Merge the remainder of evp_lib.c into evp_cipher.c

author: tb <> 2023-12-29 06:17:58 +0000
committer: tb <> 2023-12-29 06:17:58 +0000
commit: 0700355f46080e6b4362c7960fed662a918720ed (patch)
tree: 29d409c68229092a024c222b30714bd301f16dc4 /src
parent: b1150f6e908de063136ab31bd074926d0a966d5e (diff)
download: openbsd-0700355f46080e6b4362c7960fed662a918720ed.tar.gz
openbsd-0700355f46080e6b4362c7960fed662a918720ed.tar.bz2
openbsd-0700355f46080e6b4362c7960fed662a918720ed.zip
3 files changed, 299 insertions, 367 deletions
diff --git a/src/lib/libcrypto/Makefile b/src/lib/libcrypto/Makefile
index d9b3e180f0..a1ea4b5343 100644
--- a/src/lib/libcrypto/Makefile
+++ b/src/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.160 2023/12/29 05:57:24 tb Exp $
+# $OpenBSD: Makefile,v 1.161 2023/12/29 06:17:58 tb Exp $
 LIB=    crypto
 LIBREBUILD=y
@@ -373,7 +373,6 @@ SRCS+= evp_digest.c
 SRCS+= evp_encode.c
 SRCS+= evp_err.c
 SRCS+= evp_key.c
-SRCS+= evp_lib.c
 SRCS+= evp_pbe.c
 SRCS+= evp_pkey.c
 SRCS+= m_gost2814789.c
diff --git a/src/lib/libcrypto/evp/evp_cipher.c b/src/lib/libcrypto/evp/evp_cipher.c
index 3b38e18bf3..b8945520b4 100644
--- a/src/lib/libcrypto/evp/evp_cipher.c
+++ b/src/lib/libcrypto/evp/evp_cipher.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_cipher.c,v 1.1 2023/12/29 05:57:24 tb Exp $ */
+/* $OpenBSD: evp_cipher.c,v 1.2 2023/12/29 06:17:58 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -61,11 +61,11 @@
 #include <stdlib.h>
 #include <string.h>
-#include <openssl/opensslconf.h>
+#include <openssl/asn1.h>
 #include <openssl/err.h>
 #include <openssl/evp.h>
+#include "asn1_local.h"
 #include "evp_local.h"
 int
@@ -685,3 +685,298 @@ EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
        return 1;
 }
+int
+EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
+{
+        int ret;
+        if (c->cipher->set_asn1_parameters != NULL)
+                ret = c->cipher->set_asn1_parameters(c, type);
+        else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
+                ret = EVP_CIPHER_set_asn1_iv(c, type);
+        else
+                ret = -1;
+        return (ret);
+}
+int
+EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
+{
+        int ret;
+        if (c->cipher->get_asn1_parameters != NULL)
+                ret = c->cipher->get_asn1_parameters(c, type);
+        else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
+                ret = EVP_CIPHER_get_asn1_iv(c, type);
+        else
+                ret = -1;
+        return (ret);
+}
+int
+EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
+{
+        int i = 0;
+        int l;
+        if (type != NULL) {
+                l = EVP_CIPHER_CTX_iv_length(c);
+                if (l < 0 || l > sizeof(c->iv)) {
+                        EVPerror(EVP_R_IV_TOO_LARGE);
+                        return 0;
+                }
+                i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
+                if (i != l)
+                        return (-1);
+                else if (i > 0)
+                        memcpy(c->iv, c->oiv, l);
+        }
+        return (i);
+}
+int
+EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
+{
+        int i = 0;
+        int j;
+        if (type != NULL) {
+                j = EVP_CIPHER_CTX_iv_length(c);
+                if (j < 0 || j > sizeof(c->iv)) {
+                        EVPerror(EVP_R_IV_TOO_LARGE);
+                        return 0;
+                }
+                i = ASN1_TYPE_set_octetstring(type, c->oiv, j);
+        }
+        return (i);
+}
+/* Convert the various cipher NIDs and dummies to a proper OID NID */
+int
+EVP_CIPHER_type(const EVP_CIPHER *ctx)
+{
+        int nid;
+        ASN1_OBJECT *otmp;
+        nid = EVP_CIPHER_nid(ctx);
+        switch (nid) {
+        case NID_rc2_cbc:
+        case NID_rc2_64_cbc:
+        case NID_rc2_40_cbc:
+                return NID_rc2_cbc;
+        case NID_rc4:
+        case NID_rc4_40:
+                return NID_rc4;
+        case NID_aes_128_cfb128:
+        case NID_aes_128_cfb8:
+        case NID_aes_128_cfb1:
+                return NID_aes_128_cfb128;
+        case NID_aes_192_cfb128:
+        case NID_aes_192_cfb8:
+        case NID_aes_192_cfb1:
+                return NID_aes_192_cfb128;
+        case NID_aes_256_cfb128:
+        case NID_aes_256_cfb8:
+        case NID_aes_256_cfb1:
+                return NID_aes_256_cfb128;
+        case NID_des_cfb64:
+        case NID_des_cfb8:
+        case NID_des_cfb1:
+                return NID_des_cfb64;
+        case NID_des_ede3_cfb64:
+        case NID_des_ede3_cfb8:
+        case NID_des_ede3_cfb1:
+                return NID_des_cfb64;
+        default:
+                /* Check it has an OID and it is valid */
+                otmp = OBJ_nid2obj(nid);
+                if (!otmp || !otmp->data)
+                        nid = NID_undef;
+                ASN1_OBJECT_free(otmp);
+                return nid;
+        }
+}
+int
+EVP_CIPHER_block_size(const EVP_CIPHER *e)
+{
+        return e->block_size;
+}
+int
+EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
+{
+        return ctx->cipher->block_size;
+}
+const EVP_CIPHER *
+EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
+{
+        return ctx->cipher;
+}
+int
+EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx)
+{
+        return ctx->encrypt;
+}
+unsigned long
+EVP_CIPHER_flags(const EVP_CIPHER *cipher)
+{
+        return cipher->flags;
+}
+unsigned long
+EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
+{
+        return ctx->cipher->flags;
+}
+void *
+EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
+{
+        return ctx->app_data;
+}
+void
+EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
+{
+        ctx->app_data = data;
+}
+void *
+EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx)
+{
+        return ctx->cipher_data;
+}
+void *
+EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data)
+{
+        void *old_cipher_data;
+        old_cipher_data = ctx->cipher_data;
+        ctx->cipher_data = cipher_data;
+        return old_cipher_data;
+}
+int
+EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
+{
+        return cipher->iv_len;
+}
+int
+EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
+{
+        int iv_length = 0;
+        if ((ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_IV_LENGTH) == 0)
+                return ctx->cipher->iv_len;
+        /*
+         * XXX - sanity would suggest to pass the size of the pointer along,
+         * but unfortunately we have to match the other crowd.
+         */
+        if (EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN, 0,
+            &iv_length) != 1)
+                return -1;
+        return iv_length;
+}
+unsigned char *
+EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx)
+{
+        return ctx->buf;
+}
+int
+EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
+{
+        return cipher->key_len;
+}
+int
+EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
+{
+        return ctx->key_len;
+}
+int
+EVP_CIPHER_nid(const EVP_CIPHER *cipher)
+{
+        return cipher->nid;
+}
+int
+EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
+{
+        return ctx->cipher->nid;
+}
+int
+EVP_CIPHER_CTX_get_iv(const EVP_CIPHER_CTX *ctx, unsigned char *iv, size_t len)
+{
+        if (ctx == NULL || len != EVP_CIPHER_CTX_iv_length(ctx))
+                return 0;
+        if (len > EVP_MAX_IV_LENGTH)
+                return 0; /* sanity check; shouldn't happen */
+        /*
+         * Skip the memcpy entirely when the requested IV length is zero,
+         * since the iv pointer may be NULL or invalid.
+         */
+        if (len != 0) {
+                if (iv == NULL)
+                        return 0;
+                memcpy(iv, ctx->iv, len);
+        }
+        return 1;
+}
+int
+EVP_CIPHER_CTX_set_iv(EVP_CIPHER_CTX *ctx, const unsigned char *iv, size_t len)
+{
+        if (ctx == NULL || len != EVP_CIPHER_CTX_iv_length(ctx))
+                return 0;
+        if (len > EVP_MAX_IV_LENGTH)
+                return 0; /* sanity check; shouldn't happen */
+        /*
+         * Skip the memcpy entirely when the requested IV length is zero,
+         * since the iv pointer may be NULL or invalid.
+         */
+        if (len != 0) {
+                if (iv == NULL)
+                        return 0;
+                memcpy(ctx->iv, iv, len);
+        }
+        return 1;
+}
+void
+EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
+{
+        ctx->flags |= flags;
+}
+void
+EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
+{
+        ctx->flags &= ~flags;
+}
+int
+EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
+{
+        return (ctx->flags & flags);
+}
diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c
deleted file mode 100644
index 3288129442..0000000000
--- a/src/lib/libcrypto/evp/evp_lib.c
+++ /dev/null
@@ -1,362 +0,0 @@
-/* $OpenBSD: evp_lib.c,v 1.31 2023/12/29 06:08:01 tb Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include <string.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include "asn1_local.h"
-#include "evp_local.h"
-int
-EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-        int ret;
-        if (c->cipher->set_asn1_parameters != NULL)
-                ret = c->cipher->set_asn1_parameters(c, type);
-        else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
-                ret = EVP_CIPHER_set_asn1_iv(c, type);
-        else
-                ret = -1;
-        return (ret);
-}
-int
-EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-        int ret;
-        if (c->cipher->get_asn1_parameters != NULL)
-                ret = c->cipher->get_asn1_parameters(c, type);
-        else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
-                ret = EVP_CIPHER_get_asn1_iv(c, type);
-        else
-                ret = -1;
-        return (ret);
-}
-int
-EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-        int i = 0;
-        int l;
-        if (type != NULL) {
-                l = EVP_CIPHER_CTX_iv_length(c);
-                if (l < 0 || l > sizeof(c->iv)) {
-                        EVPerror(EVP_R_IV_TOO_LARGE);
-                        return 0;
-                }
-                i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
-                if (i != l)
-                        return (-1);
-                else if (i > 0)
-                        memcpy(c->iv, c->oiv, l);
-        }
-        return (i);
-}
-int
-EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-        int i = 0;
-        int j;
-        if (type != NULL) {
-                j = EVP_CIPHER_CTX_iv_length(c);
-                if (j < 0 || j > sizeof(c->iv)) {
-                        EVPerror(EVP_R_IV_TOO_LARGE);
-                        return 0;
-                }
-                i = ASN1_TYPE_set_octetstring(type, c->oiv, j);
-        }
-        return (i);
-}
-/* Convert the various cipher NIDs and dummies to a proper OID NID */
-int
-EVP_CIPHER_type(const EVP_CIPHER *ctx)
-{
-        int nid;
-        ASN1_OBJECT *otmp;
-        nid = EVP_CIPHER_nid(ctx);
-        switch (nid) {
-        case NID_rc2_cbc:
-        case NID_rc2_64_cbc:
-        case NID_rc2_40_cbc:
-                return NID_rc2_cbc;
-        case NID_rc4:
-        case NID_rc4_40:
-                return NID_rc4;
-        case NID_aes_128_cfb128:
-        case NID_aes_128_cfb8:
-        case NID_aes_128_cfb1:
-                return NID_aes_128_cfb128;
-        case NID_aes_192_cfb128:
-        case NID_aes_192_cfb8:
-        case NID_aes_192_cfb1:
-                return NID_aes_192_cfb128;
-        case NID_aes_256_cfb128:
-        case NID_aes_256_cfb8:
-        case NID_aes_256_cfb1:
-                return NID_aes_256_cfb128;
-        case NID_des_cfb64:
-        case NID_des_cfb8:
-        case NID_des_cfb1:
-                return NID_des_cfb64;
-        case NID_des_ede3_cfb64:
-        case NID_des_ede3_cfb8:
-        case NID_des_ede3_cfb1:
-                return NID_des_cfb64;
-        default:
-                /* Check it has an OID and it is valid */
-                otmp = OBJ_nid2obj(nid);
-                if (!otmp || !otmp->data)
-                        nid = NID_undef;
-                ASN1_OBJECT_free(otmp);
-                return nid;
-        }
-}
-int
-EVP_CIPHER_block_size(const EVP_CIPHER *e)
-{
-        return e->block_size;
-}
-int
-EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
-{
-        return ctx->cipher->block_size;
-}
-const EVP_CIPHER *
-EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
-{
-        return ctx->cipher;
-}
-int
-EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx)
-{
-        return ctx->encrypt;
-}
-unsigned long
-EVP_CIPHER_flags(const EVP_CIPHER *cipher)
-{
-        return cipher->flags;
-}
-unsigned long
-EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
-{
-        return ctx->cipher->flags;
-}
-void *
-EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
-{
-        return ctx->app_data;
-}
-void
-EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
-{
-        ctx->app_data = data;
-}
-void *
-EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx)
-{
-        return ctx->cipher_data;
-}
-void *
-EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data)
-{
-        void *old_cipher_data;
-        old_cipher_data = ctx->cipher_data;
-        ctx->cipher_data = cipher_data;
-        return old_cipher_data;
-}
-int
-EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
-{
-        return cipher->iv_len;
-}
-int
-EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
-{
-        int iv_length = 0;
-        if ((ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_IV_LENGTH) == 0)
-                return ctx->cipher->iv_len;
-        /*
-         * XXX - sanity would suggest to pass the size of the pointer along,
-         * but unfortunately we have to match the other crowd.
-         */
-        if (EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN, 0,
-            &iv_length) != 1)
-                return -1;
-        return iv_length;
-}
-unsigned char *
-EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx)
-{
-        return ctx->buf;
-}
-int
-EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
-{
-        return cipher->key_len;
-}
-int
-EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
-{
-        return ctx->key_len;
-}
-int
-EVP_CIPHER_nid(const EVP_CIPHER *cipher)
-{
-        return cipher->nid;
-}
-int
-EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
-{
-        return ctx->cipher->nid;
-}
-int
-EVP_CIPHER_CTX_get_iv(const EVP_CIPHER_CTX *ctx, unsigned char *iv, size_t len)
-{
-        if (ctx == NULL || len != EVP_CIPHER_CTX_iv_length(ctx))
-                return 0;
-        if (len > EVP_MAX_IV_LENGTH)
-                return 0; /* sanity check; shouldn't happen */
-        /*
-         * Skip the memcpy entirely when the requested IV length is zero,
-         * since the iv pointer may be NULL or invalid.
-         */
-        if (len != 0) {
-                if (iv == NULL)
-                        return 0;
-                memcpy(iv, ctx->iv, len);
-        }
-        return 1;
-}
-int
-EVP_CIPHER_CTX_set_iv(EVP_CIPHER_CTX *ctx, const unsigned char *iv, size_t len)
-{
-        if (ctx == NULL || len != EVP_CIPHER_CTX_iv_length(ctx))
-                return 0;
-        if (len > EVP_MAX_IV_LENGTH)
-                return 0; /* sanity check; shouldn't happen */
-        /*
-         * Skip the memcpy entirely when the requested IV length is zero,
-         * since the iv pointer may be NULL or invalid.
-         */
-        if (len != 0) {
-                if (iv == NULL)
-                        return 0;
-                memcpy(ctx->iv, iv, len);
-        }
-        return 1;
-}
-void
-EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
-{
-        ctx->flags |= flags;
-}
-void
-EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
-{
-        ctx->flags &= ~flags;
-}
-int
-EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
-{
-        return (ctx->flags & flags);
-}
author	tb <>	2023-12-29 06:17:58 +0000
committer	tb <>	2023-12-29 06:17:58 +0000
commit	0700355f46080e6b4362c7960fed662a918720ed (patch)
tree	29d409c68229092a024c222b30714bd301f16dc4 /src
parent	b1150f6e908de063136ab31bd074926d0a966d5e (diff)
download	openbsd-0700355f46080e6b4362c7960fed662a918720ed.tar.gz openbsd-0700355f46080e6b4362c7960fed662a918720ed.tar.bz2 openbsd-0700355f46080e6b4362c7960fed662a918720ed.zip

diff --git a/src/lib/libcrypto/Makefile b/src/lib/libcrypto/Makefile index d9b3e180f0..a1ea4b5343 100644 --- a/src/lib/libcrypto/Makefile +++ b/src/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.160 2023/12/29 05:57:24 tb Exp $	1	# $OpenBSD: Makefile,v 1.161 2023/12/29 06:17:58 tb Exp $
2		2
3	LIB= crypto	3	LIB= crypto
4	LIBREBUILD=y	4	LIBREBUILD=y
@@ -373,7 +373,6 @@ SRCS+= evp_digest.c
373	SRCS+= evp_encode.c	373	SRCS+= evp_encode.c
374	SRCS+= evp_err.c	374	SRCS+= evp_err.c
375	SRCS+= evp_key.c	375	SRCS+= evp_key.c
376	SRCS+= evp_lib.c
377	SRCS+= evp_pbe.c	376	SRCS+= evp_pbe.c
378	SRCS+= evp_pkey.c	377	SRCS+= evp_pkey.c
379	SRCS+= m_gost2814789.c	378	SRCS+= m_gost2814789.c


diff --git a/src/lib/libcrypto/evp/evp_cipher.c b/src/lib/libcrypto/evp/evp_cipher.c index 3b38e18bf3..b8945520b4 100644 --- a/src/lib/libcrypto/evp/evp_cipher.c +++ b/src/lib/libcrypto/evp/evp_cipher.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: evp_cipher.c,v 1.1 2023/12/29 05:57:24 tb Exp $ */	1	/* $OpenBSD: evp_cipher.c,v 1.2 2023/12/29 06:17:58 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -61,11 +61,11 @@
61	#include <stdlib.h>	61	#include <stdlib.h>
62	#include <string.h>	62	#include <string.h>
63		63
64	#include <openssl/opensslconf.h>	64	#include <openssl/asn1.h>
65
66	#include <openssl/err.h>	65	#include <openssl/err.h>
67	#include <openssl/evp.h>	66	#include <openssl/evp.h>
68		67
		68	#include "asn1_local.h"
69	#include "evp_local.h"	69	#include "evp_local.h"
70		70
71	int	71	int
@@ -685,3 +685,298 @@ EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX out, const EVP_CIPHER_CTX in)
685		685
686	return 1;	686	return 1;
687	}	687	}
		688
		689	int
		690	EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX c, ASN1_TYPE type)
		691	{
		692	int ret;
		693
		694	if (c->cipher->set_asn1_parameters != NULL)
		695	ret = c->cipher->set_asn1_parameters(c, type);
		696	else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
		697	ret = EVP_CIPHER_set_asn1_iv(c, type);
		698	else
		699	ret = -1;
		700	return (ret);
		701	}
		702
		703	int
		704	EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX c, ASN1_TYPE type)
		705	{
		706	int ret;
		707
		708	if (c->cipher->get_asn1_parameters != NULL)
		709	ret = c->cipher->get_asn1_parameters(c, type);
		710	else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
		711	ret = EVP_CIPHER_get_asn1_iv(c, type);
		712	else
		713	ret = -1;
		714	return (ret);
		715	}
		716
		717	int
		718	EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX c, ASN1_TYPE type)
		719	{
		720	int i = 0;
		721	int l;
		722
		723	if (type != NULL) {
		724	l = EVP_CIPHER_CTX_iv_length(c);
		725	if (l < 0 \|\| l > sizeof(c->iv)) {
		726	EVPerror(EVP_R_IV_TOO_LARGE);
		727	return 0;
		728	}
		729	i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
		730	if (i != l)
		731	return (-1);
		732	else if (i > 0)
		733	memcpy(c->iv, c->oiv, l);
		734	}
		735	return (i);
		736	}
		737
		738	int
		739	EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX c, ASN1_TYPE type)
		740	{
		741	int i = 0;
		742	int j;
		743
		744	if (type != NULL) {
		745	j = EVP_CIPHER_CTX_iv_length(c);
		746	if (j < 0 \|\| j > sizeof(c->iv)) {
		747	EVPerror(EVP_R_IV_TOO_LARGE);
		748	return 0;
		749	}
		750	i = ASN1_TYPE_set_octetstring(type, c->oiv, j);
		751	}
		752	return (i);
		753	}
		754
		755	/* Convert the various cipher NIDs and dummies to a proper OID NID */
		756	int
		757	EVP_CIPHER_type(const EVP_CIPHER *ctx)
		758	{
		759	int nid;
		760	ASN1_OBJECT *otmp;
		761	nid = EVP_CIPHER_nid(ctx);
		762
		763	switch (nid) {
		764	case NID_rc2_cbc:
		765	case NID_rc2_64_cbc:
		766	case NID_rc2_40_cbc:
		767	return NID_rc2_cbc;
		768
		769	case NID_rc4:
		770	case NID_rc4_40:
		771	return NID_rc4;
		772
		773	case NID_aes_128_cfb128:
		774	case NID_aes_128_cfb8:
		775	case NID_aes_128_cfb1:
		776	return NID_aes_128_cfb128;
		777
		778	case NID_aes_192_cfb128:
		779	case NID_aes_192_cfb8:
		780	case NID_aes_192_cfb1:
		781	return NID_aes_192_cfb128;
		782
		783	case NID_aes_256_cfb128:
		784	case NID_aes_256_cfb8:
		785	case NID_aes_256_cfb1:
		786	return NID_aes_256_cfb128;
		787
		788	case NID_des_cfb64:
		789	case NID_des_cfb8:
		790	case NID_des_cfb1:
		791	return NID_des_cfb64;
		792
		793	case NID_des_ede3_cfb64:
		794	case NID_des_ede3_cfb8:
		795	case NID_des_ede3_cfb1:
		796	return NID_des_cfb64;
		797
		798	default:
		799	/* Check it has an OID and it is valid */
		800	otmp = OBJ_nid2obj(nid);
		801	if (!otmp \|\| !otmp->data)
		802	nid = NID_undef;
		803	ASN1_OBJECT_free(otmp);
		804	return nid;
		805	}
		806	}
		807
		808	int
		809	EVP_CIPHER_block_size(const EVP_CIPHER *e)
		810	{
		811	return e->block_size;
		812	}
		813
		814	int
		815	EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
		816	{
		817	return ctx->cipher->block_size;
		818	}
		819
		820	const EVP_CIPHER *
		821	EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
		822	{
		823	return ctx->cipher;
		824	}
		825
		826	int
		827	EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx)
		828	{
		829	return ctx->encrypt;
		830	}
		831
		832	unsigned long
		833	EVP_CIPHER_flags(const EVP_CIPHER *cipher)
		834	{
		835	return cipher->flags;
		836	}
		837
		838	unsigned long
		839	EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
		840	{
		841	return ctx->cipher->flags;
		842	}
		843
		844	void *
		845	EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
		846	{
		847	return ctx->app_data;
		848	}
		849
		850	void
		851	EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX ctx, void data)
		852	{
		853	ctx->app_data = data;
		854	}
		855
		856	void *
		857	EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx)
		858	{
		859	return ctx->cipher_data;
		860	}
		861
		862	void *
		863	EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX ctx, void cipher_data)
		864	{
		865	void *old_cipher_data;
		866
		867	old_cipher_data = ctx->cipher_data;
		868	ctx->cipher_data = cipher_data;
		869
		870	return old_cipher_data;
		871	}
		872
		873	int
		874	EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
		875	{
		876	return cipher->iv_len;
		877	}
		878
		879	int
		880	EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
		881	{
		882	int iv_length = 0;
		883
		884	if ((ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_IV_LENGTH) == 0)
		885	return ctx->cipher->iv_len;
		886
		887	/*
		888	* XXX - sanity would suggest to pass the size of the pointer along,
		889	* but unfortunately we have to match the other crowd.
		890	*/
		891	if (EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN, 0,
		892	&iv_length) != 1)
		893	return -1;
		894
		895	return iv_length;
		896	}
		897
		898	unsigned char *
		899	EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx)
		900	{
		901	return ctx->buf;
		902	}
		903
		904	int
		905	EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
		906	{
		907	return cipher->key_len;
		908	}
		909
		910	int
		911	EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
		912	{
		913	return ctx->key_len;
		914	}
		915
		916	int
		917	EVP_CIPHER_nid(const EVP_CIPHER *cipher)
		918	{
		919	return cipher->nid;
		920	}
		921
		922	int
		923	EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
		924	{
		925	return ctx->cipher->nid;
		926	}
		927
		928	int
		929	EVP_CIPHER_CTX_get_iv(const EVP_CIPHER_CTX ctx, unsigned char iv, size_t len)
		930	{
		931	if (ctx == NULL \|\| len != EVP_CIPHER_CTX_iv_length(ctx))
		932	return 0;
		933	if (len > EVP_MAX_IV_LENGTH)
		934	return 0; /* sanity check; shouldn't happen */
		935	/*
		936	* Skip the memcpy entirely when the requested IV length is zero,
		937	* since the iv pointer may be NULL or invalid.
		938	*/
		939	if (len != 0) {
		940	if (iv == NULL)
		941	return 0;
		942	memcpy(iv, ctx->iv, len);
		943	}
		944	return 1;
		945	}
		946
		947	int
		948	EVP_CIPHER_CTX_set_iv(EVP_CIPHER_CTX ctx, const unsigned char iv, size_t len)
		949	{
		950	if (ctx == NULL \|\| len != EVP_CIPHER_CTX_iv_length(ctx))
		951	return 0;
		952	if (len > EVP_MAX_IV_LENGTH)
		953	return 0; /* sanity check; shouldn't happen */
		954	/*
		955	* Skip the memcpy entirely when the requested IV length is zero,
		956	* since the iv pointer may be NULL or invalid.
		957	*/
		958	if (len != 0) {
		959	if (iv == NULL)
		960	return 0;
		961	memcpy(ctx->iv, iv, len);
		962	}
		963	return 1;
		964	}
		965
		966	void
		967	EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
		968	{
		969	ctx->flags \|= flags;
		970	}
		971
		972	void
		973	EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
		974	{
		975	ctx->flags &= ~flags;
		976	}
		977
		978	int
		979	EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
		980	{
		981	return (ctx->flags & flags);
		982	}


diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c deleted file mode 100644 index 3288129442..0000000000 --- a/src/lib/libcrypto/evp/evp_lib.c +++ /dev/null
@@ -1,362 +0,0 @@
1	/* $OpenBSD: evp_lib.c,v 1.31 2023/12/29 06:08:01 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.
4	*
5	* This package is an SSL implementation written
6	* by Eric Young (eay@cryptsoft.com).
7	* The implementation was written so as to conform with Netscapes SSL.
8	*
9	* This library is free for commercial and non-commercial use as long as
10	* the following conditions are aheared to. The following conditions
11	* apply to all code found in this distribution, be it the RC4, RSA,
12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13	* included with this distribution is covered by the same copyright terms
14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15	*
16	* Copyright remains Eric Young's, and as such any Copyright notices in
17	* the code are not to be removed.
18	* If this package is used in a product, Eric Young should be given attribution
19	* as the author of the parts of the library used.
20	* This can be in the form of a textual message at program startup or
21	* in documentation (online or textual) provided with the package.
22	*
23	* Redistribution and use in source and binary forms, with or without
24	* modification, are permitted provided that the following conditions
25	* are met:
26	* 1. Redistributions of source code must retain the copyright
27	* notice, this list of conditions and the following disclaimer.
28	* 2. Redistributions in binary form must reproduce the above copyright
29	* notice, this list of conditions and the following disclaimer in the
30	* documentation and/or other materials provided with the distribution.
31	* 3. All advertising materials mentioning features or use of this software
32	* must display the following acknowledgement:
33	* "This product includes cryptographic software written by
34	* Eric Young (eay@cryptsoft.com)"
35	* The word 'cryptographic' can be left out if the rouines from the library
36	* being used are not cryptographic related :-).
37	* 4. If you include any Windows specific code (or a derivative thereof) from
38	* the apps directory (application code) you must include an acknowledgement:
39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51	* SUCH DAMAGE.
52	*
53	* The licence and distribution terms for any publically available version or
54	* derivative of this code cannot be changed. i.e. this code cannot simply be
55	* copied and put under another distribution licence
56	* [including the GNU Public Licence.]
57	*/
58
59	#include <stdio.h>
60	#include <string.h>
61
62	#include <openssl/err.h>
63	#include <openssl/evp.h>
64	#include <openssl/objects.h>
65
66	#include "asn1_local.h"
67	#include "evp_local.h"
68
69	int
70	EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX c, ASN1_TYPE type)
71	{
72	int ret;
73
74	if (c->cipher->set_asn1_parameters != NULL)
75	ret = c->cipher->set_asn1_parameters(c, type);
76	else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
77	ret = EVP_CIPHER_set_asn1_iv(c, type);
78	else
79	ret = -1;
80	return (ret);
81	}
82
83	int
84	EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX c, ASN1_TYPE type)
85	{
86	int ret;
87
88	if (c->cipher->get_asn1_parameters != NULL)
89	ret = c->cipher->get_asn1_parameters(c, type);
90	else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
91	ret = EVP_CIPHER_get_asn1_iv(c, type);
92	else
93	ret = -1;
94	return (ret);
95	}
96
97	int
98	EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX c, ASN1_TYPE type)
99	{
100	int i = 0;
101	int l;
102
103	if (type != NULL) {
104	l = EVP_CIPHER_CTX_iv_length(c);
105	if (l < 0 \|\| l > sizeof(c->iv)) {
106	EVPerror(EVP_R_IV_TOO_LARGE);
107	return 0;
108	}
109	i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
110	if (i != l)
111	return (-1);
112	else if (i > 0)
113	memcpy(c->iv, c->oiv, l);
114	}
115	return (i);
116	}
117
118	int
119	EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX c, ASN1_TYPE type)
120	{
121	int i = 0;
122	int j;
123
124	if (type != NULL) {
125	j = EVP_CIPHER_CTX_iv_length(c);
126	if (j < 0 \|\| j > sizeof(c->iv)) {
127	EVPerror(EVP_R_IV_TOO_LARGE);
128	return 0;
129	}
130	i = ASN1_TYPE_set_octetstring(type, c->oiv, j);
131	}
132	return (i);
133	}
134
135	/* Convert the various cipher NIDs and dummies to a proper OID NID */
136	int
137	EVP_CIPHER_type(const EVP_CIPHER *ctx)
138	{
139	int nid;
140	ASN1_OBJECT *otmp;
141	nid = EVP_CIPHER_nid(ctx);
142
143	switch (nid) {
144	case NID_rc2_cbc:
145	case NID_rc2_64_cbc:
146	case NID_rc2_40_cbc:
147	return NID_rc2_cbc;
148
149	case NID_rc4:
150	case NID_rc4_40:
151	return NID_rc4;
152
153	case NID_aes_128_cfb128:
154	case NID_aes_128_cfb8:
155	case NID_aes_128_cfb1:
156	return NID_aes_128_cfb128;
157
158	case NID_aes_192_cfb128:
159	case NID_aes_192_cfb8:
160	case NID_aes_192_cfb1:
161	return NID_aes_192_cfb128;
162
163	case NID_aes_256_cfb128:
164	case NID_aes_256_cfb8:
165	case NID_aes_256_cfb1:
166	return NID_aes_256_cfb128;
167
168	case NID_des_cfb64:
169	case NID_des_cfb8:
170	case NID_des_cfb1:
171	return NID_des_cfb64;
172
173	case NID_des_ede3_cfb64:
174	case NID_des_ede3_cfb8:
175	case NID_des_ede3_cfb1:
176	return NID_des_cfb64;
177
178	default:
179	/* Check it has an OID and it is valid */
180	otmp = OBJ_nid2obj(nid);
181	if (!otmp \|\| !otmp->data)
182	nid = NID_undef;
183	ASN1_OBJECT_free(otmp);
184	return nid;
185	}
186	}
187
188	int
189	EVP_CIPHER_block_size(const EVP_CIPHER *e)
190	{
191	return e->block_size;
192	}
193
194	int
195	EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
196	{
197	return ctx->cipher->block_size;
198	}
199
200	const EVP_CIPHER *
201	EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
202	{
203	return ctx->cipher;
204	}
205
206	int
207	EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx)
208	{
209	return ctx->encrypt;
210	}
211
212	unsigned long
213	EVP_CIPHER_flags(const EVP_CIPHER *cipher)
214	{
215	return cipher->flags;
216	}
217
218	unsigned long
219	EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
220	{
221	return ctx->cipher->flags;
222	}
223
224	void *
225	EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
226	{
227	return ctx->app_data;
228	}
229
230	void
231	EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX ctx, void data)
232	{
233	ctx->app_data = data;
234	}
235
236	void *
237	EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx)
238	{
239	return ctx->cipher_data;
240	}
241
242	void *
243	EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX ctx, void cipher_data)
244	{
245	void *old_cipher_data;
246
247	old_cipher_data = ctx->cipher_data;
248	ctx->cipher_data = cipher_data;
249
250	return old_cipher_data;
251	}
252
253	int
254	EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
255	{
256	return cipher->iv_len;
257	}
258
259	int
260	EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
261	{
262	int iv_length = 0;
263
264	if ((ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_IV_LENGTH) == 0)
265	return ctx->cipher->iv_len;
266
267	/*
268	* XXX - sanity would suggest to pass the size of the pointer along,
269	* but unfortunately we have to match the other crowd.
270	*/
271	if (EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN, 0,
272	&iv_length) != 1)
273	return -1;
274
275	return iv_length;
276	}
277
278	unsigned char *
279	EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx)
280	{
281	return ctx->buf;
282	}
283
284	int
285	EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
286	{
287	return cipher->key_len;
288	}
289
290	int
291	EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
292	{
293	return ctx->key_len;
294	}
295
296	int
297	EVP_CIPHER_nid(const EVP_CIPHER *cipher)
298	{
299	return cipher->nid;
300	}
301
302	int
303	EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
304	{
305	return ctx->cipher->nid;
306	}
307
308	int
309	EVP_CIPHER_CTX_get_iv(const EVP_CIPHER_CTX ctx, unsigned char iv, size_t len)
310	{
311	if (ctx == NULL \|\| len != EVP_CIPHER_CTX_iv_length(ctx))
312	return 0;
313	if (len > EVP_MAX_IV_LENGTH)
314	return 0; /* sanity check; shouldn't happen */
315	/*
316	* Skip the memcpy entirely when the requested IV length is zero,
317	* since the iv pointer may be NULL or invalid.
318	*/
319	if (len != 0) {
320	if (iv == NULL)
321	return 0;
322	memcpy(iv, ctx->iv, len);
323	}
324	return 1;
325	}
326
327	int
328	EVP_CIPHER_CTX_set_iv(EVP_CIPHER_CTX ctx, const unsigned char iv, size_t len)
329	{
330	if (ctx == NULL \|\| len != EVP_CIPHER_CTX_iv_length(ctx))
331	return 0;
332	if (len > EVP_MAX_IV_LENGTH)
333	return 0; /* sanity check; shouldn't happen */
334	/*
335	* Skip the memcpy entirely when the requested IV length is zero,
336	* since the iv pointer may be NULL or invalid.
337	*/
338	if (len != 0) {
339	if (iv == NULL)
340	return 0;
341	memcpy(ctx->iv, iv, len);
342	}
343	return 1;
344	}
345
346	void
347	EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
348	{
349	ctx->flags \|= flags;
350	}
351
352	void
353	EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
354	{
355	ctx->flags &= ~flags;
356	}
357
358	int
359	EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
360	{
361	return (ctx->flags & flags);
362	}