); 114 EVP_DecryptInit_ex(ctx,NULL,NULL,NULL,NULL);
118 return(i); 115 return(i);
119 } 116 }
117#else /* !OPENSSL_NO_RSA */
118
119# ifdef PEDANTIC
120static void *dummy=&dummy;
121# endif
122
123#endif
diff --git a/src/lib/libcrypto/evp/p_seal.c b/src/lib/libcrypto/evp/p_seal.c
index 09a408de35..37e547fe72 100644
--- a/src/lib/libcrypto/evp/p_seal.c
+++ b/src/lib/libcrypto/evp/p_seal.c
@@ -58,35 +58,36 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "rand.h" 61#include <openssl/rand.h>
62#include "rsa.h" 62#ifndef OPENSSL_NO_RSA
63#include "evp.h" 63#include <openssl/rsa.h>
64#include "objects.h" 64#endif
65#include "x509.h" 65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
66 68
67int EVP_SealInit(ctx,type,ek,ekl,iv,pubk,npubk) 69int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
68EVP_CIPHER_CTX *ctx; 70 int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
69EVP_CIPHER *type;
70unsigned char **ek;
71int *ekl;
72unsigned char *iv;
73EVP_PKEY **pubk;
74int npubk;
75 { 71 {
76 unsigned char key[EVP_MAX_KEY_LENGTH]; 72 unsigned char key[EVP_MAX_KEY_LENGTH];
77 int i; 73 int i;
78 74
79 if (npubk <= 0) return(0); 75 if(type) {
80 RAND_bytes(key,EVP_MAX_KEY_LENGTH); 76 EVP_CIPHER_CTX_init(ctx);
81 if (type->iv_len > 0) 77 if(!EVP_EncryptInit_ex(ctx,type,NULL,NULL,NULL)) return 0;
82 RAND_bytes(iv,type->iv_len); 78 }
79 if ((npubk <= 0) || !pubk)
80 return 1;
81 if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) <= 0)
82 return 0;
83 if (EVP_CIPHER_CTX_iv_length(ctx))
84 RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx));
83 85
84 EVP_CIPHER_CTX_init(ctx); 86 if(!EVP_EncryptInit_ex(ctx,NULL,NULL,key,iv)) return 0;
85 EVP_EncryptInit(ctx,type,key,iv);
86 87
87 for (i=0; i<npubk; i++) 88 for (i=0; i<npubk; i++)
88 { 89 {
89 ekl[i]=EVP_PKEY_encrypt(ek[i],key,EVP_CIPHER_key_length(type), 90 ekl[i]=EVP_PKEY_encrypt(ek[i],key,EVP_CIPHER_CTX_key_length(ctx),
90 pubk[i]); 91 pubk[i]);
91 if (ekl[i] <= 0) return(-1); 92 if (ekl[i] <= 0) return(-1);
92 } 93 }
@@ -105,11 +106,10 @@ int inl;
105 } 106 }
106*/ 107*/
107 108
108void EVP_SealFinal(ctx,out,outl) 109int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
109EVP_CIPHER_CTX *ctx;
110unsigned char *out;
111int *outl;
112 { 110 {
113 EVP_EncryptFinal(ctx,out,outl); 111 int i;
114 EVP_EncryptInit(ctx,NULL,NULL,NULL); 112 i = EVP_EncryptFinal_ex(ctx,out,outl);
113 EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);
114 return i;
115 } 115 }
diff --git a/src/lib/libcrypto/evp/p_sign.c b/src/lib/libcrypto/evp/p_sign.c
index 073270ce31..e4ae5906f5 100644
--- a/src/lib/libcrypto/evp/p_sign.c
+++ b/src/lib/libcrypto/evp/p_sign.c
@@ -58,32 +58,25 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "evp.h" 61#include <openssl/evp.h>
62#include "objects.h" 62#include <openssl/objects.h>
63#include "x509.h" 63#include <openssl/x509.h>
64 64
65#ifdef undef 65#ifdef undef
66void EVP_SignInit(ctx,type) 66void EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
67EVP_MD_CTX *ctx;
68EVP_MD *type;
69 { 67 {
70 EVP_DigestInit(ctx,type); 68 EVP_DigestInit_ex(ctx,type);
71 } 69 }
72 70
73void EVP_SignUpdate(ctx,data,count) 71void EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
74EVP_MD_CTX *ctx; 72 unsigned int count)
75unsigned char *data;
76unsigned int count;
77 { 73 {
78 EVP_DigestUpdate(ctx,data,count); 74 EVP_DigestUpdate(ctx,data,count);
79 } 75 }
80#endif 76#endif
81 77
82int EVP_SignFinal(ctx,sigret,siglen,pkey) 78int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
83EVP_MD_CTX *ctx; 79 EVP_PKEY *pkey)
84unsigned char *sigret;
85unsigned int *siglen;
86EVP_PKEY *pkey;
87 { 80 {
88 unsigned char m[EVP_MAX_MD_SIZE]; 81 unsigned char m[EVP_MAX_MD_SIZE];
89 unsigned int m_len; 82 unsigned int m_len;
@@ -91,8 +84,10 @@ EVP_PKEY *pkey;
91 MS_STATIC EVP_MD_CTX tmp_ctx; 84 MS_STATIC EVP_MD_CTX tmp_ctx;
92 85
93 *siglen=0; 86 *siglen=0;
94 memcpy(&tmp_ctx,ctx,sizeof(EVP_MD_CTX)); 87 EVP_MD_CTX_init(&tmp_ctx);
95 EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len); 88 EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);
89 EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);
90 EVP_MD_CTX_cleanup(&tmp_ctx);
96 for (i=0; i<4; i++) 91 for (i=0; i<4; i++)
97 { 92 {
98 v=ctx->digest->required_pkey_type[i]; 93 v=ctx->digest->required_pkey_type[i];
diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c
index 8d727d8f02..d854d743a5 100644
--- a/src/lib/libcrypto/evp/p_verify.c
+++ b/src/lib/libcrypto/evp/p_verify.c
@@ -58,15 +58,12 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "evp.h" 61#include <openssl/evp.h>
62#include "objects.h" 62#include <openssl/objects.h>
63#include "x509.h" 63#include <openssl/x509.h>
64 64
65int EVP_VerifyFinal(ctx,sigbuf,siglen,pkey) 65int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf,
66EVP_MD_CTX *ctx; 66 unsigned int siglen, EVP_PKEY *pkey)
67unsigned char *sigbuf;
68unsigned int siglen;
69EVP_PKEY *pkey;
70 { 67 {
71 unsigned char m[EVP_MAX_MD_SIZE]; 68 unsigned char m[EVP_MAX_MD_SIZE];
72 unsigned int m_len; 69 unsigned int m_len;
@@ -88,8 +85,10 @@ EVP_PKEY *pkey;
88 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE); 85 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
89 return(-1); 86 return(-1);
90 } 87 }
91 memcpy(&tmp_ctx,ctx,sizeof(EVP_MD_CTX)); 88 EVP_MD_CTX_init(&tmp_ctx);
92 EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len); 89 EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);
90 EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);
91 EVP_MD_CTX_cleanup(&tmp_ctx);
93 if (ctx->digest->verify == NULL) 92 if (ctx->digest->verify == NULL)
94 { 93 {
95 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED); 94 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 08:28:27 +0000