summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp/evp_enc.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/evp/evp_enc.c')
-rw-r--r--src/lib/libcrypto/evp/evp_enc.c30
1 files changed, 22 insertions, 8 deletions
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index 32a1c7a2e9..be0758a879 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -60,11 +60,11 @@
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/evp.h> 61#include <openssl/evp.h>
62#include <openssl/err.h> 62#include <openssl/err.h>
63#ifndef OPENSSL_NO_ENGINE
63#include <openssl/engine.h> 64#include <openssl/engine.h>
65#endif
64#include "evp_locl.h" 66#include "evp_locl.h"
65 67
66#include <assert.h>
67
68const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT; 68const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT;
69 69
70void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) 70void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
@@ -93,6 +93,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
93 enc = 1; 93 enc = 1;
94 ctx->encrypt = enc; 94 ctx->encrypt = enc;
95 } 95 }
96#ifndef OPENSSL_NO_ENGINE
96 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts 97 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
97 * so this context may already have an ENGINE! Try to avoid releasing 98 * so this context may already have an ENGINE! Try to avoid releasing
98 * the previous handle, re-querying for an ENGINE, and having a 99 * the previous handle, re-querying for an ENGINE, and having a
@@ -100,6 +101,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
100 if (ctx->engine && ctx->cipher && (!cipher || 101 if (ctx->engine && ctx->cipher && (!cipher ||
101 (cipher && (cipher->nid == ctx->cipher->nid)))) 102 (cipher && (cipher->nid == ctx->cipher->nid))))
102 goto skip_to_init; 103 goto skip_to_init;
104#endif
103 if (cipher) 105 if (cipher)
104 { 106 {
105 /* Ensure a context left lying around from last time is cleared 107 /* Ensure a context left lying around from last time is cleared
@@ -109,6 +111,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
109 111
110 /* Restore encrypt field: it is zeroed by cleanup */ 112 /* Restore encrypt field: it is zeroed by cleanup */
111 ctx->encrypt = enc; 113 ctx->encrypt = enc;
114#ifndef OPENSSL_NO_ENGINE
112 if(impl) 115 if(impl)
113 { 116 {
114 if (!ENGINE_init(impl)) 117 if (!ENGINE_init(impl))
@@ -142,6 +145,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
142 } 145 }
143 else 146 else
144 ctx->engine = NULL; 147 ctx->engine = NULL;
148#endif
145 149
146 ctx->cipher=cipher; 150 ctx->cipher=cipher;
147 ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); 151 ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
@@ -161,11 +165,13 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
161 EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET); 165 EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET);
162 return 0; 166 return 0;
163 } 167 }
168#ifndef OPENSSL_NO_ENGINE
164skip_to_init: 169skip_to_init:
170#endif
165 /* we assume block size is a power of 2 in *cryptUpdate */ 171 /* we assume block size is a power of 2 in *cryptUpdate */
166 assert(ctx->cipher->block_size == 1 172 OPENSSL_assert(ctx->cipher->block_size == 1
167 || ctx->cipher->block_size == 8 173 || ctx->cipher->block_size == 8
168 || ctx->cipher->block_size == 16); 174 || ctx->cipher->block_size == 16);
169 175
170 if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { 176 if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
171 switch(EVP_CIPHER_CTX_mode(ctx)) { 177 switch(EVP_CIPHER_CTX_mode(ctx)) {
@@ -181,6 +187,7 @@ skip_to_init:
181 187
182 case EVP_CIPH_CBC_MODE: 188 case EVP_CIPH_CBC_MODE:
183 189
190 OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof ctx->iv);
184 if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); 191 if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
185 memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); 192 memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
186 break; 193 break;
@@ -237,7 +244,7 @@ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *imp
237int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, 244int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
238 const unsigned char *key, const unsigned char *iv) 245 const unsigned char *key, const unsigned char *iv)
239 { 246 {
240 return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 0); 247 return EVP_CipherInit(ctx, cipher, key, iv, 0);
241 } 248 }
242 249
243int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, 250int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
@@ -251,6 +258,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
251 { 258 {
252 int i,j,bl; 259 int i,j,bl;
253 260
261 OPENSSL_assert(inl > 0);
254 if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) 262 if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0)
255 { 263 {
256 if(ctx->cipher->do_cipher(ctx,out,in,inl)) 264 if(ctx->cipher->do_cipher(ctx,out,in,inl))
@@ -266,6 +274,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
266 } 274 }
267 i=ctx->buf_len; 275 i=ctx->buf_len;
268 bl=ctx->cipher->block_size; 276 bl=ctx->cipher->block_size;
277 OPENSSL_assert(bl <= sizeof ctx->buf);
269 if (i != 0) 278 if (i != 0)
270 { 279 {
271 if (i+inl < bl) 280 if (i+inl < bl)
@@ -314,6 +323,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
314 int i,n,b,bl,ret; 323 int i,n,b,bl,ret;
315 324
316 b=ctx->cipher->block_size; 325 b=ctx->cipher->block_size;
326 OPENSSL_assert(b <= sizeof ctx->buf);
317 if (b == 1) 327 if (b == 1)
318 { 328 {
319 *outl=0; 329 *outl=0;
@@ -358,6 +368,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
358 return EVP_EncryptUpdate(ctx, out, outl, in, inl); 368 return EVP_EncryptUpdate(ctx, out, outl, in, inl);
359 369
360 b=ctx->cipher->block_size; 370 b=ctx->cipher->block_size;
371 OPENSSL_assert(b <= sizeof ctx->final);
361 372
362 if(ctx->final_used) 373 if(ctx->final_used)
363 { 374 {
@@ -420,6 +431,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
420 EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH); 431 EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
421 return(0); 432 return(0);
422 } 433 }
434 OPENSSL_assert(b <= sizeof ctx->final);
423 n=ctx->final[b-1]; 435 n=ctx->final[b-1];
424 if (n > b) 436 if (n > b)
425 { 437 {
@@ -450,16 +462,18 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
450 { 462 {
451 if(c->cipher->cleanup && !c->cipher->cleanup(c)) 463 if(c->cipher->cleanup && !c->cipher->cleanup(c))
452 return 0; 464 return 0;
453 /* Zero cipher context data */ 465 /* Cleanse cipher context data */
454 if (c->cipher_data) 466 if (c->cipher_data)
455 memset(c->cipher_data, 0, c->cipher->ctx_size); 467 OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
456 } 468 }
457 if (c->cipher_data) 469 if (c->cipher_data)
458 OPENSSL_free(c->cipher_data); 470 OPENSSL_free(c->cipher_data);
471#ifndef OPENSSL_NO_ENGINE
459 if (c->engine) 472 if (c->engine)
460 /* The EVP_CIPHER we used belongs to an ENGINE, release the 473 /* The EVP_CIPHER we used belongs to an ENGINE, release the
461 * functional reference we held for this reason. */ 474 * functional reference we held for this reason. */
462 ENGINE_finish(c->engine); 475 ENGINE_finish(c->engine);
476#endif
463 memset(c,0,sizeof(EVP_CIPHER_CTX)); 477 memset(c,0,sizeof(EVP_CIPHER_CTX));
464 return 1; 478 return 1;
465 } 479 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-10 01:19:10 +0000