summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/evp')
-rw-r--r--src/lib/libcrypto/evp/bio_b64.c598
-rw-r--r--src/lib/libcrypto/evp/bio_enc.c428
-rw-r--r--src/lib/libcrypto/evp/bio_md.c275
-rw-r--r--src/lib/libcrypto/evp/c_all.c90
-rw-r--r--src/lib/libcrypto/evp/digest.c403
-rw-r--r--src/lib/libcrypto/evp/e_aes.c1313
-rw-r--r--src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c580
-rw-r--r--src/lib/libcrypto/evp/e_bf.c88
-rw-r--r--src/lib/libcrypto/evp/e_camellia.c131
-rw-r--r--src/lib/libcrypto/evp/e_cast.c90
-rw-r--r--src/lib/libcrypto/evp/e_des.c224
-rw-r--r--src/lib/libcrypto/evp/e_des3.c316
-rw-r--r--src/lib/libcrypto/evp/e_idea.c118
-rw-r--r--src/lib/libcrypto/evp/e_null.c104
-rw-r--r--src/lib/libcrypto/evp/e_old.c125
-rw-r--r--src/lib/libcrypto/evp/e_rc2.c238
-rw-r--r--src/lib/libcrypto/evp/e_rc4.c137
-rw-r--r--src/lib/libcrypto/evp/e_rc4_hmac_md5.c298
-rw-r--r--src/lib/libcrypto/evp/e_xcbc_d.c138
-rw-r--r--src/lib/libcrypto/evp/encode.c445
-rw-r--r--src/lib/libcrypto/evp/evp.h1401
-rw-r--r--src/lib/libcrypto/evp/evp_enc.c681
-rw-r--r--src/lib/libcrypto/evp/evp_err.c234
-rw-r--r--src/lib/libcrypto/evp/evp_key.c189
-rw-r--r--src/lib/libcrypto/evp/evp_lib.c316
-rw-r--r--src/lib/libcrypto/evp/evp_locl.h385
-rw-r--r--src/lib/libcrypto/evp/evp_pbe.c316
-rw-r--r--src/lib/libcrypto/evp/evp_pkey.c242
-rw-r--r--src/lib/libcrypto/evp/m_dss.c101
-rw-r--r--src/lib/libcrypto/evp/m_dss1.c103
-rw-r--r--src/lib/libcrypto/evp/m_ecdsa.c151
-rw-r--r--src/lib/libcrypto/evp/m_md4.c103
-rw-r--r--src/lib/libcrypto/evp/m_md5.c102
-rw-r--r--src/lib/libcrypto/evp/m_null.c95
-rw-r--r--src/lib/libcrypto/evp/m_ripemd.c102
-rw-r--r--src/lib/libcrypto/evp/m_sha1.c209
-rw-r--r--src/lib/libcrypto/evp/m_sigver.c200
-rw-r--r--src/lib/libcrypto/evp/m_wp.c43
-rw-r--r--src/lib/libcrypto/evp/names.c206
-rw-r--r--src/lib/libcrypto/evp/p5_crpt.c143
-rw-r--r--src/lib/libcrypto/evp/p5_crpt2.c322
-rw-r--r--src/lib/libcrypto/evp/p_dec.c87
-rw-r--r--src/lib/libcrypto/evp/p_enc.c86
-rw-r--r--src/lib/libcrypto/evp/p_lib.c469
-rw-r--r--src/lib/libcrypto/evp/p_open.c128
-rw-r--r--src/lib/libcrypto/evp/p_seal.c116
-rw-r--r--src/lib/libcrypto/evp/p_sign.c139
-rw-r--r--src/lib/libcrypto/evp/p_verify.c121
-rw-r--r--src/lib/libcrypto/evp/pmeth_fn.c368
-rw-r--r--src/lib/libcrypto/evp/pmeth_gn.c221
-rw-r--r--src/lib/libcrypto/evp/pmeth_lib.c593
51 files changed, 0 insertions, 14111 deletions
diff --git a/src/lib/libcrypto/evp/bio_b64.c b/src/lib/libcrypto/evp/bio_b64.c
deleted file mode 100644
index 72a2a67277..0000000000
--- a/src/lib/libcrypto/evp/bio_b64.c
+++ /dev/null
@@ -1,598 +0,0 @@
1/* crypto/evp/bio_b64.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include <openssl/buffer.h>
63#include <openssl/evp.h>
64
65static int b64_write(BIO *h, const char *buf, int num);
66static int b64_read(BIO *h, char *buf, int size);
67static int b64_puts(BIO *h, const char *str);
68/*static int b64_gets(BIO *h, char *str, int size); */
69static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2);
70static int b64_new(BIO *h);
71static int b64_free(BIO *data);
72static long b64_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
73#define B64_BLOCK_SIZE 1024
74#define B64_BLOCK_SIZE2 768
75#define B64_NONE 0
76#define B64_ENCODE 1
77#define B64_DECODE 2
78
79typedef struct b64_struct
80 {
81 /*BIO *bio; moved to the BIO structure */
82 int buf_len;
83 int buf_off;
84 int tmp_len; /* used to find the start when decoding */
85 int tmp_nl; /* If true, scan until '\n' */
86 int encode;
87 int start; /* have we started decoding yet? */
88 int cont; /* <= 0 when finished */
89 EVP_ENCODE_CTX base64;
90 char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE)+10];
91 char tmp[B64_BLOCK_SIZE];
92 } BIO_B64_CTX;
93
94static BIO_METHOD methods_b64=
95 {
96 BIO_TYPE_BASE64,"base64 encoding",
97 b64_write,
98 b64_read,
99 b64_puts,
100 NULL, /* b64_gets, */
101 b64_ctrl,
102 b64_new,
103 b64_free,
104 b64_callback_ctrl,
105 };
106
107BIO_METHOD *BIO_f_base64(void)
108 {
109 return(&methods_b64);
110 }
111
112static int b64_new(BIO *bi)
113 {
114 BIO_B64_CTX *ctx;
115
116 ctx=(BIO_B64_CTX *)OPENSSL_malloc(sizeof(BIO_B64_CTX));
117 if (ctx == NULL) return(0);
118
119 ctx->buf_len=0;
120 ctx->tmp_len=0;
121 ctx->tmp_nl=0;
122 ctx->buf_off=0;
123 ctx->cont=1;
124 ctx->start=1;
125 ctx->encode=0;
126
127 bi->init=1;
128 bi->ptr=(char *)ctx;
129 bi->flags=0;
130 bi->num = 0;
131 return(1);
132 }
133
134static int b64_free(BIO *a)
135 {
136 if (a == NULL) return(0);
137 OPENSSL_free(a->ptr);
138 a->ptr=NULL;
139 a->init=0;
140 a->flags=0;
141 return(1);
142 }
143
144static int b64_read(BIO *b, char *out, int outl)
145 {
146 int ret=0,i,ii,j,k,x,n,num,ret_code=0;
147 BIO_B64_CTX *ctx;
148 unsigned char *p,*q;
149
150 if (out == NULL) return(0);
151 ctx=(BIO_B64_CTX *)b->ptr;
152
153 if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
154
155 BIO_clear_retry_flags(b);
156
157 if (ctx->encode != B64_DECODE)
158 {
159 ctx->encode=B64_DECODE;
160 ctx->buf_len=0;
161 ctx->buf_off=0;
162 ctx->tmp_len=0;
163 EVP_DecodeInit(&(ctx->base64));
164 }
165
166 /* First check if there are bytes decoded/encoded */
167 if (ctx->buf_len > 0)
168 {
169 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
170 i=ctx->buf_len-ctx->buf_off;
171 if (i > outl) i=outl;
172 OPENSSL_assert(ctx->buf_off+i < (int)sizeof(ctx->buf));
173 memcpy(out,&(ctx->buf[ctx->buf_off]),i);
174 ret=i;
175 out+=i;
176 outl-=i;
177 ctx->buf_off+=i;
178 if (ctx->buf_len == ctx->buf_off)
179 {
180 ctx->buf_len=0;
181 ctx->buf_off=0;
182 }
183 }
184
185 /* At this point, we have room of outl bytes and an empty
186 * buffer, so we should read in some more. */
187
188 ret_code=0;
189 while (outl > 0)
190 {
191 if (ctx->cont <= 0)
192 break;
193
194 i=BIO_read(b->next_bio,&(ctx->tmp[ctx->tmp_len]),
195 B64_BLOCK_SIZE-ctx->tmp_len);
196
197 if (i <= 0)
198 {
199 ret_code=i;
200
201 /* Should we continue next time we are called? */
202 if (!BIO_should_retry(b->next_bio))
203 {
204 ctx->cont=i;
205 /* If buffer empty break */
206 if(ctx->tmp_len == 0)
207 break;
208 /* Fall through and process what we have */
209 else
210 i = 0;
211 }
212 /* else we retry and add more data to buffer */
213 else
214 break;
215 }
216 i+=ctx->tmp_len;
217 ctx->tmp_len = i;
218
219 /* We need to scan, a line at a time until we
220 * have a valid line if we are starting. */
221 if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL))
222 {
223 /* ctx->start=1; */
224 ctx->tmp_len=0;
225 }
226 else if (ctx->start)
227 {
228 q=p=(unsigned char *)ctx->tmp;
229 for (j=0; j<i; j++)
230 {
231 if (*(q++) != '\n') continue;
232
233 /* due to a previous very long line,
234 * we need to keep on scanning for a '\n'
235 * before we even start looking for
236 * base64 encoded stuff. */
237 if (ctx->tmp_nl)
238 {
239 p=q;
240 ctx->tmp_nl=0;
241 continue;
242 }
243
244 k=EVP_DecodeUpdate(&(ctx->base64),
245 (unsigned char *)ctx->buf,
246 &num,p,q-p);
247 if ((k <= 0) && (num == 0) && (ctx->start))
248 EVP_DecodeInit(&ctx->base64);
249 else
250 {
251 if (p != (unsigned char *)
252 &(ctx->tmp[0]))
253 {
254 i-=(p- (unsigned char *)
255 &(ctx->tmp[0]));
256 for (x=0; x < i; x++)
257 ctx->tmp[x]=p[x];
258 }
259 EVP_DecodeInit(&ctx->base64);
260 ctx->start=0;
261 break;
262 }
263 p=q;
264 }
265
266 /* we fell off the end without starting */
267 if (j == i)
268 {
269 /* Is this is one long chunk?, if so, keep on
270 * reading until a new line. */
271 if (p == (unsigned char *)&(ctx->tmp[0]))
272 {
273 /* Check buffer full */
274 if (i == B64_BLOCK_SIZE)
275 {
276 ctx->tmp_nl=1;
277 ctx->tmp_len=0;
278 }
279 }
280 else if (p != q) /* finished on a '\n' */
281 {
282 n=q-p;
283 for (ii=0; ii<n; ii++)
284 ctx->tmp[ii]=p[ii];
285 ctx->tmp_len=n;
286 }
287 /* else finished on a '\n' */
288 continue;
289 }
290 else
291 {
292 ctx->tmp_len=0;
293 }
294 }
295 else if ((i < B64_BLOCK_SIZE) && (ctx->cont > 0))
296 {
297 /* If buffer isn't full and we can retry then
298 * restart to read in more data.
299 */
300 continue;
301 }
302
303 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
304 {
305 int z,jj;
306
307#if 0
308 jj=(i>>2)<<2;
309#else
310 jj = i & ~3; /* process per 4 */
311#endif
312 z=EVP_DecodeBlock((unsigned char *)ctx->buf,
313 (unsigned char *)ctx->tmp,jj);
314 if (jj > 2)
315 {
316 if (ctx->tmp[jj-1] == '=')
317 {
318 z--;
319 if (ctx->tmp[jj-2] == '=')
320 z--;
321 }
322 }
323 /* z is now number of output bytes and jj is the
324 * number consumed */
325 if (jj != i)
326 {
327 memmove(ctx->tmp, &ctx->tmp[jj], i-jj);
328 ctx->tmp_len=i-jj;
329 }
330 ctx->buf_len=0;
331 if (z > 0)
332 {
333 ctx->buf_len=z;
334 }
335 i=z;
336 }
337 else
338 {
339 i=EVP_DecodeUpdate(&(ctx->base64),
340 (unsigned char *)ctx->buf,&ctx->buf_len,
341 (unsigned char *)ctx->tmp,i);
342 ctx->tmp_len = 0;
343 }
344 ctx->buf_off=0;
345 if (i < 0)
346 {
347 ret_code=0;
348 ctx->buf_len=0;
349 break;
350 }
351
352 if (ctx->buf_len <= outl)
353 i=ctx->buf_len;
354 else
355 i=outl;
356
357 memcpy(out,ctx->buf,i);
358 ret+=i;
359 ctx->buf_off=i;
360 if (ctx->buf_off == ctx->buf_len)
361 {
362 ctx->buf_len=0;
363 ctx->buf_off=0;
364 }
365 outl-=i;
366 out+=i;
367 }
368 /* BIO_clear_retry_flags(b); */
369 BIO_copy_next_retry(b);
370 return((ret == 0)?ret_code:ret);
371 }
372
373static int b64_write(BIO *b, const char *in, int inl)
374 {
375 int ret=0;
376 int n;
377 int i;
378 BIO_B64_CTX *ctx;
379
380 ctx=(BIO_B64_CTX *)b->ptr;
381 BIO_clear_retry_flags(b);
382
383 if (ctx->encode != B64_ENCODE)
384 {
385 ctx->encode=B64_ENCODE;
386 ctx->buf_len=0;
387 ctx->buf_off=0;
388 ctx->tmp_len=0;
389 EVP_EncodeInit(&(ctx->base64));
390 }
391
392 OPENSSL_assert(ctx->buf_off < (int)sizeof(ctx->buf));
393 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
394 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
395 n=ctx->buf_len-ctx->buf_off;
396 while (n > 0)
397 {
398 i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
399 if (i <= 0)
400 {
401 BIO_copy_next_retry(b);
402 return(i);
403 }
404 OPENSSL_assert(i <= n);
405 ctx->buf_off+=i;
406 OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
407 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
408 n-=i;
409 }
410 /* at this point all pending data has been written */
411 ctx->buf_off=0;
412 ctx->buf_len=0;
413
414 if ((in == NULL) || (inl <= 0)) return(0);
415
416 while (inl > 0)
417 {
418 n=(inl > B64_BLOCK_SIZE)?B64_BLOCK_SIZE:inl;
419
420 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
421 {
422 if (ctx->tmp_len > 0)
423 {
424 OPENSSL_assert(ctx->tmp_len <= 3);
425 n=3-ctx->tmp_len;
426 /* There's a theoretical possibility for this */
427 if (n > inl)
428 n=inl;
429 memcpy(&(ctx->tmp[ctx->tmp_len]),in,n);
430 ctx->tmp_len+=n;
431 ret += n;
432 if (ctx->tmp_len < 3)
433 break;
434 ctx->buf_len=EVP_EncodeBlock((unsigned char *)ctx->buf,(unsigned char *)ctx->tmp,ctx->tmp_len);
435 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
436 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
437 /* Since we're now done using the temporary
438 buffer, the length should be 0'd */
439 ctx->tmp_len=0;
440 }
441 else
442 {
443 if (n < 3)
444 {
445 memcpy(ctx->tmp,in,n);
446 ctx->tmp_len=n;
447 ret += n;
448 break;
449 }
450 n-=n%3;
451 ctx->buf_len=EVP_EncodeBlock((unsigned char *)ctx->buf,(const unsigned char *)in,n);
452 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
453 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
454 ret += n;
455 }
456 }
457 else
458 {
459 EVP_EncodeUpdate(&(ctx->base64),
460 (unsigned char *)ctx->buf,&ctx->buf_len,
461 (unsigned char *)in,n);
462 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
463 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
464 ret += n;
465 }
466 inl-=n;
467 in+=n;
468
469 ctx->buf_off=0;
470 n=ctx->buf_len;
471 while (n > 0)
472 {
473 i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
474 if (i <= 0)
475 {
476 BIO_copy_next_retry(b);
477 return((ret == 0)?i:ret);
478 }
479 OPENSSL_assert(i <= n);
480 n-=i;
481 ctx->buf_off+=i;
482 OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
483 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
484 }
485 ctx->buf_len=0;
486 ctx->buf_off=0;
487 }
488 return(ret);
489 }
490
491static long b64_ctrl(BIO *b, int cmd, long num, void *ptr)
492 {
493 BIO_B64_CTX *ctx;
494 long ret=1;
495 int i;
496
497 ctx=(BIO_B64_CTX *)b->ptr;
498
499 switch (cmd)
500 {
501 case BIO_CTRL_RESET:
502 ctx->cont=1;
503 ctx->start=1;
504 ctx->encode=B64_NONE;
505 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
506 break;
507 case BIO_CTRL_EOF: /* More to read */
508 if (ctx->cont <= 0)
509 ret=1;
510 else
511 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
512 break;
513 case BIO_CTRL_WPENDING: /* More to write in buffer */
514 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
515 ret=ctx->buf_len-ctx->buf_off;
516 if ((ret == 0) && (ctx->encode != B64_NONE)
517 && (ctx->base64.num != 0))
518 ret=1;
519 else if (ret <= 0)
520 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
521 break;
522 case BIO_CTRL_PENDING: /* More to read in buffer */
523 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
524 ret=ctx->buf_len-ctx->buf_off;
525 if (ret <= 0)
526 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
527 break;
528 case BIO_CTRL_FLUSH:
529 /* do a final write */
530again:
531 while (ctx->buf_len != ctx->buf_off)
532 {
533 i=b64_write(b,NULL,0);
534 if (i < 0)
535 return i;
536 }
537 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
538 {
539 if (ctx->tmp_len != 0)
540 {
541 ctx->buf_len=EVP_EncodeBlock(
542 (unsigned char *)ctx->buf,
543 (unsigned char *)ctx->tmp,
544 ctx->tmp_len);
545 ctx->buf_off=0;
546 ctx->tmp_len=0;
547 goto again;
548 }
549 }
550 else if (ctx->encode != B64_NONE && ctx->base64.num != 0)
551 {
552 ctx->buf_off=0;
553 EVP_EncodeFinal(&(ctx->base64),
554 (unsigned char *)ctx->buf,
555 &(ctx->buf_len));
556 /* push out the bytes */
557 goto again;
558 }
559 /* Finally flush the underlying BIO */
560 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
561 break;
562
563 case BIO_C_DO_STATE_MACHINE:
564 BIO_clear_retry_flags(b);
565 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
566 BIO_copy_next_retry(b);
567 break;
568
569 case BIO_CTRL_DUP:
570 break;
571 case BIO_CTRL_INFO:
572 case BIO_CTRL_GET:
573 case BIO_CTRL_SET:
574 default:
575 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
576 break;
577 }
578 return(ret);
579 }
580
581static long b64_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
582 {
583 long ret=1;
584
585 if (b->next_bio == NULL) return(0);
586 switch (cmd)
587 {
588 default:
589 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
590 break;
591 }
592 return(ret);
593 }
594
595static int b64_puts(BIO *b, const char *str)
596 {
597 return b64_write(b,str,strlen(str));
598 }
diff --git a/src/lib/libcrypto/evp/bio_enc.c b/src/lib/libcrypto/evp/bio_enc.c
deleted file mode 100644
index b6efb5fbc4..0000000000
--- a/src/lib/libcrypto/evp/bio_enc.c
+++ /dev/null
@@ -1,428 +0,0 @@
1/* crypto/evp/bio_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include <openssl/buffer.h>
63#include <openssl/evp.h>
64
65static int enc_write(BIO *h, const char *buf, int num);
66static int enc_read(BIO *h, char *buf, int size);
67/*static int enc_puts(BIO *h, const char *str); */
68/*static int enc_gets(BIO *h, char *str, int size); */
69static long enc_ctrl(BIO *h, int cmd, long arg1, void *arg2);
70static int enc_new(BIO *h);
71static int enc_free(BIO *data);
72static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
73#define ENC_BLOCK_SIZE (1024*4)
74#define BUF_OFFSET (EVP_MAX_BLOCK_LENGTH*2)
75
76typedef struct enc_struct
77 {
78 int buf_len;
79 int buf_off;
80 int cont; /* <= 0 when finished */
81 int finished;
82 int ok; /* bad decrypt */
83 EVP_CIPHER_CTX cipher;
84 /* buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate
85 * can return up to a block more data than is presented to it
86 */
87 char buf[ENC_BLOCK_SIZE+BUF_OFFSET+2];
88 } BIO_ENC_CTX;
89
90static BIO_METHOD methods_enc=
91 {
92 BIO_TYPE_CIPHER,"cipher",
93 enc_write,
94 enc_read,
95 NULL, /* enc_puts, */
96 NULL, /* enc_gets, */
97 enc_ctrl,
98 enc_new,
99 enc_free,
100 enc_callback_ctrl,
101 };
102
103BIO_METHOD *BIO_f_cipher(void)
104 {
105 return(&methods_enc);
106 }
107
108static int enc_new(BIO *bi)
109 {
110 BIO_ENC_CTX *ctx;
111
112 ctx=(BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX));
113 if (ctx == NULL) return(0);
114 EVP_CIPHER_CTX_init(&ctx->cipher);
115
116 ctx->buf_len=0;
117 ctx->buf_off=0;
118 ctx->cont=1;
119 ctx->finished=0;
120 ctx->ok=1;
121
122 bi->init=0;
123 bi->ptr=(char *)ctx;
124 bi->flags=0;
125 return(1);
126 }
127
128static int enc_free(BIO *a)
129 {
130 BIO_ENC_CTX *b;
131
132 if (a == NULL) return(0);
133 b=(BIO_ENC_CTX *)a->ptr;
134 EVP_CIPHER_CTX_cleanup(&(b->cipher));
135 OPENSSL_cleanse(a->ptr,sizeof(BIO_ENC_CTX));
136 OPENSSL_free(a->ptr);
137 a->ptr=NULL;
138 a->init=0;
139 a->flags=0;
140 return(1);
141 }
142
143static int enc_read(BIO *b, char *out, int outl)
144 {
145 int ret=0,i;
146 BIO_ENC_CTX *ctx;
147
148 if (out == NULL) return(0);
149 ctx=(BIO_ENC_CTX *)b->ptr;
150
151 if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
152
153 /* First check if there are bytes decoded/encoded */
154 if (ctx->buf_len > 0)
155 {
156 i=ctx->buf_len-ctx->buf_off;
157 if (i > outl) i=outl;
158 memcpy(out,&(ctx->buf[ctx->buf_off]),i);
159 ret=i;
160 out+=i;
161 outl-=i;
162 ctx->buf_off+=i;
163 if (ctx->buf_len == ctx->buf_off)
164 {
165 ctx->buf_len=0;
166 ctx->buf_off=0;
167 }
168 }
169
170 /* At this point, we have room of outl bytes and an empty
171 * buffer, so we should read in some more. */
172
173 while (outl > 0)
174 {
175 if (ctx->cont <= 0) break;
176
177 /* read in at IV offset, read the EVP_Cipher
178 * documentation about why */
179 i=BIO_read(b->next_bio,&(ctx->buf[BUF_OFFSET]),ENC_BLOCK_SIZE);
180
181 if (i <= 0)
182 {
183 /* Should be continue next time we are called? */
184 if (!BIO_should_retry(b->next_bio))
185 {
186 ctx->cont=i;
187 i=EVP_CipherFinal_ex(&(ctx->cipher),
188 (unsigned char *)ctx->buf,
189 &(ctx->buf_len));
190 ctx->ok=i;
191 ctx->buf_off=0;
192 }
193 else
194 {
195 ret=(ret == 0)?i:ret;
196 break;
197 }
198 }
199 else
200 {
201 EVP_CipherUpdate(&(ctx->cipher),
202 (unsigned char *)ctx->buf,&ctx->buf_len,
203 (unsigned char *)&(ctx->buf[BUF_OFFSET]),i);
204 ctx->cont=1;
205 /* Note: it is possible for EVP_CipherUpdate to
206 * decrypt zero bytes because this is or looks like
207 * the final block: if this happens we should retry
208 * and either read more data or decrypt the final
209 * block
210 */
211 if(ctx->buf_len == 0) continue;
212 }
213
214 if (ctx->buf_len <= outl)
215 i=ctx->buf_len;
216 else
217 i=outl;
218 if (i <= 0) break;
219 memcpy(out,ctx->buf,i);
220 ret+=i;
221 ctx->buf_off=i;
222 outl-=i;
223 out+=i;
224 }
225
226 BIO_clear_retry_flags(b);
227 BIO_copy_next_retry(b);
228 return((ret == 0)?ctx->cont:ret);
229 }
230
231static int enc_write(BIO *b, const char *in, int inl)
232 {
233 int ret=0,n,i;
234 BIO_ENC_CTX *ctx;
235
236 ctx=(BIO_ENC_CTX *)b->ptr;
237 ret=inl;
238
239 BIO_clear_retry_flags(b);
240 n=ctx->buf_len-ctx->buf_off;
241 while (n > 0)
242 {
243 i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
244 if (i <= 0)
245 {
246 BIO_copy_next_retry(b);
247 return(i);
248 }
249 ctx->buf_off+=i;
250 n-=i;
251 }
252 /* at this point all pending data has been written */
253
254 if ((in == NULL) || (inl <= 0)) return(0);
255
256 ctx->buf_off=0;
257 while (inl > 0)
258 {
259 n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl;
260 EVP_CipherUpdate(&(ctx->cipher),
261 (unsigned char *)ctx->buf,&ctx->buf_len,
262 (unsigned char *)in,n);
263 inl-=n;
264 in+=n;
265
266 ctx->buf_off=0;
267 n=ctx->buf_len;
268 while (n > 0)
269 {
270 i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
271 if (i <= 0)
272 {
273 BIO_copy_next_retry(b);
274 return (ret == inl) ? i : ret - inl;
275 }
276 n-=i;
277 ctx->buf_off+=i;
278 }
279 ctx->buf_len=0;
280 ctx->buf_off=0;
281 }
282 BIO_copy_next_retry(b);
283 return(ret);
284 }
285
286static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)
287 {
288 BIO *dbio;
289 BIO_ENC_CTX *ctx,*dctx;
290 long ret=1;
291 int i;
292 EVP_CIPHER_CTX **c_ctx;
293
294 ctx=(BIO_ENC_CTX *)b->ptr;
295
296 switch (cmd)
297 {
298 case BIO_CTRL_RESET:
299 ctx->ok=1;
300 ctx->finished=0;
301 EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL,
302 ctx->cipher.encrypt);
303 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
304 break;
305 case BIO_CTRL_EOF: /* More to read */
306 if (ctx->cont <= 0)
307 ret=1;
308 else
309 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
310 break;
311 case BIO_CTRL_WPENDING:
312 ret=ctx->buf_len-ctx->buf_off;
313 if (ret <= 0)
314 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
315 break;
316 case BIO_CTRL_PENDING: /* More to read in buffer */
317 ret=ctx->buf_len-ctx->buf_off;
318 if (ret <= 0)
319 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
320 break;
321 case BIO_CTRL_FLUSH:
322 /* do a final write */
323again:
324 while (ctx->buf_len != ctx->buf_off)
325 {
326 i=enc_write(b,NULL,0);
327 if (i < 0)
328 return i;
329 }
330
331 if (!ctx->finished)
332 {
333 ctx->finished=1;
334 ctx->buf_off=0;
335 ret=EVP_CipherFinal_ex(&(ctx->cipher),
336 (unsigned char *)ctx->buf,
337 &(ctx->buf_len));
338 ctx->ok=(int)ret;
339 if (ret <= 0) break;
340
341 /* push out the bytes */
342 goto again;
343 }
344
345 /* Finally flush the underlying BIO */
346 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
347 break;
348 case BIO_C_GET_CIPHER_STATUS:
349 ret=(long)ctx->ok;
350 break;
351 case BIO_C_DO_STATE_MACHINE:
352 BIO_clear_retry_flags(b);
353 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
354 BIO_copy_next_retry(b);
355 break;
356 case BIO_C_GET_CIPHER_CTX:
357 c_ctx=(EVP_CIPHER_CTX **)ptr;
358 (*c_ctx)= &(ctx->cipher);
359 b->init=1;
360 break;
361 case BIO_CTRL_DUP:
362 dbio=(BIO *)ptr;
363 dctx=(BIO_ENC_CTX *)dbio->ptr;
364 EVP_CIPHER_CTX_init(&dctx->cipher);
365 ret = EVP_CIPHER_CTX_copy(&dctx->cipher,&ctx->cipher);
366 if (ret)
367 dbio->init=1;
368 break;
369 default:
370 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
371 break;
372 }
373 return(ret);
374 }
375
376static long enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
377 {
378 long ret=1;
379
380 if (b->next_bio == NULL) return(0);
381 switch (cmd)
382 {
383 default:
384 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
385 break;
386 }
387 return(ret);
388 }
389
390/*
391void BIO_set_cipher_ctx(b,c)
392BIO *b;
393EVP_CIPHER_ctx *c;
394 {
395 if (b == NULL) return;
396
397 if ((b->callback != NULL) &&
398 (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
399 return;
400
401 b->init=1;
402 ctx=(BIO_ENC_CTX *)b->ptr;
403 memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX));
404
405 if (b->callback != NULL)
406 b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
407 }
408*/
409
410void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
411 const unsigned char *i, int e)
412 {
413 BIO_ENC_CTX *ctx;
414
415 if (b == NULL) return;
416
417 if ((b->callback != NULL) &&
418 (b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,0L) <= 0))
419 return;
420
421 b->init=1;
422 ctx=(BIO_ENC_CTX *)b->ptr;
423 EVP_CipherInit_ex(&(ctx->cipher),c,NULL, k,i,e);
424
425 if (b->callback != NULL)
426 b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,1L);
427 }
428
diff --git a/src/lib/libcrypto/evp/bio_md.c b/src/lib/libcrypto/evp/bio_md.c
deleted file mode 100644
index 144fdfd56a..0000000000
--- a/src/lib/libcrypto/evp/bio_md.c
+++ /dev/null
@@ -1,275 +0,0 @@
1/* crypto/evp/bio_md.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include <openssl/buffer.h>
63#include <openssl/evp.h>
64
65/* BIO_put and BIO_get both add to the digest,
66 * BIO_gets returns the digest */
67
68static int md_write(BIO *h, char const *buf, int num);
69static int md_read(BIO *h, char *buf, int size);
70/*static int md_puts(BIO *h, const char *str); */
71static int md_gets(BIO *h, char *str, int size);
72static long md_ctrl(BIO *h, int cmd, long arg1, void *arg2);
73static int md_new(BIO *h);
74static int md_free(BIO *data);
75static long md_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
76
77static BIO_METHOD methods_md=
78 {
79 BIO_TYPE_MD,"message digest",
80 md_write,
81 md_read,
82 NULL, /* md_puts, */
83 md_gets,
84 md_ctrl,
85 md_new,
86 md_free,
87 md_callback_ctrl,
88 };
89
90BIO_METHOD *BIO_f_md(void)
91 {
92 return(&methods_md);
93 }
94
95static int md_new(BIO *bi)
96 {
97 EVP_MD_CTX *ctx;
98
99 ctx=EVP_MD_CTX_create();
100 if (ctx == NULL) return(0);
101
102 bi->init=0;
103 bi->ptr=(char *)ctx;
104 bi->flags=0;
105 return(1);
106 }
107
108static int md_free(BIO *a)
109 {
110 if (a == NULL) return(0);
111 EVP_MD_CTX_destroy(a->ptr);
112 a->ptr=NULL;
113 a->init=0;
114 a->flags=0;
115 return(1);
116 }
117
118static int md_read(BIO *b, char *out, int outl)
119 {
120 int ret=0;
121 EVP_MD_CTX *ctx;
122
123 if (out == NULL) return(0);
124 ctx=b->ptr;
125
126 if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
127
128 ret=BIO_read(b->next_bio,out,outl);
129 if (b->init)
130 {
131 if (ret > 0)
132 {
133 if (EVP_DigestUpdate(ctx,(unsigned char *)out,
134 (unsigned int)ret)<=0) return (-1);
135 }
136 }
137 BIO_clear_retry_flags(b);
138 BIO_copy_next_retry(b);
139 return(ret);
140 }
141
142static int md_write(BIO *b, const char *in, int inl)
143 {
144 int ret=0;
145 EVP_MD_CTX *ctx;
146
147 if ((in == NULL) || (inl <= 0)) return(0);
148 ctx=b->ptr;
149
150 if ((ctx != NULL) && (b->next_bio != NULL))
151 ret=BIO_write(b->next_bio,in,inl);
152 if (b->init)
153 {
154 if (ret > 0)
155 {
156 if (!EVP_DigestUpdate(ctx,(const unsigned char *)in,
157 (unsigned int)ret))
158 {
159 BIO_clear_retry_flags(b);
160 return 0;
161 }
162 }
163 }
164 if(b->next_bio != NULL)
165 {
166 BIO_clear_retry_flags(b);
167 BIO_copy_next_retry(b);
168 }
169 return(ret);
170 }
171
172static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
173 {
174 EVP_MD_CTX *ctx,*dctx,**pctx;
175 const EVP_MD **ppmd;
176 EVP_MD *md;
177 long ret=1;
178 BIO *dbio;
179
180 ctx=b->ptr;
181
182 switch (cmd)
183 {
184 case BIO_CTRL_RESET:
185 if (b->init)
186 ret = EVP_DigestInit_ex(ctx,ctx->digest, NULL);
187 else
188 ret=0;
189 if (ret > 0)
190 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
191 break;
192 case BIO_C_GET_MD:
193 if (b->init)
194 {
195 ppmd=ptr;
196 *ppmd=ctx->digest;
197 }
198 else
199 ret=0;
200 break;
201 case BIO_C_GET_MD_CTX:
202 pctx=ptr;
203 *pctx=ctx;
204 b->init = 1;
205 break;
206 case BIO_C_SET_MD_CTX:
207 if (b->init)
208 b->ptr=ptr;
209 else
210 ret=0;
211 break;
212 case BIO_C_DO_STATE_MACHINE:
213 BIO_clear_retry_flags(b);
214 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
215 BIO_copy_next_retry(b);
216 break;
217
218 case BIO_C_SET_MD:
219 md=ptr;
220 ret = EVP_DigestInit_ex(ctx,md, NULL);
221 if (ret > 0)
222 b->init=1;
223 break;
224 case BIO_CTRL_DUP:
225 dbio=ptr;
226 dctx=dbio->ptr;
227 if (!EVP_MD_CTX_copy_ex(dctx,ctx))
228 return 0;
229 b->init=1;
230 break;
231 default:
232 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
233 break;
234 }
235 return(ret);
236 }
237
238static long md_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
239 {
240 long ret=1;
241
242 if (b->next_bio == NULL) return(0);
243 switch (cmd)
244 {
245 default:
246 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
247 break;
248 }
249 return(ret);
250 }
251
252static int md_gets(BIO *bp, char *buf, int size)
253 {
254 EVP_MD_CTX *ctx;
255 unsigned int ret;
256
257
258 ctx=bp->ptr;
259 if (size < ctx->digest->md_size)
260 return(0);
261 if (EVP_DigestFinal_ex(ctx,(unsigned char *)buf,&ret)<=0)
262 return -1;
263
264 return((int)ret);
265 }
266
267/*
268static int md_puts(bp,str)
269BIO *bp;
270char *str;
271 {
272 return(-1);
273 }
274*/
275
diff --git a/src/lib/libcrypto/evp/c_all.c b/src/lib/libcrypto/evp/c_all.c
deleted file mode 100644
index 766c4cecdf..0000000000
--- a/src/lib/libcrypto/evp/c_all.c
+++ /dev/null
@@ -1,90 +0,0 @@
1/* crypto/evp/c_all.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#ifndef OPENSSL_NO_ENGINE
63#include <openssl/engine.h>
64#endif
65
66#if 0
67#undef OpenSSL_add_all_algorithms
68
69void OpenSSL_add_all_algorithms(void)
70 {
71 OPENSSL_add_all_algorithms_noconf();
72 }
73#endif
74
75void OPENSSL_add_all_algorithms_noconf(void)
76 {
77 /*
78 * For the moment OPENSSL_cpuid_setup does something
79 * only on IA-32, but we reserve the option for all
80 * platforms...
81 */
82 OPENSSL_cpuid_setup();
83 OpenSSL_add_all_ciphers();
84 OpenSSL_add_all_digests();
85#ifndef OPENSSL_NO_ENGINE
86# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
87 ENGINE_setup_bsd_cryptodev();
88# endif
89#endif
90 }
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
deleted file mode 100644
index 467e6b5ae9..0000000000
--- a/src/lib/libcrypto/evp/digest.c
+++ /dev/null
@@ -1,403 +0,0 @@
1/* crypto/evp/digest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include "cryptlib.h"
114#include <openssl/objects.h>
115#include <openssl/evp.h>
116#ifndef OPENSSL_NO_ENGINE
117#include <openssl/engine.h>
118#endif
119
120#ifdef OPENSSL_FIPS
121#include <openssl/fips.h>
122#endif
123
124void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
125 {
126 memset(ctx,'\0',sizeof *ctx);
127 }
128
129EVP_MD_CTX *EVP_MD_CTX_create(void)
130 {
131 EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx);
132
133 if (ctx)
134 EVP_MD_CTX_init(ctx);
135
136 return ctx;
137 }
138
139int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
140 {
141 EVP_MD_CTX_init(ctx);
142 return EVP_DigestInit_ex(ctx, type, NULL);
143 }
144
145int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
146 {
147 EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
148#ifndef OPENSSL_NO_ENGINE
149 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
150 * so this context may already have an ENGINE! Try to avoid releasing
151 * the previous handle, re-querying for an ENGINE, and having a
152 * reinitialisation, when it may all be unecessary. */
153 if (ctx->engine && ctx->digest && (!type ||
154 (type && (type->type == ctx->digest->type))))
155 goto skip_to_init;
156 if (type)
157 {
158 /* Ensure an ENGINE left lying around from last time is cleared
159 * (the previous check attempted to avoid this if the same
160 * ENGINE and EVP_MD could be used). */
161 if(ctx->engine)
162 ENGINE_finish(ctx->engine);
163 if(impl)
164 {
165 if (!ENGINE_init(impl))
166 {
167 EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR);
168 return 0;
169 }
170 }
171 else
172 /* Ask if an ENGINE is reserved for this job */
173 impl = ENGINE_get_digest_engine(type->type);
174 if(impl)
175 {
176 /* There's an ENGINE for this job ... (apparently) */
177 const EVP_MD *d = ENGINE_get_digest(impl, type->type);
178 if(!d)
179 {
180 /* Same comment from evp_enc.c */
181 EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR);
182 ENGINE_finish(impl);
183 return 0;
184 }
185 /* We'll use the ENGINE's private digest definition */
186 type = d;
187 /* Store the ENGINE functional reference so we know
188 * 'type' came from an ENGINE and we need to release
189 * it when done. */
190 ctx->engine = impl;
191 }
192 else
193 ctx->engine = NULL;
194 }
195 else
196 if(!ctx->digest)
197 {
198 EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_NO_DIGEST_SET);
199 return 0;
200 }
201#endif
202 if (ctx->digest != type)
203 {
204 if (ctx->digest && ctx->digest->ctx_size)
205 OPENSSL_free(ctx->md_data);
206 ctx->digest=type;
207 if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size)
208 {
209 ctx->update = type->update;
210 ctx->md_data=OPENSSL_malloc(type->ctx_size);
211 if (ctx->md_data == NULL)
212 {
213 EVPerr(EVP_F_EVP_DIGESTINIT_EX,
214 ERR_R_MALLOC_FAILURE);
215 return 0;
216 }
217 }
218 }
219#ifndef OPENSSL_NO_ENGINE
220skip_to_init:
221#endif
222 if (ctx->pctx)
223 {
224 int r;
225 r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
226 EVP_PKEY_CTRL_DIGESTINIT, 0, ctx);
227 if (r <= 0 && (r != -2))
228 return 0;
229 }
230 if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT)
231 return 1;
232#ifdef OPENSSL_FIPS
233 if (FIPS_mode())
234 {
235 if (FIPS_digestinit(ctx, type))
236 return 1;
237 OPENSSL_free(ctx->md_data);
238 ctx->md_data = NULL;
239 return 0;
240 }
241#endif
242 return ctx->digest->init(ctx);
243 }
244
245int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
246 {
247#ifdef OPENSSL_FIPS
248 return FIPS_digestupdate(ctx, data, count);
249#else
250 return ctx->update(ctx,data,count);
251#endif
252 }
253
254/* The caller can assume that this removes any secret data from the context */
255int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
256 {
257 int ret;
258 ret = EVP_DigestFinal_ex(ctx, md, size);
259 EVP_MD_CTX_cleanup(ctx);
260 return ret;
261 }
262
263/* The caller can assume that this removes any secret data from the context */
264int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
265 {
266#ifdef OPENSSL_FIPS
267 return FIPS_digestfinal(ctx, md, size);
268#else
269 int ret;
270 OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
271 ret=ctx->digest->final(ctx,md);
272 if (size != NULL)
273 *size=ctx->digest->md_size;
274 if (ctx->digest->cleanup)
275 {
276 ctx->digest->cleanup(ctx);
277 EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
278 }
279 memset(ctx->md_data,0,ctx->digest->ctx_size);
280 return ret;
281#endif
282 }
283
284int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
285 {
286 EVP_MD_CTX_init(out);
287 return EVP_MD_CTX_copy_ex(out, in);
288 }
289
290int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
291 {
292 unsigned char *tmp_buf;
293 if ((in == NULL) || (in->digest == NULL))
294 {
295 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,EVP_R_INPUT_NOT_INITIALIZED);
296 return 0;
297 }
298#ifndef OPENSSL_NO_ENGINE
299 /* Make sure it's safe to copy a digest context using an ENGINE */
300 if (in->engine && !ENGINE_init(in->engine))
301 {
302 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_ENGINE_LIB);
303 return 0;
304 }
305#endif
306
307 if (out->digest == in->digest)
308 {
309 tmp_buf = out->md_data;
310 EVP_MD_CTX_set_flags(out,EVP_MD_CTX_FLAG_REUSE);
311 }
312 else tmp_buf = NULL;
313 EVP_MD_CTX_cleanup(out);
314 memcpy(out,in,sizeof *out);
315
316 if (in->md_data && out->digest->ctx_size)
317 {
318 if (tmp_buf)
319 out->md_data = tmp_buf;
320 else
321 {
322 out->md_data=OPENSSL_malloc(out->digest->ctx_size);
323 if (!out->md_data)
324 {
325 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_MALLOC_FAILURE);
326 return 0;
327 }
328 }
329 memcpy(out->md_data,in->md_data,out->digest->ctx_size);
330 }
331
332 out->update = in->update;
333
334 if (in->pctx)
335 {
336 out->pctx = EVP_PKEY_CTX_dup(in->pctx);
337 if (!out->pctx)
338 {
339 EVP_MD_CTX_cleanup(out);
340 return 0;
341 }
342 }
343
344 if (out->digest->copy)
345 return out->digest->copy(out,in);
346
347 return 1;
348 }
349
350int EVP_Digest(const void *data, size_t count,
351 unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl)
352 {
353 EVP_MD_CTX ctx;
354 int ret;
355
356 EVP_MD_CTX_init(&ctx);
357 EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT);
358 ret=EVP_DigestInit_ex(&ctx, type, impl)
359 && EVP_DigestUpdate(&ctx, data, count)
360 && EVP_DigestFinal_ex(&ctx, md, size);
361 EVP_MD_CTX_cleanup(&ctx);
362
363 return ret;
364 }
365
366void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
367 {
368 EVP_MD_CTX_cleanup(ctx);
369 OPENSSL_free(ctx);
370 }
371
372/* This call frees resources associated with the context */
373int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
374 {
375#ifndef OPENSSL_FIPS
376 /* Don't assume ctx->md_data was cleaned in EVP_Digest_Final,
377 * because sometimes only copies of the context are ever finalised.
378 */
379 if (ctx->digest && ctx->digest->cleanup
380 && !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED))
381 ctx->digest->cleanup(ctx);
382 if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
383 && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE))
384 {
385 OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size);
386 OPENSSL_free(ctx->md_data);
387 }
388#endif
389 if (ctx->pctx)
390 EVP_PKEY_CTX_free(ctx->pctx);
391#ifndef OPENSSL_NO_ENGINE
392 if(ctx->engine)
393 /* The EVP_MD we used belongs to an ENGINE, release the
394 * functional reference we held for this reason. */
395 ENGINE_finish(ctx->engine);
396#endif
397#ifdef OPENSSL_FIPS
398 FIPS_md_ctx_cleanup(ctx);
399#endif
400 memset(ctx,'\0',sizeof *ctx);
401
402 return 1;
403 }
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
deleted file mode 100644
index 1e4af0cb75..0000000000
--- a/src/lib/libcrypto/evp/e_aes.c
+++ /dev/null
@@ -1,1313 +0,0 @@
1/* ====================================================================
2 * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 *
49 */
50
51#include <openssl/opensslconf.h>
52#ifndef OPENSSL_NO_AES
53#include <openssl/evp.h>
54#include <openssl/err.h>
55#include <string.h>
56#include <assert.h>
57#include <openssl/aes.h>
58#include "evp_locl.h"
59#ifndef OPENSSL_FIPS
60#include "modes_lcl.h"
61#include <openssl/rand.h>
62
63typedef struct
64 {
65 AES_KEY ks;
66 block128_f block;
67 union {
68 cbc128_f cbc;
69 ctr128_f ctr;
70 } stream;
71 } EVP_AES_KEY;
72
73typedef struct
74 {
75 AES_KEY ks; /* AES key schedule to use */
76 int key_set; /* Set if key initialised */
77 int iv_set; /* Set if an iv is set */
78 GCM128_CONTEXT gcm;
79 unsigned char *iv; /* Temporary IV store */
80 int ivlen; /* IV length */
81 int taglen;
82 int iv_gen; /* It is OK to generate IVs */
83 int tls_aad_len; /* TLS AAD length */
84 ctr128_f ctr;
85 } EVP_AES_GCM_CTX;
86
87typedef struct
88 {
89 AES_KEY ks1, ks2; /* AES key schedules to use */
90 XTS128_CONTEXT xts;
91 void (*stream)(const unsigned char *in,
92 unsigned char *out, size_t length,
93 const AES_KEY *key1, const AES_KEY *key2,
94 const unsigned char iv[16]);
95 } EVP_AES_XTS_CTX;
96
97typedef struct
98 {
99 AES_KEY ks; /* AES key schedule to use */
100 int key_set; /* Set if key initialised */
101 int iv_set; /* Set if an iv is set */
102 int tag_set; /* Set if tag is valid */
103 int len_set; /* Set if message length set */
104 int L, M; /* L and M parameters from RFC3610 */
105 CCM128_CONTEXT ccm;
106 ccm128_f str;
107 } EVP_AES_CCM_CTX;
108
109#define MAXBITCHUNK ((size_t)1<<(sizeof(size_t)*8-4))
110
111#ifdef VPAES_ASM
112int vpaes_set_encrypt_key(const unsigned char *userKey, int bits,
113 AES_KEY *key);
114int vpaes_set_decrypt_key(const unsigned char *userKey, int bits,
115 AES_KEY *key);
116
117void vpaes_encrypt(const unsigned char *in, unsigned char *out,
118 const AES_KEY *key);
119void vpaes_decrypt(const unsigned char *in, unsigned char *out,
120 const AES_KEY *key);
121
122void vpaes_cbc_encrypt(const unsigned char *in,
123 unsigned char *out,
124 size_t length,
125 const AES_KEY *key,
126 unsigned char *ivec, int enc);
127#endif
128#ifdef BSAES_ASM
129void bsaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
130 size_t length, const AES_KEY *key,
131 unsigned char ivec[16], int enc);
132void bsaes_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
133 size_t len, const AES_KEY *key,
134 const unsigned char ivec[16]);
135void bsaes_xts_encrypt(const unsigned char *inp, unsigned char *out,
136 size_t len, const AES_KEY *key1,
137 const AES_KEY *key2, const unsigned char iv[16]);
138void bsaes_xts_decrypt(const unsigned char *inp, unsigned char *out,
139 size_t len, const AES_KEY *key1,
140 const AES_KEY *key2, const unsigned char iv[16]);
141#endif
142#ifdef AES_CTR_ASM
143void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
144 size_t blocks, const AES_KEY *key,
145 const unsigned char ivec[AES_BLOCK_SIZE]);
146#endif
147#ifdef AES_XTS_ASM
148void AES_xts_encrypt(const char *inp,char *out,size_t len,
149 const AES_KEY *key1, const AES_KEY *key2,
150 const unsigned char iv[16]);
151void AES_xts_decrypt(const char *inp,char *out,size_t len,
152 const AES_KEY *key1, const AES_KEY *key2,
153 const unsigned char iv[16]);
154#endif
155
156#if defined(AES_ASM) && !defined(I386_ONLY) && ( \
157 ((defined(__i386) || defined(__i386__) || \
158 defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \
159 defined(__x86_64) || defined(__x86_64__) || \
160 defined(_M_AMD64) || defined(_M_X64) || \
161 defined(__INTEL__) )
162
163extern unsigned int OPENSSL_ia32cap_P[2];
164
165#ifdef VPAES_ASM
166#define VPAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32)))
167#endif
168#ifdef BSAES_ASM
169#define BSAES_CAPABLE VPAES_CAPABLE
170#endif
171/*
172 * AES-NI section
173 */
174#define AESNI_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32)))
175
176int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
177 AES_KEY *key);
178int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
179 AES_KEY *key);
180
181void aesni_encrypt(const unsigned char *in, unsigned char *out,
182 const AES_KEY *key);
183void aesni_decrypt(const unsigned char *in, unsigned char *out,
184 const AES_KEY *key);
185
186void aesni_ecb_encrypt(const unsigned char *in,
187 unsigned char *out,
188 size_t length,
189 const AES_KEY *key,
190 int enc);
191void aesni_cbc_encrypt(const unsigned char *in,
192 unsigned char *out,
193 size_t length,
194 const AES_KEY *key,
195 unsigned char *ivec, int enc);
196
197void aesni_ctr32_encrypt_blocks(const unsigned char *in,
198 unsigned char *out,
199 size_t blocks,
200 const void *key,
201 const unsigned char *ivec);
202
203void aesni_xts_encrypt(const unsigned char *in,
204 unsigned char *out,
205 size_t length,
206 const AES_KEY *key1, const AES_KEY *key2,
207 const unsigned char iv[16]);
208
209void aesni_xts_decrypt(const unsigned char *in,
210 unsigned char *out,
211 size_t length,
212 const AES_KEY *key1, const AES_KEY *key2,
213 const unsigned char iv[16]);
214
215void aesni_ccm64_encrypt_blocks (const unsigned char *in,
216 unsigned char *out,
217 size_t blocks,
218 const void *key,
219 const unsigned char ivec[16],
220 unsigned char cmac[16]);
221
222void aesni_ccm64_decrypt_blocks (const unsigned char *in,
223 unsigned char *out,
224 size_t blocks,
225 const void *key,
226 const unsigned char ivec[16],
227 unsigned char cmac[16]);
228
229static int aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
230 const unsigned char *iv, int enc)
231 {
232 int ret, mode;
233 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
234
235 mode = ctx->cipher->flags & EVP_CIPH_MODE;
236 if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
237 && !enc)
238 {
239 ret = aesni_set_decrypt_key(key, ctx->key_len*8, ctx->cipher_data);
240 dat->block = (block128_f)aesni_decrypt;
241 dat->stream.cbc = mode==EVP_CIPH_CBC_MODE ?
242 (cbc128_f)aesni_cbc_encrypt :
243 NULL;
244 }
245 else {
246 ret = aesni_set_encrypt_key(key, ctx->key_len*8, ctx->cipher_data);
247 dat->block = (block128_f)aesni_encrypt;
248 if (mode==EVP_CIPH_CBC_MODE)
249 dat->stream.cbc = (cbc128_f)aesni_cbc_encrypt;
250 else if (mode==EVP_CIPH_CTR_MODE)
251 dat->stream.ctr = (ctr128_f)aesni_ctr32_encrypt_blocks;
252 else
253 dat->stream.cbc = NULL;
254 }
255
256 if(ret < 0)
257 {
258 EVPerr(EVP_F_AESNI_INIT_KEY,EVP_R_AES_KEY_SETUP_FAILED);
259 return 0;
260 }
261
262 return 1;
263 }
264
265static int aesni_cbc_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
266 const unsigned char *in, size_t len)
267{
268 aesni_cbc_encrypt(in,out,len,ctx->cipher_data,ctx->iv,ctx->encrypt);
269
270 return 1;
271}
272
273static int aesni_ecb_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
274 const unsigned char *in, size_t len)
275{
276 size_t bl = ctx->cipher->block_size;
277
278 if (len<bl) return 1;
279
280 aesni_ecb_encrypt(in,out,len,ctx->cipher_data,ctx->encrypt);
281
282 return 1;
283}
284
285#define aesni_ofb_cipher aes_ofb_cipher
286static int aesni_ofb_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
287 const unsigned char *in,size_t len);
288
289#define aesni_cfb_cipher aes_cfb_cipher
290static int aesni_cfb_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
291 const unsigned char *in,size_t len);
292
293#define aesni_cfb8_cipher aes_cfb8_cipher
294static int aesni_cfb8_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
295 const unsigned char *in,size_t len);
296
297#define aesni_cfb1_cipher aes_cfb1_cipher
298static int aesni_cfb1_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
299 const unsigned char *in,size_t len);
300
301#define aesni_ctr_cipher aes_ctr_cipher
302static int aesni_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
303 const unsigned char *in, size_t len);
304
305static int aesni_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
306 const unsigned char *iv, int enc)
307 {
308 EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
309 if (!iv && !key)
310 return 1;
311 if (key)
312 {
313 aesni_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks);
314 CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
315 (block128_f)aesni_encrypt);
316 gctx->ctr = (ctr128_f)aesni_ctr32_encrypt_blocks;
317 /* If we have an iv can set it directly, otherwise use
318 * saved IV.
319 */
320 if (iv == NULL && gctx->iv_set)
321 iv = gctx->iv;
322 if (iv)
323 {
324 CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
325 gctx->iv_set = 1;
326 }
327 gctx->key_set = 1;
328 }
329 else
330 {
331 /* If key set use IV, otherwise copy */
332 if (gctx->key_set)
333 CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
334 else
335 memcpy(gctx->iv, iv, gctx->ivlen);
336 gctx->iv_set = 1;
337 gctx->iv_gen = 0;
338 }
339 return 1;
340 }
341
342#define aesni_gcm_cipher aes_gcm_cipher
343static int aesni_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
344 const unsigned char *in, size_t len);
345
346static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
347 const unsigned char *iv, int enc)
348 {
349 EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
350 if (!iv && !key)
351 return 1;
352
353 if (key)
354 {
355 /* key_len is two AES keys */
356 if (enc)
357 {
358 aesni_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
359 xctx->xts.block1 = (block128_f)aesni_encrypt;
360 xctx->stream = aesni_xts_encrypt;
361 }
362 else
363 {
364 aesni_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1);
365 xctx->xts.block1 = (block128_f)aesni_decrypt;
366 xctx->stream = aesni_xts_decrypt;
367 }
368
369 aesni_set_encrypt_key(key + ctx->key_len/2,
370 ctx->key_len * 4, &xctx->ks2);
371 xctx->xts.block2 = (block128_f)aesni_encrypt;
372
373 xctx->xts.key1 = &xctx->ks1;
374 }
375
376 if (iv)
377 {
378 xctx->xts.key2 = &xctx->ks2;
379 memcpy(ctx->iv, iv, 16);
380 }
381
382 return 1;
383 }
384
385#define aesni_xts_cipher aes_xts_cipher
386static int aesni_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
387 const unsigned char *in, size_t len);
388
389static int aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
390 const unsigned char *iv, int enc)
391 {
392 EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
393 if (!iv && !key)
394 return 1;
395 if (key)
396 {
397 aesni_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks);
398 CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
399 &cctx->ks, (block128_f)aesni_encrypt);
400 cctx->str = enc?(ccm128_f)aesni_ccm64_encrypt_blocks :
401 (ccm128_f)aesni_ccm64_decrypt_blocks;
402 cctx->key_set = 1;
403 }
404 if (iv)
405 {
406 memcpy(ctx->iv, iv, 15 - cctx->L);
407 cctx->iv_set = 1;
408 }
409 return 1;
410 }
411
412#define aesni_ccm_cipher aes_ccm_cipher
413static int aesni_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
414 const unsigned char *in, size_t len);
415
416#define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
417static const EVP_CIPHER aesni_##keylen##_##mode = { \
418 nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
419 flags|EVP_CIPH_##MODE##_MODE, \
420 aesni_init_key, \
421 aesni_##mode##_cipher, \
422 NULL, \
423 sizeof(EVP_AES_KEY), \
424 NULL,NULL,NULL,NULL }; \
425static const EVP_CIPHER aes_##keylen##_##mode = { \
426 nid##_##keylen##_##nmode,blocksize, \
427 keylen/8,ivlen, \
428 flags|EVP_CIPH_##MODE##_MODE, \
429 aes_init_key, \
430 aes_##mode##_cipher, \
431 NULL, \
432 sizeof(EVP_AES_KEY), \
433 NULL,NULL,NULL,NULL }; \
434const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
435{ return AESNI_CAPABLE?&aesni_##keylen##_##mode:&aes_##keylen##_##mode; }
436
437#define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \
438static const EVP_CIPHER aesni_##keylen##_##mode = { \
439 nid##_##keylen##_##mode,blocksize, \
440 (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
441 flags|EVP_CIPH_##MODE##_MODE, \
442 aesni_##mode##_init_key, \
443 aesni_##mode##_cipher, \
444 aes_##mode##_cleanup, \
445 sizeof(EVP_AES_##MODE##_CTX), \
446 NULL,NULL,aes_##mode##_ctrl,NULL }; \
447static const EVP_CIPHER aes_##keylen##_##mode = { \
448 nid##_##keylen##_##mode,blocksize, \
449 (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
450 flags|EVP_CIPH_##MODE##_MODE, \
451 aes_##mode##_init_key, \
452 aes_##mode##_cipher, \
453 aes_##mode##_cleanup, \
454 sizeof(EVP_AES_##MODE##_CTX), \
455 NULL,NULL,aes_##mode##_ctrl,NULL }; \
456const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
457{ return AESNI_CAPABLE?&aesni_##keylen##_##mode:&aes_##keylen##_##mode; }
458
459#else
460
461#define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
462static const EVP_CIPHER aes_##keylen##_##mode = { \
463 nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
464 flags|EVP_CIPH_##MODE##_MODE, \
465 aes_init_key, \
466 aes_##mode##_cipher, \
467 NULL, \
468 sizeof(EVP_AES_KEY), \
469 NULL,NULL,NULL,NULL }; \
470const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
471{ return &aes_##keylen##_##mode; }
472
473#define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \
474static const EVP_CIPHER aes_##keylen##_##mode = { \
475 nid##_##keylen##_##mode,blocksize, \
476 (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
477 flags|EVP_CIPH_##MODE##_MODE, \
478 aes_##mode##_init_key, \
479 aes_##mode##_cipher, \
480 aes_##mode##_cleanup, \
481 sizeof(EVP_AES_##MODE##_CTX), \
482 NULL,NULL,aes_##mode##_ctrl,NULL }; \
483const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
484{ return &aes_##keylen##_##mode; }
485#endif
486
487#define BLOCK_CIPHER_generic_pack(nid,keylen,flags) \
488 BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
489 BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
490 BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
491 BLOCK_CIPHER_generic(nid,keylen,1,16,cfb128,cfb,CFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
492 BLOCK_CIPHER_generic(nid,keylen,1,16,cfb1,cfb1,CFB,flags) \
493 BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags) \
494 BLOCK_CIPHER_generic(nid,keylen,1,16,ctr,ctr,CTR,flags)
495
496static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
497 const unsigned char *iv, int enc)
498 {
499 int ret, mode;
500 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
501
502 mode = ctx->cipher->flags & EVP_CIPH_MODE;
503 if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
504 && !enc)
505#ifdef BSAES_CAPABLE
506 if (BSAES_CAPABLE && mode==EVP_CIPH_CBC_MODE)
507 {
508 ret = AES_set_decrypt_key(key,ctx->key_len*8,&dat->ks);
509 dat->block = (block128_f)AES_decrypt;
510 dat->stream.cbc = (cbc128_f)bsaes_cbc_encrypt;
511 }
512 else
513#endif
514#ifdef VPAES_CAPABLE
515 if (VPAES_CAPABLE)
516 {
517 ret = vpaes_set_decrypt_key(key,ctx->key_len*8,&dat->ks);
518 dat->block = (block128_f)vpaes_decrypt;
519 dat->stream.cbc = mode==EVP_CIPH_CBC_MODE ?
520 (cbc128_f)vpaes_cbc_encrypt :
521 NULL;
522 }
523 else
524#endif
525 {
526 ret = AES_set_decrypt_key(key,ctx->key_len*8,&dat->ks);
527 dat->block = (block128_f)AES_decrypt;
528 dat->stream.cbc = mode==EVP_CIPH_CBC_MODE ?
529 (cbc128_f)AES_cbc_encrypt :
530 NULL;
531 }
532 else
533#ifdef BSAES_CAPABLE
534 if (BSAES_CAPABLE && mode==EVP_CIPH_CTR_MODE)
535 {
536 ret = AES_set_encrypt_key(key,ctx->key_len*8,&dat->ks);
537 dat->block = (block128_f)AES_encrypt;
538 dat->stream.ctr = (ctr128_f)bsaes_ctr32_encrypt_blocks;
539 }
540 else
541#endif
542#ifdef VPAES_CAPABLE
543 if (VPAES_CAPABLE)
544 {
545 ret = vpaes_set_encrypt_key(key,ctx->key_len*8,&dat->ks);
546 dat->block = (block128_f)vpaes_encrypt;
547 dat->stream.cbc = mode==EVP_CIPH_CBC_MODE ?
548 (cbc128_f)vpaes_cbc_encrypt :
549 NULL;
550 }
551 else
552#endif
553 {
554 ret = AES_set_encrypt_key(key,ctx->key_len*8,&dat->ks);
555 dat->block = (block128_f)AES_encrypt;
556 dat->stream.cbc = mode==EVP_CIPH_CBC_MODE ?
557 (cbc128_f)AES_cbc_encrypt :
558 NULL;
559#ifdef AES_CTR_ASM
560 if (mode==EVP_CIPH_CTR_MODE)
561 dat->stream.ctr = (ctr128_f)AES_ctr32_encrypt;
562#endif
563 }
564
565 if(ret < 0)
566 {
567 EVPerr(EVP_F_AES_INIT_KEY,EVP_R_AES_KEY_SETUP_FAILED);
568 return 0;
569 }
570
571 return 1;
572 }
573
574static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
575 const unsigned char *in, size_t len)
576{
577 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
578
579 if (dat->stream.cbc)
580 (*dat->stream.cbc)(in,out,len,&dat->ks,ctx->iv,ctx->encrypt);
581 else if (ctx->encrypt)
582 CRYPTO_cbc128_encrypt(in,out,len,&dat->ks,ctx->iv,dat->block);
583 else
584 CRYPTO_cbc128_encrypt(in,out,len,&dat->ks,ctx->iv,dat->block);
585
586 return 1;
587}
588
589static int aes_ecb_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
590 const unsigned char *in, size_t len)
591{
592 size_t bl = ctx->cipher->block_size;
593 size_t i;
594 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
595
596 if (len<bl) return 1;
597
598 for (i=0,len-=bl;i<=len;i+=bl)
599 (*dat->block)(in+i,out+i,&dat->ks);
600
601 return 1;
602}
603
604static int aes_ofb_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
605 const unsigned char *in,size_t len)
606{
607 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
608
609 CRYPTO_ofb128_encrypt(in,out,len,&dat->ks,
610 ctx->iv,&ctx->num,dat->block);
611 return 1;
612}
613
614static int aes_cfb_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
615 const unsigned char *in,size_t len)
616{
617 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
618
619 CRYPTO_cfb128_encrypt(in,out,len,&dat->ks,
620 ctx->iv,&ctx->num,ctx->encrypt,dat->block);
621 return 1;
622}
623
624static int aes_cfb8_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
625 const unsigned char *in,size_t len)
626{
627 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
628
629 CRYPTO_cfb128_8_encrypt(in,out,len,&dat->ks,
630 ctx->iv,&ctx->num,ctx->encrypt,dat->block);
631 return 1;
632}
633
634static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
635 const unsigned char *in,size_t len)
636{
637 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
638
639 if (ctx->flags&EVP_CIPH_FLAG_LENGTH_BITS) {
640 CRYPTO_cfb128_1_encrypt(in,out,len,&dat->ks,
641 ctx->iv,&ctx->num,ctx->encrypt,dat->block);
642 return 1;
643 }
644
645 while (len>=MAXBITCHUNK) {
646 CRYPTO_cfb128_1_encrypt(in,out,MAXBITCHUNK*8,&dat->ks,
647 ctx->iv,&ctx->num,ctx->encrypt,dat->block);
648 len-=MAXBITCHUNK;
649 }
650 if (len)
651 CRYPTO_cfb128_1_encrypt(in,out,len*8,&dat->ks,
652 ctx->iv,&ctx->num,ctx->encrypt,dat->block);
653
654 return 1;
655}
656
657static int aes_ctr_cipher (EVP_CIPHER_CTX *ctx, unsigned char *out,
658 const unsigned char *in, size_t len)
659{
660 unsigned int num = ctx->num;
661 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
662
663 if (dat->stream.ctr)
664 CRYPTO_ctr128_encrypt_ctr32(in,out,len,&dat->ks,
665 ctx->iv,ctx->buf,&num,dat->stream.ctr);
666 else
667 CRYPTO_ctr128_encrypt(in,out,len,&dat->ks,
668 ctx->iv,ctx->buf,&num,dat->block);
669 ctx->num = (size_t)num;
670 return 1;
671}
672
673BLOCK_CIPHER_generic_pack(NID_aes,128,EVP_CIPH_FLAG_FIPS)
674BLOCK_CIPHER_generic_pack(NID_aes,192,EVP_CIPH_FLAG_FIPS)
675BLOCK_CIPHER_generic_pack(NID_aes,256,EVP_CIPH_FLAG_FIPS)
676
677static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)
678 {
679 EVP_AES_GCM_CTX *gctx = c->cipher_data;
680 OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm));
681 if (gctx->iv != c->iv)
682 OPENSSL_free(gctx->iv);
683 return 1;
684 }
685
686/* increment counter (64-bit int) by 1 */
687static void ctr64_inc(unsigned char *counter) {
688 int n=8;
689 unsigned char c;
690
691 do {
692 --n;
693 c = counter[n];
694 ++c;
695 counter[n] = c;
696 if (c) return;
697 } while (n);
698}
699
700static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
701 {
702 EVP_AES_GCM_CTX *gctx = c->cipher_data;
703 switch (type)
704 {
705 case EVP_CTRL_INIT:
706 gctx->key_set = 0;
707 gctx->iv_set = 0;
708 gctx->ivlen = c->cipher->iv_len;
709 gctx->iv = c->iv;
710 gctx->taglen = -1;
711 gctx->iv_gen = 0;
712 gctx->tls_aad_len = -1;
713 return 1;
714
715 case EVP_CTRL_GCM_SET_IVLEN:
716 if (arg <= 0)
717 return 0;
718#ifdef OPENSSL_FIPS
719 if (FIPS_module_mode() && !(c->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)
720 && arg < 12)
721 return 0;
722#endif
723 /* Allocate memory for IV if needed */
724 if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen))
725 {
726 if (gctx->iv != c->iv)
727 OPENSSL_free(gctx->iv);
728 gctx->iv = OPENSSL_malloc(arg);
729 if (!gctx->iv)
730 return 0;
731 }
732 gctx->ivlen = arg;
733 return 1;
734
735 case EVP_CTRL_GCM_SET_TAG:
736 if (arg <= 0 || arg > 16 || c->encrypt)
737 return 0;
738 memcpy(c->buf, ptr, arg);
739 gctx->taglen = arg;
740 return 1;
741
742 case EVP_CTRL_GCM_GET_TAG:
743 if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0)
744 return 0;
745 memcpy(ptr, c->buf, arg);
746 return 1;
747
748 case EVP_CTRL_GCM_SET_IV_FIXED:
749 /* Special case: -1 length restores whole IV */
750 if (arg == -1)
751 {
752 memcpy(gctx->iv, ptr, gctx->ivlen);
753 gctx->iv_gen = 1;
754 return 1;
755 }
756 /* Fixed field must be at least 4 bytes and invocation field
757 * at least 8.
758 */
759 if ((arg < 4) || (gctx->ivlen - arg) < 8)
760 return 0;
761 if (arg)
762 memcpy(gctx->iv, ptr, arg);
763 if (c->encrypt &&
764 RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0)
765 return 0;
766 gctx->iv_gen = 1;
767 return 1;
768
769 case EVP_CTRL_GCM_IV_GEN:
770 if (gctx->iv_gen == 0 || gctx->key_set == 0)
771 return 0;
772 CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen);
773 if (arg <= 0 || arg > gctx->ivlen)
774 arg = gctx->ivlen;
775 memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
776 /* Invocation field will be at least 8 bytes in size and
777 * so no need to check wrap around or increment more than
778 * last 8 bytes.
779 */
780 ctr64_inc(gctx->iv + gctx->ivlen - 8);
781 gctx->iv_set = 1;
782 return 1;
783
784 case EVP_CTRL_GCM_SET_IV_INV:
785 if (gctx->iv_gen == 0 || gctx->key_set == 0 || c->encrypt)
786 return 0;
787 memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
788 CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen);
789 gctx->iv_set = 1;
790 return 1;
791
792 case EVP_CTRL_AEAD_TLS1_AAD:
793 /* Save the AAD for later use */
794 if (arg != 13)
795 return 0;
796 memcpy(c->buf, ptr, arg);
797 gctx->tls_aad_len = arg;
798 {
799 unsigned int len=c->buf[arg-2]<<8|c->buf[arg-1];
800 /* Correct length for explicit IV */
801 len -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
802 /* If decrypting correct for tag too */
803 if (!c->encrypt)
804 len -= EVP_GCM_TLS_TAG_LEN;
805 c->buf[arg-2] = len>>8;
806 c->buf[arg-1] = len & 0xff;
807 }
808 /* Extra padding: tag appended to record */
809 return EVP_GCM_TLS_TAG_LEN;
810
811 default:
812 return -1;
813
814 }
815 }
816
817static int aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
818 const unsigned char *iv, int enc)
819 {
820 EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
821 if (!iv && !key)
822 return 1;
823 if (key)
824 { do {
825#ifdef BSAES_CAPABLE
826 if (BSAES_CAPABLE)
827 {
828 AES_set_encrypt_key(key,ctx->key_len*8,&gctx->ks);
829 CRYPTO_gcm128_init(&gctx->gcm,&gctx->ks,
830 (block128_f)AES_encrypt);
831 gctx->ctr = (ctr128_f)bsaes_ctr32_encrypt_blocks;
832 break;
833 }
834 else
835#endif
836#ifdef VPAES_CAPABLE
837 if (VPAES_CAPABLE)
838 {
839 vpaes_set_encrypt_key(key,ctx->key_len*8,&gctx->ks);
840 CRYPTO_gcm128_init(&gctx->gcm,&gctx->ks,
841 (block128_f)vpaes_encrypt);
842 gctx->ctr = NULL;
843 break;
844 }
845#endif
846 AES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks);
847 CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f)AES_encrypt);
848#ifdef AES_CTR_ASM
849 gctx->ctr = (ctr128_f)AES_ctr32_encrypt;
850#else
851 gctx->ctr = NULL;
852#endif
853 } while (0);
854
855 /* If we have an iv can set it directly, otherwise use
856 * saved IV.
857 */
858 if (iv == NULL && gctx->iv_set)
859 iv = gctx->iv;
860 if (iv)
861 {
862 CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
863 gctx->iv_set = 1;
864 }
865 gctx->key_set = 1;
866 }
867 else
868 {
869 /* If key set use IV, otherwise copy */
870 if (gctx->key_set)
871 CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
872 else
873 memcpy(gctx->iv, iv, gctx->ivlen);
874 gctx->iv_set = 1;
875 gctx->iv_gen = 0;
876 }
877 return 1;
878 }
879
880/* Handle TLS GCM packet format. This consists of the last portion of the IV
881 * followed by the payload and finally the tag. On encrypt generate IV,
882 * encrypt payload and write the tag. On verify retrieve IV, decrypt payload
883 * and verify tag.
884 */
885
886static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
887 const unsigned char *in, size_t len)
888 {
889 EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
890 int rv = -1;
891 /* Encrypt/decrypt must be performed in place */
892 if (out != in || len < (EVP_GCM_TLS_EXPLICIT_IV_LEN+EVP_GCM_TLS_TAG_LEN))
893 return -1;
894 /* Set IV from start of buffer or generate IV and write to start
895 * of buffer.
896 */
897 if (EVP_CIPHER_CTX_ctrl(ctx, ctx->encrypt ?
898 EVP_CTRL_GCM_IV_GEN : EVP_CTRL_GCM_SET_IV_INV,
899 EVP_GCM_TLS_EXPLICIT_IV_LEN, out) <= 0)
900 goto err;
901 /* Use saved AAD */
902 if (CRYPTO_gcm128_aad(&gctx->gcm, ctx->buf, gctx->tls_aad_len))
903 goto err;
904 /* Fix buffer and length to point to payload */
905 in += EVP_GCM_TLS_EXPLICIT_IV_LEN;
906 out += EVP_GCM_TLS_EXPLICIT_IV_LEN;
907 len -= EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
908 if (ctx->encrypt)
909 {
910 /* Encrypt payload */
911 if (gctx->ctr)
912 {
913 if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm,
914 in, out, len,
915 gctx->ctr))
916 goto err;
917 }
918 else {
919 if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, len))
920 goto err;
921 }
922 out += len;
923 /* Finally write tag */
924 CRYPTO_gcm128_tag(&gctx->gcm, out, EVP_GCM_TLS_TAG_LEN);
925 rv = len + EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
926 }
927 else
928 {
929 /* Decrypt */
930 if (gctx->ctr)
931 {
932 if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm,
933 in, out, len,
934 gctx->ctr))
935 goto err;
936 }
937 else {
938 if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, len))
939 goto err;
940 }
941 /* Retrieve tag */
942 CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf,
943 EVP_GCM_TLS_TAG_LEN);
944 /* If tag mismatch wipe buffer */
945 if (memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN))
946 {
947 OPENSSL_cleanse(out, len);
948 goto err;
949 }
950 rv = len;
951 }
952
953 err:
954 gctx->iv_set = 0;
955 gctx->tls_aad_len = -1;
956 return rv;
957 }
958
959static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
960 const unsigned char *in, size_t len)
961 {
962 EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
963 /* If not set up, return error */
964 if (!gctx->key_set)
965 return -1;
966
967 if (gctx->tls_aad_len >= 0)
968 return aes_gcm_tls_cipher(ctx, out, in, len);
969
970 if (!gctx->iv_set)
971 return -1;
972 if (!ctx->encrypt && gctx->taglen < 0)
973 return -1;
974 if (in)
975 {
976 if (out == NULL)
977 {
978 if (CRYPTO_gcm128_aad(&gctx->gcm, in, len))
979 return -1;
980 }
981 else if (ctx->encrypt)
982 {
983 if (gctx->ctr)
984 {
985 if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm,
986 in, out, len,
987 gctx->ctr))
988 return -1;
989 }
990 else {
991 if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, len))
992 return -1;
993 }
994 }
995 else
996 {
997 if (gctx->ctr)
998 {
999 if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm,
1000 in, out, len,
1001 gctx->ctr))
1002 return -1;
1003 }
1004 else {
1005 if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, len))
1006 return -1;
1007 }
1008 }
1009 return len;
1010 }
1011 else
1012 {
1013 if (!ctx->encrypt)
1014 {
1015 if (CRYPTO_gcm128_finish(&gctx->gcm,
1016 ctx->buf, gctx->taglen) != 0)
1017 return -1;
1018 gctx->iv_set = 0;
1019 return 0;
1020 }
1021 CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, 16);
1022 gctx->taglen = 16;
1023 /* Don't reuse the IV */
1024 gctx->iv_set = 0;
1025 return 0;
1026 }
1027
1028 }
1029
1030#define CUSTOM_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 \
1031 | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
1032 | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT)
1033
1034BLOCK_CIPHER_custom(NID_aes,128,1,12,gcm,GCM,
1035 EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
1036BLOCK_CIPHER_custom(NID_aes,192,1,12,gcm,GCM,
1037 EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
1038BLOCK_CIPHER_custom(NID_aes,256,1,12,gcm,GCM,
1039 EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
1040
1041static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
1042 {
1043 EVP_AES_XTS_CTX *xctx = c->cipher_data;
1044 if (type != EVP_CTRL_INIT)
1045 return -1;
1046 /* key1 and key2 are used as an indicator both key and IV are set */
1047 xctx->xts.key1 = NULL;
1048 xctx->xts.key2 = NULL;
1049 return 1;
1050 }
1051
1052static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
1053 const unsigned char *iv, int enc)
1054 {
1055 EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
1056 if (!iv && !key)
1057 return 1;
1058
1059 if (key) do
1060 {
1061#ifdef AES_XTS_ASM
1062 xctx->stream = enc ? AES_xts_encrypt : AES_xts_decrypt;
1063#else
1064 xctx->stream = NULL;
1065#endif
1066 /* key_len is two AES keys */
1067#ifdef BSAES_CAPABLE
1068 if (BSAES_CAPABLE)
1069 xctx->stream = enc ? bsaes_xts_encrypt : bsaes_xts_decrypt;
1070 else
1071#endif
1072#ifdef VPAES_CAPABLE
1073 if (VPAES_CAPABLE)
1074 {
1075 if (enc)
1076 {
1077 vpaes_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
1078 xctx->xts.block1 = (block128_f)vpaes_encrypt;
1079 }
1080 else
1081 {
1082 vpaes_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1);
1083 xctx->xts.block1 = (block128_f)vpaes_decrypt;
1084 }
1085
1086 vpaes_set_encrypt_key(key + ctx->key_len/2,
1087 ctx->key_len * 4, &xctx->ks2);
1088 xctx->xts.block2 = (block128_f)vpaes_encrypt;
1089
1090 xctx->xts.key1 = &xctx->ks1;
1091 break;
1092 }
1093#endif
1094 if (enc)
1095 {
1096 AES_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
1097 xctx->xts.block1 = (block128_f)AES_encrypt;
1098 }
1099 else
1100 {
1101 AES_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1);
1102 xctx->xts.block1 = (block128_f)AES_decrypt;
1103 }
1104
1105 AES_set_encrypt_key(key + ctx->key_len/2,
1106 ctx->key_len * 4, &xctx->ks2);
1107 xctx->xts.block2 = (block128_f)AES_encrypt;
1108
1109 xctx->xts.key1 = &xctx->ks1;
1110 } while (0);
1111
1112 if (iv)
1113 {
1114 xctx->xts.key2 = &xctx->ks2;
1115 memcpy(ctx->iv, iv, 16);
1116 }
1117
1118 return 1;
1119 }
1120
1121static int aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
1122 const unsigned char *in, size_t len)
1123 {
1124 EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
1125 if (!xctx->xts.key1 || !xctx->xts.key2)
1126 return 0;
1127 if (!out || !in || len<AES_BLOCK_SIZE)
1128 return 0;
1129#ifdef OPENSSL_FIPS
1130 /* Requirement of SP800-38E */
1131 if (FIPS_module_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) &&
1132 (len > (1UL<<20)*16))
1133 {
1134 EVPerr(EVP_F_AES_XTS_CIPHER, EVP_R_TOO_LARGE);
1135 return 0;
1136 }
1137#endif
1138 if (xctx->stream)
1139 (*xctx->stream)(in, out, len,
1140 xctx->xts.key1, xctx->xts.key2, ctx->iv);
1141 else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
1142 ctx->encrypt))
1143 return 0;
1144 return 1;
1145 }
1146
1147#define aes_xts_cleanup NULL
1148
1149#define XTS_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV \
1150 | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT)
1151
1152BLOCK_CIPHER_custom(NID_aes,128,1,16,xts,XTS,EVP_CIPH_FLAG_FIPS|XTS_FLAGS)
1153BLOCK_CIPHER_custom(NID_aes,256,1,16,xts,XTS,EVP_CIPH_FLAG_FIPS|XTS_FLAGS)
1154
1155static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
1156 {
1157 EVP_AES_CCM_CTX *cctx = c->cipher_data;
1158 switch (type)
1159 {
1160 case EVP_CTRL_INIT:
1161 cctx->key_set = 0;
1162 cctx->iv_set = 0;
1163 cctx->L = 8;
1164 cctx->M = 12;
1165 cctx->tag_set = 0;
1166 cctx->len_set = 0;
1167 return 1;
1168
1169 case EVP_CTRL_CCM_SET_IVLEN:
1170 arg = 15 - arg;
1171 case EVP_CTRL_CCM_SET_L:
1172 if (arg < 2 || arg > 8)
1173 return 0;
1174 cctx->L = arg;
1175 return 1;
1176
1177 case EVP_CTRL_CCM_SET_TAG:
1178 if ((arg & 1) || arg < 4 || arg > 16)
1179 return 0;
1180 if ((c->encrypt && ptr) || (!c->encrypt && !ptr))
1181 return 0;
1182 if (ptr)
1183 {
1184 cctx->tag_set = 1;
1185 memcpy(c->buf, ptr, arg);
1186 }
1187 cctx->M = arg;
1188 return 1;
1189
1190 case EVP_CTRL_CCM_GET_TAG:
1191 if (!c->encrypt || !cctx->tag_set)
1192 return 0;
1193 if(!CRYPTO_ccm128_tag(&cctx->ccm, ptr, (size_t)arg))
1194 return 0;
1195 cctx->tag_set = 0;
1196 cctx->iv_set = 0;
1197 cctx->len_set = 0;
1198 return 1;
1199
1200 default:
1201 return -1;
1202
1203 }
1204 }
1205
1206static int aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
1207 const unsigned char *iv, int enc)
1208 {
1209 EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
1210 if (!iv && !key)
1211 return 1;
1212 if (key) do
1213 {
1214#ifdef VPAES_CAPABLE
1215 if (VPAES_CAPABLE)
1216 {
1217 vpaes_set_encrypt_key(key, ctx->key_len*8, &cctx->ks);
1218 CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
1219 &cctx->ks, (block128_f)vpaes_encrypt);
1220 cctx->key_set = 1;
1221 break;
1222 }
1223#endif
1224 AES_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks);
1225 CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
1226 &cctx->ks, (block128_f)AES_encrypt);
1227 cctx->str = NULL;
1228 cctx->key_set = 1;
1229 } while (0);
1230 if (iv)
1231 {
1232 memcpy(ctx->iv, iv, 15 - cctx->L);
1233 cctx->iv_set = 1;
1234 }
1235 return 1;
1236 }
1237
1238static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
1239 const unsigned char *in, size_t len)
1240 {
1241 EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
1242 CCM128_CONTEXT *ccm = &cctx->ccm;
1243 /* If not set up, return error */
1244 if (!cctx->iv_set && !cctx->key_set)
1245 return -1;
1246 if (!ctx->encrypt && !cctx->tag_set)
1247 return -1;
1248 if (!out)
1249 {
1250 if (!in)
1251 {
1252 if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L,len))
1253 return -1;
1254 cctx->len_set = 1;
1255 return len;
1256 }
1257 /* If have AAD need message length */
1258 if (!cctx->len_set && len)
1259 return -1;
1260 CRYPTO_ccm128_aad(ccm, in, len);
1261 return len;
1262 }
1263 /* EVP_*Final() doesn't return any data */
1264 if (!in)
1265 return 0;
1266 /* If not set length yet do it */
1267 if (!cctx->len_set)
1268 {
1269 if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len))
1270 return -1;
1271 cctx->len_set = 1;
1272 }
1273 if (ctx->encrypt)
1274 {
1275 if (cctx->str ? CRYPTO_ccm128_encrypt_ccm64(ccm, in, out, len,
1276 cctx->str) :
1277 CRYPTO_ccm128_encrypt(ccm, in, out, len))
1278 return -1;
1279 cctx->tag_set = 1;
1280 return len;
1281 }
1282 else
1283 {
1284 int rv = -1;
1285 if (cctx->str ? !CRYPTO_ccm128_decrypt_ccm64(ccm, in, out, len,
1286 cctx->str) :
1287 !CRYPTO_ccm128_decrypt(ccm, in, out, len))
1288 {
1289 unsigned char tag[16];
1290 if (CRYPTO_ccm128_tag(ccm, tag, cctx->M))
1291 {
1292 if (!memcmp(tag, ctx->buf, cctx->M))
1293 rv = len;
1294 }
1295 }
1296 if (rv == -1)
1297 OPENSSL_cleanse(out, len);
1298 cctx->iv_set = 0;
1299 cctx->tag_set = 0;
1300 cctx->len_set = 0;
1301 return rv;
1302 }
1303
1304 }
1305
1306#define aes_ccm_cleanup NULL
1307
1308BLOCK_CIPHER_custom(NID_aes,128,1,12,ccm,CCM,EVP_CIPH_FLAG_FIPS|CUSTOM_FLAGS)
1309BLOCK_CIPHER_custom(NID_aes,192,1,12,ccm,CCM,EVP_CIPH_FLAG_FIPS|CUSTOM_FLAGS)
1310BLOCK_CIPHER_custom(NID_aes,256,1,12,ccm,CCM,EVP_CIPH_FLAG_FIPS|CUSTOM_FLAGS)
1311
1312#endif
1313#endif
diff --git a/src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c b/src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c
deleted file mode 100644
index 483e04b605..0000000000
--- a/src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c
+++ /dev/null
@@ -1,580 +0,0 @@
1/* ====================================================================
2 * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * licensing@OpenSSL.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 */
49
50#include <openssl/opensslconf.h>
51
52#include <stdio.h>
53#include <string.h>
54
55#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1)
56
57#include <openssl/evp.h>
58#include <openssl/objects.h>
59#include <openssl/aes.h>
60#include <openssl/sha.h>
61#include "evp_locl.h"
62
63#ifndef EVP_CIPH_FLAG_AEAD_CIPHER
64#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
65#define EVP_CTRL_AEAD_TLS1_AAD 0x16
66#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
67#endif
68
69#if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1)
70#define EVP_CIPH_FLAG_DEFAULT_ASN1 0
71#endif
72
73#define TLS1_1_VERSION 0x0302
74
75typedef struct
76 {
77 AES_KEY ks;
78 SHA_CTX head,tail,md;
79 size_t payload_length; /* AAD length in decrypt case */
80 union {
81 unsigned int tls_ver;
82 unsigned char tls_aad[16]; /* 13 used */
83 } aux;
84 } EVP_AES_HMAC_SHA1;
85
86#define NO_PAYLOAD_LENGTH ((size_t)-1)
87
88#if defined(AES_ASM) && ( \
89 defined(__x86_64) || defined(__x86_64__) || \
90 defined(_M_AMD64) || defined(_M_X64) || \
91 defined(__INTEL__) )
92
93#if defined(__GNUC__) && __GNUC__>=2 && !defined(PEDANTIC)
94# define BSWAP(x) ({ unsigned int r=(x); asm ("bswapl %0":"=r"(r):"0"(r)); r; })
95#endif
96
97extern unsigned int OPENSSL_ia32cap_P[2];
98#define AESNI_CAPABLE (1<<(57-32))
99
100int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
101 AES_KEY *key);
102int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
103 AES_KEY *key);
104
105void aesni_cbc_encrypt(const unsigned char *in,
106 unsigned char *out,
107 size_t length,
108 const AES_KEY *key,
109 unsigned char *ivec, int enc);
110
111void aesni_cbc_sha1_enc (const void *inp, void *out, size_t blocks,
112 const AES_KEY *key, unsigned char iv[16],
113 SHA_CTX *ctx,const void *in0);
114
115#define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data)
116
117static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx,
118 const unsigned char *inkey,
119 const unsigned char *iv, int enc)
120 {
121 EVP_AES_HMAC_SHA1 *key = data(ctx);
122 int ret;
123
124 if (enc)
125 ret=aesni_set_encrypt_key(inkey,ctx->key_len*8,&key->ks);
126 else
127 ret=aesni_set_decrypt_key(inkey,ctx->key_len*8,&key->ks);
128
129 SHA1_Init(&key->head); /* handy when benchmarking */
130 key->tail = key->head;
131 key->md = key->head;
132
133 key->payload_length = NO_PAYLOAD_LENGTH;
134
135 return ret<0?0:1;
136 }
137
138#define STITCHED_CALL
139
140#if !defined(STITCHED_CALL)
141#define aes_off 0
142#endif
143
144void sha1_block_data_order (void *c,const void *p,size_t len);
145
146static void sha1_update(SHA_CTX *c,const void *data,size_t len)
147{ const unsigned char *ptr = data;
148 size_t res;
149
150 if ((res = c->num)) {
151 res = SHA_CBLOCK-res;
152 if (len<res) res=len;
153 SHA1_Update (c,ptr,res);
154 ptr += res;
155 len -= res;
156 }
157
158 res = len % SHA_CBLOCK;
159 len -= res;
160
161 if (len) {
162 sha1_block_data_order(c,ptr,len/SHA_CBLOCK);
163
164 ptr += len;
165 c->Nh += len>>29;
166 c->Nl += len<<=3;
167 if (c->Nl<(unsigned int)len) c->Nh++;
168 }
169
170 if (res)
171 SHA1_Update(c,ptr,res);
172}
173
174#ifdef SHA1_Update
175#undef SHA1_Update
176#endif
177#define SHA1_Update sha1_update
178
179static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
180 const unsigned char *in, size_t len)
181 {
182 EVP_AES_HMAC_SHA1 *key = data(ctx);
183 unsigned int l;
184 size_t plen = key->payload_length,
185 iv = 0, /* explicit IV in TLS 1.1 and later */
186 sha_off = 0;
187#if defined(STITCHED_CALL)
188 size_t aes_off = 0,
189 blocks;
190
191 sha_off = SHA_CBLOCK-key->md.num;
192#endif
193
194 key->payload_length = NO_PAYLOAD_LENGTH;
195
196 if (len%AES_BLOCK_SIZE) return 0;
197
198 if (ctx->encrypt) {
199 if (plen==NO_PAYLOAD_LENGTH)
200 plen = len;
201 else if (len!=((plen+SHA_DIGEST_LENGTH+AES_BLOCK_SIZE)&-AES_BLOCK_SIZE))
202 return 0;
203 else if (key->aux.tls_ver >= TLS1_1_VERSION)
204 iv = AES_BLOCK_SIZE;
205
206#if defined(STITCHED_CALL)
207 if (plen>(sha_off+iv) && (blocks=(plen-(sha_off+iv))/SHA_CBLOCK)) {
208 SHA1_Update(&key->md,in+iv,sha_off);
209
210 aesni_cbc_sha1_enc(in,out,blocks,&key->ks,
211 ctx->iv,&key->md,in+iv+sha_off);
212 blocks *= SHA_CBLOCK;
213 aes_off += blocks;
214 sha_off += blocks;
215 key->md.Nh += blocks>>29;
216 key->md.Nl += blocks<<=3;
217 if (key->md.Nl<(unsigned int)blocks) key->md.Nh++;
218 } else {
219 sha_off = 0;
220 }
221#endif
222 sha_off += iv;
223 SHA1_Update(&key->md,in+sha_off,plen-sha_off);
224
225 if (plen!=len) { /* "TLS" mode of operation */
226 if (in!=out)
227 memcpy(out+aes_off,in+aes_off,plen-aes_off);
228
229 /* calculate HMAC and append it to payload */
230 SHA1_Final(out+plen,&key->md);
231 key->md = key->tail;
232 SHA1_Update(&key->md,out+plen,SHA_DIGEST_LENGTH);
233 SHA1_Final(out+plen,&key->md);
234
235 /* pad the payload|hmac */
236 plen += SHA_DIGEST_LENGTH;
237 for (l=len-plen-1;plen<len;plen++) out[plen]=l;
238 /* encrypt HMAC|padding at once */
239 aesni_cbc_encrypt(out+aes_off,out+aes_off,len-aes_off,
240 &key->ks,ctx->iv,1);
241 } else {
242 aesni_cbc_encrypt(in+aes_off,out+aes_off,len-aes_off,
243 &key->ks,ctx->iv,1);
244 }
245 } else {
246 union { unsigned int u[SHA_DIGEST_LENGTH/sizeof(unsigned int)];
247 unsigned char c[32+SHA_DIGEST_LENGTH]; } mac, *pmac;
248
249 /* arrange cache line alignment */
250 pmac = (void *)(((size_t)mac.c+31)&((size_t)0-32));
251
252 /* decrypt HMAC|padding at once */
253 aesni_cbc_encrypt(in,out,len,
254 &key->ks,ctx->iv,0);
255
256 if (plen) { /* "TLS" mode of operation */
257 size_t inp_len, mask, j, i;
258 unsigned int res, maxpad, pad, bitlen;
259 int ret = 1;
260 union { unsigned int u[SHA_LBLOCK];
261 unsigned char c[SHA_CBLOCK]; }
262 *data = (void *)key->md.data;
263
264 if ((key->aux.tls_aad[plen-4]<<8|key->aux.tls_aad[plen-3])
265 >= TLS1_1_VERSION)
266 iv = AES_BLOCK_SIZE;
267
268 if (len<(iv+SHA_DIGEST_LENGTH+1))
269 return 0;
270
271 /* omit explicit iv */
272 out += iv;
273 len -= iv;
274
275 /* figure out payload length */
276 pad = out[len-1];
277 maxpad = len-(SHA_DIGEST_LENGTH+1);
278 maxpad |= (255-maxpad)>>(sizeof(maxpad)*8-8);
279 maxpad &= 255;
280
281 inp_len = len - (SHA_DIGEST_LENGTH+pad+1);
282 mask = (0-((inp_len-len)>>(sizeof(inp_len)*8-1)));
283 inp_len &= mask;
284 ret &= (int)mask;
285
286 key->aux.tls_aad[plen-2] = inp_len>>8;
287 key->aux.tls_aad[plen-1] = inp_len;
288
289 /* calculate HMAC */
290 key->md = key->head;
291 SHA1_Update(&key->md,key->aux.tls_aad,plen);
292
293#if 1
294 len -= SHA_DIGEST_LENGTH; /* amend mac */
295 if (len>=(256+SHA_CBLOCK)) {
296 j = (len-(256+SHA_CBLOCK))&(0-SHA_CBLOCK);
297 j += SHA_CBLOCK-key->md.num;
298 SHA1_Update(&key->md,out,j);
299 out += j;
300 len -= j;
301 inp_len -= j;
302 }
303
304 /* but pretend as if we hashed padded payload */
305 bitlen = key->md.Nl+(inp_len<<3); /* at most 18 bits */
306#ifdef BSWAP
307 bitlen = BSWAP(bitlen);
308#else
309 mac.c[0] = 0;
310 mac.c[1] = (unsigned char)(bitlen>>16);
311 mac.c[2] = (unsigned char)(bitlen>>8);
312 mac.c[3] = (unsigned char)bitlen;
313 bitlen = mac.u[0];
314#endif
315
316 pmac->u[0]=0;
317 pmac->u[1]=0;
318 pmac->u[2]=0;
319 pmac->u[3]=0;
320 pmac->u[4]=0;
321
322 for (res=key->md.num, j=0;j<len;j++) {
323 size_t c = out[j];
324 mask = (j-inp_len)>>(sizeof(j)*8-8);
325 c &= mask;
326 c |= 0x80&~mask&~((inp_len-j)>>(sizeof(j)*8-8));
327 data->c[res++]=(unsigned char)c;
328
329 if (res!=SHA_CBLOCK) continue;
330
331 mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1));
332 data->u[SHA_LBLOCK-1] |= bitlen&mask;
333 sha1_block_data_order(&key->md,data,1);
334 mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1));
335 pmac->u[0] |= key->md.h0 & mask;
336 pmac->u[1] |= key->md.h1 & mask;
337 pmac->u[2] |= key->md.h2 & mask;
338 pmac->u[3] |= key->md.h3 & mask;
339 pmac->u[4] |= key->md.h4 & mask;
340 res=0;
341 }
342
343 for(i=res;i<SHA_CBLOCK;i++,j++) data->c[i]=0;
344
345 if (res>SHA_CBLOCK-8) {
346 mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1));
347 data->u[SHA_LBLOCK-1] |= bitlen&mask;
348 sha1_block_data_order(&key->md,data,1);
349 mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1));
350 pmac->u[0] |= key->md.h0 & mask;
351 pmac->u[1] |= key->md.h1 & mask;
352 pmac->u[2] |= key->md.h2 & mask;
353 pmac->u[3] |= key->md.h3 & mask;
354 pmac->u[4] |= key->md.h4 & mask;
355
356 memset(data,0,SHA_CBLOCK);
357 j+=64;
358 }
359 data->u[SHA_LBLOCK-1] = bitlen;
360 sha1_block_data_order(&key->md,data,1);
361 mask = 0-((j-inp_len-73)>>(sizeof(j)*8-1));
362 pmac->u[0] |= key->md.h0 & mask;
363 pmac->u[1] |= key->md.h1 & mask;
364 pmac->u[2] |= key->md.h2 & mask;
365 pmac->u[3] |= key->md.h3 & mask;
366 pmac->u[4] |= key->md.h4 & mask;
367
368#ifdef BSWAP
369 pmac->u[0] = BSWAP(pmac->u[0]);
370 pmac->u[1] = BSWAP(pmac->u[1]);
371 pmac->u[2] = BSWAP(pmac->u[2]);
372 pmac->u[3] = BSWAP(pmac->u[3]);
373 pmac->u[4] = BSWAP(pmac->u[4]);
374#else
375 for (i=0;i<5;i++) {
376 res = pmac->u[i];
377 pmac->c[4*i+0]=(unsigned char)(res>>24);
378 pmac->c[4*i+1]=(unsigned char)(res>>16);
379 pmac->c[4*i+2]=(unsigned char)(res>>8);
380 pmac->c[4*i+3]=(unsigned char)res;
381 }
382#endif
383 len += SHA_DIGEST_LENGTH;
384#else
385 SHA1_Update(&key->md,out,inp_len);
386 res = key->md.num;
387 SHA1_Final(pmac->c,&key->md);
388
389 {
390 unsigned int inp_blocks, pad_blocks;
391
392 /* but pretend as if we hashed padded payload */
393 inp_blocks = 1+((SHA_CBLOCK-9-res)>>(sizeof(res)*8-1));
394 res += (unsigned int)(len-inp_len);
395 pad_blocks = res / SHA_CBLOCK;
396 res %= SHA_CBLOCK;
397 pad_blocks += 1+((SHA_CBLOCK-9-res)>>(sizeof(res)*8-1));
398 for (;inp_blocks<pad_blocks;inp_blocks++)
399 sha1_block_data_order(&key->md,data,1);
400 }
401#endif
402 key->md = key->tail;
403 SHA1_Update(&key->md,pmac->c,SHA_DIGEST_LENGTH);
404 SHA1_Final(pmac->c,&key->md);
405
406 /* verify HMAC */
407 out += inp_len;
408 len -= inp_len;
409#if 1
410 {
411 unsigned char *p = out+len-1-maxpad-SHA_DIGEST_LENGTH;
412 size_t off = out-p;
413 unsigned int c, cmask;
414
415 maxpad += SHA_DIGEST_LENGTH;
416 for (res=0,i=0,j=0;j<maxpad;j++) {
417 c = p[j];
418 cmask = ((int)(j-off-SHA_DIGEST_LENGTH))>>(sizeof(int)*8-1);
419 res |= (c^pad)&~cmask; /* ... and padding */
420 cmask &= ((int)(off-1-j))>>(sizeof(int)*8-1);
421 res |= (c^pmac->c[i])&cmask;
422 i += 1&cmask;
423 }
424 maxpad -= SHA_DIGEST_LENGTH;
425
426 res = 0-((0-res)>>(sizeof(res)*8-1));
427 ret &= (int)~res;
428 }
429#else
430 for (res=0,i=0;i<SHA_DIGEST_LENGTH;i++)
431 res |= out[i]^pmac->c[i];
432 res = 0-((0-res)>>(sizeof(res)*8-1));
433 ret &= (int)~res;
434
435 /* verify padding */
436 pad = (pad&~res) | (maxpad&res);
437 out = out+len-1-pad;
438 for (res=0,i=0;i<pad;i++)
439 res |= out[i]^pad;
440
441 res = (0-res)>>(sizeof(res)*8-1);
442 ret &= (int)~res;
443#endif
444 return ret;
445 } else {
446 SHA1_Update(&key->md,out,len);
447 }
448 }
449
450 return 1;
451 }
452
453static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
454 {
455 EVP_AES_HMAC_SHA1 *key = data(ctx);
456
457 switch (type)
458 {
459 case EVP_CTRL_AEAD_SET_MAC_KEY:
460 {
461 unsigned int i;
462 unsigned char hmac_key[64];
463
464 memset (hmac_key,0,sizeof(hmac_key));
465
466 if (arg > (int)sizeof(hmac_key)) {
467 SHA1_Init(&key->head);
468 SHA1_Update(&key->head,ptr,arg);
469 SHA1_Final(hmac_key,&key->head);
470 } else {
471 memcpy(hmac_key,ptr,arg);
472 }
473
474 for (i=0;i<sizeof(hmac_key);i++)
475 hmac_key[i] ^= 0x36; /* ipad */
476 SHA1_Init(&key->head);
477 SHA1_Update(&key->head,hmac_key,sizeof(hmac_key));
478
479 for (i=0;i<sizeof(hmac_key);i++)
480 hmac_key[i] ^= 0x36^0x5c; /* opad */
481 SHA1_Init(&key->tail);
482 SHA1_Update(&key->tail,hmac_key,sizeof(hmac_key));
483
484 OPENSSL_cleanse(hmac_key,sizeof(hmac_key));
485
486 return 1;
487 }
488 case EVP_CTRL_AEAD_TLS1_AAD:
489 {
490 unsigned char *p=ptr;
491 unsigned int len=p[arg-2]<<8|p[arg-1];
492
493 if (ctx->encrypt)
494 {
495 key->payload_length = len;
496 if ((key->aux.tls_ver=p[arg-4]<<8|p[arg-3]) >= TLS1_1_VERSION) {
497 len -= AES_BLOCK_SIZE;
498 p[arg-2] = len>>8;
499 p[arg-1] = len;
500 }
501 key->md = key->head;
502 SHA1_Update(&key->md,p,arg);
503
504 return (int)(((len+SHA_DIGEST_LENGTH+AES_BLOCK_SIZE)&-AES_BLOCK_SIZE)
505 - len);
506 }
507 else
508 {
509 if (arg>13) arg = 13;
510 memcpy(key->aux.tls_aad,ptr,arg);
511 key->payload_length = arg;
512
513 return SHA_DIGEST_LENGTH;
514 }
515 }
516 default:
517 return -1;
518 }
519 }
520
521static EVP_CIPHER aesni_128_cbc_hmac_sha1_cipher =
522 {
523#ifdef NID_aes_128_cbc_hmac_sha1
524 NID_aes_128_cbc_hmac_sha1,
525#else
526 NID_undef,
527#endif
528 16,16,16,
529 EVP_CIPH_CBC_MODE|EVP_CIPH_FLAG_DEFAULT_ASN1|EVP_CIPH_FLAG_AEAD_CIPHER,
530 aesni_cbc_hmac_sha1_init_key,
531 aesni_cbc_hmac_sha1_cipher,
532 NULL,
533 sizeof(EVP_AES_HMAC_SHA1),
534 EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_set_asn1_iv,
535 EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_get_asn1_iv,
536 aesni_cbc_hmac_sha1_ctrl,
537 NULL
538 };
539
540static EVP_CIPHER aesni_256_cbc_hmac_sha1_cipher =
541 {
542#ifdef NID_aes_256_cbc_hmac_sha1
543 NID_aes_256_cbc_hmac_sha1,
544#else
545 NID_undef,
546#endif
547 16,32,16,
548 EVP_CIPH_CBC_MODE|EVP_CIPH_FLAG_DEFAULT_ASN1|EVP_CIPH_FLAG_AEAD_CIPHER,
549 aesni_cbc_hmac_sha1_init_key,
550 aesni_cbc_hmac_sha1_cipher,
551 NULL,
552 sizeof(EVP_AES_HMAC_SHA1),
553 EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_set_asn1_iv,
554 EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_get_asn1_iv,
555 aesni_cbc_hmac_sha1_ctrl,
556 NULL
557 };
558
559const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void)
560 {
561 return(OPENSSL_ia32cap_P[1]&AESNI_CAPABLE?
562 &aesni_128_cbc_hmac_sha1_cipher:NULL);
563 }
564
565const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void)
566 {
567 return(OPENSSL_ia32cap_P[1]&AESNI_CAPABLE?
568 &aesni_256_cbc_hmac_sha1_cipher:NULL);
569 }
570#else
571const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void)
572 {
573 return NULL;
574 }
575const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void)
576 {
577 return NULL;
578 }
579#endif
580#endif
diff --git a/src/lib/libcrypto/evp/e_bf.c b/src/lib/libcrypto/evp/e_bf.c
deleted file mode 100644
index cc224e5363..0000000000
--- a/src/lib/libcrypto/evp/e_bf.c
+++ /dev/null
@@ -1,88 +0,0 @@
1/* crypto/evp/e_bf.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#ifndef OPENSSL_NO_BF
62#include <openssl/evp.h>
63#include "evp_locl.h"
64#include <openssl/objects.h>
65#include <openssl/blowfish.h>
66
67static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
68 const unsigned char *iv, int enc);
69
70typedef struct
71 {
72 BF_KEY ks;
73 } EVP_BF_KEY;
74
75#define data(ctx) EVP_C_DATA(EVP_BF_KEY,ctx)
76
77IMPLEMENT_BLOCK_CIPHER(bf, ks, BF, EVP_BF_KEY, NID_bf, 8, 16, 8, 64,
78 EVP_CIPH_VARIABLE_LENGTH, bf_init_key, NULL,
79 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
80
81static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
82 const unsigned char *iv, int enc)
83 {
84 BF_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),key);
85 return 1;
86 }
87
88#endif
diff --git a/src/lib/libcrypto/evp/e_camellia.c b/src/lib/libcrypto/evp/e_camellia.c
deleted file mode 100644
index a7b40d1c60..0000000000
--- a/src/lib/libcrypto/evp/e_camellia.c
+++ /dev/null
@@ -1,131 +0,0 @@
1/* crypto/evp/e_camellia.c -*- mode:C; c-file-style: "eay" -*- */
2/* ====================================================================
3 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56#include <openssl/opensslconf.h>
57#ifndef OPENSSL_NO_CAMELLIA
58#include <openssl/evp.h>
59#include <openssl/err.h>
60#include <string.h>
61#include <assert.h>
62#include <openssl/camellia.h>
63#include "evp_locl.h"
64
65static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
66 const unsigned char *iv, int enc);
67
68/* Camellia subkey Structure */
69typedef struct
70 {
71 CAMELLIA_KEY ks;
72 } EVP_CAMELLIA_KEY;
73
74/* Attribute operation for Camellia */
75#define data(ctx) EVP_C_DATA(EVP_CAMELLIA_KEY,ctx)
76
77IMPLEMENT_BLOCK_CIPHER(camellia_128, ks, Camellia, EVP_CAMELLIA_KEY,
78 NID_camellia_128, 16, 16, 16, 128,
79 0, camellia_init_key, NULL,
80 EVP_CIPHER_set_asn1_iv,
81 EVP_CIPHER_get_asn1_iv,
82 NULL)
83IMPLEMENT_BLOCK_CIPHER(camellia_192, ks, Camellia, EVP_CAMELLIA_KEY,
84 NID_camellia_192, 16, 24, 16, 128,
85 0, camellia_init_key, NULL,
86 EVP_CIPHER_set_asn1_iv,
87 EVP_CIPHER_get_asn1_iv,
88 NULL)
89IMPLEMENT_BLOCK_CIPHER(camellia_256, ks, Camellia, EVP_CAMELLIA_KEY,
90 NID_camellia_256, 16, 32, 16, 128,
91 0, camellia_init_key, NULL,
92 EVP_CIPHER_set_asn1_iv,
93 EVP_CIPHER_get_asn1_iv,
94 NULL)
95
96#define IMPLEMENT_CAMELLIA_CFBR(ksize,cbits) IMPLEMENT_CFBR(camellia,Camellia,EVP_CAMELLIA_KEY,ks,ksize,cbits,16)
97
98IMPLEMENT_CAMELLIA_CFBR(128,1)
99IMPLEMENT_CAMELLIA_CFBR(192,1)
100IMPLEMENT_CAMELLIA_CFBR(256,1)
101
102IMPLEMENT_CAMELLIA_CFBR(128,8)
103IMPLEMENT_CAMELLIA_CFBR(192,8)
104IMPLEMENT_CAMELLIA_CFBR(256,8)
105
106
107
108/* The subkey for Camellia is generated. */
109static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
110 const unsigned char *iv, int enc)
111 {
112 int ret;
113
114 ret=Camellia_set_key(key, ctx->key_len * 8, ctx->cipher_data);
115
116 if(ret < 0)
117 {
118 EVPerr(EVP_F_CAMELLIA_INIT_KEY,EVP_R_CAMELLIA_KEY_SETUP_FAILED);
119 return 0;
120 }
121
122 return 1;
123 }
124
125#else
126
127# ifdef PEDANTIC
128static void *dummy=&dummy;
129# endif
130
131#endif
diff --git a/src/lib/libcrypto/evp/e_cast.c b/src/lib/libcrypto/evp/e_cast.c
deleted file mode 100644
index d77bcd9298..0000000000
--- a/src/lib/libcrypto/evp/e_cast.c
+++ /dev/null
@@ -1,90 +0,0 @@
1/* crypto/evp/e_cast.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_CAST
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65#include "evp_locl.h"
66#include <openssl/cast.h>
67
68static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
69 const unsigned char *iv,int enc);
70
71typedef struct
72 {
73 CAST_KEY ks;
74 } EVP_CAST_KEY;
75
76#define data(ctx) EVP_C_DATA(EVP_CAST_KEY,ctx)
77
78IMPLEMENT_BLOCK_CIPHER(cast5, ks, CAST, EVP_CAST_KEY,
79 NID_cast5, 8, CAST_KEY_LENGTH, 8, 64,
80 EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL,
81 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
82
83static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
84 const unsigned char *iv, int enc)
85 {
86 CAST_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),key);
87 return 1;
88 }
89
90#endif
diff --git a/src/lib/libcrypto/evp/e_des.c b/src/lib/libcrypto/evp/e_des.c
deleted file mode 100644
index ca009f2c52..0000000000
--- a/src/lib/libcrypto/evp/e_des.c
+++ /dev/null
@@ -1,224 +0,0 @@
1/* crypto/evp/e_des.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#ifndef OPENSSL_NO_DES
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include "evp_locl.h"
65#include <openssl/des.h>
66#include <openssl/rand.h>
67
68static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
69 const unsigned char *iv, int enc);
70static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
71
72/* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */
73
74static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
75 const unsigned char *in, size_t inl)
76{
77 BLOCK_CIPHER_ecb_loop()
78 DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), ctx->cipher_data, ctx->encrypt);
79 return 1;
80}
81
82static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
83 const unsigned char *in, size_t inl)
84{
85 while(inl>=EVP_MAXCHUNK)
86 {
87 DES_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
88 (DES_cblock *)ctx->iv, &ctx->num);
89 inl-=EVP_MAXCHUNK;
90 in +=EVP_MAXCHUNK;
91 out+=EVP_MAXCHUNK;
92 }
93 if (inl)
94 DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data,
95 (DES_cblock *)ctx->iv, &ctx->num);
96 return 1;
97}
98
99static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
100 const unsigned char *in, size_t inl)
101{
102 while(inl>=EVP_MAXCHUNK)
103 {
104 DES_ncbc_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
105 (DES_cblock *)ctx->iv, ctx->encrypt);
106 inl-=EVP_MAXCHUNK;
107 in +=EVP_MAXCHUNK;
108 out+=EVP_MAXCHUNK;
109 }
110 if (inl)
111 DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data,
112 (DES_cblock *)ctx->iv, ctx->encrypt);
113 return 1;
114}
115
116static int des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
117 const unsigned char *in, size_t inl)
118{
119 while(inl>=EVP_MAXCHUNK)
120 {
121 DES_cfb64_encrypt(in,out, (long)EVP_MAXCHUNK, ctx->cipher_data,
122 (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
123 inl-=EVP_MAXCHUNK;
124 in +=EVP_MAXCHUNK;
125 out+=EVP_MAXCHUNK;
126 }
127 if (inl)
128 DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data,
129 (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
130 return 1;
131}
132
133/* Although we have a CFB-r implementation for DES, it doesn't pack the right
134 way, so wrap it here */
135static int des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
136 const unsigned char *in, size_t inl)
137 {
138 size_t n,chunk=EVP_MAXCHUNK/8;
139 unsigned char c[1],d[1];
140
141 if (inl<chunk) chunk=inl;
142
143 while (inl && inl>=chunk)
144 {
145 for(n=0 ; n < chunk*8; ++n)
146 {
147 c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
148 DES_cfb_encrypt(c,d,1,1,ctx->cipher_data,(DES_cblock *)ctx->iv,
149 ctx->encrypt);
150 out[n/8]=(out[n/8]&~(0x80 >> (unsigned int)(n%8))) |
151 ((d[0]&0x80) >> (unsigned int)(n%8));
152 }
153 inl-=chunk;
154 in +=chunk;
155 out+=chunk;
156 if (inl<chunk) chunk=inl;
157 }
158
159 return 1;
160 }
161
162static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
163 const unsigned char *in, size_t inl)
164 {
165 while (inl>=EVP_MAXCHUNK)
166 {
167 DES_cfb_encrypt(in,out,8,(long)EVP_MAXCHUNK,ctx->cipher_data,
168 (DES_cblock *)ctx->iv,ctx->encrypt);
169 inl-=EVP_MAXCHUNK;
170 in +=EVP_MAXCHUNK;
171 out+=EVP_MAXCHUNK;
172 }
173 if (inl)
174 DES_cfb_encrypt(in,out,8,(long)inl,ctx->cipher_data,
175 (DES_cblock *)ctx->iv,ctx->encrypt);
176 return 1;
177 }
178
179BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64,
180 EVP_CIPH_RAND_KEY, des_init_key, NULL,
181 EVP_CIPHER_set_asn1_iv,
182 EVP_CIPHER_get_asn1_iv,
183 des_ctrl)
184
185BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,1,
186 EVP_CIPH_RAND_KEY, des_init_key,NULL,
187 EVP_CIPHER_set_asn1_iv,
188 EVP_CIPHER_get_asn1_iv,des_ctrl)
189
190BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,8,
191 EVP_CIPH_RAND_KEY,des_init_key,NULL,
192 EVP_CIPHER_set_asn1_iv,
193 EVP_CIPHER_get_asn1_iv,des_ctrl)
194
195static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
196 const unsigned char *iv, int enc)
197 {
198 DES_cblock *deskey = (DES_cblock *)key;
199#ifdef EVP_CHECK_DES_KEY
200 if(DES_set_key_checked(deskey,ctx->cipher_data) != 0)
201 return 0;
202#else
203 DES_set_key_unchecked(deskey,ctx->cipher_data);
204#endif
205 return 1;
206 }
207
208static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
209 {
210
211 switch(type)
212 {
213 case EVP_CTRL_RAND_KEY:
214 if (RAND_bytes(ptr, 8) <= 0)
215 return 0;
216 DES_set_odd_parity((DES_cblock *)ptr);
217 return 1;
218
219 default:
220 return -1;
221 }
222 }
223
224#endif
diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c
deleted file mode 100644
index 1e69972662..0000000000
--- a/src/lib/libcrypto/evp/e_des3.c
+++ /dev/null
@@ -1,316 +0,0 @@
1/* crypto/evp/e_des3.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#ifndef OPENSSL_NO_DES
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include "evp_locl.h"
65#include <openssl/des.h>
66#include <openssl/rand.h>
67
68#ifndef OPENSSL_FIPS
69
70static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
71 const unsigned char *iv,int enc);
72
73static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
74 const unsigned char *iv,int enc);
75
76static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
77
78typedef struct
79 {
80 DES_key_schedule ks1;/* key schedule */
81 DES_key_schedule ks2;/* key schedule (for ede) */
82 DES_key_schedule ks3;/* key schedule (for ede3) */
83 } DES_EDE_KEY;
84
85#define data(ctx) ((DES_EDE_KEY *)(ctx)->cipher_data)
86
87/* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */
88
89static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
90 const unsigned char *in, size_t inl)
91{
92 BLOCK_CIPHER_ecb_loop()
93 DES_ecb3_encrypt((const_DES_cblock *)(in + i),
94 (DES_cblock *)(out + i),
95 &data(ctx)->ks1, &data(ctx)->ks2,
96 &data(ctx)->ks3,
97 ctx->encrypt);
98 return 1;
99}
100
101static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
102 const unsigned char *in, size_t inl)
103{
104 if (inl>=EVP_MAXCHUNK)
105 {
106 DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
107 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
108 (DES_cblock *)ctx->iv, &ctx->num);
109 inl-=EVP_MAXCHUNK;
110 in +=EVP_MAXCHUNK;
111 out+=EVP_MAXCHUNK;
112 }
113 if (inl)
114 DES_ede3_ofb64_encrypt(in, out, (long)inl,
115 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
116 (DES_cblock *)ctx->iv, &ctx->num);
117
118 return 1;
119}
120
121static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
122 const unsigned char *in, size_t inl)
123{
124#ifdef KSSL_DEBUG
125 {
126 int i;
127 char *cp;
128 printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len);
129 printf("\t iv= ");
130 for(i=0;i<8;i++)
131 printf("%02X",ctx->iv[i]);
132 printf("\n");
133 }
134#endif /* KSSL_DEBUG */
135 if (inl>=EVP_MAXCHUNK)
136 {
137 DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK,
138 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
139 (DES_cblock *)ctx->iv, ctx->encrypt);
140 inl-=EVP_MAXCHUNK;
141 in +=EVP_MAXCHUNK;
142 out+=EVP_MAXCHUNK;
143 }
144 if (inl)
145 DES_ede3_cbc_encrypt(in, out, (long)inl,
146 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
147 (DES_cblock *)ctx->iv, ctx->encrypt);
148 return 1;
149}
150
151static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
152 const unsigned char *in, size_t inl)
153{
154 if (inl>=EVP_MAXCHUNK)
155 {
156 DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK,
157 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
158 (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
159 inl-=EVP_MAXCHUNK;
160 in +=EVP_MAXCHUNK;
161 out+=EVP_MAXCHUNK;
162 }
163 if (inl)
164 DES_ede3_cfb64_encrypt(in, out, (long)inl,
165 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
166 (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
167 return 1;
168}
169
170/* Although we have a CFB-r implementation for 3-DES, it doesn't pack the right
171 way, so wrap it here */
172static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
173 const unsigned char *in, size_t inl)
174 {
175 size_t n;
176 unsigned char c[1],d[1];
177
178 for(n=0 ; n < inl ; ++n)
179 {
180 c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
181 DES_ede3_cfb_encrypt(c,d,1,1,
182 &data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3,
183 (DES_cblock *)ctx->iv,ctx->encrypt);
184 out[n/8]=(out[n/8]&~(0x80 >> (unsigned int)(n%8))) |
185 ((d[0]&0x80) >> (unsigned int)(n%8));
186 }
187
188 return 1;
189 }
190
191static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
192 const unsigned char *in, size_t inl)
193 {
194 while (inl>=EVP_MAXCHUNK)
195 {
196 DES_ede3_cfb_encrypt(in,out,8,(long)EVP_MAXCHUNK,
197 &data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3,
198 (DES_cblock *)ctx->iv,ctx->encrypt);
199 inl-=EVP_MAXCHUNK;
200 in +=EVP_MAXCHUNK;
201 out+=EVP_MAXCHUNK;
202 }
203 if (inl)
204 DES_ede3_cfb_encrypt(in,out,8,(long)inl,
205 &data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3,
206 (DES_cblock *)ctx->iv,ctx->encrypt);
207 return 1;
208 }
209
210BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
211 EVP_CIPH_RAND_KEY, des_ede_init_key, NULL,
212 EVP_CIPHER_set_asn1_iv,
213 EVP_CIPHER_get_asn1_iv,
214 des3_ctrl)
215
216#define des_ede3_cfb64_cipher des_ede_cfb64_cipher
217#define des_ede3_ofb_cipher des_ede_ofb_cipher
218#define des_ede3_cbc_cipher des_ede_cbc_cipher
219#define des_ede3_ecb_cipher des_ede_ecb_cipher
220
221BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
222 EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL,
223 EVP_CIPHER_set_asn1_iv,
224 EVP_CIPHER_get_asn1_iv,
225 des3_ctrl)
226
227BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1,
228 EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL,
229 EVP_CIPHER_set_asn1_iv,
230 EVP_CIPHER_get_asn1_iv,
231 des3_ctrl)
232
233BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8,
234 EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL,
235 EVP_CIPHER_set_asn1_iv,
236 EVP_CIPHER_get_asn1_iv,
237 des3_ctrl)
238
239static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
240 const unsigned char *iv, int enc)
241 {
242 DES_cblock *deskey = (DES_cblock *)key;
243#ifdef EVP_CHECK_DES_KEY
244 if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1)
245 !! DES_set_key_checked(&deskey[1],&data(ctx)->ks2))
246 return 0;
247#else
248 DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
249 DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
250#endif
251 memcpy(&data(ctx)->ks3,&data(ctx)->ks1,
252 sizeof(data(ctx)->ks1));
253 return 1;
254 }
255
256static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
257 const unsigned char *iv, int enc)
258 {
259 DES_cblock *deskey = (DES_cblock *)key;
260#ifdef KSSL_DEBUG
261 {
262 int i;
263 printf("des_ede3_init_key(ctx=%lx)\n", ctx);
264 printf("\tKEY= ");
265 for(i=0;i<24;i++) printf("%02X",key[i]); printf("\n");
266 printf("\t IV= ");
267 for(i=0;i<8;i++) printf("%02X",iv[i]); printf("\n");
268 }
269#endif /* KSSL_DEBUG */
270
271#ifdef EVP_CHECK_DES_KEY
272 if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1)
273 || DES_set_key_checked(&deskey[1],&data(ctx)->ks2)
274 || DES_set_key_checked(&deskey[2],&data(ctx)->ks3))
275 return 0;
276#else
277 DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
278 DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
279 DES_set_key_unchecked(&deskey[2],&data(ctx)->ks3);
280#endif
281 return 1;
282 }
283
284static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
285 {
286
287 DES_cblock *deskey = ptr;
288
289 switch(type)
290 {
291 case EVP_CTRL_RAND_KEY:
292 if (RAND_bytes(ptr, c->key_len) <= 0)
293 return 0;
294 DES_set_odd_parity(deskey);
295 if (c->key_len >= 16)
296 DES_set_odd_parity(deskey + 1);
297 if (c->key_len >= 24)
298 DES_set_odd_parity(deskey + 2);
299 return 1;
300
301 default:
302 return -1;
303 }
304 }
305
306const EVP_CIPHER *EVP_des_ede(void)
307{
308 return &des_ede_ecb;
309}
310
311const EVP_CIPHER *EVP_des_ede3(void)
312{
313 return &des_ede3_ecb;
314}
315#endif
316#endif
diff --git a/src/lib/libcrypto/evp/e_idea.c b/src/lib/libcrypto/evp/e_idea.c
deleted file mode 100644
index 806b080360..0000000000
--- a/src/lib/libcrypto/evp/e_idea.c
+++ /dev/null
@@ -1,118 +0,0 @@
1/* crypto/evp/e_idea.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_IDEA
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65#include "evp_locl.h"
66#include <openssl/idea.h>
67
68static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
69 const unsigned char *iv,int enc);
70
71/* NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a special
72 * case
73 */
74
75static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
76 const unsigned char *in, size_t inl)
77{
78 BLOCK_CIPHER_ecb_loop()
79 idea_ecb_encrypt(in + i, out + i, ctx->cipher_data);
80 return 1;
81}
82
83/* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */
84
85typedef struct
86 {
87 IDEA_KEY_SCHEDULE ks;
88 } EVP_IDEA_KEY;
89
90BLOCK_CIPHER_func_cbc(idea, idea, EVP_IDEA_KEY, ks)
91BLOCK_CIPHER_func_ofb(idea, idea, 64, EVP_IDEA_KEY, ks)
92BLOCK_CIPHER_func_cfb(idea, idea, 64, EVP_IDEA_KEY, ks)
93
94BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64,
95 0, idea_init_key, NULL,
96 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
97
98static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
99 const unsigned char *iv, int enc)
100 {
101 if(!enc) {
102 if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) enc = 1;
103 else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE) enc = 1;
104 }
105 if (enc) idea_set_encrypt_key(key,ctx->cipher_data);
106 else
107 {
108 IDEA_KEY_SCHEDULE tmp;
109
110 idea_set_encrypt_key(key,&tmp);
111 idea_set_decrypt_key(&tmp,ctx->cipher_data);
112 OPENSSL_cleanse((unsigned char *)&tmp,
113 sizeof(IDEA_KEY_SCHEDULE));
114 }
115 return 1;
116 }
117
118#endif
diff --git a/src/lib/libcrypto/evp/e_null.c b/src/lib/libcrypto/evp/e_null.c
deleted file mode 100644
index f0c1f78b5f..0000000000
--- a/src/lib/libcrypto/evp/e_null.c
+++ /dev/null
@@ -1,104 +0,0 @@
1/* crypto/evp/e_null.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63
64#ifndef OPENSSL_FIPS
65
66static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
67 const unsigned char *iv,int enc);
68static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
69 const unsigned char *in, size_t inl);
70static const EVP_CIPHER n_cipher=
71 {
72 NID_undef,
73 1,0,0,
74 0,
75 null_init_key,
76 null_cipher,
77 NULL,
78 0,
79 NULL,
80 NULL,
81 NULL,
82 NULL
83 };
84
85const EVP_CIPHER *EVP_enc_null(void)
86 {
87 return(&n_cipher);
88 }
89
90static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
91 const unsigned char *iv, int enc)
92 {
93 /* memset(&(ctx->c),0,sizeof(ctx->c));*/
94 return 1;
95 }
96
97static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
98 const unsigned char *in, size_t inl)
99 {
100 if (in != out)
101 memcpy((char *)out,(const char *)in,inl);
102 return 1;
103 }
104#endif
diff --git a/src/lib/libcrypto/evp/e_old.c b/src/lib/libcrypto/evp/e_old.c
deleted file mode 100644
index 1642af4869..0000000000
--- a/src/lib/libcrypto/evp/e_old.c
+++ /dev/null
@@ -1,125 +0,0 @@
1/* crypto/evp/e_old.c -*- mode:C; c-file-style: "eay" -*- */
2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3 * project 2004.
4 */
5/* ====================================================================
6 * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#ifdef OPENSSL_NO_DEPRECATED
60static void *dummy = &dummy;
61#else
62
63#include <openssl/evp.h>
64
65/* Define some deprecated functions, so older programs
66 don't crash and burn too quickly. On Windows and VMS,
67 these will never be used, since functions and variables
68 in shared libraries are selected by entry point location,
69 not by name. */
70
71#ifndef OPENSSL_NO_BF
72#undef EVP_bf_cfb
73const EVP_CIPHER *EVP_bf_cfb(void);
74const EVP_CIPHER *EVP_bf_cfb(void) { return EVP_bf_cfb64(); }
75#endif
76
77#ifndef OPENSSL_NO_DES
78#undef EVP_des_cfb
79const EVP_CIPHER *EVP_des_cfb(void);
80const EVP_CIPHER *EVP_des_cfb(void) { return EVP_des_cfb64(); }
81#undef EVP_des_ede3_cfb
82const EVP_CIPHER *EVP_des_ede3_cfb(void);
83const EVP_CIPHER *EVP_des_ede3_cfb(void) { return EVP_des_ede3_cfb64(); }
84#undef EVP_des_ede_cfb
85const EVP_CIPHER *EVP_des_ede_cfb(void);
86const EVP_CIPHER *EVP_des_ede_cfb(void) { return EVP_des_ede_cfb64(); }
87#endif
88
89#ifndef OPENSSL_NO_IDEA
90#undef EVP_idea_cfb
91const EVP_CIPHER *EVP_idea_cfb(void);
92const EVP_CIPHER *EVP_idea_cfb(void) { return EVP_idea_cfb64(); }
93#endif
94
95#ifndef OPENSSL_NO_RC2
96#undef EVP_rc2_cfb
97const EVP_CIPHER *EVP_rc2_cfb(void);
98const EVP_CIPHER *EVP_rc2_cfb(void) { return EVP_rc2_cfb64(); }
99#endif
100
101#ifndef OPENSSL_NO_CAST
102#undef EVP_cast5_cfb
103const EVP_CIPHER *EVP_cast5_cfb(void);
104const EVP_CIPHER *EVP_cast5_cfb(void) { return EVP_cast5_cfb64(); }
105#endif
106
107#ifndef OPENSSL_NO_RC5
108#undef EVP_rc5_32_12_16_cfb
109const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
110const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void) { return EVP_rc5_32_12_16_cfb64(); }
111#endif
112
113#ifndef OPENSSL_NO_AES
114#undef EVP_aes_128_cfb
115const EVP_CIPHER *EVP_aes_128_cfb(void);
116const EVP_CIPHER *EVP_aes_128_cfb(void) { return EVP_aes_128_cfb128(); }
117#undef EVP_aes_192_cfb
118const EVP_CIPHER *EVP_aes_192_cfb(void);
119const EVP_CIPHER *EVP_aes_192_cfb(void) { return EVP_aes_192_cfb128(); }
120#undef EVP_aes_256_cfb
121const EVP_CIPHER *EVP_aes_256_cfb(void);
122const EVP_CIPHER *EVP_aes_256_cfb(void) { return EVP_aes_256_cfb128(); }
123#endif
124
125#endif
diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c
deleted file mode 100644
index d4c33b58d4..0000000000
--- a/src/lib/libcrypto/evp/e_rc2.c
+++ /dev/null
@@ -1,238 +0,0 @@
1/* crypto/evp/e_rc2.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_RC2
63
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include "evp_locl.h"
67#include <openssl/rc2.h>
68
69static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
70 const unsigned char *iv,int enc);
71static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx);
72static int rc2_magic_to_meth(int i);
73static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
74static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
75static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
76
77typedef struct
78 {
79 int key_bits; /* effective key bits */
80 RC2_KEY ks; /* key schedule */
81 } EVP_RC2_KEY;
82
83#define data(ctx) ((EVP_RC2_KEY *)(ctx)->cipher_data)
84
85IMPLEMENT_BLOCK_CIPHER(rc2, ks, RC2, EVP_RC2_KEY, NID_rc2,
86 8,
87 RC2_KEY_LENGTH, 8, 64,
88 EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
89 rc2_init_key, NULL,
90 rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv,
91 rc2_ctrl)
92
93#define RC2_40_MAGIC 0xa0
94#define RC2_64_MAGIC 0x78
95#define RC2_128_MAGIC 0x3a
96
97static const EVP_CIPHER r2_64_cbc_cipher=
98 {
99 NID_rc2_64_cbc,
100 8,8 /* 64 bit */,8,
101 EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
102 rc2_init_key,
103 rc2_cbc_cipher,
104 NULL,
105 sizeof(EVP_RC2_KEY),
106 rc2_set_asn1_type_and_iv,
107 rc2_get_asn1_type_and_iv,
108 rc2_ctrl,
109 NULL
110 };
111
112static const EVP_CIPHER r2_40_cbc_cipher=
113 {
114 NID_rc2_40_cbc,
115 8,5 /* 40 bit */,8,
116 EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
117 rc2_init_key,
118 rc2_cbc_cipher,
119 NULL,
120 sizeof(EVP_RC2_KEY),
121 rc2_set_asn1_type_and_iv,
122 rc2_get_asn1_type_and_iv,
123 rc2_ctrl,
124 NULL
125 };
126
127const EVP_CIPHER *EVP_rc2_64_cbc(void)
128 {
129 return(&r2_64_cbc_cipher);
130 }
131
132const EVP_CIPHER *EVP_rc2_40_cbc(void)
133 {
134 return(&r2_40_cbc_cipher);
135 }
136
137static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
138 const unsigned char *iv, int enc)
139 {
140 RC2_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
141 key,data(ctx)->key_bits);
142 return 1;
143 }
144
145static int rc2_meth_to_magic(EVP_CIPHER_CTX *e)
146 {
147 int i;
148
149 EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i);
150 if (i == 128) return(RC2_128_MAGIC);
151 else if (i == 64) return(RC2_64_MAGIC);
152 else if (i == 40) return(RC2_40_MAGIC);
153 else return(0);
154 }
155
156static int rc2_magic_to_meth(int i)
157 {
158 if (i == RC2_128_MAGIC) return 128;
159 else if (i == RC2_64_MAGIC) return 64;
160 else if (i == RC2_40_MAGIC) return 40;
161 else
162 {
163 EVPerr(EVP_F_RC2_MAGIC_TO_METH,EVP_R_UNSUPPORTED_KEY_SIZE);
164 return(0);
165 }
166 }
167
168static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
169 {
170 long num=0;
171 int i=0;
172 int key_bits;
173 unsigned int l;
174 unsigned char iv[EVP_MAX_IV_LENGTH];
175
176 if (type != NULL)
177 {
178 l=EVP_CIPHER_CTX_iv_length(c);
179 OPENSSL_assert(l <= sizeof(iv));
180 i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l);
181 if (i != (int)l)
182 return(-1);
183 key_bits =rc2_magic_to_meth((int)num);
184 if (!key_bits)
185 return(-1);
186 if(i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1))
187 return -1;
188 EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
189 EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
190 }
191 return(i);
192 }
193
194static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
195 {
196 long num;
197 int i=0,j;
198
199 if (type != NULL)
200 {
201 num=rc2_meth_to_magic(c);
202 j=EVP_CIPHER_CTX_iv_length(c);
203 i=ASN1_TYPE_set_int_octetstring(type,num,c->oiv,j);
204 }
205 return(i);
206 }
207
208static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
209 {
210 switch(type)
211 {
212 case EVP_CTRL_INIT:
213 data(c)->key_bits = EVP_CIPHER_CTX_key_length(c) * 8;
214 return 1;
215
216 case EVP_CTRL_GET_RC2_KEY_BITS:
217 *(int *)ptr = data(c)->key_bits;
218 return 1;
219
220 case EVP_CTRL_SET_RC2_KEY_BITS:
221 if(arg > 0)
222 {
223 data(c)->key_bits = arg;
224 return 1;
225 }
226 return 0;
227#ifdef PBE_PRF_TEST
228 case EVP_CTRL_PBE_PRF_NID:
229 *(int *)ptr = NID_hmacWithMD5;
230 return 1;
231#endif
232
233 default:
234 return -1;
235 }
236 }
237
238#endif
diff --git a/src/lib/libcrypto/evp/e_rc4.c b/src/lib/libcrypto/evp/e_rc4.c
deleted file mode 100644
index b4f6bda82d..0000000000
--- a/src/lib/libcrypto/evp/e_rc4.c
+++ /dev/null
@@ -1,137 +0,0 @@
1/* crypto/evp/e_rc4.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_RC4
63
64#include <openssl/evp.h>
65#include "evp_locl.h"
66#include <openssl/objects.h>
67#include <openssl/rc4.h>
68
69/* FIXME: surely this is available elsewhere? */
70#define EVP_RC4_KEY_SIZE 16
71
72typedef struct
73 {
74 RC4_KEY ks; /* working key */
75 } EVP_RC4_KEY;
76
77#define data(ctx) ((EVP_RC4_KEY *)(ctx)->cipher_data)
78
79static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
80 const unsigned char *iv,int enc);
81static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
82 const unsigned char *in, size_t inl);
83static const EVP_CIPHER r4_cipher=
84 {
85 NID_rc4,
86 1,EVP_RC4_KEY_SIZE,0,
87 EVP_CIPH_VARIABLE_LENGTH,
88 rc4_init_key,
89 rc4_cipher,
90 NULL,
91 sizeof(EVP_RC4_KEY),
92 NULL,
93 NULL,
94 NULL,
95 NULL
96 };
97
98static const EVP_CIPHER r4_40_cipher=
99 {
100 NID_rc4_40,
101 1,5 /* 40 bit */,0,
102 EVP_CIPH_VARIABLE_LENGTH,
103 rc4_init_key,
104 rc4_cipher,
105 NULL,
106 sizeof(EVP_RC4_KEY),
107 NULL,
108 NULL,
109 NULL,
110 NULL
111 };
112
113const EVP_CIPHER *EVP_rc4(void)
114 {
115 return(&r4_cipher);
116 }
117
118const EVP_CIPHER *EVP_rc4_40(void)
119 {
120 return(&r4_40_cipher);
121 }
122
123static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
124 const unsigned char *iv, int enc)
125 {
126 RC4_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
127 key);
128 return 1;
129 }
130
131static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
132 const unsigned char *in, size_t inl)
133 {
134 RC4(&data(ctx)->ks,inl,in,out);
135 return 1;
136 }
137#endif
diff --git a/src/lib/libcrypto/evp/e_rc4_hmac_md5.c b/src/lib/libcrypto/evp/e_rc4_hmac_md5.c
deleted file mode 100644
index 56563191ba..0000000000
--- a/src/lib/libcrypto/evp/e_rc4_hmac_md5.c
+++ /dev/null
@@ -1,298 +0,0 @@
1/* ====================================================================
2 * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * licensing@OpenSSL.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 */
49
50#include <openssl/opensslconf.h>
51
52#include <stdio.h>
53#include <string.h>
54
55#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5)
56
57#include <openssl/evp.h>
58#include <openssl/objects.h>
59#include <openssl/rc4.h>
60#include <openssl/md5.h>
61
62#ifndef EVP_CIPH_FLAG_AEAD_CIPHER
63#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
64#define EVP_CTRL_AEAD_TLS1_AAD 0x16
65#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
66#endif
67
68/* FIXME: surely this is available elsewhere? */
69#define EVP_RC4_KEY_SIZE 16
70
71typedef struct
72 {
73 RC4_KEY ks;
74 MD5_CTX head,tail,md;
75 size_t payload_length;
76 } EVP_RC4_HMAC_MD5;
77
78#define NO_PAYLOAD_LENGTH ((size_t)-1)
79
80void rc4_md5_enc (RC4_KEY *key, const void *in0, void *out,
81 MD5_CTX *ctx,const void *inp,size_t blocks);
82
83#define data(ctx) ((EVP_RC4_HMAC_MD5 *)(ctx)->cipher_data)
84
85static int rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx,
86 const unsigned char *inkey,
87 const unsigned char *iv, int enc)
88 {
89 EVP_RC4_HMAC_MD5 *key = data(ctx);
90
91 RC4_set_key(&key->ks,EVP_CIPHER_CTX_key_length(ctx),
92 inkey);
93
94 MD5_Init(&key->head); /* handy when benchmarking */
95 key->tail = key->head;
96 key->md = key->head;
97
98 key->payload_length = NO_PAYLOAD_LENGTH;
99
100 return 1;
101 }
102
103#if !defined(OPENSSL_NO_ASM) && ( \
104 defined(__x86_64) || defined(__x86_64__) || \
105 defined(_M_AMD64) || defined(_M_X64) || \
106 defined(__INTEL__) ) && \
107 !(defined(__APPLE__) && defined(__MACH__))
108#define STITCHED_CALL
109#endif
110
111#if !defined(STITCHED_CALL)
112#define rc4_off 0
113#define md5_off 0
114#endif
115
116static int rc4_hmac_md5_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
117 const unsigned char *in, size_t len)
118 {
119 EVP_RC4_HMAC_MD5 *key = data(ctx);
120#if defined(STITCHED_CALL)
121 size_t rc4_off = 32-1-(key->ks.x&(32-1)), /* 32 is $MOD from rc4_md5-x86_64.pl */
122 md5_off = MD5_CBLOCK-key->md.num,
123 blocks;
124 unsigned int l;
125 extern unsigned int OPENSSL_ia32cap_P[];
126#endif
127 size_t plen = key->payload_length;
128
129 if (plen!=NO_PAYLOAD_LENGTH && len!=(plen+MD5_DIGEST_LENGTH)) return 0;
130
131 if (ctx->encrypt) {
132 if (plen==NO_PAYLOAD_LENGTH) plen = len;
133#if defined(STITCHED_CALL)
134 /* cipher has to "fall behind" */
135 if (rc4_off>md5_off) md5_off+=MD5_CBLOCK;
136
137 if (plen>md5_off && (blocks=(plen-md5_off)/MD5_CBLOCK) &&
138 (OPENSSL_ia32cap_P[0]&(1<<20))==0) {
139 MD5_Update(&key->md,in,md5_off);
140 RC4(&key->ks,rc4_off,in,out);
141
142 rc4_md5_enc(&key->ks,in+rc4_off,out+rc4_off,
143 &key->md,in+md5_off,blocks);
144 blocks *= MD5_CBLOCK;
145 rc4_off += blocks;
146 md5_off += blocks;
147 key->md.Nh += blocks>>29;
148 key->md.Nl += blocks<<=3;
149 if (key->md.Nl<(unsigned int)blocks) key->md.Nh++;
150 } else {
151 rc4_off = 0;
152 md5_off = 0;
153 }
154#endif
155 MD5_Update(&key->md,in+md5_off,plen-md5_off);
156
157 if (plen!=len) { /* "TLS" mode of operation */
158 if (in!=out)
159 memcpy(out+rc4_off,in+rc4_off,plen-rc4_off);
160
161 /* calculate HMAC and append it to payload */
162 MD5_Final(out+plen,&key->md);
163 key->md = key->tail;
164 MD5_Update(&key->md,out+plen,MD5_DIGEST_LENGTH);
165 MD5_Final(out+plen,&key->md);
166 /* encrypt HMAC at once */
167 RC4(&key->ks,len-rc4_off,out+rc4_off,out+rc4_off);
168 } else {
169 RC4(&key->ks,len-rc4_off,in+rc4_off,out+rc4_off);
170 }
171 } else {
172 unsigned char mac[MD5_DIGEST_LENGTH];
173#if defined(STITCHED_CALL)
174 /* digest has to "fall behind" */
175 if (md5_off>rc4_off) rc4_off += 2*MD5_CBLOCK;
176 else rc4_off += MD5_CBLOCK;
177
178 if (len>rc4_off && (blocks=(len-rc4_off)/MD5_CBLOCK) &&
179 (OPENSSL_ia32cap_P[0]&(1<<20))==0) {
180 RC4(&key->ks,rc4_off,in,out);
181 MD5_Update(&key->md,out,md5_off);
182
183 rc4_md5_enc(&key->ks,in+rc4_off,out+rc4_off,
184 &key->md,out+md5_off,blocks);
185 blocks *= MD5_CBLOCK;
186 rc4_off += blocks;
187 md5_off += blocks;
188 l = (key->md.Nl+(blocks<<3))&0xffffffffU;
189 if (l<key->md.Nl) key->md.Nh++;
190 key->md.Nl = l;
191 key->md.Nh += blocks>>29;
192 } else {
193 md5_off=0;
194 rc4_off=0;
195 }
196#endif
197 /* decrypt HMAC at once */
198 RC4(&key->ks,len-rc4_off,in+rc4_off,out+rc4_off);
199 if (plen!=NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */
200 MD5_Update(&key->md,out+md5_off,plen-md5_off);
201
202 /* calculate HMAC and verify it */
203 MD5_Final(mac,&key->md);
204 key->md = key->tail;
205 MD5_Update(&key->md,mac,MD5_DIGEST_LENGTH);
206 MD5_Final(mac,&key->md);
207
208 if (memcmp(out+plen,mac,MD5_DIGEST_LENGTH))
209 return 0;
210 } else {
211 MD5_Update(&key->md,out+md5_off,len-md5_off);
212 }
213 }
214
215 key->payload_length = NO_PAYLOAD_LENGTH;
216
217 return 1;
218 }
219
220static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
221 {
222 EVP_RC4_HMAC_MD5 *key = data(ctx);
223
224 switch (type)
225 {
226 case EVP_CTRL_AEAD_SET_MAC_KEY:
227 {
228 unsigned int i;
229 unsigned char hmac_key[64];
230
231 memset (hmac_key,0,sizeof(hmac_key));
232
233 if (arg > (int)sizeof(hmac_key)) {
234 MD5_Init(&key->head);
235 MD5_Update(&key->head,ptr,arg);
236 MD5_Final(hmac_key,&key->head);
237 } else {
238 memcpy(hmac_key,ptr,arg);
239 }
240
241 for (i=0;i<sizeof(hmac_key);i++)
242 hmac_key[i] ^= 0x36; /* ipad */
243 MD5_Init(&key->head);
244 MD5_Update(&key->head,hmac_key,sizeof(hmac_key));
245
246 for (i=0;i<sizeof(hmac_key);i++)
247 hmac_key[i] ^= 0x36^0x5c; /* opad */
248 MD5_Init(&key->tail);
249 MD5_Update(&key->tail,hmac_key,sizeof(hmac_key));
250
251 return 1;
252 }
253 case EVP_CTRL_AEAD_TLS1_AAD:
254 {
255 unsigned char *p=ptr;
256 unsigned int len=p[arg-2]<<8|p[arg-1];
257
258 if (!ctx->encrypt)
259 {
260 len -= MD5_DIGEST_LENGTH;
261 p[arg-2] = len>>8;
262 p[arg-1] = len;
263 }
264 key->payload_length=len;
265 key->md = key->head;
266 MD5_Update(&key->md,p,arg);
267
268 return MD5_DIGEST_LENGTH;
269 }
270 default:
271 return -1;
272 }
273 }
274
275static EVP_CIPHER r4_hmac_md5_cipher=
276 {
277#ifdef NID_rc4_hmac_md5
278 NID_rc4_hmac_md5,
279#else
280 NID_undef,
281#endif
282 1,EVP_RC4_KEY_SIZE,0,
283 EVP_CIPH_STREAM_CIPHER|EVP_CIPH_VARIABLE_LENGTH|EVP_CIPH_FLAG_AEAD_CIPHER,
284 rc4_hmac_md5_init_key,
285 rc4_hmac_md5_cipher,
286 NULL,
287 sizeof(EVP_RC4_HMAC_MD5),
288 NULL,
289 NULL,
290 rc4_hmac_md5_ctrl,
291 NULL
292 };
293
294const EVP_CIPHER *EVP_rc4_hmac_md5(void)
295 {
296 return(&r4_hmac_md5_cipher);
297 }
298#endif
diff --git a/src/lib/libcrypto/evp/e_xcbc_d.c b/src/lib/libcrypto/evp/e_xcbc_d.c
deleted file mode 100644
index 250e88c8c5..0000000000
--- a/src/lib/libcrypto/evp/e_xcbc_d.c
+++ /dev/null
@@ -1,138 +0,0 @@
1/* crypto/evp/e_xcbc_d.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_DES
63
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include "evp_locl.h"
67#include <openssl/des.h>
68
69static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
70 const unsigned char *iv,int enc);
71static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
72 const unsigned char *in, size_t inl);
73
74
75typedef struct
76 {
77 DES_key_schedule ks;/* key schedule */
78 DES_cblock inw;
79 DES_cblock outw;
80 } DESX_CBC_KEY;
81
82#define data(ctx) ((DESX_CBC_KEY *)(ctx)->cipher_data)
83
84static const EVP_CIPHER d_xcbc_cipher=
85 {
86 NID_desx_cbc,
87 8,24,8,
88 EVP_CIPH_CBC_MODE,
89 desx_cbc_init_key,
90 desx_cbc_cipher,
91 NULL,
92 sizeof(DESX_CBC_KEY),
93 EVP_CIPHER_set_asn1_iv,
94 EVP_CIPHER_get_asn1_iv,
95 NULL,
96 NULL
97 };
98
99const EVP_CIPHER *EVP_desx_cbc(void)
100 {
101 return(&d_xcbc_cipher);
102 }
103
104static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
105 const unsigned char *iv, int enc)
106 {
107 DES_cblock *deskey = (DES_cblock *)key;
108
109 DES_set_key_unchecked(deskey,&data(ctx)->ks);
110 memcpy(&data(ctx)->inw[0],&key[8],8);
111 memcpy(&data(ctx)->outw[0],&key[16],8);
112
113 return 1;
114 }
115
116static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
117 const unsigned char *in, size_t inl)
118 {
119 while (inl>=EVP_MAXCHUNK)
120 {
121 DES_xcbc_encrypt(in,out,(long)EVP_MAXCHUNK,&data(ctx)->ks,
122 (DES_cblock *)&(ctx->iv[0]),
123 &data(ctx)->inw,
124 &data(ctx)->outw,
125 ctx->encrypt);
126 inl-=EVP_MAXCHUNK;
127 in +=EVP_MAXCHUNK;
128 out+=EVP_MAXCHUNK;
129 }
130 if (inl)
131 DES_xcbc_encrypt(in,out,(long)inl,&data(ctx)->ks,
132 (DES_cblock *)&(ctx->iv[0]),
133 &data(ctx)->inw,
134 &data(ctx)->outw,
135 ctx->encrypt);
136 return 1;
137 }
138#endif
diff --git a/src/lib/libcrypto/evp/encode.c b/src/lib/libcrypto/evp/encode.c
deleted file mode 100644
index 28546a84bc..0000000000
--- a/src/lib/libcrypto/evp/encode.c
+++ /dev/null
@@ -1,445 +0,0 @@
1/* crypto/evp/encode.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62
63#ifndef CHARSET_EBCDIC
64#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
65#define conv_ascii2bin(a) (data_ascii2bin[(a)&0x7f])
66#else
67/* We assume that PEM encoded files are EBCDIC files
68 * (i.e., printable text files). Convert them here while decoding.
69 * When encoding, output is EBCDIC (text) format again.
70 * (No need for conversion in the conv_bin2ascii macro, as the
71 * underlying textstring data_bin2ascii[] is already EBCDIC)
72 */
73#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
74#define conv_ascii2bin(a) (data_ascii2bin[os_toascii[a]&0x7f])
75#endif
76
77/* 64 char lines
78 * pad input with 0
79 * left over chars are set to =
80 * 1 byte => xx==
81 * 2 bytes => xxx=
82 * 3 bytes => xxxx
83 */
84#define BIN_PER_LINE (64/4*3)
85#define CHUNKS_PER_LINE (64/4)
86#define CHAR_PER_LINE (64+1)
87
88static const unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\
89abcdefghijklmnopqrstuvwxyz0123456789+/";
90
91/* 0xF0 is a EOLN
92 * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
93 * 0xF2 is EOF
94 * 0xE0 is ignore at start of line.
95 * 0xFF is error
96 */
97
98#define B64_EOLN 0xF0
99#define B64_CR 0xF1
100#define B64_EOF 0xF2
101#define B64_WS 0xE0
102#define B64_ERROR 0xFF
103#define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3)
104
105static const unsigned char data_ascii2bin[128]={
106 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
107 0xFF,0xE0,0xF0,0xFF,0xFF,0xF1,0xFF,0xFF,
108 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
109 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
110 0xE0,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
111 0xFF,0xFF,0xFF,0x3E,0xFF,0xF2,0xFF,0x3F,
112 0x34,0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,
113 0x3C,0x3D,0xFF,0xFF,0xFF,0x00,0xFF,0xFF,
114 0xFF,0x00,0x01,0x02,0x03,0x04,0x05,0x06,
115 0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,
116 0x0F,0x10,0x11,0x12,0x13,0x14,0x15,0x16,
117 0x17,0x18,0x19,0xFF,0xFF,0xFF,0xFF,0xFF,
118 0xFF,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,0x20,
119 0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,
120 0x29,0x2A,0x2B,0x2C,0x2D,0x2E,0x2F,0x30,
121 0x31,0x32,0x33,0xFF,0xFF,0xFF,0xFF,0xFF,
122 };
123
124void EVP_EncodeInit(EVP_ENCODE_CTX *ctx)
125 {
126 ctx->length=48;
127 ctx->num=0;
128 ctx->line_num=0;
129 }
130
131void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
132 const unsigned char *in, int inl)
133 {
134 int i,j;
135 unsigned int total=0;
136
137 *outl=0;
138 if (inl == 0) return;
139 OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));
140 if ((ctx->num+inl) < ctx->length)
141 {
142 memcpy(&(ctx->enc_data[ctx->num]),in,inl);
143 ctx->num+=inl;
144 return;
145 }
146 if (ctx->num != 0)
147 {
148 i=ctx->length-ctx->num;
149 memcpy(&(ctx->enc_data[ctx->num]),in,i);
150 in+=i;
151 inl-=i;
152 j=EVP_EncodeBlock(out,ctx->enc_data,ctx->length);
153 ctx->num=0;
154 out+=j;
155 *(out++)='\n';
156 *out='\0';
157 total=j+1;
158 }
159 while (inl >= ctx->length)
160 {
161 j=EVP_EncodeBlock(out,in,ctx->length);
162 in+=ctx->length;
163 inl-=ctx->length;
164 out+=j;
165 *(out++)='\n';
166 *out='\0';
167 total+=j+1;
168 }
169 if (inl != 0)
170 memcpy(&(ctx->enc_data[0]),in,inl);
171 ctx->num=inl;
172 *outl=total;
173 }
174
175void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
176 {
177 unsigned int ret=0;
178
179 if (ctx->num != 0)
180 {
181 ret=EVP_EncodeBlock(out,ctx->enc_data,ctx->num);
182 out[ret++]='\n';
183 out[ret]='\0';
184 ctx->num=0;
185 }
186 *outl=ret;
187 }
188
189int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen)
190 {
191 int i,ret=0;
192 unsigned long l;
193
194 for (i=dlen; i > 0; i-=3)
195 {
196 if (i >= 3)
197 {
198 l= (((unsigned long)f[0])<<16L)|
199 (((unsigned long)f[1])<< 8L)|f[2];
200 *(t++)=conv_bin2ascii(l>>18L);
201 *(t++)=conv_bin2ascii(l>>12L);
202 *(t++)=conv_bin2ascii(l>> 6L);
203 *(t++)=conv_bin2ascii(l );
204 }
205 else
206 {
207 l=((unsigned long)f[0])<<16L;
208 if (i == 2) l|=((unsigned long)f[1]<<8L);
209
210 *(t++)=conv_bin2ascii(l>>18L);
211 *(t++)=conv_bin2ascii(l>>12L);
212 *(t++)=(i == 1)?'=':conv_bin2ascii(l>> 6L);
213 *(t++)='=';
214 }
215 ret+=4;
216 f+=3;
217 }
218
219 *t='\0';
220 return(ret);
221 }
222
223void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
224 {
225 ctx->length=30;
226 ctx->num=0;
227 ctx->line_num=0;
228 ctx->expect_nl=0;
229 }
230
231/* -1 for error
232 * 0 for last line
233 * 1 for full line
234 */
235int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
236 const unsigned char *in, int inl)
237 {
238 int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,exp_nl;
239 unsigned char *d;
240
241 n=ctx->num;
242 d=ctx->enc_data;
243 ln=ctx->line_num;
244 exp_nl=ctx->expect_nl;
245
246 /* last line of input. */
247 if ((inl == 0) || ((n == 0) && (conv_ascii2bin(in[0]) == B64_EOF)))
248 { rv=0; goto end; }
249
250 /* We parse the input data */
251 for (i=0; i<inl; i++)
252 {
253 /* If the current line is > 80 characters, scream alot */
254 if (ln >= 80) { rv= -1; goto end; }
255
256 /* Get char and put it into the buffer */
257 tmp= *(in++);
258 v=conv_ascii2bin(tmp);
259 /* only save the good data :-) */
260 if (!B64_NOT_BASE64(v))
261 {
262 OPENSSL_assert(n < (int)sizeof(ctx->enc_data));
263 d[n++]=tmp;
264 ln++;
265 }
266 else if (v == B64_ERROR)
267 {
268 rv= -1;
269 goto end;
270 }
271
272 /* have we seen a '=' which is 'definitly' the last
273 * input line. seof will point to the character that
274 * holds it. and eof will hold how many characters to
275 * chop off. */
276 if (tmp == '=')
277 {
278 if (seof == -1) seof=n;
279 eof++;
280 }
281
282 if (v == B64_CR)
283 {
284 ln = 0;
285 if (exp_nl)
286 continue;
287 }
288
289 /* eoln */
290 if (v == B64_EOLN)
291 {
292 ln=0;
293 if (exp_nl)
294 {
295 exp_nl=0;
296 continue;
297 }
298 }
299 exp_nl=0;
300
301 /* If we are at the end of input and it looks like a
302 * line, process it. */
303 if (((i+1) == inl) && (((n&3) == 0) || eof))
304 {
305 v=B64_EOF;
306 /* In case things were given us in really small
307 records (so two '=' were given in separate
308 updates), eof may contain the incorrect number
309 of ending bytes to skip, so let's redo the count */
310 eof = 0;
311 if (d[n-1] == '=') eof++;
312 if (d[n-2] == '=') eof++;
313 /* There will never be more than two '=' */
314 }
315
316 if ((v == B64_EOF && (n&3) == 0) || (n >= 64))
317 {
318 /* This is needed to work correctly on 64 byte input
319 * lines. We process the line and then need to
320 * accept the '\n' */
321 if ((v != B64_EOF) && (n >= 64)) exp_nl=1;
322 if (n > 0)
323 {
324 v=EVP_DecodeBlock(out,d,n);
325 n=0;
326 if (v < 0) { rv=0; goto end; }
327 ret+=(v-eof);
328 }
329 else
330 {
331 eof=1;
332 v=0;
333 }
334
335 /* This is the case where we have had a short
336 * but valid input line */
337 if ((v < ctx->length) && eof)
338 {
339 rv=0;
340 goto end;
341 }
342 else
343 ctx->length=v;
344
345 if (seof >= 0) { rv=0; goto end; }
346 out+=v;
347 }
348 }
349 rv=1;
350end:
351 *outl=ret;
352 ctx->num=n;
353 ctx->line_num=ln;
354 ctx->expect_nl=exp_nl;
355 return(rv);
356 }
357
358int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n)
359 {
360 int i,ret=0,a,b,c,d;
361 unsigned long l;
362
363 /* trim white space from the start of the line. */
364 while ((conv_ascii2bin(*f) == B64_WS) && (n > 0))
365 {
366 f++;
367 n--;
368 }
369
370 /* strip off stuff at the end of the line
371 * ascii2bin values B64_WS, B64_EOLN, B64_EOLN and B64_EOF */
372 while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n-1]))))
373 n--;
374
375 if (n%4 != 0) return(-1);
376
377 for (i=0; i<n; i+=4)
378 {
379 a=conv_ascii2bin(*(f++));
380 b=conv_ascii2bin(*(f++));
381 c=conv_ascii2bin(*(f++));
382 d=conv_ascii2bin(*(f++));
383 if ( (a & 0x80) || (b & 0x80) ||
384 (c & 0x80) || (d & 0x80))
385 return(-1);
386 l=( (((unsigned long)a)<<18L)|
387 (((unsigned long)b)<<12L)|
388 (((unsigned long)c)<< 6L)|
389 (((unsigned long)d) ));
390 *(t++)=(unsigned char)(l>>16L)&0xff;
391 *(t++)=(unsigned char)(l>> 8L)&0xff;
392 *(t++)=(unsigned char)(l )&0xff;
393 ret+=3;
394 }
395 return(ret);
396 }
397
398int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
399 {
400 int i;
401
402 *outl=0;
403 if (ctx->num != 0)
404 {
405 i=EVP_DecodeBlock(out,ctx->enc_data,ctx->num);
406 if (i < 0) return(-1);
407 ctx->num=0;
408 *outl=i;
409 return(1);
410 }
411 else
412 return(1);
413 }
414
415#ifdef undef
416int EVP_DecodeValid(unsigned char *buf, int len)
417 {
418 int i,num=0,bad=0;
419
420 if (len == 0) return(-1);
421 while (conv_ascii2bin(*buf) == B64_WS)
422 {
423 buf++;
424 len--;
425 if (len == 0) return(-1);
426 }
427
428 for (i=len; i >= 4; i-=4)
429 {
430 if ( (conv_ascii2bin(buf[0]) >= 0x40) ||
431 (conv_ascii2bin(buf[1]) >= 0x40) ||
432 (conv_ascii2bin(buf[2]) >= 0x40) ||
433 (conv_ascii2bin(buf[3]) >= 0x40))
434 return(-1);
435 buf+=4;
436 num+=1+(buf[2] != '=')+(buf[3] != '=');
437 }
438 if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN))
439 return(num);
440 if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) &&
441 (conv_ascii2bin(buf[0]) == B64_EOLN))
442 return(num);
443 return(1);
444 }
445#endif
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
deleted file mode 100644
index 3b1fa87576..0000000000
--- a/src/lib/libcrypto/evp/evp.h
+++ /dev/null
@@ -1,1401 +0,0 @@
1/* crypto/evp/evp.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_ENVELOPE_H
60#define HEADER_ENVELOPE_H
61
62#ifdef OPENSSL_ALGORITHM_DEFINES
63# include <openssl/opensslconf.h>
64#else
65# define OPENSSL_ALGORITHM_DEFINES
66# include <openssl/opensslconf.h>
67# undef OPENSSL_ALGORITHM_DEFINES
68#endif
69
70#include <openssl/ossl_typ.h>
71
72#include <openssl/symhacks.h>
73
74#ifndef OPENSSL_NO_BIO
75#include <openssl/bio.h>
76#endif
77
78/*
79#define EVP_RC2_KEY_SIZE 16
80#define EVP_RC4_KEY_SIZE 16
81#define EVP_BLOWFISH_KEY_SIZE 16
82#define EVP_CAST5_KEY_SIZE 16
83#define EVP_RC5_32_12_16_KEY_SIZE 16
84*/
85#define EVP_MAX_MD_SIZE 64 /* longest known is SHA512 */
86#define EVP_MAX_KEY_LENGTH 64
87#define EVP_MAX_IV_LENGTH 16
88#define EVP_MAX_BLOCK_LENGTH 32
89
90#define PKCS5_SALT_LEN 8
91/* Default PKCS#5 iteration count */
92#define PKCS5_DEFAULT_ITER 2048
93
94#include <openssl/objects.h>
95
96#define EVP_PK_RSA 0x0001
97#define EVP_PK_DSA 0x0002
98#define EVP_PK_DH 0x0004
99#define EVP_PK_EC 0x0008
100#define EVP_PKT_SIGN 0x0010
101#define EVP_PKT_ENC 0x0020
102#define EVP_PKT_EXCH 0x0040
103#define EVP_PKS_RSA 0x0100
104#define EVP_PKS_DSA 0x0200
105#define EVP_PKS_EC 0x0400
106#define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
107
108#define EVP_PKEY_NONE NID_undef
109#define EVP_PKEY_RSA NID_rsaEncryption
110#define EVP_PKEY_RSA2 NID_rsa
111#define EVP_PKEY_DSA NID_dsa
112#define EVP_PKEY_DSA1 NID_dsa_2
113#define EVP_PKEY_DSA2 NID_dsaWithSHA
114#define EVP_PKEY_DSA3 NID_dsaWithSHA1
115#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
116#define EVP_PKEY_DH NID_dhKeyAgreement
117#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
118#define EVP_PKEY_HMAC NID_hmac
119#define EVP_PKEY_CMAC NID_cmac
120
121#ifdef __cplusplus
122extern "C" {
123#endif
124
125/* Type needs to be a bit field
126 * Sub-type needs to be for variations on the method, as in, can it do
127 * arbitrary encryption.... */
128struct evp_pkey_st
129 {
130 int type;
131 int save_type;
132 int references;
133 const EVP_PKEY_ASN1_METHOD *ameth;
134 ENGINE *engine;
135 union {
136 char *ptr;
137#ifndef OPENSSL_NO_RSA
138 struct rsa_st *rsa; /* RSA */
139#endif
140#ifndef OPENSSL_NO_DSA
141 struct dsa_st *dsa; /* DSA */
142#endif
143#ifndef OPENSSL_NO_DH
144 struct dh_st *dh; /* DH */
145#endif
146#ifndef OPENSSL_NO_EC
147 struct ec_key_st *ec; /* ECC */
148#endif
149 } pkey;
150 int save_parameters;
151 STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
152 } /* EVP_PKEY */;
153
154#define EVP_PKEY_MO_SIGN 0x0001
155#define EVP_PKEY_MO_VERIFY 0x0002
156#define EVP_PKEY_MO_ENCRYPT 0x0004
157#define EVP_PKEY_MO_DECRYPT 0x0008
158
159#ifndef EVP_MD
160struct env_md_st
161 {
162 int type;
163 int pkey_type;
164 int md_size;
165 unsigned long flags;
166 int (*init)(EVP_MD_CTX *ctx);
167 int (*update)(EVP_MD_CTX *ctx,const void *data,size_t count);
168 int (*final)(EVP_MD_CTX *ctx,unsigned char *md);
169 int (*copy)(EVP_MD_CTX *to,const EVP_MD_CTX *from);
170 int (*cleanup)(EVP_MD_CTX *ctx);
171
172 /* FIXME: prototype these some day */
173 int (*sign)(int type, const unsigned char *m, unsigned int m_length,
174 unsigned char *sigret, unsigned int *siglen, void *key);
175 int (*verify)(int type, const unsigned char *m, unsigned int m_length,
176 const unsigned char *sigbuf, unsigned int siglen,
177 void *key);
178 int required_pkey_type[5]; /*EVP_PKEY_xxx */
179 int block_size;
180 int ctx_size; /* how big does the ctx->md_data need to be */
181 /* control function */
182 int (*md_ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
183 } /* EVP_MD */;
184
185typedef int evp_sign_method(int type,const unsigned char *m,
186 unsigned int m_length,unsigned char *sigret,
187 unsigned int *siglen, void *key);
188typedef int evp_verify_method(int type,const unsigned char *m,
189 unsigned int m_length,const unsigned char *sigbuf,
190 unsigned int siglen, void *key);
191
192#define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single
193 * block */
194
195#define EVP_MD_FLAG_PKEY_DIGEST 0x0002 /* digest is a "clone" digest used
196 * which is a copy of an existing
197 * one for a specific public key type.
198 * EVP_dss1() etc */
199
200/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
201
202#define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE 0x0004
203
204/* DigestAlgorithmIdentifier flags... */
205
206#define EVP_MD_FLAG_DIGALGID_MASK 0x0018
207
208/* NULL or absent parameter accepted. Use NULL */
209
210#define EVP_MD_FLAG_DIGALGID_NULL 0x0000
211
212/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */
213
214#define EVP_MD_FLAG_DIGALGID_ABSENT 0x0008
215
216/* Custom handling via ctrl */
217
218#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
219
220#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */
221
222/* Digest ctrls */
223
224#define EVP_MD_CTRL_DIGALGID 0x1
225#define EVP_MD_CTRL_MICALG 0x2
226
227/* Minimum Algorithm specific ctrl value */
228
229#define EVP_MD_CTRL_ALG_CTRL 0x1000
230
231#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
232
233#ifndef OPENSSL_NO_DSA
234#define EVP_PKEY_DSA_method (evp_sign_method *)DSA_sign, \
235 (evp_verify_method *)DSA_verify, \
236 {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
237 EVP_PKEY_DSA4,0}
238#else
239#define EVP_PKEY_DSA_method EVP_PKEY_NULL_method
240#endif
241
242#ifndef OPENSSL_NO_ECDSA
243#define EVP_PKEY_ECDSA_method (evp_sign_method *)ECDSA_sign, \
244 (evp_verify_method *)ECDSA_verify, \
245 {EVP_PKEY_EC,0,0,0}
246#else
247#define EVP_PKEY_ECDSA_method EVP_PKEY_NULL_method
248#endif
249
250#ifndef OPENSSL_NO_RSA
251#define EVP_PKEY_RSA_method (evp_sign_method *)RSA_sign, \
252 (evp_verify_method *)RSA_verify, \
253 {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
254#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
255 (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \
256 (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \
257 {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
258#else
259#define EVP_PKEY_RSA_method EVP_PKEY_NULL_method
260#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
261#endif
262
263#endif /* !EVP_MD */
264
265struct env_md_ctx_st
266 {
267 const EVP_MD *digest;
268 ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */
269 unsigned long flags;
270 void *md_data;
271 /* Public key context for sign/verify */
272 EVP_PKEY_CTX *pctx;
273 /* Update function: usually copied from EVP_MD */
274 int (*update)(EVP_MD_CTX *ctx,const void *data,size_t count);
275 } /* EVP_MD_CTX */;
276
277/* values for EVP_MD_CTX flags */
278
279#define EVP_MD_CTX_FLAG_ONESHOT 0x0001 /* digest update will be called
280 * once only */
281#define EVP_MD_CTX_FLAG_CLEANED 0x0002 /* context has already been
282 * cleaned */
283#define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data
284 * in EVP_MD_CTX_cleanup */
285/* FIPS and pad options are ignored in 1.0.0, definitions are here
286 * so we don't accidentally reuse the values for other purposes.
287 */
288
289#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest
290 * in FIPS mode */
291
292/* The following PAD options are also currently ignored in 1.0.0, digest
293 * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*()
294 * instead.
295 */
296#define EVP_MD_CTX_FLAG_PAD_MASK 0xF0 /* RSA mode to use */
297#define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00 /* PKCS#1 v1.5 mode */
298#define EVP_MD_CTX_FLAG_PAD_X931 0x10 /* X9.31 mode */
299#define EVP_MD_CTX_FLAG_PAD_PSS 0x20 /* PSS mode */
300
301#define EVP_MD_CTX_FLAG_NO_INIT 0x0100 /* Don't initialize md_data */
302
303struct evp_cipher_st
304 {
305 int nid;
306 int block_size;
307 int key_len; /* Default value for variable length ciphers */
308 int iv_len;
309 unsigned long flags; /* Various flags */
310 int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
311 const unsigned char *iv, int enc); /* init key */
312 int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
313 const unsigned char *in, size_t inl);/* encrypt/decrypt data */
314 int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
315 int ctx_size; /* how big ctx->cipher_data needs to be */
316 int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
317 int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
318 int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
319 void *app_data; /* Application data */
320 } /* EVP_CIPHER */;
321
322/* Values for cipher flags */
323
324/* Modes for ciphers */
325
326#define EVP_CIPH_STREAM_CIPHER 0x0
327#define EVP_CIPH_ECB_MODE 0x1
328#define EVP_CIPH_CBC_MODE 0x2
329#define EVP_CIPH_CFB_MODE 0x3
330#define EVP_CIPH_OFB_MODE 0x4
331#define EVP_CIPH_CTR_MODE 0x5
332#define EVP_CIPH_GCM_MODE 0x6
333#define EVP_CIPH_CCM_MODE 0x7
334#define EVP_CIPH_XTS_MODE 0x10001
335#define EVP_CIPH_MODE 0xF0007
336/* Set if variable length cipher */
337#define EVP_CIPH_VARIABLE_LENGTH 0x8
338/* Set if the iv handling should be done by the cipher itself */
339#define EVP_CIPH_CUSTOM_IV 0x10
340/* Set if the cipher's init() function should be called if key is NULL */
341#define EVP_CIPH_ALWAYS_CALL_INIT 0x20
342/* Call ctrl() to init cipher parameters */
343#define EVP_CIPH_CTRL_INIT 0x40
344/* Don't use standard key length function */
345#define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80
346/* Don't use standard block padding */
347#define EVP_CIPH_NO_PADDING 0x100
348/* cipher handles random key generation */
349#define EVP_CIPH_RAND_KEY 0x200
350/* cipher has its own additional copying logic */
351#define EVP_CIPH_CUSTOM_COPY 0x400
352/* Allow use default ASN1 get/set iv */
353#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000
354/* Buffer length in bits not bytes: CFB1 mode only */
355#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000
356/* Note if suitable for use in FIPS mode */
357#define EVP_CIPH_FLAG_FIPS 0x4000
358/* Allow non FIPS cipher in FIPS mode */
359#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000
360/* Cipher handles any and all padding logic as well
361 * as finalisation.
362 */
363#define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x100000
364#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
365
366/* ctrl() values */
367
368#define EVP_CTRL_INIT 0x0
369#define EVP_CTRL_SET_KEY_LENGTH 0x1
370#define EVP_CTRL_GET_RC2_KEY_BITS 0x2
371#define EVP_CTRL_SET_RC2_KEY_BITS 0x3
372#define EVP_CTRL_GET_RC5_ROUNDS 0x4
373#define EVP_CTRL_SET_RC5_ROUNDS 0x5
374#define EVP_CTRL_RAND_KEY 0x6
375#define EVP_CTRL_PBE_PRF_NID 0x7
376#define EVP_CTRL_COPY 0x8
377#define EVP_CTRL_GCM_SET_IVLEN 0x9
378#define EVP_CTRL_GCM_GET_TAG 0x10
379#define EVP_CTRL_GCM_SET_TAG 0x11
380#define EVP_CTRL_GCM_SET_IV_FIXED 0x12
381#define EVP_CTRL_GCM_IV_GEN 0x13
382#define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
383#define EVP_CTRL_CCM_GET_TAG EVP_CTRL_GCM_GET_TAG
384#define EVP_CTRL_CCM_SET_TAG EVP_CTRL_GCM_SET_TAG
385#define EVP_CTRL_CCM_SET_L 0x14
386#define EVP_CTRL_CCM_SET_MSGLEN 0x15
387/* AEAD cipher deduces payload length and returns number of bytes
388 * required to store MAC and eventual padding. Subsequent call to
389 * EVP_Cipher even appends/verifies MAC.
390 */
391#define EVP_CTRL_AEAD_TLS1_AAD 0x16
392/* Used by composite AEAD ciphers, no-op in GCM, CCM... */
393#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
394/* Set the GCM invocation field, decrypt only */
395#define EVP_CTRL_GCM_SET_IV_INV 0x18
396
397/* GCM TLS constants */
398/* Length of fixed part of IV derived from PRF */
399#define EVP_GCM_TLS_FIXED_IV_LEN 4
400/* Length of explicit part of IV part of TLS records */
401#define EVP_GCM_TLS_EXPLICIT_IV_LEN 8
402/* Length of tag for TLS */
403#define EVP_GCM_TLS_TAG_LEN 16
404
405typedef struct evp_cipher_info_st
406 {
407 const EVP_CIPHER *cipher;
408 unsigned char iv[EVP_MAX_IV_LENGTH];
409 } EVP_CIPHER_INFO;
410
411struct evp_cipher_ctx_st
412 {
413 const EVP_CIPHER *cipher;
414 ENGINE *engine; /* functional reference if 'cipher' is ENGINE-provided */
415 int encrypt; /* encrypt or decrypt */
416 int buf_len; /* number we have left */
417
418 unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
419 unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
420 unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
421 int num; /* used by cfb/ofb/ctr mode */
422
423 void *app_data; /* application stuff */
424 int key_len; /* May change for variable length cipher */
425 unsigned long flags; /* Various flags */
426 void *cipher_data; /* per EVP data */
427 int final_used;
428 int block_mask;
429 unsigned char final[EVP_MAX_BLOCK_LENGTH];/* possible final block */
430 } /* EVP_CIPHER_CTX */;
431
432typedef struct evp_Encode_Ctx_st
433 {
434 int num; /* number saved in a partial encode/decode */
435 int length; /* The length is either the output line length
436 * (in input bytes) or the shortest input line
437 * length that is ok. Once decoding begins,
438 * the length is adjusted up each time a longer
439 * line is decoded */
440 unsigned char enc_data[80]; /* data to encode */
441 int line_num; /* number read on current line */
442 int expect_nl;
443 } EVP_ENCODE_CTX;
444
445/* Password based encryption function */
446typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
447 ASN1_TYPE *param, const EVP_CIPHER *cipher,
448 const EVP_MD *md, int en_de);
449
450#ifndef OPENSSL_NO_RSA
451#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
452 (char *)(rsa))
453#endif
454
455#ifndef OPENSSL_NO_DSA
456#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
457 (char *)(dsa))
458#endif
459
460#ifndef OPENSSL_NO_DH
461#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
462 (char *)(dh))
463#endif
464
465#ifndef OPENSSL_NO_EC
466#define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\
467 (char *)(eckey))
468#endif
469
470/* Add some extra combinations */
471#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
472#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
473#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
474#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
475
476int EVP_MD_type(const EVP_MD *md);
477#define EVP_MD_nid(e) EVP_MD_type(e)
478#define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e))
479int EVP_MD_pkey_type(const EVP_MD *md);
480int EVP_MD_size(const EVP_MD *md);
481int EVP_MD_block_size(const EVP_MD *md);
482unsigned long EVP_MD_flags(const EVP_MD *md);
483
484const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
485#define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e))
486#define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e))
487#define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e))
488
489int EVP_CIPHER_nid(const EVP_CIPHER *cipher);
490#define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e))
491int EVP_CIPHER_block_size(const EVP_CIPHER *cipher);
492int EVP_CIPHER_key_length(const EVP_CIPHER *cipher);
493int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher);
494unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher);
495#define EVP_CIPHER_mode(e) (EVP_CIPHER_flags(e) & EVP_CIPH_MODE)
496
497const EVP_CIPHER * EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
498int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
499int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
500int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
501int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
502int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
503void * EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
504void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);
505#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
506unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx);
507#define EVP_CIPHER_CTX_mode(e) (EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE)
508
509#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
510#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80)
511
512#define EVP_SignInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c)
513#define EVP_SignInit(a,b) EVP_DigestInit(a,b)
514#define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
515#define EVP_VerifyInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c)
516#define EVP_VerifyInit(a,b) EVP_DigestInit(a,b)
517#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
518#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
519#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
520#define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
521#define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
522
523#ifdef CONST_STRICT
524void BIO_set_md(BIO *,const EVP_MD *md);
525#else
526# define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
527#endif
528#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
529#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
530#define BIO_set_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp)
531#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
532#define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
533
534int EVP_Cipher(EVP_CIPHER_CTX *c,
535 unsigned char *out,
536 const unsigned char *in,
537 unsigned int inl);
538
539#define EVP_add_cipher_alias(n,alias) \
540 OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
541#define EVP_add_digest_alias(n,alias) \
542 OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
543#define EVP_delete_cipher_alias(alias) \
544 OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
545#define EVP_delete_digest_alias(alias) \
546 OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
547
548void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
549int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
550EVP_MD_CTX *EVP_MD_CTX_create(void);
551void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
552int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);
553void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
554void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
555int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx,int flags);
556int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
557int EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
558 size_t cnt);
559int EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
560int EVP_Digest(const void *data, size_t count,
561 unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl);
562
563int EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in);
564int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
565int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
566
567int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
568int EVP_read_pw_string_min(char *buf,int minlen,int maxlen,const char *prompt,int verify);
569void EVP_set_pw_prompt(const char *prompt);
570char * EVP_get_pw_prompt(void);
571
572int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
573 const unsigned char *salt, const unsigned char *data,
574 int datal, int count, unsigned char *key,unsigned char *iv);
575
576void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags);
577void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags);
578int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx,int flags);
579
580int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
581 const unsigned char *key, const unsigned char *iv);
582int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
583 const unsigned char *key, const unsigned char *iv);
584int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
585 int *outl, const unsigned char *in, int inl);
586int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
587int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
588
589int EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
590 const unsigned char *key, const unsigned char *iv);
591int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
592 const unsigned char *key, const unsigned char *iv);
593int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
594 int *outl, const unsigned char *in, int inl);
595int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
596int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
597
598int EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
599 const unsigned char *key,const unsigned char *iv,
600 int enc);
601int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
602 const unsigned char *key,const unsigned char *iv,
603 int enc);
604int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
605 int *outl, const unsigned char *in, int inl);
606int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
607int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
608
609int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
610 EVP_PKEY *pkey);
611
612int EVP_VerifyFinal(EVP_MD_CTX *ctx,const unsigned char *sigbuf,
613 unsigned int siglen,EVP_PKEY *pkey);
614
615int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
616 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
617int EVP_DigestSignFinal(EVP_MD_CTX *ctx,
618 unsigned char *sigret, size_t *siglen);
619
620int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
621 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
622int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx,
623 unsigned char *sig, size_t siglen);
624
625int EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
626 const unsigned char *ek, int ekl, const unsigned char *iv,
627 EVP_PKEY *priv);
628int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
629
630int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
631 unsigned char **ek, int *ekl, unsigned char *iv,
632 EVP_PKEY **pubk, int npubk);
633int EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
634
635void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
636void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
637 const unsigned char *in,int inl);
638void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl);
639int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
640
641void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
642int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
643 const unsigned char *in, int inl);
644int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
645 char *out, int *outl);
646int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
647
648void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
649int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
650EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
651void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a);
652int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
653int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad);
654int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
655int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
656
657#ifndef OPENSSL_NO_BIO
658BIO_METHOD *BIO_f_md(void);
659BIO_METHOD *BIO_f_base64(void);
660BIO_METHOD *BIO_f_cipher(void);
661BIO_METHOD *BIO_f_reliable(void);
662void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,const unsigned char *k,
663 const unsigned char *i, int enc);
664#endif
665
666const EVP_MD *EVP_md_null(void);
667#ifndef OPENSSL_NO_MD2
668const EVP_MD *EVP_md2(void);
669#endif
670#ifndef OPENSSL_NO_MD4
671const EVP_MD *EVP_md4(void);
672#endif
673#ifndef OPENSSL_NO_MD5
674const EVP_MD *EVP_md5(void);
675#endif
676#ifndef OPENSSL_NO_SHA
677const EVP_MD *EVP_sha(void);
678const EVP_MD *EVP_sha1(void);
679const EVP_MD *EVP_dss(void);
680const EVP_MD *EVP_dss1(void);
681const EVP_MD *EVP_ecdsa(void);
682#endif
683#ifndef OPENSSL_NO_SHA256
684const EVP_MD *EVP_sha224(void);
685const EVP_MD *EVP_sha256(void);
686#endif
687#ifndef OPENSSL_NO_SHA512
688const EVP_MD *EVP_sha384(void);
689const EVP_MD *EVP_sha512(void);
690#endif
691#ifndef OPENSSL_NO_MDC2
692const EVP_MD *EVP_mdc2(void);
693#endif
694#ifndef OPENSSL_NO_RIPEMD
695const EVP_MD *EVP_ripemd160(void);
696#endif
697#ifndef OPENSSL_NO_WHIRLPOOL
698const EVP_MD *EVP_whirlpool(void);
699#endif
700const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
701#ifndef OPENSSL_NO_DES
702const EVP_CIPHER *EVP_des_ecb(void);
703const EVP_CIPHER *EVP_des_ede(void);
704const EVP_CIPHER *EVP_des_ede3(void);
705const EVP_CIPHER *EVP_des_ede_ecb(void);
706const EVP_CIPHER *EVP_des_ede3_ecb(void);
707const EVP_CIPHER *EVP_des_cfb64(void);
708# define EVP_des_cfb EVP_des_cfb64
709const EVP_CIPHER *EVP_des_cfb1(void);
710const EVP_CIPHER *EVP_des_cfb8(void);
711const EVP_CIPHER *EVP_des_ede_cfb64(void);
712# define EVP_des_ede_cfb EVP_des_ede_cfb64
713#if 0
714const EVP_CIPHER *EVP_des_ede_cfb1(void);
715const EVP_CIPHER *EVP_des_ede_cfb8(void);
716#endif
717const EVP_CIPHER *EVP_des_ede3_cfb64(void);
718# define EVP_des_ede3_cfb EVP_des_ede3_cfb64
719const EVP_CIPHER *EVP_des_ede3_cfb1(void);
720const EVP_CIPHER *EVP_des_ede3_cfb8(void);
721const EVP_CIPHER *EVP_des_ofb(void);
722const EVP_CIPHER *EVP_des_ede_ofb(void);
723const EVP_CIPHER *EVP_des_ede3_ofb(void);
724const EVP_CIPHER *EVP_des_cbc(void);
725const EVP_CIPHER *EVP_des_ede_cbc(void);
726const EVP_CIPHER *EVP_des_ede3_cbc(void);
727const EVP_CIPHER *EVP_desx_cbc(void);
728/* This should now be supported through the dev_crypto ENGINE. But also, why are
729 * rc4 and md5 declarations made here inside a "NO_DES" precompiler branch? */
730#if 0
731# ifdef OPENSSL_OPENBSD_DEV_CRYPTO
732const EVP_CIPHER *EVP_dev_crypto_des_ede3_cbc(void);
733const EVP_CIPHER *EVP_dev_crypto_rc4(void);
734const EVP_MD *EVP_dev_crypto_md5(void);
735# endif
736#endif
737#endif
738#ifndef OPENSSL_NO_RC4
739const EVP_CIPHER *EVP_rc4(void);
740const EVP_CIPHER *EVP_rc4_40(void);
741#ifndef OPENSSL_NO_MD5
742const EVP_CIPHER *EVP_rc4_hmac_md5(void);
743#endif
744#endif
745#ifndef OPENSSL_NO_IDEA
746const EVP_CIPHER *EVP_idea_ecb(void);
747const EVP_CIPHER *EVP_idea_cfb64(void);
748# define EVP_idea_cfb EVP_idea_cfb64
749const EVP_CIPHER *EVP_idea_ofb(void);
750const EVP_CIPHER *EVP_idea_cbc(void);
751#endif
752#ifndef OPENSSL_NO_RC2
753const EVP_CIPHER *EVP_rc2_ecb(void);
754const EVP_CIPHER *EVP_rc2_cbc(void);
755const EVP_CIPHER *EVP_rc2_40_cbc(void);
756const EVP_CIPHER *EVP_rc2_64_cbc(void);
757const EVP_CIPHER *EVP_rc2_cfb64(void);
758# define EVP_rc2_cfb EVP_rc2_cfb64
759const EVP_CIPHER *EVP_rc2_ofb(void);
760#endif
761#ifndef OPENSSL_NO_BF
762const EVP_CIPHER *EVP_bf_ecb(void);
763const EVP_CIPHER *EVP_bf_cbc(void);
764const EVP_CIPHER *EVP_bf_cfb64(void);
765# define EVP_bf_cfb EVP_bf_cfb64
766const EVP_CIPHER *EVP_bf_ofb(void);
767#endif
768#ifndef OPENSSL_NO_CAST
769const EVP_CIPHER *EVP_cast5_ecb(void);
770const EVP_CIPHER *EVP_cast5_cbc(void);
771const EVP_CIPHER *EVP_cast5_cfb64(void);
772# define EVP_cast5_cfb EVP_cast5_cfb64
773const EVP_CIPHER *EVP_cast5_ofb(void);
774#endif
775#ifndef OPENSSL_NO_RC5
776const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
777const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
778const EVP_CIPHER *EVP_rc5_32_12_16_cfb64(void);
779# define EVP_rc5_32_12_16_cfb EVP_rc5_32_12_16_cfb64
780const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
781#endif
782#ifndef OPENSSL_NO_AES
783const EVP_CIPHER *EVP_aes_128_ecb(void);
784const EVP_CIPHER *EVP_aes_128_cbc(void);
785const EVP_CIPHER *EVP_aes_128_cfb1(void);
786const EVP_CIPHER *EVP_aes_128_cfb8(void);
787const EVP_CIPHER *EVP_aes_128_cfb128(void);
788# define EVP_aes_128_cfb EVP_aes_128_cfb128
789const EVP_CIPHER *EVP_aes_128_ofb(void);
790const EVP_CIPHER *EVP_aes_128_ctr(void);
791const EVP_CIPHER *EVP_aes_128_gcm(void);
792const EVP_CIPHER *EVP_aes_128_ccm(void);
793const EVP_CIPHER *EVP_aes_128_xts(void);
794const EVP_CIPHER *EVP_aes_192_ecb(void);
795const EVP_CIPHER *EVP_aes_192_cbc(void);
796const EVP_CIPHER *EVP_aes_192_cfb1(void);
797const EVP_CIPHER *EVP_aes_192_cfb8(void);
798const EVP_CIPHER *EVP_aes_192_cfb128(void);
799# define EVP_aes_192_cfb EVP_aes_192_cfb128
800const EVP_CIPHER *EVP_aes_192_ofb(void);
801const EVP_CIPHER *EVP_aes_192_ctr(void);
802const EVP_CIPHER *EVP_aes_192_gcm(void);
803const EVP_CIPHER *EVP_aes_192_ccm(void);
804const EVP_CIPHER *EVP_aes_256_ecb(void);
805const EVP_CIPHER *EVP_aes_256_cbc(void);
806const EVP_CIPHER *EVP_aes_256_cfb1(void);
807const EVP_CIPHER *EVP_aes_256_cfb8(void);
808const EVP_CIPHER *EVP_aes_256_cfb128(void);
809# define EVP_aes_256_cfb EVP_aes_256_cfb128
810const EVP_CIPHER *EVP_aes_256_ofb(void);
811const EVP_CIPHER *EVP_aes_256_ctr(void);
812const EVP_CIPHER *EVP_aes_256_gcm(void);
813const EVP_CIPHER *EVP_aes_256_ccm(void);
814const EVP_CIPHER *EVP_aes_256_xts(void);
815#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
816const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
817const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
818#endif
819#endif
820#ifndef OPENSSL_NO_CAMELLIA
821const EVP_CIPHER *EVP_camellia_128_ecb(void);
822const EVP_CIPHER *EVP_camellia_128_cbc(void);
823const EVP_CIPHER *EVP_camellia_128_cfb1(void);
824const EVP_CIPHER *EVP_camellia_128_cfb8(void);
825const EVP_CIPHER *EVP_camellia_128_cfb128(void);
826# define EVP_camellia_128_cfb EVP_camellia_128_cfb128
827const EVP_CIPHER *EVP_camellia_128_ofb(void);
828const EVP_CIPHER *EVP_camellia_192_ecb(void);
829const EVP_CIPHER *EVP_camellia_192_cbc(void);
830const EVP_CIPHER *EVP_camellia_192_cfb1(void);
831const EVP_CIPHER *EVP_camellia_192_cfb8(void);
832const EVP_CIPHER *EVP_camellia_192_cfb128(void);
833# define EVP_camellia_192_cfb EVP_camellia_192_cfb128
834const EVP_CIPHER *EVP_camellia_192_ofb(void);
835const EVP_CIPHER *EVP_camellia_256_ecb(void);
836const EVP_CIPHER *EVP_camellia_256_cbc(void);
837const EVP_CIPHER *EVP_camellia_256_cfb1(void);
838const EVP_CIPHER *EVP_camellia_256_cfb8(void);
839const EVP_CIPHER *EVP_camellia_256_cfb128(void);
840# define EVP_camellia_256_cfb EVP_camellia_256_cfb128
841const EVP_CIPHER *EVP_camellia_256_ofb(void);
842#endif
843
844#ifndef OPENSSL_NO_SEED
845const EVP_CIPHER *EVP_seed_ecb(void);
846const EVP_CIPHER *EVP_seed_cbc(void);
847const EVP_CIPHER *EVP_seed_cfb128(void);
848# define EVP_seed_cfb EVP_seed_cfb128
849const EVP_CIPHER *EVP_seed_ofb(void);
850#endif
851
852void OPENSSL_add_all_algorithms_noconf(void);
853void OPENSSL_add_all_algorithms_conf(void);
854
855#ifdef OPENSSL_LOAD_CONF
856#define OpenSSL_add_all_algorithms() \
857 OPENSSL_add_all_algorithms_conf()
858#else
859#define OpenSSL_add_all_algorithms() \
860 OPENSSL_add_all_algorithms_noconf()
861#endif
862
863void OpenSSL_add_all_ciphers(void);
864void OpenSSL_add_all_digests(void);
865#define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
866#define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
867#define SSLeay_add_all_digests() OpenSSL_add_all_digests()
868
869int EVP_add_cipher(const EVP_CIPHER *cipher);
870int EVP_add_digest(const EVP_MD *digest);
871
872const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
873const EVP_MD *EVP_get_digestbyname(const char *name);
874void EVP_cleanup(void);
875
876void EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph,
877 const char *from, const char *to, void *x), void *arg);
878void EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph,
879 const char *from, const char *to, void *x), void *arg);
880
881void EVP_MD_do_all(void (*fn)(const EVP_MD *ciph,
882 const char *from, const char *to, void *x), void *arg);
883void EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *ciph,
884 const char *from, const char *to, void *x), void *arg);
885
886int EVP_PKEY_decrypt_old(unsigned char *dec_key,
887 const unsigned char *enc_key,int enc_key_len,
888 EVP_PKEY *private_key);
889int EVP_PKEY_encrypt_old(unsigned char *enc_key,
890 const unsigned char *key,int key_len,
891 EVP_PKEY *pub_key);
892int EVP_PKEY_type(int type);
893int EVP_PKEY_id(const EVP_PKEY *pkey);
894int EVP_PKEY_base_id(const EVP_PKEY *pkey);
895int EVP_PKEY_bits(EVP_PKEY *pkey);
896int EVP_PKEY_size(EVP_PKEY *pkey);
897int EVP_PKEY_set_type(EVP_PKEY *pkey,int type);
898int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
899int EVP_PKEY_assign(EVP_PKEY *pkey,int type,void *key);
900void * EVP_PKEY_get0(EVP_PKEY *pkey);
901
902#ifndef OPENSSL_NO_RSA
903struct rsa_st;
904int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,struct rsa_st *key);
905struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
906#endif
907#ifndef OPENSSL_NO_DSA
908struct dsa_st;
909int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,struct dsa_st *key);
910struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
911#endif
912#ifndef OPENSSL_NO_DH
913struct dh_st;
914int EVP_PKEY_set1_DH(EVP_PKEY *pkey,struct dh_st *key);
915struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
916#endif
917#ifndef OPENSSL_NO_EC
918struct ec_key_st;
919int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey,struct ec_key_st *key);
920struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
921#endif
922
923EVP_PKEY * EVP_PKEY_new(void);
924void EVP_PKEY_free(EVP_PKEY *pkey);
925
926EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, const unsigned char **pp,
927 long length);
928int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
929
930EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, const unsigned char **pp,
931 long length);
932EVP_PKEY * d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
933 long length);
934int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
935
936int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
937int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
938int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode);
939int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
940
941int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
942
943int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
944 int indent, ASN1_PCTX *pctx);
945int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
946 int indent, ASN1_PCTX *pctx);
947int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
948 int indent, ASN1_PCTX *pctx);
949
950int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
951
952int EVP_CIPHER_type(const EVP_CIPHER *ctx);
953
954/* calls methods */
955int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
956int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
957
958/* These are used by EVP_CIPHER methods */
959int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
960int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
961
962/* PKCS5 password based encryption */
963int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
964 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
965 int en_de);
966int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
967 const unsigned char *salt, int saltlen, int iter,
968 int keylen, unsigned char *out);
969int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
970 const unsigned char *salt, int saltlen, int iter,
971 const EVP_MD *digest,
972 int keylen, unsigned char *out);
973int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
974 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
975 int en_de);
976
977void PKCS5_PBE_add(void);
978
979int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
980 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
981
982/* PBE type */
983
984/* Can appear as the outermost AlgorithmIdentifier */
985#define EVP_PBE_TYPE_OUTER 0x0
986/* Is an PRF type OID */
987#define EVP_PBE_TYPE_PRF 0x1
988
989int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
990 EVP_PBE_KEYGEN *keygen);
991int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
992 EVP_PBE_KEYGEN *keygen);
993int EVP_PBE_find(int type, int pbe_nid,
994 int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen);
995void EVP_PBE_cleanup(void);
996
997#define ASN1_PKEY_ALIAS 0x1
998#define ASN1_PKEY_DYNAMIC 0x2
999#define ASN1_PKEY_SIGPARAM_NULL 0x4
1000
1001#define ASN1_PKEY_CTRL_PKCS7_SIGN 0x1
1002#define ASN1_PKEY_CTRL_PKCS7_ENCRYPT 0x2
1003#define ASN1_PKEY_CTRL_DEFAULT_MD_NID 0x3
1004#define ASN1_PKEY_CTRL_CMS_SIGN 0x5
1005#define ASN1_PKEY_CTRL_CMS_ENVELOPE 0x7
1006
1007int EVP_PKEY_asn1_get_count(void);
1008const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
1009const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
1010const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
1011 const char *str, int len);
1012int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
1013int EVP_PKEY_asn1_add_alias(int to, int from);
1014int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags,
1015 const char **pinfo, const char **ppem_str,
1016 const EVP_PKEY_ASN1_METHOD *ameth);
1017
1018const EVP_PKEY_ASN1_METHOD* EVP_PKEY_get0_asn1(EVP_PKEY *pkey);
1019EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags,
1020 const char *pem_str, const char *info);
1021void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
1022 const EVP_PKEY_ASN1_METHOD *src);
1023void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
1024void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
1025 int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub),
1026 int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk),
1027 int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
1028 int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
1029 ASN1_PCTX *pctx),
1030 int (*pkey_size)(const EVP_PKEY *pk),
1031 int (*pkey_bits)(const EVP_PKEY *pk));
1032void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
1033 int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf),
1034 int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk),
1035 int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
1036 ASN1_PCTX *pctx));
1037void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
1038 int (*param_decode)(EVP_PKEY *pkey,
1039 const unsigned char **pder, int derlen),
1040 int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder),
1041 int (*param_missing)(const EVP_PKEY *pk),
1042 int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from),
1043 int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
1044 int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
1045 ASN1_PCTX *pctx));
1046
1047void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
1048 void (*pkey_free)(EVP_PKEY *pkey));
1049void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
1050 int (*pkey_ctrl)(EVP_PKEY *pkey, int op,
1051 long arg1, void *arg2));
1052
1053
1054#define EVP_PKEY_OP_UNDEFINED 0
1055#define EVP_PKEY_OP_PARAMGEN (1<<1)
1056#define EVP_PKEY_OP_KEYGEN (1<<2)
1057#define EVP_PKEY_OP_SIGN (1<<3)
1058#define EVP_PKEY_OP_VERIFY (1<<4)
1059#define EVP_PKEY_OP_VERIFYRECOVER (1<<5)
1060#define EVP_PKEY_OP_SIGNCTX (1<<6)
1061#define EVP_PKEY_OP_VERIFYCTX (1<<7)
1062#define EVP_PKEY_OP_ENCRYPT (1<<8)
1063#define EVP_PKEY_OP_DECRYPT (1<<9)
1064#define EVP_PKEY_OP_DERIVE (1<<10)
1065
1066#define EVP_PKEY_OP_TYPE_SIG \
1067 (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
1068 | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
1069
1070#define EVP_PKEY_OP_TYPE_CRYPT \
1071 (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT)
1072
1073#define EVP_PKEY_OP_TYPE_NOGEN \
1074 (EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE)
1075
1076#define EVP_PKEY_OP_TYPE_GEN \
1077 (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
1078
1079#define EVP_PKEY_CTX_set_signature_md(ctx, md) \
1080 EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \
1081 EVP_PKEY_CTRL_MD, 0, (void *)md)
1082
1083#define EVP_PKEY_CTRL_MD 1
1084#define EVP_PKEY_CTRL_PEER_KEY 2
1085
1086#define EVP_PKEY_CTRL_PKCS7_ENCRYPT 3
1087#define EVP_PKEY_CTRL_PKCS7_DECRYPT 4
1088
1089#define EVP_PKEY_CTRL_PKCS7_SIGN 5
1090
1091#define EVP_PKEY_CTRL_SET_MAC_KEY 6
1092
1093#define EVP_PKEY_CTRL_DIGESTINIT 7
1094
1095/* Used by GOST key encryption in TLS */
1096#define EVP_PKEY_CTRL_SET_IV 8
1097
1098#define EVP_PKEY_CTRL_CMS_ENCRYPT 9
1099#define EVP_PKEY_CTRL_CMS_DECRYPT 10
1100#define EVP_PKEY_CTRL_CMS_SIGN 11
1101
1102#define EVP_PKEY_CTRL_CIPHER 12
1103
1104#define EVP_PKEY_ALG_CTRL 0x1000
1105
1106
1107#define EVP_PKEY_FLAG_AUTOARGLEN 2
1108/* Method handles all operations: don't assume any digest related
1109 * defaults.
1110 */
1111#define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4
1112
1113const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
1114EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags);
1115void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
1116 const EVP_PKEY_METHOD *meth);
1117void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
1118void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
1119int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
1120
1121EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
1122EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
1123EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
1124void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
1125
1126int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
1127 int cmd, int p1, void *p2);
1128int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
1129 const char *value);
1130
1131int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
1132void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
1133
1134EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
1135 const unsigned char *key, int keylen);
1136
1137void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
1138void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
1139EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx);
1140
1141EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx);
1142
1143void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
1144void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
1145
1146int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
1147int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
1148 unsigned char *sig, size_t *siglen,
1149 const unsigned char *tbs, size_t tbslen);
1150int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
1151int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
1152 const unsigned char *sig, size_t siglen,
1153 const unsigned char *tbs, size_t tbslen);
1154int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
1155int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
1156 unsigned char *rout, size_t *routlen,
1157 const unsigned char *sig, size_t siglen);
1158int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
1159int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
1160 unsigned char *out, size_t *outlen,
1161 const unsigned char *in, size_t inlen);
1162int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
1163int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
1164 unsigned char *out, size_t *outlen,
1165 const unsigned char *in, size_t inlen);
1166
1167int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
1168int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
1169int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
1170
1171typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
1172
1173int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
1174int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
1175int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
1176int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
1177
1178void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
1179EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
1180
1181int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
1182
1183void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
1184 int (*init)(EVP_PKEY_CTX *ctx));
1185
1186void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
1187 int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src));
1188
1189void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
1190 void (*cleanup)(EVP_PKEY_CTX *ctx));
1191
1192void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
1193 int (*paramgen_init)(EVP_PKEY_CTX *ctx),
1194 int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
1195
1196void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
1197 int (*keygen_init)(EVP_PKEY_CTX *ctx),
1198 int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
1199
1200void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
1201 int (*sign_init)(EVP_PKEY_CTX *ctx),
1202 int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
1203 const unsigned char *tbs, size_t tbslen));
1204
1205void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
1206 int (*verify_init)(EVP_PKEY_CTX *ctx),
1207 int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
1208 const unsigned char *tbs, size_t tbslen));
1209
1210void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
1211 int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
1212 int (*verify_recover)(EVP_PKEY_CTX *ctx,
1213 unsigned char *sig, size_t *siglen,
1214 const unsigned char *tbs, size_t tbslen));
1215
1216void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
1217 int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
1218 int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
1219 EVP_MD_CTX *mctx));
1220
1221void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
1222 int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
1223 int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen,
1224 EVP_MD_CTX *mctx));
1225
1226void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
1227 int (*encrypt_init)(EVP_PKEY_CTX *ctx),
1228 int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
1229 const unsigned char *in, size_t inlen));
1230
1231void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
1232 int (*decrypt_init)(EVP_PKEY_CTX *ctx),
1233 int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
1234 const unsigned char *in, size_t inlen));
1235
1236void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
1237 int (*derive_init)(EVP_PKEY_CTX *ctx),
1238 int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen));
1239
1240void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
1241 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
1242 int (*ctrl_str)(EVP_PKEY_CTX *ctx,
1243 const char *type, const char *value));
1244
1245/* BEGIN ERROR CODES */
1246/* The following lines are auto generated by the script mkerr.pl. Any changes
1247 * made after this point may be overwritten when the script is next run.
1248 */
1249void ERR_load_EVP_strings(void);
1250
1251/* Error codes for the EVP functions. */
1252
1253/* Function codes. */
1254#define EVP_F_AESNI_INIT_KEY 165
1255#define EVP_F_AESNI_XTS_CIPHER 176
1256#define EVP_F_AES_INIT_KEY 133
1257#define EVP_F_AES_XTS 172
1258#define EVP_F_AES_XTS_CIPHER 175
1259#define EVP_F_CAMELLIA_INIT_KEY 159
1260#define EVP_F_CMAC_INIT 173
1261#define EVP_F_D2I_PKEY 100
1262#define EVP_F_DO_SIGVER_INIT 161
1263#define EVP_F_DSAPKEY2PKCS8 134
1264#define EVP_F_DSA_PKEY2PKCS8 135
1265#define EVP_F_ECDSA_PKEY2PKCS8 129
1266#define EVP_F_ECKEY_PKEY2PKCS8 132
1267#define EVP_F_EVP_CIPHERINIT_EX 123
1268#define EVP_F_EVP_CIPHER_CTX_COPY 163
1269#define EVP_F_EVP_CIPHER_CTX_CTRL 124
1270#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
1271#define EVP_F_EVP_DECRYPTFINAL_EX 101
1272#define EVP_F_EVP_DIGESTINIT_EX 128
1273#define EVP_F_EVP_ENCRYPTFINAL_EX 127
1274#define EVP_F_EVP_MD_CTX_COPY_EX 110
1275#define EVP_F_EVP_MD_SIZE 162
1276#define EVP_F_EVP_OPENINIT 102
1277#define EVP_F_EVP_PBE_ALG_ADD 115
1278#define EVP_F_EVP_PBE_ALG_ADD_TYPE 160
1279#define EVP_F_EVP_PBE_CIPHERINIT 116
1280#define EVP_F_EVP_PKCS82PKEY 111
1281#define EVP_F_EVP_PKCS82PKEY_BROKEN 136
1282#define EVP_F_EVP_PKEY2PKCS8_BROKEN 113
1283#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
1284#define EVP_F_EVP_PKEY_CTX_CTRL 137
1285#define EVP_F_EVP_PKEY_CTX_CTRL_STR 150
1286#define EVP_F_EVP_PKEY_CTX_DUP 156
1287#define EVP_F_EVP_PKEY_DECRYPT 104
1288#define EVP_F_EVP_PKEY_DECRYPT_INIT 138
1289#define EVP_F_EVP_PKEY_DECRYPT_OLD 151
1290#define EVP_F_EVP_PKEY_DERIVE 153
1291#define EVP_F_EVP_PKEY_DERIVE_INIT 154
1292#define EVP_F_EVP_PKEY_DERIVE_SET_PEER 155
1293#define EVP_F_EVP_PKEY_ENCRYPT 105
1294#define EVP_F_EVP_PKEY_ENCRYPT_INIT 139
1295#define EVP_F_EVP_PKEY_ENCRYPT_OLD 152
1296#define EVP_F_EVP_PKEY_GET1_DH 119
1297#define EVP_F_EVP_PKEY_GET1_DSA 120
1298#define EVP_F_EVP_PKEY_GET1_ECDSA 130
1299#define EVP_F_EVP_PKEY_GET1_EC_KEY 131
1300#define EVP_F_EVP_PKEY_GET1_RSA 121
1301#define EVP_F_EVP_PKEY_KEYGEN 146
1302#define EVP_F_EVP_PKEY_KEYGEN_INIT 147
1303#define EVP_F_EVP_PKEY_NEW 106
1304#define EVP_F_EVP_PKEY_PARAMGEN 148
1305#define EVP_F_EVP_PKEY_PARAMGEN_INIT 149
1306#define EVP_F_EVP_PKEY_SIGN 140
1307#define EVP_F_EVP_PKEY_SIGN_INIT 141
1308#define EVP_F_EVP_PKEY_VERIFY 142
1309#define EVP_F_EVP_PKEY_VERIFY_INIT 143
1310#define EVP_F_EVP_PKEY_VERIFY_RECOVER 144
1311#define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 145
1312#define EVP_F_EVP_RIJNDAEL 126
1313#define EVP_F_EVP_SIGNFINAL 107
1314#define EVP_F_EVP_VERIFYFINAL 108
1315#define EVP_F_FIPS_CIPHERINIT 166
1316#define EVP_F_FIPS_CIPHER_CTX_COPY 170
1317#define EVP_F_FIPS_CIPHER_CTX_CTRL 167
1318#define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH 171
1319#define EVP_F_FIPS_DIGESTINIT 168
1320#define EVP_F_FIPS_MD_CTX_COPY 169
1321#define EVP_F_HMAC_INIT_EX 174
1322#define EVP_F_INT_CTX_NEW 157
1323#define EVP_F_PKCS5_PBE_KEYIVGEN 117
1324#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
1325#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
1326#define EVP_F_PKCS8_SET_BROKEN 112
1327#define EVP_F_PKEY_SET_TYPE 158
1328#define EVP_F_RC2_MAGIC_TO_METH 109
1329#define EVP_F_RC5_CTRL 125
1330
1331/* Reason codes. */
1332#define EVP_R_AES_IV_SETUP_FAILED 162
1333#define EVP_R_AES_KEY_SETUP_FAILED 143
1334#define EVP_R_ASN1_LIB 140
1335#define EVP_R_BAD_BLOCK_LENGTH 136
1336#define EVP_R_BAD_DECRYPT 100
1337#define EVP_R_BAD_KEY_LENGTH 137
1338#define EVP_R_BN_DECODE_ERROR 112
1339#define EVP_R_BN_PUBKEY_ERROR 113
1340#define EVP_R_BUFFER_TOO_SMALL 155
1341#define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157
1342#define EVP_R_CIPHER_PARAMETER_ERROR 122
1343#define EVP_R_COMMAND_NOT_SUPPORTED 147
1344#define EVP_R_CTRL_NOT_IMPLEMENTED 132
1345#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
1346#define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138
1347#define EVP_R_DECODE_ERROR 114
1348#define EVP_R_DIFFERENT_KEY_TYPES 101
1349#define EVP_R_DIFFERENT_PARAMETERS 153
1350#define EVP_R_DISABLED_FOR_FIPS 163
1351#define EVP_R_ENCODE_ERROR 115
1352#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
1353#define EVP_R_EXPECTING_AN_RSA_KEY 127
1354#define EVP_R_EXPECTING_A_DH_KEY 128
1355#define EVP_R_EXPECTING_A_DSA_KEY 129
1356#define EVP_R_EXPECTING_A_ECDSA_KEY 141
1357#define EVP_R_EXPECTING_A_EC_KEY 142
1358#define EVP_R_INITIALIZATION_ERROR 134
1359#define EVP_R_INPUT_NOT_INITIALIZED 111
1360#define EVP_R_INVALID_DIGEST 152
1361#define EVP_R_INVALID_KEY_LENGTH 130
1362#define EVP_R_INVALID_OPERATION 148
1363#define EVP_R_IV_TOO_LARGE 102
1364#define EVP_R_KEYGEN_FAILURE 120
1365#define EVP_R_MESSAGE_DIGEST_IS_NULL 159
1366#define EVP_R_METHOD_NOT_SUPPORTED 144
1367#define EVP_R_MISSING_PARAMETERS 103
1368#define EVP_R_NO_CIPHER_SET 131
1369#define EVP_R_NO_DEFAULT_DIGEST 158
1370#define EVP_R_NO_DIGEST_SET 139
1371#define EVP_R_NO_DSA_PARAMETERS 116
1372#define EVP_R_NO_KEY_SET 154
1373#define EVP_R_NO_OPERATION_SET 149
1374#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
1375#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
1376#define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
1377#define EVP_R_OPERATON_NOT_INITIALIZED 151
1378#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
1379#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
1380#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
1381#define EVP_R_PUBLIC_KEY_NOT_RSA 106
1382#define EVP_R_TOO_LARGE 164
1383#define EVP_R_UNKNOWN_CIPHER 160
1384#define EVP_R_UNKNOWN_DIGEST 161
1385#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
1386#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
1387#define EVP_R_UNSUPPORTED_ALGORITHM 156
1388#define EVP_R_UNSUPPORTED_CIPHER 107
1389#define EVP_R_UNSUPPORTED_KEYLENGTH 123
1390#define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
1391#define EVP_R_UNSUPPORTED_KEY_SIZE 108
1392#define EVP_R_UNSUPPORTED_PRF 125
1393#define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118
1394#define EVP_R_UNSUPPORTED_SALT_TYPE 126
1395#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
1396#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
1397
1398#ifdef __cplusplus
1399}
1400#endif
1401#endif
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
deleted file mode 100644
index 0c54f05e6e..0000000000
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ /dev/null
@@ -1,681 +0,0 @@
1/* crypto/evp/evp_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/err.h>
63#include <openssl/rand.h>
64#ifndef OPENSSL_NO_ENGINE
65#include <openssl/engine.h>
66#endif
67#ifdef OPENSSL_FIPS
68#include <openssl/fips.h>
69#endif
70#include "evp_locl.h"
71
72#ifdef OPENSSL_FIPS
73#define M_do_cipher(ctx, out, in, inl) FIPS_cipher(ctx, out, in, inl)
74#else
75#define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl)
76#endif
77
78
79const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT;
80
81void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
82 {
83 memset(ctx,0,sizeof(EVP_CIPHER_CTX));
84 /* ctx->cipher=NULL; */
85 }
86
87EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
88 {
89 EVP_CIPHER_CTX *ctx=OPENSSL_malloc(sizeof *ctx);
90 if (ctx)
91 EVP_CIPHER_CTX_init(ctx);
92 return ctx;
93 }
94
95int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
96 const unsigned char *key, const unsigned char *iv, int enc)
97 {
98 if (cipher)
99 EVP_CIPHER_CTX_init(ctx);
100 return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc);
101 }
102
103int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
104 const unsigned char *key, const unsigned char *iv, int enc)
105 {
106 if (enc == -1)
107 enc = ctx->encrypt;
108 else
109 {
110 if (enc)
111 enc = 1;
112 ctx->encrypt = enc;
113 }
114#ifndef OPENSSL_NO_ENGINE
115 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
116 * so this context may already have an ENGINE! Try to avoid releasing
117 * the previous handle, re-querying for an ENGINE, and having a
118 * reinitialisation, when it may all be unecessary. */
119 if (ctx->engine && ctx->cipher && (!cipher ||
120 (cipher && (cipher->nid == ctx->cipher->nid))))
121 goto skip_to_init;
122#endif
123 if (cipher)
124 {
125 /* Ensure a context left lying around from last time is cleared
126 * (the previous check attempted to avoid this if the same
127 * ENGINE and EVP_CIPHER could be used). */
128 if (ctx->cipher)
129 {
130 unsigned long flags = ctx->flags;
131 EVP_CIPHER_CTX_cleanup(ctx);
132 /* Restore encrypt and flags */
133 ctx->encrypt = enc;
134 ctx->flags = flags;
135 }
136#ifndef OPENSSL_NO_ENGINE
137 if(impl)
138 {
139 if (!ENGINE_init(impl))
140 {
141 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
142 return 0;
143 }
144 }
145 else
146 /* Ask if an ENGINE is reserved for this job */
147 impl = ENGINE_get_cipher_engine(cipher->nid);
148 if(impl)
149 {
150 /* There's an ENGINE for this job ... (apparently) */
151 const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid);
152 if(!c)
153 {
154 /* One positive side-effect of US's export
155 * control history, is that we should at least
156 * be able to avoid using US mispellings of
157 * "initialisation"? */
158 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
159 return 0;
160 }
161 /* We'll use the ENGINE's private cipher definition */
162 cipher = c;
163 /* Store the ENGINE functional reference so we know
164 * 'cipher' came from an ENGINE and we need to release
165 * it when done. */
166 ctx->engine = impl;
167 }
168 else
169 ctx->engine = NULL;
170#endif
171
172#ifdef OPENSSL_FIPS
173 if (FIPS_mode())
174 return FIPS_cipherinit(ctx, cipher, key, iv, enc);
175#endif
176 ctx->cipher=cipher;
177 if (ctx->cipher->ctx_size)
178 {
179 ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
180 if (!ctx->cipher_data)
181 {
182 EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE);
183 return 0;
184 }
185 }
186 else
187 {
188 ctx->cipher_data = NULL;
189 }
190 ctx->key_len = cipher->key_len;
191 ctx->flags = 0;
192 if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT)
193 {
194 if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL))
195 {
196 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
197 return 0;
198 }
199 }
200 }
201 else if(!ctx->cipher)
202 {
203 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET);
204 return 0;
205 }
206#ifndef OPENSSL_NO_ENGINE
207skip_to_init:
208#endif
209#ifdef OPENSSL_FIPS
210 if (FIPS_mode())
211 return FIPS_cipherinit(ctx, cipher, key, iv, enc);
212#endif
213 /* we assume block size is a power of 2 in *cryptUpdate */
214 OPENSSL_assert(ctx->cipher->block_size == 1
215 || ctx->cipher->block_size == 8
216 || ctx->cipher->block_size == 16);
217
218 if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
219 switch(EVP_CIPHER_CTX_mode(ctx)) {
220
221 case EVP_CIPH_STREAM_CIPHER:
222 case EVP_CIPH_ECB_MODE:
223 break;
224
225 case EVP_CIPH_CFB_MODE:
226 case EVP_CIPH_OFB_MODE:
227
228 ctx->num = 0;
229 /* fall-through */
230
231 case EVP_CIPH_CBC_MODE:
232
233 OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
234 (int)sizeof(ctx->iv));
235 if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
236 memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
237 break;
238
239 case EVP_CIPH_CTR_MODE:
240 ctx->num = 0;
241 /* Don't reuse IV for CTR mode */
242 if(iv)
243 memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
244 break;
245
246 default:
247 return 0;
248 break;
249 }
250 }
251
252 if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
253 if(!ctx->cipher->init(ctx,key,iv,enc)) return 0;
254 }
255 ctx->buf_len=0;
256 ctx->final_used=0;
257 ctx->block_mask=ctx->cipher->block_size-1;
258 return 1;
259 }
260
261int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
262 const unsigned char *in, int inl)
263 {
264 if (ctx->encrypt)
265 return EVP_EncryptUpdate(ctx,out,outl,in,inl);
266 else return EVP_DecryptUpdate(ctx,out,outl,in,inl);
267 }
268
269int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
270 {
271 if (ctx->encrypt)
272 return EVP_EncryptFinal_ex(ctx,out,outl);
273 else return EVP_DecryptFinal_ex(ctx,out,outl);
274 }
275
276int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
277 {
278 if (ctx->encrypt)
279 return EVP_EncryptFinal(ctx,out,outl);
280 else return EVP_DecryptFinal(ctx,out,outl);
281 }
282
283int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
284 const unsigned char *key, const unsigned char *iv)
285 {
286 return EVP_CipherInit(ctx, cipher, key, iv, 1);
287 }
288
289int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
290 const unsigned char *key, const unsigned char *iv)
291 {
292 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
293 }
294
295int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
296 const unsigned char *key, const unsigned char *iv)
297 {
298 return EVP_CipherInit(ctx, cipher, key, iv, 0);
299 }
300
301int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
302 const unsigned char *key, const unsigned char *iv)
303 {
304 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
305 }
306
307int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
308 const unsigned char *in, int inl)
309 {
310 int i,j,bl;
311
312 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER)
313 {
314 i = M_do_cipher(ctx, out, in, inl);
315 if (i < 0)
316 return 0;
317 else
318 *outl = i;
319 return 1;
320 }
321
322 if (inl <= 0)
323 {
324 *outl = 0;
325 return inl == 0;
326 }
327
328 if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0)
329 {
330 if(M_do_cipher(ctx,out,in,inl))
331 {
332 *outl=inl;
333 return 1;
334 }
335 else
336 {
337 *outl=0;
338 return 0;
339 }
340 }
341 i=ctx->buf_len;
342 bl=ctx->cipher->block_size;
343 OPENSSL_assert(bl <= (int)sizeof(ctx->buf));
344 if (i != 0)
345 {
346 if (i+inl < bl)
347 {
348 memcpy(&(ctx->buf[i]),in,inl);
349 ctx->buf_len+=inl;
350 *outl=0;
351 return 1;
352 }
353 else
354 {
355 j=bl-i;
356 memcpy(&(ctx->buf[i]),in,j);
357 if(!M_do_cipher(ctx,out,ctx->buf,bl)) return 0;
358 inl-=j;
359 in+=j;
360 out+=bl;
361 *outl=bl;
362 }
363 }
364 else
365 *outl = 0;
366 i=inl&(bl-1);
367 inl-=i;
368 if (inl > 0)
369 {
370 if(!M_do_cipher(ctx,out,in,inl)) return 0;
371 *outl+=inl;
372 }
373
374 if (i != 0)
375 memcpy(ctx->buf,&(in[inl]),i);
376 ctx->buf_len=i;
377 return 1;
378 }
379
380int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
381 {
382 int ret;
383 ret = EVP_EncryptFinal_ex(ctx, out, outl);
384 return ret;
385 }
386
387int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
388 {
389 int n,ret;
390 unsigned int i, b, bl;
391
392 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER)
393 {
394 ret = M_do_cipher(ctx, out, NULL, 0);
395 if (ret < 0)
396 return 0;
397 else
398 *outl = ret;
399 return 1;
400 }
401
402 b=ctx->cipher->block_size;
403 OPENSSL_assert(b <= sizeof ctx->buf);
404 if (b == 1)
405 {
406 *outl=0;
407 return 1;
408 }
409 bl=ctx->buf_len;
410 if (ctx->flags & EVP_CIPH_NO_PADDING)
411 {
412 if(bl)
413 {
414 EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
415 return 0;
416 }
417 *outl = 0;
418 return 1;
419 }
420
421 n=b-bl;
422 for (i=bl; i<b; i++)
423 ctx->buf[i]=n;
424 ret=M_do_cipher(ctx,out,ctx->buf,b);
425
426
427 if(ret)
428 *outl=b;
429
430 return ret;
431 }
432
433int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
434 const unsigned char *in, int inl)
435 {
436 int fix_len;
437 unsigned int b;
438
439 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER)
440 {
441 fix_len = M_do_cipher(ctx, out, in, inl);
442 if (fix_len < 0)
443 {
444 *outl = 0;
445 return 0;
446 }
447 else
448 *outl = fix_len;
449 return 1;
450 }
451
452 if (inl <= 0)
453 {
454 *outl = 0;
455 return inl == 0;
456 }
457
458 if (ctx->flags & EVP_CIPH_NO_PADDING)
459 return EVP_EncryptUpdate(ctx, out, outl, in, inl);
460
461 b=ctx->cipher->block_size;
462 OPENSSL_assert(b <= sizeof ctx->final);
463
464 if(ctx->final_used)
465 {
466 memcpy(out,ctx->final,b);
467 out+=b;
468 fix_len = 1;
469 }
470 else
471 fix_len = 0;
472
473
474 if(!EVP_EncryptUpdate(ctx,out,outl,in,inl))
475 return 0;
476
477 /* if we have 'decrypted' a multiple of block size, make sure
478 * we have a copy of this last block */
479 if (b > 1 && !ctx->buf_len)
480 {
481 *outl-=b;
482 ctx->final_used=1;
483 memcpy(ctx->final,&out[*outl],b);
484 }
485 else
486 ctx->final_used = 0;
487
488 if (fix_len)
489 *outl += b;
490
491 return 1;
492 }
493
494int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
495 {
496 int ret;
497 ret = EVP_DecryptFinal_ex(ctx, out, outl);
498 return ret;
499 }
500
501int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
502 {
503 int i,n;
504 unsigned int b;
505 *outl=0;
506
507 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER)
508 {
509 i = M_do_cipher(ctx, out, NULL, 0);
510 if (i < 0)
511 return 0;
512 else
513 *outl = i;
514 return 1;
515 }
516
517 b=ctx->cipher->block_size;
518 if (ctx->flags & EVP_CIPH_NO_PADDING)
519 {
520 if(ctx->buf_len)
521 {
522 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
523 return 0;
524 }
525 *outl = 0;
526 return 1;
527 }
528 if (b > 1)
529 {
530 if (ctx->buf_len || !ctx->final_used)
531 {
532 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
533 return(0);
534 }
535 OPENSSL_assert(b <= sizeof ctx->final);
536 n=ctx->final[b-1];
537 if (n == 0 || n > (int)b)
538 {
539 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
540 return(0);
541 }
542 for (i=0; i<n; i++)
543 {
544 if (ctx->final[--b] != n)
545 {
546 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
547 return(0);
548 }
549 }
550 n=ctx->cipher->block_size-n;
551 for (i=0; i<n; i++)
552 out[i]=ctx->final[i];
553 *outl=n;
554 }
555 else
556 *outl=0;
557 return(1);
558 }
559
560void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
561 {
562 if (ctx)
563 {
564 EVP_CIPHER_CTX_cleanup(ctx);
565 OPENSSL_free(ctx);
566 }
567 }
568
569int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
570 {
571#ifndef OPENSSL_FIPS
572 if (c->cipher != NULL)
573 {
574 if(c->cipher->cleanup && !c->cipher->cleanup(c))
575 return 0;
576 /* Cleanse cipher context data */
577 if (c->cipher_data)
578 OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
579 }
580 if (c->cipher_data)
581 OPENSSL_free(c->cipher_data);
582#endif
583#ifndef OPENSSL_NO_ENGINE
584 if (c->engine)
585 /* The EVP_CIPHER we used belongs to an ENGINE, release the
586 * functional reference we held for this reason. */
587 ENGINE_finish(c->engine);
588#endif
589#ifdef OPENSSL_FIPS
590 FIPS_cipher_ctx_cleanup(c);
591#endif
592 memset(c,0,sizeof(EVP_CIPHER_CTX));
593 return 1;
594 }
595
596int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
597 {
598 if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
599 return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL);
600 if(c->key_len == keylen) return 1;
601 if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH))
602 {
603 c->key_len = keylen;
604 return 1;
605 }
606 EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH);
607 return 0;
608 }
609
610int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
611 {
612 if (pad) ctx->flags &= ~EVP_CIPH_NO_PADDING;
613 else ctx->flags |= EVP_CIPH_NO_PADDING;
614 return 1;
615 }
616
617int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
618{
619 int ret;
620 if(!ctx->cipher) {
621 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
622 return 0;
623 }
624
625 if(!ctx->cipher->ctrl) {
626 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
627 return 0;
628 }
629
630 ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
631 if(ret == -1) {
632 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
633 return 0;
634 }
635 return ret;
636}
637
638int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
639 {
640 if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
641 return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
642 if (RAND_bytes(key, ctx->key_len) <= 0)
643 return 0;
644 return 1;
645 }
646
647int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
648 {
649 if ((in == NULL) || (in->cipher == NULL))
650 {
651 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
652 return 0;
653 }
654#ifndef OPENSSL_NO_ENGINE
655 /* Make sure it's safe to copy a cipher context using an ENGINE */
656 if (in->engine && !ENGINE_init(in->engine))
657 {
658 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,ERR_R_ENGINE_LIB);
659 return 0;
660 }
661#endif
662
663 EVP_CIPHER_CTX_cleanup(out);
664 memcpy(out,in,sizeof *out);
665
666 if (in->cipher_data && in->cipher->ctx_size)
667 {
668 out->cipher_data=OPENSSL_malloc(in->cipher->ctx_size);
669 if (!out->cipher_data)
670 {
671 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,ERR_R_MALLOC_FAILURE);
672 return 0;
673 }
674 memcpy(out->cipher_data,in->cipher_data,in->cipher->ctx_size);
675 }
676
677 if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
678 return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out);
679 return 1;
680 }
681
diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c
deleted file mode 100644
index db0f76d59b..0000000000
--- a/src/lib/libcrypto/evp/evp_err.c
+++ /dev/null
@@ -1,234 +0,0 @@
1/* crypto/evp/evp_err.c */
2/* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/evp.h>
64
65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason)
70
71static ERR_STRING_DATA EVP_str_functs[]=
72 {
73{ERR_FUNC(EVP_F_AESNI_INIT_KEY), "AESNI_INIT_KEY"},
74{ERR_FUNC(EVP_F_AESNI_XTS_CIPHER), "AESNI_XTS_CIPHER"},
75{ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
76{ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"},
77{ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"},
78{ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"},
79{ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"},
80{ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
81{ERR_FUNC(EVP_F_DO_SIGVER_INIT), "DO_SIGVER_INIT"},
82{ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"},
83{ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"},
84{ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"},
85{ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"},
86{ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
87{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"},
88{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"},
89{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"},
90{ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"},
91{ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"},
92{ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"},
93{ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"},
94{ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_size"},
95{ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"},
96{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"},
97{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"},
98{ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"},
99{ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"},
100{ERR_FUNC(EVP_F_EVP_PKCS82PKEY_BROKEN), "EVP_PKCS82PKEY_BROKEN"},
101{ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"},
102{ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"},
103{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"},
104{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"},
105{ERR_FUNC(EVP_F_EVP_PKEY_CTX_DUP), "EVP_PKEY_CTX_dup"},
106{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"},
107{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"},
108{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"},
109{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive"},
110{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_derive_init"},
111{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_derive_set_peer"},
112{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"},
113{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"},
114{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"},
115{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"},
116{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"},
117{ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"},
118{ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"},
119{ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"},
120{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
121{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"},
122{ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
123{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"},
124{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"},
125{ERR_FUNC(EVP_F_EVP_PKEY_SIGN), "EVP_PKEY_sign"},
126{ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT), "EVP_PKEY_sign_init"},
127{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY), "EVP_PKEY_verify"},
128{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_verify_init"},
129{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"},
130{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT), "EVP_PKEY_verify_recover_init"},
131{ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
132{ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
133{ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"},
134{ERR_FUNC(EVP_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"},
135{ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_COPY), "FIPS_CIPHER_CTX_COPY"},
136{ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
137{ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH), "FIPS_CIPHER_CTX_SET_KEY_LENGTH"},
138{ERR_FUNC(EVP_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"},
139{ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY), "FIPS_MD_CTX_COPY"},
140{ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"},
141{ERR_FUNC(EVP_F_INT_CTX_NEW), "INT_CTX_NEW"},
142{ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"},
143{ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
144{ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_V2_PBKDF2_KEYIVGEN"},
145{ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"},
146{ERR_FUNC(EVP_F_PKEY_SET_TYPE), "PKEY_SET_TYPE"},
147{ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"},
148{ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"},
149{0,NULL}
150 };
151
152static ERR_STRING_DATA EVP_str_reasons[]=
153 {
154{ERR_REASON(EVP_R_AES_IV_SETUP_FAILED) ,"aes iv setup failed"},
155{ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED) ,"aes key setup failed"},
156{ERR_REASON(EVP_R_ASN1_LIB) ,"asn1 lib"},
157{ERR_REASON(EVP_R_BAD_BLOCK_LENGTH) ,"bad block length"},
158{ERR_REASON(EVP_R_BAD_DECRYPT) ,"bad decrypt"},
159{ERR_REASON(EVP_R_BAD_KEY_LENGTH) ,"bad key length"},
160{ERR_REASON(EVP_R_BN_DECODE_ERROR) ,"bn decode error"},
161{ERR_REASON(EVP_R_BN_PUBKEY_ERROR) ,"bn pubkey error"},
162{ERR_REASON(EVP_R_BUFFER_TOO_SMALL) ,"buffer too small"},
163{ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED),"camellia key setup failed"},
164{ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR),"cipher parameter error"},
165{ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED) ,"command not supported"},
166{ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) ,"ctrl not implemented"},
167{ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),"ctrl operation not implemented"},
168{ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),"data not multiple of block length"},
169{ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"},
170{ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"},
171{ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) ,"different parameters"},
172{ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"},
173{ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"},
174{ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"},
175{ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"},
176{ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"},
177{ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"},
178{ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"},
179{ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) ,"expecting a ec key"},
180{ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"},
181{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"},
182{ERR_REASON(EVP_R_INVALID_DIGEST) ,"invalid digest"},
183{ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"},
184{ERR_REASON(EVP_R_INVALID_OPERATION) ,"invalid operation"},
185{ERR_REASON(EVP_R_IV_TOO_LARGE) ,"iv too large"},
186{ERR_REASON(EVP_R_KEYGEN_FAILURE) ,"keygen failure"},
187{ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL),"message digest is null"},
188{ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED) ,"method not supported"},
189{ERR_REASON(EVP_R_MISSING_PARAMETERS) ,"missing parameters"},
190{ERR_REASON(EVP_R_NO_CIPHER_SET) ,"no cipher set"},
191{ERR_REASON(EVP_R_NO_DEFAULT_DIGEST) ,"no default digest"},
192{ERR_REASON(EVP_R_NO_DIGEST_SET) ,"no digest set"},
193{ERR_REASON(EVP_R_NO_DSA_PARAMETERS) ,"no dsa parameters"},
194{ERR_REASON(EVP_R_NO_KEY_SET) ,"no key set"},
195{ERR_REASON(EVP_R_NO_OPERATION_SET) ,"no operation set"},
196{ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED),"no sign function configured"},
197{ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),"no verify function configured"},
198{ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"},
199{ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED),"operaton not initialized"},
200{ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE),"pkcs8 unknown broken type"},
201{ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR),"private key decode error"},
202{ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR),"private key encode error"},
203{ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) ,"public key not rsa"},
204{ERR_REASON(EVP_R_TOO_LARGE) ,"too large"},
205{ERR_REASON(EVP_R_UNKNOWN_CIPHER) ,"unknown cipher"},
206{ERR_REASON(EVP_R_UNKNOWN_DIGEST) ,"unknown digest"},
207{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"},
208{ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"},
209{ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) ,"unsupported algorithm"},
210{ERR_REASON(EVP_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"},
211{ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH) ,"unsupported keylength"},
212{ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION),"unsupported key derivation function"},
213{ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE) ,"unsupported key size"},
214{ERR_REASON(EVP_R_UNSUPPORTED_PRF) ,"unsupported prf"},
215{ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM),"unsupported private key algorithm"},
216{ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE) ,"unsupported salt type"},
217{ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH),"wrong final block length"},
218{ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE) ,"wrong public key type"},
219{0,NULL}
220 };
221
222#endif
223
224void ERR_load_EVP_strings(void)
225 {
226#ifndef OPENSSL_NO_ERR
227
228 if (ERR_func_error_string(EVP_str_functs[0].error) == NULL)
229 {
230 ERR_load_strings(0,EVP_str_functs);
231 ERR_load_strings(0,EVP_str_reasons);
232 }
233#endif
234 }
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c
deleted file mode 100644
index 7961fbebf2..0000000000
--- a/src/lib/libcrypto/evp/evp_key.c
+++ /dev/null
@@ -1,189 +0,0 @@
1/* crypto/evp/evp_key.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/x509.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/ui.h>
65
66/* should be init to zeros. */
67static char prompt_string[80];
68
69void EVP_set_pw_prompt(const char *prompt)
70 {
71 if (prompt == NULL)
72 prompt_string[0]='\0';
73 else
74 {
75 strncpy(prompt_string,prompt,79);
76 prompt_string[79]='\0';
77 }
78 }
79
80char *EVP_get_pw_prompt(void)
81 {
82 if (prompt_string[0] == '\0')
83 return(NULL);
84 else
85 return(prompt_string);
86 }
87
88/* For historical reasons, the standard function for reading passwords is
89 * in the DES library -- if someone ever wants to disable DES,
90 * this function will fail */
91int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
92 {
93 return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
94 }
95
96int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, int verify)
97 {
98 int ret;
99 char buff[BUFSIZ];
100 UI *ui;
101
102 if ((prompt == NULL) && (prompt_string[0] != '\0'))
103 prompt=prompt_string;
104 ui = UI_new();
105 UI_add_input_string(ui,prompt,0,buf,min,(len>=BUFSIZ)?BUFSIZ-1:len);
106 if (verify)
107 UI_add_verify_string(ui,prompt,0,
108 buff,min,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
109 ret = UI_process(ui);
110 UI_free(ui);
111 OPENSSL_cleanse(buff,BUFSIZ);
112 return ret;
113 }
114
115int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
116 const unsigned char *salt, const unsigned char *data, int datal,
117 int count, unsigned char *key, unsigned char *iv)
118 {
119 EVP_MD_CTX c;
120 unsigned char md_buf[EVP_MAX_MD_SIZE];
121 int niv,nkey,addmd=0;
122 unsigned int mds=0,i;
123 int rv = 0;
124 nkey=type->key_len;
125 niv=type->iv_len;
126 OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
127 OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
128
129 if (data == NULL) return(nkey);
130
131 EVP_MD_CTX_init(&c);
132 for (;;)
133 {
134 if (!EVP_DigestInit_ex(&c,md, NULL))
135 return 0;
136 if (addmd++)
137 if (!EVP_DigestUpdate(&c,&(md_buf[0]),mds))
138 goto err;
139 if (!EVP_DigestUpdate(&c,data,datal))
140 goto err;
141 if (salt != NULL)
142 if (!EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN))
143 goto err;
144 if (!EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds))
145 goto err;
146
147 for (i=1; i<(unsigned int)count; i++)
148 {
149 if (!EVP_DigestInit_ex(&c,md, NULL))
150 goto err;
151 if (!EVP_DigestUpdate(&c,&(md_buf[0]),mds))
152 goto err;
153 if (!EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds))
154 goto err;
155 }
156 i=0;
157 if (nkey)
158 {
159 for (;;)
160 {
161 if (nkey == 0) break;
162 if (i == mds) break;
163 if (key != NULL)
164 *(key++)=md_buf[i];
165 nkey--;
166 i++;
167 }
168 }
169 if (niv && (i != mds))
170 {
171 for (;;)
172 {
173 if (niv == 0) break;
174 if (i == mds) break;
175 if (iv != NULL)
176 *(iv++)=md_buf[i];
177 niv--;
178 i++;
179 }
180 }
181 if ((nkey == 0) && (niv == 0)) break;
182 }
183 rv = type->key_len;
184 err:
185 EVP_MD_CTX_cleanup(&c);
186 OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE);
187 return rv;
188 }
189
diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c
deleted file mode 100644
index b180e4828a..0000000000
--- a/src/lib/libcrypto/evp/evp_lib.c
+++ /dev/null
@@ -1,316 +0,0 @@
1/* crypto/evp/evp_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63
64int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
65 {
66 int ret;
67
68 if (c->cipher->set_asn1_parameters != NULL)
69 ret=c->cipher->set_asn1_parameters(c,type);
70 else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
71 ret=EVP_CIPHER_set_asn1_iv(c, type);
72 else
73 ret=-1;
74 return(ret);
75 }
76
77int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
78 {
79 int ret;
80
81 if (c->cipher->get_asn1_parameters != NULL)
82 ret=c->cipher->get_asn1_parameters(c,type);
83 else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
84 ret=EVP_CIPHER_get_asn1_iv(c, type);
85 else
86 ret=-1;
87 return(ret);
88 }
89
90int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
91 {
92 int i=0;
93 unsigned int l;
94
95 if (type != NULL)
96 {
97 l=EVP_CIPHER_CTX_iv_length(c);
98 OPENSSL_assert(l <= sizeof(c->iv));
99 i=ASN1_TYPE_get_octetstring(type,c->oiv,l);
100 if (i != (int)l)
101 return(-1);
102 else if (i > 0)
103 memcpy(c->iv,c->oiv,l);
104 }
105 return(i);
106 }
107
108int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
109 {
110 int i=0;
111 unsigned int j;
112
113 if (type != NULL)
114 {
115 j=EVP_CIPHER_CTX_iv_length(c);
116 OPENSSL_assert(j <= sizeof(c->iv));
117 i=ASN1_TYPE_set_octetstring(type,c->oiv,j);
118 }
119 return(i);
120 }
121
122/* Convert the various cipher NIDs and dummies to a proper OID NID */
123int EVP_CIPHER_type(const EVP_CIPHER *ctx)
124{
125 int nid;
126 ASN1_OBJECT *otmp;
127 nid = EVP_CIPHER_nid(ctx);
128
129 switch(nid) {
130
131 case NID_rc2_cbc:
132 case NID_rc2_64_cbc:
133 case NID_rc2_40_cbc:
134
135 return NID_rc2_cbc;
136
137 case NID_rc4:
138 case NID_rc4_40:
139
140 return NID_rc4;
141
142 case NID_aes_128_cfb128:
143 case NID_aes_128_cfb8:
144 case NID_aes_128_cfb1:
145
146 return NID_aes_128_cfb128;
147
148 case NID_aes_192_cfb128:
149 case NID_aes_192_cfb8:
150 case NID_aes_192_cfb1:
151
152 return NID_aes_192_cfb128;
153
154 case NID_aes_256_cfb128:
155 case NID_aes_256_cfb8:
156 case NID_aes_256_cfb1:
157
158 return NID_aes_256_cfb128;
159
160 case NID_des_cfb64:
161 case NID_des_cfb8:
162 case NID_des_cfb1:
163
164 return NID_des_cfb64;
165
166 case NID_des_ede3_cfb64:
167 case NID_des_ede3_cfb8:
168 case NID_des_ede3_cfb1:
169
170 return NID_des_cfb64;
171
172 default:
173 /* Check it has an OID and it is valid */
174 otmp = OBJ_nid2obj(nid);
175 if(!otmp || !otmp->data) nid = NID_undef;
176 ASN1_OBJECT_free(otmp);
177 return nid;
178 }
179}
180
181int EVP_CIPHER_block_size(const EVP_CIPHER *e)
182 {
183 return e->block_size;
184 }
185
186int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
187 {
188 return ctx->cipher->block_size;
189 }
190
191int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl)
192 {
193 return ctx->cipher->do_cipher(ctx,out,in,inl);
194 }
195
196const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
197 {
198 return ctx->cipher;
199 }
200
201unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher)
202 {
203 return cipher->flags;
204 }
205
206unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
207 {
208 return ctx->cipher->flags;
209 }
210
211void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
212 {
213 return ctx->app_data;
214 }
215
216void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
217 {
218 ctx->app_data = data;
219 }
220
221int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
222 {
223 return cipher->iv_len;
224 }
225
226int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
227 {
228 return ctx->cipher->iv_len;
229 }
230
231int EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
232 {
233 return cipher->key_len;
234 }
235
236int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
237 {
238 return ctx->key_len;
239 }
240
241int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
242 {
243 return cipher->nid;
244 }
245
246int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
247 {
248 return ctx->cipher->nid;
249 }
250
251int EVP_MD_block_size(const EVP_MD *md)
252 {
253 return md->block_size;
254 }
255
256int EVP_MD_type(const EVP_MD *md)
257 {
258 return md->type;
259 }
260
261int EVP_MD_pkey_type(const EVP_MD *md)
262 {
263 return md->pkey_type;
264 }
265
266int EVP_MD_size(const EVP_MD *md)
267 {
268 if (!md)
269 {
270 EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
271 return -1;
272 }
273 return md->md_size;
274 }
275
276unsigned long EVP_MD_flags(const EVP_MD *md)
277 {
278 return md->flags;
279 }
280
281const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
282 {
283 if (!ctx)
284 return NULL;
285 return ctx->digest;
286 }
287
288void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
289 {
290 ctx->flags |= flags;
291 }
292
293void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
294 {
295 ctx->flags &= ~flags;
296 }
297
298int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
299 {
300 return (ctx->flags & flags);
301 }
302
303void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
304 {
305 ctx->flags |= flags;
306 }
307
308void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
309 {
310 ctx->flags &= ~flags;
311 }
312
313int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
314 {
315 return (ctx->flags & flags);
316 }
diff --git a/src/lib/libcrypto/evp/evp_locl.h b/src/lib/libcrypto/evp/evp_locl.h
deleted file mode 100644
index 08c0a66d39..0000000000
--- a/src/lib/libcrypto/evp/evp_locl.h
+++ /dev/null
@@ -1,385 +0,0 @@
1/* evp_locl.h */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59/* Macros to code block cipher wrappers */
60
61/* Wrapper functions for each cipher mode */
62
63#define BLOCK_CIPHER_ecb_loop() \
64 size_t i, bl; \
65 bl = ctx->cipher->block_size;\
66 if(inl < bl) return 1;\
67 inl -= bl; \
68 for(i=0; i <= inl; i+=bl)
69
70#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
71static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
72{\
73 BLOCK_CIPHER_ecb_loop() \
74 cprefix##_ecb_encrypt(in + i, out + i, &((kstruct *)ctx->cipher_data)->ksched, ctx->encrypt);\
75 return 1;\
76}
77
78#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
79
80#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
81static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
82{\
83 while(inl>=EVP_MAXCHUNK)\
84 {\
85 cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
86 inl-=EVP_MAXCHUNK;\
87 in +=EVP_MAXCHUNK;\
88 out+=EVP_MAXCHUNK;\
89 }\
90 if (inl)\
91 cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
92 return 1;\
93}
94
95#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
96static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
97{\
98 while(inl>=EVP_MAXCHUNK) \
99 {\
100 cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
101 inl-=EVP_MAXCHUNK;\
102 in +=EVP_MAXCHUNK;\
103 out+=EVP_MAXCHUNK;\
104 }\
105 if (inl)\
106 cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
107 return 1;\
108}
109
110#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
111static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
112{\
113 size_t chunk=EVP_MAXCHUNK;\
114 if (cbits==1) chunk>>=3;\
115 if (inl<chunk) chunk=inl;\
116 while(inl && inl>=chunk)\
117 {\
118 cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
119 inl-=chunk;\
120 in +=chunk;\
121 out+=chunk;\
122 if(inl<chunk) chunk=inl;\
123 }\
124 return 1;\
125}
126
127#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
128 BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
129 BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
130 BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
131 BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
132
133#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
134 key_len, iv_len, flags, init_key, cleanup, \
135 set_asn1, get_asn1, ctrl) \
136static const EVP_CIPHER cname##_##mode = { \
137 nid##_##nmode, block_size, key_len, iv_len, \
138 flags | EVP_CIPH_##MODE##_MODE, \
139 init_key, \
140 cname##_##mode##_cipher, \
141 cleanup, \
142 sizeof(kstruct), \
143 set_asn1, get_asn1,\
144 ctrl, \
145 NULL \
146}; \
147const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
148
149#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
150 iv_len, flags, init_key, cleanup, set_asn1, \
151 get_asn1, ctrl) \
152BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
153 iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
154
155#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
156 iv_len, cbits, flags, init_key, cleanup, \
157 set_asn1, get_asn1, ctrl) \
158BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
159 key_len, iv_len, flags, init_key, cleanup, set_asn1, \
160 get_asn1, ctrl)
161
162#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
163 iv_len, cbits, flags, init_key, cleanup, \
164 set_asn1, get_asn1, ctrl) \
165BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
166 key_len, iv_len, flags, init_key, cleanup, set_asn1, \
167 get_asn1, ctrl)
168
169#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
170 flags, init_key, cleanup, set_asn1, \
171 get_asn1, ctrl) \
172BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
173 0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
174
175#define BLOCK_CIPHER_defs(cname, kstruct, \
176 nid, block_size, key_len, iv_len, cbits, flags, \
177 init_key, cleanup, set_asn1, get_asn1, ctrl) \
178BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
179 init_key, cleanup, set_asn1, get_asn1, ctrl) \
180BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
181 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
182BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
183 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
184BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
185 init_key, cleanup, set_asn1, get_asn1, ctrl)
186
187
188/*
189#define BLOCK_CIPHER_defs(cname, kstruct, \
190 nid, block_size, key_len, iv_len, flags,\
191 init_key, cleanup, set_asn1, get_asn1, ctrl)\
192static const EVP_CIPHER cname##_cbc = {\
193 nid##_cbc, block_size, key_len, iv_len, \
194 flags | EVP_CIPH_CBC_MODE,\
195 init_key,\
196 cname##_cbc_cipher,\
197 cleanup,\
198 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
199 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
200 set_asn1, get_asn1,\
201 ctrl, \
202 NULL \
203};\
204const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
205static const EVP_CIPHER cname##_cfb = {\
206 nid##_cfb64, 1, key_len, iv_len, \
207 flags | EVP_CIPH_CFB_MODE,\
208 init_key,\
209 cname##_cfb_cipher,\
210 cleanup,\
211 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
212 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
213 set_asn1, get_asn1,\
214 ctrl,\
215 NULL \
216};\
217const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
218static const EVP_CIPHER cname##_ofb = {\
219 nid##_ofb64, 1, key_len, iv_len, \
220 flags | EVP_CIPH_OFB_MODE,\
221 init_key,\
222 cname##_ofb_cipher,\
223 cleanup,\
224 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
225 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
226 set_asn1, get_asn1,\
227 ctrl,\
228 NULL \
229};\
230const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
231static const EVP_CIPHER cname##_ecb = {\
232 nid##_ecb, block_size, key_len, iv_len, \
233 flags | EVP_CIPH_ECB_MODE,\
234 init_key,\
235 cname##_ecb_cipher,\
236 cleanup,\
237 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
238 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
239 set_asn1, get_asn1,\
240 ctrl,\
241 NULL \
242};\
243const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
244*/
245
246#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
247 block_size, key_len, iv_len, cbits, \
248 flags, init_key, \
249 cleanup, set_asn1, get_asn1, ctrl) \
250 BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
251 BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
252 cbits, flags, init_key, cleanup, set_asn1, \
253 get_asn1, ctrl)
254
255#define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data)
256
257#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \
258 BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
259 BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
260 NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
261 0, cipher##_init_key, NULL, \
262 EVP_CIPHER_set_asn1_iv, \
263 EVP_CIPHER_get_asn1_iv, \
264 NULL)
265
266struct evp_pkey_ctx_st
267 {
268 /* Method associated with this operation */
269 const EVP_PKEY_METHOD *pmeth;
270 /* Engine that implements this method or NULL if builtin */
271 ENGINE *engine;
272 /* Key: may be NULL */
273 EVP_PKEY *pkey;
274 /* Peer key for key agreement, may be NULL */
275 EVP_PKEY *peerkey;
276 /* Actual operation */
277 int operation;
278 /* Algorithm specific data */
279 void *data;
280 /* Application specific data */
281 void *app_data;
282 /* Keygen callback */
283 EVP_PKEY_gen_cb *pkey_gencb;
284 /* implementation specific keygen data */
285 int *keygen_info;
286 int keygen_info_count;
287 } /* EVP_PKEY_CTX */;
288
289#define EVP_PKEY_FLAG_DYNAMIC 1
290
291struct evp_pkey_method_st
292 {
293 int pkey_id;
294 int flags;
295
296 int (*init)(EVP_PKEY_CTX *ctx);
297 int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
298 void (*cleanup)(EVP_PKEY_CTX *ctx);
299
300 int (*paramgen_init)(EVP_PKEY_CTX *ctx);
301 int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
302
303 int (*keygen_init)(EVP_PKEY_CTX *ctx);
304 int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
305
306 int (*sign_init)(EVP_PKEY_CTX *ctx);
307 int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
308 const unsigned char *tbs, size_t tbslen);
309
310 int (*verify_init)(EVP_PKEY_CTX *ctx);
311 int (*verify)(EVP_PKEY_CTX *ctx,
312 const unsigned char *sig, size_t siglen,
313 const unsigned char *tbs, size_t tbslen);
314
315 int (*verify_recover_init)(EVP_PKEY_CTX *ctx);
316 int (*verify_recover)(EVP_PKEY_CTX *ctx,
317 unsigned char *rout, size_t *routlen,
318 const unsigned char *sig, size_t siglen);
319
320 int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
321 int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
322 EVP_MD_CTX *mctx);
323
324 int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
325 int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen,
326 EVP_MD_CTX *mctx);
327
328 int (*encrypt_init)(EVP_PKEY_CTX *ctx);
329 int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
330 const unsigned char *in, size_t inlen);
331
332 int (*decrypt_init)(EVP_PKEY_CTX *ctx);
333 int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
334 const unsigned char *in, size_t inlen);
335
336 int (*derive_init)(EVP_PKEY_CTX *ctx);
337 int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
338
339 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
340 int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value);
341
342
343 } /* EVP_PKEY_METHOD */;
344
345void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
346
347int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
348 ASN1_TYPE *param,
349 const EVP_CIPHER *c, const EVP_MD *md, int en_de);
350
351#ifdef OPENSSL_FIPS
352
353#ifdef OPENSSL_DOING_MAKEDEPEND
354#undef SHA1_Init
355#undef SHA1_Update
356#undef SHA224_Init
357#undef SHA256_Init
358#undef SHA384_Init
359#undef SHA512_Init
360#undef DES_set_key_unchecked
361#endif
362
363#define RIPEMD160_Init private_RIPEMD160_Init
364#define WHIRLPOOL_Init private_WHIRLPOOL_Init
365#define MD5_Init private_MD5_Init
366#define MD4_Init private_MD4_Init
367#define MD2_Init private_MD2_Init
368#define MDC2_Init private_MDC2_Init
369#define SHA_Init private_SHA_Init
370#define SHA1_Init private_SHA1_Init
371#define SHA224_Init private_SHA224_Init
372#define SHA256_Init private_SHA256_Init
373#define SHA384_Init private_SHA384_Init
374#define SHA512_Init private_SHA512_Init
375
376#define BF_set_key private_BF_set_key
377#define CAST_set_key private_CAST_set_key
378#define idea_set_encrypt_key private_idea_set_encrypt_key
379#define SEED_set_key private_SEED_set_key
380#define RC2_set_key private_RC2_set_key
381#define RC4_set_key private_RC4_set_key
382#define DES_set_key_unchecked private_DES_set_key_unchecked
383#define Camellia_set_key private_Camellia_set_key
384
385#endif
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c
deleted file mode 100644
index f8c32d825e..0000000000
--- a/src/lib/libcrypto/evp/evp_pbe.c
+++ /dev/null
@@ -1,316 +0,0 @@
1/* evp_pbe.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/pkcs12.h>
63#include <openssl/x509.h>
64#include "evp_locl.h"
65
66/* Password based encryption (PBE) functions */
67
68DECLARE_STACK_OF(EVP_PBE_CTL)
69static STACK_OF(EVP_PBE_CTL) *pbe_algs;
70
71/* Setup a cipher context from a PBE algorithm */
72
73typedef struct
74 {
75 int pbe_type;
76 int pbe_nid;
77 int cipher_nid;
78 int md_nid;
79 EVP_PBE_KEYGEN *keygen;
80 } EVP_PBE_CTL;
81
82static const EVP_PBE_CTL builtin_pbe[] =
83 {
84 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC,
85 NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},
86 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC,
87 NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
88 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC,
89 NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
90
91#ifndef OPENSSL_NO_HMAC
92 {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
93#endif
94
95 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4,
96 NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},
97 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4,
98 NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen},
99 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
100 NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen},
101 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
102 NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},
103 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC,
104 NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},
105 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC,
106 NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},
107
108#ifndef OPENSSL_NO_HMAC
109 {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen},
110#endif
111 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC,
112 NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen},
113 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC,
114 NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},
115 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC,
116 NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},
117
118
119 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0},
120 {EVP_PBE_TYPE_PRF, NID_hmacWithMD5, -1, NID_md5, 0},
121 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA224, -1, NID_sha224, 0},
122 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA256, -1, NID_sha256, 0},
123 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},
124 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},
125 {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},
126 };
127
128#ifdef TEST
129int main(int argc, char **argv)
130 {
131 int i, nid_md, nid_cipher;
132 EVP_PBE_CTL *tpbe, *tpbe2;
133 /*OpenSSL_add_all_algorithms();*/
134
135 for (i = 0; i < sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL); i++)
136 {
137 tpbe = builtin_pbe + i;
138 fprintf(stderr, "%d %d %s ", tpbe->pbe_type, tpbe->pbe_nid,
139 OBJ_nid2sn(tpbe->pbe_nid));
140 if (EVP_PBE_find(tpbe->pbe_type, tpbe->pbe_nid,
141 &nid_cipher ,&nid_md,0))
142 fprintf(stderr, "Found %s %s\n",
143 OBJ_nid2sn(nid_cipher),
144 OBJ_nid2sn(nid_md));
145 else
146 fprintf(stderr, "Find ERROR!!\n");
147 }
148
149 return 0;
150 }
151#endif
152
153
154
155int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
156 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
157 {
158 const EVP_CIPHER *cipher;
159 const EVP_MD *md;
160 int cipher_nid, md_nid;
161 EVP_PBE_KEYGEN *keygen;
162
163 if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj),
164 &cipher_nid, &md_nid, &keygen))
165 {
166 char obj_tmp[80];
167 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM);
168 if (!pbe_obj) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp);
169 else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
170 ERR_add_error_data(2, "TYPE=", obj_tmp);
171 return 0;
172 }
173
174 if(!pass)
175 passlen = 0;
176 else if (passlen == -1)
177 passlen = strlen(pass);
178
179 if (cipher_nid == -1)
180 cipher = NULL;
181 else
182 {
183 cipher = EVP_get_cipherbynid(cipher_nid);
184 if (!cipher)
185 {
186 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_CIPHER);
187 return 0;
188 }
189 }
190
191 if (md_nid == -1)
192 md = NULL;
193 else
194 {
195 md = EVP_get_digestbynid(md_nid);
196 if (!md)
197 {
198 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_DIGEST);
199 return 0;
200 }
201 }
202
203 if (!keygen(ctx, pass, passlen, param, cipher, md, en_de))
204 {
205 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE);
206 return 0;
207 }
208 return 1;
209}
210
211DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
212
213static int pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2)
214 {
215 int ret = pbe1->pbe_type - pbe2->pbe_type;
216 if (ret)
217 return ret;
218 else
219 return pbe1->pbe_nid - pbe2->pbe_nid;
220 }
221
222IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
223
224static int pbe_cmp(const EVP_PBE_CTL * const *a, const EVP_PBE_CTL * const *b)
225 {
226 int ret = (*a)->pbe_type - (*b)->pbe_type;
227 if (ret)
228 return ret;
229 else
230 return (*a)->pbe_nid - (*b)->pbe_nid;
231 }
232
233/* Add a PBE algorithm */
234
235int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
236 EVP_PBE_KEYGEN *keygen)
237 {
238 EVP_PBE_CTL *pbe_tmp;
239 if (!pbe_algs)
240 pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
241 if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL))))
242 {
243 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE,ERR_R_MALLOC_FAILURE);
244 return 0;
245 }
246 pbe_tmp->pbe_type = pbe_type;
247 pbe_tmp->pbe_nid = pbe_nid;
248 pbe_tmp->cipher_nid = cipher_nid;
249 pbe_tmp->md_nid = md_nid;
250 pbe_tmp->keygen = keygen;
251
252
253 sk_EVP_PBE_CTL_push (pbe_algs, pbe_tmp);
254 return 1;
255 }
256
257int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
258 EVP_PBE_KEYGEN *keygen)
259 {
260 int cipher_nid, md_nid;
261 if (cipher)
262 cipher_nid = EVP_CIPHER_type(cipher);
263 else
264 cipher_nid = -1;
265 if (md)
266 md_nid = EVP_MD_type(md);
267 else
268 md_nid = -1;
269
270 return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid,
271 cipher_nid, md_nid, keygen);
272 }
273
274int EVP_PBE_find(int type, int pbe_nid,
275 int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen)
276 {
277 EVP_PBE_CTL *pbetmp = NULL, pbelu;
278 int i;
279 if (pbe_nid == NID_undef)
280 return 0;
281
282 pbelu.pbe_type = type;
283 pbelu.pbe_nid = pbe_nid;
284
285 if (pbe_algs)
286 {
287 i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu);
288 if (i != -1)
289 pbetmp = sk_EVP_PBE_CTL_value (pbe_algs, i);
290 }
291 if (pbetmp == NULL)
292 {
293 pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe,
294 sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL));
295 }
296 if (pbetmp == NULL)
297 return 0;
298 if (pcnid)
299 *pcnid = pbetmp->cipher_nid;
300 if (pmnid)
301 *pmnid = pbetmp->md_nid;
302 if (pkeygen)
303 *pkeygen = pbetmp->keygen;
304 return 1;
305 }
306
307static void free_evp_pbe_ctl(EVP_PBE_CTL *pbe)
308 {
309 OPENSSL_freeFunc(pbe);
310 }
311
312void EVP_PBE_cleanup(void)
313 {
314 sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl);
315 pbe_algs = NULL;
316 }
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c
deleted file mode 100644
index ceebf69284..0000000000
--- a/src/lib/libcrypto/evp/evp_pkey.c
+++ /dev/null
@@ -1,242 +0,0 @@
1/* evp_pkey.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include "cryptlib.h"
62#include <openssl/x509.h>
63#include <openssl/rand.h>
64#include "asn1_locl.h"
65
66/* Extract a private key from a PKCS8 structure */
67
68EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
69{
70 EVP_PKEY *pkey = NULL;
71 ASN1_OBJECT *algoid;
72 char obj_tmp[80];
73
74 if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8))
75 return NULL;
76
77 if (!(pkey = EVP_PKEY_new())) {
78 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
79 return NULL;
80 }
81
82 if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid)))
83 {
84 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
85 i2t_ASN1_OBJECT(obj_tmp, 80, algoid);
86 ERR_add_error_data(2, "TYPE=", obj_tmp);
87 goto error;
88 }
89
90 if (pkey->ameth->priv_decode)
91 {
92 if (!pkey->ameth->priv_decode(pkey, p8))
93 {
94 EVPerr(EVP_F_EVP_PKCS82PKEY,
95 EVP_R_PRIVATE_KEY_DECODE_ERROR);
96 goto error;
97 }
98 }
99 else
100 {
101 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED);
102 goto error;
103 }
104
105 return pkey;
106
107 error:
108 EVP_PKEY_free (pkey);
109 return NULL;
110}
111
112PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
113{
114 return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
115}
116
117/* Turn a private key into a PKCS8 structure */
118
119PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
120{
121 PKCS8_PRIV_KEY_INFO *p8;
122
123 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {
124 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE);
125 return NULL;
126 }
127 p8->broken = broken;
128
129 if (pkey->ameth)
130 {
131 if (pkey->ameth->priv_encode)
132 {
133 if (!pkey->ameth->priv_encode(p8, pkey))
134 {
135 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
136 EVP_R_PRIVATE_KEY_ENCODE_ERROR);
137 goto error;
138 }
139 }
140 else
141 {
142 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
143 EVP_R_METHOD_NOT_SUPPORTED);
144 goto error;
145 }
146 }
147 else
148 {
149 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
150 EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
151 goto error;
152 }
153 RAND_add(p8->pkey->value.octet_string->data,
154 p8->pkey->value.octet_string->length, 0.0);
155 return p8;
156 error:
157 PKCS8_PRIV_KEY_INFO_free(p8);
158 return NULL;
159}
160
161PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
162{
163 switch (broken) {
164
165 case PKCS8_OK:
166 p8->broken = PKCS8_OK;
167 return p8;
168 break;
169
170 case PKCS8_NO_OCTET:
171 p8->broken = PKCS8_NO_OCTET;
172 p8->pkey->type = V_ASN1_SEQUENCE;
173 return p8;
174 break;
175
176 default:
177 EVPerr(EVP_F_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
178 return NULL;
179 }
180}
181
182/* EVP_PKEY attribute functions */
183
184int EVP_PKEY_get_attr_count(const EVP_PKEY *key)
185{
186 return X509at_get_attr_count(key->attributes);
187}
188
189int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid,
190 int lastpos)
191{
192 return X509at_get_attr_by_NID(key->attributes, nid, lastpos);
193}
194
195int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj,
196 int lastpos)
197{
198 return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos);
199}
200
201X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc)
202{
203 return X509at_get_attr(key->attributes, loc);
204}
205
206X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc)
207{
208 return X509at_delete_attr(key->attributes, loc);
209}
210
211int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr)
212{
213 if(X509at_add1_attr(&key->attributes, attr)) return 1;
214 return 0;
215}
216
217int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
218 const ASN1_OBJECT *obj, int type,
219 const unsigned char *bytes, int len)
220{
221 if(X509at_add1_attr_by_OBJ(&key->attributes, obj,
222 type, bytes, len)) return 1;
223 return 0;
224}
225
226int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
227 int nid, int type,
228 const unsigned char *bytes, int len)
229{
230 if(X509at_add1_attr_by_NID(&key->attributes, nid,
231 type, bytes, len)) return 1;
232 return 0;
233}
234
235int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
236 const char *attrname, int type,
237 const unsigned char *bytes, int len)
238{
239 if(X509at_add1_attr_by_txt(&key->attributes, attrname,
240 type, bytes, len)) return 1;
241 return 0;
242}
diff --git a/src/lib/libcrypto/evp/m_dss.c b/src/lib/libcrypto/evp/m_dss.c
deleted file mode 100644
index 4ad63ada6f..0000000000
--- a/src/lib/libcrypto/evp/m_dss.c
+++ /dev/null
@@ -1,101 +0,0 @@
1/* crypto/evp/m_dss.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64#ifndef OPENSSL_NO_DSA
65#include <openssl/dsa.h>
66#endif
67
68#ifndef OPENSSL_NO_SHA
69#ifndef OPENSSL_FIPS
70
71static int init(EVP_MD_CTX *ctx)
72 { return SHA1_Init(ctx->md_data); }
73
74static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
75 { return SHA1_Update(ctx->md_data,data,count); }
76
77static int final(EVP_MD_CTX *ctx,unsigned char *md)
78 { return SHA1_Final(md,ctx->md_data); }
79
80static const EVP_MD dsa_md=
81 {
82 NID_dsaWithSHA,
83 NID_dsaWithSHA,
84 SHA_DIGEST_LENGTH,
85 EVP_MD_FLAG_PKEY_DIGEST,
86 init,
87 update,
88 final,
89 NULL,
90 NULL,
91 EVP_PKEY_DSA_method,
92 SHA_CBLOCK,
93 sizeof(EVP_MD *)+sizeof(SHA_CTX),
94 };
95
96const EVP_MD *EVP_dss(void)
97 {
98 return(&dsa_md);
99 }
100#endif
101#endif
diff --git a/src/lib/libcrypto/evp/m_dss1.c b/src/lib/libcrypto/evp/m_dss1.c
deleted file mode 100644
index f80170efeb..0000000000
--- a/src/lib/libcrypto/evp/m_dss1.c
+++ /dev/null
@@ -1,103 +0,0 @@
1/* crypto/evp/m_dss1.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_SHA
63
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include <openssl/x509.h>
67#ifndef OPENSSL_NO_DSA
68#include <openssl/dsa.h>
69#endif
70
71#ifndef OPENSSL_FIPS
72
73static int init(EVP_MD_CTX *ctx)
74 { return SHA1_Init(ctx->md_data); }
75
76static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
77 { return SHA1_Update(ctx->md_data,data,count); }
78
79static int final(EVP_MD_CTX *ctx,unsigned char *md)
80 { return SHA1_Final(md,ctx->md_data); }
81
82static const EVP_MD dss1_md=
83 {
84 NID_dsa,
85 NID_dsaWithSHA1,
86 SHA_DIGEST_LENGTH,
87 EVP_MD_FLAG_PKEY_DIGEST,
88 init,
89 update,
90 final,
91 NULL,
92 NULL,
93 EVP_PKEY_DSA_method,
94 SHA_CBLOCK,
95 sizeof(EVP_MD *)+sizeof(SHA_CTX),
96 };
97
98const EVP_MD *EVP_dss1(void)
99 {
100 return(&dss1_md);
101 }
102#endif
103#endif
diff --git a/src/lib/libcrypto/evp/m_ecdsa.c b/src/lib/libcrypto/evp/m_ecdsa.c
deleted file mode 100644
index 4b15fb0f6c..0000000000
--- a/src/lib/libcrypto/evp/m_ecdsa.c
+++ /dev/null
@@ -1,151 +0,0 @@
1/* crypto/evp/m_ecdsa.c */
2/* ====================================================================
3 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
56 * All rights reserved.
57 *
58 * This package is an SSL implementation written
59 * by Eric Young (eay@cryptsoft.com).
60 * The implementation was written so as to conform with Netscapes SSL.
61 *
62 * This library is free for commercial and non-commercial use as long as
63 * the following conditions are aheared to. The following conditions
64 * apply to all code found in this distribution, be it the RC4, RSA,
65 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
66 * included with this distribution is covered by the same copyright terms
67 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
68 *
69 * Copyright remains Eric Young's, and as such any Copyright notices in
70 * the code are not to be removed.
71 * If this package is used in a product, Eric Young should be given attribution
72 * as the author of the parts of the library used.
73 * This can be in the form of a textual message at program startup or
74 * in documentation (online or textual) provided with the package.
75 *
76 * Redistribution and use in source and binary forms, with or without
77 * modification, are permitted provided that the following conditions
78 * are met:
79 * 1. Redistributions of source code must retain the copyright
80 * notice, this list of conditions and the following disclaimer.
81 * 2. Redistributions in binary form must reproduce the above copyright
82 * notice, this list of conditions and the following disclaimer in the
83 * documentation and/or other materials provided with the distribution.
84 * 3. All advertising materials mentioning features or use of this software
85 * must display the following acknowledgement:
86 * "This product includes cryptographic software written by
87 * Eric Young (eay@cryptsoft.com)"
88 * The word 'cryptographic' can be left out if the rouines from the library
89 * being used are not cryptographic related :-).
90 * 4. If you include any Windows specific code (or a derivative thereof) from
91 * the apps directory (application code) you must include an acknowledgement:
92 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
93 *
94 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
95 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
96 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
97 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
98 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
99 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
100 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
101 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
102 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
103 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
104 * SUCH DAMAGE.
105 *
106 * The licence and distribution terms for any publically available version or
107 * derivative of this code cannot be changed. i.e. this code cannot simply be
108 * copied and put under another distribution licence
109 * [including the GNU Public Licence.]
110 */
111
112#include <stdio.h>
113#include "cryptlib.h"
114#include <openssl/evp.h>
115#include <openssl/objects.h>
116#include <openssl/x509.h>
117
118#ifndef OPENSSL_NO_SHA
119#ifndef OPENSSL_FIPS
120
121static int init(EVP_MD_CTX *ctx)
122 { return SHA1_Init(ctx->md_data); }
123
124static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
125 { return SHA1_Update(ctx->md_data,data,count); }
126
127static int final(EVP_MD_CTX *ctx,unsigned char *md)
128 { return SHA1_Final(md,ctx->md_data); }
129
130static const EVP_MD ecdsa_md=
131 {
132 NID_ecdsa_with_SHA1,
133 NID_ecdsa_with_SHA1,
134 SHA_DIGEST_LENGTH,
135 EVP_MD_FLAG_PKEY_DIGEST,
136 init,
137 update,
138 final,
139 NULL,
140 NULL,
141 EVP_PKEY_ECDSA_method,
142 SHA_CBLOCK,
143 sizeof(EVP_MD *)+sizeof(SHA_CTX),
144 };
145
146const EVP_MD *EVP_ecdsa(void)
147 {
148 return(&ecdsa_md);
149 }
150#endif
151#endif
diff --git a/src/lib/libcrypto/evp/m_md4.c b/src/lib/libcrypto/evp/m_md4.c
deleted file mode 100644
index 6d47f61b27..0000000000
--- a/src/lib/libcrypto/evp/m_md4.c
+++ /dev/null
@@ -1,103 +0,0 @@
1/* crypto/evp/m_md4.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_MD4
63
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include <openssl/x509.h>
67#include <openssl/md4.h>
68#ifndef OPENSSL_NO_RSA
69#include <openssl/rsa.h>
70#endif
71
72#include "evp_locl.h"
73
74static int init(EVP_MD_CTX *ctx)
75 { return MD4_Init(ctx->md_data); }
76
77static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
78 { return MD4_Update(ctx->md_data,data,count); }
79
80static int final(EVP_MD_CTX *ctx,unsigned char *md)
81 { return MD4_Final(md,ctx->md_data); }
82
83static const EVP_MD md4_md=
84 {
85 NID_md4,
86 NID_md4WithRSAEncryption,
87 MD4_DIGEST_LENGTH,
88 0,
89 init,
90 update,
91 final,
92 NULL,
93 NULL,
94 EVP_PKEY_RSA_method,
95 MD4_CBLOCK,
96 sizeof(EVP_MD *)+sizeof(MD4_CTX),
97 };
98
99const EVP_MD *EVP_md4(void)
100 {
101 return(&md4_md);
102 }
103#endif
diff --git a/src/lib/libcrypto/evp/m_md5.c b/src/lib/libcrypto/evp/m_md5.c
deleted file mode 100644
index 9a8bae0258..0000000000
--- a/src/lib/libcrypto/evp/m_md5.c
+++ /dev/null
@@ -1,102 +0,0 @@
1/* crypto/evp/m_md5.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_MD5
63
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include <openssl/x509.h>
67#include <openssl/md5.h>
68#ifndef OPENSSL_NO_RSA
69#include <openssl/rsa.h>
70#endif
71#include "evp_locl.h"
72
73static int init(EVP_MD_CTX *ctx)
74 { return MD5_Init(ctx->md_data); }
75
76static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
77 { return MD5_Update(ctx->md_data,data,count); }
78
79static int final(EVP_MD_CTX *ctx,unsigned char *md)
80 { return MD5_Final(md,ctx->md_data); }
81
82static const EVP_MD md5_md=
83 {
84 NID_md5,
85 NID_md5WithRSAEncryption,
86 MD5_DIGEST_LENGTH,
87 0,
88 init,
89 update,
90 final,
91 NULL,
92 NULL,
93 EVP_PKEY_RSA_method,
94 MD5_CBLOCK,
95 sizeof(EVP_MD *)+sizeof(MD5_CTX),
96 };
97
98const EVP_MD *EVP_md5(void)
99 {
100 return(&md5_md);
101 }
102#endif
diff --git a/src/lib/libcrypto/evp/m_null.c b/src/lib/libcrypto/evp/m_null.c
deleted file mode 100644
index cb0721699d..0000000000
--- a/src/lib/libcrypto/evp/m_null.c
+++ /dev/null
@@ -1,95 +0,0 @@
1/* crypto/evp/m_null.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65static int init(EVP_MD_CTX *ctx)
66 { return 1; }
67
68static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
69 { return 1; }
70
71static int final(EVP_MD_CTX *ctx,unsigned char *md)
72 { return 1; }
73
74static const EVP_MD null_md=
75 {
76 NID_undef,
77 NID_undef,
78 0,
79 0,
80 init,
81 update,
82 final,
83 NULL,
84 NULL,
85 EVP_PKEY_NULL_method,
86 0,
87 sizeof(EVP_MD *),
88 };
89
90const EVP_MD *EVP_md_null(void)
91 {
92 return(&null_md);
93 }
94
95
diff --git a/src/lib/libcrypto/evp/m_ripemd.c b/src/lib/libcrypto/evp/m_ripemd.c
deleted file mode 100644
index 7bf4804cf8..0000000000
--- a/src/lib/libcrypto/evp/m_ripemd.c
+++ /dev/null
@@ -1,102 +0,0 @@
1/* crypto/evp/m_ripemd.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_RIPEMD
63
64#include <openssl/ripemd.h>
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
68#ifndef OPENSSL_NO_RSA
69#include <openssl/rsa.h>
70#endif
71#include "evp_locl.h"
72
73static int init(EVP_MD_CTX *ctx)
74 { return RIPEMD160_Init(ctx->md_data); }
75
76static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
77 { return RIPEMD160_Update(ctx->md_data,data,count); }
78
79static int final(EVP_MD_CTX *ctx,unsigned char *md)
80 { return RIPEMD160_Final(md,ctx->md_data); }
81
82static const EVP_MD ripemd160_md=
83 {
84 NID_ripemd160,
85 NID_ripemd160WithRSA,
86 RIPEMD160_DIGEST_LENGTH,
87 0,
88 init,
89 update,
90 final,
91 NULL,
92 NULL,
93 EVP_PKEY_RSA_method,
94 RIPEMD160_CBLOCK,
95 sizeof(EVP_MD *)+sizeof(RIPEMD160_CTX),
96 };
97
98const EVP_MD *EVP_ripemd160(void)
99 {
100 return(&ripemd160_md);
101 }
102#endif
diff --git a/src/lib/libcrypto/evp/m_sha1.c b/src/lib/libcrypto/evp/m_sha1.c
deleted file mode 100644
index 3cb11f1ebb..0000000000
--- a/src/lib/libcrypto/evp/m_sha1.c
+++ /dev/null
@@ -1,209 +0,0 @@
1/* crypto/evp/m_sha1.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_FIPS
63
64#ifndef OPENSSL_NO_SHA
65
66#include <openssl/evp.h>
67#include <openssl/objects.h>
68#include <openssl/x509.h>
69#ifndef OPENSSL_NO_RSA
70#include <openssl/rsa.h>
71#endif
72
73
74static int init(EVP_MD_CTX *ctx)
75 { return SHA1_Init(ctx->md_data); }
76
77static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
78 { return SHA1_Update(ctx->md_data,data,count); }
79
80static int final(EVP_MD_CTX *ctx,unsigned char *md)
81 { return SHA1_Final(md,ctx->md_data); }
82
83static const EVP_MD sha1_md=
84 {
85 NID_sha1,
86 NID_sha1WithRSAEncryption,
87 SHA_DIGEST_LENGTH,
88 EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
89 init,
90 update,
91 final,
92 NULL,
93 NULL,
94 EVP_PKEY_RSA_method,
95 SHA_CBLOCK,
96 sizeof(EVP_MD *)+sizeof(SHA_CTX),
97 };
98
99const EVP_MD *EVP_sha1(void)
100 {
101 return(&sha1_md);
102 }
103#endif
104
105#ifndef OPENSSL_NO_SHA256
106static int init224(EVP_MD_CTX *ctx)
107 { return SHA224_Init(ctx->md_data); }
108static int init256(EVP_MD_CTX *ctx)
109 { return SHA256_Init(ctx->md_data); }
110/*
111 * Even though there're separate SHA224_[Update|Final], we call
112 * SHA256 functions even in SHA224 context. This is what happens
113 * there anyway, so we can spare few CPU cycles:-)
114 */
115static int update256(EVP_MD_CTX *ctx,const void *data,size_t count)
116 { return SHA256_Update(ctx->md_data,data,count); }
117static int final256(EVP_MD_CTX *ctx,unsigned char *md)
118 { return SHA256_Final(md,ctx->md_data); }
119
120static const EVP_MD sha224_md=
121 {
122 NID_sha224,
123 NID_sha224WithRSAEncryption,
124 SHA224_DIGEST_LENGTH,
125 EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
126 init224,
127 update256,
128 final256,
129 NULL,
130 NULL,
131 EVP_PKEY_RSA_method,
132 SHA256_CBLOCK,
133 sizeof(EVP_MD *)+sizeof(SHA256_CTX),
134 };
135
136const EVP_MD *EVP_sha224(void)
137 { return(&sha224_md); }
138
139static const EVP_MD sha256_md=
140 {
141 NID_sha256,
142 NID_sha256WithRSAEncryption,
143 SHA256_DIGEST_LENGTH,
144 EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
145 init256,
146 update256,
147 final256,
148 NULL,
149 NULL,
150 EVP_PKEY_RSA_method,
151 SHA256_CBLOCK,
152 sizeof(EVP_MD *)+sizeof(SHA256_CTX),
153 };
154
155const EVP_MD *EVP_sha256(void)
156 { return(&sha256_md); }
157#endif /* ifndef OPENSSL_NO_SHA256 */
158
159#ifndef OPENSSL_NO_SHA512
160static int init384(EVP_MD_CTX *ctx)
161 { return SHA384_Init(ctx->md_data); }
162static int init512(EVP_MD_CTX *ctx)
163 { return SHA512_Init(ctx->md_data); }
164/* See comment in SHA224/256 section */
165static int update512(EVP_MD_CTX *ctx,const void *data,size_t count)
166 { return SHA512_Update(ctx->md_data,data,count); }
167static int final512(EVP_MD_CTX *ctx,unsigned char *md)
168 { return SHA512_Final(md,ctx->md_data); }
169
170static const EVP_MD sha384_md=
171 {
172 NID_sha384,
173 NID_sha384WithRSAEncryption,
174 SHA384_DIGEST_LENGTH,
175 EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
176 init384,
177 update512,
178 final512,
179 NULL,
180 NULL,
181 EVP_PKEY_RSA_method,
182 SHA512_CBLOCK,
183 sizeof(EVP_MD *)+sizeof(SHA512_CTX),
184 };
185
186const EVP_MD *EVP_sha384(void)
187 { return(&sha384_md); }
188
189static const EVP_MD sha512_md=
190 {
191 NID_sha512,
192 NID_sha512WithRSAEncryption,
193 SHA512_DIGEST_LENGTH,
194 EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
195 init512,
196 update512,
197 final512,
198 NULL,
199 NULL,
200 EVP_PKEY_RSA_method,
201 SHA512_CBLOCK,
202 sizeof(EVP_MD *)+sizeof(SHA512_CTX),
203 };
204
205const EVP_MD *EVP_sha512(void)
206 { return(&sha512_md); }
207#endif /* ifndef OPENSSL_NO_SHA512 */
208
209#endif
diff --git a/src/lib/libcrypto/evp/m_sigver.c b/src/lib/libcrypto/evp/m_sigver.c
deleted file mode 100644
index 7e2731f4a4..0000000000
--- a/src/lib/libcrypto/evp/m_sigver.c
+++ /dev/null
@@ -1,200 +0,0 @@
1/* m_sigver.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006.
4 */
5/* ====================================================================
6 * Copyright (c) 2006,2007 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64#include "evp_locl.h"
65
66static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
67 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey,
68 int ver)
69 {
70 if (ctx->pctx == NULL)
71 ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
72 if (ctx->pctx == NULL)
73 return 0;
74
75 if (type == NULL)
76 {
77 int def_nid;
78 if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
79 type = EVP_get_digestbynid(def_nid);
80 }
81
82 if (type == NULL)
83 {
84 EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
85 return 0;
86 }
87
88 if (ver)
89 {
90 if (ctx->pctx->pmeth->verifyctx_init)
91 {
92 if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx) <=0)
93 return 0;
94 ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
95 }
96 else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
97 return 0;
98 }
99 else
100 {
101 if (ctx->pctx->pmeth->signctx_init)
102 {
103 if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
104 return 0;
105 ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
106 }
107 else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
108 return 0;
109 }
110 if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
111 return 0;
112 if (pctx)
113 *pctx = ctx->pctx;
114 if (!EVP_DigestInit_ex(ctx, type, e))
115 return 0;
116 return 1;
117 }
118
119int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
120 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
121 {
122 return do_sigver_init(ctx, pctx, type, e, pkey, 0);
123 }
124
125int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
126 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
127 {
128 return do_sigver_init(ctx, pctx, type, e, pkey, 1);
129 }
130
131int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
132 {
133 int sctx, r = 0;
134 if (ctx->pctx->pmeth->signctx)
135 sctx = 1;
136 else
137 sctx = 0;
138 if (sigret)
139 {
140 EVP_MD_CTX tmp_ctx;
141 unsigned char md[EVP_MAX_MD_SIZE];
142 unsigned int mdlen;
143 EVP_MD_CTX_init(&tmp_ctx);
144 if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
145 return 0;
146 if (sctx)
147 r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
148 sigret, siglen, &tmp_ctx);
149 else
150 r = EVP_DigestFinal_ex(&tmp_ctx,md,&mdlen);
151 EVP_MD_CTX_cleanup(&tmp_ctx);
152 if (sctx || !r)
153 return r;
154 if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
155 return 0;
156 }
157 else
158 {
159 if (sctx)
160 {
161 if (ctx->pctx->pmeth->signctx(ctx->pctx, sigret, siglen, ctx) <= 0)
162 return 0;
163 }
164 else
165 {
166 int s = EVP_MD_size(ctx->digest);
167 if (s < 0 || EVP_PKEY_sign(ctx->pctx, sigret, siglen, NULL, s) <= 0)
168 return 0;
169 }
170 }
171 return 1;
172 }
173
174int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen)
175 {
176 EVP_MD_CTX tmp_ctx;
177 unsigned char md[EVP_MAX_MD_SIZE];
178 int r;
179 unsigned int mdlen;
180 int vctx;
181
182 if (ctx->pctx->pmeth->verifyctx)
183 vctx = 1;
184 else
185 vctx = 0;
186 EVP_MD_CTX_init(&tmp_ctx);
187 if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
188 return -1;
189 if (vctx)
190 {
191 r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx,
192 sig, siglen, &tmp_ctx);
193 }
194 else
195 r = EVP_DigestFinal_ex(&tmp_ctx,md,&mdlen);
196 EVP_MD_CTX_cleanup(&tmp_ctx);
197 if (vctx || !r)
198 return r;
199 return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
200 }
diff --git a/src/lib/libcrypto/evp/m_wp.c b/src/lib/libcrypto/evp/m_wp.c
deleted file mode 100644
index c51bc2d5d1..0000000000
--- a/src/lib/libcrypto/evp/m_wp.c
+++ /dev/null
@@ -1,43 +0,0 @@
1/* crypto/evp/m_wp.c */
2
3#include <stdio.h>
4#include "cryptlib.h"
5
6#ifndef OPENSSL_NO_WHIRLPOOL
7
8#include <openssl/evp.h>
9#include <openssl/objects.h>
10#include <openssl/x509.h>
11#include <openssl/whrlpool.h>
12#include "evp_locl.h"
13
14static int init(EVP_MD_CTX *ctx)
15 { return WHIRLPOOL_Init(ctx->md_data); }
16
17static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
18 { return WHIRLPOOL_Update(ctx->md_data,data,count); }
19
20static int final(EVP_MD_CTX *ctx,unsigned char *md)
21 { return WHIRLPOOL_Final(md,ctx->md_data); }
22
23static const EVP_MD whirlpool_md=
24 {
25 NID_whirlpool,
26 0,
27 WHIRLPOOL_DIGEST_LENGTH,
28 0,
29 init,
30 update,
31 final,
32 NULL,
33 NULL,
34 EVP_PKEY_NULL_method,
35 WHIRLPOOL_BBLOCK/8,
36 sizeof(EVP_MD *)+sizeof(WHIRLPOOL_CTX),
37 };
38
39const EVP_MD *EVP_whirlpool(void)
40 {
41 return(&whirlpool_md);
42 }
43#endif
diff --git a/src/lib/libcrypto/evp/names.c b/src/lib/libcrypto/evp/names.c
deleted file mode 100644
index 6311ad7cfb..0000000000
--- a/src/lib/libcrypto/evp/names.c
+++ /dev/null
@@ -1,206 +0,0 @@
1/* crypto/evp/names.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65int EVP_add_cipher(const EVP_CIPHER *c)
66 {
67 int r;
68
69 if (c == NULL) return 0;
70
71 OPENSSL_init();
72
73 r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c);
74 if (r == 0) return(0);
75 check_defer(c->nid);
76 r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c);
77 return(r);
78 }
79
80
81int EVP_add_digest(const EVP_MD *md)
82 {
83 int r;
84 const char *name;
85 OPENSSL_init();
86
87 name=OBJ_nid2sn(md->type);
88 r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(const char *)md);
89 if (r == 0) return(0);
90 check_defer(md->type);
91 r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(const char *)md);
92 if (r == 0) return(0);
93
94 if (md->pkey_type && md->type != md->pkey_type)
95 {
96 r=OBJ_NAME_add(OBJ_nid2sn(md->pkey_type),
97 OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name);
98 if (r == 0) return(0);
99 check_defer(md->pkey_type);
100 r=OBJ_NAME_add(OBJ_nid2ln(md->pkey_type),
101 OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name);
102 }
103 return(r);
104 }
105
106const EVP_CIPHER *EVP_get_cipherbyname(const char *name)
107 {
108 const EVP_CIPHER *cp;
109
110 cp=(const EVP_CIPHER *)OBJ_NAME_get(name,OBJ_NAME_TYPE_CIPHER_METH);
111 return(cp);
112 }
113
114const EVP_MD *EVP_get_digestbyname(const char *name)
115 {
116 const EVP_MD *cp;
117
118 cp=(const EVP_MD *)OBJ_NAME_get(name,OBJ_NAME_TYPE_MD_METH);
119 return(cp);
120 }
121
122void EVP_cleanup(void)
123 {
124 OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH);
125 OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH);
126 /* The above calls will only clean out the contents of the name
127 hash table, but not the hash table itself. The following line
128 does that part. -- Richard Levitte */
129 OBJ_NAME_cleanup(-1);
130
131 EVP_PBE_cleanup();
132 if (obj_cleanup_defer == 2)
133 {
134 obj_cleanup_defer = 0;
135 OBJ_cleanup();
136 }
137 OBJ_sigid_free();
138 }
139
140struct doall_cipher
141 {
142 void *arg;
143 void (*fn)(const EVP_CIPHER *ciph,
144 const char *from, const char *to, void *arg);
145 };
146
147static void do_all_cipher_fn(const OBJ_NAME *nm, void *arg)
148 {
149 struct doall_cipher *dc = arg;
150 if (nm->alias)
151 dc->fn(NULL, nm->name, nm->data, dc->arg);
152 else
153 dc->fn((const EVP_CIPHER *)nm->data, nm->name, NULL, dc->arg);
154 }
155
156void EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph,
157 const char *from, const char *to, void *x), void *arg)
158 {
159 struct doall_cipher dc;
160 dc.fn = fn;
161 dc.arg = arg;
162 OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc);
163 }
164
165void EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph,
166 const char *from, const char *to, void *x), void *arg)
167 {
168 struct doall_cipher dc;
169 dc.fn = fn;
170 dc.arg = arg;
171 OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn,&dc);
172 }
173
174struct doall_md
175 {
176 void *arg;
177 void (*fn)(const EVP_MD *ciph,
178 const char *from, const char *to, void *arg);
179 };
180
181static void do_all_md_fn(const OBJ_NAME *nm, void *arg)
182 {
183 struct doall_md *dc = arg;
184 if (nm->alias)
185 dc->fn(NULL, nm->name, nm->data, dc->arg);
186 else
187 dc->fn((const EVP_MD *)nm->data, nm->name, NULL, dc->arg);
188 }
189
190void EVP_MD_do_all(void (*fn)(const EVP_MD *md,
191 const char *from, const char *to, void *x), void *arg)
192 {
193 struct doall_md dc;
194 dc.fn = fn;
195 dc.arg = arg;
196 OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
197 }
198
199void EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *md,
200 const char *from, const char *to, void *x), void *arg)
201 {
202 struct doall_md dc;
203 dc.fn = fn;
204 dc.arg = arg;
205 OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
206 }
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c
deleted file mode 100644
index 294cc90d87..0000000000
--- a/src/lib/libcrypto/evp/p5_crpt.c
+++ /dev/null
@@ -1,143 +0,0 @@
1/* p5_crpt.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include "cryptlib.h"
62#include <openssl/x509.h>
63#include <openssl/evp.h>
64
65/* Doesn't do anything now: Builtin PBE algorithms in static table.
66 */
67
68void PKCS5_PBE_add(void)
69{
70}
71
72int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
73 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
74 int en_de)
75{
76 EVP_MD_CTX ctx;
77 unsigned char md_tmp[EVP_MAX_MD_SIZE];
78 unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
79 int i;
80 PBEPARAM *pbe;
81 int saltlen, iter;
82 unsigned char *salt;
83 const unsigned char *pbuf;
84 int mdsize;
85 int rv = 0;
86 EVP_MD_CTX_init(&ctx);
87
88 /* Extract useful info from parameter */
89 if (param == NULL || param->type != V_ASN1_SEQUENCE ||
90 param->value.sequence == NULL) {
91 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
92 return 0;
93 }
94
95 pbuf = param->value.sequence->data;
96 if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) {
97 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
98 return 0;
99 }
100
101 if (!pbe->iter) iter = 1;
102 else iter = ASN1_INTEGER_get (pbe->iter);
103 salt = pbe->salt->data;
104 saltlen = pbe->salt->length;
105
106 if(!pass) passlen = 0;
107 else if(passlen == -1) passlen = strlen(pass);
108
109 if (!EVP_DigestInit_ex(&ctx, md, NULL))
110 goto err;
111 if (!EVP_DigestUpdate(&ctx, pass, passlen))
112 goto err;
113 if (!EVP_DigestUpdate(&ctx, salt, saltlen))
114 goto err;
115 PBEPARAM_free(pbe);
116 if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
117 goto err;
118 mdsize = EVP_MD_size(md);
119 if (mdsize < 0)
120 return 0;
121 for (i = 1; i < iter; i++) {
122 if (!EVP_DigestInit_ex(&ctx, md, NULL))
123 goto err;
124 if (!EVP_DigestUpdate(&ctx, md_tmp, mdsize))
125 goto err;
126 if (!EVP_DigestFinal_ex (&ctx, md_tmp, NULL))
127 goto err;
128 }
129 OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp));
130 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
131 OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
132 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
133 EVP_CIPHER_iv_length(cipher));
134 if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
135 goto err;
136 OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
137 OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
138 OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
139 rv = 1;
140 err:
141 EVP_MD_CTX_cleanup(&ctx);
142 return rv;
143}
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c
deleted file mode 100644
index 975d004df4..0000000000
--- a/src/lib/libcrypto/evp/p5_crpt2.c
+++ /dev/null
@@ -1,322 +0,0 @@
1/* p5_crpt2.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58#include <stdio.h>
59#include <stdlib.h>
60#include "cryptlib.h"
61#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA)
62#include <openssl/x509.h>
63#include <openssl/evp.h>
64#include <openssl/hmac.h>
65#include "evp_locl.h"
66
67/* set this to print out info about the keygen algorithm */
68/* #define DEBUG_PKCS5V2 */
69
70#ifdef DEBUG_PKCS5V2
71 static void h__dump (const unsigned char *p, int len);
72#endif
73
74/* This is an implementation of PKCS#5 v2.0 password based encryption key
75 * derivation function PBKDF2.
76 * SHA1 version verified against test vectors posted by Peter Gutmann
77 * <pgut001@cs.auckland.ac.nz> to the PKCS-TNG <pkcs-tng@rsa.com> mailing list.
78 */
79
80int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
81 const unsigned char *salt, int saltlen, int iter,
82 const EVP_MD *digest,
83 int keylen, unsigned char *out)
84 {
85 unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
86 int cplen, j, k, tkeylen, mdlen;
87 unsigned long i = 1;
88 HMAC_CTX hctx;
89
90 mdlen = EVP_MD_size(digest);
91 if (mdlen < 0)
92 return 0;
93
94 HMAC_CTX_init(&hctx);
95 p = out;
96 tkeylen = keylen;
97 if(!pass)
98 passlen = 0;
99 else if(passlen == -1)
100 passlen = strlen(pass);
101 while(tkeylen)
102 {
103 if(tkeylen > mdlen)
104 cplen = mdlen;
105 else
106 cplen = tkeylen;
107 /* We are unlikely to ever use more than 256 blocks (5120 bits!)
108 * but just in case...
109 */
110 itmp[0] = (unsigned char)((i >> 24) & 0xff);
111 itmp[1] = (unsigned char)((i >> 16) & 0xff);
112 itmp[2] = (unsigned char)((i >> 8) & 0xff);
113 itmp[3] = (unsigned char)(i & 0xff);
114 if (!HMAC_Init_ex(&hctx, pass, passlen, digest, NULL)
115 || !HMAC_Update(&hctx, salt, saltlen)
116 || !HMAC_Update(&hctx, itmp, 4)
117 || !HMAC_Final(&hctx, digtmp, NULL))
118 {
119 HMAC_CTX_cleanup(&hctx);
120 return 0;
121 }
122 memcpy(p, digtmp, cplen);
123 for(j = 1; j < iter; j++)
124 {
125 HMAC(digest, pass, passlen,
126 digtmp, mdlen, digtmp, NULL);
127 for(k = 0; k < cplen; k++)
128 p[k] ^= digtmp[k];
129 }
130 tkeylen-= cplen;
131 i++;
132 p+= cplen;
133 }
134 HMAC_CTX_cleanup(&hctx);
135#ifdef DEBUG_PKCS5V2
136 fprintf(stderr, "Password:\n");
137 h__dump (pass, passlen);
138 fprintf(stderr, "Salt:\n");
139 h__dump (salt, saltlen);
140 fprintf(stderr, "Iteration count %d\n", iter);
141 fprintf(stderr, "Key:\n");
142 h__dump (out, keylen);
143#endif
144 return 1;
145 }
146
147int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
148 const unsigned char *salt, int saltlen, int iter,
149 int keylen, unsigned char *out)
150 {
151 return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, EVP_sha1(),
152 keylen, out);
153 }
154
155#ifdef DO_TEST
156main()
157{
158 unsigned char out[4];
159 unsigned char salt[] = {0x12, 0x34, 0x56, 0x78};
160 PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out);
161 fprintf(stderr, "Out %02X %02X %02X %02X\n",
162 out[0], out[1], out[2], out[3]);
163}
164
165#endif
166
167/* Now the key derivation function itself. This is a bit evil because
168 * it has to check the ASN1 parameters are valid: and there are quite a
169 * few of them...
170 */
171
172int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
173 ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md,
174 int en_de)
175{
176 const unsigned char *pbuf;
177 int plen;
178 PBE2PARAM *pbe2 = NULL;
179 const EVP_CIPHER *cipher;
180
181 int rv = 0;
182
183 if (param == NULL || param->type != V_ASN1_SEQUENCE ||
184 param->value.sequence == NULL) {
185 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
186 goto err;
187 }
188
189 pbuf = param->value.sequence->data;
190 plen = param->value.sequence->length;
191 if(!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
192 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
193 goto err;
194 }
195
196 /* See if we recognise the key derivation function */
197
198 if(OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) {
199 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
200 EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
201 goto err;
202 }
203
204 /* lets see if we recognise the encryption algorithm.
205 */
206
207 cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm);
208
209 if(!cipher) {
210 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
211 EVP_R_UNSUPPORTED_CIPHER);
212 goto err;
213 }
214
215 /* Fixup cipher based on AlgorithmIdentifier */
216 if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de))
217 goto err;
218 if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
219 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
220 EVP_R_CIPHER_PARAMETER_ERROR);
221 goto err;
222 }
223 rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen,
224 pbe2->keyfunc->parameter, c, md, en_de);
225 err:
226 PBE2PARAM_free(pbe2);
227 return rv;
228}
229
230int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
231 ASN1_TYPE *param,
232 const EVP_CIPHER *c, const EVP_MD *md, int en_de)
233{
234 unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
235 const unsigned char *pbuf;
236 int saltlen, iter, plen;
237 int rv = 0;
238 unsigned int keylen = 0;
239 int prf_nid, hmac_md_nid;
240 PBKDF2PARAM *kdf = NULL;
241 const EVP_MD *prfmd;
242
243 if (EVP_CIPHER_CTX_cipher(ctx) == NULL)
244 {
245 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_NO_CIPHER_SET);
246 goto err;
247 }
248 keylen = EVP_CIPHER_CTX_key_length(ctx);
249 OPENSSL_assert(keylen <= sizeof key);
250
251 /* Decode parameter */
252
253 if(!param || (param->type != V_ASN1_SEQUENCE))
254 {
255 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR);
256 goto err;
257 }
258
259 pbuf = param->value.sequence->data;
260 plen = param->value.sequence->length;
261
262 if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
263 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR);
264 goto err;
265 }
266
267 keylen = EVP_CIPHER_CTX_key_length(ctx);
268
269 /* Now check the parameters of the kdf */
270
271 if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){
272 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
273 EVP_R_UNSUPPORTED_KEYLENGTH);
274 goto err;
275 }
276
277 if (kdf->prf)
278 prf_nid = OBJ_obj2nid(kdf->prf->algorithm);
279 else
280 prf_nid = NID_hmacWithSHA1;
281
282 if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0))
283 {
284 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
285 goto err;
286 }
287
288 prfmd = EVP_get_digestbynid(hmac_md_nid);
289 if (prfmd == NULL)
290 {
291 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
292 goto err;
293 }
294
295 if(kdf->salt->type != V_ASN1_OCTET_STRING) {
296 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
297 EVP_R_UNSUPPORTED_SALT_TYPE);
298 goto err;
299 }
300
301 /* it seems that its all OK */
302 salt = kdf->salt->value.octet_string->data;
303 saltlen = kdf->salt->value.octet_string->length;
304 iter = ASN1_INTEGER_get(kdf->iter);
305 if(!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
306 keylen, key))
307 goto err;
308 rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
309 err:
310 OPENSSL_cleanse(key, keylen);
311 PBKDF2PARAM_free(kdf);
312 return rv;
313}
314
315#ifdef DEBUG_PKCS5V2
316static void h__dump (const unsigned char *p, int len)
317{
318 for (; len --; p++) fprintf(stderr, "%02X ", *p);
319 fprintf(stderr, "\n");
320}
321#endif
322#endif
diff --git a/src/lib/libcrypto/evp/p_dec.c b/src/lib/libcrypto/evp/p_dec.c
deleted file mode 100644
index 4201dcbad9..0000000000
--- a/src/lib/libcrypto/evp/p_dec.c
+++ /dev/null
@@ -1,87 +0,0 @@
1/* crypto/evp/p_dec.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/rand.h>
62#ifndef OPENSSL_NO_RSA
63#include <openssl/rsa.h>
64#endif
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
68
69int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
70 EVP_PKEY *priv)
71 {
72 int ret= -1;
73
74#ifndef OPENSSL_NO_RSA
75 if (priv->type != EVP_PKEY_RSA)
76 {
77#endif
78 EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD,EVP_R_PUBLIC_KEY_NOT_RSA);
79#ifndef OPENSSL_NO_RSA
80 goto err;
81 }
82
83 ret=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING);
84err:
85#endif
86 return(ret);
87 }
diff --git a/src/lib/libcrypto/evp/p_enc.c b/src/lib/libcrypto/evp/p_enc.c
deleted file mode 100644
index b5a3a84c41..0000000000
--- a/src/lib/libcrypto/evp/p_enc.c
+++ /dev/null
@@ -1,86 +0,0 @@
1/* crypto/evp/p_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/rand.h>
62#ifndef OPENSSL_NO_RSA
63#include <openssl/rsa.h>
64#endif
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
68
69int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, int key_len,
70 EVP_PKEY *pubk)
71 {
72 int ret=0;
73
74#ifndef OPENSSL_NO_RSA
75 if (pubk->type != EVP_PKEY_RSA)
76 {
77#endif
78 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD,EVP_R_PUBLIC_KEY_NOT_RSA);
79#ifndef OPENSSL_NO_RSA
80 goto err;
81 }
82 ret=RSA_public_encrypt(key_len,key,ek,pubk->pkey.rsa,RSA_PKCS1_PADDING);
83err:
84#endif
85 return(ret);
86 }
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c
deleted file mode 100644
index e26ccd0d08..0000000000
--- a/src/lib/libcrypto/evp/p_lib.c
+++ /dev/null
@@ -1,469 +0,0 @@
1/* crypto/evp/p_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/err.h>
63#include <openssl/objects.h>
64#include <openssl/evp.h>
65#include <openssl/asn1_mac.h>
66#include <openssl/x509.h>
67#ifndef OPENSSL_NO_RSA
68#include <openssl/rsa.h>
69#endif
70#ifndef OPENSSL_NO_DSA
71#include <openssl/dsa.h>
72#endif
73#ifndef OPENSSL_NO_DH
74#include <openssl/dh.h>
75#endif
76
77#ifndef OPENSSL_NO_ENGINE
78#include <openssl/engine.h>
79#endif
80
81#include "asn1_locl.h"
82
83static void EVP_PKEY_free_it(EVP_PKEY *x);
84
85int EVP_PKEY_bits(EVP_PKEY *pkey)
86 {
87 if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
88 return pkey->ameth->pkey_bits(pkey);
89 return 0;
90 }
91
92int EVP_PKEY_size(EVP_PKEY *pkey)
93 {
94 if (pkey && pkey->ameth && pkey->ameth->pkey_size)
95 return pkey->ameth->pkey_size(pkey);
96 return 0;
97 }
98
99int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
100 {
101#ifndef OPENSSL_NO_DSA
102 if (pkey->type == EVP_PKEY_DSA)
103 {
104 int ret=pkey->save_parameters;
105
106 if (mode >= 0)
107 pkey->save_parameters=mode;
108 return(ret);
109 }
110#endif
111#ifndef OPENSSL_NO_EC
112 if (pkey->type == EVP_PKEY_EC)
113 {
114 int ret = pkey->save_parameters;
115
116 if (mode >= 0)
117 pkey->save_parameters = mode;
118 return(ret);
119 }
120#endif
121 return(0);
122 }
123
124int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
125 {
126 if (to->type != from->type)
127 {
128 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES);
129 goto err;
130 }
131
132 if (EVP_PKEY_missing_parameters(from))
133 {
134 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS);
135 goto err;
136 }
137 if (from->ameth && from->ameth->param_copy)
138 return from->ameth->param_copy(to, from);
139err:
140 return 0;
141 }
142
143int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
144 {
145 if (pkey->ameth && pkey->ameth->param_missing)
146 return pkey->ameth->param_missing(pkey);
147 return 0;
148 }
149
150int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
151 {
152 if (a->type != b->type)
153 return -1;
154 if (a->ameth && a->ameth->param_cmp)
155 return a->ameth->param_cmp(a, b);
156 return -2;
157 }
158
159int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
160 {
161 if (a->type != b->type)
162 return -1;
163
164 if (a->ameth)
165 {
166 int ret;
167 /* Compare parameters if the algorithm has them */
168 if (a->ameth->param_cmp)
169 {
170 ret = a->ameth->param_cmp(a, b);
171 if (ret <= 0)
172 return ret;
173 }
174
175 if (a->ameth->pub_cmp)
176 return a->ameth->pub_cmp(a, b);
177 }
178
179 return -2;
180 }
181
182EVP_PKEY *EVP_PKEY_new(void)
183 {
184 EVP_PKEY *ret;
185
186 ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY));
187 if (ret == NULL)
188 {
189 EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE);
190 return(NULL);
191 }
192 ret->type=EVP_PKEY_NONE;
193 ret->save_type=EVP_PKEY_NONE;
194 ret->references=1;
195 ret->ameth=NULL;
196 ret->engine=NULL;
197 ret->pkey.ptr=NULL;
198 ret->attributes=NULL;
199 ret->save_parameters=1;
200 return(ret);
201 }
202
203/* Setup a public key ASN1 method and ENGINE from a NID or a string.
204 * If pkey is NULL just return 1 or 0 if the algorithm exists.
205 */
206
207static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
208 {
209 const EVP_PKEY_ASN1_METHOD *ameth;
210 ENGINE *e = NULL;
211 if (pkey)
212 {
213 if (pkey->pkey.ptr)
214 EVP_PKEY_free_it(pkey);
215 /* If key type matches and a method exists then this
216 * lookup has succeeded once so just indicate success.
217 */
218 if ((type == pkey->save_type) && pkey->ameth)
219 return 1;
220#ifndef OPENSSL_NO_ENGINE
221 /* If we have an ENGINE release it */
222 if (pkey->engine)
223 {
224 ENGINE_finish(pkey->engine);
225 pkey->engine = NULL;
226 }
227#endif
228 }
229 if (str)
230 ameth = EVP_PKEY_asn1_find_str(&e, str, len);
231 else
232 ameth = EVP_PKEY_asn1_find(&e, type);
233#ifndef OPENSSL_NO_ENGINE
234 if (!pkey && e)
235 ENGINE_finish(e);
236#endif
237 if (!ameth)
238 {
239 EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
240 return 0;
241 }
242 if (pkey)
243 {
244 pkey->ameth = ameth;
245 pkey->engine = e;
246
247 pkey->type = pkey->ameth->pkey_id;
248 pkey->save_type=type;
249 }
250 return 1;
251 }
252
253int EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
254 {
255 return pkey_set_type(pkey, type, NULL, -1);
256 }
257
258int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len)
259 {
260 return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
261 }
262
263int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
264 {
265 if (!EVP_PKEY_set_type(pkey, type))
266 return 0;
267 pkey->pkey.ptr=key;
268 return (key != NULL);
269 }
270
271void *EVP_PKEY_get0(EVP_PKEY *pkey)
272 {
273 return pkey->pkey.ptr;
274 }
275
276#ifndef OPENSSL_NO_RSA
277int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
278{
279 int ret = EVP_PKEY_assign_RSA(pkey, key);
280 if(ret)
281 RSA_up_ref(key);
282 return ret;
283}
284
285RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
286 {
287 if(pkey->type != EVP_PKEY_RSA) {
288 EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
289 return NULL;
290 }
291 RSA_up_ref(pkey->pkey.rsa);
292 return pkey->pkey.rsa;
293}
294#endif
295
296#ifndef OPENSSL_NO_DSA
297int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
298{
299 int ret = EVP_PKEY_assign_DSA(pkey, key);
300 if(ret)
301 DSA_up_ref(key);
302 return ret;
303}
304
305DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
306 {
307 if(pkey->type != EVP_PKEY_DSA) {
308 EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
309 return NULL;
310 }
311 DSA_up_ref(pkey->pkey.dsa);
312 return pkey->pkey.dsa;
313}
314#endif
315
316#ifndef OPENSSL_NO_EC
317
318int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
319{
320 int ret = EVP_PKEY_assign_EC_KEY(pkey,key);
321 if (ret)
322 EC_KEY_up_ref(key);
323 return ret;
324}
325
326EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
327{
328 if (pkey->type != EVP_PKEY_EC)
329 {
330 EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
331 return NULL;
332 }
333 EC_KEY_up_ref(pkey->pkey.ec);
334 return pkey->pkey.ec;
335}
336#endif
337
338
339#ifndef OPENSSL_NO_DH
340
341int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
342{
343 int ret = EVP_PKEY_assign_DH(pkey, key);
344 if(ret)
345 DH_up_ref(key);
346 return ret;
347}
348
349DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
350 {
351 if(pkey->type != EVP_PKEY_DH) {
352 EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
353 return NULL;
354 }
355 DH_up_ref(pkey->pkey.dh);
356 return pkey->pkey.dh;
357}
358#endif
359
360int EVP_PKEY_type(int type)
361 {
362 int ret;
363 const EVP_PKEY_ASN1_METHOD *ameth;
364 ENGINE *e;
365 ameth = EVP_PKEY_asn1_find(&e, type);
366 if (ameth)
367 ret = ameth->pkey_id;
368 else
369 ret = NID_undef;
370#ifndef OPENSSL_NO_ENGINE
371 if (e)
372 ENGINE_finish(e);
373#endif
374 return ret;
375 }
376
377int EVP_PKEY_id(const EVP_PKEY *pkey)
378 {
379 return pkey->type;
380 }
381
382int EVP_PKEY_base_id(const EVP_PKEY *pkey)
383 {
384 return EVP_PKEY_type(pkey->type);
385 }
386
387void EVP_PKEY_free(EVP_PKEY *x)
388 {
389 int i;
390
391 if (x == NULL) return;
392
393 i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY);
394#ifdef REF_PRINT
395 REF_PRINT("EVP_PKEY",x);
396#endif
397 if (i > 0) return;
398#ifdef REF_CHECK
399 if (i < 0)
400 {
401 fprintf(stderr,"EVP_PKEY_free, bad reference count\n");
402 abort();
403 }
404#endif
405 EVP_PKEY_free_it(x);
406 if (x->attributes)
407 sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
408 OPENSSL_free(x);
409 }
410
411static void EVP_PKEY_free_it(EVP_PKEY *x)
412 {
413 if (x->ameth && x->ameth->pkey_free)
414 {
415 x->ameth->pkey_free(x);
416 x->pkey.ptr = NULL;
417 }
418#ifndef OPENSSL_NO_ENGINE
419 if (x->engine)
420 {
421 ENGINE_finish(x->engine);
422 x->engine = NULL;
423 }
424#endif
425 }
426
427static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent,
428 const char *kstr)
429 {
430 BIO_indent(out, indent, 128);
431 BIO_printf(out, "%s algorithm \"%s\" unsupported\n",
432 kstr, OBJ_nid2ln(pkey->type));
433 return 1;
434 }
435
436int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
437 int indent, ASN1_PCTX *pctx)
438 {
439 if (pkey->ameth && pkey->ameth->pub_print)
440 return pkey->ameth->pub_print(out, pkey, indent, pctx);
441
442 return unsup_alg(out, pkey, indent, "Public Key");
443 }
444
445int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
446 int indent, ASN1_PCTX *pctx)
447 {
448 if (pkey->ameth && pkey->ameth->priv_print)
449 return pkey->ameth->priv_print(out, pkey, indent, pctx);
450
451 return unsup_alg(out, pkey, indent, "Private Key");
452 }
453
454int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
455 int indent, ASN1_PCTX *pctx)
456 {
457 if (pkey->ameth && pkey->ameth->param_print)
458 return pkey->ameth->param_print(out, pkey, indent, pctx);
459 return unsup_alg(out, pkey, indent, "Parameters");
460 }
461
462int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid)
463 {
464 if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
465 return -2;
466 return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID,
467 0, pnid);
468 }
469
diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c
deleted file mode 100644
index c748fbea87..0000000000
--- a/src/lib/libcrypto/evp/p_open.c
+++ /dev/null
@@ -1,128 +0,0 @@
1/* crypto/evp/p_open.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_RSA
63
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include <openssl/x509.h>
67#include <openssl/rsa.h>
68
69int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
70 const unsigned char *ek, int ekl, const unsigned char *iv,
71 EVP_PKEY *priv)
72 {
73 unsigned char *key=NULL;
74 int i,size=0,ret=0;
75
76 if(type) {
77 EVP_CIPHER_CTX_init(ctx);
78 if(!EVP_DecryptInit_ex(ctx,type,NULL, NULL,NULL)) return 0;
79 }
80
81 if(!priv) return 1;
82
83 if (priv->type != EVP_PKEY_RSA)
84 {
85 EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
86 goto err;
87 }
88
89 size=RSA_size(priv->pkey.rsa);
90 key=(unsigned char *)OPENSSL_malloc(size+2);
91 if (key == NULL)
92 {
93 /* ERROR */
94 EVPerr(EVP_F_EVP_OPENINIT,ERR_R_MALLOC_FAILURE);
95 goto err;
96 }
97
98 i=EVP_PKEY_decrypt_old(key,ek,ekl,priv);
99 if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i))
100 {
101 /* ERROR */
102 goto err;
103 }
104 if(!EVP_DecryptInit_ex(ctx,NULL,NULL,key,iv)) goto err;
105
106 ret=1;
107err:
108 if (key != NULL) OPENSSL_cleanse(key,size);
109 OPENSSL_free(key);
110 return(ret);
111 }
112
113int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
114 {
115 int i;
116
117 i=EVP_DecryptFinal_ex(ctx,out,outl);
118 if (i)
119 i = EVP_DecryptInit_ex(ctx,NULL,NULL,NULL,NULL);
120 return(i);
121 }
122#else /* !OPENSSL_NO_RSA */
123
124# ifdef PEDANTIC
125static void *dummy=&dummy;
126# endif
127
128#endif
diff --git a/src/lib/libcrypto/evp/p_seal.c b/src/lib/libcrypto/evp/p_seal.c
deleted file mode 100644
index e5919b0fbf..0000000000
--- a/src/lib/libcrypto/evp/p_seal.c
+++ /dev/null
@@ -1,116 +0,0 @@
1/* crypto/evp/p_seal.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/rand.h>
62#ifndef OPENSSL_NO_RSA
63#include <openssl/rsa.h>
64#endif
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
68
69int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
70 int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
71 {
72 unsigned char key[EVP_MAX_KEY_LENGTH];
73 int i;
74
75 if(type) {
76 EVP_CIPHER_CTX_init(ctx);
77 if(!EVP_EncryptInit_ex(ctx,type,NULL,NULL,NULL)) return 0;
78 }
79 if ((npubk <= 0) || !pubk)
80 return 1;
81 if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
82 return 0;
83 if (EVP_CIPHER_CTX_iv_length(ctx))
84 RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx));
85
86 if(!EVP_EncryptInit_ex(ctx,NULL,NULL,key,iv)) return 0;
87
88 for (i=0; i<npubk; i++)
89 {
90 ekl[i]=EVP_PKEY_encrypt_old(ek[i],key,EVP_CIPHER_CTX_key_length(ctx),
91 pubk[i]);
92 if (ekl[i] <= 0) return(-1);
93 }
94 return(npubk);
95 }
96
97/* MACRO
98void EVP_SealUpdate(ctx,out,outl,in,inl)
99EVP_CIPHER_CTX *ctx;
100unsigned char *out;
101int *outl;
102unsigned char *in;
103int inl;
104 {
105 EVP_EncryptUpdate(ctx,out,outl,in,inl);
106 }
107*/
108
109int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
110 {
111 int i;
112 i = EVP_EncryptFinal_ex(ctx,out,outl);
113 if (i)
114 i = EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);
115 return i;
116 }
diff --git a/src/lib/libcrypto/evp/p_sign.c b/src/lib/libcrypto/evp/p_sign.c
deleted file mode 100644
index dfa48c157c..0000000000
--- a/src/lib/libcrypto/evp/p_sign.c
+++ /dev/null
@@ -1,139 +0,0 @@
1/* crypto/evp/p_sign.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65#ifdef undef
66void EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
67 {
68 EVP_DigestInit_ex(ctx,type);
69 }
70
71void EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
72 unsigned int count)
73 {
74 EVP_DigestUpdate(ctx,data,count);
75 }
76#endif
77
78int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
79 EVP_PKEY *pkey)
80 {
81 unsigned char m[EVP_MAX_MD_SIZE];
82 unsigned int m_len;
83 int i=0,ok=0,v;
84 EVP_MD_CTX tmp_ctx;
85 EVP_PKEY_CTX *pkctx = NULL;
86
87 *siglen=0;
88 EVP_MD_CTX_init(&tmp_ctx);
89 if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
90 goto err;
91 if (!EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len))
92 goto err;
93 EVP_MD_CTX_cleanup(&tmp_ctx);
94
95 if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
96 {
97 size_t sltmp = (size_t)EVP_PKEY_size(pkey);
98 i = 0;
99 pkctx = EVP_PKEY_CTX_new(pkey, NULL);
100 if (!pkctx)
101 goto err;
102 if (EVP_PKEY_sign_init(pkctx) <= 0)
103 goto err;
104 if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
105 goto err;
106 if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
107 goto err;
108 *siglen = sltmp;
109 i = 1;
110 err:
111 EVP_PKEY_CTX_free(pkctx);
112 return i;
113 }
114
115 for (i=0; i<4; i++)
116 {
117 v=ctx->digest->required_pkey_type[i];
118 if (v == 0) break;
119 if (pkey->type == v)
120 {
121 ok=1;
122 break;
123 }
124 }
125 if (!ok)
126 {
127 EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
128 return(0);
129 }
130
131 if (ctx->digest->sign == NULL)
132 {
133 EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
134 return(0);
135 }
136 return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen,
137 pkey->pkey.ptr));
138 }
139
diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c
deleted file mode 100644
index 5f5c409f45..0000000000
--- a/src/lib/libcrypto/evp/p_verify.c
+++ /dev/null
@@ -1,121 +0,0 @@
1/* crypto/evp/p_verify.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
66 unsigned int siglen, EVP_PKEY *pkey)
67 {
68 unsigned char m[EVP_MAX_MD_SIZE];
69 unsigned int m_len;
70 int i=-1,ok=0,v;
71 EVP_MD_CTX tmp_ctx;
72 EVP_PKEY_CTX *pkctx = NULL;
73
74 EVP_MD_CTX_init(&tmp_ctx);
75 if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
76 goto err;
77 if (!EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len))
78 goto err;
79 EVP_MD_CTX_cleanup(&tmp_ctx);
80
81 if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
82 {
83 i = -1;
84 pkctx = EVP_PKEY_CTX_new(pkey, NULL);
85 if (!pkctx)
86 goto err;
87 if (EVP_PKEY_verify_init(pkctx) <= 0)
88 goto err;
89 if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
90 goto err;
91 i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
92 err:
93 EVP_PKEY_CTX_free(pkctx);
94 return i;
95 }
96
97 for (i=0; i<4; i++)
98 {
99 v=ctx->digest->required_pkey_type[i];
100 if (v == 0) break;
101 if (pkey->type == v)
102 {
103 ok=1;
104 break;
105 }
106 }
107 if (!ok)
108 {
109 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
110 return(-1);
111 }
112 if (ctx->digest->verify == NULL)
113 {
114 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
115 return(0);
116 }
117
118 return(ctx->digest->verify(ctx->digest->type,m,m_len,
119 sigbuf,siglen,pkey->pkey.ptr));
120 }
121
diff --git a/src/lib/libcrypto/evp/pmeth_fn.c b/src/lib/libcrypto/evp/pmeth_fn.c
deleted file mode 100644
index c4676f2f8d..0000000000
--- a/src/lib/libcrypto/evp/pmeth_fn.c
+++ /dev/null
@@ -1,368 +0,0 @@
1/* pmeth_fn.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006.
4 */
5/* ====================================================================
6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include "cryptlib.h"
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include "evp_locl.h"
65
66#define M_check_autoarg(ctx, arg, arglen, err) \
67 if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
68 { \
69 size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
70 if (!arg) \
71 { \
72 *arglen = pksize; \
73 return 1; \
74 } \
75 else if (*arglen < pksize) \
76 { \
77 EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\
78 return 0; \
79 } \
80 }
81
82int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
83 {
84 int ret;
85 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign)
86 {
87 EVPerr(EVP_F_EVP_PKEY_SIGN_INIT,
88 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
89 return -2;
90 }
91 ctx->operation = EVP_PKEY_OP_SIGN;
92 if (!ctx->pmeth->sign_init)
93 return 1;
94 ret = ctx->pmeth->sign_init(ctx);
95 if (ret <= 0)
96 ctx->operation = EVP_PKEY_OP_UNDEFINED;
97 return ret;
98 }
99
100int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
101 unsigned char *sig, size_t *siglen,
102 const unsigned char *tbs, size_t tbslen)
103 {
104 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign)
105 {
106 EVPerr(EVP_F_EVP_PKEY_SIGN,
107 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
108 return -2;
109 }
110 if (ctx->operation != EVP_PKEY_OP_SIGN)
111 {
112 EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED);
113 return -1;
114 }
115 M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
116 return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen);
117 }
118
119int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
120 {
121 int ret;
122 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify)
123 {
124 EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT,
125 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
126 return -2;
127 }
128 ctx->operation = EVP_PKEY_OP_VERIFY;
129 if (!ctx->pmeth->verify_init)
130 return 1;
131 ret = ctx->pmeth->verify_init(ctx);
132 if (ret <= 0)
133 ctx->operation = EVP_PKEY_OP_UNDEFINED;
134 return ret;
135 }
136
137int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
138 const unsigned char *sig, size_t siglen,
139 const unsigned char *tbs, size_t tbslen)
140 {
141 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify)
142 {
143 EVPerr(EVP_F_EVP_PKEY_VERIFY,
144 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
145 return -2;
146 }
147 if (ctx->operation != EVP_PKEY_OP_VERIFY)
148 {
149 EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED);
150 return -1;
151 }
152 return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
153 }
154
155int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
156 {
157 int ret;
158 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover)
159 {
160 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT,
161 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
162 return -2;
163 }
164 ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
165 if (!ctx->pmeth->verify_recover_init)
166 return 1;
167 ret = ctx->pmeth->verify_recover_init(ctx);
168 if (ret <= 0)
169 ctx->operation = EVP_PKEY_OP_UNDEFINED;
170 return ret;
171 }
172
173int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
174 unsigned char *rout, size_t *routlen,
175 const unsigned char *sig, size_t siglen)
176 {
177 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover)
178 {
179 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
180 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
181 return -2;
182 }
183 if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER)
184 {
185 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, EVP_R_OPERATON_NOT_INITIALIZED);
186 return -1;
187 }
188 M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
189 return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen);
190 }
191
192int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
193 {
194 int ret;
195 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt)
196 {
197 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT,
198 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
199 return -2;
200 }
201 ctx->operation = EVP_PKEY_OP_ENCRYPT;
202 if (!ctx->pmeth->encrypt_init)
203 return 1;
204 ret = ctx->pmeth->encrypt_init(ctx);
205 if (ret <= 0)
206 ctx->operation = EVP_PKEY_OP_UNDEFINED;
207 return ret;
208 }
209
210int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
211 unsigned char *out, size_t *outlen,
212 const unsigned char *in, size_t inlen)
213 {
214 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt)
215 {
216 EVPerr(EVP_F_EVP_PKEY_ENCRYPT,
217 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
218 return -2;
219 }
220 if (ctx->operation != EVP_PKEY_OP_ENCRYPT)
221 {
222 EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
223 return -1;
224 }
225 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT)
226 return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);
227 }
228
229int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
230 {
231 int ret;
232 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt)
233 {
234 EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT,
235 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
236 return -2;
237 }
238 ctx->operation = EVP_PKEY_OP_DECRYPT;
239 if (!ctx->pmeth->decrypt_init)
240 return 1;
241 ret = ctx->pmeth->decrypt_init(ctx);
242 if (ret <= 0)
243 ctx->operation = EVP_PKEY_OP_UNDEFINED;
244 return ret;
245 }
246
247int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
248 unsigned char *out, size_t *outlen,
249 const unsigned char *in, size_t inlen)
250 {
251 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt)
252 {
253 EVPerr(EVP_F_EVP_PKEY_DECRYPT,
254 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
255 return -2;
256 }
257 if (ctx->operation != EVP_PKEY_OP_DECRYPT)
258 {
259 EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
260 return -1;
261 }
262 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
263 return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
264 }
265
266
267int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
268 {
269 int ret;
270 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive)
271 {
272 EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT,
273 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
274 return -2;
275 }
276 ctx->operation = EVP_PKEY_OP_DERIVE;
277 if (!ctx->pmeth->derive_init)
278 return 1;
279 ret = ctx->pmeth->derive_init(ctx);
280 if (ret <= 0)
281 ctx->operation = EVP_PKEY_OP_UNDEFINED;
282 return ret;
283 }
284
285int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
286 {
287 int ret;
288 if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive||ctx->pmeth->encrypt||ctx->pmeth->decrypt) || !ctx->pmeth->ctrl)
289 {
290 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
291 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
292 return -2;
293 }
294 if (ctx->operation != EVP_PKEY_OP_DERIVE && ctx->operation != EVP_PKEY_OP_ENCRYPT && ctx->operation != EVP_PKEY_OP_DECRYPT)
295 {
296 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
297 EVP_R_OPERATON_NOT_INITIALIZED);
298 return -1;
299 }
300
301 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
302
303 if (ret <= 0)
304 return ret;
305
306 if (ret == 2)
307 return 1;
308
309 if (!ctx->pkey)
310 {
311 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET);
312 return -1;
313 }
314
315 if (ctx->pkey->type != peer->type)
316 {
317 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
318 EVP_R_DIFFERENT_KEY_TYPES);
319 return -1;
320 }
321
322 /* ran@cryptocom.ru: For clarity. The error is if parameters in peer are
323 * present (!missing) but don't match. EVP_PKEY_cmp_parameters may return
324 * 1 (match), 0 (don't match) and -2 (comparison is not defined). -1
325 * (different key types) is impossible here because it is checked earlier.
326 * -2 is OK for us here, as well as 1, so we can check for 0 only. */
327 if (!EVP_PKEY_missing_parameters(peer) &&
328 !EVP_PKEY_cmp_parameters(ctx->pkey, peer))
329 {
330 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
331 EVP_R_DIFFERENT_PARAMETERS);
332 return -1;
333 }
334
335 if (ctx->peerkey)
336 EVP_PKEY_free(ctx->peerkey);
337 ctx->peerkey = peer;
338
339 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
340
341 if (ret <= 0)
342 {
343 ctx->peerkey = NULL;
344 return ret;
345 }
346
347 CRYPTO_add(&peer->references,1,CRYPTO_LOCK_EVP_PKEY);
348 return 1;
349 }
350
351
352int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
353 {
354 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive)
355 {
356 EVPerr(EVP_F_EVP_PKEY_DERIVE,
357 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
358 return -2;
359 }
360 if (ctx->operation != EVP_PKEY_OP_DERIVE)
361 {
362 EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
363 return -1;
364 }
365 M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
366 return ctx->pmeth->derive(ctx, key, pkeylen);
367 }
368
diff --git a/src/lib/libcrypto/evp/pmeth_gn.c b/src/lib/libcrypto/evp/pmeth_gn.c
deleted file mode 100644
index 4651c81370..0000000000
--- a/src/lib/libcrypto/evp/pmeth_gn.c
+++ /dev/null
@@ -1,221 +0,0 @@
1/* pmeth_gn.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006.
4 */
5/* ====================================================================
6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include "cryptlib.h"
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/bn.h>
65#include "evp_locl.h"
66
67int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
68 {
69 int ret;
70 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen)
71 {
72 EVPerr(EVP_F_EVP_PKEY_PARAMGEN_INIT,
73 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
74 return -2;
75 }
76 ctx->operation = EVP_PKEY_OP_PARAMGEN;
77 if (!ctx->pmeth->paramgen_init)
78 return 1;
79 ret = ctx->pmeth->paramgen_init(ctx);
80 if (ret <= 0)
81 ctx->operation = EVP_PKEY_OP_UNDEFINED;
82 return ret;
83 }
84
85int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
86 {
87 int ret;
88 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen)
89 {
90 EVPerr(EVP_F_EVP_PKEY_PARAMGEN,
91 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
92 return -2;
93 }
94
95 if (ctx->operation != EVP_PKEY_OP_PARAMGEN)
96 {
97 EVPerr(EVP_F_EVP_PKEY_PARAMGEN, EVP_R_OPERATON_NOT_INITIALIZED);
98 return -1;
99 }
100
101 if (!ppkey)
102 return -1;
103
104 if (!*ppkey)
105 *ppkey = EVP_PKEY_new();
106
107 ret = ctx->pmeth->paramgen(ctx, *ppkey);
108 if (ret <= 0)
109 {
110 EVP_PKEY_free(*ppkey);
111 *ppkey = NULL;
112 }
113 return ret;
114 }
115
116int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx)
117 {
118 int ret;
119 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen)
120 {
121 EVPerr(EVP_F_EVP_PKEY_KEYGEN_INIT,
122 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
123 return -2;
124 }
125 ctx->operation = EVP_PKEY_OP_KEYGEN;
126 if (!ctx->pmeth->keygen_init)
127 return 1;
128 ret = ctx->pmeth->keygen_init(ctx);
129 if (ret <= 0)
130 ctx->operation = EVP_PKEY_OP_UNDEFINED;
131 return ret;
132 }
133
134int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
135 {
136 int ret;
137
138 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen)
139 {
140 EVPerr(EVP_F_EVP_PKEY_KEYGEN,
141 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
142 return -2;
143 }
144 if (ctx->operation != EVP_PKEY_OP_KEYGEN)
145 {
146 EVPerr(EVP_F_EVP_PKEY_KEYGEN, EVP_R_OPERATON_NOT_INITIALIZED);
147 return -1;
148 }
149
150 if (!ppkey)
151 return -1;
152
153 if (!*ppkey)
154 *ppkey = EVP_PKEY_new();
155
156 ret = ctx->pmeth->keygen(ctx, *ppkey);
157 if (ret <= 0)
158 {
159 EVP_PKEY_free(*ppkey);
160 *ppkey = NULL;
161 }
162 return ret;
163 }
164
165void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb)
166 {
167 ctx->pkey_gencb = cb;
168 }
169
170EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx)
171 {
172 return ctx->pkey_gencb;
173 }
174
175/* "translation callback" to call EVP_PKEY_CTX callbacks using BN_GENCB
176 * style callbacks.
177 */
178
179static int trans_cb(int a, int b, BN_GENCB *gcb)
180 {
181 EVP_PKEY_CTX *ctx = gcb->arg;
182 ctx->keygen_info[0] = a;
183 ctx->keygen_info[1] = b;
184 return ctx->pkey_gencb(ctx);
185 }
186
187void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx)
188 {
189 BN_GENCB_set(cb, trans_cb, ctx)
190 }
191
192int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx)
193 {
194 if (idx == -1)
195 return ctx->keygen_info_count;
196 if (idx < 0 || idx > ctx->keygen_info_count)
197 return 0;
198 return ctx->keygen_info[idx];
199 }
200
201EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
202 const unsigned char *key, int keylen)
203 {
204 EVP_PKEY_CTX *mac_ctx = NULL;
205 EVP_PKEY *mac_key = NULL;
206 mac_ctx = EVP_PKEY_CTX_new_id(type, e);
207 if (!mac_ctx)
208 return NULL;
209 if (EVP_PKEY_keygen_init(mac_ctx) <= 0)
210 goto merr;
211 if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN,
212 EVP_PKEY_CTRL_SET_MAC_KEY,
213 keylen, (void *)key) <= 0)
214 goto merr;
215 if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0)
216 goto merr;
217 merr:
218 if (mac_ctx)
219 EVP_PKEY_CTX_free(mac_ctx);
220 return mac_key;
221 }
diff --git a/src/lib/libcrypto/evp/pmeth_lib.c b/src/lib/libcrypto/evp/pmeth_lib.c
deleted file mode 100644
index acfa7b6f87..0000000000
--- a/src/lib/libcrypto/evp/pmeth_lib.c
+++ /dev/null
@@ -1,593 +0,0 @@
1/* pmeth_lib.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006.
4 */
5/* ====================================================================
6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include "cryptlib.h"
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#ifndef OPENSSL_NO_ENGINE
65#include <openssl/engine.h>
66#endif
67#include "asn1_locl.h"
68#include "evp_locl.h"
69
70typedef int sk_cmp_fn_type(const char * const *a, const char * const *b);
71
72DECLARE_STACK_OF(EVP_PKEY_METHOD)
73STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
74
75extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
76extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth;
77
78static const EVP_PKEY_METHOD *standard_methods[] =
79 {
80#ifndef OPENSSL_NO_RSA
81 &rsa_pkey_meth,
82#endif
83#ifndef OPENSSL_NO_DH
84 &dh_pkey_meth,
85#endif
86#ifndef OPENSSL_NO_DSA
87 &dsa_pkey_meth,
88#endif
89#ifndef OPENSSL_NO_EC
90 &ec_pkey_meth,
91#endif
92 &hmac_pkey_meth,
93 &cmac_pkey_meth
94 };
95
96DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
97 pmeth);
98
99static int pmeth_cmp(const EVP_PKEY_METHOD * const *a,
100 const EVP_PKEY_METHOD * const *b)
101 {
102 return ((*a)->pkey_id - (*b)->pkey_id);
103 }
104
105IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
106 pmeth);
107
108const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type)
109 {
110 EVP_PKEY_METHOD tmp;
111 const EVP_PKEY_METHOD *t = &tmp, **ret;
112 tmp.pkey_id = type;
113 if (app_pkey_methods)
114 {
115 int idx;
116 idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
117 if (idx >= 0)
118 return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
119 }
120 ret = OBJ_bsearch_pmeth(&t, standard_methods,
121 sizeof(standard_methods)/sizeof(EVP_PKEY_METHOD *));
122 if (!ret || !*ret)
123 return NULL;
124 return *ret;
125 }
126
127static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
128 {
129 EVP_PKEY_CTX *ret;
130 const EVP_PKEY_METHOD *pmeth;
131 if (id == -1)
132 {
133 if (!pkey || !pkey->ameth)
134 return NULL;
135 id = pkey->ameth->pkey_id;
136 }
137#ifndef OPENSSL_NO_ENGINE
138 if (pkey && pkey->engine)
139 e = pkey->engine;
140 /* Try to find an ENGINE which implements this method */
141 if (e)
142 {
143 if (!ENGINE_init(e))
144 {
145 EVPerr(EVP_F_INT_CTX_NEW,ERR_R_ENGINE_LIB);
146 return NULL;
147 }
148 }
149 else
150 e = ENGINE_get_pkey_meth_engine(id);
151
152 /* If an ENGINE handled this method look it up. Othewise
153 * use internal tables.
154 */
155
156 if (e)
157 pmeth = ENGINE_get_pkey_meth(e, id);
158 else
159#endif
160 pmeth = EVP_PKEY_meth_find(id);
161
162 if (pmeth == NULL)
163 {
164 EVPerr(EVP_F_INT_CTX_NEW,EVP_R_UNSUPPORTED_ALGORITHM);
165 return NULL;
166 }
167
168 ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
169 if (!ret)
170 {
171#ifndef OPENSSL_NO_ENGINE
172 if (e)
173 ENGINE_finish(e);
174#endif
175 EVPerr(EVP_F_INT_CTX_NEW,ERR_R_MALLOC_FAILURE);
176 return NULL;
177 }
178 ret->engine = e;
179 ret->pmeth = pmeth;
180 ret->operation = EVP_PKEY_OP_UNDEFINED;
181 ret->pkey = pkey;
182 ret->peerkey = NULL;
183 ret->pkey_gencb = 0;
184 if (pkey)
185 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
186 ret->data = NULL;
187
188 if (pmeth->init)
189 {
190 if (pmeth->init(ret) <= 0)
191 {
192 EVP_PKEY_CTX_free(ret);
193 return NULL;
194 }
195 }
196
197 return ret;
198 }
199
200EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags)
201 {
202 EVP_PKEY_METHOD *pmeth;
203 pmeth = OPENSSL_malloc(sizeof(EVP_PKEY_METHOD));
204 if (!pmeth)
205 return NULL;
206
207 memset(pmeth, 0, sizeof(EVP_PKEY_METHOD));
208
209 pmeth->pkey_id = id;
210 pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
211
212 pmeth->init = 0;
213 pmeth->copy = 0;
214 pmeth->cleanup = 0;
215 pmeth->paramgen_init = 0;
216 pmeth->paramgen = 0;
217 pmeth->keygen_init = 0;
218 pmeth->keygen = 0;
219 pmeth->sign_init = 0;
220 pmeth->sign = 0;
221 pmeth->verify_init = 0;
222 pmeth->verify = 0;
223 pmeth->verify_recover_init = 0;
224 pmeth->verify_recover = 0;
225 pmeth->signctx_init = 0;
226 pmeth->signctx = 0;
227 pmeth->verifyctx_init = 0;
228 pmeth->verifyctx = 0;
229 pmeth->encrypt_init = 0;
230 pmeth->encrypt = 0;
231 pmeth->decrypt_init = 0;
232 pmeth->decrypt = 0;
233 pmeth->derive_init = 0;
234 pmeth->derive = 0;
235 pmeth->ctrl = 0;
236 pmeth->ctrl_str = 0;
237
238 return pmeth;
239 }
240
241void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
242 const EVP_PKEY_METHOD *meth)
243 {
244 if (ppkey_id)
245 *ppkey_id = meth->pkey_id;
246 if (pflags)
247 *pflags = meth->flags;
248 }
249
250void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
251 {
252
253 dst->init = src->init;
254 dst->copy = src->copy;
255 dst->cleanup = src->cleanup;
256
257 dst->paramgen_init = src->paramgen_init;
258 dst->paramgen = src->paramgen;
259
260 dst->keygen_init = src->keygen_init;
261 dst->keygen = src->keygen;
262
263 dst->sign_init = src->sign_init;
264 dst->sign = src->sign;
265
266 dst->verify_init = src->verify_init;
267 dst->verify = src->verify;
268
269 dst->verify_recover_init = src->verify_recover_init;
270 dst->verify_recover = src->verify_recover;
271
272 dst->signctx_init = src->signctx_init;
273 dst->signctx = src->signctx;
274
275 dst->verifyctx_init = src->verifyctx_init;
276 dst->verifyctx = src->verifyctx;
277
278 dst->encrypt_init = src->encrypt_init;
279 dst->encrypt = src->encrypt;
280
281 dst->decrypt_init = src->decrypt_init;
282 dst->decrypt = src->decrypt;
283
284 dst->derive_init = src->derive_init;
285 dst->derive = src->derive;
286
287 dst->ctrl = src->ctrl;
288 dst->ctrl_str = src->ctrl_str;
289 }
290
291void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
292 {
293 if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
294 OPENSSL_free(pmeth);
295 }
296
297EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
298 {
299 return int_ctx_new(pkey, e, -1);
300 }
301
302EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e)
303 {
304 return int_ctx_new(NULL, e, id);
305 }
306
307EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
308 {
309 EVP_PKEY_CTX *rctx;
310 if (!pctx->pmeth || !pctx->pmeth->copy)
311 return NULL;
312#ifndef OPENSSL_NO_ENGINE
313 /* Make sure it's safe to copy a pkey context using an ENGINE */
314 if (pctx->engine && !ENGINE_init(pctx->engine))
315 {
316 EVPerr(EVP_F_EVP_PKEY_CTX_DUP,ERR_R_ENGINE_LIB);
317 return 0;
318 }
319#endif
320 rctx = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
321 if (!rctx)
322 return NULL;
323
324 rctx->pmeth = pctx->pmeth;
325#ifndef OPENSSL_NO_ENGINE
326 rctx->engine = pctx->engine;
327#endif
328
329 if (pctx->pkey)
330 CRYPTO_add(&pctx->pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
331
332 rctx->pkey = pctx->pkey;
333
334 if (pctx->peerkey)
335 CRYPTO_add(&pctx->peerkey->references,1,CRYPTO_LOCK_EVP_PKEY);
336
337 rctx->peerkey = pctx->peerkey;
338
339 rctx->data = NULL;
340 rctx->app_data = NULL;
341 rctx->operation = pctx->operation;
342
343 if (pctx->pmeth->copy(rctx, pctx) > 0)
344 return rctx;
345
346 EVP_PKEY_CTX_free(rctx);
347 return NULL;
348
349 }
350
351int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
352 {
353 if (app_pkey_methods == NULL)
354 {
355 app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
356 if (!app_pkey_methods)
357 return 0;
358 }
359 if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))
360 return 0;
361 sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
362 return 1;
363 }
364
365void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
366 {
367 if (ctx == NULL)
368 return;
369 if (ctx->pmeth && ctx->pmeth->cleanup)
370 ctx->pmeth->cleanup(ctx);
371 if (ctx->pkey)
372 EVP_PKEY_free(ctx->pkey);
373 if (ctx->peerkey)
374 EVP_PKEY_free(ctx->peerkey);
375#ifndef OPENSSL_NO_ENGINE
376 if(ctx->engine)
377 /* The EVP_PKEY_CTX we used belongs to an ENGINE, release the
378 * functional reference we held for this reason. */
379 ENGINE_finish(ctx->engine);
380#endif
381 OPENSSL_free(ctx);
382 }
383
384int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
385 int cmd, int p1, void *p2)
386 {
387 int ret;
388 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl)
389 {
390 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
391 return -2;
392 }
393 if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))
394 return -1;
395
396 if (ctx->operation == EVP_PKEY_OP_UNDEFINED)
397 {
398 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET);
399 return -1;
400 }
401
402 if ((optype != -1) && !(ctx->operation & optype))
403 {
404 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION);
405 return -1;
406 }
407
408 ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);
409
410 if (ret == -2)
411 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
412
413 return ret;
414
415 }
416
417int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx,
418 const char *name, const char *value)
419 {
420 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str)
421 {
422 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
423 EVP_R_COMMAND_NOT_SUPPORTED);
424 return -2;
425 }
426 if (!strcmp(name, "digest"))
427 {
428 const EVP_MD *md;
429 if (!value || !(md = EVP_get_digestbyname(value)))
430 {
431 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
432 EVP_R_INVALID_DIGEST);
433 return 0;
434 }
435 return EVP_PKEY_CTX_set_signature_md(ctx, md);
436 }
437 return ctx->pmeth->ctrl_str(ctx, name, value);
438 }
439
440int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx)
441 {
442 return ctx->operation;
443 }
444
445void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen)
446 {
447 ctx->keygen_info = dat;
448 ctx->keygen_info_count = datlen;
449 }
450
451void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data)
452 {
453 ctx->data = data;
454 }
455
456void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx)
457 {
458 return ctx->data;
459 }
460
461EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx)
462 {
463 return ctx->pkey;
464 }
465
466EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx)
467 {
468 return ctx->peerkey;
469 }
470
471void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data)
472 {
473 ctx->app_data = data;
474 }
475
476void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
477 {
478 return ctx->app_data;
479 }
480
481void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
482 int (*init)(EVP_PKEY_CTX *ctx))
483 {
484 pmeth->init = init;
485 }
486
487void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
488 int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src))
489 {
490 pmeth->copy = copy;
491 }
492
493void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
494 void (*cleanup)(EVP_PKEY_CTX *ctx))
495 {
496 pmeth->cleanup = cleanup;
497 }
498
499void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
500 int (*paramgen_init)(EVP_PKEY_CTX *ctx),
501 int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
502 {
503 pmeth->paramgen_init = paramgen_init;
504 pmeth->paramgen = paramgen;
505 }
506
507void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
508 int (*keygen_init)(EVP_PKEY_CTX *ctx),
509 int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
510 {
511 pmeth->keygen_init = keygen_init;
512 pmeth->keygen = keygen;
513 }
514
515void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
516 int (*sign_init)(EVP_PKEY_CTX *ctx),
517 int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
518 const unsigned char *tbs, size_t tbslen))
519 {
520 pmeth->sign_init = sign_init;
521 pmeth->sign = sign;
522 }
523
524void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
525 int (*verify_init)(EVP_PKEY_CTX *ctx),
526 int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
527 const unsigned char *tbs, size_t tbslen))
528 {
529 pmeth->verify_init = verify_init;
530 pmeth->verify = verify;
531 }
532
533void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
534 int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
535 int (*verify_recover)(EVP_PKEY_CTX *ctx,
536 unsigned char *sig, size_t *siglen,
537 const unsigned char *tbs, size_t tbslen))
538 {
539 pmeth->verify_recover_init = verify_recover_init;
540 pmeth->verify_recover = verify_recover;
541 }
542
543void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
544 int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
545 int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
546 EVP_MD_CTX *mctx))
547 {
548 pmeth->signctx_init = signctx_init;
549 pmeth->signctx = signctx;
550 }
551
552void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
553 int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
554 int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen,
555 EVP_MD_CTX *mctx))
556 {
557 pmeth->verifyctx_init = verifyctx_init;
558 pmeth->verifyctx = verifyctx;
559 }
560
561void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
562 int (*encrypt_init)(EVP_PKEY_CTX *ctx),
563 int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
564 const unsigned char *in, size_t inlen))
565 {
566 pmeth->encrypt_init = encrypt_init;
567 pmeth->encrypt = encryptfn;
568 }
569
570void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
571 int (*decrypt_init)(EVP_PKEY_CTX *ctx),
572 int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
573 const unsigned char *in, size_t inlen))
574 {
575 pmeth->decrypt_init = decrypt_init;
576 pmeth->decrypt = decrypt;
577 }
578
579void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
580 int (*derive_init)(EVP_PKEY_CTX *ctx),
581 int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen))
582 {
583 pmeth->derive_init = derive_init;
584 pmeth->derive = derive;
585 }
586
587void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
588 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
589 int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value))
590 {
591 pmeth->ctrl = ctrl;
592 pmeth->ctrl_str = ctrl_str;
593 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 21:30:05 +0000