summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorjsing <>2014-05-08 15:42:26 +0000
committerjsing <>2014-05-08 15:42:26 +0000
commit55e64eee9595b15e8c103e3d57a9993684ab82b5 (patch)
treeed1791b800e1dec369aebdec3e1c883c6f688694 /src
parent1a5256f53dfa946a979facbb0d9d4775fa9d6bfe (diff)
downloadopenbsd-55e64eee9595b15e8c103e3d57a9993684ab82b5.tar.gz
openbsd-55e64eee9595b15e8c103e3d57a9993684ab82b5.tar.bz2
openbsd-55e64eee9595b15e8c103e3d57a9993684ab82b5.zip
KNF.
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/evp/evp_acnf.c10
-rw-r--r--src/lib/libcrypto/evp/evp_enc.c672
-rw-r--r--src/lib/libcrypto/evp/evp_err.c327
-rw-r--r--src/lib/libcrypto/evp/evp_key.c152
-rw-r--r--src/lib/libcrypto/evp/evp_lib.c330
-rw-r--r--src/lib/libcrypto/evp/evp_pbe.c203
-rw-r--r--src/lib/libcrypto/evp/evp_pkey.c135
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_acnf.c10
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_enc.c672
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_err.c327
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_key.c152
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_lib.c330
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_pbe.c203
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_pkey.c135
14 files changed, 1834 insertions, 1824 deletions
diff --git a/src/lib/libcrypto/evp/evp_acnf.c b/src/lib/libcrypto/evp/evp_acnf.c
index 643a1864e8..afbbc395ba 100644
--- a/src/lib/libcrypto/evp/evp_acnf.c
+++ b/src/lib/libcrypto/evp/evp_acnf.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -60,14 +60,14 @@
60#include <openssl/evp.h> 60#include <openssl/evp.h>
61#include <openssl/conf.h> 61#include <openssl/conf.h>
62 62
63
64/* Load all algorithms and configure OpenSSL. 63/* Load all algorithms and configure OpenSSL.
65 * This function is called automatically when 64 * This function is called automatically when
66 * OPENSSL_LOAD_CONF is set. 65 * OPENSSL_LOAD_CONF is set.
67 */ 66 */
68 67
69void OPENSSL_add_all_algorithms_conf(void) 68void
70 { 69OPENSSL_add_all_algorithms_conf(void)
70{
71 OPENSSL_add_all_algorithms_noconf(); 71 OPENSSL_add_all_algorithms_noconf();
72 OPENSSL_config(NULL); 72 OPENSSL_config(NULL);
73 } 73}
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index e8ca502633..0c3e8fcc39 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -68,498 +68,486 @@
68 68
69#define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl) 69#define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl)
70 70
71const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT; 71const char EVP_version[] = "EVP" OPENSSL_VERSION_PTEXT;
72 72
73void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) 73void
74 { 74EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
75 memset(ctx,0,sizeof(EVP_CIPHER_CTX)); 75{
76 memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
76 /* ctx->cipher=NULL; */ 77 /* ctx->cipher=NULL; */
77 } 78}
78 79
79EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) 80EVP_CIPHER_CTX *
80 { 81EVP_CIPHER_CTX_new(void)
81 EVP_CIPHER_CTX *ctx=malloc(sizeof *ctx); 82{
83 EVP_CIPHER_CTX *ctx = malloc(sizeof *ctx);
82 if (ctx) 84 if (ctx)
83 EVP_CIPHER_CTX_init(ctx); 85 EVP_CIPHER_CTX_init(ctx);
84 return ctx; 86 return ctx;
85 } 87}
86 88
87int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, 89int
88 const unsigned char *key, const unsigned char *iv, int enc) 90EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
89 { 91 const unsigned char *key, const unsigned char *iv, int enc)
92{
90 if (cipher) 93 if (cipher)
91 EVP_CIPHER_CTX_init(ctx); 94 EVP_CIPHER_CTX_init(ctx);
92 return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc); 95 return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc);
93 } 96}
94 97
95int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, 98int
96 const unsigned char *key, const unsigned char *iv, int enc) 99EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
97 { 100 const unsigned char *key, const unsigned char *iv, int enc)
101{
98 if (enc == -1) 102 if (enc == -1)
99 enc = ctx->encrypt; 103 enc = ctx->encrypt;
100 else 104 else {
101 {
102 if (enc) 105 if (enc)
103 enc = 1; 106 enc = 1;
104 ctx->encrypt = enc; 107 ctx->encrypt = enc;
105 } 108 }
106#ifndef OPENSSL_NO_ENGINE 109#ifndef OPENSSL_NO_ENGINE
107 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts 110 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
108 * so this context may already have an ENGINE! Try to avoid releasing 111 * so this context may already have an ENGINE! Try to avoid releasing
109 * the previous handle, re-querying for an ENGINE, and having a 112 * the previous handle, re-querying for an ENGINE, and having a
110 * reinitialisation, when it may all be unecessary. */ 113 * reinitialisation, when it may all be unecessary. */
111 if (ctx->engine && ctx->cipher && (!cipher || 114 if (ctx->engine && ctx->cipher &&
112 (cipher && (cipher->nid == ctx->cipher->nid)))) 115 (!cipher || (cipher && (cipher->nid == ctx->cipher->nid))))
113 goto skip_to_init; 116 goto skip_to_init;
114#endif 117#endif
115 if (cipher) 118 if (cipher) {
116 {
117 /* Ensure a context left lying around from last time is cleared 119 /* Ensure a context left lying around from last time is cleared
118 * (the previous check attempted to avoid this if the same 120 * (the previous check attempted to avoid this if the same
119 * ENGINE and EVP_CIPHER could be used). */ 121 * ENGINE and EVP_CIPHER could be used). */
120 if (ctx->cipher) 122 if (ctx->cipher) {
121 {
122 unsigned long flags = ctx->flags; 123 unsigned long flags = ctx->flags;
123 EVP_CIPHER_CTX_cleanup(ctx); 124 EVP_CIPHER_CTX_cleanup(ctx);
124 /* Restore encrypt and flags */ 125 /* Restore encrypt and flags */
125 ctx->encrypt = enc; 126 ctx->encrypt = enc;
126 ctx->flags = flags; 127 ctx->flags = flags;
127 } 128 }
128#ifndef OPENSSL_NO_ENGINE 129#ifndef OPENSSL_NO_ENGINE
129 if(impl) 130 if (impl) {
130 { 131 if (!ENGINE_init(impl)) {
131 if (!ENGINE_init(impl)) 132 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
132 { 133 EVP_R_INITIALIZATION_ERROR);
133 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
134 return 0; 134 return 0;
135 }
136 } 135 }
137 else 136 } else
138 /* Ask if an ENGINE is reserved for this job */ 137 /* Ask if an ENGINE is reserved for this job */
139 impl = ENGINE_get_cipher_engine(cipher->nid); 138 impl = ENGINE_get_cipher_engine(cipher->nid);
140 if(impl) 139 if (impl) {
141 {
142 /* There's an ENGINE for this job ... (apparently) */ 140 /* There's an ENGINE for this job ... (apparently) */
143 const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid); 141 const EVP_CIPHER *c =
144 if(!c) 142 ENGINE_get_cipher(impl, cipher->nid);
145 { 143 if (!c) {
146 /* One positive side-effect of US's export 144 /* One positive side-effect of US's export
147 * control history, is that we should at least 145 * control history, is that we should at least
148 * be able to avoid using US mispellings of 146 * be able to avoid using US mispellings of
149 * "initialisation"? */ 147 * "initialisation"? */
150 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); 148 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
149 EVP_R_INITIALIZATION_ERROR);
151 return 0; 150 return 0;
152 } 151 }
153 /* We'll use the ENGINE's private cipher definition */ 152 /* We'll use the ENGINE's private cipher definition */
154 cipher = c; 153 cipher = c;
155 /* Store the ENGINE functional reference so we know 154 /* Store the ENGINE functional reference so we know
156 * 'cipher' came from an ENGINE and we need to release 155 * 'cipher' came from an ENGINE and we need to release
157 * it when done. */ 156 * it when done. */
158 ctx->engine = impl; 157 ctx->engine = impl;
159 } 158 } else
160 else
161 ctx->engine = NULL; 159 ctx->engine = NULL;
162#endif 160#endif
163 161
164 ctx->cipher=cipher; 162 ctx->cipher = cipher;
165 if (ctx->cipher->ctx_size) 163 if (ctx->cipher->ctx_size) {
166 { 164 ctx->cipher_data = malloc(ctx->cipher->ctx_size);
167 ctx->cipher_data=malloc(ctx->cipher->ctx_size); 165 if (!ctx->cipher_data) {
168 if (!ctx->cipher_data) 166 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
169 { 167 ERR_R_MALLOC_FAILURE);
170 EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE);
171 return 0; 168 return 0;
172 }
173 } 169 }
174 else 170 } else {
175 {
176 ctx->cipher_data = NULL; 171 ctx->cipher_data = NULL;
177 } 172 }
178 ctx->key_len = cipher->key_len; 173 ctx->key_len = cipher->key_len;
179 ctx->flags = 0; 174 ctx->flags = 0;
180 if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) 175 if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
181 { 176 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
182 if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) 177 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
183 { 178 EVP_R_INITIALIZATION_ERROR);
184 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
185 return 0; 179 return 0;
186 }
187 } 180 }
188 } 181 }
189 else if(!ctx->cipher) 182 } else if (!ctx->cipher) {
190 {
191 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET); 183 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET);
192 return 0; 184 return 0;
193 } 185 }
194#ifndef OPENSSL_NO_ENGINE 186#ifndef OPENSSL_NO_ENGINE
195skip_to_init: 187skip_to_init:
196#endif 188#endif
197 /* we assume block size is a power of 2 in *cryptUpdate */ 189 /* we assume block size is a power of 2 in *cryptUpdate */
198 OPENSSL_assert(ctx->cipher->block_size == 1 190 OPENSSL_assert(ctx->cipher->block_size == 1 ||
199 || ctx->cipher->block_size == 8 191 ctx->cipher->block_size == 8 ||
200 || ctx->cipher->block_size == 16); 192 ctx->cipher->block_size == 16);
201 193
202 if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { 194 if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
203 switch(EVP_CIPHER_CTX_mode(ctx)) { 195 switch (EVP_CIPHER_CTX_mode(ctx)) {
204 196
205 case EVP_CIPH_STREAM_CIPHER: 197 case EVP_CIPH_STREAM_CIPHER:
206 case EVP_CIPH_ECB_MODE: 198 case EVP_CIPH_ECB_MODE:
207 break; 199 break;
208 200
209 case EVP_CIPH_CFB_MODE: 201 case EVP_CIPH_CFB_MODE:
210 case EVP_CIPH_OFB_MODE: 202 case EVP_CIPH_OFB_MODE:
211 203
212 ctx->num = 0; 204 ctx->num = 0;
213 /* fall-through */ 205 /* fall-through */
214 206
215 case EVP_CIPH_CBC_MODE: 207 case EVP_CIPH_CBC_MODE:
216 208
217 OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= 209 OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
218 (int)sizeof(ctx->iv)); 210 (int)sizeof(ctx->iv));
219 if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); 211 if (iv)
220 memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); 212 memcpy(ctx->oiv, iv,
213 EVP_CIPHER_CTX_iv_length(ctx));
214 memcpy(ctx->iv, ctx->oiv,
215 EVP_CIPHER_CTX_iv_length(ctx));
221 break; 216 break;
222 217
223 case EVP_CIPH_CTR_MODE: 218 case EVP_CIPH_CTR_MODE:
224 ctx->num = 0; 219 ctx->num = 0;
225 /* Don't reuse IV for CTR mode */ 220 /* Don't reuse IV for CTR mode */
226 if(iv) 221 if (iv)
227 memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx)); 222 memcpy(ctx->iv, iv,
223 EVP_CIPHER_CTX_iv_length(ctx));
228 break; 224 break;
229 225
230 default: 226 default:
231 return 0; 227 return 0;
232 break; 228 break;
233 } 229 }
234 } 230 }
235 231
236 if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { 232 if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
237 if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; 233 if (!ctx->cipher->init(ctx, key, iv, enc))
234 return 0;
238 } 235 }
239 ctx->buf_len=0; 236 ctx->buf_len = 0;
240 ctx->final_used=0; 237 ctx->final_used = 0;
241 ctx->block_mask=ctx->cipher->block_size-1; 238 ctx->block_mask = ctx->cipher->block_size - 1;
242 return 1; 239 return 1;
243 } 240}
244 241
245int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, 242int
246 const unsigned char *in, int inl) 243EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
247 { 244 const unsigned char *in, int inl)
245{
248 if (ctx->encrypt) 246 if (ctx->encrypt)
249 return EVP_EncryptUpdate(ctx,out,outl,in,inl); 247 return EVP_EncryptUpdate(ctx, out, outl, in, inl);
250 else return EVP_DecryptUpdate(ctx,out,outl,in,inl); 248 else
251 } 249 return EVP_DecryptUpdate(ctx, out, outl, in, inl);
250}
252 251
253int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 252int
254 { 253EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
254{
255 if (ctx->encrypt) 255 if (ctx->encrypt)
256 return EVP_EncryptFinal_ex(ctx,out,outl); 256 return EVP_EncryptFinal_ex(ctx, out, outl);
257 else return EVP_DecryptFinal_ex(ctx,out,outl); 257 else
258 } 258 return EVP_DecryptFinal_ex(ctx, out, outl);
259}
259 260
260int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 261int
261 { 262EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
263{
262 if (ctx->encrypt) 264 if (ctx->encrypt)
263 return EVP_EncryptFinal(ctx,out,outl); 265 return EVP_EncryptFinal(ctx, out, outl);
264 else return EVP_DecryptFinal(ctx,out,outl); 266 else
265 } 267 return EVP_DecryptFinal(ctx, out, outl);
268}
266 269
267int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, 270int
268 const unsigned char *key, const unsigned char *iv) 271EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
269 { 272 const unsigned char *key, const unsigned char *iv)
273{
270 return EVP_CipherInit(ctx, cipher, key, iv, 1); 274 return EVP_CipherInit(ctx, cipher, key, iv, 1);
271 } 275}
272 276
273int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, 277int
274 const unsigned char *key, const unsigned char *iv) 278EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
275 { 279 const unsigned char *key, const unsigned char *iv)
280{
276 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1); 281 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
277 } 282}
278 283
279int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, 284int
280 const unsigned char *key, const unsigned char *iv) 285EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
281 { 286 const unsigned char *key, const unsigned char *iv)
287{
282 return EVP_CipherInit(ctx, cipher, key, iv, 0); 288 return EVP_CipherInit(ctx, cipher, key, iv, 0);
283 } 289}
284 290
285int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, 291int
286 const unsigned char *key, const unsigned char *iv) 292EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
287 { 293 const unsigned char *key, const unsigned char *iv)
294{
288 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0); 295 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
289 } 296}
290 297
291int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, 298int
292 const unsigned char *in, int inl) 299EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
293 { 300 const unsigned char *in, int inl)
294 int i,j,bl; 301{
302 int i, j, bl;
295 303
296 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) 304 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
297 {
298 i = M_do_cipher(ctx, out, in, inl); 305 i = M_do_cipher(ctx, out, in, inl);
299 if (i < 0) 306 if (i < 0)
300 return 0; 307 return 0;
301 else 308 else
302 *outl = i; 309 *outl = i;
303 return 1; 310 return 1;
304 } 311 }
305 312
306 if (inl <= 0) 313 if (inl <= 0) {
307 {
308 *outl = 0; 314 *outl = 0;
309 return inl == 0; 315 return inl == 0;
310 } 316 }
311 317
312 if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) 318 if (ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) {
313 { 319 if (M_do_cipher(ctx, out, in, inl)) {
314 if(M_do_cipher(ctx,out,in,inl)) 320 *outl = inl;
315 {
316 *outl=inl;
317 return 1; 321 return 1;
318 } 322 } else {
319 else 323 *outl = 0;
320 {
321 *outl=0;
322 return 0; 324 return 0;
323 }
324 } 325 }
325 i=ctx->buf_len; 326 }
326 bl=ctx->cipher->block_size; 327 i = ctx->buf_len;
328 bl = ctx->cipher->block_size;
327 OPENSSL_assert(bl <= (int)sizeof(ctx->buf)); 329 OPENSSL_assert(bl <= (int)sizeof(ctx->buf));
328 if (i != 0) 330 if (i != 0) {
329 { 331 if (i + inl < bl) {
330 if (i+inl < bl) 332 memcpy(&(ctx->buf[i]), in, inl);
331 { 333 ctx->buf_len += inl;
332 memcpy(&(ctx->buf[i]),in,inl); 334 *outl = 0;
333 ctx->buf_len+=inl;
334 *outl=0;
335 return 1; 335 return 1;
336 } 336 } else {
337 else 337 j = bl - i;
338 { 338 memcpy(&(ctx->buf[i]), in, j);
339 j=bl-i; 339 if (!M_do_cipher(ctx, out, ctx->buf, bl))
340 memcpy(&(ctx->buf[i]),in,j); 340 return 0;
341 if(!M_do_cipher(ctx,out,ctx->buf,bl)) return 0; 341 inl -= j;
342 inl-=j; 342 in += j;
343 in+=j; 343 out += bl;
344 out+=bl; 344 *outl = bl;
345 *outl=bl;
346 }
347 } 345 }
348 else 346 } else
349 *outl = 0; 347 *outl = 0;
350 i=inl&(bl-1); 348 i = inl&(bl - 1);
351 inl-=i; 349 inl -= i;
352 if (inl > 0) 350 if (inl > 0) {
353 { 351 if (!M_do_cipher(ctx, out, in, inl))
354 if(!M_do_cipher(ctx,out,in,inl)) return 0; 352 return 0;
355 *outl+=inl; 353 *outl += inl;
356 } 354 }
357 355
358 if (i != 0) 356 if (i != 0)
359 memcpy(ctx->buf,&(in[inl]),i); 357 memcpy(ctx->buf, &(in[inl]), i);
360 ctx->buf_len=i; 358 ctx->buf_len = i;
361 return 1; 359 return 1;
362 } 360}
363 361
364int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 362int
365 { 363EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
364{
366 int ret; 365 int ret;
366
367 ret = EVP_EncryptFinal_ex(ctx, out, outl); 367 ret = EVP_EncryptFinal_ex(ctx, out, outl);
368 return ret; 368 return ret;
369 } 369}
370 370
371int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 371int
372 { 372EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
373 int n,ret; 373{
374 int n, ret;
374 unsigned int i, b, bl; 375 unsigned int i, b, bl;
375 376
376 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) 377 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
377 {
378 ret = M_do_cipher(ctx, out, NULL, 0); 378 ret = M_do_cipher(ctx, out, NULL, 0);
379 if (ret < 0) 379 if (ret < 0)
380 return 0; 380 return 0;
381 else 381 else
382 *outl = ret; 382 *outl = ret;
383 return 1; 383 return 1;
384 } 384 }
385 385
386 b=ctx->cipher->block_size; 386 b = ctx->cipher->block_size;
387 OPENSSL_assert(b <= sizeof ctx->buf); 387 OPENSSL_assert(b <= sizeof ctx->buf);
388 if (b == 1) 388 if (b == 1) {
389 { 389 *outl = 0;
390 *outl=0;
391 return 1; 390 return 1;
392 } 391 }
393 bl=ctx->buf_len; 392 bl = ctx->buf_len;
394 if (ctx->flags & EVP_CIPH_NO_PADDING) 393 if (ctx->flags & EVP_CIPH_NO_PADDING) {
395 { 394 if (bl) {
396 if(bl) 395 EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,
397 { 396 EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
398 EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
399 return 0; 397 return 0;
400 } 398 }
401 *outl = 0; 399 *outl = 0;
402 return 1; 400 return 1;
403 } 401 }
404 402
405 n=b-bl; 403 n = b - bl;
406 for (i=bl; i<b; i++) 404 for (i = bl; i < b; i++)
407 ctx->buf[i]=n; 405 ctx->buf[i] = n;
408 ret=M_do_cipher(ctx,out,ctx->buf,b); 406 ret = M_do_cipher(ctx, out, ctx->buf, b);
409 407
410 408
411 if(ret) 409 if (ret)
412 *outl=b; 410 *outl = b;
413 411
414 return ret; 412 return ret;
415 } 413}
416 414
417int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, 415int
418 const unsigned char *in, int inl) 416EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
419 { 417 const unsigned char *in, int inl)
418{
420 int fix_len; 419 int fix_len;
421 unsigned int b; 420 unsigned int b;
422 421
423 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) 422 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
424 {
425 fix_len = M_do_cipher(ctx, out, in, inl); 423 fix_len = M_do_cipher(ctx, out, in, inl);
426 if (fix_len < 0) 424 if (fix_len < 0) {
427 {
428 *outl = 0; 425 *outl = 0;
429 return 0; 426 return 0;
430 } 427 } else
431 else
432 *outl = fix_len; 428 *outl = fix_len;
433 return 1; 429 return 1;
434 } 430 }
435 431
436 if (inl <= 0) 432 if (inl <= 0) {
437 {
438 *outl = 0; 433 *outl = 0;
439 return inl == 0; 434 return inl == 0;
440 } 435 }
441 436
442 if (ctx->flags & EVP_CIPH_NO_PADDING) 437 if (ctx->flags & EVP_CIPH_NO_PADDING)
443 return EVP_EncryptUpdate(ctx, out, outl, in, inl); 438 return EVP_EncryptUpdate(ctx, out, outl, in, inl);
444 439
445 b=ctx->cipher->block_size; 440 b = ctx->cipher->block_size;
446 OPENSSL_assert(b <= sizeof ctx->final); 441 OPENSSL_assert(b <= sizeof ctx->final);
447 442
448 if(ctx->final_used) 443 if (ctx->final_used) {
449 { 444 memcpy(out, ctx->final, b);
450 memcpy(out,ctx->final,b); 445 out += b;
451 out+=b;
452 fix_len = 1; 446 fix_len = 1;
453 } 447 } else
454 else
455 fix_len = 0; 448 fix_len = 0;
456 449
457 450
458 if(!EVP_EncryptUpdate(ctx,out,outl,in,inl)) 451 if (!EVP_EncryptUpdate(ctx, out, outl, in, inl))
459 return 0; 452 return 0;
460 453
461 /* if we have 'decrypted' a multiple of block size, make sure 454 /* if we have 'decrypted' a multiple of block size, make sure
462 * we have a copy of this last block */ 455 * we have a copy of this last block */
463 if (b > 1 && !ctx->buf_len) 456 if (b > 1 && !ctx->buf_len) {
464 { 457 *outl -= b;
465 *outl-=b; 458 ctx->final_used = 1;
466 ctx->final_used=1; 459 memcpy(ctx->final, &out[*outl], b);
467 memcpy(ctx->final,&out[*outl],b); 460 } else
468 }
469 else
470 ctx->final_used = 0; 461 ctx->final_used = 0;
471 462
472 if (fix_len) 463 if (fix_len)
473 *outl += b; 464 *outl += b;
474 465
475 return 1; 466 return 1;
476 } 467}
477 468
478int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 469int
479 { 470EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
471{
480 int ret; 472 int ret;
473
481 ret = EVP_DecryptFinal_ex(ctx, out, outl); 474 ret = EVP_DecryptFinal_ex(ctx, out, outl);
482 return ret; 475 return ret;
483 } 476}
484 477
485int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 478int
486 { 479EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
487 int i,n; 480{
481 int i, n;
488 unsigned int b; 482 unsigned int b;
489 *outl=0; 483 *outl = 0;
490 484
491 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) 485 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
492 {
493 i = M_do_cipher(ctx, out, NULL, 0); 486 i = M_do_cipher(ctx, out, NULL, 0);
494 if (i < 0) 487 if (i < 0)
495 return 0; 488 return 0;
496 else 489 else
497 *outl = i; 490 *outl = i;
498 return 1; 491 return 1;
499 } 492 }
500 493
501 b=ctx->cipher->block_size; 494 b = ctx->cipher->block_size;
502 if (ctx->flags & EVP_CIPH_NO_PADDING) 495 if (ctx->flags & EVP_CIPH_NO_PADDING) {
503 { 496 if (ctx->buf_len) {
504 if(ctx->buf_len) 497 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
505 { 498 EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
506 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
507 return 0; 499 return 0;
508 } 500 }
509 *outl = 0; 501 *outl = 0;
510 return 1; 502 return 1;
503 }
504 if (b > 1) {
505 if (ctx->buf_len || !ctx->final_used) {
506 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
507 EVP_R_WRONG_FINAL_BLOCK_LENGTH);
508 return (0);
511 } 509 }
512 if (b > 1)
513 {
514 if (ctx->buf_len || !ctx->final_used)
515 {
516 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
517 return(0);
518 }
519 OPENSSL_assert(b <= sizeof ctx->final); 510 OPENSSL_assert(b <= sizeof ctx->final);
520 n=ctx->final[b-1]; 511 n = ctx->final[b - 1];
521 if (n == 0 || n > (int)b) 512 if (n == 0 || n > (int)b) {
522 { 513 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
523 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT); 514 return (0);
524 return(0); 515 }
525 } 516 for (i = 0; i < n; i++) {
526 for (i=0; i<n; i++) 517 if (ctx->final[--b] != n) {
527 { 518 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
528 if (ctx->final[--b] != n) 519 EVP_R_BAD_DECRYPT);
529 { 520 return (0);
530 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
531 return(0);
532 }
533 } 521 }
534 n=ctx->cipher->block_size-n;
535 for (i=0; i<n; i++)
536 out[i]=ctx->final[i];
537 *outl=n;
538 } 522 }
539 else 523 n = ctx->cipher->block_size - n;
540 *outl=0; 524 for (i = 0; i < n; i++)
541 return(1); 525 out[i] = ctx->final[i];
542 } 526 *outl = n;
527 } else
528 *outl = 0;
529 return (1);
530}
543 531
544void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) 532void
545 { 533EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
546 if (ctx) 534{
547 { 535 if (ctx) {
548 EVP_CIPHER_CTX_cleanup(ctx); 536 EVP_CIPHER_CTX_cleanup(ctx);
549 free(ctx); 537 free(ctx);
550 }
551 } 538 }
539}
552 540
553int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) 541int
554 { 542EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
555 if (c->cipher != NULL) 543{
556 { 544 if (c->cipher != NULL) {
557 if(c->cipher->cleanup && !c->cipher->cleanup(c)) 545 if (c->cipher->cleanup && !c->cipher->cleanup(c))
558 return 0; 546 return 0;
559 /* Cleanse cipher context data */ 547 /* Cleanse cipher context data */
560 if (c->cipher_data) 548 if (c->cipher_data)
561 OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); 549 OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
562 } 550 }
563 if (c->cipher_data) 551 if (c->cipher_data)
564 free(c->cipher_data); 552 free(c->cipher_data);
565#ifndef OPENSSL_NO_ENGINE 553#ifndef OPENSSL_NO_ENGINE
@@ -568,93 +556,99 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
568 * functional reference we held for this reason. */ 556 * functional reference we held for this reason. */
569 ENGINE_finish(c->engine); 557 ENGINE_finish(c->engine);
570#endif 558#endif
571 memset(c,0,sizeof(EVP_CIPHER_CTX)); 559 memset(c, 0, sizeof(EVP_CIPHER_CTX));
572 return 1; 560 return 1;
573 } 561}
574 562
575int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) 563int
576 { 564EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
577 if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH) 565{
578 return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL); 566 if (c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
579 if(c->key_len == keylen) return 1; 567 return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH,
580 if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) 568 keylen, NULL);
581 { 569 if (c->key_len == keylen)
570 return 1;
571 if ((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) {
582 c->key_len = keylen; 572 c->key_len = keylen;
583 return 1; 573 return 1;
584 }
585 EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH);
586 return 0;
587 } 574 }
575 EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH, EVP_R_INVALID_KEY_LENGTH);
576 return 0;
577}
588 578
589int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad) 579int
590 { 580EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
591 if (pad) ctx->flags &= ~EVP_CIPH_NO_PADDING; 581{
592 else ctx->flags |= EVP_CIPH_NO_PADDING; 582 if (pad)
583 ctx->flags &= ~EVP_CIPH_NO_PADDING;
584 else
585 ctx->flags |= EVP_CIPH_NO_PADDING;
593 return 1; 586 return 1;
594 } 587}
595 588
596int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) 589int
590EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
597{ 591{
598 int ret; 592 int ret;
599 if(!ctx->cipher) { 593
594 if (!ctx->cipher) {
600 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET); 595 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
601 return 0; 596 return 0;
602 } 597 }
603 598
604 if(!ctx->cipher->ctrl) { 599 if (!ctx->cipher->ctrl) {
605 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED); 600 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
606 return 0; 601 return 0;
607 } 602 }
608 603
609 ret = ctx->cipher->ctrl(ctx, type, arg, ptr); 604 ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
610 if(ret == -1) { 605 if (ret == -1) {
611 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED); 606 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL,
607 EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
612 return 0; 608 return 0;
613 } 609 }
614 return ret; 610 return ret;
615} 611}
616 612
617int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) 613int
618 { 614EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
615{
619 if (ctx->cipher->flags & EVP_CIPH_RAND_KEY) 616 if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
620 return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key); 617 return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
621 if (RAND_bytes(key, ctx->key_len) <= 0) 618 if (RAND_bytes(key, ctx->key_len) <= 0)
622 return 0; 619 return 0;
623 return 1; 620 return 1;
624 } 621}
625 622
626int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) 623int
627 { 624EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
628 if ((in == NULL) || (in->cipher == NULL)) 625{
629 { 626 if ((in == NULL) || (in->cipher == NULL)) {
630 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); 627 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INPUT_NOT_INITIALIZED);
631 return 0; 628 return 0;
632 } 629 }
633#ifndef OPENSSL_NO_ENGINE 630#ifndef OPENSSL_NO_ENGINE
634 /* Make sure it's safe to copy a cipher context using an ENGINE */ 631 /* Make sure it's safe to copy a cipher context using an ENGINE */
635 if (in->engine && !ENGINE_init(in->engine)) 632 if (in->engine && !ENGINE_init(in->engine)) {
636 { 633 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_ENGINE_LIB);
637 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,ERR_R_ENGINE_LIB);
638 return 0; 634 return 0;
639 } 635 }
640#endif 636#endif
641 637
642 EVP_CIPHER_CTX_cleanup(out); 638 EVP_CIPHER_CTX_cleanup(out);
643 memcpy(out,in,sizeof *out); 639 memcpy(out, in, sizeof *out);
644 640
645 if (in->cipher_data && in->cipher->ctx_size) 641 if (in->cipher_data && in->cipher->ctx_size) {
646 { 642 out->cipher_data = malloc(in->cipher->ctx_size);
647 out->cipher_data=malloc(in->cipher->ctx_size); 643 if (!out->cipher_data) {
648 if (!out->cipher_data) 644 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE);
649 {
650 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,ERR_R_MALLOC_FAILURE);
651 return 0; 645 return 0;
652 }
653 memcpy(out->cipher_data,in->cipher_data,in->cipher->ctx_size);
654 } 646 }
647 memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
648 }
655 649
656 if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY) 650 if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
657 return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out); 651 return in->cipher->ctrl((EVP_CIPHER_CTX *)in,
652 EVP_CTRL_COPY, 0, out);
658 return 1; 653 return 1;
659 } 654}
660
diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c
index 08eab9882f..790459fab4 100644
--- a/src/lib/libcrypto/evp/evp_err.c
+++ b/src/lib/libcrypto/evp/evp_err.c
@@ -7,7 +7,7 @@
7 * are met: 7 * are met:
8 * 8 *
9 * 1. Redistributions of source code must retain the above copyright 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer. 10 * notice, this list of conditions and the following disclaimer.
11 * 11 *
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in 13 * notice, this list of conditions and the following disclaimer in
@@ -68,173 +68,170 @@
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0) 68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason) 69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason)
70 70
71static ERR_STRING_DATA EVP_str_functs[]= 71static ERR_STRING_DATA EVP_str_functs[]= {
72 { 72 {ERR_FUNC(EVP_F_AESNI_INIT_KEY), "AESNI_INIT_KEY"},
73{ERR_FUNC(EVP_F_AESNI_INIT_KEY), "AESNI_INIT_KEY"}, 73 {ERR_FUNC(EVP_F_AESNI_XTS_CIPHER), "AESNI_XTS_CIPHER"},
74{ERR_FUNC(EVP_F_AESNI_XTS_CIPHER), "AESNI_XTS_CIPHER"}, 74 {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
75{ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"}, 75 {ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"},
76{ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"}, 76 {ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"},
77{ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"}, 77 {ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"},
78{ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"}, 78 {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"},
79{ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"}, 79 {ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"},
80{ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"}, 80 {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
81{ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"}, 81 {ERR_FUNC(EVP_F_DO_SIGVER_INIT), "DO_SIGVER_INIT"},
82{ERR_FUNC(EVP_F_DO_SIGVER_INIT), "DO_SIGVER_INIT"}, 82 {ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"},
83{ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"}, 83 {ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"},
84{ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"}, 84 {ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"},
85{ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"}, 85 {ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"},
86{ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"}, 86 {ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
87{ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"}, 87 {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"},
88{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"}, 88 {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"},
89{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"}, 89 {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"},
90{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"}, 90 {ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"},
91{ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"}, 91 {ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"},
92{ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"}, 92 {ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"},
93{ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"}, 93 {ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"},
94{ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"}, 94 {ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_size"},
95{ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_size"}, 95 {ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"},
96{ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"}, 96 {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"},
97{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"}, 97 {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"},
98{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"}, 98 {ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"},
99{ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"}, 99 {ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"},
100{ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"}, 100 {ERR_FUNC(EVP_F_EVP_PKCS82PKEY_BROKEN), "EVP_PKCS82PKEY_BROKEN"},
101{ERR_FUNC(EVP_F_EVP_PKCS82PKEY_BROKEN), "EVP_PKCS82PKEY_BROKEN"}, 101 {ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"},
102{ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"}, 102 {ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"},
103{ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"}, 103 {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"},
104{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"}, 104 {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"},
105{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"}, 105 {ERR_FUNC(EVP_F_EVP_PKEY_CTX_DUP), "EVP_PKEY_CTX_dup"},
106{ERR_FUNC(EVP_F_EVP_PKEY_CTX_DUP), "EVP_PKEY_CTX_dup"}, 106 {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"},
107{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"}, 107 {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"},
108{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"}, 108 {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"},
109{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"}, 109 {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive"},
110{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive"}, 110 {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_derive_init"},
111{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_derive_init"}, 111 {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_derive_set_peer"},
112{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_derive_set_peer"}, 112 {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"},
113{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"}, 113 {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"},
114{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"}, 114 {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"},
115{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"}, 115 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"},
116{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"}, 116 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"},
117{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"}, 117 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"},
118{ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"}, 118 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"},
119{ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"}, 119 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"},
120{ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"}, 120 {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
121{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"}, 121 {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"},
122{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"}, 122 {ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
123{ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"}, 123 {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"},
124{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"}, 124 {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"},
125{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"}, 125 {ERR_FUNC(EVP_F_EVP_PKEY_SIGN), "EVP_PKEY_sign"},
126{ERR_FUNC(EVP_F_EVP_PKEY_SIGN), "EVP_PKEY_sign"}, 126 {ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT), "EVP_PKEY_sign_init"},
127{ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT), "EVP_PKEY_sign_init"}, 127 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY), "EVP_PKEY_verify"},
128{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY), "EVP_PKEY_verify"}, 128 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_verify_init"},
129{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_verify_init"}, 129 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"},
130{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"}, 130 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT), "EVP_PKEY_verify_recover_init"},
131{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT), "EVP_PKEY_verify_recover_init"}, 131 {ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
132{ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"}, 132 {ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
133{ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"}, 133 {ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"},
134{ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"}, 134 {ERR_FUNC(EVP_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"},
135{ERR_FUNC(EVP_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"}, 135 {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_COPY), "FIPS_CIPHER_CTX_COPY"},
136{ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_COPY), "FIPS_CIPHER_CTX_COPY"}, 136 {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
137{ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"}, 137 {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH), "FIPS_CIPHER_CTX_SET_KEY_LENGTH"},
138{ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH), "FIPS_CIPHER_CTX_SET_KEY_LENGTH"}, 138 {ERR_FUNC(EVP_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"},
139{ERR_FUNC(EVP_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"}, 139 {ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY), "FIPS_MD_CTX_COPY"},
140{ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY), "FIPS_MD_CTX_COPY"}, 140 {ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"},
141{ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"}, 141 {ERR_FUNC(EVP_F_INT_CTX_NEW), "INT_CTX_NEW"},
142{ERR_FUNC(EVP_F_INT_CTX_NEW), "INT_CTX_NEW"}, 142 {ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"},
143{ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"}, 143 {ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
144{ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"}, 144 {ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_V2_PBKDF2_KEYIVGEN"},
145{ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_V2_PBKDF2_KEYIVGEN"}, 145 {ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"},
146{ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"}, 146 {ERR_FUNC(EVP_F_PKEY_SET_TYPE), "PKEY_SET_TYPE"},
147{ERR_FUNC(EVP_F_PKEY_SET_TYPE), "PKEY_SET_TYPE"}, 147 {ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"},
148{ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"}, 148 {ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"},
149{ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"}, 149 {0, NULL}
150{0,NULL} 150};
151 };
152 151
153static ERR_STRING_DATA EVP_str_reasons[]= 152static ERR_STRING_DATA EVP_str_reasons[]= {
154 { 153 {ERR_REASON(EVP_R_AES_IV_SETUP_FAILED) , "aes iv setup failed"},
155{ERR_REASON(EVP_R_AES_IV_SETUP_FAILED) ,"aes iv setup failed"}, 154 {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED) , "aes key setup failed"},
156{ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED) ,"aes key setup failed"}, 155 {ERR_REASON(EVP_R_ASN1_LIB) , "asn1 lib"},
157{ERR_REASON(EVP_R_ASN1_LIB) ,"asn1 lib"}, 156 {ERR_REASON(EVP_R_BAD_BLOCK_LENGTH) , "bad block length"},
158{ERR_REASON(EVP_R_BAD_BLOCK_LENGTH) ,"bad block length"}, 157 {ERR_REASON(EVP_R_BAD_DECRYPT) , "bad decrypt"},
159{ERR_REASON(EVP_R_BAD_DECRYPT) ,"bad decrypt"}, 158 {ERR_REASON(EVP_R_BAD_KEY_LENGTH) , "bad key length"},
160{ERR_REASON(EVP_R_BAD_KEY_LENGTH) ,"bad key length"}, 159 {ERR_REASON(EVP_R_BN_DECODE_ERROR) , "bn decode error"},
161{ERR_REASON(EVP_R_BN_DECODE_ERROR) ,"bn decode error"}, 160 {ERR_REASON(EVP_R_BN_PUBKEY_ERROR) , "bn pubkey error"},
162{ERR_REASON(EVP_R_BN_PUBKEY_ERROR) ,"bn pubkey error"}, 161 {ERR_REASON(EVP_R_BUFFER_TOO_SMALL) , "buffer too small"},
163{ERR_REASON(EVP_R_BUFFER_TOO_SMALL) ,"buffer too small"}, 162 {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED), "camellia key setup failed"},
164{ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED),"camellia key setup failed"}, 163 {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR), "cipher parameter error"},
165{ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR),"cipher parameter error"}, 164 {ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED) , "command not supported"},
166{ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED) ,"command not supported"}, 165 {ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) , "ctrl not implemented"},
167{ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) ,"ctrl not implemented"}, 166 {ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED), "ctrl operation not implemented"},
168{ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),"ctrl operation not implemented"}, 167 {ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH), "data not multiple of block length"},
169{ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),"data not multiple of block length"}, 168 {ERR_REASON(EVP_R_DECODE_ERROR) , "decode error"},
170{ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"}, 169 {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) , "different key types"},
171{ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"}, 170 {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) , "different parameters"},
172{ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) ,"different parameters"}, 171 {ERR_REASON(EVP_R_DISABLED_FOR_FIPS) , "disabled for fips"},
173{ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"}, 172 {ERR_REASON(EVP_R_ENCODE_ERROR) , "encode error"},
174{ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"}, 173 {ERR_REASON(EVP_R_ERROR_LOADING_SECTION) , "error loading section"},
175{ERR_REASON(EVP_R_ERROR_LOADING_SECTION) ,"error loading section"}, 174 {ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE), "error setting fips mode"},
176{ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE),"error setting fips mode"}, 175 {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR), "evp pbe cipherinit error"},
177{ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"}, 176 {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) , "expecting an rsa key"},
178{ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"}, 177 {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) , "expecting a dh key"},
179{ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"}, 178 {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) , "expecting a dsa key"},
180{ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"}, 179 {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) , "expecting a ecdsa key"},
181{ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"}, 180 {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) , "expecting a ec key"},
182{ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) ,"expecting a ec key"}, 181 {ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"},
183{ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED),"fips mode not supported"}, 182 {ERR_REASON(EVP_R_INITIALIZATION_ERROR) , "initialization error"},
184{ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"}, 183 {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) , "input not initialized"},
185{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"}, 184 {ERR_REASON(EVP_R_INVALID_DIGEST) , "invalid digest"},
186{ERR_REASON(EVP_R_INVALID_DIGEST) ,"invalid digest"}, 185 {ERR_REASON(EVP_R_INVALID_FIPS_MODE) , "invalid fips mode"},
187{ERR_REASON(EVP_R_INVALID_FIPS_MODE) ,"invalid fips mode"}, 186 {ERR_REASON(EVP_R_INVALID_KEY_LENGTH) , "invalid key length"},
188{ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"}, 187 {ERR_REASON(EVP_R_INVALID_OPERATION) , "invalid operation"},
189{ERR_REASON(EVP_R_INVALID_OPERATION) ,"invalid operation"}, 188 {ERR_REASON(EVP_R_IV_TOO_LARGE) , "iv too large"},
190{ERR_REASON(EVP_R_IV_TOO_LARGE) ,"iv too large"}, 189 {ERR_REASON(EVP_R_KEYGEN_FAILURE) , "keygen failure"},
191{ERR_REASON(EVP_R_KEYGEN_FAILURE) ,"keygen failure"}, 190 {ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL), "message digest is null"},
192{ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL),"message digest is null"}, 191 {ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED) , "method not supported"},
193{ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED) ,"method not supported"}, 192 {ERR_REASON(EVP_R_MISSING_PARAMETERS) , "missing parameters"},
194{ERR_REASON(EVP_R_MISSING_PARAMETERS) ,"missing parameters"}, 193 {ERR_REASON(EVP_R_NO_CIPHER_SET) , "no cipher set"},
195{ERR_REASON(EVP_R_NO_CIPHER_SET) ,"no cipher set"}, 194 {ERR_REASON(EVP_R_NO_DEFAULT_DIGEST) , "no default digest"},
196{ERR_REASON(EVP_R_NO_DEFAULT_DIGEST) ,"no default digest"}, 195 {ERR_REASON(EVP_R_NO_DIGEST_SET) , "no digest set"},
197{ERR_REASON(EVP_R_NO_DIGEST_SET) ,"no digest set"}, 196 {ERR_REASON(EVP_R_NO_DSA_PARAMETERS) , "no dsa parameters"},
198{ERR_REASON(EVP_R_NO_DSA_PARAMETERS) ,"no dsa parameters"}, 197 {ERR_REASON(EVP_R_NO_KEY_SET) , "no key set"},
199{ERR_REASON(EVP_R_NO_KEY_SET) ,"no key set"}, 198 {ERR_REASON(EVP_R_NO_OPERATION_SET) , "no operation set"},
200{ERR_REASON(EVP_R_NO_OPERATION_SET) ,"no operation set"}, 199 {ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED), "no sign function configured"},
201{ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED),"no sign function configured"}, 200 {ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED), "no verify function configured"},
202{ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),"no verify function configured"}, 201 {ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE), "operation not supported for this keytype"},
203{ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"}, 202 {ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
204{ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED),"operaton not initialized"}, 203 {ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE), "pkcs8 unknown broken type"},
205{ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE),"pkcs8 unknown broken type"}, 204 {ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"},
206{ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR),"private key decode error"}, 205 {ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"},
207{ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR),"private key encode error"}, 206 {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) , "public key not rsa"},
208{ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) ,"public key not rsa"}, 207 {ERR_REASON(EVP_R_TOO_LARGE) , "too large"},
209{ERR_REASON(EVP_R_TOO_LARGE) ,"too large"}, 208 {ERR_REASON(EVP_R_UNKNOWN_CIPHER) , "unknown cipher"},
210{ERR_REASON(EVP_R_UNKNOWN_CIPHER) ,"unknown cipher"}, 209 {ERR_REASON(EVP_R_UNKNOWN_DIGEST) , "unknown digest"},
211{ERR_REASON(EVP_R_UNKNOWN_DIGEST) ,"unknown digest"}, 210 {ERR_REASON(EVP_R_UNKNOWN_OPTION) , "unknown option"},
212{ERR_REASON(EVP_R_UNKNOWN_OPTION) ,"unknown option"}, 211 {ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) , "unknown pbe algorithm"},
213{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"}, 212 {ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS), "unsuported number of rounds"},
214{ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"}, 213 {ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) , "unsupported algorithm"},
215{ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) ,"unsupported algorithm"}, 214 {ERR_REASON(EVP_R_UNSUPPORTED_CIPHER) , "unsupported cipher"},
216{ERR_REASON(EVP_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"}, 215 {ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH) , "unsupported keylength"},
217{ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH) ,"unsupported keylength"}, 216 {ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION), "unsupported key derivation function"},
218{ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION),"unsupported key derivation function"}, 217 {ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE) , "unsupported key size"},
219{ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE) ,"unsupported key size"}, 218 {ERR_REASON(EVP_R_UNSUPPORTED_PRF) , "unsupported prf"},
220{ERR_REASON(EVP_R_UNSUPPORTED_PRF) ,"unsupported prf"}, 219 {ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM), "unsupported private key algorithm"},
221{ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM),"unsupported private key algorithm"}, 220 {ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE) , "unsupported salt type"},
222{ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE) ,"unsupported salt type"}, 221 {ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH), "wrong final block length"},
223{ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH),"wrong final block length"}, 222 {ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE) , "wrong public key type"},
224{ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE) ,"wrong public key type"}, 223 {0, NULL}
225{0,NULL} 224};
226 };
227 225
228#endif 226#endif
229 227
230void ERR_load_EVP_strings(void) 228void
231 { 229ERR_load_EVP_strings(void)
230{
232#ifndef OPENSSL_NO_ERR 231#ifndef OPENSSL_NO_ERR
233 232 if (ERR_func_error_string(EVP_str_functs[0].error) == NULL) {
234 if (ERR_func_error_string(EVP_str_functs[0].error) == NULL) 233 ERR_load_strings(0, EVP_str_functs);
235 { 234 ERR_load_strings(0, EVP_str_reasons);
236 ERR_load_strings(0,EVP_str_functs);
237 ERR_load_strings(0,EVP_str_reasons);
238 }
239#endif
240 } 235 }
236#endif
237}
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c
index b3cb0638fa..445456d3a7 100644
--- a/src/lib/libcrypto/evp/evp_key.c
+++ b/src/lib/libcrypto/evp/evp_key.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -66,123 +66,129 @@
66/* should be init to zeros. */ 66/* should be init to zeros. */
67static char prompt_string[80]; 67static char prompt_string[80];
68 68
69void EVP_set_pw_prompt(const char *prompt) 69void
70 { 70EVP_set_pw_prompt(const char *prompt)
71{
71 if (prompt == NULL) 72 if (prompt == NULL)
72 prompt_string[0]='\0'; 73 prompt_string[0] = '\0';
73 else 74 else {
74 { 75 strlcpy(prompt_string, prompt, sizeof(prompt_string));
75 strlcpy(prompt_string,prompt,sizeof(prompt_string));
76 }
77 } 76 }
77}
78 78
79char *EVP_get_pw_prompt(void) 79char *
80 { 80EVP_get_pw_prompt(void)
81{
81 if (prompt_string[0] == '\0') 82 if (prompt_string[0] == '\0')
82 return(NULL); 83 return (NULL);
83 else 84 else
84 return(prompt_string); 85 return (prompt_string);
85 } 86}
86 87
87/* For historical reasons, the standard function for reading passwords is 88/* For historical reasons, the standard function for reading passwords is
88 * in the DES library -- if someone ever wants to disable DES, 89 * in the DES library -- if someone ever wants to disable DES,
89 * this function will fail */ 90 * this function will fail */
90int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) 91int
91 { 92EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
93{
92 return EVP_read_pw_string_min(buf, 0, len, prompt, verify); 94 return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
93 } 95}
94 96
95int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, int verify) 97int
96 { 98EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
99 int verify)
100{
97 int ret; 101 int ret;
98 char buff[BUFSIZ]; 102 char buff[BUFSIZ];
99 UI *ui; 103 UI *ui;
100 104
101 if ((prompt == NULL) && (prompt_string[0] != '\0')) 105 if ((prompt == NULL) && (prompt_string[0] != '\0'))
102 prompt=prompt_string; 106 prompt = prompt_string;
103 ui = UI_new(); 107 ui = UI_new();
104 UI_add_input_string(ui,prompt,0,buf,min,(len>=BUFSIZ)?BUFSIZ-1:len); 108 UI_add_input_string(ui, prompt, 0,buf, min,
109 (len >= BUFSIZ) ? BUFSIZ - 1 : len);
105 if (verify) 110 if (verify)
106 UI_add_verify_string(ui,prompt,0, 111 UI_add_verify_string(ui, prompt, 0, buff, min,
107 buff,min,(len>=BUFSIZ)?BUFSIZ-1:len,buf); 112 (len >= BUFSIZ) ? BUFSIZ - 1 : len, buf);
108 ret = UI_process(ui); 113 ret = UI_process(ui);
109 UI_free(ui); 114 UI_free(ui);
110 OPENSSL_cleanse(buff,BUFSIZ); 115 OPENSSL_cleanse(buff, BUFSIZ);
111 return ret; 116 return ret;
112 } 117}
113 118
114int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, 119int
115 const unsigned char *salt, const unsigned char *data, int datal, 120EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
116 int count, unsigned char *key, unsigned char *iv) 121 const unsigned char *salt, const unsigned char *data, int datal,
117 { 122 int count, unsigned char *key, unsigned char *iv)
123{
118 EVP_MD_CTX c; 124 EVP_MD_CTX c;
119 unsigned char md_buf[EVP_MAX_MD_SIZE]; 125 unsigned char md_buf[EVP_MAX_MD_SIZE];
120 int niv,nkey,addmd=0; 126 int niv, nkey, addmd = 0;
121 unsigned int mds=0,i; 127 unsigned int mds = 0, i;
122 int rv = 0; 128 int rv = 0;
123 nkey=type->key_len; 129 nkey = type->key_len;
124 niv=type->iv_len; 130 niv = type->iv_len;
125 OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH); 131 OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
126 OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH); 132 OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
127 133
128 if (data == NULL) return(nkey); 134 if (data == NULL)
135 return (nkey);
129 136
130 EVP_MD_CTX_init(&c); 137 EVP_MD_CTX_init(&c);
131 for (;;) 138 for (;;) {
132 { 139 if (!EVP_DigestInit_ex(&c, md, NULL))
133 if (!EVP_DigestInit_ex(&c,md, NULL))
134 return 0; 140 return 0;
135 if (addmd++) 141 if (addmd++)
136 if (!EVP_DigestUpdate(&c,&(md_buf[0]),mds)) 142 if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
137 goto err; 143 goto err;
138 if (!EVP_DigestUpdate(&c,data,datal)) 144 if (!EVP_DigestUpdate(&c, data, datal))
139 goto err; 145 goto err;
140 if (salt != NULL) 146 if (salt != NULL)
141 if (!EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN)) 147 if (!EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN))
142 goto err; 148 goto err;
143 if (!EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds)) 149 if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
144 goto err; 150 goto err;
145 151
146 for (i=1; i<(unsigned int)count; i++) 152 for (i = 1; i < (unsigned int)count; i++) {
147 { 153 if (!EVP_DigestInit_ex(&c, md, NULL))
148 if (!EVP_DigestInit_ex(&c,md, NULL))
149 goto err; 154 goto err;
150 if (!EVP_DigestUpdate(&c,&(md_buf[0]),mds)) 155 if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
151 goto err; 156 goto err;
152 if (!EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds)) 157 if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
153 goto err; 158 goto err;
154 } 159 }
155 i=0; 160 i = 0;
156 if (nkey) 161 if (nkey) {
157 { 162 for (;;) {
158 for (;;) 163 if (nkey == 0)
159 { 164 break;
160 if (nkey == 0) break; 165 if (i == mds)
161 if (i == mds) break; 166 break;
162 if (key != NULL) 167 if (key != NULL)
163 *(key++)=md_buf[i]; 168 *(key++) = md_buf[i];
164 nkey--; 169 nkey--;
165 i++; 170 i++;
166 }
167 } 171 }
168 if (niv && (i != mds)) 172 }
169 { 173 if (niv && (i != mds)) {
170 for (;;) 174 for (;;) {
171 { 175 if (niv == 0)
172 if (niv == 0) break; 176 break;
173 if (i == mds) break; 177 if (i == mds)
178 break;
174 if (iv != NULL) 179 if (iv != NULL)
175 *(iv++)=md_buf[i]; 180 *(iv++) = md_buf[i];
176 niv--; 181 niv--;
177 i++; 182 i++;
178 }
179 } 183 }
180 if ((nkey == 0) && (niv == 0)) break;
181 } 184 }
185 if ((nkey == 0) && (niv == 0))
186 break;
187 }
182 rv = type->key_len; 188 rv = type->key_len;
183 err: 189
190err:
184 EVP_MD_CTX_cleanup(&c); 191 EVP_MD_CTX_cleanup(&c);
185 OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE); 192 OPENSSL_cleanse(&(md_buf[0]), EVP_MAX_MD_SIZE);
186 return rv; 193 return rv;
187 } 194}
188
diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c
index b180e4828a..791f6b8fb1 100644
--- a/src/lib/libcrypto/evp/evp_lib.c
+++ b/src/lib/libcrypto/evp/evp_lib.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -61,256 +61,278 @@
61#include <openssl/evp.h> 61#include <openssl/evp.h>
62#include <openssl/objects.h> 62#include <openssl/objects.h>
63 63
64int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) 64int
65 { 65EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
66{
66 int ret; 67 int ret;
67 68
68 if (c->cipher->set_asn1_parameters != NULL) 69 if (c->cipher->set_asn1_parameters != NULL)
69 ret=c->cipher->set_asn1_parameters(c,type); 70 ret = c->cipher->set_asn1_parameters(c, type);
70 else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) 71 else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
71 ret=EVP_CIPHER_set_asn1_iv(c, type); 72 ret = EVP_CIPHER_set_asn1_iv(c, type);
72 else 73 else
73 ret=-1; 74 ret = -1;
74 return(ret); 75 return (ret);
75 } 76}
76 77
77int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type) 78int
78 { 79EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
80{
79 int ret; 81 int ret;
80 82
81 if (c->cipher->get_asn1_parameters != NULL) 83 if (c->cipher->get_asn1_parameters != NULL)
82 ret=c->cipher->get_asn1_parameters(c,type); 84 ret = c->cipher->get_asn1_parameters(c, type);
83 else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) 85 else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
84 ret=EVP_CIPHER_get_asn1_iv(c, type); 86 ret = EVP_CIPHER_get_asn1_iv(c, type);
85 else 87 else
86 ret=-1; 88 ret = -1;
87 return(ret); 89 return (ret);
88 } 90}
89 91
90int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) 92int
91 { 93EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
92 int i=0; 94{
95 int i = 0;
93 unsigned int l; 96 unsigned int l;
94 97
95 if (type != NULL) 98 if (type != NULL) {
96 { 99 l = EVP_CIPHER_CTX_iv_length(c);
97 l=EVP_CIPHER_CTX_iv_length(c);
98 OPENSSL_assert(l <= sizeof(c->iv)); 100 OPENSSL_assert(l <= sizeof(c->iv));
99 i=ASN1_TYPE_get_octetstring(type,c->oiv,l); 101 i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
100 if (i != (int)l) 102 if (i != (int)l)
101 return(-1); 103 return (-1);
102 else if (i > 0) 104 else if (i > 0)
103 memcpy(c->iv,c->oiv,l); 105 memcpy(c->iv, c->oiv, l);
104 }
105 return(i);
106 } 106 }
107 return (i);
108}
107 109
108int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) 110int
109 { 111EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
110 int i=0; 112{
113 int i = 0;
111 unsigned int j; 114 unsigned int j;
112 115
113 if (type != NULL) 116 if (type != NULL) {
114 { 117 j = EVP_CIPHER_CTX_iv_length(c);
115 j=EVP_CIPHER_CTX_iv_length(c);
116 OPENSSL_assert(j <= sizeof(c->iv)); 118 OPENSSL_assert(j <= sizeof(c->iv));
117 i=ASN1_TYPE_set_octetstring(type,c->oiv,j); 119 i = ASN1_TYPE_set_octetstring(type, c->oiv, j);
118 }
119 return(i);
120 } 120 }
121 return (i);
122}
121 123
122/* Convert the various cipher NIDs and dummies to a proper OID NID */ 124/* Convert the various cipher NIDs and dummies to a proper OID NID */
123int EVP_CIPHER_type(const EVP_CIPHER *ctx) 125int
126EVP_CIPHER_type(const EVP_CIPHER *ctx)
124{ 127{
125 int nid; 128 int nid;
126 ASN1_OBJECT *otmp; 129 ASN1_OBJECT *otmp;
127 nid = EVP_CIPHER_nid(ctx); 130 nid = EVP_CIPHER_nid(ctx);
128 131
129 switch(nid) { 132 switch (nid) {
130 133 case NID_rc2_cbc:
131 case NID_rc2_cbc: 134 case NID_rc2_64_cbc:
132 case NID_rc2_64_cbc: 135 case NID_rc2_40_cbc:
133 case NID_rc2_40_cbc:
134
135 return NID_rc2_cbc; 136 return NID_rc2_cbc;
136 137
137 case NID_rc4: 138 case NID_rc4:
138 case NID_rc4_40: 139 case NID_rc4_40:
139
140 return NID_rc4; 140 return NID_rc4;
141 141
142 case NID_aes_128_cfb128: 142 case NID_aes_128_cfb128:
143 case NID_aes_128_cfb8: 143 case NID_aes_128_cfb8:
144 case NID_aes_128_cfb1: 144 case NID_aes_128_cfb1:
145
146 return NID_aes_128_cfb128; 145 return NID_aes_128_cfb128;
147 146
148 case NID_aes_192_cfb128: 147 case NID_aes_192_cfb128:
149 case NID_aes_192_cfb8: 148 case NID_aes_192_cfb8:
150 case NID_aes_192_cfb1: 149 case NID_aes_192_cfb1:
151
152 return NID_aes_192_cfb128; 150 return NID_aes_192_cfb128;
153 151
154 case NID_aes_256_cfb128: 152 case NID_aes_256_cfb128:
155 case NID_aes_256_cfb8: 153 case NID_aes_256_cfb8:
156 case NID_aes_256_cfb1: 154 case NID_aes_256_cfb1:
157
158 return NID_aes_256_cfb128; 155 return NID_aes_256_cfb128;
159 156
160 case NID_des_cfb64: 157 case NID_des_cfb64:
161 case NID_des_cfb8: 158 case NID_des_cfb8:
162 case NID_des_cfb1: 159 case NID_des_cfb1:
163
164 return NID_des_cfb64; 160 return NID_des_cfb64;
165 161
166 case NID_des_ede3_cfb64: 162 case NID_des_ede3_cfb64:
167 case NID_des_ede3_cfb8: 163 case NID_des_ede3_cfb8:
168 case NID_des_ede3_cfb1: 164 case NID_des_ede3_cfb1:
169
170 return NID_des_cfb64; 165 return NID_des_cfb64;
171 166
172 default: 167 default:
173 /* Check it has an OID and it is valid */ 168 /* Check it has an OID and it is valid */
174 otmp = OBJ_nid2obj(nid); 169 otmp = OBJ_nid2obj(nid);
175 if(!otmp || !otmp->data) nid = NID_undef; 170 if (!otmp || !otmp->data)
171 nid = NID_undef;
176 ASN1_OBJECT_free(otmp); 172 ASN1_OBJECT_free(otmp);
177 return nid; 173 return nid;
178 } 174 }
179} 175}
180 176
181int EVP_CIPHER_block_size(const EVP_CIPHER *e) 177int
182 { 178EVP_CIPHER_block_size(const EVP_CIPHER *e)
179{
183 return e->block_size; 180 return e->block_size;
184 } 181}
185 182
186int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx) 183int
187 { 184EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
185{
188 return ctx->cipher->block_size; 186 return ctx->cipher->block_size;
189 } 187}
190 188
191int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) 189int
192 { 190EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
193 return ctx->cipher->do_cipher(ctx,out,in,inl); 191 unsigned int inl)
194 } 192{
193 return ctx->cipher->do_cipher(ctx, out, in, inl);
194}
195 195
196const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx) 196const EVP_CIPHER *
197 { 197EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
198{
198 return ctx->cipher; 199 return ctx->cipher;
199 } 200}
200 201
201unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher) 202unsigned long
202 { 203EVP_CIPHER_flags(const EVP_CIPHER *cipher)
204{
203 return cipher->flags; 205 return cipher->flags;
204 } 206}
205 207
206unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx) 208unsigned long
207 { 209EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
210{
208 return ctx->cipher->flags; 211 return ctx->cipher->flags;
209 } 212}
210 213
211void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) 214void *
212 { 215EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
216{
213 return ctx->app_data; 217 return ctx->app_data;
214 } 218}
215 219
216void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data) 220void
217 { 221EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
222{
218 ctx->app_data = data; 223 ctx->app_data = data;
219 } 224}
220 225
221int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher) 226int
222 { 227EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
228{
223 return cipher->iv_len; 229 return cipher->iv_len;
224 } 230}
225 231
226int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) 232int
227 { 233EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
234{
228 return ctx->cipher->iv_len; 235 return ctx->cipher->iv_len;
229 } 236}
230 237
231int EVP_CIPHER_key_length(const EVP_CIPHER *cipher) 238int
232 { 239EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
240{
233 return cipher->key_len; 241 return cipher->key_len;
234 } 242}
235 243
236int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx) 244int
237 { 245EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
246{
238 return ctx->key_len; 247 return ctx->key_len;
239 } 248}
240 249
241int EVP_CIPHER_nid(const EVP_CIPHER *cipher) 250int
242 { 251EVP_CIPHER_nid(const EVP_CIPHER *cipher)
252{
243 return cipher->nid; 253 return cipher->nid;
244 } 254}
245 255
246int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx) 256int
247 { 257EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
258{
248 return ctx->cipher->nid; 259 return ctx->cipher->nid;
249 } 260}
250 261
251int EVP_MD_block_size(const EVP_MD *md) 262int
252 { 263EVP_MD_block_size(const EVP_MD *md)
264{
253 return md->block_size; 265 return md->block_size;
254 } 266}
255 267
256int EVP_MD_type(const EVP_MD *md) 268int
257 { 269EVP_MD_type(const EVP_MD *md)
270{
258 return md->type; 271 return md->type;
259 } 272}
260 273
261int EVP_MD_pkey_type(const EVP_MD *md) 274int
262 { 275EVP_MD_pkey_type(const EVP_MD *md)
276{
263 return md->pkey_type; 277 return md->pkey_type;
264 } 278}
265 279
266int EVP_MD_size(const EVP_MD *md) 280int
267 { 281EVP_MD_size(const EVP_MD *md)
268 if (!md) 282{
269 { 283 if (!md) {
270 EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL); 284 EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
271 return -1; 285 return -1;
272 }
273 return md->md_size;
274 } 286 }
287 return md->md_size;
288}
275 289
276unsigned long EVP_MD_flags(const EVP_MD *md) 290unsigned long
277 { 291EVP_MD_flags(const EVP_MD *md)
292{
278 return md->flags; 293 return md->flags;
279 } 294}
280 295
281const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx) 296const EVP_MD *
282 { 297EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
298{
283 if (!ctx) 299 if (!ctx)
284 return NULL; 300 return NULL;
285 return ctx->digest; 301 return ctx->digest;
286 } 302}
287 303
288void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags) 304void
289 { 305EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
306{
290 ctx->flags |= flags; 307 ctx->flags |= flags;
291 } 308}
292 309
293void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags) 310void
294 { 311EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
312{
295 ctx->flags &= ~flags; 313 ctx->flags &= ~flags;
296 } 314}
297 315
298int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags) 316int
299 { 317EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
318{
300 return (ctx->flags & flags); 319 return (ctx->flags & flags);
301 } 320}
302 321
303void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags) 322void
304 { 323EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
324{
305 ctx->flags |= flags; 325 ctx->flags |= flags;
306 } 326}
307 327
308void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags) 328void
309 { 329EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
330{
310 ctx->flags &= ~flags; 331 ctx->flags &= ~flags;
311 } 332}
312 333
313int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags) 334int
314 { 335EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
336{
315 return (ctx->flags & flags); 337 return (ctx->flags & flags);
316 } 338}
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c
index 37683af76a..779c1592da 100644
--- a/src/lib/libcrypto/evp/evp_pbe.c
+++ b/src/lib/libcrypto/evp/evp_pbe.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -70,50 +70,36 @@ static STACK_OF(EVP_PBE_CTL) *pbe_algs;
70 70
71/* Setup a cipher context from a PBE algorithm */ 71/* Setup a cipher context from a PBE algorithm */
72 72
73typedef struct 73typedef struct {
74 {
75 int pbe_type; 74 int pbe_type;
76 int pbe_nid; 75 int pbe_nid;
77 int cipher_nid; 76 int cipher_nid;
78 int md_nid; 77 int md_nid;
79 EVP_PBE_KEYGEN *keygen; 78 EVP_PBE_KEYGEN *keygen;
80 } EVP_PBE_CTL; 79} EVP_PBE_CTL;
81 80
82static const EVP_PBE_CTL builtin_pbe[] = 81static const EVP_PBE_CTL builtin_pbe[] = {
83 { 82 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC, NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},
84 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC, 83 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC, NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
85 NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen}, 84 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC, NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
86 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC,
87 NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
88 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC,
89 NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
90 85
91#ifndef OPENSSL_NO_HMAC 86#ifndef OPENSSL_NO_HMAC
92 {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen}, 87 {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
93#endif 88#endif
94 89
95 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4, 90 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4, NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},
96 NID_rc4, NID_sha1, PKCS12_PBE_keyivgen}, 91 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4, NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen},
97 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4, 92 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen},
98 NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen}, 93 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC, NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},
99 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 94 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC, NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},
100 NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen}, 95 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC, NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},
101 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
102 NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},
103 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC,
104 NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},
105 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC,
106 NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},
107 96
108#ifndef OPENSSL_NO_HMAC 97#ifndef OPENSSL_NO_HMAC
109 {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen}, 98 {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen},
110#endif 99#endif
111 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC, 100 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC, NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen},
112 NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen}, 101 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC, NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},
113 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC, 102 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC, NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},
114 NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},
115 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC,
116 NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},
117 103
118 104
119 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0}, 105 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0},
@@ -123,141 +109,141 @@ static const EVP_PBE_CTL builtin_pbe[] =
123 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0}, 109 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},
124 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0}, 110 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},
125 {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0}, 111 {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},
126 }; 112};
127 113
128#ifdef TEST 114#ifdef TEST
129int main(int argc, char **argv) 115int
130 { 116main(int argc, char **argv)
117{
131 int i, nid_md, nid_cipher; 118 int i, nid_md, nid_cipher;
132 EVP_PBE_CTL *tpbe, *tpbe2; 119 EVP_PBE_CTL *tpbe, *tpbe2;
133 /*OpenSSL_add_all_algorithms();*/ 120 /*OpenSSL_add_all_algorithms();*/
134 121
135 for (i = 0; i < sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL); i++) 122 for (i = 0; i < sizeof(builtin_pbe) / sizeof(EVP_PBE_CTL); i++) {
136 {
137 tpbe = builtin_pbe + i; 123 tpbe = builtin_pbe + i;
138 fprintf(stderr, "%d %d %s ", tpbe->pbe_type, tpbe->pbe_nid, 124 fprintf(stderr, "%d %d %s ", tpbe->pbe_type, tpbe->pbe_nid,
139 OBJ_nid2sn(tpbe->pbe_nid)); 125 OBJ_nid2sn(tpbe->pbe_nid));
140 if (EVP_PBE_find(tpbe->pbe_type, tpbe->pbe_nid, 126 if (EVP_PBE_find(tpbe->pbe_type, tpbe->pbe_nid,
141 &nid_cipher ,&nid_md,0)) 127 &nid_cipher , &nid_md, 0))
142 fprintf(stderr, "Found %s %s\n", 128 fprintf(stderr, "Found %s %s\n",
143 OBJ_nid2sn(nid_cipher), 129 OBJ_nid2sn(nid_cipher), OBJ_nid2sn(nid_md));
144 OBJ_nid2sn(nid_md));
145 else 130 else
146 fprintf(stderr, "Find ERROR!!\n"); 131 fprintf(stderr, "Find ERROR!!\n");
147 } 132 }
148 133
149 return 0; 134 return 0;
150 } 135}
151#endif 136#endif
152
153
154 137
155int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, 138int
156 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de) 139EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
157 { 140 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
141{
158 const EVP_CIPHER *cipher; 142 const EVP_CIPHER *cipher;
159 const EVP_MD *md; 143 const EVP_MD *md;
160 int cipher_nid, md_nid; 144 int cipher_nid, md_nid;
161 EVP_PBE_KEYGEN *keygen; 145 EVP_PBE_KEYGEN *keygen;
162 146
163 if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj), 147 if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj),
164 &cipher_nid, &md_nid, &keygen)) 148 &cipher_nid, &md_nid, &keygen)) {
165 {
166 char obj_tmp[80]; 149 char obj_tmp[80];
167 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM); 150 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
168 if (!pbe_obj) strlcpy (obj_tmp, "NULL", sizeof obj_tmp); 151 if (!pbe_obj)
169 else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj); 152 strlcpy (obj_tmp, "NULL", sizeof obj_tmp);
153 else
154 i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
170 ERR_asprintf_error_data("TYPE=%s", obj_tmp); 155 ERR_asprintf_error_data("TYPE=%s", obj_tmp);
171 return 0; 156 return 0;
172 } 157 }
173 158
174 if(!pass) 159 if (!pass)
175 passlen = 0; 160 passlen = 0;
176 else if (passlen == -1) 161 else if (passlen == -1)
177 passlen = strlen(pass); 162 passlen = strlen(pass);
178 163
179 if (cipher_nid == -1) 164 if (cipher_nid == -1)
180 cipher = NULL; 165 cipher = NULL;
181 else 166 else {
182 {
183 cipher = EVP_get_cipherbynid(cipher_nid); 167 cipher = EVP_get_cipherbynid(cipher_nid);
184 if (!cipher) 168 if (!cipher) {
185 { 169 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_CIPHER);
186 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_CIPHER);
187 return 0; 170 return 0;
188 }
189 } 171 }
172 }
190 173
191 if (md_nid == -1) 174 if (md_nid == -1)
192 md = NULL; 175 md = NULL;
193 else 176 else {
194 {
195 md = EVP_get_digestbynid(md_nid); 177 md = EVP_get_digestbynid(md_nid);
196 if (!md) 178 if (!md) {
197 { 179 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_DIGEST);
198 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_DIGEST);
199 return 0; 180 return 0;
200 }
201 } 181 }
182 }
202 183
203 if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) 184 if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) {
204 { 185 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_KEYGEN_FAILURE);
205 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE);
206 return 0; 186 return 0;
207 } 187 }
208 return 1; 188 return 1;
209} 189}
210 190
211DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2); 191DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
212 192
213static int pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2) 193static int
214 { 194pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2)
195{
215 int ret = pbe1->pbe_type - pbe2->pbe_type; 196 int ret = pbe1->pbe_type - pbe2->pbe_type;
197
216 if (ret) 198 if (ret)
217 return ret; 199 return ret;
218 else 200 else
219 return pbe1->pbe_nid - pbe2->pbe_nid; 201 return pbe1->pbe_nid - pbe2->pbe_nid;
220 } 202}
221 203
222IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2); 204IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
223 205
224static int pbe_cmp(const EVP_PBE_CTL * const *a, const EVP_PBE_CTL * const *b) 206static int
225 { 207pbe_cmp(const EVP_PBE_CTL * const *a, const EVP_PBE_CTL * const *b)
208{
226 int ret = (*a)->pbe_type - (*b)->pbe_type; 209 int ret = (*a)->pbe_type - (*b)->pbe_type;
210
227 if (ret) 211 if (ret)
228 return ret; 212 return ret;
229 else 213 else
230 return (*a)->pbe_nid - (*b)->pbe_nid; 214 return (*a)->pbe_nid - (*b)->pbe_nid;
231 } 215}
232 216
233/* Add a PBE algorithm */ 217/* Add a PBE algorithm */
234 218
235int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid, 219int
236 EVP_PBE_KEYGEN *keygen) 220EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
237 { 221 EVP_PBE_KEYGEN *keygen)
222{
238 EVP_PBE_CTL *pbe_tmp; 223 EVP_PBE_CTL *pbe_tmp;
224
239 if (!pbe_algs) 225 if (!pbe_algs)
240 pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp); 226 pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
241 if (!(pbe_tmp = (EVP_PBE_CTL*) malloc (sizeof(EVP_PBE_CTL)))) 227 if (!(pbe_tmp = (EVP_PBE_CTL*) malloc (sizeof(EVP_PBE_CTL)))) {
242 { 228 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
243 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE,ERR_R_MALLOC_FAILURE);
244 return 0; 229 return 0;
245 } 230 }
246 pbe_tmp->pbe_type = pbe_type; 231 pbe_tmp->pbe_type = pbe_type;
247 pbe_tmp->pbe_nid = pbe_nid; 232 pbe_tmp->pbe_nid = pbe_nid;
248 pbe_tmp->cipher_nid = cipher_nid; 233 pbe_tmp->cipher_nid = cipher_nid;
249 pbe_tmp->md_nid = md_nid; 234 pbe_tmp->md_nid = md_nid;
250 pbe_tmp->keygen = keygen; 235 pbe_tmp->keygen = keygen;
251 236
252
253 sk_EVP_PBE_CTL_push (pbe_algs, pbe_tmp); 237 sk_EVP_PBE_CTL_push (pbe_algs, pbe_tmp);
254 return 1; 238 return 1;
255 } 239}
256 240
257int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, 241int
258 EVP_PBE_KEYGEN *keygen) 242EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
259 { 243 EVP_PBE_KEYGEN *keygen)
244{
260 int cipher_nid, md_nid; 245 int cipher_nid, md_nid;
246
261 if (cipher) 247 if (cipher)
262 cipher_nid = EVP_CIPHER_type(cipher); 248 cipher_nid = EVP_CIPHER_type(cipher);
263 else 249 else
@@ -268,12 +254,13 @@ int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
268 md_nid = -1; 254 md_nid = -1;
269 255
270 return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid, 256 return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid,
271 cipher_nid, md_nid, keygen); 257 cipher_nid, md_nid, keygen);
272 } 258}
273 259
274int EVP_PBE_find(int type, int pbe_nid, 260int
275 int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen) 261EVP_PBE_find(int type, int pbe_nid,
276 { 262 int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen)
263{
277 EVP_PBE_CTL *pbetmp = NULL, pbelu; 264 EVP_PBE_CTL *pbetmp = NULL, pbelu;
278 int i; 265 int i;
279 if (pbe_nid == NID_undef) 266 if (pbe_nid == NID_undef)
@@ -282,17 +269,15 @@ int EVP_PBE_find(int type, int pbe_nid,
282 pbelu.pbe_type = type; 269 pbelu.pbe_type = type;
283 pbelu.pbe_nid = pbe_nid; 270 pbelu.pbe_nid = pbe_nid;
284 271
285 if (pbe_algs) 272 if (pbe_algs) {
286 {
287 i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu); 273 i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu);
288 if (i != -1) 274 if (i != -1)
289 pbetmp = sk_EVP_PBE_CTL_value (pbe_algs, i); 275 pbetmp = sk_EVP_PBE_CTL_value (pbe_algs, i);
290 } 276 }
291 if (pbetmp == NULL) 277 if (pbetmp == NULL) {
292 {
293 pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe, 278 pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe,
294 sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL)); 279 sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL));
295 } 280 }
296 if (pbetmp == NULL) 281 if (pbetmp == NULL)
297 return 0; 282 return 0;
298 if (pcnid) 283 if (pcnid)
@@ -302,15 +287,17 @@ int EVP_PBE_find(int type, int pbe_nid,
302 if (pkeygen) 287 if (pkeygen)
303 *pkeygen = pbetmp->keygen; 288 *pkeygen = pbetmp->keygen;
304 return 1; 289 return 1;
305 } 290}
306 291
307static void free_evp_pbe_ctl(EVP_PBE_CTL *pbe) 292static void
308 { 293free_evp_pbe_ctl(EVP_PBE_CTL *pbe)
309 free(pbe); 294{
310 } 295 free(pbe);
296}
311 297
312void EVP_PBE_cleanup(void) 298void
313 { 299EVP_PBE_cleanup(void)
300{
314 sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl); 301 sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl);
315 pbe_algs = NULL; 302 pbe_algs = NULL;
316 } 303}
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c
index 94056f0da9..99fe5b3221 100644
--- a/src/lib/libcrypto/evp/evp_pkey.c
+++ b/src/lib/libcrypto/evp/evp_pkey.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -65,7 +65,8 @@
65 65
66/* Extract a private key from a PKCS8 structure */ 66/* Extract a private key from a PKCS8 structure */
67 67
68EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) 68EVP_PKEY *
69EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
69{ 70{
70 EVP_PKEY *pkey = NULL; 71 EVP_PKEY *pkey = NULL;
71 ASN1_OBJECT *algoid; 72 ASN1_OBJECT *algoid;
@@ -75,166 +76,164 @@ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
75 return NULL; 76 return NULL;
76 77
77 if (!(pkey = EVP_PKEY_new())) { 78 if (!(pkey = EVP_PKEY_new())) {
78 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); 79 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE);
79 return NULL; 80 return NULL;
80 } 81 }
81 82
82 if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) 83 if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) {
83 { 84 EVPerr(EVP_F_EVP_PKCS82PKEY,
84 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); 85 EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
85 i2t_ASN1_OBJECT(obj_tmp, 80, algoid); 86 i2t_ASN1_OBJECT(obj_tmp, 80, algoid);
86 ERR_asprintf_error_data("TYPE=%s", obj_tmp); 87 ERR_asprintf_error_data("TYPE=%s", obj_tmp);
87 goto error; 88 goto error;
88 } 89 }
89 90
90 if (pkey->ameth->priv_decode) 91 if (pkey->ameth->priv_decode) {
91 { 92 if (!pkey->ameth->priv_decode(pkey, p8)) {
92 if (!pkey->ameth->priv_decode(pkey, p8))
93 {
94 EVPerr(EVP_F_EVP_PKCS82PKEY, 93 EVPerr(EVP_F_EVP_PKCS82PKEY,
95 EVP_R_PRIVATE_KEY_DECODE_ERROR); 94 EVP_R_PRIVATE_KEY_DECODE_ERROR);
96 goto error; 95 goto error;
97 }
98 } 96 }
99 else 97 } else {
100 {
101 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED); 98 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED);
102 goto error; 99 goto error;
103 } 100 }
104 101
105 return pkey; 102 return pkey;
106 103
107 error: 104error:
108 EVP_PKEY_free (pkey); 105 EVP_PKEY_free (pkey);
109 return NULL; 106 return NULL;
110} 107}
111 108
112PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) 109PKCS8_PRIV_KEY_INFO *
110EVP_PKEY2PKCS8(EVP_PKEY *pkey)
113{ 111{
114 return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK); 112 return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
115} 113}
116 114
117/* Turn a private key into a PKCS8 structure */ 115/* Turn a private key into a PKCS8 structure */
118 116
119PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) 117PKCS8_PRIV_KEY_INFO *
118EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
120{ 119{
121 PKCS8_PRIV_KEY_INFO *p8; 120 PKCS8_PRIV_KEY_INFO *p8;
122 121
123 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) { 122 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {
124 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); 123 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE);
125 return NULL; 124 return NULL;
126 } 125 }
127 p8->broken = broken; 126 p8->broken = broken;
128 127
129 if (pkey->ameth) 128 if (pkey->ameth) {
130 { 129 if (pkey->ameth->priv_encode) {
131 if (pkey->ameth->priv_encode) 130 if (!pkey->ameth->priv_encode(p8, pkey)) {
132 {
133 if (!pkey->ameth->priv_encode(p8, pkey))
134 {
135 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, 131 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
136 EVP_R_PRIVATE_KEY_ENCODE_ERROR); 132 EVP_R_PRIVATE_KEY_ENCODE_ERROR);
137 goto error; 133 goto error;
138 }
139 } 134 }
140 else 135 } else {
141 {
142 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, 136 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
143 EVP_R_METHOD_NOT_SUPPORTED); 137 EVP_R_METHOD_NOT_SUPPORTED);
144 goto error; 138 goto error;
145 }
146 } 139 }
147 else 140 } else {
148 {
149 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, 141 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
150 EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); 142 EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
151 goto error; 143 goto error;
152 } 144 }
153 return p8; 145 return p8;
154 error: 146
147error:
155 PKCS8_PRIV_KEY_INFO_free(p8); 148 PKCS8_PRIV_KEY_INFO_free(p8);
156 return NULL; 149 return NULL;
157} 150}
158 151
159PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken) 152PKCS8_PRIV_KEY_INFO *
153PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
160{ 154{
161 switch (broken) { 155 switch (broken) {
162 156 case PKCS8_OK:
163 case PKCS8_OK:
164 p8->broken = PKCS8_OK; 157 p8->broken = PKCS8_OK;
165 return p8; 158 return p8;
166 break; 159 break;
167 160
168 case PKCS8_NO_OCTET: 161 case PKCS8_NO_OCTET:
169 p8->broken = PKCS8_NO_OCTET; 162 p8->broken = PKCS8_NO_OCTET;
170 p8->pkey->type = V_ASN1_SEQUENCE; 163 p8->pkey->type = V_ASN1_SEQUENCE;
171 return p8; 164 return p8;
172 break; 165 break;
173 166
174 default: 167 default:
175 EVPerr(EVP_F_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE); 168 EVPerr(EVP_F_PKCS8_SET_BROKEN, EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
176 return NULL; 169 return NULL;
177 } 170 }
178} 171}
179 172
180/* EVP_PKEY attribute functions */ 173/* EVP_PKEY attribute functions */
181 174
182int EVP_PKEY_get_attr_count(const EVP_PKEY *key) 175int
176EVP_PKEY_get_attr_count(const EVP_PKEY *key)
183{ 177{
184 return X509at_get_attr_count(key->attributes); 178 return X509at_get_attr_count(key->attributes);
185} 179}
186 180
187int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, 181int
188 int lastpos) 182EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos)
189{ 183{
190 return X509at_get_attr_by_NID(key->attributes, nid, lastpos); 184 return X509at_get_attr_by_NID(key->attributes, nid, lastpos);
191} 185}
192 186
193int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, 187int
194 int lastpos) 188EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, int lastpos)
195{ 189{
196 return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos); 190 return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos);
197} 191}
198 192
199X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc) 193X509_ATTRIBUTE *
194EVP_PKEY_get_attr(const EVP_PKEY *key, int loc)
200{ 195{
201 return X509at_get_attr(key->attributes, loc); 196 return X509at_get_attr(key->attributes, loc);
202} 197}
203 198
204X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc) 199X509_ATTRIBUTE *
200EVP_PKEY_delete_attr(EVP_PKEY *key, int loc)
205{ 201{
206 return X509at_delete_attr(key->attributes, loc); 202 return X509at_delete_attr(key->attributes, loc);
207} 203}
208 204
209int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr) 205int
206EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr)
210{ 207{
211 if(X509at_add1_attr(&key->attributes, attr)) return 1; 208 if (X509at_add1_attr(&key->attributes, attr))
209 return 1;
212 return 0; 210 return 0;
213} 211}
214 212
215int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, 213int
216 const ASN1_OBJECT *obj, int type, 214EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, const ASN1_OBJECT *obj, int type,
217 const unsigned char *bytes, int len) 215 const unsigned char *bytes, int len)
218{ 216{
219 if(X509at_add1_attr_by_OBJ(&key->attributes, obj, 217 if (X509at_add1_attr_by_OBJ(&key->attributes, obj, type, bytes, len))
220 type, bytes, len)) return 1; 218 return 1;
221 return 0; 219 return 0;
222} 220}
223 221
224int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, 222int
225 int nid, int type, 223EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, int nid, int type,
226 const unsigned char *bytes, int len) 224 const unsigned char *bytes, int len)
227{ 225{
228 if(X509at_add1_attr_by_NID(&key->attributes, nid, 226 if (X509at_add1_attr_by_NID(&key->attributes, nid, type, bytes, len))
229 type, bytes, len)) return 1; 227 return 1;
230 return 0; 228 return 0;
231} 229}
232 230
233int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, 231int
234 const char *attrname, int type, 232EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, const char *attrname, int type,
235 const unsigned char *bytes, int len) 233 const unsigned char *bytes, int len)
236{ 234{
237 if(X509at_add1_attr_by_txt(&key->attributes, attrname, 235 if (X509at_add1_attr_by_txt(&key->attributes, attrname, type,
238 type, bytes, len)) return 1; 236 bytes, len))
237 return 1;
239 return 0; 238 return 0;
240} 239}
diff --git a/src/lib/libssl/src/crypto/evp/evp_acnf.c b/src/lib/libssl/src/crypto/evp/evp_acnf.c
index 643a1864e8..afbbc395ba 100644
--- a/src/lib/libssl/src/crypto/evp/evp_acnf.c
+++ b/src/lib/libssl/src/crypto/evp/evp_acnf.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -60,14 +60,14 @@
60#include <openssl/evp.h> 60#include <openssl/evp.h>
61#include <openssl/conf.h> 61#include <openssl/conf.h>
62 62
63
64/* Load all algorithms and configure OpenSSL. 63/* Load all algorithms and configure OpenSSL.
65 * This function is called automatically when 64 * This function is called automatically when
66 * OPENSSL_LOAD_CONF is set. 65 * OPENSSL_LOAD_CONF is set.
67 */ 66 */
68 67
69void OPENSSL_add_all_algorithms_conf(void) 68void
70 { 69OPENSSL_add_all_algorithms_conf(void)
70{
71 OPENSSL_add_all_algorithms_noconf(); 71 OPENSSL_add_all_algorithms_noconf();
72 OPENSSL_config(NULL); 72 OPENSSL_config(NULL);
73 } 73}
diff --git a/src/lib/libssl/src/crypto/evp/evp_enc.c b/src/lib/libssl/src/crypto/evp/evp_enc.c
index e8ca502633..0c3e8fcc39 100644
--- a/src/lib/libssl/src/crypto/evp/evp_enc.c
+++ b/src/lib/libssl/src/crypto/evp/evp_enc.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -68,498 +68,486 @@
68 68
69#define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl) 69#define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl)
70 70
71const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT; 71const char EVP_version[] = "EVP" OPENSSL_VERSION_PTEXT;
72 72
73void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) 73void
74 { 74EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
75 memset(ctx,0,sizeof(EVP_CIPHER_CTX)); 75{
76 memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
76 /* ctx->cipher=NULL; */ 77 /* ctx->cipher=NULL; */
77 } 78}
78 79
79EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) 80EVP_CIPHER_CTX *
80 { 81EVP_CIPHER_CTX_new(void)
81 EVP_CIPHER_CTX *ctx=malloc(sizeof *ctx); 82{
83 EVP_CIPHER_CTX *ctx = malloc(sizeof *ctx);
82 if (ctx) 84 if (ctx)
83 EVP_CIPHER_CTX_init(ctx); 85 EVP_CIPHER_CTX_init(ctx);
84 return ctx; 86 return ctx;
85 } 87}
86 88
87int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, 89int
88 const unsigned char *key, const unsigned char *iv, int enc) 90EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
89 { 91 const unsigned char *key, const unsigned char *iv, int enc)
92{
90 if (cipher) 93 if (cipher)
91 EVP_CIPHER_CTX_init(ctx); 94 EVP_CIPHER_CTX_init(ctx);
92 return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc); 95 return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc);
93 } 96}
94 97
95int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, 98int
96 const unsigned char *key, const unsigned char *iv, int enc) 99EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
97 { 100 const unsigned char *key, const unsigned char *iv, int enc)
101{
98 if (enc == -1) 102 if (enc == -1)
99 enc = ctx->encrypt; 103 enc = ctx->encrypt;
100 else 104 else {
101 {
102 if (enc) 105 if (enc)
103 enc = 1; 106 enc = 1;
104 ctx->encrypt = enc; 107 ctx->encrypt = enc;
105 } 108 }
106#ifndef OPENSSL_NO_ENGINE 109#ifndef OPENSSL_NO_ENGINE
107 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts 110 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
108 * so this context may already have an ENGINE! Try to avoid releasing 111 * so this context may already have an ENGINE! Try to avoid releasing
109 * the previous handle, re-querying for an ENGINE, and having a 112 * the previous handle, re-querying for an ENGINE, and having a
110 * reinitialisation, when it may all be unecessary. */ 113 * reinitialisation, when it may all be unecessary. */
111 if (ctx->engine && ctx->cipher && (!cipher || 114 if (ctx->engine && ctx->cipher &&
112 (cipher && (cipher->nid == ctx->cipher->nid)))) 115 (!cipher || (cipher && (cipher->nid == ctx->cipher->nid))))
113 goto skip_to_init; 116 goto skip_to_init;
114#endif 117#endif
115 if (cipher) 118 if (cipher) {
116 {
117 /* Ensure a context left lying around from last time is cleared 119 /* Ensure a context left lying around from last time is cleared
118 * (the previous check attempted to avoid this if the same 120 * (the previous check attempted to avoid this if the same
119 * ENGINE and EVP_CIPHER could be used). */ 121 * ENGINE and EVP_CIPHER could be used). */
120 if (ctx->cipher) 122 if (ctx->cipher) {
121 {
122 unsigned long flags = ctx->flags; 123 unsigned long flags = ctx->flags;
123 EVP_CIPHER_CTX_cleanup(ctx); 124 EVP_CIPHER_CTX_cleanup(ctx);
124 /* Restore encrypt and flags */ 125 /* Restore encrypt and flags */
125 ctx->encrypt = enc; 126 ctx->encrypt = enc;
126 ctx->flags = flags; 127 ctx->flags = flags;
127 } 128 }
128#ifndef OPENSSL_NO_ENGINE 129#ifndef OPENSSL_NO_ENGINE
129 if(impl) 130 if (impl) {
130 { 131 if (!ENGINE_init(impl)) {
131 if (!ENGINE_init(impl)) 132 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
132 { 133 EVP_R_INITIALIZATION_ERROR);
133 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
134 return 0; 134 return 0;
135 }
136 } 135 }
137 else 136 } else
138 /* Ask if an ENGINE is reserved for this job */ 137 /* Ask if an ENGINE is reserved for this job */
139 impl = ENGINE_get_cipher_engine(cipher->nid); 138 impl = ENGINE_get_cipher_engine(cipher->nid);
140 if(impl) 139 if (impl) {
141 {
142 /* There's an ENGINE for this job ... (apparently) */ 140 /* There's an ENGINE for this job ... (apparently) */
143 const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid); 141 const EVP_CIPHER *c =
144 if(!c) 142 ENGINE_get_cipher(impl, cipher->nid);
145 { 143 if (!c) {
146 /* One positive side-effect of US's export 144 /* One positive side-effect of US's export
147 * control history, is that we should at least 145 * control history, is that we should at least
148 * be able to avoid using US mispellings of 146 * be able to avoid using US mispellings of
149 * "initialisation"? */ 147 * "initialisation"? */
150 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); 148 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
149 EVP_R_INITIALIZATION_ERROR);
151 return 0; 150 return 0;
152 } 151 }
153 /* We'll use the ENGINE's private cipher definition */ 152 /* We'll use the ENGINE's private cipher definition */
154 cipher = c; 153 cipher = c;
155 /* Store the ENGINE functional reference so we know 154 /* Store the ENGINE functional reference so we know
156 * 'cipher' came from an ENGINE and we need to release 155 * 'cipher' came from an ENGINE and we need to release
157 * it when done. */ 156 * it when done. */
158 ctx->engine = impl; 157 ctx->engine = impl;
159 } 158 } else
160 else
161 ctx->engine = NULL; 159 ctx->engine = NULL;
162#endif 160#endif
163 161
164 ctx->cipher=cipher; 162 ctx->cipher = cipher;
165 if (ctx->cipher->ctx_size) 163 if (ctx->cipher->ctx_size) {
166 { 164 ctx->cipher_data = malloc(ctx->cipher->ctx_size);
167 ctx->cipher_data=malloc(ctx->cipher->ctx_size); 165 if (!ctx->cipher_data) {
168 if (!ctx->cipher_data) 166 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
169 { 167 ERR_R_MALLOC_FAILURE);
170 EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE);
171 return 0; 168 return 0;
172 }
173 } 169 }
174 else 170 } else {
175 {
176 ctx->cipher_data = NULL; 171 ctx->cipher_data = NULL;
177 } 172 }
178 ctx->key_len = cipher->key_len; 173 ctx->key_len = cipher->key_len;
179 ctx->flags = 0; 174 ctx->flags = 0;
180 if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) 175 if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
181 { 176 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
182 if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) 177 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
183 { 178 EVP_R_INITIALIZATION_ERROR);
184 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
185 return 0; 179 return 0;
186 }
187 } 180 }
188 } 181 }
189 else if(!ctx->cipher) 182 } else if (!ctx->cipher) {
190 {
191 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET); 183 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET);
192 return 0; 184 return 0;
193 } 185 }
194#ifndef OPENSSL_NO_ENGINE 186#ifndef OPENSSL_NO_ENGINE
195skip_to_init: 187skip_to_init:
196#endif 188#endif
197 /* we assume block size is a power of 2 in *cryptUpdate */ 189 /* we assume block size is a power of 2 in *cryptUpdate */
198 OPENSSL_assert(ctx->cipher->block_size == 1 190 OPENSSL_assert(ctx->cipher->block_size == 1 ||
199 || ctx->cipher->block_size == 8 191 ctx->cipher->block_size == 8 ||
200 || ctx->cipher->block_size == 16); 192 ctx->cipher->block_size == 16);
201 193
202 if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { 194 if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
203 switch(EVP_CIPHER_CTX_mode(ctx)) { 195 switch (EVP_CIPHER_CTX_mode(ctx)) {
204 196
205 case EVP_CIPH_STREAM_CIPHER: 197 case EVP_CIPH_STREAM_CIPHER:
206 case EVP_CIPH_ECB_MODE: 198 case EVP_CIPH_ECB_MODE:
207 break; 199 break;
208 200
209 case EVP_CIPH_CFB_MODE: 201 case EVP_CIPH_CFB_MODE:
210 case EVP_CIPH_OFB_MODE: 202 case EVP_CIPH_OFB_MODE:
211 203
212 ctx->num = 0; 204 ctx->num = 0;
213 /* fall-through */ 205 /* fall-through */
214 206
215 case EVP_CIPH_CBC_MODE: 207 case EVP_CIPH_CBC_MODE:
216 208
217 OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= 209 OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
218 (int)sizeof(ctx->iv)); 210 (int)sizeof(ctx->iv));
219 if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); 211 if (iv)
220 memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); 212 memcpy(ctx->oiv, iv,
213 EVP_CIPHER_CTX_iv_length(ctx));
214 memcpy(ctx->iv, ctx->oiv,
215 EVP_CIPHER_CTX_iv_length(ctx));
221 break; 216 break;
222 217
223 case EVP_CIPH_CTR_MODE: 218 case EVP_CIPH_CTR_MODE:
224 ctx->num = 0; 219 ctx->num = 0;
225 /* Don't reuse IV for CTR mode */ 220 /* Don't reuse IV for CTR mode */
226 if(iv) 221 if (iv)
227 memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx)); 222 memcpy(ctx->iv, iv,
223 EVP_CIPHER_CTX_iv_length(ctx));
228 break; 224 break;
229 225
230 default: 226 default:
231 return 0; 227 return 0;
232 break; 228 break;
233 } 229 }
234 } 230 }
235 231
236 if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { 232 if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
237 if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; 233 if (!ctx->cipher->init(ctx, key, iv, enc))
234 return 0;
238 } 235 }
239 ctx->buf_len=0; 236 ctx->buf_len = 0;
240 ctx->final_used=0; 237 ctx->final_used = 0;
241 ctx->block_mask=ctx->cipher->block_size-1; 238 ctx->block_mask = ctx->cipher->block_size - 1;
242 return 1; 239 return 1;
243 } 240}
244 241
245int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, 242int
246 const unsigned char *in, int inl) 243EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
247 { 244 const unsigned char *in, int inl)
245{
248 if (ctx->encrypt) 246 if (ctx->encrypt)
249 return EVP_EncryptUpdate(ctx,out,outl,in,inl); 247 return EVP_EncryptUpdate(ctx, out, outl, in, inl);
250 else return EVP_DecryptUpdate(ctx,out,outl,in,inl); 248 else
251 } 249 return EVP_DecryptUpdate(ctx, out, outl, in, inl);
250}
252 251
253int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 252int
254 { 253EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
254{
255 if (ctx->encrypt) 255 if (ctx->encrypt)
256 return EVP_EncryptFinal_ex(ctx,out,outl); 256 return EVP_EncryptFinal_ex(ctx, out, outl);
257 else return EVP_DecryptFinal_ex(ctx,out,outl); 257 else
258 } 258 return EVP_DecryptFinal_ex(ctx, out, outl);
259}
259 260
260int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 261int
261 { 262EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
263{
262 if (ctx->encrypt) 264 if (ctx->encrypt)
263 return EVP_EncryptFinal(ctx,out,outl); 265 return EVP_EncryptFinal(ctx, out, outl);
264 else return EVP_DecryptFinal(ctx,out,outl); 266 else
265 } 267 return EVP_DecryptFinal(ctx, out, outl);
268}
266 269
267int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, 270int
268 const unsigned char *key, const unsigned char *iv) 271EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
269 { 272 const unsigned char *key, const unsigned char *iv)
273{
270 return EVP_CipherInit(ctx, cipher, key, iv, 1); 274 return EVP_CipherInit(ctx, cipher, key, iv, 1);
271 } 275}
272 276
273int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, 277int
274 const unsigned char *key, const unsigned char *iv) 278EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
275 { 279 const unsigned char *key, const unsigned char *iv)
280{
276 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1); 281 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
277 } 282}
278 283
279int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, 284int
280 const unsigned char *key, const unsigned char *iv) 285EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
281 { 286 const unsigned char *key, const unsigned char *iv)
287{
282 return EVP_CipherInit(ctx, cipher, key, iv, 0); 288 return EVP_CipherInit(ctx, cipher, key, iv, 0);
283 } 289}
284 290
285int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, 291int
286 const unsigned char *key, const unsigned char *iv) 292EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
287 { 293 const unsigned char *key, const unsigned char *iv)
294{
288 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0); 295 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
289 } 296}
290 297
291int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, 298int
292 const unsigned char *in, int inl) 299EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
293 { 300 const unsigned char *in, int inl)
294 int i,j,bl; 301{
302 int i, j, bl;
295 303
296 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) 304 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
297 {
298 i = M_do_cipher(ctx, out, in, inl); 305 i = M_do_cipher(ctx, out, in, inl);
299 if (i < 0) 306 if (i < 0)
300 return 0; 307 return 0;
301 else 308 else
302 *outl = i; 309 *outl = i;
303 return 1; 310 return 1;
304 } 311 }
305 312
306 if (inl <= 0) 313 if (inl <= 0) {
307 {
308 *outl = 0; 314 *outl = 0;
309 return inl == 0; 315 return inl == 0;
310 } 316 }
311 317
312 if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) 318 if (ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) {
313 { 319 if (M_do_cipher(ctx, out, in, inl)) {
314 if(M_do_cipher(ctx,out,in,inl)) 320 *outl = inl;
315 {
316 *outl=inl;
317 return 1; 321 return 1;
318 } 322 } else {
319 else 323 *outl = 0;
320 {
321 *outl=0;
322 return 0; 324 return 0;
323 }
324 } 325 }
325 i=ctx->buf_len; 326 }
326 bl=ctx->cipher->block_size; 327 i = ctx->buf_len;
328 bl = ctx->cipher->block_size;
327 OPENSSL_assert(bl <= (int)sizeof(ctx->buf)); 329 OPENSSL_assert(bl <= (int)sizeof(ctx->buf));
328 if (i != 0) 330 if (i != 0) {
329 { 331 if (i + inl < bl) {
330 if (i+inl < bl) 332 memcpy(&(ctx->buf[i]), in, inl);
331 { 333 ctx->buf_len += inl;
332 memcpy(&(ctx->buf[i]),in,inl); 334 *outl = 0;
333 ctx->buf_len+=inl;
334 *outl=0;
335 return 1; 335 return 1;
336 } 336 } else {
337 else 337 j = bl - i;
338 { 338 memcpy(&(ctx->buf[i]), in, j);
339 j=bl-i; 339 if (!M_do_cipher(ctx, out, ctx->buf, bl))
340 memcpy(&(ctx->buf[i]),in,j); 340 return 0;
341 if(!M_do_cipher(ctx,out,ctx->buf,bl)) return 0; 341 inl -= j;
342 inl-=j; 342 in += j;
343 in+=j; 343 out += bl;
344 out+=bl; 344 *outl = bl;
345 *outl=bl;
346 }
347 } 345 }
348 else 346 } else
349 *outl = 0; 347 *outl = 0;
350 i=inl&(bl-1); 348 i = inl&(bl - 1);
351 inl-=i; 349 inl -= i;
352 if (inl > 0) 350 if (inl > 0) {
353 { 351 if (!M_do_cipher(ctx, out, in, inl))
354 if(!M_do_cipher(ctx,out,in,inl)) return 0; 352 return 0;
355 *outl+=inl; 353 *outl += inl;
356 } 354 }
357 355
358 if (i != 0) 356 if (i != 0)
359 memcpy(ctx->buf,&(in[inl]),i); 357 memcpy(ctx->buf, &(in[inl]), i);
360 ctx->buf_len=i; 358 ctx->buf_len = i;
361 return 1; 359 return 1;
362 } 360}
363 361
364int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 362int
365 { 363EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
364{
366 int ret; 365 int ret;
366
367 ret = EVP_EncryptFinal_ex(ctx, out, outl); 367 ret = EVP_EncryptFinal_ex(ctx, out, outl);
368 return ret; 368 return ret;
369 } 369}
370 370
371int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 371int
372 { 372EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
373 int n,ret; 373{
374 int n, ret;
374 unsigned int i, b, bl; 375 unsigned int i, b, bl;
375 376
376 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) 377 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
377 {
378 ret = M_do_cipher(ctx, out, NULL, 0); 378 ret = M_do_cipher(ctx, out, NULL, 0);
379 if (ret < 0) 379 if (ret < 0)
380 return 0; 380 return 0;
381 else 381 else
382 *outl = ret; 382 *outl = ret;
383 return 1; 383 return 1;
384 } 384 }
385 385
386 b=ctx->cipher->block_size; 386 b = ctx->cipher->block_size;
387 OPENSSL_assert(b <= sizeof ctx->buf); 387 OPENSSL_assert(b <= sizeof ctx->buf);
388 if (b == 1) 388 if (b == 1) {
389 { 389 *outl = 0;
390 *outl=0;
391 return 1; 390 return 1;
392 } 391 }
393 bl=ctx->buf_len; 392 bl = ctx->buf_len;
394 if (ctx->flags & EVP_CIPH_NO_PADDING) 393 if (ctx->flags & EVP_CIPH_NO_PADDING) {
395 { 394 if (bl) {
396 if(bl) 395 EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,
397 { 396 EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
398 EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
399 return 0; 397 return 0;
400 } 398 }
401 *outl = 0; 399 *outl = 0;
402 return 1; 400 return 1;
403 } 401 }
404 402
405 n=b-bl; 403 n = b - bl;
406 for (i=bl; i<b; i++) 404 for (i = bl; i < b; i++)
407 ctx->buf[i]=n; 405 ctx->buf[i] = n;
408 ret=M_do_cipher(ctx,out,ctx->buf,b); 406 ret = M_do_cipher(ctx, out, ctx->buf, b);
409 407
410 408
411 if(ret) 409 if (ret)
412 *outl=b; 410 *outl = b;
413 411
414 return ret; 412 return ret;
415 } 413}
416 414
417int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, 415int
418 const unsigned char *in, int inl) 416EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
419 { 417 const unsigned char *in, int inl)
418{
420 int fix_len; 419 int fix_len;
421 unsigned int b; 420 unsigned int b;
422 421
423 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) 422 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
424 {
425 fix_len = M_do_cipher(ctx, out, in, inl); 423 fix_len = M_do_cipher(ctx, out, in, inl);
426 if (fix_len < 0) 424 if (fix_len < 0) {
427 {
428 *outl = 0; 425 *outl = 0;
429 return 0; 426 return 0;
430 } 427 } else
431 else
432 *outl = fix_len; 428 *outl = fix_len;
433 return 1; 429 return 1;
434 } 430 }
435 431
436 if (inl <= 0) 432 if (inl <= 0) {
437 {
438 *outl = 0; 433 *outl = 0;
439 return inl == 0; 434 return inl == 0;
440 } 435 }
441 436
442 if (ctx->flags & EVP_CIPH_NO_PADDING) 437 if (ctx->flags & EVP_CIPH_NO_PADDING)
443 return EVP_EncryptUpdate(ctx, out, outl, in, inl); 438 return EVP_EncryptUpdate(ctx, out, outl, in, inl);
444 439
445 b=ctx->cipher->block_size; 440 b = ctx->cipher->block_size;
446 OPENSSL_assert(b <= sizeof ctx->final); 441 OPENSSL_assert(b <= sizeof ctx->final);
447 442
448 if(ctx->final_used) 443 if (ctx->final_used) {
449 { 444 memcpy(out, ctx->final, b);
450 memcpy(out,ctx->final,b); 445 out += b;
451 out+=b;
452 fix_len = 1; 446 fix_len = 1;
453 } 447 } else
454 else
455 fix_len = 0; 448 fix_len = 0;
456 449
457 450
458 if(!EVP_EncryptUpdate(ctx,out,outl,in,inl)) 451 if (!EVP_EncryptUpdate(ctx, out, outl, in, inl))
459 return 0; 452 return 0;
460 453
461 /* if we have 'decrypted' a multiple of block size, make sure 454 /* if we have 'decrypted' a multiple of block size, make sure
462 * we have a copy of this last block */ 455 * we have a copy of this last block */
463 if (b > 1 && !ctx->buf_len) 456 if (b > 1 && !ctx->buf_len) {
464 { 457 *outl -= b;
465 *outl-=b; 458 ctx->final_used = 1;
466 ctx->final_used=1; 459 memcpy(ctx->final, &out[*outl], b);
467 memcpy(ctx->final,&out[*outl],b); 460 } else
468 }
469 else
470 ctx->final_used = 0; 461 ctx->final_used = 0;
471 462
472 if (fix_len) 463 if (fix_len)
473 *outl += b; 464 *outl += b;
474 465
475 return 1; 466 return 1;
476 } 467}
477 468
478int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 469int
479 { 470EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
471{
480 int ret; 472 int ret;
473
481 ret = EVP_DecryptFinal_ex(ctx, out, outl); 474 ret = EVP_DecryptFinal_ex(ctx, out, outl);
482 return ret; 475 return ret;
483 } 476}
484 477
485int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 478int
486 { 479EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
487 int i,n; 480{
481 int i, n;
488 unsigned int b; 482 unsigned int b;
489 *outl=0; 483 *outl = 0;
490 484
491 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) 485 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
492 {
493 i = M_do_cipher(ctx, out, NULL, 0); 486 i = M_do_cipher(ctx, out, NULL, 0);
494 if (i < 0) 487 if (i < 0)
495 return 0; 488 return 0;
496 else 489 else
497 *outl = i; 490 *outl = i;
498 return 1; 491 return 1;
499 } 492 }
500 493
501 b=ctx->cipher->block_size; 494 b = ctx->cipher->block_size;
502 if (ctx->flags & EVP_CIPH_NO_PADDING) 495 if (ctx->flags & EVP_CIPH_NO_PADDING) {
503 { 496 if (ctx->buf_len) {
504 if(ctx->buf_len) 497 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
505 { 498 EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
506 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
507 return 0; 499 return 0;
508 } 500 }
509 *outl = 0; 501 *outl = 0;
510 return 1; 502 return 1;
503 }
504 if (b > 1) {
505 if (ctx->buf_len || !ctx->final_used) {
506 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
507 EVP_R_WRONG_FINAL_BLOCK_LENGTH);
508 return (0);
511 } 509 }
512 if (b > 1)
513 {
514 if (ctx->buf_len || !ctx->final_used)
515 {
516 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
517 return(0);
518 }
519 OPENSSL_assert(b <= sizeof ctx->final); 510 OPENSSL_assert(b <= sizeof ctx->final);
520 n=ctx->final[b-1]; 511 n = ctx->final[b - 1];
521 if (n == 0 || n > (int)b) 512 if (n == 0 || n > (int)b) {
522 { 513 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
523 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT); 514 return (0);
524 return(0); 515 }
525 } 516 for (i = 0; i < n; i++) {
526 for (i=0; i<n; i++) 517 if (ctx->final[--b] != n) {
527 { 518 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
528 if (ctx->final[--b] != n) 519 EVP_R_BAD_DECRYPT);
529 { 520 return (0);
530 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
531 return(0);
532 }
533 } 521 }
534 n=ctx->cipher->block_size-n;
535 for (i=0; i<n; i++)
536 out[i]=ctx->final[i];
537 *outl=n;
538 } 522 }
539 else 523 n = ctx->cipher->block_size - n;
540 *outl=0; 524 for (i = 0; i < n; i++)
541 return(1); 525 out[i] = ctx->final[i];
542 } 526 *outl = n;
527 } else
528 *outl = 0;
529 return (1);
530}
543 531
544void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) 532void
545 { 533EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
546 if (ctx) 534{
547 { 535 if (ctx) {
548 EVP_CIPHER_CTX_cleanup(ctx); 536 EVP_CIPHER_CTX_cleanup(ctx);
549 free(ctx); 537 free(ctx);
550 }
551 } 538 }
539}
552 540
553int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) 541int
554 { 542EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
555 if (c->cipher != NULL) 543{
556 { 544 if (c->cipher != NULL) {
557 if(c->cipher->cleanup && !c->cipher->cleanup(c)) 545 if (c->cipher->cleanup && !c->cipher->cleanup(c))
558 return 0; 546 return 0;
559 /* Cleanse cipher context data */ 547 /* Cleanse cipher context data */
560 if (c->cipher_data) 548 if (c->cipher_data)
561 OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); 549 OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
562 } 550 }
563 if (c->cipher_data) 551 if (c->cipher_data)
564 free(c->cipher_data); 552 free(c->cipher_data);
565#ifndef OPENSSL_NO_ENGINE 553#ifndef OPENSSL_NO_ENGINE
@@ -568,93 +556,99 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
568 * functional reference we held for this reason. */ 556 * functional reference we held for this reason. */
569 ENGINE_finish(c->engine); 557 ENGINE_finish(c->engine);
570#endif 558#endif
571 memset(c,0,sizeof(EVP_CIPHER_CTX)); 559 memset(c, 0, sizeof(EVP_CIPHER_CTX));
572 return 1; 560 return 1;
573 } 561}
574 562
575int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) 563int
576 { 564EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
577 if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH) 565{
578 return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL); 566 if (c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
579 if(c->key_len == keylen) return 1; 567 return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH,
580 if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) 568 keylen, NULL);
581 { 569 if (c->key_len == keylen)
570 return 1;
571 if ((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) {
582 c->key_len = keylen; 572 c->key_len = keylen;
583 return 1; 573 return 1;
584 }
585 EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH);
586 return 0;
587 } 574 }
575 EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH, EVP_R_INVALID_KEY_LENGTH);
576 return 0;
577}
588 578
589int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad) 579int
590 { 580EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
591 if (pad) ctx->flags &= ~EVP_CIPH_NO_PADDING; 581{
592 else ctx->flags |= EVP_CIPH_NO_PADDING; 582 if (pad)
583 ctx->flags &= ~EVP_CIPH_NO_PADDING;
584 else
585 ctx->flags |= EVP_CIPH_NO_PADDING;
593 return 1; 586 return 1;
594 } 587}
595 588
596int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) 589int
590EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
597{ 591{
598 int ret; 592 int ret;
599 if(!ctx->cipher) { 593
594 if (!ctx->cipher) {
600 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET); 595 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
601 return 0; 596 return 0;
602 } 597 }
603 598
604 if(!ctx->cipher->ctrl) { 599 if (!ctx->cipher->ctrl) {
605 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED); 600 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
606 return 0; 601 return 0;
607 } 602 }
608 603
609 ret = ctx->cipher->ctrl(ctx, type, arg, ptr); 604 ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
610 if(ret == -1) { 605 if (ret == -1) {
611 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED); 606 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL,
607 EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
612 return 0; 608 return 0;
613 } 609 }
614 return ret; 610 return ret;
615} 611}
616 612
617int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) 613int
618 { 614EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
615{
619 if (ctx->cipher->flags & EVP_CIPH_RAND_KEY) 616 if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
620 return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key); 617 return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
621 if (RAND_bytes(key, ctx->key_len) <= 0) 618 if (RAND_bytes(key, ctx->key_len) <= 0)
622 return 0; 619 return 0;
623 return 1; 620 return 1;
624 } 621}
625 622
626int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) 623int
627 { 624EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
628 if ((in == NULL) || (in->cipher == NULL)) 625{
629 { 626 if ((in == NULL) || (in->cipher == NULL)) {
630 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); 627 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INPUT_NOT_INITIALIZED);
631 return 0; 628 return 0;
632 } 629 }
633#ifndef OPENSSL_NO_ENGINE 630#ifndef OPENSSL_NO_ENGINE
634 /* Make sure it's safe to copy a cipher context using an ENGINE */ 631 /* Make sure it's safe to copy a cipher context using an ENGINE */
635 if (in->engine && !ENGINE_init(in->engine)) 632 if (in->engine && !ENGINE_init(in->engine)) {
636 { 633 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_ENGINE_LIB);
637 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,ERR_R_ENGINE_LIB);
638 return 0; 634 return 0;
639 } 635 }
640#endif 636#endif
641 637
642 EVP_CIPHER_CTX_cleanup(out); 638 EVP_CIPHER_CTX_cleanup(out);
643 memcpy(out,in,sizeof *out); 639 memcpy(out, in, sizeof *out);
644 640
645 if (in->cipher_data && in->cipher->ctx_size) 641 if (in->cipher_data && in->cipher->ctx_size) {
646 { 642 out->cipher_data = malloc(in->cipher->ctx_size);
647 out->cipher_data=malloc(in->cipher->ctx_size); 643 if (!out->cipher_data) {
648 if (!out->cipher_data) 644 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE);
649 {
650 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,ERR_R_MALLOC_FAILURE);
651 return 0; 645 return 0;
652 }
653 memcpy(out->cipher_data,in->cipher_data,in->cipher->ctx_size);
654 } 646 }
647 memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
648 }
655 649
656 if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY) 650 if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
657 return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out); 651 return in->cipher->ctrl((EVP_CIPHER_CTX *)in,
652 EVP_CTRL_COPY, 0, out);
658 return 1; 653 return 1;
659 } 654}
660
diff --git a/src/lib/libssl/src/crypto/evp/evp_err.c b/src/lib/libssl/src/crypto/evp/evp_err.c
index 08eab9882f..790459fab4 100644
--- a/src/lib/libssl/src/crypto/evp/evp_err.c
+++ b/src/lib/libssl/src/crypto/evp/evp_err.c
@@ -7,7 +7,7 @@
7 * are met: 7 * are met:
8 * 8 *
9 * 1. Redistributions of source code must retain the above copyright 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer. 10 * notice, this list of conditions and the following disclaimer.
11 * 11 *
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in 13 * notice, this list of conditions and the following disclaimer in
@@ -68,173 +68,170 @@
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0) 68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason) 69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason)
70 70
71static ERR_STRING_DATA EVP_str_functs[]= 71static ERR_STRING_DATA EVP_str_functs[]= {
72 { 72 {ERR_FUNC(EVP_F_AESNI_INIT_KEY), "AESNI_INIT_KEY"},
73{ERR_FUNC(EVP_F_AESNI_INIT_KEY), "AESNI_INIT_KEY"}, 73 {ERR_FUNC(EVP_F_AESNI_XTS_CIPHER), "AESNI_XTS_CIPHER"},
74{ERR_FUNC(EVP_F_AESNI_XTS_CIPHER), "AESNI_XTS_CIPHER"}, 74 {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
75{ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"}, 75 {ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"},
76{ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"}, 76 {ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"},
77{ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"}, 77 {ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"},
78{ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"}, 78 {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"},
79{ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"}, 79 {ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"},
80{ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"}, 80 {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
81{ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"}, 81 {ERR_FUNC(EVP_F_DO_SIGVER_INIT), "DO_SIGVER_INIT"},
82{ERR_FUNC(EVP_F_DO_SIGVER_INIT), "DO_SIGVER_INIT"}, 82 {ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"},
83{ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"}, 83 {ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"},
84{ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"}, 84 {ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"},
85{ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"}, 85 {ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"},
86{ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"}, 86 {ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
87{ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"}, 87 {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"},
88{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"}, 88 {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"},
89{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"}, 89 {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"},
90{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"}, 90 {ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"},
91{ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"}, 91 {ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"},
92{ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"}, 92 {ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"},
93{ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"}, 93 {ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"},
94{ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"}, 94 {ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_size"},
95{ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_size"}, 95 {ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"},
96{ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"}, 96 {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"},
97{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"}, 97 {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"},
98{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"}, 98 {ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"},
99{ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"}, 99 {ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"},
100{ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"}, 100 {ERR_FUNC(EVP_F_EVP_PKCS82PKEY_BROKEN), "EVP_PKCS82PKEY_BROKEN"},
101{ERR_FUNC(EVP_F_EVP_PKCS82PKEY_BROKEN), "EVP_PKCS82PKEY_BROKEN"}, 101 {ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"},
102{ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"}, 102 {ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"},
103{ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"}, 103 {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"},
104{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"}, 104 {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"},
105{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"}, 105 {ERR_FUNC(EVP_F_EVP_PKEY_CTX_DUP), "EVP_PKEY_CTX_dup"},
106{ERR_FUNC(EVP_F_EVP_PKEY_CTX_DUP), "EVP_PKEY_CTX_dup"}, 106 {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"},
107{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"}, 107 {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"},
108{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"}, 108 {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"},
109{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"}, 109 {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive"},
110{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive"}, 110 {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_derive_init"},
111{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_derive_init"}, 111 {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_derive_set_peer"},
112{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_derive_set_peer"}, 112 {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"},
113{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"}, 113 {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"},
114{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"}, 114 {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"},
115{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"}, 115 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"},
116{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"}, 116 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"},
117{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"}, 117 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"},
118{ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"}, 118 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"},
119{ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"}, 119 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"},
120{ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"}, 120 {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
121{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"}, 121 {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"},
122{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"}, 122 {ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
123{ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"}, 123 {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"},
124{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"}, 124 {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"},
125{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"}, 125 {ERR_FUNC(EVP_F_EVP_PKEY_SIGN), "EVP_PKEY_sign"},
126{ERR_FUNC(EVP_F_EVP_PKEY_SIGN), "EVP_PKEY_sign"}, 126 {ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT), "EVP_PKEY_sign_init"},
127{ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT), "EVP_PKEY_sign_init"}, 127 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY), "EVP_PKEY_verify"},
128{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY), "EVP_PKEY_verify"}, 128 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_verify_init"},
129{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_verify_init"}, 129 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"},
130{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"}, 130 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT), "EVP_PKEY_verify_recover_init"},
131{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT), "EVP_PKEY_verify_recover_init"}, 131 {ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
132{ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"}, 132 {ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
133{ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"}, 133 {ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"},
134{ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"}, 134 {ERR_FUNC(EVP_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"},
135{ERR_FUNC(EVP_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"}, 135 {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_COPY), "FIPS_CIPHER_CTX_COPY"},
136{ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_COPY), "FIPS_CIPHER_CTX_COPY"}, 136 {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
137{ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"}, 137 {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH), "FIPS_CIPHER_CTX_SET_KEY_LENGTH"},
138{ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH), "FIPS_CIPHER_CTX_SET_KEY_LENGTH"}, 138 {ERR_FUNC(EVP_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"},
139{ERR_FUNC(EVP_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"}, 139 {ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY), "FIPS_MD_CTX_COPY"},
140{ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY), "FIPS_MD_CTX_COPY"}, 140 {ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"},
141{ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"}, 141 {ERR_FUNC(EVP_F_INT_CTX_NEW), "INT_CTX_NEW"},
142{ERR_FUNC(EVP_F_INT_CTX_NEW), "INT_CTX_NEW"}, 142 {ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"},
143{ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"}, 143 {ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
144{ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"}, 144 {ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_V2_PBKDF2_KEYIVGEN"},
145{ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_V2_PBKDF2_KEYIVGEN"}, 145 {ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"},
146{ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"}, 146 {ERR_FUNC(EVP_F_PKEY_SET_TYPE), "PKEY_SET_TYPE"},
147{ERR_FUNC(EVP_F_PKEY_SET_TYPE), "PKEY_SET_TYPE"}, 147 {ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"},
148{ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"}, 148 {ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"},
149{ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"}, 149 {0, NULL}
150{0,NULL} 150};
151 };
152 151
153static ERR_STRING_DATA EVP_str_reasons[]= 152static ERR_STRING_DATA EVP_str_reasons[]= {
154 { 153 {ERR_REASON(EVP_R_AES_IV_SETUP_FAILED) , "aes iv setup failed"},
155{ERR_REASON(EVP_R_AES_IV_SETUP_FAILED) ,"aes iv setup failed"}, 154 {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED) , "aes key setup failed"},
156{ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED) ,"aes key setup failed"}, 155 {ERR_REASON(EVP_R_ASN1_LIB) , "asn1 lib"},
157{ERR_REASON(EVP_R_ASN1_LIB) ,"asn1 lib"}, 156 {ERR_REASON(EVP_R_BAD_BLOCK_LENGTH) , "bad block length"},
158{ERR_REASON(EVP_R_BAD_BLOCK_LENGTH) ,"bad block length"}, 157 {ERR_REASON(EVP_R_BAD_DECRYPT) , "bad decrypt"},
159{ERR_REASON(EVP_R_BAD_DECRYPT) ,"bad decrypt"}, 158 {ERR_REASON(EVP_R_BAD_KEY_LENGTH) , "bad key length"},
160{ERR_REASON(EVP_R_BAD_KEY_LENGTH) ,"bad key length"}, 159 {ERR_REASON(EVP_R_BN_DECODE_ERROR) , "bn decode error"},
161{ERR_REASON(EVP_R_BN_DECODE_ERROR) ,"bn decode error"}, 160 {ERR_REASON(EVP_R_BN_PUBKEY_ERROR) , "bn pubkey error"},
162{ERR_REASON(EVP_R_BN_PUBKEY_ERROR) ,"bn pubkey error"}, 161 {ERR_REASON(EVP_R_BUFFER_TOO_SMALL) , "buffer too small"},
163{ERR_REASON(EVP_R_BUFFER_TOO_SMALL) ,"buffer too small"}, 162 {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED), "camellia key setup failed"},
164{ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED),"camellia key setup failed"}, 163 {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR), "cipher parameter error"},
165{ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR),"cipher parameter error"}, 164 {ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED) , "command not supported"},
166{ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED) ,"command not supported"}, 165 {ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) , "ctrl not implemented"},
167{ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) ,"ctrl not implemented"}, 166 {ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED), "ctrl operation not implemented"},
168{ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),"ctrl operation not implemented"}, 167 {ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH), "data not multiple of block length"},
169{ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),"data not multiple of block length"}, 168 {ERR_REASON(EVP_R_DECODE_ERROR) , "decode error"},
170{ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"}, 169 {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) , "different key types"},
171{ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"}, 170 {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) , "different parameters"},
172{ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) ,"different parameters"}, 171 {ERR_REASON(EVP_R_DISABLED_FOR_FIPS) , "disabled for fips"},
173{ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"}, 172 {ERR_REASON(EVP_R_ENCODE_ERROR) , "encode error"},
174{ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"}, 173 {ERR_REASON(EVP_R_ERROR_LOADING_SECTION) , "error loading section"},
175{ERR_REASON(EVP_R_ERROR_LOADING_SECTION) ,"error loading section"}, 174 {ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE), "error setting fips mode"},
176{ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE),"error setting fips mode"}, 175 {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR), "evp pbe cipherinit error"},
177{ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"}, 176 {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) , "expecting an rsa key"},
178{ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"}, 177 {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) , "expecting a dh key"},
179{ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"}, 178 {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) , "expecting a dsa key"},
180{ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"}, 179 {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) , "expecting a ecdsa key"},
181{ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"}, 180 {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) , "expecting a ec key"},
182{ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) ,"expecting a ec key"}, 181 {ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"},
183{ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED),"fips mode not supported"}, 182 {ERR_REASON(EVP_R_INITIALIZATION_ERROR) , "initialization error"},
184{ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"}, 183 {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) , "input not initialized"},
185{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"}, 184 {ERR_REASON(EVP_R_INVALID_DIGEST) , "invalid digest"},
186{ERR_REASON(EVP_R_INVALID_DIGEST) ,"invalid digest"}, 185 {ERR_REASON(EVP_R_INVALID_FIPS_MODE) , "invalid fips mode"},
187{ERR_REASON(EVP_R_INVALID_FIPS_MODE) ,"invalid fips mode"}, 186 {ERR_REASON(EVP_R_INVALID_KEY_LENGTH) , "invalid key length"},
188{ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"}, 187 {ERR_REASON(EVP_R_INVALID_OPERATION) , "invalid operation"},
189{ERR_REASON(EVP_R_INVALID_OPERATION) ,"invalid operation"}, 188 {ERR_REASON(EVP_R_IV_TOO_LARGE) , "iv too large"},
190{ERR_REASON(EVP_R_IV_TOO_LARGE) ,"iv too large"}, 189 {ERR_REASON(EVP_R_KEYGEN_FAILURE) , "keygen failure"},
191{ERR_REASON(EVP_R_KEYGEN_FAILURE) ,"keygen failure"}, 190 {ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL), "message digest is null"},
192{ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL),"message digest is null"}, 191 {ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED) , "method not supported"},
193{ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED) ,"method not supported"}, 192 {ERR_REASON(EVP_R_MISSING_PARAMETERS) , "missing parameters"},
194{ERR_REASON(EVP_R_MISSING_PARAMETERS) ,"missing parameters"}, 193 {ERR_REASON(EVP_R_NO_CIPHER_SET) , "no cipher set"},
195{ERR_REASON(EVP_R_NO_CIPHER_SET) ,"no cipher set"}, 194 {ERR_REASON(EVP_R_NO_DEFAULT_DIGEST) , "no default digest"},
196{ERR_REASON(EVP_R_NO_DEFAULT_DIGEST) ,"no default digest"}, 195 {ERR_REASON(EVP_R_NO_DIGEST_SET) , "no digest set"},
197{ERR_REASON(EVP_R_NO_DIGEST_SET) ,"no digest set"}, 196 {ERR_REASON(EVP_R_NO_DSA_PARAMETERS) , "no dsa parameters"},
198{ERR_REASON(EVP_R_NO_DSA_PARAMETERS) ,"no dsa parameters"}, 197 {ERR_REASON(EVP_R_NO_KEY_SET) , "no key set"},
199{ERR_REASON(EVP_R_NO_KEY_SET) ,"no key set"}, 198 {ERR_REASON(EVP_R_NO_OPERATION_SET) , "no operation set"},
200{ERR_REASON(EVP_R_NO_OPERATION_SET) ,"no operation set"}, 199 {ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED), "no sign function configured"},
201{ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED),"no sign function configured"}, 200 {ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED), "no verify function configured"},
202{ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),"no verify function configured"}, 201 {ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE), "operation not supported for this keytype"},
203{ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"}, 202 {ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
204{ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED),"operaton not initialized"}, 203 {ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE), "pkcs8 unknown broken type"},
205{ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE),"pkcs8 unknown broken type"}, 204 {ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"},
206{ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR),"private key decode error"}, 205 {ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"},
207{ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR),"private key encode error"}, 206 {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) , "public key not rsa"},
208{ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) ,"public key not rsa"}, 207 {ERR_REASON(EVP_R_TOO_LARGE) , "too large"},
209{ERR_REASON(EVP_R_TOO_LARGE) ,"too large"}, 208 {ERR_REASON(EVP_R_UNKNOWN_CIPHER) , "unknown cipher"},
210{ERR_REASON(EVP_R_UNKNOWN_CIPHER) ,"unknown cipher"}, 209 {ERR_REASON(EVP_R_UNKNOWN_DIGEST) , "unknown digest"},
211{ERR_REASON(EVP_R_UNKNOWN_DIGEST) ,"unknown digest"}, 210 {ERR_REASON(EVP_R_UNKNOWN_OPTION) , "unknown option"},
212{ERR_REASON(EVP_R_UNKNOWN_OPTION) ,"unknown option"}, 211 {ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) , "unknown pbe algorithm"},
213{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"}, 212 {ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS), "unsuported number of rounds"},
214{ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"}, 213 {ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) , "unsupported algorithm"},
215{ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) ,"unsupported algorithm"}, 214 {ERR_REASON(EVP_R_UNSUPPORTED_CIPHER) , "unsupported cipher"},
216{ERR_REASON(EVP_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"}, 215 {ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH) , "unsupported keylength"},
217{ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH) ,"unsupported keylength"}, 216 {ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION), "unsupported key derivation function"},
218{ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION),"unsupported key derivation function"}, 217 {ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE) , "unsupported key size"},
219{ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE) ,"unsupported key size"}, 218 {ERR_REASON(EVP_R_UNSUPPORTED_PRF) , "unsupported prf"},
220{ERR_REASON(EVP_R_UNSUPPORTED_PRF) ,"unsupported prf"}, 219 {ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM), "unsupported private key algorithm"},
221{ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM),"unsupported private key algorithm"}, 220 {ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE) , "unsupported salt type"},
222{ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE) ,"unsupported salt type"}, 221 {ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH), "wrong final block length"},
223{ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH),"wrong final block length"}, 222 {ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE) , "wrong public key type"},
224{ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE) ,"wrong public key type"}, 223 {0, NULL}
225{0,NULL} 224};
226 };
227 225
228#endif 226#endif
229 227
230void ERR_load_EVP_strings(void) 228void
231 { 229ERR_load_EVP_strings(void)
230{
232#ifndef OPENSSL_NO_ERR 231#ifndef OPENSSL_NO_ERR
233 232 if (ERR_func_error_string(EVP_str_functs[0].error) == NULL) {
234 if (ERR_func_error_string(EVP_str_functs[0].error) == NULL) 233 ERR_load_strings(0, EVP_str_functs);
235 { 234 ERR_load_strings(0, EVP_str_reasons);
236 ERR_load_strings(0,EVP_str_functs);
237 ERR_load_strings(0,EVP_str_reasons);
238 }
239#endif
240 } 235 }
236#endif
237}
diff --git a/src/lib/libssl/src/crypto/evp/evp_key.c b/src/lib/libssl/src/crypto/evp/evp_key.c
index b3cb0638fa..445456d3a7 100644
--- a/src/lib/libssl/src/crypto/evp/evp_key.c
+++ b/src/lib/libssl/src/crypto/evp/evp_key.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -66,123 +66,129 @@
66/* should be init to zeros. */ 66/* should be init to zeros. */
67static char prompt_string[80]; 67static char prompt_string[80];
68 68
69void EVP_set_pw_prompt(const char *prompt) 69void
70 { 70EVP_set_pw_prompt(const char *prompt)
71{
71 if (prompt == NULL) 72 if (prompt == NULL)
72 prompt_string[0]='\0'; 73 prompt_string[0] = '\0';
73 else 74 else {
74 { 75 strlcpy(prompt_string, prompt, sizeof(prompt_string));
75 strlcpy(prompt_string,prompt,sizeof(prompt_string));
76 }
77 } 76 }
77}
78 78
79char *EVP_get_pw_prompt(void) 79char *
80 { 80EVP_get_pw_prompt(void)
81{
81 if (prompt_string[0] == '\0') 82 if (prompt_string[0] == '\0')
82 return(NULL); 83 return (NULL);
83 else 84 else
84 return(prompt_string); 85 return (prompt_string);
85 } 86}
86 87
87/* For historical reasons, the standard function for reading passwords is 88/* For historical reasons, the standard function for reading passwords is
88 * in the DES library -- if someone ever wants to disable DES, 89 * in the DES library -- if someone ever wants to disable DES,
89 * this function will fail */ 90 * this function will fail */
90int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) 91int
91 { 92EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
93{
92 return EVP_read_pw_string_min(buf, 0, len, prompt, verify); 94 return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
93 } 95}
94 96
95int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, int verify) 97int
96 { 98EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
99 int verify)
100{
97 int ret; 101 int ret;
98 char buff[BUFSIZ]; 102 char buff[BUFSIZ];
99 UI *ui; 103 UI *ui;
100 104
101 if ((prompt == NULL) && (prompt_string[0] != '\0')) 105 if ((prompt == NULL) && (prompt_string[0] != '\0'))
102 prompt=prompt_string; 106 prompt = prompt_string;
103 ui = UI_new(); 107 ui = UI_new();
104 UI_add_input_string(ui,prompt,0,buf,min,(len>=BUFSIZ)?BUFSIZ-1:len); 108 UI_add_input_string(ui, prompt, 0,buf, min,
109 (len >= BUFSIZ) ? BUFSIZ - 1 : len);
105 if (verify) 110 if (verify)
106 UI_add_verify_string(ui,prompt,0, 111 UI_add_verify_string(ui, prompt, 0, buff, min,
107 buff,min,(len>=BUFSIZ)?BUFSIZ-1:len,buf); 112 (len >= BUFSIZ) ? BUFSIZ - 1 : len, buf);
108 ret = UI_process(ui); 113 ret = UI_process(ui);
109 UI_free(ui); 114 UI_free(ui);
110 OPENSSL_cleanse(buff,BUFSIZ); 115 OPENSSL_cleanse(buff, BUFSIZ);
111 return ret; 116 return ret;
112 } 117}
113 118
114int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, 119int
115 const unsigned char *salt, const unsigned char *data, int datal, 120EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
116 int count, unsigned char *key, unsigned char *iv) 121 const unsigned char *salt, const unsigned char *data, int datal,
117 { 122 int count, unsigned char *key, unsigned char *iv)
123{
118 EVP_MD_CTX c; 124 EVP_MD_CTX c;
119 unsigned char md_buf[EVP_MAX_MD_SIZE]; 125 unsigned char md_buf[EVP_MAX_MD_SIZE];
120 int niv,nkey,addmd=0; 126 int niv, nkey, addmd = 0;
121 unsigned int mds=0,i; 127 unsigned int mds = 0, i;
122 int rv = 0; 128 int rv = 0;
123 nkey=type->key_len; 129 nkey = type->key_len;
124 niv=type->iv_len; 130 niv = type->iv_len;
125 OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH); 131 OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
126 OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH); 132 OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
127 133
128 if (data == NULL) return(nkey); 134 if (data == NULL)
135 return (nkey);
129 136
130 EVP_MD_CTX_init(&c); 137 EVP_MD_CTX_init(&c);
131 for (;;) 138 for (;;) {
132 { 139 if (!EVP_DigestInit_ex(&c, md, NULL))
133 if (!EVP_DigestInit_ex(&c,md, NULL))
134 return 0; 140 return 0;
135 if (addmd++) 141 if (addmd++)
136 if (!EVP_DigestUpdate(&c,&(md_buf[0]),mds)) 142 if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
137 goto err; 143 goto err;
138 if (!EVP_DigestUpdate(&c,data,datal)) 144 if (!EVP_DigestUpdate(&c, data, datal))
139 goto err; 145 goto err;
140 if (salt != NULL) 146 if (salt != NULL)
141 if (!EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN)) 147 if (!EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN))
142 goto err; 148 goto err;
143 if (!EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds)) 149 if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
144 goto err; 150 goto err;
145 151
146 for (i=1; i<(unsigned int)count; i++) 152 for (i = 1; i < (unsigned int)count; i++) {
147 { 153 if (!EVP_DigestInit_ex(&c, md, NULL))
148 if (!EVP_DigestInit_ex(&c,md, NULL))
149 goto err; 154 goto err;
150 if (!EVP_DigestUpdate(&c,&(md_buf[0]),mds)) 155 if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
151 goto err; 156 goto err;
152 if (!EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds)) 157 if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
153 goto err; 158 goto err;
154 } 159 }
155 i=0; 160 i = 0;
156 if (nkey) 161 if (nkey) {
157 { 162 for (;;) {
158 for (;;) 163 if (nkey == 0)
159 { 164 break;
160 if (nkey == 0) break; 165 if (i == mds)
161 if (i == mds) break; 166 break;
162 if (key != NULL) 167 if (key != NULL)
163 *(key++)=md_buf[i]; 168 *(key++) = md_buf[i];
164 nkey--; 169 nkey--;
165 i++; 170 i++;
166 }
167 } 171 }
168 if (niv && (i != mds)) 172 }
169 { 173 if (niv && (i != mds)) {
170 for (;;) 174 for (;;) {
171 { 175 if (niv == 0)
172 if (niv == 0) break; 176 break;
173 if (i == mds) break; 177 if (i == mds)
178 break;
174 if (iv != NULL) 179 if (iv != NULL)
175 *(iv++)=md_buf[i]; 180 *(iv++) = md_buf[i];
176 niv--; 181 niv--;
177 i++; 182 i++;
178 }
179 } 183 }
180 if ((nkey == 0) && (niv == 0)) break;
181 } 184 }
185 if ((nkey == 0) && (niv == 0))
186 break;
187 }
182 rv = type->key_len; 188 rv = type->key_len;
183 err: 189
190err:
184 EVP_MD_CTX_cleanup(&c); 191 EVP_MD_CTX_cleanup(&c);
185 OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE); 192 OPENSSL_cleanse(&(md_buf[0]), EVP_MAX_MD_SIZE);
186 return rv; 193 return rv;
187 } 194}
188
diff --git a/src/lib/libssl/src/crypto/evp/evp_lib.c b/src/lib/libssl/src/crypto/evp/evp_lib.c
index b180e4828a..791f6b8fb1 100644
--- a/src/lib/libssl/src/crypto/evp/evp_lib.c
+++ b/src/lib/libssl/src/crypto/evp/evp_lib.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -61,256 +61,278 @@
61#include <openssl/evp.h> 61#include <openssl/evp.h>
62#include <openssl/objects.h> 62#include <openssl/objects.h>
63 63
64int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) 64int
65 { 65EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
66{
66 int ret; 67 int ret;
67 68
68 if (c->cipher->set_asn1_parameters != NULL) 69 if (c->cipher->set_asn1_parameters != NULL)
69 ret=c->cipher->set_asn1_parameters(c,type); 70 ret = c->cipher->set_asn1_parameters(c, type);
70 else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) 71 else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
71 ret=EVP_CIPHER_set_asn1_iv(c, type); 72 ret = EVP_CIPHER_set_asn1_iv(c, type);
72 else 73 else
73 ret=-1; 74 ret = -1;
74 return(ret); 75 return (ret);
75 } 76}
76 77
77int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type) 78int
78 { 79EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
80{
79 int ret; 81 int ret;
80 82
81 if (c->cipher->get_asn1_parameters != NULL) 83 if (c->cipher->get_asn1_parameters != NULL)
82 ret=c->cipher->get_asn1_parameters(c,type); 84 ret = c->cipher->get_asn1_parameters(c, type);
83 else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) 85 else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
84 ret=EVP_CIPHER_get_asn1_iv(c, type); 86 ret = EVP_CIPHER_get_asn1_iv(c, type);
85 else 87 else
86 ret=-1; 88 ret = -1;
87 return(ret); 89 return (ret);
88 } 90}
89 91
90int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) 92int
91 { 93EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
92 int i=0; 94{
95 int i = 0;
93 unsigned int l; 96 unsigned int l;
94 97
95 if (type != NULL) 98 if (type != NULL) {
96 { 99 l = EVP_CIPHER_CTX_iv_length(c);
97 l=EVP_CIPHER_CTX_iv_length(c);
98 OPENSSL_assert(l <= sizeof(c->iv)); 100 OPENSSL_assert(l <= sizeof(c->iv));
99 i=ASN1_TYPE_get_octetstring(type,c->oiv,l); 101 i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
100 if (i != (int)l) 102 if (i != (int)l)
101 return(-1); 103 return (-1);
102 else if (i > 0) 104 else if (i > 0)
103 memcpy(c->iv,c->oiv,l); 105 memcpy(c->iv, c->oiv, l);
104 }
105 return(i);
106 } 106 }
107 return (i);
108}
107 109
108int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) 110int
109 { 111EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
110 int i=0; 112{
113 int i = 0;
111 unsigned int j; 114 unsigned int j;
112 115
113 if (type != NULL) 116 if (type != NULL) {
114 { 117 j = EVP_CIPHER_CTX_iv_length(c);
115 j=EVP_CIPHER_CTX_iv_length(c);
116 OPENSSL_assert(j <= sizeof(c->iv)); 118 OPENSSL_assert(j <= sizeof(c->iv));
117 i=ASN1_TYPE_set_octetstring(type,c->oiv,j); 119 i = ASN1_TYPE_set_octetstring(type, c->oiv, j);
118 }
119 return(i);
120 } 120 }
121 return (i);
122}
121 123
122/* Convert the various cipher NIDs and dummies to a proper OID NID */ 124/* Convert the various cipher NIDs and dummies to a proper OID NID */
123int EVP_CIPHER_type(const EVP_CIPHER *ctx) 125int
126EVP_CIPHER_type(const EVP_CIPHER *ctx)
124{ 127{
125 int nid; 128 int nid;
126 ASN1_OBJECT *otmp; 129 ASN1_OBJECT *otmp;
127 nid = EVP_CIPHER_nid(ctx); 130 nid = EVP_CIPHER_nid(ctx);
128 131
129 switch(nid) { 132 switch (nid) {
130 133 case NID_rc2_cbc:
131 case NID_rc2_cbc: 134 case NID_rc2_64_cbc:
132 case NID_rc2_64_cbc: 135 case NID_rc2_40_cbc:
133 case NID_rc2_40_cbc:
134
135 return NID_rc2_cbc; 136 return NID_rc2_cbc;
136 137
137 case NID_rc4: 138 case NID_rc4:
138 case NID_rc4_40: 139 case NID_rc4_40:
139
140 return NID_rc4; 140 return NID_rc4;
141 141
142 case NID_aes_128_cfb128: 142 case NID_aes_128_cfb128:
143 case NID_aes_128_cfb8: 143 case NID_aes_128_cfb8:
144 case NID_aes_128_cfb1: 144 case NID_aes_128_cfb1:
145
146 return NID_aes_128_cfb128; 145 return NID_aes_128_cfb128;
147 146
148 case NID_aes_192_cfb128: 147 case NID_aes_192_cfb128:
149 case NID_aes_192_cfb8: 148 case NID_aes_192_cfb8:
150 case NID_aes_192_cfb1: 149 case NID_aes_192_cfb1:
151
152 return NID_aes_192_cfb128; 150 return NID_aes_192_cfb128;
153 151
154 case NID_aes_256_cfb128: 152 case NID_aes_256_cfb128:
155 case NID_aes_256_cfb8: 153 case NID_aes_256_cfb8:
156 case NID_aes_256_cfb1: 154 case NID_aes_256_cfb1:
157
158 return NID_aes_256_cfb128; 155 return NID_aes_256_cfb128;
159 156
160 case NID_des_cfb64: 157 case NID_des_cfb64:
161 case NID_des_cfb8: 158 case NID_des_cfb8:
162 case NID_des_cfb1: 159 case NID_des_cfb1:
163
164 return NID_des_cfb64; 160 return NID_des_cfb64;
165 161
166 case NID_des_ede3_cfb64: 162 case NID_des_ede3_cfb64:
167 case NID_des_ede3_cfb8: 163 case NID_des_ede3_cfb8:
168 case NID_des_ede3_cfb1: 164 case NID_des_ede3_cfb1:
169
170 return NID_des_cfb64; 165 return NID_des_cfb64;
171 166
172 default: 167 default:
173 /* Check it has an OID and it is valid */ 168 /* Check it has an OID and it is valid */
174 otmp = OBJ_nid2obj(nid); 169 otmp = OBJ_nid2obj(nid);
175 if(!otmp || !otmp->data) nid = NID_undef; 170 if (!otmp || !otmp->data)
171 nid = NID_undef;
176 ASN1_OBJECT_free(otmp); 172 ASN1_OBJECT_free(otmp);
177 return nid; 173 return nid;
178 } 174 }
179} 175}
180 176
181int EVP_CIPHER_block_size(const EVP_CIPHER *e) 177int
182 { 178EVP_CIPHER_block_size(const EVP_CIPHER *e)
179{
183 return e->block_size; 180 return e->block_size;
184 } 181}
185 182
186int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx) 183int
187 { 184EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
185{
188 return ctx->cipher->block_size; 186 return ctx->cipher->block_size;
189 } 187}
190 188
191int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) 189int
192 { 190EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
193 return ctx->cipher->do_cipher(ctx,out,in,inl); 191 unsigned int inl)
194 } 192{
193 return ctx->cipher->do_cipher(ctx, out, in, inl);
194}
195 195
196const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx) 196const EVP_CIPHER *
197 { 197EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
198{
198 return ctx->cipher; 199 return ctx->cipher;
199 } 200}
200 201
201unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher) 202unsigned long
202 { 203EVP_CIPHER_flags(const EVP_CIPHER *cipher)
204{
203 return cipher->flags; 205 return cipher->flags;
204 } 206}
205 207
206unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx) 208unsigned long
207 { 209EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
210{
208 return ctx->cipher->flags; 211 return ctx->cipher->flags;
209 } 212}
210 213
211void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) 214void *
212 { 215EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
216{
213 return ctx->app_data; 217 return ctx->app_data;
214 } 218}
215 219
216void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data) 220void
217 { 221EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
222{
218 ctx->app_data = data; 223 ctx->app_data = data;
219 } 224}
220 225
221int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher) 226int
222 { 227EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
228{
223 return cipher->iv_len; 229 return cipher->iv_len;
224 } 230}
225 231
226int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) 232int
227 { 233EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
234{
228 return ctx->cipher->iv_len; 235 return ctx->cipher->iv_len;
229 } 236}
230 237
231int EVP_CIPHER_key_length(const EVP_CIPHER *cipher) 238int
232 { 239EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
240{
233 return cipher->key_len; 241 return cipher->key_len;
234 } 242}
235 243
236int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx) 244int
237 { 245EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
246{
238 return ctx->key_len; 247 return ctx->key_len;
239 } 248}
240 249
241int EVP_CIPHER_nid(const EVP_CIPHER *cipher) 250int
242 { 251EVP_CIPHER_nid(const EVP_CIPHER *cipher)
252{
243 return cipher->nid; 253 return cipher->nid;
244 } 254}
245 255
246int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx) 256int
247 { 257EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
258{
248 return ctx->cipher->nid; 259 return ctx->cipher->nid;
249 } 260}
250 261
251int EVP_MD_block_size(const EVP_MD *md) 262int
252 { 263EVP_MD_block_size(const EVP_MD *md)
264{
253 return md->block_size; 265 return md->block_size;
254 } 266}
255 267
256int EVP_MD_type(const EVP_MD *md) 268int
257 { 269EVP_MD_type(const EVP_MD *md)
270{
258 return md->type; 271 return md->type;
259 } 272}
260 273
261int EVP_MD_pkey_type(const EVP_MD *md) 274int
262 { 275EVP_MD_pkey_type(const EVP_MD *md)
276{
263 return md->pkey_type; 277 return md->pkey_type;
264 } 278}
265 279
266int EVP_MD_size(const EVP_MD *md) 280int
267 { 281EVP_MD_size(const EVP_MD *md)
268 if (!md) 282{
269 { 283 if (!md) {
270 EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL); 284 EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
271 return -1; 285 return -1;
272 }
273 return md->md_size;
274 } 286 }
287 return md->md_size;
288}
275 289
276unsigned long EVP_MD_flags(const EVP_MD *md) 290unsigned long
277 { 291EVP_MD_flags(const EVP_MD *md)
292{
278 return md->flags; 293 return md->flags;
279 } 294}
280 295
281const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx) 296const EVP_MD *
282 { 297EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
298{
283 if (!ctx) 299 if (!ctx)
284 return NULL; 300 return NULL;
285 return ctx->digest; 301 return ctx->digest;
286 } 302}
287 303
288void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags) 304void
289 { 305EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
306{
290 ctx->flags |= flags; 307 ctx->flags |= flags;
291 } 308}
292 309
293void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags) 310void
294 { 311EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
312{
295 ctx->flags &= ~flags; 313 ctx->flags &= ~flags;
296 } 314}
297 315
298int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags) 316int
299 { 317EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
318{
300 return (ctx->flags & flags); 319 return (ctx->flags & flags);
301 } 320}
302 321
303void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags) 322void
304 { 323EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
324{
305 ctx->flags |= flags; 325 ctx->flags |= flags;
306 } 326}
307 327
308void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags) 328void
309 { 329EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
330{
310 ctx->flags &= ~flags; 331 ctx->flags &= ~flags;
311 } 332}
312 333
313int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags) 334int
314 { 335EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
336{
315 return (ctx->flags & flags); 337 return (ctx->flags & flags);
316 } 338}
diff --git a/src/lib/libssl/src/crypto/evp/evp_pbe.c b/src/lib/libssl/src/crypto/evp/evp_pbe.c
index 37683af76a..779c1592da 100644
--- a/src/lib/libssl/src/crypto/evp/evp_pbe.c
+++ b/src/lib/libssl/src/crypto/evp/evp_pbe.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -70,50 +70,36 @@ static STACK_OF(EVP_PBE_CTL) *pbe_algs;
70 70
71/* Setup a cipher context from a PBE algorithm */ 71/* Setup a cipher context from a PBE algorithm */
72 72
73typedef struct 73typedef struct {
74 {
75 int pbe_type; 74 int pbe_type;
76 int pbe_nid; 75 int pbe_nid;
77 int cipher_nid; 76 int cipher_nid;
78 int md_nid; 77 int md_nid;
79 EVP_PBE_KEYGEN *keygen; 78 EVP_PBE_KEYGEN *keygen;
80 } EVP_PBE_CTL; 79} EVP_PBE_CTL;
81 80
82static const EVP_PBE_CTL builtin_pbe[] = 81static const EVP_PBE_CTL builtin_pbe[] = {
83 { 82 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC, NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},
84 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC, 83 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC, NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
85 NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen}, 84 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC, NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
86 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC,
87 NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
88 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC,
89 NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
90 85
91#ifndef OPENSSL_NO_HMAC 86#ifndef OPENSSL_NO_HMAC
92 {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen}, 87 {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
93#endif 88#endif
94 89
95 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4, 90 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4, NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},
96 NID_rc4, NID_sha1, PKCS12_PBE_keyivgen}, 91 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4, NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen},
97 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4, 92 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen},
98 NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen}, 93 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC, NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},
99 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 94 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC, NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},
100 NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen}, 95 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC, NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},
101 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
102 NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},
103 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC,
104 NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},
105 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC,
106 NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},
107 96
108#ifndef OPENSSL_NO_HMAC 97#ifndef OPENSSL_NO_HMAC
109 {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen}, 98 {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen},
110#endif 99#endif
111 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC, 100 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC, NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen},
112 NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen}, 101 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC, NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},
113 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC, 102 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC, NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},
114 NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},
115 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC,
116 NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},
117 103
118 104
119 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0}, 105 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0},
@@ -123,141 +109,141 @@ static const EVP_PBE_CTL builtin_pbe[] =
123 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0}, 109 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},
124 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0}, 110 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},
125 {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0}, 111 {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},
126 }; 112};
127 113
128#ifdef TEST 114#ifdef TEST
129int main(int argc, char **argv) 115int
130 { 116main(int argc, char **argv)
117{
131 int i, nid_md, nid_cipher; 118 int i, nid_md, nid_cipher;
132 EVP_PBE_CTL *tpbe, *tpbe2; 119 EVP_PBE_CTL *tpbe, *tpbe2;
133 /*OpenSSL_add_all_algorithms();*/ 120 /*OpenSSL_add_all_algorithms();*/
134 121
135 for (i = 0; i < sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL); i++) 122 for (i = 0; i < sizeof(builtin_pbe) / sizeof(EVP_PBE_CTL); i++) {
136 {
137 tpbe = builtin_pbe + i; 123 tpbe = builtin_pbe + i;
138 fprintf(stderr, "%d %d %s ", tpbe->pbe_type, tpbe->pbe_nid, 124 fprintf(stderr, "%d %d %s ", tpbe->pbe_type, tpbe->pbe_nid,
139 OBJ_nid2sn(tpbe->pbe_nid)); 125 OBJ_nid2sn(tpbe->pbe_nid));
140 if (EVP_PBE_find(tpbe->pbe_type, tpbe->pbe_nid, 126 if (EVP_PBE_find(tpbe->pbe_type, tpbe->pbe_nid,
141 &nid_cipher ,&nid_md,0)) 127 &nid_cipher , &nid_md, 0))
142 fprintf(stderr, "Found %s %s\n", 128 fprintf(stderr, "Found %s %s\n",
143 OBJ_nid2sn(nid_cipher), 129 OBJ_nid2sn(nid_cipher), OBJ_nid2sn(nid_md));
144 OBJ_nid2sn(nid_md));
145 else 130 else
146 fprintf(stderr, "Find ERROR!!\n"); 131 fprintf(stderr, "Find ERROR!!\n");
147 } 132 }
148 133
149 return 0; 134 return 0;
150 } 135}
151#endif 136#endif
152
153
154 137
155int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, 138int
156 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de) 139EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
157 { 140 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
141{
158 const EVP_CIPHER *cipher; 142 const EVP_CIPHER *cipher;
159 const EVP_MD *md; 143 const EVP_MD *md;
160 int cipher_nid, md_nid; 144 int cipher_nid, md_nid;
161 EVP_PBE_KEYGEN *keygen; 145 EVP_PBE_KEYGEN *keygen;
162 146
163 if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj), 147 if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj),
164 &cipher_nid, &md_nid, &keygen)) 148 &cipher_nid, &md_nid, &keygen)) {
165 {
166 char obj_tmp[80]; 149 char obj_tmp[80];
167 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM); 150 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
168 if (!pbe_obj) strlcpy (obj_tmp, "NULL", sizeof obj_tmp); 151 if (!pbe_obj)
169 else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj); 152 strlcpy (obj_tmp, "NULL", sizeof obj_tmp);
153 else
154 i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
170 ERR_asprintf_error_data("TYPE=%s", obj_tmp); 155 ERR_asprintf_error_data("TYPE=%s", obj_tmp);
171 return 0; 156 return 0;
172 } 157 }
173 158
174 if(!pass) 159 if (!pass)
175 passlen = 0; 160 passlen = 0;
176 else if (passlen == -1) 161 else if (passlen == -1)
177 passlen = strlen(pass); 162 passlen = strlen(pass);
178 163
179 if (cipher_nid == -1) 164 if (cipher_nid == -1)
180 cipher = NULL; 165 cipher = NULL;
181 else 166 else {
182 {
183 cipher = EVP_get_cipherbynid(cipher_nid); 167 cipher = EVP_get_cipherbynid(cipher_nid);
184 if (!cipher) 168 if (!cipher) {
185 { 169 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_CIPHER);
186 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_CIPHER);
187 return 0; 170 return 0;
188 }
189 } 171 }
172 }
190 173
191 if (md_nid == -1) 174 if (md_nid == -1)
192 md = NULL; 175 md = NULL;
193 else 176 else {
194 {
195 md = EVP_get_digestbynid(md_nid); 177 md = EVP_get_digestbynid(md_nid);
196 if (!md) 178 if (!md) {
197 { 179 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_DIGEST);
198 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_DIGEST);
199 return 0; 180 return 0;
200 }
201 } 181 }
182 }
202 183
203 if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) 184 if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) {
204 { 185 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_KEYGEN_FAILURE);
205 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE);
206 return 0; 186 return 0;
207 } 187 }
208 return 1; 188 return 1;
209} 189}
210 190
211DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2); 191DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
212 192
213static int pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2) 193static int
214 { 194pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2)
195{
215 int ret = pbe1->pbe_type - pbe2->pbe_type; 196 int ret = pbe1->pbe_type - pbe2->pbe_type;
197
216 if (ret) 198 if (ret)
217 return ret; 199 return ret;
218 else 200 else
219 return pbe1->pbe_nid - pbe2->pbe_nid; 201 return pbe1->pbe_nid - pbe2->pbe_nid;
220 } 202}
221 203
222IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2); 204IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
223 205
224static int pbe_cmp(const EVP_PBE_CTL * const *a, const EVP_PBE_CTL * const *b) 206static int
225 { 207pbe_cmp(const EVP_PBE_CTL * const *a, const EVP_PBE_CTL * const *b)
208{
226 int ret = (*a)->pbe_type - (*b)->pbe_type; 209 int ret = (*a)->pbe_type - (*b)->pbe_type;
210
227 if (ret) 211 if (ret)
228 return ret; 212 return ret;
229 else 213 else
230 return (*a)->pbe_nid - (*b)->pbe_nid; 214 return (*a)->pbe_nid - (*b)->pbe_nid;
231 } 215}
232 216
233/* Add a PBE algorithm */ 217/* Add a PBE algorithm */
234 218
235int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid, 219int
236 EVP_PBE_KEYGEN *keygen) 220EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
237 { 221 EVP_PBE_KEYGEN *keygen)
222{
238 EVP_PBE_CTL *pbe_tmp; 223 EVP_PBE_CTL *pbe_tmp;
224
239 if (!pbe_algs) 225 if (!pbe_algs)
240 pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp); 226 pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
241 if (!(pbe_tmp = (EVP_PBE_CTL*) malloc (sizeof(EVP_PBE_CTL)))) 227 if (!(pbe_tmp = (EVP_PBE_CTL*) malloc (sizeof(EVP_PBE_CTL)))) {
242 { 228 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
243 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE,ERR_R_MALLOC_FAILURE);
244 return 0; 229 return 0;
245 } 230 }
246 pbe_tmp->pbe_type = pbe_type; 231 pbe_tmp->pbe_type = pbe_type;
247 pbe_tmp->pbe_nid = pbe_nid; 232 pbe_tmp->pbe_nid = pbe_nid;
248 pbe_tmp->cipher_nid = cipher_nid; 233 pbe_tmp->cipher_nid = cipher_nid;
249 pbe_tmp->md_nid = md_nid; 234 pbe_tmp->md_nid = md_nid;
250 pbe_tmp->keygen = keygen; 235 pbe_tmp->keygen = keygen;
251 236
252
253 sk_EVP_PBE_CTL_push (pbe_algs, pbe_tmp); 237 sk_EVP_PBE_CTL_push (pbe_algs, pbe_tmp);
254 return 1; 238 return 1;
255 } 239}
256 240
257int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, 241int
258 EVP_PBE_KEYGEN *keygen) 242EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
259 { 243 EVP_PBE_KEYGEN *keygen)
244{
260 int cipher_nid, md_nid; 245 int cipher_nid, md_nid;
246
261 if (cipher) 247 if (cipher)
262 cipher_nid = EVP_CIPHER_type(cipher); 248 cipher_nid = EVP_CIPHER_type(cipher);
263 else 249 else
@@ -268,12 +254,13 @@ int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
268 md_nid = -1; 254 md_nid = -1;
269 255
270 return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid, 256 return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid,
271 cipher_nid, md_nid, keygen); 257 cipher_nid, md_nid, keygen);
272 } 258}
273 259
274int EVP_PBE_find(int type, int pbe_nid, 260int
275 int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen) 261EVP_PBE_find(int type, int pbe_nid,
276 { 262 int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen)
263{
277 EVP_PBE_CTL *pbetmp = NULL, pbelu; 264 EVP_PBE_CTL *pbetmp = NULL, pbelu;
278 int i; 265 int i;
279 if (pbe_nid == NID_undef) 266 if (pbe_nid == NID_undef)
@@ -282,17 +269,15 @@ int EVP_PBE_find(int type, int pbe_nid,
282 pbelu.pbe_type = type; 269 pbelu.pbe_type = type;
283 pbelu.pbe_nid = pbe_nid; 270 pbelu.pbe_nid = pbe_nid;
284 271
285 if (pbe_algs) 272 if (pbe_algs) {
286 {
287 i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu); 273 i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu);
288 if (i != -1) 274 if (i != -1)
289 pbetmp = sk_EVP_PBE_CTL_value (pbe_algs, i); 275 pbetmp = sk_EVP_PBE_CTL_value (pbe_algs, i);
290 } 276 }
291 if (pbetmp == NULL) 277 if (pbetmp == NULL) {
292 {
293 pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe, 278 pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe,
294 sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL)); 279 sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL));
295 } 280 }
296 if (pbetmp == NULL) 281 if (pbetmp == NULL)
297 return 0; 282 return 0;
298 if (pcnid) 283 if (pcnid)
@@ -302,15 +287,17 @@ int EVP_PBE_find(int type, int pbe_nid,
302 if (pkeygen) 287 if (pkeygen)
303 *pkeygen = pbetmp->keygen; 288 *pkeygen = pbetmp->keygen;
304 return 1; 289 return 1;
305 } 290}
306 291
307static void free_evp_pbe_ctl(EVP_PBE_CTL *pbe) 292static void
308 { 293free_evp_pbe_ctl(EVP_PBE_CTL *pbe)
309 free(pbe); 294{
310 } 295 free(pbe);
296}
311 297
312void EVP_PBE_cleanup(void) 298void
313 { 299EVP_PBE_cleanup(void)
300{
314 sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl); 301 sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl);
315 pbe_algs = NULL; 302 pbe_algs = NULL;
316 } 303}
diff --git a/src/lib/libssl/src/crypto/evp/evp_pkey.c b/src/lib/libssl/src/crypto/evp/evp_pkey.c
index 94056f0da9..99fe5b3221 100644
--- a/src/lib/libssl/src/crypto/evp/evp_pkey.c
+++ b/src/lib/libssl/src/crypto/evp/evp_pkey.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -65,7 +65,8 @@
65 65
66/* Extract a private key from a PKCS8 structure */ 66/* Extract a private key from a PKCS8 structure */
67 67
68EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) 68EVP_PKEY *
69EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
69{ 70{
70 EVP_PKEY *pkey = NULL; 71 EVP_PKEY *pkey = NULL;
71 ASN1_OBJECT *algoid; 72 ASN1_OBJECT *algoid;
@@ -75,166 +76,164 @@ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
75 return NULL; 76 return NULL;
76 77
77 if (!(pkey = EVP_PKEY_new())) { 78 if (!(pkey = EVP_PKEY_new())) {
78 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); 79 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE);
79 return NULL; 80 return NULL;
80 } 81 }
81 82
82 if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) 83 if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) {
83 { 84 EVPerr(EVP_F_EVP_PKCS82PKEY,
84 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); 85 EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
85 i2t_ASN1_OBJECT(obj_tmp, 80, algoid); 86 i2t_ASN1_OBJECT(obj_tmp, 80, algoid);
86 ERR_asprintf_error_data("TYPE=%s", obj_tmp); 87 ERR_asprintf_error_data("TYPE=%s", obj_tmp);
87 goto error; 88 goto error;
88 } 89 }
89 90
90 if (pkey->ameth->priv_decode) 91 if (pkey->ameth->priv_decode) {
91 { 92 if (!pkey->ameth->priv_decode(pkey, p8)) {
92 if (!pkey->ameth->priv_decode(pkey, p8))
93 {
94 EVPerr(EVP_F_EVP_PKCS82PKEY, 93 EVPerr(EVP_F_EVP_PKCS82PKEY,
95 EVP_R_PRIVATE_KEY_DECODE_ERROR); 94 EVP_R_PRIVATE_KEY_DECODE_ERROR);
96 goto error; 95 goto error;
97 }
98 } 96 }
99 else 97 } else {
100 {
101 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED); 98 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED);
102 goto error; 99 goto error;
103 } 100 }
104 101
105 return pkey; 102 return pkey;
106 103
107 error: 104error:
108 EVP_PKEY_free (pkey); 105 EVP_PKEY_free (pkey);
109 return NULL; 106 return NULL;
110} 107}
111 108
112PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) 109PKCS8_PRIV_KEY_INFO *
110EVP_PKEY2PKCS8(EVP_PKEY *pkey)
113{ 111{
114 return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK); 112 return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
115} 113}
116 114
117/* Turn a private key into a PKCS8 structure */ 115/* Turn a private key into a PKCS8 structure */
118 116
119PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) 117PKCS8_PRIV_KEY_INFO *
118EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
120{ 119{
121 PKCS8_PRIV_KEY_INFO *p8; 120 PKCS8_PRIV_KEY_INFO *p8;
122 121
123 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) { 122 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {
124 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); 123 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE);
125 return NULL; 124 return NULL;
126 } 125 }
127 p8->broken = broken; 126 p8->broken = broken;
128 127
129 if (pkey->ameth) 128 if (pkey->ameth) {
130 { 129 if (pkey->ameth->priv_encode) {
131 if (pkey->ameth->priv_encode) 130 if (!pkey->ameth->priv_encode(p8, pkey)) {
132 {
133 if (!pkey->ameth->priv_encode(p8, pkey))
134 {
135 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, 131 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
136 EVP_R_PRIVATE_KEY_ENCODE_ERROR); 132 EVP_R_PRIVATE_KEY_ENCODE_ERROR);
137 goto error; 133 goto error;
138 }
139 } 134 }
140 else 135 } else {
141 {
142 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, 136 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
143 EVP_R_METHOD_NOT_SUPPORTED); 137 EVP_R_METHOD_NOT_SUPPORTED);
144 goto error; 138 goto error;
145 }
146 } 139 }
147 else 140 } else {
148 {
149 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, 141 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
150 EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); 142 EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
151 goto error; 143 goto error;
152 } 144 }
153 return p8; 145 return p8;
154 error: 146
147error:
155 PKCS8_PRIV_KEY_INFO_free(p8); 148 PKCS8_PRIV_KEY_INFO_free(p8);
156 return NULL; 149 return NULL;
157} 150}
158 151
159PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken) 152PKCS8_PRIV_KEY_INFO *
153PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
160{ 154{
161 switch (broken) { 155 switch (broken) {
162 156 case PKCS8_OK:
163 case PKCS8_OK:
164 p8->broken = PKCS8_OK; 157 p8->broken = PKCS8_OK;
165 return p8; 158 return p8;
166 break; 159 break;
167 160
168 case PKCS8_NO_OCTET: 161 case PKCS8_NO_OCTET:
169 p8->broken = PKCS8_NO_OCTET; 162 p8->broken = PKCS8_NO_OCTET;
170 p8->pkey->type = V_ASN1_SEQUENCE; 163 p8->pkey->type = V_ASN1_SEQUENCE;
171 return p8; 164 return p8;
172 break; 165 break;
173 166
174 default: 167 default:
175 EVPerr(EVP_F_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE); 168 EVPerr(EVP_F_PKCS8_SET_BROKEN, EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
176 return NULL; 169 return NULL;
177 } 170 }
178} 171}
179 172
180/* EVP_PKEY attribute functions */ 173/* EVP_PKEY attribute functions */
181 174
182int EVP_PKEY_get_attr_count(const EVP_PKEY *key) 175int
176EVP_PKEY_get_attr_count(const EVP_PKEY *key)
183{ 177{
184 return X509at_get_attr_count(key->attributes); 178 return X509at_get_attr_count(key->attributes);
185} 179}
186 180
187int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, 181int
188 int lastpos) 182EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos)
189{ 183{
190 return X509at_get_attr_by_NID(key->attributes, nid, lastpos); 184 return X509at_get_attr_by_NID(key->attributes, nid, lastpos);
191} 185}
192 186
193int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, 187int
194 int lastpos) 188EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, int lastpos)
195{ 189{
196 return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos); 190 return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos);
197} 191}
198 192
199X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc) 193X509_ATTRIBUTE *
194EVP_PKEY_get_attr(const EVP_PKEY *key, int loc)
200{ 195{
201 return X509at_get_attr(key->attributes, loc); 196 return X509at_get_attr(key->attributes, loc);
202} 197}
203 198
204X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc) 199X509_ATTRIBUTE *
200EVP_PKEY_delete_attr(EVP_PKEY *key, int loc)
205{ 201{
206 return X509at_delete_attr(key->attributes, loc); 202 return X509at_delete_attr(key->attributes, loc);
207} 203}
208 204
209int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr) 205int
206EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr)
210{ 207{
211 if(X509at_add1_attr(&key->attributes, attr)) return 1; 208 if (X509at_add1_attr(&key->attributes, attr))
209 return 1;
212 return 0; 210 return 0;
213} 211}
214 212
215int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, 213int
216 const ASN1_OBJECT *obj, int type, 214EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, const ASN1_OBJECT *obj, int type,
217 const unsigned char *bytes, int len) 215 const unsigned char *bytes, int len)
218{ 216{
219 if(X509at_add1_attr_by_OBJ(&key->attributes, obj, 217 if (X509at_add1_attr_by_OBJ(&key->attributes, obj, type, bytes, len))
220 type, bytes, len)) return 1; 218 return 1;
221 return 0; 219 return 0;
222} 220}
223 221
224int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, 222int
225 int nid, int type, 223EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, int nid, int type,
226 const unsigned char *bytes, int len) 224 const unsigned char *bytes, int len)
227{ 225{
228 if(X509at_add1_attr_by_NID(&key->attributes, nid, 226 if (X509at_add1_attr_by_NID(&key->attributes, nid, type, bytes, len))
229 type, bytes, len)) return 1; 227 return 1;
230 return 0; 228 return 0;
231} 229}
232 230
233int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, 231int
234 const char *attrname, int type, 232EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, const char *attrname, int type,
235 const unsigned char *bytes, int len) 233 const unsigned char *bytes, int len)
236{ 234{
237 if(X509at_add1_attr_by_txt(&key->attributes, attrname, 235 if (X509at_add1_attr_by_txt(&key->attributes, attrname, type,
238 type, bytes, len)) return 1; 236 bytes, len))
237 return 1;
239 return 0; 238 return 0;
240} 239}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-24 04:23:03 +0000