summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/evp')
-rw-r--r--src/lib/libcrypto/evp/bio_b64.c567
-rw-r--r--src/lib/libcrypto/evp/bio_enc.c427
-rw-r--r--src/lib/libcrypto/evp/bio_md.c277
-rw-r--r--src/lib/libcrypto/evp/c_all.c299
-rw-r--r--src/lib/libcrypto/evp/digest.c405
-rw-r--r--src/lib/libcrypto/evp/e_aes.c1548
-rw-r--r--src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c601
-rw-r--r--src/lib/libcrypto/evp/e_bf.c91
-rw-r--r--src/lib/libcrypto/evp/e_camellia.c124
-rw-r--r--src/lib/libcrypto/evp/e_cast.c92
-rw-r--r--src/lib/libcrypto/evp/e_chacha.c69
-rw-r--r--src/lib/libcrypto/evp/e_chacha20poly1305.c231
-rw-r--r--src/lib/libcrypto/evp/e_des.c231
-rw-r--r--src/lib/libcrypto/evp/e_des3.c297
-rw-r--r--src/lib/libcrypto/evp/e_gost2814789.c229
-rw-r--r--src/lib/libcrypto/evp/e_idea.c124
-rw-r--r--src/lib/libcrypto/evp/e_null.c105
-rw-r--r--src/lib/libcrypto/evp/e_old.c159
-rw-r--r--src/lib/libcrypto/evp/e_rc2.c254
-rw-r--r--src/lib/libcrypto/evp/e_rc4.c140
-rw-r--r--src/lib/libcrypto/evp/e_rc4_hmac_md5.c309
-rw-r--r--src/lib/libcrypto/evp/e_xcbc_d.c137
-rw-r--r--src/lib/libcrypto/evp/encode.c417
-rw-r--r--src/lib/libcrypto/evp/evp.h1495
-rw-r--r--src/lib/libcrypto/evp/evp_aead.c144
-rw-r--r--src/lib/libcrypto/evp/evp_enc.c668
-rw-r--r--src/lib/libcrypto/evp/evp_err.c261
-rw-r--r--src/lib/libcrypto/evp/evp_key.c206
-rw-r--r--src/lib/libcrypto/evp/evp_lib.c348
-rw-r--r--src/lib/libcrypto/evp/evp_locl.h366
-rw-r--r--src/lib/libcrypto/evp/evp_pbe.c295
-rw-r--r--src/lib/libcrypto/evp/evp_pkey.c240
-rw-r--r--src/lib/libcrypto/evp/m_dss.c117
-rw-r--r--src/lib/libcrypto/evp/m_dss1.c117
-rw-r--r--src/lib/libcrypto/evp/m_ecdsa.c166
-rw-r--r--src/lib/libcrypto/evp/m_gost2814789.c110
-rw-r--r--src/lib/libcrypto/evp/m_gostr341194.c97
-rw-r--r--src/lib/libcrypto/evp/m_md4.c118
-rw-r--r--src/lib/libcrypto/evp/m_md5.c118
-rw-r--r--src/lib/libcrypto/evp/m_null.c106
-rw-r--r--src/lib/libcrypto/evp/m_ripemd.c118
-rw-r--r--src/lib/libcrypto/evp/m_sha1.c281
-rw-r--r--src/lib/libcrypto/evp/m_sigver.c193
-rw-r--r--src/lib/libcrypto/evp/m_streebog.c131
-rw-r--r--src/lib/libcrypto/evp/m_wp.c56
-rw-r--r--src/lib/libcrypto/evp/names.c228
-rw-r--r--src/lib/libcrypto/evp/p5_crpt.c158
-rw-r--r--src/lib/libcrypto/evp/p5_crpt2.c308
-rw-r--r--src/lib/libcrypto/evp/p_dec.c92
-rw-r--r--src/lib/libcrypto/evp/p_enc.c89
-rw-r--r--src/lib/libcrypto/evp/p_lib.c483
-rw-r--r--src/lib/libcrypto/evp/p_open.c127
-rw-r--r--src/lib/libcrypto/evp/p_seal.c124
-rw-r--r--src/lib/libcrypto/evp/p_sign.c123
-rw-r--r--src/lib/libcrypto/evp/p_verify.c119
-rw-r--r--src/lib/libcrypto/evp/pmeth_fn.c362
-rw-r--r--src/lib/libcrypto/evp/pmeth_gn.c227
-rw-r--r--src/lib/libcrypto/evp/pmeth_lib.c618
58 files changed, 0 insertions, 15942 deletions
diff --git a/src/lib/libcrypto/evp/bio_b64.c b/src/lib/libcrypto/evp/bio_b64.c
deleted file mode 100644
index b54e8793ec..0000000000
--- a/src/lib/libcrypto/evp/bio_b64.c
+++ /dev/null
@@ -1,567 +0,0 @@
1/* $OpenBSD: bio_b64.c,v 1.20 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <errno.h>
60#include <stdio.h>
61#include <string.h>
62
63#include <openssl/buffer.h>
64#include <openssl/evp.h>
65
66static int b64_write(BIO *h, const char *buf, int num);
67static int b64_read(BIO *h, char *buf, int size);
68static int b64_puts(BIO *h, const char *str);
69/*static int b64_gets(BIO *h, char *str, int size); */
70static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2);
71static int b64_new(BIO *h);
72static int b64_free(BIO *data);
73static long b64_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
74#define B64_BLOCK_SIZE 1024
75#define B64_BLOCK_SIZE2 768
76#define B64_NONE 0
77#define B64_ENCODE 1
78#define B64_DECODE 2
79
80typedef struct b64_struct {
81 /*BIO *bio; moved to the BIO structure */
82 int buf_len;
83 int buf_off;
84 int tmp_len; /* used to find the start when decoding */
85 int tmp_nl; /* If true, scan until '\n' */
86 int encode;
87 int start; /* have we started decoding yet? */
88 int cont; /* <= 0 when finished */
89 EVP_ENCODE_CTX base64;
90 char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE) + 10];
91 char tmp[B64_BLOCK_SIZE];
92} BIO_B64_CTX;
93
94static BIO_METHOD methods_b64 = {
95 .type = BIO_TYPE_BASE64,
96 .name = "base64 encoding",
97 .bwrite = b64_write,
98 .bread = b64_read,
99 .bputs = b64_puts,
100 .ctrl = b64_ctrl,
101 .create = b64_new,
102 .destroy = b64_free,
103 .callback_ctrl = b64_callback_ctrl
104};
105
106BIO_METHOD *
107BIO_f_base64(void)
108{
109 return (&methods_b64);
110}
111
112static int
113b64_new(BIO *bi)
114{
115 BIO_B64_CTX *ctx;
116
117 ctx = malloc(sizeof(BIO_B64_CTX));
118 if (ctx == NULL)
119 return (0);
120
121 ctx->buf_len = 0;
122 ctx->tmp_len = 0;
123 ctx->tmp_nl = 0;
124 ctx->buf_off = 0;
125 ctx->cont = 1;
126 ctx->start = 1;
127 ctx->encode = 0;
128
129 bi->init = 1;
130 bi->ptr = (char *)ctx;
131 bi->flags = 0;
132 bi->num = 0;
133 return (1);
134}
135
136static int
137b64_free(BIO *a)
138{
139 if (a == NULL)
140 return (0);
141 free(a->ptr);
142 a->ptr = NULL;
143 a->init = 0;
144 a->flags = 0;
145 return (1);
146}
147
148static int
149b64_read(BIO *b, char *out, int outl)
150{
151 int ret = 0, i, ii, j, k, x, n, num, ret_code = 0;
152 BIO_B64_CTX *ctx;
153 unsigned char *p, *q;
154
155 if (out == NULL)
156 return (0);
157 ctx = (BIO_B64_CTX *)b->ptr;
158
159 if ((ctx == NULL) || (b->next_bio == NULL))
160 return (0);
161
162 BIO_clear_retry_flags(b);
163
164 if (ctx->encode != B64_DECODE) {
165 ctx->encode = B64_DECODE;
166 ctx->buf_len = 0;
167 ctx->buf_off = 0;
168 ctx->tmp_len = 0;
169 EVP_DecodeInit(&(ctx->base64));
170 }
171
172 /* First check if there are bytes decoded/encoded */
173 if (ctx->buf_len > 0) {
174 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
175 i = ctx->buf_len - ctx->buf_off;
176 if (i > outl)
177 i = outl;
178 OPENSSL_assert(ctx->buf_off + i < (int)sizeof(ctx->buf));
179 memcpy(out, &(ctx->buf[ctx->buf_off]), i);
180 ret = i;
181 out += i;
182 outl -= i;
183 ctx->buf_off += i;
184 if (ctx->buf_len == ctx->buf_off) {
185 ctx->buf_len = 0;
186 ctx->buf_off = 0;
187 }
188 }
189
190 /* At this point, we have room of outl bytes and an empty
191 * buffer, so we should read in some more. */
192
193 ret_code = 0;
194 while (outl > 0) {
195 if (ctx->cont <= 0)
196 break;
197
198 i = BIO_read(b->next_bio, &(ctx->tmp[ctx->tmp_len]),
199 B64_BLOCK_SIZE - ctx->tmp_len);
200
201 if (i <= 0) {
202 ret_code = i;
203
204 /* Should we continue next time we are called? */
205 if (!BIO_should_retry(b->next_bio)) {
206 ctx->cont = i;
207 /* If buffer empty break */
208 if (ctx->tmp_len == 0)
209 break;
210 /* Fall through and process what we have */
211 else
212 i = 0;
213 }
214 /* else we retry and add more data to buffer */
215 else
216 break;
217 }
218 i += ctx->tmp_len;
219 ctx->tmp_len = i;
220
221 /* We need to scan, a line at a time until we
222 * have a valid line if we are starting. */
223 if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)) {
224 /* ctx->start=1; */
225 ctx->tmp_len = 0;
226 } else if (ctx->start) {
227 q = p =(unsigned char *)ctx->tmp;
228 num = 0;
229 for (j = 0; j < i; j++) {
230 if (*(q++) != '\n')
231 continue;
232
233 /* due to a previous very long line,
234 * we need to keep on scanning for a '\n'
235 * before we even start looking for
236 * base64 encoded stuff. */
237 if (ctx->tmp_nl) {
238 p = q;
239 ctx->tmp_nl = 0;
240 continue;
241 }
242
243 k = EVP_DecodeUpdate(&(ctx->base64),
244 (unsigned char *)ctx->buf,
245 &num, p, q - p);
246 if ((k <= 0) && (num == 0) && (ctx->start))
247 EVP_DecodeInit(&ctx->base64);
248 else {
249 if (p != (unsigned char *)
250 &(ctx->tmp[0])) {
251 i -= (p - (unsigned char *)
252 &(ctx->tmp[0]));
253 for (x = 0; x < i; x++)
254 ctx->tmp[x] = p[x];
255 }
256 EVP_DecodeInit(&ctx->base64);
257 ctx->start = 0;
258 break;
259 }
260 p = q;
261 }
262
263 /* we fell off the end without starting */
264 if ((j == i) && (num == 0)) {
265 /* Is this is one long chunk?, if so, keep on
266 * reading until a new line. */
267 if (p == (unsigned char *)&(ctx->tmp[0])) {
268 /* Check buffer full */
269 if (i == B64_BLOCK_SIZE) {
270 ctx->tmp_nl = 1;
271 ctx->tmp_len = 0;
272 }
273 }
274 else if (p != q) /* finished on a '\n' */
275 {
276 n = q - p;
277 for (ii = 0; ii < n; ii++)
278 ctx->tmp[ii] = p[ii];
279 ctx->tmp_len = n;
280 }
281 /* else finished on a '\n' */
282 continue;
283 } else {
284 ctx->tmp_len = 0;
285 }
286 } else if ((i < B64_BLOCK_SIZE) && (ctx->cont > 0)) {
287 /* If buffer isn't full and we can retry then
288 * restart to read in more data.
289 */
290 continue;
291 }
292
293 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
294 int z, jj;
295
296 jj = i & ~3; /* process per 4 */
297 z = EVP_DecodeBlock((unsigned char *)ctx->buf,
298 (unsigned char *)ctx->tmp, jj);
299 if (jj > 2) {
300 if (ctx->tmp[jj-1] == '=') {
301 z--;
302 if (ctx->tmp[jj-2] == '=')
303 z--;
304 }
305 }
306 /* z is now number of output bytes and jj is the
307 * number consumed */
308 if (jj != i) {
309 memmove(ctx->tmp, &ctx->tmp[jj], i - jj);
310 ctx->tmp_len = i - jj;
311 }
312 ctx->buf_len = 0;
313 if (z > 0) {
314 ctx->buf_len = z;
315 }
316 i = z;
317 } else {
318 i = EVP_DecodeUpdate(&(ctx->base64),
319 (unsigned char *)ctx->buf, &ctx->buf_len,
320 (unsigned char *)ctx->tmp, i);
321 ctx->tmp_len = 0;
322 }
323 ctx->buf_off = 0;
324 if (i < 0) {
325 ret_code = 0;
326 ctx->buf_len = 0;
327 break;
328 }
329
330 if (ctx->buf_len <= outl)
331 i = ctx->buf_len;
332 else
333 i = outl;
334
335 memcpy(out, ctx->buf, i);
336 ret += i;
337 ctx->buf_off = i;
338 if (ctx->buf_off == ctx->buf_len) {
339 ctx->buf_len = 0;
340 ctx->buf_off = 0;
341 }
342 outl -= i;
343 out += i;
344 }
345 /* BIO_clear_retry_flags(b); */
346 BIO_copy_next_retry(b);
347 return ((ret == 0) ? ret_code : ret);
348}
349
350static int
351b64_write(BIO *b, const char *in, int inl)
352{
353 int ret = 0;
354 int n;
355 int i;
356 BIO_B64_CTX *ctx;
357
358 ctx = (BIO_B64_CTX *)b->ptr;
359 BIO_clear_retry_flags(b);
360
361 if (ctx->encode != B64_ENCODE) {
362 ctx->encode = B64_ENCODE;
363 ctx->buf_len = 0;
364 ctx->buf_off = 0;
365 ctx->tmp_len = 0;
366 EVP_EncodeInit(&(ctx->base64));
367 }
368
369 OPENSSL_assert(ctx->buf_off < (int)sizeof(ctx->buf));
370 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
371 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
372 n = ctx->buf_len - ctx->buf_off;
373 while (n > 0) {
374 i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
375 if (i <= 0) {
376 BIO_copy_next_retry(b);
377 return (i);
378 }
379 OPENSSL_assert(i <= n);
380 ctx->buf_off += i;
381 OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
382 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
383 n -= i;
384 }
385 /* at this point all pending data has been written */
386 ctx->buf_off = 0;
387 ctx->buf_len = 0;
388
389 if ((in == NULL) || (inl <= 0))
390 return (0);
391
392 while (inl > 0) {
393 n = (inl > B64_BLOCK_SIZE) ? B64_BLOCK_SIZE : inl;
394
395 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
396 if (ctx->tmp_len > 0) {
397 OPENSSL_assert(ctx->tmp_len <= 3);
398 n = 3 - ctx->tmp_len;
399 /* There's a theoretical possibility for this */
400 if (n > inl)
401 n = inl;
402 memcpy(&(ctx->tmp[ctx->tmp_len]), in, n);
403 ctx->tmp_len += n;
404 ret += n;
405 if (ctx->tmp_len < 3)
406 break;
407 ctx->buf_len = EVP_EncodeBlock(
408 (unsigned char *)ctx->buf,
409 (unsigned char *)ctx->tmp, ctx->tmp_len);
410 OPENSSL_assert(ctx->buf_len <=
411 (int)sizeof(ctx->buf));
412 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
413 /* Since we're now done using the temporary
414 buffer, the length should be 0'd */
415 ctx->tmp_len = 0;
416 } else {
417 if (n < 3) {
418 memcpy(ctx->tmp, in, n);
419 ctx->tmp_len = n;
420 ret += n;
421 break;
422 }
423 n -= n % 3;
424 ctx->buf_len = EVP_EncodeBlock(
425 (unsigned char *)ctx->buf,
426 (const unsigned char *)in, n);
427 OPENSSL_assert(ctx->buf_len <=
428 (int)sizeof(ctx->buf));
429 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
430 ret += n;
431 }
432 } else {
433 EVP_EncodeUpdate(&(ctx->base64),
434 (unsigned char *)ctx->buf, &ctx->buf_len,
435 (unsigned char *)in, n);
436 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
437 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
438 ret += n;
439 }
440 inl -= n;
441 in += n;
442
443 ctx->buf_off = 0;
444 n = ctx->buf_len;
445 while (n > 0) {
446 i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
447 if (i <= 0) {
448 BIO_copy_next_retry(b);
449 return ((ret == 0) ? i : ret);
450 }
451 OPENSSL_assert(i <= n);
452 n -= i;
453 ctx->buf_off += i;
454 OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
455 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
456 }
457 ctx->buf_len = 0;
458 ctx->buf_off = 0;
459 }
460 return (ret);
461}
462
463static long
464b64_ctrl(BIO *b, int cmd, long num, void *ptr)
465{
466 BIO_B64_CTX *ctx;
467 long ret = 1;
468 int i;
469
470 ctx = (BIO_B64_CTX *)b->ptr;
471
472 switch (cmd) {
473 case BIO_CTRL_RESET:
474 ctx->cont = 1;
475 ctx->start = 1;
476 ctx->encode = B64_NONE;
477 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
478 break;
479 case BIO_CTRL_EOF: /* More to read */
480 if (ctx->cont <= 0)
481 ret = 1;
482 else
483 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
484 break;
485 case BIO_CTRL_WPENDING: /* More to write in buffer */
486 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
487 ret = ctx->buf_len - ctx->buf_off;
488 if ((ret == 0) && (ctx->encode != B64_NONE) &&
489 (ctx->base64.num != 0))
490 ret = 1;
491 else if (ret <= 0)
492 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
493 break;
494 case BIO_CTRL_PENDING: /* More to read in buffer */
495 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
496 ret = ctx->buf_len - ctx->buf_off;
497 if (ret <= 0)
498 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
499 break;
500 case BIO_CTRL_FLUSH:
501 /* do a final write */
502again:
503 while (ctx->buf_len != ctx->buf_off) {
504 i = b64_write(b, NULL, 0);
505 if (i < 0)
506 return i;
507 }
508 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
509 if (ctx->tmp_len != 0) {
510 ctx->buf_len = EVP_EncodeBlock(
511 (unsigned char *)ctx->buf,
512 (unsigned char *)ctx->tmp,
513 ctx->tmp_len);
514 ctx->buf_off = 0;
515 ctx->tmp_len = 0;
516 goto again;
517 }
518 } else if (ctx->encode != B64_NONE && ctx->base64.num != 0) {
519 ctx->buf_off = 0;
520 EVP_EncodeFinal(&(ctx->base64),
521 (unsigned char *)ctx->buf,
522 &(ctx->buf_len));
523 /* push out the bytes */
524 goto again;
525 }
526 /* Finally flush the underlying BIO */
527 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
528 break;
529
530 case BIO_C_DO_STATE_MACHINE:
531 BIO_clear_retry_flags(b);
532 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
533 BIO_copy_next_retry(b);
534 break;
535
536 case BIO_CTRL_DUP:
537 break;
538 case BIO_CTRL_INFO:
539 case BIO_CTRL_GET:
540 case BIO_CTRL_SET:
541 default:
542 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
543 break;
544 }
545 return (ret);
546}
547
548static long
549b64_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
550{
551 long ret = 1;
552
553 if (b->next_bio == NULL)
554 return (0);
555 switch (cmd) {
556 default:
557 ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
558 break;
559 }
560 return (ret);
561}
562
563static int
564b64_puts(BIO *b, const char *str)
565{
566 return b64_write(b, str, strlen(str));
567}
diff --git a/src/lib/libcrypto/evp/bio_enc.c b/src/lib/libcrypto/evp/bio_enc.c
deleted file mode 100644
index e367faa967..0000000000
--- a/src/lib/libcrypto/evp/bio_enc.c
+++ /dev/null
@@ -1,427 +0,0 @@
1/* $OpenBSD: bio_enc.c,v 1.18 2014/07/11 08:44:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <errno.h>
60#include <stdio.h>
61#include <string.h>
62
63#include <openssl/buffer.h>
64#include <openssl/evp.h>
65
66static int enc_write(BIO *h, const char *buf, int num);
67static int enc_read(BIO *h, char *buf, int size);
68/*static int enc_puts(BIO *h, const char *str); */
69/*static int enc_gets(BIO *h, char *str, int size); */
70static long enc_ctrl(BIO *h, int cmd, long arg1, void *arg2);
71static int enc_new(BIO *h);
72static int enc_free(BIO *data);
73static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
74#define ENC_BLOCK_SIZE (1024*4)
75#define BUF_OFFSET (EVP_MAX_BLOCK_LENGTH*2)
76
77typedef struct enc_struct {
78 int buf_len;
79 int buf_off;
80 int cont; /* <= 0 when finished */
81 int finished;
82 int ok; /* bad decrypt */
83 EVP_CIPHER_CTX cipher;
84 /* buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate
85 * can return up to a block more data than is presented to it
86 */
87 char buf[ENC_BLOCK_SIZE + BUF_OFFSET + 2];
88} BIO_ENC_CTX;
89
90static BIO_METHOD methods_enc = {
91 .type = BIO_TYPE_CIPHER,
92 .name = "cipher",
93 .bwrite = enc_write,
94 .bread = enc_read,
95 .ctrl = enc_ctrl,
96 .create = enc_new,
97 .destroy = enc_free,
98 .callback_ctrl = enc_callback_ctrl
99};
100
101BIO_METHOD *
102BIO_f_cipher(void)
103{
104 return (&methods_enc);
105}
106
107static int
108enc_new(BIO *bi)
109{
110 BIO_ENC_CTX *ctx;
111
112 ctx = malloc(sizeof(BIO_ENC_CTX));
113 if (ctx == NULL)
114 return (0);
115 EVP_CIPHER_CTX_init(&ctx->cipher);
116
117 ctx->buf_len = 0;
118 ctx->buf_off = 0;
119 ctx->cont = 1;
120 ctx->finished = 0;
121 ctx->ok = 1;
122
123 bi->init = 0;
124 bi->ptr = (char *)ctx;
125 bi->flags = 0;
126 return (1);
127}
128
129static int
130enc_free(BIO *a)
131{
132 BIO_ENC_CTX *b;
133
134 if (a == NULL)
135 return (0);
136 b = (BIO_ENC_CTX *)a->ptr;
137 EVP_CIPHER_CTX_cleanup(&(b->cipher));
138 OPENSSL_cleanse(a->ptr, sizeof(BIO_ENC_CTX));
139 free(a->ptr);
140 a->ptr = NULL;
141 a->init = 0;
142 a->flags = 0;
143 return (1);
144}
145
146static int
147enc_read(BIO *b, char *out, int outl)
148{
149 int ret = 0, i;
150 BIO_ENC_CTX *ctx;
151
152 if (out == NULL)
153 return (0);
154 ctx = (BIO_ENC_CTX *)b->ptr;
155
156 if ((ctx == NULL) || (b->next_bio == NULL))
157 return (0);
158
159 /* First check if there are bytes decoded/encoded */
160 if (ctx->buf_len > 0) {
161 i = ctx->buf_len - ctx->buf_off;
162 if (i > outl)
163 i = outl;
164 memcpy(out, &(ctx->buf[ctx->buf_off]), i);
165 ret = i;
166 out += i;
167 outl -= i;
168 ctx->buf_off += i;
169 if (ctx->buf_len == ctx->buf_off) {
170 ctx->buf_len = 0;
171 ctx->buf_off = 0;
172 }
173 }
174
175 /* At this point, we have room of outl bytes and an empty
176 * buffer, so we should read in some more. */
177
178 while (outl > 0) {
179 if (ctx->cont <= 0)
180 break;
181
182 /* read in at IV offset, read the EVP_Cipher
183 * documentation about why */
184 i = BIO_read(b->next_bio, &(ctx->buf[BUF_OFFSET]), ENC_BLOCK_SIZE);
185
186 if (i <= 0) {
187 /* Should be continue next time we are called? */
188 if (!BIO_should_retry(b->next_bio)) {
189 ctx->cont = i;
190 i = EVP_CipherFinal_ex(&(ctx->cipher),
191 (unsigned char *)ctx->buf,
192 &(ctx->buf_len));
193 ctx->ok = i;
194 ctx->buf_off = 0;
195 } else {
196 ret = (ret == 0) ? i : ret;
197 break;
198 }
199 } else {
200 EVP_CipherUpdate(&(ctx->cipher),
201 (unsigned char *)ctx->buf, &ctx->buf_len,
202 (unsigned char *)&(ctx->buf[BUF_OFFSET]), i);
203 ctx->cont = 1;
204 /* Note: it is possible for EVP_CipherUpdate to
205 * decrypt zero bytes because this is or looks like
206 * the final block: if this happens we should retry
207 * and either read more data or decrypt the final
208 * block
209 */
210 if (ctx->buf_len == 0)
211 continue;
212 }
213
214 if (ctx->buf_len <= outl)
215 i = ctx->buf_len;
216 else
217 i = outl;
218 if (i <= 0)
219 break;
220 memcpy(out, ctx->buf, i);
221 ret += i;
222 ctx->buf_off = i;
223 outl -= i;
224 out += i;
225 }
226
227 BIO_clear_retry_flags(b);
228 BIO_copy_next_retry(b);
229 return ((ret == 0) ? ctx->cont : ret);
230}
231
232static int
233enc_write(BIO *b, const char *in, int inl)
234{
235 int ret = 0, n, i;
236 BIO_ENC_CTX *ctx;
237
238 ctx = (BIO_ENC_CTX *)b->ptr;
239 ret = inl;
240
241 BIO_clear_retry_flags(b);
242 n = ctx->buf_len - ctx->buf_off;
243 while (n > 0) {
244 i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
245 if (i <= 0) {
246 BIO_copy_next_retry(b);
247 return (i);
248 }
249 ctx->buf_off += i;
250 n -= i;
251 }
252 /* at this point all pending data has been written */
253
254 if ((in == NULL) || (inl <= 0))
255 return (0);
256
257 ctx->buf_off = 0;
258 while (inl > 0) {
259 n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl;
260 EVP_CipherUpdate(&(ctx->cipher),
261 (unsigned char *)ctx->buf, &ctx->buf_len,
262 (unsigned char *)in, n);
263 inl -= n;
264 in += n;
265
266 ctx->buf_off = 0;
267 n = ctx->buf_len;
268 while (n > 0) {
269 i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
270 if (i <= 0) {
271 BIO_copy_next_retry(b);
272 return (ret == inl) ? i : ret - inl;
273 }
274 n -= i;
275 ctx->buf_off += i;
276 }
277 ctx->buf_len = 0;
278 ctx->buf_off = 0;
279 }
280 BIO_copy_next_retry(b);
281 return (ret);
282}
283
284static long
285enc_ctrl(BIO *b, int cmd, long num, void *ptr)
286{
287 BIO *dbio;
288 BIO_ENC_CTX *ctx, *dctx;
289 long ret = 1;
290 int i;
291 EVP_CIPHER_CTX **c_ctx;
292
293 ctx = (BIO_ENC_CTX *)b->ptr;
294
295 switch (cmd) {
296 case BIO_CTRL_RESET:
297 ctx->ok = 1;
298 ctx->finished = 0;
299 EVP_CipherInit_ex(&(ctx->cipher), NULL, NULL, NULL, NULL,
300 ctx->cipher.encrypt);
301 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
302 break;
303 case BIO_CTRL_EOF: /* More to read */
304 if (ctx->cont <= 0)
305 ret = 1;
306 else
307 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
308 break;
309 case BIO_CTRL_WPENDING:
310 ret = ctx->buf_len - ctx->buf_off;
311 if (ret <= 0)
312 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
313 break;
314 case BIO_CTRL_PENDING: /* More to read in buffer */
315 ret = ctx->buf_len - ctx->buf_off;
316 if (ret <= 0)
317 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
318 break;
319 case BIO_CTRL_FLUSH:
320 /* do a final write */
321again:
322 while (ctx->buf_len != ctx->buf_off) {
323 i = enc_write(b, NULL, 0);
324 if (i < 0)
325 return i;
326 }
327
328 if (!ctx->finished) {
329 ctx->finished = 1;
330 ctx->buf_off = 0;
331 ret = EVP_CipherFinal_ex(&(ctx->cipher),
332 (unsigned char *)ctx->buf,
333 &(ctx->buf_len));
334 ctx->ok = (int)ret;
335 if (ret <= 0)
336 break;
337
338 /* push out the bytes */
339 goto again;
340 }
341
342 /* Finally flush the underlying BIO */
343 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
344 break;
345 case BIO_C_GET_CIPHER_STATUS:
346 ret = (long)ctx->ok;
347 break;
348 case BIO_C_DO_STATE_MACHINE:
349 BIO_clear_retry_flags(b);
350 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
351 BIO_copy_next_retry(b);
352 break;
353 case BIO_C_GET_CIPHER_CTX:
354 c_ctx = (EVP_CIPHER_CTX **)ptr;
355 (*c_ctx) = &(ctx->cipher);
356 b->init = 1;
357 break;
358 case BIO_CTRL_DUP:
359 dbio = (BIO *)ptr;
360 dctx = (BIO_ENC_CTX *)dbio->ptr;
361 EVP_CIPHER_CTX_init(&dctx->cipher);
362 ret = EVP_CIPHER_CTX_copy(&dctx->cipher, &ctx->cipher);
363 if (ret)
364 dbio->init = 1;
365 break;
366 default:
367 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
368 break;
369 }
370 return (ret);
371}
372
373static long
374enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
375{
376 long ret = 1;
377
378 if (b->next_bio == NULL)
379 return (0);
380 switch (cmd) {
381 default:
382 ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
383 break;
384 }
385 return (ret);
386}
387
388/*
389void BIO_set_cipher_ctx(b,c)
390BIO *b;
391EVP_CIPHER_ctx *c;
392 {
393 if (b == NULL) return;
394
395 if ((b->callback != NULL) &&
396 (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
397 return;
398
399 b->init=1;
400 ctx=(BIO_ENC_CTX *)b->ptr;
401 memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX));
402
403 if (b->callback != NULL)
404 b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
405 }
406*/
407
408void
409BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
410 const unsigned char *i, int e)
411{
412 BIO_ENC_CTX *ctx;
413
414 if (b == NULL)
415 return;
416
417 if ((b->callback != NULL) &&
418 (b->callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 0L) <= 0))
419 return;
420
421 b->init = 1;
422 ctx = (BIO_ENC_CTX *)b->ptr;
423 EVP_CipherInit_ex(&(ctx->cipher), c, NULL, k, i, e);
424
425 if (b->callback != NULL)
426 b->callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 1L);
427}
diff --git a/src/lib/libcrypto/evp/bio_md.c b/src/lib/libcrypto/evp/bio_md.c
deleted file mode 100644
index b1973746a7..0000000000
--- a/src/lib/libcrypto/evp/bio_md.c
+++ /dev/null
@@ -1,277 +0,0 @@
1/* $OpenBSD: bio_md.c,v 1.14 2014/07/11 08:44:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61
62#include <openssl/buffer.h>
63#include <openssl/evp.h>
64
65/* BIO_put and BIO_get both add to the digest,
66 * BIO_gets returns the digest */
67
68static int md_write(BIO *h, char const *buf, int num);
69static int md_read(BIO *h, char *buf, int size);
70/*static int md_puts(BIO *h, const char *str); */
71static int md_gets(BIO *h, char *str, int size);
72static long md_ctrl(BIO *h, int cmd, long arg1, void *arg2);
73static int md_new(BIO *h);
74static int md_free(BIO *data);
75static long md_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
76
77static BIO_METHOD methods_md = {
78 .type = BIO_TYPE_MD,
79 .name = "message digest",
80 .bwrite = md_write,
81 .bread = md_read,
82 .bgets = md_gets,
83 .ctrl = md_ctrl,
84 .create = md_new,
85 .destroy = md_free,
86 .callback_ctrl = md_callback_ctrl
87};
88
89BIO_METHOD *
90BIO_f_md(void)
91{
92 return (&methods_md);
93}
94
95static int
96md_new(BIO *bi)
97{
98 EVP_MD_CTX *ctx;
99
100 ctx = EVP_MD_CTX_create();
101 if (ctx == NULL)
102 return (0);
103
104 bi->init = 0;
105 bi->ptr = (char *)ctx;
106 bi->flags = 0;
107 return (1);
108}
109
110static int
111md_free(BIO *a)
112{
113 if (a == NULL)
114 return (0);
115 EVP_MD_CTX_destroy(a->ptr);
116 a->ptr = NULL;
117 a->init = 0;
118 a->flags = 0;
119 return (1);
120}
121
122static int
123md_read(BIO *b, char *out, int outl)
124{
125 int ret = 0;
126 EVP_MD_CTX *ctx;
127
128 if (out == NULL)
129 return (0);
130 ctx = b->ptr;
131
132 if ((ctx == NULL) || (b->next_bio == NULL))
133 return (0);
134
135 ret = BIO_read(b->next_bio, out, outl);
136 if (b->init) {
137 if (ret > 0) {
138 if (EVP_DigestUpdate(ctx, (unsigned char *)out,
139 (unsigned int)ret) <= 0)
140 return (-1);
141 }
142 }
143 BIO_clear_retry_flags(b);
144 BIO_copy_next_retry(b);
145 return (ret);
146}
147
148static int
149md_write(BIO *b, const char *in, int inl)
150{
151 int ret = 0;
152 EVP_MD_CTX *ctx;
153
154 if ((in == NULL) || (inl <= 0))
155 return (0);
156 ctx = b->ptr;
157
158 if ((ctx != NULL) && (b->next_bio != NULL))
159 ret = BIO_write(b->next_bio, in, inl);
160 if (b->init) {
161 if (ret > 0) {
162 if (!EVP_DigestUpdate(ctx, (const unsigned char *)in,
163 (unsigned int)ret)) {
164 BIO_clear_retry_flags(b);
165 return 0;
166 }
167 }
168 }
169 if (b->next_bio != NULL) {
170 BIO_clear_retry_flags(b);
171 BIO_copy_next_retry(b);
172 }
173 return (ret);
174}
175
176static long
177md_ctrl(BIO *b, int cmd, long num, void *ptr)
178{
179 EVP_MD_CTX *ctx, *dctx, **pctx;
180 const EVP_MD **ppmd;
181 EVP_MD *md;
182 long ret = 1;
183 BIO *dbio;
184
185 ctx = b->ptr;
186
187 switch (cmd) {
188 case BIO_CTRL_RESET:
189 if (b->init)
190 ret = EVP_DigestInit_ex(ctx, ctx->digest, NULL);
191 else
192 ret = 0;
193 if (ret > 0)
194 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
195 break;
196 case BIO_C_GET_MD:
197 if (b->init) {
198 ppmd = ptr;
199 *ppmd = ctx->digest;
200 } else
201 ret = 0;
202 break;
203 case BIO_C_GET_MD_CTX:
204 pctx = ptr;
205 *pctx = ctx;
206 b->init = 1;
207 break;
208 case BIO_C_SET_MD_CTX:
209 if (b->init)
210 b->ptr = ptr;
211 else
212 ret = 0;
213 break;
214 case BIO_C_DO_STATE_MACHINE:
215 BIO_clear_retry_flags(b);
216 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
217 BIO_copy_next_retry(b);
218 break;
219
220 case BIO_C_SET_MD:
221 md = ptr;
222 ret = EVP_DigestInit_ex(ctx, md, NULL);
223 if (ret > 0)
224 b->init = 1;
225 break;
226 case BIO_CTRL_DUP:
227 dbio = ptr;
228 dctx = dbio->ptr;
229 if (!EVP_MD_CTX_copy_ex(dctx, ctx))
230 return 0;
231 b->init = 1;
232 break;
233 default:
234 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
235 break;
236 }
237 return (ret);
238}
239
240static long
241md_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
242{
243 long ret = 1;
244
245 if (b->next_bio == NULL)
246 return (0);
247 switch (cmd) {
248 default:
249 ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
250 break;
251 }
252 return (ret);
253}
254
255static int
256md_gets(BIO *bp, char *buf, int size)
257{
258 EVP_MD_CTX *ctx;
259 unsigned int ret;
260
261 ctx = bp->ptr;
262 if (size < ctx->digest->md_size)
263 return (0);
264 if (EVP_DigestFinal_ex(ctx, (unsigned char *)buf, &ret) <= 0)
265 return -1;
266
267 return ((int)ret);
268}
269
270/*
271static int md_puts(bp,str)
272BIO *bp;
273char *str;
274 {
275 return(-1);
276 }
277*/
diff --git a/src/lib/libcrypto/evp/c_all.c b/src/lib/libcrypto/evp/c_all.c
deleted file mode 100644
index 5f9df3a7ad..0000000000
--- a/src/lib/libcrypto/evp/c_all.c
+++ /dev/null
@@ -1,299 +0,0 @@
1/* $OpenBSD: c_all.c,v 1.17 2015/06/20 01:07:24 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#include <openssl/conf.h>
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66
67#include "cryptlib.h"
68
69void
70OpenSSL_add_all_ciphers(void)
71{
72#ifndef OPENSSL_NO_DES
73 EVP_add_cipher(EVP_des_cfb());
74 EVP_add_cipher(EVP_des_cfb1());
75 EVP_add_cipher(EVP_des_cfb8());
76 EVP_add_cipher(EVP_des_ede_cfb());
77 EVP_add_cipher(EVP_des_ede3_cfb());
78 EVP_add_cipher(EVP_des_ede3_cfb1());
79 EVP_add_cipher(EVP_des_ede3_cfb8());
80
81 EVP_add_cipher(EVP_des_ofb());
82 EVP_add_cipher(EVP_des_ede_ofb());
83 EVP_add_cipher(EVP_des_ede3_ofb());
84
85 EVP_add_cipher(EVP_desx_cbc());
86 EVP_add_cipher_alias(SN_desx_cbc, "DESX");
87 EVP_add_cipher_alias(SN_desx_cbc, "desx");
88
89 EVP_add_cipher(EVP_des_cbc());
90 EVP_add_cipher_alias(SN_des_cbc, "DES");
91 EVP_add_cipher_alias(SN_des_cbc, "des");
92 EVP_add_cipher(EVP_des_ede_cbc());
93 EVP_add_cipher(EVP_des_ede3_cbc());
94 EVP_add_cipher_alias(SN_des_ede3_cbc, "DES3");
95 EVP_add_cipher_alias(SN_des_ede3_cbc, "des3");
96
97 EVP_add_cipher(EVP_des_ecb());
98 EVP_add_cipher(EVP_des_ede());
99 EVP_add_cipher(EVP_des_ede3());
100#endif
101
102#ifndef OPENSSL_NO_RC4
103 EVP_add_cipher(EVP_rc4());
104 EVP_add_cipher(EVP_rc4_40());
105#ifndef OPENSSL_NO_MD5
106 EVP_add_cipher(EVP_rc4_hmac_md5());
107#endif
108#endif
109
110#ifndef OPENSSL_NO_IDEA
111 EVP_add_cipher(EVP_idea_ecb());
112 EVP_add_cipher(EVP_idea_cfb());
113 EVP_add_cipher(EVP_idea_ofb());
114 EVP_add_cipher(EVP_idea_cbc());
115 EVP_add_cipher_alias(SN_idea_cbc, "IDEA");
116 EVP_add_cipher_alias(SN_idea_cbc, "idea");
117#endif
118
119#ifndef OPENSSL_NO_RC2
120 EVP_add_cipher(EVP_rc2_ecb());
121 EVP_add_cipher(EVP_rc2_cfb());
122 EVP_add_cipher(EVP_rc2_ofb());
123 EVP_add_cipher(EVP_rc2_cbc());
124 EVP_add_cipher(EVP_rc2_40_cbc());
125 EVP_add_cipher(EVP_rc2_64_cbc());
126 EVP_add_cipher_alias(SN_rc2_cbc, "RC2");
127 EVP_add_cipher_alias(SN_rc2_cbc, "rc2");
128#endif
129
130#ifndef OPENSSL_NO_BF
131 EVP_add_cipher(EVP_bf_ecb());
132 EVP_add_cipher(EVP_bf_cfb());
133 EVP_add_cipher(EVP_bf_ofb());
134 EVP_add_cipher(EVP_bf_cbc());
135 EVP_add_cipher_alias(SN_bf_cbc, "BF");
136 EVP_add_cipher_alias(SN_bf_cbc, "bf");
137 EVP_add_cipher_alias(SN_bf_cbc, "blowfish");
138#endif
139
140#ifndef OPENSSL_NO_CAST
141 EVP_add_cipher(EVP_cast5_ecb());
142 EVP_add_cipher(EVP_cast5_cfb());
143 EVP_add_cipher(EVP_cast5_ofb());
144 EVP_add_cipher(EVP_cast5_cbc());
145 EVP_add_cipher_alias(SN_cast5_cbc, "CAST");
146 EVP_add_cipher_alias(SN_cast5_cbc, "cast");
147 EVP_add_cipher_alias(SN_cast5_cbc, "CAST-cbc");
148 EVP_add_cipher_alias(SN_cast5_cbc, "cast-cbc");
149#endif
150
151#ifndef OPENSSL_NO_AES
152 EVP_add_cipher(EVP_aes_128_ecb());
153 EVP_add_cipher(EVP_aes_128_cbc());
154 EVP_add_cipher(EVP_aes_128_cfb());
155 EVP_add_cipher(EVP_aes_128_cfb1());
156 EVP_add_cipher(EVP_aes_128_cfb8());
157 EVP_add_cipher(EVP_aes_128_ofb());
158 EVP_add_cipher(EVP_aes_128_ctr());
159 EVP_add_cipher(EVP_aes_128_gcm());
160 EVP_add_cipher(EVP_aes_128_xts());
161 EVP_add_cipher_alias(SN_aes_128_cbc, "AES128");
162 EVP_add_cipher_alias(SN_aes_128_cbc, "aes128");
163 EVP_add_cipher(EVP_aes_192_ecb());
164 EVP_add_cipher(EVP_aes_192_cbc());
165 EVP_add_cipher(EVP_aes_192_cfb());
166 EVP_add_cipher(EVP_aes_192_cfb1());
167 EVP_add_cipher(EVP_aes_192_cfb8());
168 EVP_add_cipher(EVP_aes_192_ofb());
169 EVP_add_cipher(EVP_aes_192_ctr());
170 EVP_add_cipher(EVP_aes_192_gcm());
171 EVP_add_cipher_alias(SN_aes_192_cbc, "AES192");
172 EVP_add_cipher_alias(SN_aes_192_cbc, "aes192");
173 EVP_add_cipher(EVP_aes_256_ecb());
174 EVP_add_cipher(EVP_aes_256_cbc());
175 EVP_add_cipher(EVP_aes_256_cfb());
176 EVP_add_cipher(EVP_aes_256_cfb1());
177 EVP_add_cipher(EVP_aes_256_cfb8());
178 EVP_add_cipher(EVP_aes_256_ofb());
179 EVP_add_cipher(EVP_aes_256_ctr());
180 EVP_add_cipher(EVP_aes_256_gcm());
181 EVP_add_cipher(EVP_aes_256_xts());
182 EVP_add_cipher_alias(SN_aes_256_cbc, "AES256");
183 EVP_add_cipher_alias(SN_aes_256_cbc, "aes256");
184#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
185 EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
186 EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
187#endif
188#endif
189
190#ifndef OPENSSL_NO_CAMELLIA
191 EVP_add_cipher(EVP_camellia_128_ecb());
192 EVP_add_cipher(EVP_camellia_128_cbc());
193 EVP_add_cipher(EVP_camellia_128_cfb());
194 EVP_add_cipher(EVP_camellia_128_cfb1());
195 EVP_add_cipher(EVP_camellia_128_cfb8());
196 EVP_add_cipher(EVP_camellia_128_ofb());
197 EVP_add_cipher_alias(SN_camellia_128_cbc, "CAMELLIA128");
198 EVP_add_cipher_alias(SN_camellia_128_cbc, "camellia128");
199 EVP_add_cipher(EVP_camellia_192_ecb());
200 EVP_add_cipher(EVP_camellia_192_cbc());
201 EVP_add_cipher(EVP_camellia_192_cfb());
202 EVP_add_cipher(EVP_camellia_192_cfb1());
203 EVP_add_cipher(EVP_camellia_192_cfb8());
204 EVP_add_cipher(EVP_camellia_192_ofb());
205 EVP_add_cipher_alias(SN_camellia_192_cbc, "CAMELLIA192");
206 EVP_add_cipher_alias(SN_camellia_192_cbc, "camellia192");
207 EVP_add_cipher(EVP_camellia_256_ecb());
208 EVP_add_cipher(EVP_camellia_256_cbc());
209 EVP_add_cipher(EVP_camellia_256_cfb());
210 EVP_add_cipher(EVP_camellia_256_cfb1());
211 EVP_add_cipher(EVP_camellia_256_cfb8());
212 EVP_add_cipher(EVP_camellia_256_ofb());
213 EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256");
214 EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256");
215#endif
216
217#ifndef OPENSSL_NO_CHACHA
218 EVP_add_cipher(EVP_chacha20());
219#endif
220
221#ifndef OPENSSL_NO_GOST
222 EVP_add_cipher(EVP_gost2814789_ecb());
223 EVP_add_cipher(EVP_gost2814789_cfb64());
224 EVP_add_cipher(EVP_gost2814789_cnt());
225#endif
226}
227
228void
229OpenSSL_add_all_digests(void)
230{
231#ifndef OPENSSL_NO_MD4
232 EVP_add_digest(EVP_md4());
233#endif
234
235#ifndef OPENSSL_NO_MD5
236 EVP_add_digest(EVP_md5());
237 EVP_add_digest_alias(SN_md5, "ssl2-md5");
238 EVP_add_digest_alias(SN_md5, "ssl3-md5");
239#endif
240
241#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
242 EVP_add_digest(EVP_sha());
243#ifndef OPENSSL_NO_DSA
244 EVP_add_digest(EVP_dss());
245#endif
246#endif
247#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
248 EVP_add_digest(EVP_sha1());
249 EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
250 EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
251#ifndef OPENSSL_NO_DSA
252 EVP_add_digest(EVP_dss1());
253 EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
254 EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
255 EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
256#endif
257#ifndef OPENSSL_NO_ECDSA
258 EVP_add_digest(EVP_ecdsa());
259#endif
260#endif
261
262#ifndef OPENSSL_NO_GOST
263 EVP_add_digest(EVP_gostr341194());
264 EVP_add_digest(EVP_gost2814789imit());
265 EVP_add_digest(EVP_streebog256());
266 EVP_add_digest(EVP_streebog512());
267#endif
268#ifndef OPENSSL_NO_RIPEMD
269 EVP_add_digest(EVP_ripemd160());
270 EVP_add_digest_alias(SN_ripemd160, "ripemd");
271 EVP_add_digest_alias(SN_ripemd160, "rmd160");
272#endif
273#ifndef OPENSSL_NO_SHA256
274 EVP_add_digest(EVP_sha224());
275 EVP_add_digest(EVP_sha256());
276#endif
277#ifndef OPENSSL_NO_SHA512
278 EVP_add_digest(EVP_sha384());
279 EVP_add_digest(EVP_sha512());
280#endif
281#ifndef OPENSSL_NO_WHIRLPOOL
282 EVP_add_digest(EVP_whirlpool());
283#endif
284}
285
286void
287OPENSSL_add_all_algorithms_noconf(void)
288{
289 OPENSSL_cpuid_setup();
290 OpenSSL_add_all_ciphers();
291 OpenSSL_add_all_digests();
292}
293
294void
295OPENSSL_add_all_algorithms_conf(void)
296{
297 OPENSSL_add_all_algorithms_noconf();
298 OPENSSL_config(NULL);
299}
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
deleted file mode 100644
index 6d8ed9b499..0000000000
--- a/src/lib/libcrypto/evp/digest.c
+++ /dev/null
@@ -1,405 +0,0 @@
1/* $OpenBSD: digest.c,v 1.26 2015/02/11 03:19:37 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include <string.h>
114
115#include <openssl/opensslconf.h>
116
117#include <openssl/err.h>
118#include <openssl/evp.h>
119#include <openssl/objects.h>
120
121#ifndef OPENSSL_NO_ENGINE
122#include <openssl/engine.h>
123#endif
124
125void
126EVP_MD_CTX_init(EVP_MD_CTX *ctx)
127{
128 memset(ctx, 0, sizeof *ctx);
129}
130
131EVP_MD_CTX *
132EVP_MD_CTX_create(void)
133{
134 return calloc(1, sizeof(EVP_MD_CTX));
135}
136
137int
138EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
139{
140 EVP_MD_CTX_init(ctx);
141 return EVP_DigestInit_ex(ctx, type, NULL);
142}
143
144int
145EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
146{
147 EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
148
149#ifndef OPENSSL_NO_ENGINE
150 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
151 * so this context may already have an ENGINE! Try to avoid releasing
152 * the previous handle, re-querying for an ENGINE, and having a
153 * reinitialisation, when it may all be unecessary. */
154 if (ctx->engine && ctx->digest && (!type ||
155 (type && (type->type == ctx->digest->type))))
156 goto skip_to_init;
157 if (type) {
158 /* Ensure an ENGINE left lying around from last time is cleared
159 * (the previous check attempted to avoid this if the same
160 * ENGINE and EVP_MD could be used). */
161 if (ctx->engine)
162 ENGINE_finish(ctx->engine);
163 if (impl) {
164 if (!ENGINE_init(impl)) {
165 EVPerr(EVP_F_EVP_DIGESTINIT_EX,
166 EVP_R_INITIALIZATION_ERROR);
167 return 0;
168 }
169 } else
170 /* Ask if an ENGINE is reserved for this job */
171 impl = ENGINE_get_digest_engine(type->type);
172 if (impl) {
173 /* There's an ENGINE for this job ... (apparently) */
174 const EVP_MD *d = ENGINE_get_digest(impl, type->type);
175 if (!d) {
176 /* Same comment from evp_enc.c */
177 EVPerr(EVP_F_EVP_DIGESTINIT_EX,
178 EVP_R_INITIALIZATION_ERROR);
179 ENGINE_finish(impl);
180 return 0;
181 }
182 /* We'll use the ENGINE's private digest definition */
183 type = d;
184 /* Store the ENGINE functional reference so we know
185 * 'type' came from an ENGINE and we need to release
186 * it when done. */
187 ctx->engine = impl;
188 } else
189 ctx->engine = NULL;
190 } else if (!ctx->digest) {
191 EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_NO_DIGEST_SET);
192 return 0;
193 }
194#endif
195 if (ctx->digest != type) {
196 if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
197 !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
198 explicit_bzero(ctx->md_data, ctx->digest->ctx_size);
199 free(ctx->md_data);
200 ctx->md_data = NULL;
201 }
202 ctx->digest = type;
203 if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
204 ctx->update = type->update;
205 ctx->md_data = malloc(type->ctx_size);
206 if (ctx->md_data == NULL) {
207 EVP_PKEY_CTX_free(ctx->pctx);
208 ctx->pctx = NULL;
209 EVPerr(EVP_F_EVP_DIGESTINIT_EX,
210 ERR_R_MALLOC_FAILURE);
211 return 0;
212 }
213 }
214 }
215#ifndef OPENSSL_NO_ENGINE
216skip_to_init:
217#endif
218 if (ctx->pctx) {
219 int r;
220 r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
221 EVP_PKEY_CTRL_DIGESTINIT, 0, ctx);
222 if (r <= 0 && (r != -2))
223 return 0;
224 }
225 if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT)
226 return 1;
227 return ctx->digest->init(ctx);
228}
229
230int
231EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
232{
233 return ctx->update(ctx, data, count);
234}
235
236/* The caller can assume that this removes any secret data from the context */
237int
238EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
239{
240 int ret;
241
242 ret = EVP_DigestFinal_ex(ctx, md, size);
243 EVP_MD_CTX_cleanup(ctx);
244 return ret;
245}
246
247/* The caller can assume that this removes any secret data from the context */
248int
249EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
250{
251 int ret;
252
253 if ((size_t)ctx->digest->md_size > EVP_MAX_MD_SIZE) {
254 EVPerr(EVP_F_EVP_DIGESTFINAL_EX, EVP_R_TOO_LARGE);
255 return 0;
256 }
257 ret = ctx->digest->final(ctx, md);
258 if (size != NULL)
259 *size = ctx->digest->md_size;
260 if (ctx->digest->cleanup) {
261 ctx->digest->cleanup(ctx);
262 EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
263 }
264 memset(ctx->md_data, 0, ctx->digest->ctx_size);
265 return ret;
266}
267
268int
269EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
270{
271 EVP_MD_CTX_init(out);
272 return EVP_MD_CTX_copy_ex(out, in);
273}
274
275int
276EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
277{
278 unsigned char *tmp_buf;
279
280 if ((in == NULL) || (in->digest == NULL)) {
281 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, EVP_R_INPUT_NOT_INITIALIZED);
282 return 0;
283 }
284#ifndef OPENSSL_NO_ENGINE
285 /* Make sure it's safe to copy a digest context using an ENGINE */
286 if (in->engine && !ENGINE_init(in->engine)) {
287 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_ENGINE_LIB);
288 return 0;
289 }
290#endif
291
292 if (out->digest == in->digest) {
293 tmp_buf = out->md_data;
294 EVP_MD_CTX_set_flags(out, EVP_MD_CTX_FLAG_REUSE);
295 } else
296 tmp_buf = NULL;
297 EVP_MD_CTX_cleanup(out);
298 memcpy(out, in, sizeof *out);
299
300 if (in->md_data && out->digest->ctx_size) {
301 if (tmp_buf)
302 out->md_data = tmp_buf;
303 else {
304 out->md_data = malloc(out->digest->ctx_size);
305 if (!out->md_data) {
306 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,
307 ERR_R_MALLOC_FAILURE);
308 return 0;
309 }
310 }
311 memcpy(out->md_data, in->md_data, out->digest->ctx_size);
312 }
313
314 out->update = in->update;
315
316 if (in->pctx) {
317 out->pctx = EVP_PKEY_CTX_dup(in->pctx);
318 if (!out->pctx) {
319 EVP_MD_CTX_cleanup(out);
320 return 0;
321 }
322 }
323
324 if (out->digest->copy)
325 return out->digest->copy(out, in);
326
327 return 1;
328}
329
330int
331EVP_Digest(const void *data, size_t count,
332 unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl)
333{
334 EVP_MD_CTX ctx;
335 int ret;
336
337 EVP_MD_CTX_init(&ctx);
338 EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_ONESHOT);
339 ret = EVP_DigestInit_ex(&ctx, type, impl) &&
340 EVP_DigestUpdate(&ctx, data, count) &&
341 EVP_DigestFinal_ex(&ctx, md, size);
342 EVP_MD_CTX_cleanup(&ctx);
343
344 return ret;
345}
346
347void
348EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
349{
350 if (ctx) {
351 EVP_MD_CTX_cleanup(ctx);
352 free(ctx);
353 }
354}
355
356/* This call frees resources associated with the context */
357int
358EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
359{
360 /* Don't assume ctx->md_data was cleaned in EVP_Digest_Final,
361 * because sometimes only copies of the context are ever finalised.
362 */
363 if (ctx->digest && ctx->digest->cleanup &&
364 !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
365 ctx->digest->cleanup(ctx);
366 if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
367 !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
368 explicit_bzero(ctx->md_data, ctx->digest->ctx_size);
369 free(ctx->md_data);
370 }
371 EVP_PKEY_CTX_free(ctx->pctx);
372#ifndef OPENSSL_NO_ENGINE
373 if (ctx->engine)
374 /* The EVP_MD we used belongs to an ENGINE, release the
375 * functional reference we held for this reason. */
376 ENGINE_finish(ctx->engine);
377#endif
378 memset(ctx, 0, sizeof *ctx);
379
380 return 1;
381}
382
383int
384EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr)
385{
386 int ret;
387
388 if (!ctx->digest) {
389 EVPerr(EVP_F_EVP_MD_CTX_CTRL, EVP_R_NO_CIPHER_SET);
390 return 0;
391 }
392
393 if (!ctx->digest->md_ctrl) {
394 EVPerr(EVP_F_EVP_MD_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
395 return 0;
396 }
397
398 ret = ctx->digest->md_ctrl(ctx, type, arg, ptr);
399 if (ret == -1) {
400 EVPerr(EVP_F_EVP_MD_CTX_CTRL,
401 EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
402 return 0;
403 }
404 return ret;
405}
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
deleted file mode 100644
index 0a9455a5d2..0000000000
--- a/src/lib/libcrypto/evp/e_aes.c
+++ /dev/null
@@ -1,1548 +0,0 @@
1/* $OpenBSD: e_aes.c,v 1.28 2015/06/20 12:01:14 jsing Exp $ */
2/* ====================================================================
3 * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 */
51
52#include <stdlib.h>
53#include <string.h>
54
55#include <openssl/opensslconf.h>
56
57#ifndef OPENSSL_NO_AES
58#include <openssl/aes.h>
59#include <openssl/err.h>
60#include <openssl/evp.h>
61
62#include "evp_locl.h"
63#include "modes_lcl.h"
64
65typedef struct {
66 AES_KEY ks;
67 block128_f block;
68 union {
69 cbc128_f cbc;
70 ctr128_f ctr;
71 } stream;
72} EVP_AES_KEY;
73
74typedef struct {
75 AES_KEY ks; /* AES key schedule to use */
76 int key_set; /* Set if key initialised */
77 int iv_set; /* Set if an iv is set */
78 GCM128_CONTEXT gcm;
79 unsigned char *iv; /* Temporary IV store */
80 int ivlen; /* IV length */
81 int taglen;
82 int iv_gen; /* It is OK to generate IVs */
83 int tls_aad_len; /* TLS AAD length */
84 ctr128_f ctr;
85} EVP_AES_GCM_CTX;
86
87typedef struct {
88 AES_KEY ks1, ks2; /* AES key schedules to use */
89 XTS128_CONTEXT xts;
90 void (*stream)(const unsigned char *in, unsigned char *out,
91 size_t length, const AES_KEY *key1, const AES_KEY *key2,
92 const unsigned char iv[16]);
93} EVP_AES_XTS_CTX;
94
95typedef struct {
96 AES_KEY ks; /* AES key schedule to use */
97 int key_set; /* Set if key initialised */
98 int iv_set; /* Set if an iv is set */
99 int tag_set; /* Set if tag is valid */
100 int len_set; /* Set if message length set */
101 int L, M; /* L and M parameters from RFC3610 */
102 CCM128_CONTEXT ccm;
103 ccm128_f str;
104} EVP_AES_CCM_CTX;
105
106#define MAXBITCHUNK ((size_t)1<<(sizeof(size_t)*8-4))
107
108#ifdef VPAES_ASM
109int vpaes_set_encrypt_key(const unsigned char *userKey, int bits,
110 AES_KEY *key);
111int vpaes_set_decrypt_key(const unsigned char *userKey, int bits,
112 AES_KEY *key);
113
114void vpaes_encrypt(const unsigned char *in, unsigned char *out,
115 const AES_KEY *key);
116void vpaes_decrypt(const unsigned char *in, unsigned char *out,
117 const AES_KEY *key);
118
119void vpaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
120 size_t length, const AES_KEY *key, unsigned char *ivec, int enc);
121#endif
122#ifdef BSAES_ASM
123void bsaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
124 size_t length, const AES_KEY *key, unsigned char ivec[16], int enc);
125void bsaes_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
126 size_t len, const AES_KEY *key, const unsigned char ivec[16]);
127void bsaes_xts_encrypt(const unsigned char *inp, unsigned char *out,
128 size_t len, const AES_KEY *key1, const AES_KEY *key2,
129 const unsigned char iv[16]);
130void bsaes_xts_decrypt(const unsigned char *inp, unsigned char *out,
131 size_t len, const AES_KEY *key1, const AES_KEY *key2,
132 const unsigned char iv[16]);
133#endif
134#ifdef AES_CTR_ASM
135void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
136 size_t blocks, const AES_KEY *key,
137 const unsigned char ivec[AES_BLOCK_SIZE]);
138#endif
139#ifdef AES_XTS_ASM
140void AES_xts_encrypt(const char *inp, char *out, size_t len,
141 const AES_KEY *key1, const AES_KEY *key2, const unsigned char iv[16]);
142void AES_xts_decrypt(const char *inp, char *out, size_t len,
143 const AES_KEY *key1, const AES_KEY *key2, const unsigned char iv[16]);
144#endif
145
146#if defined(AES_ASM) && !defined(I386_ONLY) && ( \
147 ((defined(__i386) || defined(__i386__) || \
148 defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \
149 defined(__x86_64) || defined(__x86_64__) || \
150 defined(_M_AMD64) || defined(_M_X64) || \
151 defined(__INTEL__) )
152
153extern unsigned int OPENSSL_ia32cap_P[2];
154
155#ifdef VPAES_ASM
156#define VPAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32)))
157#endif
158#ifdef BSAES_ASM
159#define BSAES_CAPABLE VPAES_CAPABLE
160#endif
161/*
162 * AES-NI section
163 */
164#define AESNI_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32)))
165
166int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
167 AES_KEY *key);
168int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
169 AES_KEY *key);
170
171void aesni_encrypt(const unsigned char *in, unsigned char *out,
172 const AES_KEY *key);
173void aesni_decrypt(const unsigned char *in, unsigned char *out,
174 const AES_KEY *key);
175
176void aesni_ecb_encrypt(const unsigned char *in, unsigned char *out,
177 size_t length, const AES_KEY *key, int enc);
178void aesni_cbc_encrypt(const unsigned char *in, unsigned char *out,
179 size_t length, const AES_KEY *key, unsigned char *ivec, int enc);
180
181void aesni_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
182 size_t blocks, const void *key, const unsigned char *ivec);
183
184void aesni_xts_encrypt(const unsigned char *in, unsigned char *out,
185 size_t length, const AES_KEY *key1, const AES_KEY *key2,
186 const unsigned char iv[16]);
187
188void aesni_xts_decrypt(const unsigned char *in, unsigned char *out,
189 size_t length, const AES_KEY *key1, const AES_KEY *key2,
190 const unsigned char iv[16]);
191
192void aesni_ccm64_encrypt_blocks (const unsigned char *in, unsigned char *out,
193 size_t blocks, const void *key, const unsigned char ivec[16],
194 unsigned char cmac[16]);
195
196void aesni_ccm64_decrypt_blocks (const unsigned char *in, unsigned char *out,
197 size_t blocks, const void *key, const unsigned char ivec[16],
198 unsigned char cmac[16]);
199
200static int
201aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
202 const unsigned char *iv, int enc)
203{
204 int ret, mode;
205 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
206
207 mode = ctx->cipher->flags & EVP_CIPH_MODE;
208 if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) &&
209 !enc) {
210 ret = aesni_set_decrypt_key(key, ctx->key_len * 8,
211 ctx->cipher_data);
212 dat->block = (block128_f)aesni_decrypt;
213 dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
214 (cbc128_f)aesni_cbc_encrypt : NULL;
215 } else {
216 ret = aesni_set_encrypt_key(key, ctx->key_len * 8,
217 ctx->cipher_data);
218 dat->block = (block128_f)aesni_encrypt;
219 if (mode == EVP_CIPH_CBC_MODE)
220 dat->stream.cbc = (cbc128_f)aesni_cbc_encrypt;
221 else if (mode == EVP_CIPH_CTR_MODE)
222 dat->stream.ctr = (ctr128_f)aesni_ctr32_encrypt_blocks;
223 else
224 dat->stream.cbc = NULL;
225 }
226
227 if (ret < 0) {
228 EVPerr(EVP_F_AESNI_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED);
229 return 0;
230 }
231
232 return 1;
233}
234
235static int
236aesni_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
237 const unsigned char *in, size_t len)
238{
239 aesni_cbc_encrypt(in, out, len, ctx->cipher_data, ctx->iv,
240 ctx->encrypt);
241
242 return 1;
243}
244
245static int
246aesni_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
247 const unsigned char *in, size_t len)
248{
249 size_t bl = ctx->cipher->block_size;
250
251 if (len < bl)
252 return 1;
253
254 aesni_ecb_encrypt(in, out, len, ctx->cipher_data, ctx->encrypt);
255
256 return 1;
257}
258
259#define aesni_ofb_cipher aes_ofb_cipher
260static int aesni_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
261 const unsigned char *in, size_t len);
262
263#define aesni_cfb_cipher aes_cfb_cipher
264static int aesni_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
265 const unsigned char *in, size_t len);
266
267#define aesni_cfb8_cipher aes_cfb8_cipher
268static int aesni_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
269 const unsigned char *in, size_t len);
270
271#define aesni_cfb1_cipher aes_cfb1_cipher
272static int aesni_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
273 const unsigned char *in, size_t len);
274
275#define aesni_ctr_cipher aes_ctr_cipher
276static int aesni_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
277 const unsigned char *in, size_t len);
278
279static int
280aesni_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
281 const unsigned char *iv, int enc)
282{
283 EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
284
285 if (!iv && !key)
286 return 1;
287 if (key) {
288 aesni_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks);
289 CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
290 (block128_f)aesni_encrypt);
291 gctx->ctr = (ctr128_f)aesni_ctr32_encrypt_blocks;
292 /* If we have an iv can set it directly, otherwise use
293 * saved IV.
294 */
295 if (iv == NULL && gctx->iv_set)
296 iv = gctx->iv;
297 if (iv) {
298 CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
299 gctx->iv_set = 1;
300 }
301 gctx->key_set = 1;
302 } else {
303 /* If key set use IV, otherwise copy */
304 if (gctx->key_set)
305 CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
306 else
307 memcpy(gctx->iv, iv, gctx->ivlen);
308 gctx->iv_set = 1;
309 gctx->iv_gen = 0;
310 }
311 return 1;
312}
313
314#define aesni_gcm_cipher aes_gcm_cipher
315static int aesni_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
316 const unsigned char *in, size_t len);
317
318static int
319aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
320 const unsigned char *iv, int enc)
321{
322 EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
323
324 if (!iv && !key)
325 return 1;
326
327 if (key) {
328 /* key_len is two AES keys */
329 if (enc) {
330 aesni_set_encrypt_key(key, ctx->key_len * 4,
331 &xctx->ks1);
332 xctx->xts.block1 = (block128_f)aesni_encrypt;
333 xctx->stream = aesni_xts_encrypt;
334 } else {
335 aesni_set_decrypt_key(key, ctx->key_len * 4,
336 &xctx->ks1);
337 xctx->xts.block1 = (block128_f)aesni_decrypt;
338 xctx->stream = aesni_xts_decrypt;
339 }
340
341 aesni_set_encrypt_key(key + ctx->key_len / 2,
342 ctx->key_len * 4, &xctx->ks2);
343 xctx->xts.block2 = (block128_f)aesni_encrypt;
344
345 xctx->xts.key1 = &xctx->ks1;
346 }
347
348 if (iv) {
349 xctx->xts.key2 = &xctx->ks2;
350 memcpy(ctx->iv, iv, 16);
351 }
352
353 return 1;
354}
355
356#define aesni_xts_cipher aes_xts_cipher
357static int aesni_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
358 const unsigned char *in, size_t len);
359
360static int
361aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
362 const unsigned char *iv, int enc)
363{
364 EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
365
366 if (!iv && !key)
367 return 1;
368 if (key) {
369 aesni_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks);
370 CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
371 &cctx->ks, (block128_f)aesni_encrypt);
372 cctx->str = enc ? (ccm128_f)aesni_ccm64_encrypt_blocks :
373 (ccm128_f)aesni_ccm64_decrypt_blocks;
374 cctx->key_set = 1;
375 }
376 if (iv) {
377 memcpy(ctx->iv, iv, 15 - cctx->L);
378 cctx->iv_set = 1;
379 }
380 return 1;
381}
382
383#define aesni_ccm_cipher aes_ccm_cipher
384static int aesni_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
385 const unsigned char *in, size_t len);
386
387#define BLOCK_CIPHER_generic(n,keylen,blocksize,ivlen,nmode,mode,MODE,fl) \
388static const EVP_CIPHER aesni_##keylen##_##mode = { \
389 .nid = n##_##keylen##_##nmode, \
390 .block_size = blocksize, \
391 .key_len = keylen / 8, \
392 .iv_len = ivlen, \
393 .flags = fl | EVP_CIPH_##MODE##_MODE, \
394 .init = aesni_init_key, \
395 .do_cipher = aesni_##mode##_cipher, \
396 .ctx_size = sizeof(EVP_AES_KEY) \
397}; \
398static const EVP_CIPHER aes_##keylen##_##mode = { \
399 .nid = n##_##keylen##_##nmode, \
400 .block_size = blocksize, \
401 .key_len = keylen / 8, \
402 .iv_len = ivlen, \
403 .flags = fl | EVP_CIPH_##MODE##_MODE, \
404 .init = aes_init_key, \
405 .do_cipher = aes_##mode##_cipher, \
406 .ctx_size = sizeof(EVP_AES_KEY) \
407}; \
408const EVP_CIPHER * \
409EVP_aes_##keylen##_##mode(void) \
410{ \
411 return AESNI_CAPABLE ? \
412 &aesni_##keylen##_##mode : &aes_##keylen##_##mode; \
413}
414
415#define BLOCK_CIPHER_custom(n,keylen,blocksize,ivlen,mode,MODE,fl) \
416static const EVP_CIPHER aesni_##keylen##_##mode = { \
417 .nid = n##_##keylen##_##mode, \
418 .block_size = blocksize, \
419 .key_len = \
420 (EVP_CIPH_##MODE##_MODE == EVP_CIPH_XTS_MODE ? 2 : 1) * \
421 keylen / 8, \
422 .iv_len = ivlen, \
423 .flags = fl | EVP_CIPH_##MODE##_MODE, \
424 .init = aesni_##mode##_init_key, \
425 .do_cipher = aesni_##mode##_cipher, \
426 .cleanup = aes_##mode##_cleanup, \
427 .ctx_size = sizeof(EVP_AES_##MODE##_CTX), \
428 .ctrl = aes_##mode##_ctrl \
429}; \
430static const EVP_CIPHER aes_##keylen##_##mode = { \
431 .nid = n##_##keylen##_##mode, \
432 .block_size = blocksize, \
433 .key_len = \
434 (EVP_CIPH_##MODE##_MODE == EVP_CIPH_XTS_MODE ? 2 : 1) * \
435 keylen / 8, \
436 .iv_len = ivlen, \
437 .flags = fl | EVP_CIPH_##MODE##_MODE, \
438 .init = aes_##mode##_init_key, \
439 .do_cipher = aes_##mode##_cipher, \
440 .cleanup = aes_##mode##_cleanup, \
441 .ctx_size = sizeof(EVP_AES_##MODE##_CTX), \
442 .ctrl = aes_##mode##_ctrl \
443}; \
444const EVP_CIPHER * \
445EVP_aes_##keylen##_##mode(void) \
446{ \
447 return AESNI_CAPABLE ? \
448 &aesni_##keylen##_##mode : &aes_##keylen##_##mode; \
449}
450
451#else
452
453#define BLOCK_CIPHER_generic(n,keylen,blocksize,ivlen,nmode,mode,MODE,fl) \
454static const EVP_CIPHER aes_##keylen##_##mode = { \
455 .nid = n##_##keylen##_##nmode, \
456 .block_size = blocksize, \
457 .key_len = keylen / 8, \
458 .iv_len = ivlen, \
459 .flags = fl | EVP_CIPH_##MODE##_MODE, \
460 .init = aes_init_key, \
461 .do_cipher = aes_##mode##_cipher, \
462 .ctx_size = sizeof(EVP_AES_KEY) \
463}; \
464const EVP_CIPHER * \
465EVP_aes_##keylen##_##mode(void) \
466{ \
467 return &aes_##keylen##_##mode; \
468}
469
470#define BLOCK_CIPHER_custom(n,keylen,blocksize,ivlen,mode,MODE,fl) \
471static const EVP_CIPHER aes_##keylen##_##mode = { \
472 .nid = n##_##keylen##_##mode, \
473 .block_size = blocksize, \
474 .key_len = \
475 (EVP_CIPH_##MODE##_MODE == EVP_CIPH_XTS_MODE ? 2 : 1) * \
476 keylen / 8, \
477 .iv_len = ivlen, \
478 .flags = fl | EVP_CIPH_##MODE##_MODE, \
479 .init = aes_##mode##_init_key, \
480 .do_cipher = aes_##mode##_cipher, \
481 .cleanup = aes_##mode##_cleanup, \
482 .ctx_size = sizeof(EVP_AES_##MODE##_CTX), \
483 .ctrl = aes_##mode##_ctrl \
484}; \
485const EVP_CIPHER * \
486EVP_aes_##keylen##_##mode(void) \
487{ \
488 return &aes_##keylen##_##mode; \
489}
490
491#endif
492
493#define BLOCK_CIPHER_generic_pack(nid,keylen,flags) \
494 BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
495 BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
496 BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
497 BLOCK_CIPHER_generic(nid,keylen,1,16,cfb128,cfb,CFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
498 BLOCK_CIPHER_generic(nid,keylen,1,16,cfb1,cfb1,CFB,flags) \
499 BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags) \
500 BLOCK_CIPHER_generic(nid,keylen,1,16,ctr,ctr,CTR,flags)
501
502static int
503aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
504 const unsigned char *iv, int enc)
505{
506 int ret, mode;
507 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
508
509 mode = ctx->cipher->flags & EVP_CIPH_MODE;
510 if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) &&
511 !enc)
512#ifdef BSAES_CAPABLE
513 if (BSAES_CAPABLE && mode == EVP_CIPH_CBC_MODE) {
514 ret = AES_set_decrypt_key(key, ctx->key_len * 8,
515 &dat->ks);
516 dat->block = (block128_f)AES_decrypt;
517 dat->stream.cbc = (cbc128_f)bsaes_cbc_encrypt;
518 } else
519#endif
520#ifdef VPAES_CAPABLE
521 if (VPAES_CAPABLE) {
522 ret = vpaes_set_decrypt_key(key, ctx->key_len * 8,
523 &dat->ks);
524 dat->block = (block128_f)vpaes_decrypt;
525 dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
526 (cbc128_f)vpaes_cbc_encrypt : NULL;
527 } else
528#endif
529 {
530 ret = AES_set_decrypt_key(key, ctx->key_len * 8,
531 &dat->ks);
532 dat->block = (block128_f)AES_decrypt;
533 dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
534 (cbc128_f)AES_cbc_encrypt : NULL;
535 } else
536#ifdef BSAES_CAPABLE
537 if (BSAES_CAPABLE && mode == EVP_CIPH_CTR_MODE) {
538 ret = AES_set_encrypt_key(key, ctx->key_len * 8,
539 &dat->ks);
540 dat->block = (block128_f)AES_encrypt;
541 dat->stream.ctr = (ctr128_f)bsaes_ctr32_encrypt_blocks;
542 } else
543#endif
544#ifdef VPAES_CAPABLE
545 if (VPAES_CAPABLE) {
546 ret = vpaes_set_encrypt_key(key, ctx->key_len * 8,
547 &dat->ks);
548 dat->block = (block128_f)vpaes_encrypt;
549 dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
550 (cbc128_f)vpaes_cbc_encrypt : NULL;
551 } else
552#endif
553 {
554 ret = AES_set_encrypt_key(key, ctx->key_len * 8,
555 &dat->ks);
556 dat->block = (block128_f)AES_encrypt;
557 dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
558 (cbc128_f)AES_cbc_encrypt : NULL;
559#ifdef AES_CTR_ASM
560 if (mode == EVP_CIPH_CTR_MODE)
561 dat->stream.ctr = (ctr128_f)AES_ctr32_encrypt;
562#endif
563 }
564
565 if (ret < 0) {
566 EVPerr(EVP_F_AES_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED);
567 return 0;
568 }
569
570 return 1;
571}
572
573static int
574aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
575 const unsigned char *in, size_t len)
576{
577 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
578
579 if (dat->stream.cbc)
580 (*dat->stream.cbc)(in, out, len, &dat->ks, ctx->iv,
581 ctx->encrypt);
582 else if (ctx->encrypt)
583 CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv,
584 dat->block);
585 else
586 CRYPTO_cbc128_decrypt(in, out, len, &dat->ks, ctx->iv,
587 dat->block);
588
589 return 1;
590}
591
592static int
593aes_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
594 const unsigned char *in, size_t len)
595{
596 size_t bl = ctx->cipher->block_size;
597 size_t i;
598 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
599
600 if (len < bl)
601 return 1;
602
603 for (i = 0, len -= bl; i <= len; i += bl)
604 (*dat->block)(in + i, out + i, &dat->ks);
605
606 return 1;
607}
608
609static int
610aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
611 const unsigned char *in, size_t len)
612{
613 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
614
615 CRYPTO_ofb128_encrypt(in, out, len, &dat->ks, ctx->iv, &ctx->num,
616 dat->block);
617 return 1;
618}
619
620static int
621aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
622 const unsigned char *in, size_t len)
623{
624 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
625
626 CRYPTO_cfb128_encrypt(in, out, len, &dat->ks, ctx->iv, &ctx->num,
627 ctx->encrypt, dat->block);
628 return 1;
629}
630
631static int
632aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
633 const unsigned char *in, size_t len)
634{
635 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
636
637 CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks, ctx->iv, &ctx->num,
638 ctx->encrypt, dat->block);
639 return 1;
640}
641
642static int
643aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
644 const unsigned char *in, size_t len)
645{
646 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
647
648 if (ctx->flags&EVP_CIPH_FLAG_LENGTH_BITS) {
649 CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks, ctx->iv,
650 &ctx->num, ctx->encrypt, dat->block);
651 return 1;
652 }
653
654 while (len >= MAXBITCHUNK) {
655 CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK*8, &dat->ks,
656 ctx->iv, &ctx->num, ctx->encrypt, dat->block);
657 len -= MAXBITCHUNK;
658 }
659 if (len)
660 CRYPTO_cfb128_1_encrypt(in, out, len*8, &dat->ks,
661 ctx->iv, &ctx->num, ctx->encrypt, dat->block);
662
663 return 1;
664}
665
666static int aes_ctr_cipher (EVP_CIPHER_CTX *ctx, unsigned char *out,
667 const unsigned char *in, size_t len)
668{
669 unsigned int num = ctx->num;
670 EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
671
672 if (dat->stream.ctr)
673 CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks,
674 ctx->iv, ctx->buf, &num, dat->stream.ctr);
675 else
676 CRYPTO_ctr128_encrypt(in, out, len, &dat->ks,
677 ctx->iv, ctx->buf, &num, dat->block);
678 ctx->num = (size_t)num;
679 return 1;
680}
681
682BLOCK_CIPHER_generic_pack(NID_aes, 128, EVP_CIPH_FLAG_FIPS)
683BLOCK_CIPHER_generic_pack(NID_aes, 192, EVP_CIPH_FLAG_FIPS)
684BLOCK_CIPHER_generic_pack(NID_aes, 256, EVP_CIPH_FLAG_FIPS)
685
686static int
687aes_gcm_cleanup(EVP_CIPHER_CTX *c)
688{
689 EVP_AES_GCM_CTX *gctx = c->cipher_data;
690
691 if (gctx->iv != c->iv)
692 free(gctx->iv);
693 OPENSSL_cleanse(gctx, sizeof(*gctx));
694 return 1;
695}
696
697/* increment counter (64-bit int) by 1 */
698static void
699ctr64_inc(unsigned char *counter)
700{
701 int n = 8;
702 unsigned char c;
703
704 do {
705 --n;
706 c = counter[n];
707 ++c;
708 counter[n] = c;
709 if (c)
710 return;
711 } while (n);
712}
713
714static int
715aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
716{
717 EVP_AES_GCM_CTX *gctx = c->cipher_data;
718
719 switch (type) {
720 case EVP_CTRL_INIT:
721 gctx->key_set = 0;
722 gctx->iv_set = 0;
723 gctx->ivlen = c->cipher->iv_len;
724 gctx->iv = c->iv;
725 gctx->taglen = -1;
726 gctx->iv_gen = 0;
727 gctx->tls_aad_len = -1;
728 return 1;
729
730 case EVP_CTRL_GCM_SET_IVLEN:
731 if (arg <= 0)
732 return 0;
733 /* Allocate memory for IV if needed */
734 if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) {
735 if (gctx->iv != c->iv)
736 free(gctx->iv);
737 gctx->iv = malloc(arg);
738 if (!gctx->iv)
739 return 0;
740 }
741 gctx->ivlen = arg;
742 return 1;
743
744 case EVP_CTRL_GCM_SET_TAG:
745 if (arg <= 0 || arg > 16 || c->encrypt)
746 return 0;
747 memcpy(c->buf, ptr, arg);
748 gctx->taglen = arg;
749 return 1;
750
751 case EVP_CTRL_GCM_GET_TAG:
752 if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0)
753 return 0;
754 memcpy(ptr, c->buf, arg);
755 return 1;
756
757 case EVP_CTRL_GCM_SET_IV_FIXED:
758 /* Special case: -1 length restores whole IV */
759 if (arg == -1) {
760 memcpy(gctx->iv, ptr, gctx->ivlen);
761 gctx->iv_gen = 1;
762 return 1;
763 }
764 /* Fixed field must be at least 4 bytes and invocation field
765 * at least 8.
766 */
767 if ((arg < 4) || (gctx->ivlen - arg) < 8)
768 return 0;
769 if (arg)
770 memcpy(gctx->iv, ptr, arg);
771 if (c->encrypt)
772 arc4random_buf(gctx->iv + arg, gctx->ivlen - arg);
773 gctx->iv_gen = 1;
774 return 1;
775
776 case EVP_CTRL_GCM_IV_GEN:
777 if (gctx->iv_gen == 0 || gctx->key_set == 0)
778 return 0;
779 CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen);
780 if (arg <= 0 || arg > gctx->ivlen)
781 arg = gctx->ivlen;
782 memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
783 /* Invocation field will be at least 8 bytes in size and
784 * so no need to check wrap around or increment more than
785 * last 8 bytes.
786 */
787 ctr64_inc(gctx->iv + gctx->ivlen - 8);
788 gctx->iv_set = 1;
789 return 1;
790
791 case EVP_CTRL_GCM_SET_IV_INV:
792 if (gctx->iv_gen == 0 || gctx->key_set == 0 || c->encrypt)
793 return 0;
794 memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
795 CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen);
796 gctx->iv_set = 1;
797 return 1;
798
799 case EVP_CTRL_AEAD_TLS1_AAD:
800 /* Save the AAD for later use */
801 if (arg != 13)
802 return 0;
803 memcpy(c->buf, ptr, arg);
804 gctx->tls_aad_len = arg;
805 {
806 unsigned int len = c->buf[arg - 2] << 8 |
807 c->buf[arg - 1];
808
809 /* Correct length for explicit IV */
810 len -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
811
812 /* If decrypting correct for tag too */
813 if (!c->encrypt)
814 len -= EVP_GCM_TLS_TAG_LEN;
815 c->buf[arg - 2] = len >> 8;
816 c->buf[arg - 1] = len & 0xff;
817 }
818 /* Extra padding: tag appended to record */
819 return EVP_GCM_TLS_TAG_LEN;
820
821 case EVP_CTRL_COPY:
822 {
823 EVP_CIPHER_CTX *out = ptr;
824 EVP_AES_GCM_CTX *gctx_out = out->cipher_data;
825
826 if (gctx->gcm.key) {
827 if (gctx->gcm.key != &gctx->ks)
828 return 0;
829 gctx_out->gcm.key = &gctx_out->ks;
830 }
831 if (gctx->iv == c->iv)
832 gctx_out->iv = out->iv;
833 else {
834 gctx_out->iv = malloc(gctx->ivlen);
835 if (!gctx_out->iv)
836 return 0;
837 memcpy(gctx_out->iv, gctx->iv, gctx->ivlen);
838 }
839 return 1;
840 }
841
842 default:
843 return -1;
844
845 }
846}
847
848static ctr128_f
849aes_gcm_set_key(AES_KEY *aes_key, GCM128_CONTEXT *gcm_ctx,
850 const unsigned char *key, size_t key_len)
851{
852#ifdef BSAES_CAPABLE
853 if (BSAES_CAPABLE) {
854 AES_set_encrypt_key(key, key_len * 8, aes_key);
855 CRYPTO_gcm128_init(gcm_ctx, aes_key, (block128_f)AES_encrypt);
856 return (ctr128_f)bsaes_ctr32_encrypt_blocks;
857 } else
858#endif
859#ifdef VPAES_CAPABLE
860 if (VPAES_CAPABLE) {
861 vpaes_set_encrypt_key(key, key_len * 8, aes_key);
862 CRYPTO_gcm128_init(gcm_ctx, aes_key, (block128_f)vpaes_encrypt);
863 return NULL;
864 } else
865#endif
866 (void)0; /* terminate potentially open 'else' */
867
868 AES_set_encrypt_key(key, key_len * 8, aes_key);
869 CRYPTO_gcm128_init(gcm_ctx, aes_key, (block128_f)AES_encrypt);
870#ifdef AES_CTR_ASM
871 return (ctr128_f)AES_ctr32_encrypt;
872#else
873 return NULL;
874#endif
875}
876
877static int
878aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
879 const unsigned char *iv, int enc)
880{
881 EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
882
883 if (!iv && !key)
884 return 1;
885 if (key) {
886 gctx->ctr = aes_gcm_set_key(&gctx->ks, &gctx->gcm,
887 key, ctx->key_len);
888
889 /* If we have an iv can set it directly, otherwise use
890 * saved IV.
891 */
892 if (iv == NULL && gctx->iv_set)
893 iv = gctx->iv;
894 if (iv) {
895 CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
896 gctx->iv_set = 1;
897 }
898 gctx->key_set = 1;
899 } else {
900 /* If key set use IV, otherwise copy */
901 if (gctx->key_set)
902 CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
903 else
904 memcpy(gctx->iv, iv, gctx->ivlen);
905 gctx->iv_set = 1;
906 gctx->iv_gen = 0;
907 }
908 return 1;
909}
910
911/* Handle TLS GCM packet format. This consists of the last portion of the IV
912 * followed by the payload and finally the tag. On encrypt generate IV,
913 * encrypt payload and write the tag. On verify retrieve IV, decrypt payload
914 * and verify tag.
915 */
916
917static int
918aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
919 const unsigned char *in, size_t len)
920{
921 EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
922 int rv = -1;
923
924 /* Encrypt/decrypt must be performed in place */
925 if (out != in ||
926 len < (EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN))
927 return -1;
928
929 /* Set IV from start of buffer or generate IV and write to start
930 * of buffer.
931 */
932 if (EVP_CIPHER_CTX_ctrl(ctx, ctx->encrypt ?
933 EVP_CTRL_GCM_IV_GEN : EVP_CTRL_GCM_SET_IV_INV,
934 EVP_GCM_TLS_EXPLICIT_IV_LEN, out) <= 0)
935 goto err;
936
937 /* Use saved AAD */
938 if (CRYPTO_gcm128_aad(&gctx->gcm, ctx->buf, gctx->tls_aad_len))
939 goto err;
940
941 /* Fix buffer and length to point to payload */
942 in += EVP_GCM_TLS_EXPLICIT_IV_LEN;
943 out += EVP_GCM_TLS_EXPLICIT_IV_LEN;
944 len -= EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
945 if (ctx->encrypt) {
946 /* Encrypt payload */
947 if (gctx->ctr) {
948 if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm, in, out,
949 len, gctx->ctr))
950 goto err;
951 } else {
952 if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, len))
953 goto err;
954 }
955 out += len;
956
957 /* Finally write tag */
958 CRYPTO_gcm128_tag(&gctx->gcm, out, EVP_GCM_TLS_TAG_LEN);
959 rv = len + EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
960 } else {
961 /* Decrypt */
962 if (gctx->ctr) {
963 if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm, in, out,
964 len, gctx->ctr))
965 goto err;
966 } else {
967 if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, len))
968 goto err;
969 }
970 /* Retrieve tag */
971 CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, EVP_GCM_TLS_TAG_LEN);
972
973 /* If tag mismatch wipe buffer */
974 if (memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN)) {
975 OPENSSL_cleanse(out, len);
976 goto err;
977 }
978 rv = len;
979 }
980
981err:
982 gctx->iv_set = 0;
983 gctx->tls_aad_len = -1;
984 return rv;
985}
986
987static int
988aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
989 const unsigned char *in, size_t len)
990{
991 EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
992
993 /* If not set up, return error */
994 if (!gctx->key_set)
995 return -1;
996
997 if (gctx->tls_aad_len >= 0)
998 return aes_gcm_tls_cipher(ctx, out, in, len);
999
1000 if (!gctx->iv_set)
1001 return -1;
1002
1003 if (in) {
1004 if (out == NULL) {
1005 if (CRYPTO_gcm128_aad(&gctx->gcm, in, len))
1006 return -1;
1007 } else if (ctx->encrypt) {
1008 if (gctx->ctr) {
1009 if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm,
1010 in, out, len, gctx->ctr))
1011 return -1;
1012 } else {
1013 if (CRYPTO_gcm128_encrypt(&gctx->gcm,
1014 in, out, len))
1015 return -1;
1016 }
1017 } else {
1018 if (gctx->ctr) {
1019 if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm,
1020 in, out, len, gctx->ctr))
1021 return -1;
1022 } else {
1023 if (CRYPTO_gcm128_decrypt(&gctx->gcm,
1024 in, out, len))
1025 return -1;
1026 }
1027 }
1028 return len;
1029 } else {
1030 if (!ctx->encrypt) {
1031 if (gctx->taglen < 0)
1032 return -1;
1033 if (CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf,
1034 gctx->taglen) != 0)
1035 return -1;
1036 gctx->iv_set = 0;
1037 return 0;
1038 }
1039 CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, 16);
1040 gctx->taglen = 16;
1041
1042 /* Don't reuse the IV */
1043 gctx->iv_set = 0;
1044 return 0;
1045 }
1046
1047}
1048
1049#define CUSTOM_FLAGS \
1050 ( EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV | \
1051 EVP_CIPH_FLAG_CUSTOM_CIPHER | EVP_CIPH_ALWAYS_CALL_INIT | \
1052 EVP_CIPH_CTRL_INIT | EVP_CIPH_CUSTOM_COPY )
1053
1054BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM,
1055 EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
1056BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, gcm, GCM,
1057 EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
1058BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, gcm, GCM,
1059 EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
1060
1061static int
1062aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
1063{
1064 EVP_AES_XTS_CTX *xctx = c->cipher_data;
1065
1066 switch (type) {
1067 case EVP_CTRL_INIT:
1068 /*
1069 * key1 and key2 are used as an indicator both key and IV
1070 * are set
1071 */
1072 xctx->xts.key1 = NULL;
1073 xctx->xts.key2 = NULL;
1074 return 1;
1075
1076 case EVP_CTRL_COPY:
1077 {
1078 EVP_CIPHER_CTX *out = ptr;
1079 EVP_AES_XTS_CTX *xctx_out = out->cipher_data;
1080
1081 if (xctx->xts.key1) {
1082 if (xctx->xts.key1 != &xctx->ks1)
1083 return 0;
1084 xctx_out->xts.key1 = &xctx_out->ks1;
1085 }
1086 if (xctx->xts.key2) {
1087 if (xctx->xts.key2 != &xctx->ks2)
1088 return 0;
1089 xctx_out->xts.key2 = &xctx_out->ks2;
1090 }
1091 return 1;
1092 }
1093 }
1094 return -1;
1095}
1096
1097static int
1098aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
1099 const unsigned char *iv, int enc)
1100{
1101 EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
1102
1103 if (!iv && !key)
1104 return 1;
1105
1106 if (key) do {
1107#ifdef AES_XTS_ASM
1108 xctx->stream = enc ? AES_xts_encrypt : AES_xts_decrypt;
1109#else
1110 xctx->stream = NULL;
1111#endif
1112 /* key_len is two AES keys */
1113#ifdef BSAES_CAPABLE
1114 if (BSAES_CAPABLE)
1115 xctx->stream = enc ? bsaes_xts_encrypt :
1116 bsaes_xts_decrypt;
1117 else
1118#endif
1119#ifdef VPAES_CAPABLE
1120 if (VPAES_CAPABLE) {
1121 if (enc) {
1122 vpaes_set_encrypt_key(key, ctx->key_len * 4,
1123 &xctx->ks1);
1124 xctx->xts.block1 = (block128_f)vpaes_encrypt;
1125 } else {
1126 vpaes_set_decrypt_key(key, ctx->key_len * 4,
1127 &xctx->ks1);
1128 xctx->xts.block1 = (block128_f)vpaes_decrypt;
1129 }
1130
1131 vpaes_set_encrypt_key(key + ctx->key_len / 2,
1132 ctx->key_len * 4, &xctx->ks2);
1133 xctx->xts.block2 = (block128_f)vpaes_encrypt;
1134
1135 xctx->xts.key1 = &xctx->ks1;
1136 break;
1137 } else
1138#endif
1139 (void)0; /* terminate potentially open 'else' */
1140
1141 if (enc) {
1142 AES_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
1143 xctx->xts.block1 = (block128_f)AES_encrypt;
1144 } else {
1145 AES_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1);
1146 xctx->xts.block1 = (block128_f)AES_decrypt;
1147 }
1148
1149 AES_set_encrypt_key(key + ctx->key_len / 2,
1150 ctx->key_len * 4, &xctx->ks2);
1151 xctx->xts.block2 = (block128_f)AES_encrypt;
1152
1153 xctx->xts.key1 = &xctx->ks1;
1154 } while (0);
1155
1156 if (iv) {
1157 xctx->xts.key2 = &xctx->ks2;
1158 memcpy(ctx->iv, iv, 16);
1159 }
1160
1161 return 1;
1162}
1163
1164static int
1165aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
1166 const unsigned char *in, size_t len)
1167{
1168 EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
1169
1170 if (!xctx->xts.key1 || !xctx->xts.key2)
1171 return 0;
1172 if (!out || !in || len < AES_BLOCK_SIZE)
1173 return 0;
1174
1175 if (xctx->stream)
1176 (*xctx->stream)(in, out, len, xctx->xts.key1, xctx->xts.key2,
1177 ctx->iv);
1178 else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
1179 ctx->encrypt))
1180 return 0;
1181 return 1;
1182}
1183
1184#define aes_xts_cleanup NULL
1185
1186#define XTS_FLAGS \
1187 ( EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV | \
1188 EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT | EVP_CIPH_CUSTOM_COPY )
1189
1190BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS, EVP_CIPH_FLAG_FIPS|XTS_FLAGS)
1191BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS, EVP_CIPH_FLAG_FIPS|XTS_FLAGS)
1192
1193static int
1194aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
1195{
1196 EVP_AES_CCM_CTX *cctx = c->cipher_data;
1197
1198 switch (type) {
1199 case EVP_CTRL_INIT:
1200 cctx->key_set = 0;
1201 cctx->iv_set = 0;
1202 cctx->L = 8;
1203 cctx->M = 12;
1204 cctx->tag_set = 0;
1205 cctx->len_set = 0;
1206 return 1;
1207
1208 case EVP_CTRL_CCM_SET_IVLEN:
1209 arg = 15 - arg;
1210
1211 case EVP_CTRL_CCM_SET_L:
1212 if (arg < 2 || arg > 8)
1213 return 0;
1214 cctx->L = arg;
1215 return 1;
1216
1217 case EVP_CTRL_CCM_SET_TAG:
1218 if ((arg & 1) || arg < 4 || arg > 16)
1219 return 0;
1220 if ((c->encrypt && ptr) || (!c->encrypt && !ptr))
1221 return 0;
1222 if (ptr) {
1223 cctx->tag_set = 1;
1224 memcpy(c->buf, ptr, arg);
1225 }
1226 cctx->M = arg;
1227 return 1;
1228
1229 case EVP_CTRL_CCM_GET_TAG:
1230 if (!c->encrypt || !cctx->tag_set)
1231 return 0;
1232 if (!CRYPTO_ccm128_tag(&cctx->ccm, ptr, (size_t)arg))
1233 return 0;
1234 cctx->tag_set = 0;
1235 cctx->iv_set = 0;
1236 cctx->len_set = 0;
1237 return 1;
1238
1239 case EVP_CTRL_COPY:
1240 {
1241 EVP_CIPHER_CTX *out = ptr;
1242 EVP_AES_CCM_CTX *cctx_out = out->cipher_data;
1243
1244 if (cctx->ccm.key) {
1245 if (cctx->ccm.key != &cctx->ks)
1246 return 0;
1247 cctx_out->ccm.key = &cctx_out->ks;
1248 }
1249 return 1;
1250 }
1251
1252 default:
1253 return -1;
1254 }
1255}
1256
1257static int
1258aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
1259 const unsigned char *iv, int enc)
1260{
1261 EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
1262
1263 if (!iv && !key)
1264 return 1;
1265 if (key) do {
1266#ifdef VPAES_CAPABLE
1267 if (VPAES_CAPABLE) {
1268 vpaes_set_encrypt_key(key, ctx->key_len*8, &cctx->ks);
1269 CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
1270 &cctx->ks, (block128_f)vpaes_encrypt);
1271 cctx->str = NULL;
1272 cctx->key_set = 1;
1273 break;
1274 }
1275#endif
1276 AES_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks);
1277 CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
1278 &cctx->ks, (block128_f)AES_encrypt);
1279 cctx->str = NULL;
1280 cctx->key_set = 1;
1281 } while (0);
1282 if (iv) {
1283 memcpy(ctx->iv, iv, 15 - cctx->L);
1284 cctx->iv_set = 1;
1285 }
1286 return 1;
1287}
1288
1289static int
1290aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
1291 const unsigned char *in, size_t len)
1292{
1293 EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
1294 CCM128_CONTEXT *ccm = &cctx->ccm;
1295
1296 /* If not set up, return error */
1297 if (!cctx->iv_set && !cctx->key_set)
1298 return -1;
1299 if (!ctx->encrypt && !cctx->tag_set)
1300 return -1;
1301
1302 if (!out) {
1303 if (!in) {
1304 if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L,
1305 len))
1306 return -1;
1307 cctx->len_set = 1;
1308 return len;
1309 }
1310 /* If have AAD need message length */
1311 if (!cctx->len_set && len)
1312 return -1;
1313 CRYPTO_ccm128_aad(ccm, in, len);
1314 return len;
1315 }
1316 /* EVP_*Final() doesn't return any data */
1317 if (!in)
1318 return 0;
1319 /* If not set length yet do it */
1320 if (!cctx->len_set) {
1321 if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len))
1322 return -1;
1323 cctx->len_set = 1;
1324 }
1325 if (ctx->encrypt) {
1326 if (cctx->str ? CRYPTO_ccm128_encrypt_ccm64(ccm, in, out, len,
1327 cctx->str) : CRYPTO_ccm128_encrypt(ccm, in, out, len))
1328 return -1;
1329 cctx->tag_set = 1;
1330 return len;
1331 } else {
1332 int rv = -1;
1333 if (cctx->str ? !CRYPTO_ccm128_decrypt_ccm64(ccm, in, out, len,
1334 cctx->str) : !CRYPTO_ccm128_decrypt(ccm, in, out, len)) {
1335 unsigned char tag[16];
1336 if (CRYPTO_ccm128_tag(ccm, tag, cctx->M)) {
1337 if (!memcmp(tag, ctx->buf, cctx->M))
1338 rv = len;
1339 }
1340 }
1341 if (rv == -1)
1342 OPENSSL_cleanse(out, len);
1343 cctx->iv_set = 0;
1344 cctx->tag_set = 0;
1345 cctx->len_set = 0;
1346 return rv;
1347 }
1348
1349}
1350
1351#define aes_ccm_cleanup NULL
1352
1353BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, ccm, CCM,
1354 EVP_CIPH_FLAG_FIPS|CUSTOM_FLAGS)
1355BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, ccm, CCM,
1356 EVP_CIPH_FLAG_FIPS|CUSTOM_FLAGS)
1357BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, ccm, CCM,
1358 EVP_CIPH_FLAG_FIPS|CUSTOM_FLAGS)
1359
1360#define EVP_AEAD_AES_GCM_TAG_LEN 16
1361
1362struct aead_aes_gcm_ctx {
1363 union {
1364 double align;
1365 AES_KEY ks;
1366 } ks;
1367 GCM128_CONTEXT gcm;
1368 ctr128_f ctr;
1369 unsigned char tag_len;
1370};
1371
1372static int
1373aead_aes_gcm_init(EVP_AEAD_CTX *ctx, const unsigned char *key, size_t key_len,
1374 size_t tag_len)
1375{
1376 struct aead_aes_gcm_ctx *gcm_ctx;
1377 const size_t key_bits = key_len * 8;
1378
1379 /* EVP_AEAD_CTX_init should catch this. */
1380 if (key_bits != 128 && key_bits != 256) {
1381 EVPerr(EVP_F_AEAD_AES_GCM_INIT, EVP_R_BAD_KEY_LENGTH);
1382 return 0;
1383 }
1384
1385 if (tag_len == EVP_AEAD_DEFAULT_TAG_LENGTH)
1386 tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
1387
1388 if (tag_len > EVP_AEAD_AES_GCM_TAG_LEN) {
1389 EVPerr(EVP_F_AEAD_AES_GCM_INIT, EVP_R_TAG_TOO_LARGE);
1390 return 0;
1391 }
1392
1393 gcm_ctx = malloc(sizeof(struct aead_aes_gcm_ctx));
1394 if (gcm_ctx == NULL)
1395 return 0;
1396
1397#ifdef AESNI_CAPABLE
1398 if (AESNI_CAPABLE) {
1399 aesni_set_encrypt_key(key, key_bits, &gcm_ctx->ks.ks);
1400 CRYPTO_gcm128_init(&gcm_ctx->gcm, &gcm_ctx->ks.ks,
1401 (block128_f)aesni_encrypt);
1402 gcm_ctx->ctr = (ctr128_f) aesni_ctr32_encrypt_blocks;
1403 } else
1404#endif
1405 {
1406 gcm_ctx->ctr = aes_gcm_set_key(&gcm_ctx->ks.ks, &gcm_ctx->gcm,
1407 key, key_len);
1408 }
1409 gcm_ctx->tag_len = tag_len;
1410 ctx->aead_state = gcm_ctx;
1411
1412 return 1;
1413}
1414
1415static void
1416aead_aes_gcm_cleanup(EVP_AEAD_CTX *ctx)
1417{
1418 struct aead_aes_gcm_ctx *gcm_ctx = ctx->aead_state;
1419
1420 OPENSSL_cleanse(gcm_ctx, sizeof(*gcm_ctx));
1421 free(gcm_ctx);
1422}
1423
1424static int
1425aead_aes_gcm_seal(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len,
1426 size_t max_out_len, const unsigned char *nonce, size_t nonce_len,
1427 const unsigned char *in, size_t in_len, const unsigned char *ad,
1428 size_t ad_len)
1429{
1430 const struct aead_aes_gcm_ctx *gcm_ctx = ctx->aead_state;
1431 GCM128_CONTEXT gcm;
1432 size_t bulk = 0;
1433
1434 if (max_out_len < in_len + gcm_ctx->tag_len) {
1435 EVPerr(EVP_F_AEAD_AES_GCM_SEAL, EVP_R_BUFFER_TOO_SMALL);
1436 return 0;
1437 }
1438
1439 memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
1440 CRYPTO_gcm128_setiv(&gcm, nonce, nonce_len);
1441
1442 if (ad_len > 0 && CRYPTO_gcm128_aad(&gcm, ad, ad_len))
1443 return 0;
1444
1445 if (gcm_ctx->ctr) {
1446 if (CRYPTO_gcm128_encrypt_ctr32(&gcm, in + bulk, out + bulk,
1447 in_len - bulk, gcm_ctx->ctr))
1448 return 0;
1449 } else {
1450 if (CRYPTO_gcm128_encrypt(&gcm, in + bulk, out + bulk,
1451 in_len - bulk))
1452 return 0;
1453 }
1454
1455 CRYPTO_gcm128_tag(&gcm, out + in_len, gcm_ctx->tag_len);
1456 *out_len = in_len + gcm_ctx->tag_len;
1457
1458 return 1;
1459}
1460
1461static int
1462aead_aes_gcm_open(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len,
1463 size_t max_out_len, const unsigned char *nonce, size_t nonce_len,
1464 const unsigned char *in, size_t in_len, const unsigned char *ad,
1465 size_t ad_len)
1466{
1467 const struct aead_aes_gcm_ctx *gcm_ctx = ctx->aead_state;
1468 unsigned char tag[EVP_AEAD_AES_GCM_TAG_LEN];
1469 GCM128_CONTEXT gcm;
1470 size_t plaintext_len;
1471 size_t bulk = 0;
1472
1473 if (in_len < gcm_ctx->tag_len) {
1474 EVPerr(EVP_F_AEAD_AES_GCM_OPEN, EVP_R_BAD_DECRYPT);
1475 return 0;
1476 }
1477
1478 plaintext_len = in_len - gcm_ctx->tag_len;
1479
1480 if (max_out_len < plaintext_len) {
1481 EVPerr(EVP_F_AEAD_AES_GCM_OPEN, EVP_R_BUFFER_TOO_SMALL);
1482 return 0;
1483 }
1484
1485 memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
1486 CRYPTO_gcm128_setiv(&gcm, nonce, nonce_len);
1487
1488 if (CRYPTO_gcm128_aad(&gcm, ad, ad_len))
1489 return 0;
1490
1491 if (gcm_ctx->ctr) {
1492 if (CRYPTO_gcm128_decrypt_ctr32(&gcm, in + bulk, out + bulk,
1493 in_len - bulk - gcm_ctx->tag_len, gcm_ctx->ctr))
1494 return 0;
1495 } else {
1496 if (CRYPTO_gcm128_decrypt(&gcm, in + bulk, out + bulk,
1497 in_len - bulk - gcm_ctx->tag_len))
1498 return 0;
1499 }
1500
1501 CRYPTO_gcm128_tag(&gcm, tag, gcm_ctx->tag_len);
1502 if (timingsafe_memcmp(tag, in + plaintext_len, gcm_ctx->tag_len) != 0) {
1503 EVPerr(EVP_F_AEAD_AES_GCM_OPEN, EVP_R_BAD_DECRYPT);
1504 return 0;
1505 }
1506
1507 *out_len = plaintext_len;
1508
1509 return 1;
1510}
1511
1512static const EVP_AEAD aead_aes_128_gcm = {
1513 .key_len = 16,
1514 .nonce_len = 12,
1515 .overhead = EVP_AEAD_AES_GCM_TAG_LEN,
1516 .max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN,
1517
1518 .init = aead_aes_gcm_init,
1519 .cleanup = aead_aes_gcm_cleanup,
1520 .seal = aead_aes_gcm_seal,
1521 .open = aead_aes_gcm_open,
1522};
1523
1524static const EVP_AEAD aead_aes_256_gcm = {
1525 .key_len = 32,
1526 .nonce_len = 12,
1527 .overhead = EVP_AEAD_AES_GCM_TAG_LEN,
1528 .max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN,
1529
1530 .init = aead_aes_gcm_init,
1531 .cleanup = aead_aes_gcm_cleanup,
1532 .seal = aead_aes_gcm_seal,
1533 .open = aead_aes_gcm_open,
1534};
1535
1536const EVP_AEAD *
1537EVP_aead_aes_128_gcm(void)
1538{
1539 return &aead_aes_128_gcm;
1540}
1541
1542const EVP_AEAD *
1543EVP_aead_aes_256_gcm(void)
1544{
1545 return &aead_aes_256_gcm;
1546}
1547
1548#endif
diff --git a/src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c b/src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c
deleted file mode 100644
index 7c23face34..0000000000
--- a/src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c
+++ /dev/null
@@ -1,601 +0,0 @@
1/* $OpenBSD: e_aes_cbc_hmac_sha1.c,v 1.8 2014/07/12 20:37:07 miod Exp $ */
2/* ====================================================================
3 * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 */
50
51#include <stdio.h>
52#include <string.h>
53
54#include <openssl/opensslconf.h>
55
56#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1)
57
58#include <openssl/evp.h>
59#include <openssl/objects.h>
60#include <openssl/aes.h>
61#include <openssl/sha.h>
62#include "evp_locl.h"
63
64#ifndef EVP_CIPH_FLAG_AEAD_CIPHER
65#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
66#define EVP_CTRL_AEAD_TLS1_AAD 0x16
67#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
68#endif
69
70#define TLS1_1_VERSION 0x0302
71
72typedef struct {
73 AES_KEY ks;
74 SHA_CTX head, tail, md;
75 size_t payload_length; /* AAD length in decrypt case */
76 union {
77 unsigned int tls_ver;
78 unsigned char tls_aad[16]; /* 13 used */
79 } aux;
80} EVP_AES_HMAC_SHA1;
81
82#define NO_PAYLOAD_LENGTH ((size_t)-1)
83
84#if defined(AES_ASM) && ( \
85 defined(__x86_64) || defined(__x86_64__) || \
86 defined(_M_AMD64) || defined(_M_X64) || \
87 defined(__INTEL__) )
88
89#if defined(__GNUC__) && __GNUC__>=2
90# define BSWAP(x) ({ unsigned int r=(x); asm ("bswapl %0":"=r"(r):"0"(r)); r; })
91#endif
92
93extern unsigned int OPENSSL_ia32cap_P[2];
94#define AESNI_CAPABLE (1<<(57-32))
95
96int aesni_set_encrypt_key(const unsigned char *userKey, int bits, AES_KEY *key);
97int aesni_set_decrypt_key(const unsigned char *userKey, int bits, AES_KEY *key);
98
99void aesni_cbc_encrypt(const unsigned char *in, unsigned char *out,
100 size_t length, const AES_KEY *key, unsigned char *ivec, int enc);
101
102void aesni_cbc_sha1_enc (const void *inp, void *out, size_t blocks,
103 const AES_KEY *key, unsigned char iv[16], SHA_CTX *ctx, const void *in0);
104
105#define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data)
106
107static int
108aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *inkey,
109 const unsigned char *iv, int enc)
110{
111 EVP_AES_HMAC_SHA1 *key = data(ctx);
112 int ret;
113
114 if (enc)
115 ret = aesni_set_encrypt_key(inkey, ctx->key_len * 8, &key->ks);
116 else
117 ret = aesni_set_decrypt_key(inkey, ctx->key_len * 8, &key->ks);
118
119 SHA1_Init(&key->head); /* handy when benchmarking */
120 key->tail = key->head;
121 key->md = key->head;
122
123 key->payload_length = NO_PAYLOAD_LENGTH;
124
125 return ret < 0 ? 0 : 1;
126}
127
128#define STITCHED_CALL
129
130#if !defined(STITCHED_CALL)
131#define aes_off 0
132#endif
133
134void sha1_block_data_order (void *c, const void *p, size_t len);
135
136static void
137sha1_update(SHA_CTX *c, const void *data, size_t len)
138{
139 const unsigned char *ptr = data;
140 size_t res;
141
142 if ((res = c->num)) {
143 res = SHA_CBLOCK - res;
144 if (len < res)
145 res = len;
146 SHA1_Update(c, ptr, res);
147 ptr += res;
148 len -= res;
149 }
150
151 res = len % SHA_CBLOCK;
152 len -= res;
153
154 if (len) {
155 sha1_block_data_order(c, ptr, len / SHA_CBLOCK);
156
157 ptr += len;
158 c->Nh += len >> 29;
159 c->Nl += len <<= 3;
160 if (c->Nl < (unsigned int)len)
161 c->Nh++;
162 }
163
164 if (res)
165 SHA1_Update(c, ptr, res);
166}
167
168#ifdef SHA1_Update
169#undef SHA1_Update
170#endif
171#define SHA1_Update sha1_update
172
173static int
174aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
175 const unsigned char *in, size_t len)
176{
177 EVP_AES_HMAC_SHA1 *key = data(ctx);
178 unsigned int l;
179 size_t plen = key->payload_length,
180 iv = 0, /* explicit IV in TLS 1.1 and later */
181 sha_off = 0;
182#if defined(STITCHED_CALL)
183 size_t aes_off = 0, blocks;
184
185 sha_off = SHA_CBLOCK - key->md.num;
186#endif
187
188 key->payload_length = NO_PAYLOAD_LENGTH;
189
190 if (len % AES_BLOCK_SIZE)
191 return 0;
192
193 if (ctx->encrypt) {
194 if (plen == NO_PAYLOAD_LENGTH)
195 plen = len;
196 else if (len != ((plen + SHA_DIGEST_LENGTH + AES_BLOCK_SIZE) &
197 -AES_BLOCK_SIZE))
198 return 0;
199 else if (key->aux.tls_ver >= TLS1_1_VERSION)
200 iv = AES_BLOCK_SIZE;
201
202#if defined(STITCHED_CALL)
203 if (plen > (sha_off + iv) &&
204 (blocks = (plen - (sha_off + iv)) / SHA_CBLOCK)) {
205 SHA1_Update(&key->md, in + iv, sha_off);
206
207 aesni_cbc_sha1_enc(in, out, blocks, &key->ks,
208 ctx->iv, &key->md, in + iv + sha_off);
209 blocks *= SHA_CBLOCK;
210 aes_off += blocks;
211 sha_off += blocks;
212 key->md.Nh += blocks >> 29;
213 key->md.Nl += blocks <<= 3;
214 if (key->md.Nl < (unsigned int)blocks)
215 key->md.Nh++;
216 } else {
217 sha_off = 0;
218 }
219#endif
220 sha_off += iv;
221 SHA1_Update(&key->md, in + sha_off, plen - sha_off);
222
223 if (plen != len) { /* "TLS" mode of operation */
224 if (in != out)
225 memcpy(out + aes_off, in + aes_off,
226 plen - aes_off);
227
228 /* calculate HMAC and append it to payload */
229 SHA1_Final(out + plen, &key->md);
230 key->md = key->tail;
231 SHA1_Update(&key->md, out + plen, SHA_DIGEST_LENGTH);
232 SHA1_Final(out + plen, &key->md);
233
234 /* pad the payload|hmac */
235 plen += SHA_DIGEST_LENGTH;
236 for (l = len - plen - 1; plen < len; plen++)
237 out[plen] = l;
238
239 /* encrypt HMAC|padding at once */
240 aesni_cbc_encrypt(out + aes_off, out + aes_off,
241 len - aes_off, &key->ks, ctx->iv, 1);
242 } else {
243 aesni_cbc_encrypt(in + aes_off, out + aes_off,
244 len - aes_off, &key->ks, ctx->iv, 1);
245 }
246 } else {
247 union {
248 unsigned int u[SHA_DIGEST_LENGTH/sizeof(unsigned int)];
249 unsigned char c[32 + SHA_DIGEST_LENGTH];
250 } mac, *pmac;
251
252 /* arrange cache line alignment */
253 pmac = (void *)(((size_t)mac.c + 31) & ((size_t)0 - 32));
254
255 /* decrypt HMAC|padding at once */
256 aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0);
257
258 if (plen) { /* "TLS" mode of operation */
259 size_t inp_len, mask, j, i;
260 unsigned int res, maxpad, pad, bitlen;
261 int ret = 1;
262 union {
263 unsigned int u[SHA_LBLOCK];
264 unsigned char c[SHA_CBLOCK];
265 }
266 *data = (void *)key->md.data;
267
268 if ((key->aux.tls_aad[plen - 4] << 8 |
269 key->aux.tls_aad[plen - 3]) >= TLS1_1_VERSION)
270 iv = AES_BLOCK_SIZE;
271
272 if (len < (iv + SHA_DIGEST_LENGTH + 1))
273 return 0;
274
275 /* omit explicit iv */
276 out += iv;
277 len -= iv;
278
279 /* figure out payload length */
280 pad = out[len - 1];
281 maxpad = len - (SHA_DIGEST_LENGTH + 1);
282 maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
283 maxpad &= 255;
284
285 inp_len = len - (SHA_DIGEST_LENGTH + pad + 1);
286 mask = (0 - ((inp_len - len) >>
287 (sizeof(inp_len) * 8 - 1)));
288 inp_len &= mask;
289 ret &= (int)mask;
290
291 key->aux.tls_aad[plen - 2] = inp_len >> 8;
292 key->aux.tls_aad[plen - 1] = inp_len;
293
294 /* calculate HMAC */
295 key->md = key->head;
296 SHA1_Update(&key->md, key->aux.tls_aad, plen);
297
298#if 1
299 len -= SHA_DIGEST_LENGTH; /* amend mac */
300 if (len >= (256 + SHA_CBLOCK)) {
301 j = (len - (256 + SHA_CBLOCK)) &
302 (0 - SHA_CBLOCK);
303 j += SHA_CBLOCK - key->md.num;
304 SHA1_Update(&key->md, out, j);
305 out += j;
306 len -= j;
307 inp_len -= j;
308 }
309
310 /* but pretend as if we hashed padded payload */
311 bitlen = key->md.Nl + (inp_len << 3); /* at most 18 bits */
312#ifdef BSWAP
313 bitlen = BSWAP(bitlen);
314#else
315 mac.c[0] = 0;
316 mac.c[1] = (unsigned char)(bitlen >> 16);
317 mac.c[2] = (unsigned char)(bitlen >> 8);
318 mac.c[3] = (unsigned char)bitlen;
319 bitlen = mac.u[0];
320#endif
321
322 pmac->u[0] = 0;
323 pmac->u[1] = 0;
324 pmac->u[2] = 0;
325 pmac->u[3] = 0;
326 pmac->u[4] = 0;
327
328 for (res = key->md.num, j = 0; j < len; j++) {
329 size_t c = out[j];
330 mask = (j - inp_len) >> (sizeof(j) * 8 - 8);
331 c &= mask;
332 c |= 0x80 & ~mask &
333 ~((inp_len - j) >> (sizeof(j) * 8 - 8));
334 data->c[res++] = (unsigned char)c;
335
336 if (res != SHA_CBLOCK)
337 continue;
338
339 /* j is not incremented yet */
340 mask = 0 - ((inp_len + 7 - j) >>
341 (sizeof(j) * 8 - 1));
342 data->u[SHA_LBLOCK - 1] |= bitlen&mask;
343 sha1_block_data_order(&key->md, data, 1);
344 mask &= 0 - ((j - inp_len - 72) >>
345 (sizeof(j) * 8 - 1));
346 pmac->u[0] |= key->md.h0 & mask;
347 pmac->u[1] |= key->md.h1 & mask;
348 pmac->u[2] |= key->md.h2 & mask;
349 pmac->u[3] |= key->md.h3 & mask;
350 pmac->u[4] |= key->md.h4 & mask;
351 res = 0;
352 }
353
354 for (i = res; i < SHA_CBLOCK; i++, j++)
355 data->c[i] = 0;
356
357 if (res > SHA_CBLOCK - 8) {
358 mask = 0 - ((inp_len + 8 - j) >>
359 (sizeof(j) * 8 - 1));
360 data->u[SHA_LBLOCK - 1] |= bitlen & mask;
361 sha1_block_data_order(&key->md, data, 1);
362 mask &= 0 - ((j - inp_len - 73) >>
363 (sizeof(j) * 8 - 1));
364 pmac->u[0] |= key->md.h0 & mask;
365 pmac->u[1] |= key->md.h1 & mask;
366 pmac->u[2] |= key->md.h2 & mask;
367 pmac->u[3] |= key->md.h3 & mask;
368 pmac->u[4] |= key->md.h4 & mask;
369
370 memset(data, 0, SHA_CBLOCK);
371 j += 64;
372 }
373 data->u[SHA_LBLOCK - 1] = bitlen;
374 sha1_block_data_order(&key->md, data, 1);
375 mask = 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
376 pmac->u[0] |= key->md.h0 & mask;
377 pmac->u[1] |= key->md.h1 & mask;
378 pmac->u[2] |= key->md.h2 & mask;
379 pmac->u[3] |= key->md.h3 & mask;
380 pmac->u[4] |= key->md.h4 & mask;
381
382#ifdef BSWAP
383 pmac->u[0] = BSWAP(pmac->u[0]);
384 pmac->u[1] = BSWAP(pmac->u[1]);
385 pmac->u[2] = BSWAP(pmac->u[2]);
386 pmac->u[3] = BSWAP(pmac->u[3]);
387 pmac->u[4] = BSWAP(pmac->u[4]);
388#else
389 for (i = 0; i < 5; i++) {
390 res = pmac->u[i];
391 pmac->c[4 * i + 0] = (unsigned char)(res >> 24);
392 pmac->c[4 * i + 1] = (unsigned char)(res >> 16);
393 pmac->c[4 * i + 2] = (unsigned char)(res >> 8);
394 pmac->c[4 * i + 3] = (unsigned char)res;
395 }
396#endif
397 len += SHA_DIGEST_LENGTH;
398#else
399 SHA1_Update(&key->md, out, inp_len);
400 res = key->md.num;
401 SHA1_Final(pmac->c, &key->md);
402
403 {
404 unsigned int inp_blocks, pad_blocks;
405
406 /* but pretend as if we hashed padded payload */
407 inp_blocks = 1 + ((SHA_CBLOCK - 9 - res) >>
408 (sizeof(res) * 8 - 1));
409 res += (unsigned int)(len - inp_len);
410 pad_blocks = res / SHA_CBLOCK;
411 res %= SHA_CBLOCK;
412 pad_blocks += 1 + ((SHA_CBLOCK - 9 - res) >>
413 (sizeof(res) * 8 - 1));
414 for (; inp_blocks < pad_blocks; inp_blocks++)
415 sha1_block_data_order(&key->md,
416 data, 1);
417 }
418#endif
419 key->md = key->tail;
420 SHA1_Update(&key->md, pmac->c, SHA_DIGEST_LENGTH);
421 SHA1_Final(pmac->c, &key->md);
422
423 /* verify HMAC */
424 out += inp_len;
425 len -= inp_len;
426#if 1
427 {
428 unsigned char *p =
429 out + len - 1 - maxpad - SHA_DIGEST_LENGTH;
430 size_t off = out - p;
431 unsigned int c, cmask;
432
433 maxpad += SHA_DIGEST_LENGTH;
434 for (res = 0, i = 0, j = 0; j < maxpad; j++) {
435 c = p[j];
436 cmask = ((int)(j - off -
437 SHA_DIGEST_LENGTH)) >>
438 (sizeof(int) * 8 - 1);
439 res |= (c ^ pad) & ~cmask; /* ... and padding */
440 cmask &= ((int)(off - 1 - j)) >>
441 (sizeof(int) * 8 - 1);
442 res |= (c ^ pmac->c[i]) & cmask;
443 i += 1 & cmask;
444 }
445 maxpad -= SHA_DIGEST_LENGTH;
446
447 res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
448 ret &= (int)~res;
449 }
450#else
451 for (res = 0, i = 0; i < SHA_DIGEST_LENGTH; i++)
452 res |= out[i] ^ pmac->c[i];
453 res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
454 ret &= (int)~res;
455
456 /* verify padding */
457 pad = (pad & ~res) | (maxpad & res);
458 out = out + len - 1 - pad;
459 for (res = 0, i = 0; i < pad; i++)
460 res |= out[i] ^ pad;
461
462 res = (0 - res) >> (sizeof(res) * 8 - 1);
463 ret &= (int)~res;
464#endif
465 return ret;
466 } else {
467 SHA1_Update(&key->md, out, len);
468 }
469 }
470
471 return 1;
472}
473
474static int
475aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
476{
477 EVP_AES_HMAC_SHA1 *key = data(ctx);
478
479 switch (type) {
480 case EVP_CTRL_AEAD_SET_MAC_KEY:
481 {
482 unsigned int i;
483 unsigned char hmac_key[64];
484
485 memset(hmac_key, 0, sizeof(hmac_key));
486
487 if (arg > (int)sizeof(hmac_key)) {
488 SHA1_Init(&key->head);
489 SHA1_Update(&key->head, ptr, arg);
490 SHA1_Final(hmac_key, &key->head);
491 } else {
492 memcpy(hmac_key, ptr, arg);
493 }
494
495 for (i = 0; i < sizeof(hmac_key); i++)
496 hmac_key[i] ^= 0x36; /* ipad */
497 SHA1_Init(&key->head);
498 SHA1_Update(&key->head, hmac_key, sizeof(hmac_key));
499
500 for (i = 0; i < sizeof(hmac_key); i++)
501 hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
502 SHA1_Init(&key->tail);
503 SHA1_Update(&key->tail, hmac_key, sizeof(hmac_key));
504
505 OPENSSL_cleanse(hmac_key, sizeof(hmac_key));
506
507 return 1;
508 }
509 case EVP_CTRL_AEAD_TLS1_AAD:
510 {
511 unsigned char *p = ptr;
512 unsigned int len = p[arg - 2] << 8 | p[arg - 1];
513
514 if (ctx->encrypt) {
515 key->payload_length = len;
516 if ((key->aux.tls_ver = p[arg - 4] << 8 |
517 p[arg - 3]) >= TLS1_1_VERSION) {
518 len -= AES_BLOCK_SIZE;
519 p[arg - 2] = len >> 8;
520 p[arg - 1] = len;
521 }
522 key->md = key->head;
523 SHA1_Update(&key->md, p, arg);
524
525 return (int)(((len + SHA_DIGEST_LENGTH +
526 AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) - len);
527 } else {
528 if (arg > 13)
529 arg = 13;
530 memcpy(key->aux.tls_aad, ptr, arg);
531 key->payload_length = arg;
532
533 return SHA_DIGEST_LENGTH;
534 }
535 }
536 default:
537 return -1;
538 }
539}
540
541static EVP_CIPHER aesni_128_cbc_hmac_sha1_cipher = {
542#ifdef NID_aes_128_cbc_hmac_sha1
543 .nid = NID_aes_128_cbc_hmac_sha1,
544#else
545 .nid = NID_undef,
546#endif
547 .block_size = 16,
548 .key_len = 16,
549 .iv_len = 16,
550 .flags = EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
551 EVP_CIPH_FLAG_AEAD_CIPHER,
552 .init = aesni_cbc_hmac_sha1_init_key,
553 .do_cipher = aesni_cbc_hmac_sha1_cipher,
554 .ctx_size = sizeof(EVP_AES_HMAC_SHA1),
555 .ctrl = aesni_cbc_hmac_sha1_ctrl
556};
557
558static EVP_CIPHER aesni_256_cbc_hmac_sha1_cipher = {
559#ifdef NID_aes_256_cbc_hmac_sha1
560 .nid = NID_aes_256_cbc_hmac_sha1,
561#else
562 .nid = NID_undef,
563#endif
564 .block_size = 16,
565 .key_len = 32,
566 .iv_len = 16,
567 .flags = EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
568 EVP_CIPH_FLAG_AEAD_CIPHER,
569 .init = aesni_cbc_hmac_sha1_init_key,
570 .do_cipher = aesni_cbc_hmac_sha1_cipher,
571 .ctx_size = sizeof(EVP_AES_HMAC_SHA1),
572 .ctrl = aesni_cbc_hmac_sha1_ctrl
573};
574
575const EVP_CIPHER *
576EVP_aes_128_cbc_hmac_sha1(void)
577{
578 return OPENSSL_ia32cap_P[1] & AESNI_CAPABLE ?
579 &aesni_128_cbc_hmac_sha1_cipher : NULL;
580}
581
582const EVP_CIPHER *
583EVP_aes_256_cbc_hmac_sha1(void)
584{
585 return OPENSSL_ia32cap_P[1] & AESNI_CAPABLE ?
586 &aesni_256_cbc_hmac_sha1_cipher : NULL;
587}
588#else
589const EVP_CIPHER *
590EVP_aes_128_cbc_hmac_sha1(void)
591{
592 return NULL;
593}
594
595const EVP_CIPHER *
596EVP_aes_256_cbc_hmac_sha1(void)
597{
598 return NULL;
599}
600#endif
601#endif
diff --git a/src/lib/libcrypto/evp/e_bf.c b/src/lib/libcrypto/evp/e_bf.c
deleted file mode 100644
index 615c9bd771..0000000000
--- a/src/lib/libcrypto/evp/e_bf.c
+++ /dev/null
@@ -1,91 +0,0 @@
1/* $OpenBSD: e_bf.c,v 1.8 2014/07/11 08:44:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#ifndef OPENSSL_NO_BF
64
65#include <openssl/blowfish.h>
66#include <openssl/evp.h>
67#include <openssl/objects.h>
68
69#include "evp_locl.h"
70
71static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
72 const unsigned char *iv, int enc);
73
74typedef struct {
75 BF_KEY ks;
76} EVP_BF_KEY;
77
78#define data(ctx) EVP_C_DATA(EVP_BF_KEY,ctx)
79
80IMPLEMENT_BLOCK_CIPHER(bf, ks, BF, EVP_BF_KEY, NID_bf, 8, 16, 8, 64,
81 EVP_CIPH_VARIABLE_LENGTH, bf_init_key, NULL,
82 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
83
84static int
85bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
86 const unsigned char *iv, int enc)
87{
88 BF_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key);
89 return 1;
90}
91#endif
diff --git a/src/lib/libcrypto/evp/e_camellia.c b/src/lib/libcrypto/evp/e_camellia.c
deleted file mode 100644
index e3424cfe94..0000000000
--- a/src/lib/libcrypto/evp/e_camellia.c
+++ /dev/null
@@ -1,124 +0,0 @@
1/* $OpenBSD: e_camellia.c,v 1.7 2015/02/10 09:50:12 miod Exp $ */
2/* ====================================================================
3 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56#include <string.h>
57
58#include <openssl/opensslconf.h>
59
60#ifndef OPENSSL_NO_CAMELLIA
61#include <openssl/evp.h>
62#include <openssl/err.h>
63#include <openssl/camellia.h>
64#include "evp_locl.h"
65
66static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
67 const unsigned char *iv, int enc);
68
69/* Camellia subkey Structure */
70typedef struct {
71 CAMELLIA_KEY ks;
72} EVP_CAMELLIA_KEY;
73
74/* Attribute operation for Camellia */
75#define data(ctx) EVP_C_DATA(EVP_CAMELLIA_KEY,ctx)
76
77IMPLEMENT_BLOCK_CIPHER(camellia_128, ks, Camellia, EVP_CAMELLIA_KEY,
78 NID_camellia_128, 16, 16, 16, 128,
79 0, camellia_init_key, NULL,
80 EVP_CIPHER_set_asn1_iv,
81 EVP_CIPHER_get_asn1_iv,
82 NULL)
83IMPLEMENT_BLOCK_CIPHER(camellia_192, ks, Camellia, EVP_CAMELLIA_KEY,
84 NID_camellia_192, 16, 24, 16, 128,
85 0, camellia_init_key, NULL,
86 EVP_CIPHER_set_asn1_iv,
87 EVP_CIPHER_get_asn1_iv,
88 NULL)
89IMPLEMENT_BLOCK_CIPHER(camellia_256, ks, Camellia, EVP_CAMELLIA_KEY,
90 NID_camellia_256, 16, 32, 16, 128,
91 0, camellia_init_key, NULL,
92 EVP_CIPHER_set_asn1_iv,
93 EVP_CIPHER_get_asn1_iv,
94 NULL)
95
96#define IMPLEMENT_CAMELLIA_CFBR(ksize,cbits) IMPLEMENT_CFBR(camellia,Camellia,EVP_CAMELLIA_KEY,ks,ksize,cbits,16)
97
98IMPLEMENT_CAMELLIA_CFBR(128, 1)
99IMPLEMENT_CAMELLIA_CFBR(192, 1)
100IMPLEMENT_CAMELLIA_CFBR(256, 1)
101
102IMPLEMENT_CAMELLIA_CFBR(128, 8)
103IMPLEMENT_CAMELLIA_CFBR(192, 8)
104IMPLEMENT_CAMELLIA_CFBR(256, 8)
105
106
107/* The subkey for Camellia is generated. */
108static int
109camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
110 const unsigned char *iv, int enc)
111{
112 int ret;
113
114 ret = Camellia_set_key(key, ctx->key_len * 8, ctx->cipher_data);
115
116 if (ret < 0) {
117 EVPerr(EVP_F_CAMELLIA_INIT_KEY,
118 EVP_R_CAMELLIA_KEY_SETUP_FAILED);
119 return 0;
120 }
121
122 return 1;
123}
124#endif
diff --git a/src/lib/libcrypto/evp/e_cast.c b/src/lib/libcrypto/evp/e_cast.c
deleted file mode 100644
index 707daa9656..0000000000
--- a/src/lib/libcrypto/evp/e_cast.c
+++ /dev/null
@@ -1,92 +0,0 @@
1/* $OpenBSD: e_cast.c,v 1.7 2014/07/11 08:44:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#ifndef OPENSSL_NO_CAST
64
65#include <openssl/cast.h>
66#include <openssl/evp.h>
67#include <openssl/objects.h>
68
69#include "evp_locl.h"
70
71static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
72 const unsigned char *iv, int enc);
73
74typedef struct {
75 CAST_KEY ks;
76} EVP_CAST_KEY;
77
78#define data(ctx) EVP_C_DATA(EVP_CAST_KEY,ctx)
79
80IMPLEMENT_BLOCK_CIPHER(cast5, ks, CAST, EVP_CAST_KEY,
81 NID_cast5, 8, CAST_KEY_LENGTH, 8, 64,
82 EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL,
83 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
84
85static int
86cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
87 const unsigned char *iv, int enc)
88{
89 CAST_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key);
90 return 1;
91}
92#endif
diff --git a/src/lib/libcrypto/evp/e_chacha.c b/src/lib/libcrypto/evp/e_chacha.c
deleted file mode 100644
index b63f586bba..0000000000
--- a/src/lib/libcrypto/evp/e_chacha.c
+++ /dev/null
@@ -1,69 +0,0 @@
1/* $OpenBSD: e_chacha.c,v 1.5 2014/08/04 04:16:11 miod Exp $ */
2/*
3 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/opensslconf.h>
19
20#ifndef OPENSSL_NO_CHACHA
21
22#include <openssl/chacha.h>
23#include <openssl/evp.h>
24#include <openssl/objects.h>
25
26#include "evp_locl.h"
27
28static int chacha_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
29 const unsigned char *in, size_t len);
30static int chacha_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
31 const unsigned char *iv, int enc);
32
33static const EVP_CIPHER chacha20_cipher = {
34 .nid = NID_chacha20,
35 .block_size = 1,
36 .key_len = 32,
37 .iv_len = 8,
38 .flags = EVP_CIPH_STREAM_CIPHER,
39 .init = chacha_init,
40 .do_cipher = chacha_cipher,
41 .ctx_size = sizeof(ChaCha_ctx)
42};
43
44const EVP_CIPHER *
45EVP_chacha20(void)
46{
47 return (&chacha20_cipher);
48}
49
50static int
51chacha_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
52 const unsigned char *iv, int enc)
53{
54 ChaCha_set_key((ChaCha_ctx *)ctx->cipher_data, key,
55 EVP_CIPHER_CTX_key_length(ctx) * 8);
56 if (iv != NULL)
57 ChaCha_set_iv((ChaCha_ctx *)ctx->cipher_data, iv, NULL);
58 return 1;
59}
60
61static int
62chacha_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
63 size_t len)
64{
65 ChaCha((ChaCha_ctx *)ctx->cipher_data, out, in, len);
66 return 1;
67}
68
69#endif
diff --git a/src/lib/libcrypto/evp/e_chacha20poly1305.c b/src/lib/libcrypto/evp/e_chacha20poly1305.c
deleted file mode 100644
index c003b0ba7f..0000000000
--- a/src/lib/libcrypto/evp/e_chacha20poly1305.c
+++ /dev/null
@@ -1,231 +0,0 @@
1/* $OpenBSD: e_chacha20poly1305.c,v 1.9 2015/06/20 12:01:14 jsing Exp $ */
2/*
3 * Copyright (c) 2014, Google Inc.
4 *
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
12 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
14 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
15 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <stdint.h>
19#include <string.h>
20
21#include <openssl/opensslconf.h>
22
23#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
24
25#include <openssl/err.h>
26#include <openssl/evp.h>
27#include <openssl/chacha.h>
28#include <openssl/poly1305.h>
29
30#include "evp_locl.h"
31
32#define POLY1305_TAG_LEN 16
33#define CHACHA20_NONCE_LEN 8
34
35struct aead_chacha20_poly1305_ctx {
36 unsigned char key[32];
37 unsigned char tag_len;
38};
39
40static int
41aead_chacha20_poly1305_init(EVP_AEAD_CTX *ctx, const unsigned char *key,
42 size_t key_len, size_t tag_len)
43{
44 struct aead_chacha20_poly1305_ctx *c20_ctx;
45
46 if (tag_len == 0)
47 tag_len = POLY1305_TAG_LEN;
48
49 if (tag_len > POLY1305_TAG_LEN) {
50 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_INIT, EVP_R_TOO_LARGE);
51 return 0;
52 }
53
54 /* Internal error - EVP_AEAD_CTX_init should catch this. */
55 if (key_len != sizeof(c20_ctx->key))
56 return 0;
57
58 c20_ctx = malloc(sizeof(struct aead_chacha20_poly1305_ctx));
59 if (c20_ctx == NULL)
60 return 0;
61
62 memcpy(&c20_ctx->key[0], key, key_len);
63 c20_ctx->tag_len = tag_len;
64 ctx->aead_state = c20_ctx;
65
66 return 1;
67}
68
69static void
70aead_chacha20_poly1305_cleanup(EVP_AEAD_CTX *ctx)
71{
72 struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state;
73
74 OPENSSL_cleanse(c20_ctx->key, sizeof(c20_ctx->key));
75 free(c20_ctx);
76}
77
78static void
79poly1305_update_with_length(poly1305_state *poly1305,
80 const unsigned char *data, size_t data_len)
81{
82 size_t j = data_len;
83 unsigned char length_bytes[8];
84 unsigned i;
85
86 for (i = 0; i < sizeof(length_bytes); i++) {
87 length_bytes[i] = j;
88 j >>= 8;
89 }
90
91 CRYPTO_poly1305_update(poly1305, data, data_len);
92 CRYPTO_poly1305_update(poly1305, length_bytes, sizeof(length_bytes));
93}
94
95static int
96aead_chacha20_poly1305_seal(const EVP_AEAD_CTX *ctx, unsigned char *out,
97 size_t *out_len, size_t max_out_len, const unsigned char *nonce,
98 size_t nonce_len, const unsigned char *in, size_t in_len,
99 const unsigned char *ad, size_t ad_len)
100{
101 const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state;
102 unsigned char poly1305_key[32];
103 poly1305_state poly1305;
104 const uint64_t in_len_64 = in_len;
105
106 /* The underlying ChaCha implementation may not overflow the block
107 * counter into the second counter word. Therefore we disallow
108 * individual operations that work on more than 2TB at a time.
109 * in_len_64 is needed because, on 32-bit platforms, size_t is only
110 * 32-bits and this produces a warning because it's always false.
111 * Casting to uint64_t inside the conditional is not sufficient to stop
112 * the warning. */
113 if (in_len_64 >= (1ULL << 32) * 64 - 64) {
114 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_SEAL, EVP_R_TOO_LARGE);
115 return 0;
116 }
117
118 if (max_out_len < in_len + c20_ctx->tag_len) {
119 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_SEAL,
120 EVP_R_BUFFER_TOO_SMALL);
121 return 0;
122 }
123
124 if (nonce_len != CHACHA20_NONCE_LEN) {
125 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_SEAL, EVP_R_IV_TOO_LARGE);
126 return 0;
127 }
128
129 memset(poly1305_key, 0, sizeof(poly1305_key));
130 CRYPTO_chacha_20(poly1305_key, poly1305_key, sizeof(poly1305_key),
131 c20_ctx->key, nonce, 0);
132
133 CRYPTO_poly1305_init(&poly1305, poly1305_key);
134 poly1305_update_with_length(&poly1305, ad, ad_len);
135 CRYPTO_chacha_20(out, in, in_len, c20_ctx->key, nonce, 1);
136 poly1305_update_with_length(&poly1305, out, in_len);
137
138 if (c20_ctx->tag_len != POLY1305_TAG_LEN) {
139 unsigned char tag[POLY1305_TAG_LEN];
140 CRYPTO_poly1305_finish(&poly1305, tag);
141 memcpy(out + in_len, tag, c20_ctx->tag_len);
142 *out_len = in_len + c20_ctx->tag_len;
143 return 1;
144 }
145
146 CRYPTO_poly1305_finish(&poly1305, out + in_len);
147 *out_len = in_len + POLY1305_TAG_LEN;
148 return 1;
149}
150
151static int
152aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, unsigned char *out,
153 size_t *out_len, size_t max_out_len, const unsigned char *nonce,
154 size_t nonce_len, const unsigned char *in, size_t in_len,
155 const unsigned char *ad, size_t ad_len)
156{
157 const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state;
158 unsigned char mac[POLY1305_TAG_LEN];
159 unsigned char poly1305_key[32];
160 poly1305_state poly1305;
161 const uint64_t in_len_64 = in_len;
162 size_t plaintext_len;
163
164 if (in_len < c20_ctx->tag_len) {
165 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_BAD_DECRYPT);
166 return 0;
167 }
168
169 /* The underlying ChaCha implementation may not overflow the block
170 * counter into the second counter word. Therefore we disallow
171 * individual operations that work on more than 2TB at a time.
172 * in_len_64 is needed because, on 32-bit platforms, size_t is only
173 * 32-bits and this produces a warning because it's always false.
174 * Casting to uint64_t inside the conditional is not sufficient to stop
175 * the warning. */
176 if (in_len_64 >= (1ULL << 32) * 64 - 64) {
177 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_TOO_LARGE);
178 return 0;
179 }
180
181 if (nonce_len != CHACHA20_NONCE_LEN) {
182 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_IV_TOO_LARGE);
183 return 0;
184 }
185
186 plaintext_len = in_len - c20_ctx->tag_len;
187
188 if (max_out_len < plaintext_len) {
189 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN,
190 EVP_R_BUFFER_TOO_SMALL);
191 return 0;
192 }
193
194 memset(poly1305_key, 0, sizeof(poly1305_key));
195 CRYPTO_chacha_20(poly1305_key, poly1305_key, sizeof(poly1305_key),
196 c20_ctx->key, nonce, 0);
197
198 CRYPTO_poly1305_init(&poly1305, poly1305_key);
199 poly1305_update_with_length(&poly1305, ad, ad_len);
200 poly1305_update_with_length(&poly1305, in, plaintext_len);
201 CRYPTO_poly1305_finish(&poly1305, mac);
202
203 if (timingsafe_memcmp(mac, in + plaintext_len, c20_ctx->tag_len) != 0) {
204 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_BAD_DECRYPT);
205 return 0;
206 }
207
208 CRYPTO_chacha_20(out, in, plaintext_len, c20_ctx->key, nonce, 1);
209 *out_len = plaintext_len;
210 return 1;
211}
212
213static const EVP_AEAD aead_chacha20_poly1305 = {
214 .key_len = 32,
215 .nonce_len = CHACHA20_NONCE_LEN,
216 .overhead = POLY1305_TAG_LEN,
217 .max_tag_len = POLY1305_TAG_LEN,
218
219 .init = aead_chacha20_poly1305_init,
220 .cleanup = aead_chacha20_poly1305_cleanup,
221 .seal = aead_chacha20_poly1305_seal,
222 .open = aead_chacha20_poly1305_open,
223};
224
225const EVP_AEAD *
226EVP_aead_chacha20_poly1305()
227{
228 return &aead_chacha20_poly1305;
229}
230
231#endif /* !OPENSSL_NO_CHACHA && !OPENSSL_NO_POLY1305 */
diff --git a/src/lib/libcrypto/evp/e_des.c b/src/lib/libcrypto/evp/e_des.c
deleted file mode 100644
index aac6ddf318..0000000000
--- a/src/lib/libcrypto/evp/e_des.c
+++ /dev/null
@@ -1,231 +0,0 @@
1/* $OpenBSD: e_des.c,v 1.13 2014/10/18 17:20:40 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#ifndef OPENSSL_NO_DES
64
65#include <openssl/evp.h>
66#include <openssl/des.h>
67#include <openssl/objects.h>
68
69#include "evp_locl.h"
70
71static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
72 const unsigned char *iv, int enc);
73static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
74
75/* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */
76
77static int
78des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
79 const unsigned char *in, size_t inl)
80{
81 BLOCK_CIPHER_ecb_loop()
82 DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i),
83 ctx->cipher_data, ctx->encrypt);
84 return 1;
85}
86
87static int
88des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
89 const unsigned char *in, size_t inl)
90{
91 while (inl >= EVP_MAXCHUNK) {
92 DES_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
93 (DES_cblock *)ctx->iv, &ctx->num);
94 inl -= EVP_MAXCHUNK;
95 in += EVP_MAXCHUNK;
96 out += EVP_MAXCHUNK;
97 }
98 if (inl)
99 DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data,
100 (DES_cblock *)ctx->iv, &ctx->num);
101 return 1;
102}
103
104static int
105des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
106 const unsigned char *in, size_t inl)
107{
108 while (inl >= EVP_MAXCHUNK) {
109 DES_ncbc_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
110 (DES_cblock *)ctx->iv, ctx->encrypt);
111 inl -= EVP_MAXCHUNK;
112 in += EVP_MAXCHUNK;
113 out += EVP_MAXCHUNK;
114 }
115 if (inl)
116 DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data,
117 (DES_cblock *)ctx->iv, ctx->encrypt);
118 return 1;
119}
120
121static int
122des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
123 const unsigned char *in, size_t inl)
124{
125 while (inl >= EVP_MAXCHUNK) {
126 DES_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
127 (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
128 inl -= EVP_MAXCHUNK;
129 in += EVP_MAXCHUNK;
130 out += EVP_MAXCHUNK;
131 }
132 if (inl)
133 DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data,
134 (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
135 return 1;
136}
137
138/* Although we have a CFB-r implementation for DES, it doesn't pack the right
139 way, so wrap it here */
140static int
141des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
142 const unsigned char *in, size_t inl)
143{
144 size_t n, chunk = EVP_MAXCHUNK/8;
145 unsigned char c[1], d[1];
146
147 if (inl < chunk)
148 chunk = inl;
149
150 while (inl && inl >= chunk) {
151 for (n = 0; n < chunk*8; ++n) {
152 c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
153 DES_cfb_encrypt(c, d, 1, 1, ctx->cipher_data,
154 (DES_cblock *)ctx->iv, ctx->encrypt);
155 out[n / 8] = (out[n / 8] &
156 ~(0x80 >> (unsigned int)(n % 8))) |
157 ((d[0] & 0x80) >> (unsigned int)(n % 8));
158 }
159 inl -= chunk;
160 in += chunk;
161 out += chunk;
162 if (inl < chunk)
163 chunk = inl;
164 }
165
166 return 1;
167}
168
169static int
170des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
171 const unsigned char *in, size_t inl)
172{
173 while (inl >= EVP_MAXCHUNK) {
174 DES_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK,
175 ctx->cipher_data, (DES_cblock *)ctx->iv, ctx->encrypt);
176 inl -= EVP_MAXCHUNK;
177 in += EVP_MAXCHUNK;
178 out += EVP_MAXCHUNK;
179 }
180 if (inl)
181 DES_cfb_encrypt(in, out, 8, (long)inl, ctx->cipher_data,
182 (DES_cblock *)ctx->iv, ctx->encrypt);
183 return 1;
184}
185
186BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64,
187 EVP_CIPH_RAND_KEY, des_init_key, NULL,
188 EVP_CIPHER_set_asn1_iv,
189 EVP_CIPHER_get_asn1_iv,
190 des_ctrl)
191
192BLOCK_CIPHER_def_cfb(des, DES_key_schedule, NID_des, 8, 8, 1,
193 EVP_CIPH_RAND_KEY, des_init_key, NULL,
194 EVP_CIPHER_set_asn1_iv,
195 EVP_CIPHER_get_asn1_iv, des_ctrl)
196
197BLOCK_CIPHER_def_cfb(des, DES_key_schedule, NID_des, 8, 8, 8,
198 EVP_CIPH_RAND_KEY, des_init_key, NULL,
199 EVP_CIPHER_set_asn1_iv,
200 EVP_CIPHER_get_asn1_iv, des_ctrl)
201
202static int
203des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
204 const unsigned char *iv, int enc)
205{
206 DES_cblock *deskey = (DES_cblock *)key;
207
208#ifdef EVP_CHECK_DES_KEY
209 if (DES_set_key_checked(deskey, ctx->cipher_data) != 0)
210 return 0;
211#else
212 DES_set_key_unchecked(deskey, ctx->cipher_data);
213#endif
214 return 1;
215}
216
217static int
218des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
219{
220 switch (type) {
221 case EVP_CTRL_RAND_KEY:
222 if (DES_random_key((DES_cblock *)ptr) == 0)
223 return 0;
224 return 1;
225
226 default:
227 return -1;
228 }
229}
230
231#endif
diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c
deleted file mode 100644
index d0793b6436..0000000000
--- a/src/lib/libcrypto/evp/e_des3.c
+++ /dev/null
@@ -1,297 +0,0 @@
1/* $OpenBSD: e_des3.c,v 1.18 2014/10/18 17:20:40 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/opensslconf.h>
63
64#ifndef OPENSSL_NO_DES
65
66#include <openssl/des.h>
67#include <openssl/evp.h>
68#include <openssl/objects.h>
69
70#include "evp_locl.h"
71
72static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
73 const unsigned char *iv, int enc);
74
75static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
76 const unsigned char *iv, int enc);
77
78static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
79
80typedef struct {
81 DES_key_schedule ks1;/* key schedule */
82 DES_key_schedule ks2;/* key schedule (for ede) */
83 DES_key_schedule ks3;/* key schedule (for ede3) */
84} DES_EDE_KEY;
85
86#define data(ctx) ((DES_EDE_KEY *)(ctx)->cipher_data)
87
88/* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */
89
90static int
91des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
92 const unsigned char *in, size_t inl)
93{
94 BLOCK_CIPHER_ecb_loop()
95 DES_ecb3_encrypt((const_DES_cblock *)(in + i), (DES_cblock *)(out + i),
96 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, ctx->encrypt);
97 return 1;
98}
99
100static int
101des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
102 const unsigned char *in, size_t inl)
103{
104 while (inl >= EVP_MAXCHUNK) {
105 DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
106 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
107 (DES_cblock *)ctx->iv, &ctx->num);
108 inl -= EVP_MAXCHUNK;
109 in += EVP_MAXCHUNK;
110 out += EVP_MAXCHUNK;
111 }
112 if (inl)
113 DES_ede3_ofb64_encrypt(in, out, (long)inl,
114 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
115 (DES_cblock *)ctx->iv, &ctx->num);
116
117 return 1;
118}
119
120static int
121des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
122 const unsigned char *in, size_t inl)
123{
124 while (inl >= EVP_MAXCHUNK) {
125 DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK,
126 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
127 (DES_cblock *)ctx->iv, ctx->encrypt);
128 inl -= EVP_MAXCHUNK;
129 in += EVP_MAXCHUNK;
130 out += EVP_MAXCHUNK;
131 }
132 if (inl)
133 DES_ede3_cbc_encrypt(in, out, (long)inl,
134 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
135 (DES_cblock *)ctx->iv, ctx->encrypt);
136 return 1;
137}
138
139static int
140des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
141 const unsigned char *in, size_t inl)
142{
143 while (inl >= EVP_MAXCHUNK) {
144 DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK,
145 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
146 (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
147 inl -= EVP_MAXCHUNK;
148 in += EVP_MAXCHUNK;
149 out += EVP_MAXCHUNK;
150 }
151 if (inl)
152 DES_ede3_cfb64_encrypt(in, out, (long)inl,
153 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
154 (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
155 return 1;
156}
157
158/* Although we have a CFB-r implementation for 3-DES, it doesn't pack the right
159 way, so wrap it here */
160static int
161des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
162 const unsigned char *in, size_t inl)
163{
164 size_t n;
165 unsigned char c[1], d[1];
166
167 for (n = 0; n < inl; ++n) {
168 c[0] = (in[n/8]&(1 << (7 - n % 8))) ? 0x80 : 0;
169 DES_ede3_cfb_encrypt(c, d, 1, 1,
170 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
171 (DES_cblock *)ctx->iv, ctx->encrypt);
172 out[n / 8] = (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) |
173 ((d[0] & 0x80) >> (unsigned int)(n % 8));
174 }
175
176 return 1;
177}
178
179static int
180des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
181 const unsigned char *in, size_t inl)
182{
183 while (inl >= EVP_MAXCHUNK) {
184 DES_ede3_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK,
185 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
186 (DES_cblock *)ctx->iv, ctx->encrypt);
187 inl -= EVP_MAXCHUNK;
188 in += EVP_MAXCHUNK;
189 out += EVP_MAXCHUNK;
190 }
191 if (inl)
192 DES_ede3_cfb_encrypt(in, out, 8, (long)inl,
193 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
194 (DES_cblock *)ctx->iv, ctx->encrypt);
195 return 1;
196}
197
198BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
199 EVP_CIPH_RAND_KEY, des_ede_init_key, NULL,
200 EVP_CIPHER_set_asn1_iv,
201 EVP_CIPHER_get_asn1_iv,
202 des3_ctrl)
203
204#define des_ede3_cfb64_cipher des_ede_cfb64_cipher
205#define des_ede3_ofb_cipher des_ede_ofb_cipher
206#define des_ede3_cbc_cipher des_ede_cbc_cipher
207#define des_ede3_ecb_cipher des_ede_ecb_cipher
208
209BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
210 EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL,
211 EVP_CIPHER_set_asn1_iv,
212 EVP_CIPHER_get_asn1_iv,
213 des3_ctrl)
214
215BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1,
216 EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL,
217 EVP_CIPHER_set_asn1_iv,
218 EVP_CIPHER_get_asn1_iv,
219 des3_ctrl)
220
221BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8,
222 EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL,
223 EVP_CIPHER_set_asn1_iv,
224 EVP_CIPHER_get_asn1_iv,
225 des3_ctrl)
226
227static int
228des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
229 const unsigned char *iv, int enc)
230{
231 DES_cblock *deskey = (DES_cblock *)key;
232
233#ifdef EVP_CHECK_DES_KEY
234 if (DES_set_key_checked(&deskey[0], &data(ctx)->ks1)
235 !! DES_set_key_checked(&deskey[1], &data(ctx)->ks2))
236 return 0;
237#else
238 DES_set_key_unchecked(&deskey[0], &data(ctx)->ks1);
239 DES_set_key_unchecked(&deskey[1], &data(ctx)->ks2);
240#endif
241 memcpy(&data(ctx)->ks3, &data(ctx)->ks1,
242 sizeof(data(ctx)->ks1));
243 return 1;
244}
245
246static int
247des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
248 const unsigned char *iv, int enc)
249{
250 DES_cblock *deskey = (DES_cblock *)key;
251
252
253#ifdef EVP_CHECK_DES_KEY
254 if (DES_set_key_checked(&deskey[0], &data(ctx)->ks1) ||
255 DES_set_key_checked(&deskey[1], &data(ctx)->ks2) ||
256 DES_set_key_checked(&deskey[2], &data(ctx)->ks3))
257 return 0;
258#else
259 DES_set_key_unchecked(&deskey[0], &data(ctx)->ks1);
260 DES_set_key_unchecked(&deskey[1], &data(ctx)->ks2);
261 DES_set_key_unchecked(&deskey[2], &data(ctx)->ks3);
262#endif
263 return 1;
264}
265
266static int
267des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
268{
269 DES_cblock *deskey = ptr;
270
271 switch (type) {
272 case EVP_CTRL_RAND_KEY:
273 if (DES_random_key(deskey) == 0)
274 return 0;
275 if (c->key_len >= 16 && DES_random_key(deskey + 1) == 0)
276 return 0;
277 if (c->key_len >= 24 && DES_random_key(deskey + 2) == 0)
278 return 0;
279 return 1;
280
281 default:
282 return -1;
283 }
284}
285
286const EVP_CIPHER *
287EVP_des_ede(void)
288{
289 return &des_ede_ecb;
290}
291
292const EVP_CIPHER *
293EVP_des_ede3(void)
294{
295 return &des_ede3_ecb;
296}
297#endif
diff --git a/src/lib/libcrypto/evp/e_gost2814789.c b/src/lib/libcrypto/evp/e_gost2814789.c
deleted file mode 100644
index e2235a64b5..0000000000
--- a/src/lib/libcrypto/evp/e_gost2814789.c
+++ /dev/null
@@ -1,229 +0,0 @@
1/* $OpenBSD: e_gost2814789.c,v 1.3 2014/11/18 05:30:07 miod Exp $ */
2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 *
18 * 3. All advertising materials mentioning features or use of this
19 * software must display the following acknowledgment:
20 * "This product includes software developed by the OpenSSL Project
21 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
22 *
23 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
24 * endorse or promote products derived from this software without
25 * prior written permission. For written permission, please contact
26 * openssl-core@openssl.org.
27 *
28 * 5. Products derived from this software may not be called "OpenSSL"
29 * nor may "OpenSSL" appear in their names without prior written
30 * permission of the OpenSSL Project.
31 *
32 * 6. Redistributions of any form whatsoever must retain the following
33 * acknowledgment:
34 * "This product includes software developed by the OpenSSL Project
35 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
36 *
37 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
38 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
39 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
40 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
41 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
43 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
44 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
45 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
46 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
47 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
48 * OF THE POSSIBILITY OF SUCH DAMAGE.
49 * ====================================================================
50 */
51#include <string.h>
52
53#include <openssl/opensslconf.h>
54
55#ifndef OPENSSL_NO_GOST
56#include <openssl/evp.h>
57#include <openssl/err.h>
58#include <openssl/gost.h>
59#include "evp_locl.h"
60
61typedef struct {
62 GOST2814789_KEY ks;
63 int param_nid;
64} EVP_GOST2814789_CTX;
65
66static int
67gost2814789_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
68{
69 EVP_GOST2814789_CTX *c = ctx->cipher_data;
70
71 switch (type) {
72 case EVP_CTRL_PBE_PRF_NID:
73 if (ptr != NULL) {
74 *((int *)ptr) = NID_id_HMACGostR3411_94;
75 return 1;
76 } else {
77 return 0;
78 }
79 case EVP_CTRL_INIT:
80 /* Default value to have any s-box set at all */
81 c->param_nid = NID_id_Gost28147_89_CryptoPro_A_ParamSet;
82 return Gost2814789_set_sbox(&c->ks, c->param_nid);
83 case EVP_CTRL_GOST_SET_SBOX:
84 return Gost2814789_set_sbox(&c->ks, arg);
85 default:
86 return -1;
87 }
88}
89
90static int
91gost2814789_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
92 const unsigned char *iv, int enc)
93{
94 EVP_GOST2814789_CTX *c = ctx->cipher_data;
95
96 return Gost2814789_set_key(&c->ks, key, ctx->key_len * 8);
97}
98
99int
100gost2814789_set_asn1_params(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
101{
102 int len = 0;
103 unsigned char *buf = NULL;
104 unsigned char *p = NULL;
105 EVP_GOST2814789_CTX *c = ctx->cipher_data;
106 ASN1_OCTET_STRING *os = NULL;
107 GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();
108
109 if (gcp == NULL) {
110 GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS,
111 ERR_R_MALLOC_FAILURE);
112 return 0;
113 }
114 if (ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len) == 0) {
115 GOST_CIPHER_PARAMS_free(gcp);
116 GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_ASN1_LIB);
117 return 0;
118 }
119 ASN1_OBJECT_free(gcp->enc_param_set);
120 gcp->enc_param_set = OBJ_nid2obj(c->param_nid);
121
122 len = i2d_GOST_CIPHER_PARAMS(gcp, NULL);
123 p = buf = malloc(len);
124 if (buf == NULL) {
125 GOST_CIPHER_PARAMS_free(gcp);
126 GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS,
127 ERR_R_MALLOC_FAILURE);
128 return 0;
129 }
130 i2d_GOST_CIPHER_PARAMS(gcp, &p);
131 GOST_CIPHER_PARAMS_free(gcp);
132
133 os = ASN1_OCTET_STRING_new();
134 if (os == NULL) {
135 free(buf);
136 GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS,
137 ERR_R_MALLOC_FAILURE);
138 return 0;
139 }
140 if (ASN1_OCTET_STRING_set(os, buf, len) == 0) {
141 ASN1_OCTET_STRING_free(os);
142 free(buf);
143 GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_ASN1_LIB);
144 return 0;
145 }
146 free(buf);
147
148 ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);
149 return 1;
150}
151
152int
153gost2814789_get_asn1_params(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
154{
155 int ret = -1;
156 int len;
157 GOST_CIPHER_PARAMS *gcp = NULL;
158 EVP_GOST2814789_CTX *c = ctx->cipher_data;
159 unsigned char *p;
160
161 if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE)
162 return ret;
163
164 p = params->value.sequence->data;
165
166 gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p,
167 params->value.sequence->length);
168
169 len = gcp->iv->length;
170 if (len != ctx->cipher->iv_len) {
171 GOST_CIPHER_PARAMS_free(gcp);
172 GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS,
173 GOST_R_INVALID_IV_LENGTH);
174 return -1;
175 }
176
177 if (!Gost2814789_set_sbox(&c->ks, OBJ_obj2nid(gcp->enc_param_set))) {
178 GOST_CIPHER_PARAMS_free(gcp);
179 return -1;
180 }
181 c->param_nid = OBJ_obj2nid(gcp->enc_param_set);
182
183 memcpy(ctx->oiv, gcp->iv->data, len);
184 memcpy(ctx->iv, gcp->iv->data, len);
185
186 GOST_CIPHER_PARAMS_free(gcp);
187
188 return 1;
189}
190
191BLOCK_CIPHER_func_ecb(gost2814789, Gost2814789, EVP_GOST2814789_CTX, ks)
192BLOCK_CIPHER_func_cfb(gost2814789, Gost2814789, 64, EVP_GOST2814789_CTX, ks)
193
194static int
195gost2814789_cnt_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
196 const unsigned char *in, size_t inl)
197{
198 EVP_GOST2814789_CTX *c = ctx->cipher_data;
199
200 while (inl >= EVP_MAXCHUNK) {
201 Gost2814789_cnt_encrypt(in, out, (long)EVP_MAXCHUNK, &c->ks,
202 ctx->iv, ctx->buf, &ctx->num);
203 inl -= EVP_MAXCHUNK;
204 in += EVP_MAXCHUNK;
205 out += EVP_MAXCHUNK;
206 }
207
208 if (inl)
209 Gost2814789_cnt_encrypt(in, out, inl, &c->ks, ctx->iv, ctx->buf,
210 &ctx->num);
211 return 1;
212}
213
214/* gost89 is CFB-64 */
215#define NID_gost89_cfb64 NID_id_Gost28147_89
216
217BLOCK_CIPHER_def_ecb(gost2814789, EVP_GOST2814789_CTX, NID_gost89, 8, 32,
218 EVP_CIPH_NO_PADDING | EVP_CIPH_CTRL_INIT,
219 gost2814789_init_key, NULL, gost2814789_set_asn1_params,
220 gost2814789_get_asn1_params, gost2814789_ctl)
221BLOCK_CIPHER_def_cfb(gost2814789, EVP_GOST2814789_CTX, NID_gost89, 32, 8, 64,
222 EVP_CIPH_NO_PADDING | EVP_CIPH_CTRL_INIT,
223 gost2814789_init_key, NULL, gost2814789_set_asn1_params,
224 gost2814789_get_asn1_params, gost2814789_ctl)
225BLOCK_CIPHER_def1(gost2814789, cnt, cnt, OFB, EVP_GOST2814789_CTX, NID_gost89,
226 1, 32, 8, EVP_CIPH_NO_PADDING | EVP_CIPH_CTRL_INIT,
227 gost2814789_init_key, NULL, gost2814789_set_asn1_params,
228 gost2814789_get_asn1_params, gost2814789_ctl)
229#endif
diff --git a/src/lib/libcrypto/evp/e_idea.c b/src/lib/libcrypto/evp/e_idea.c
deleted file mode 100644
index 3ba4dbcdb9..0000000000
--- a/src/lib/libcrypto/evp/e_idea.c
+++ /dev/null
@@ -1,124 +0,0 @@
1/* $OpenBSD: e_idea.c,v 1.9 2014/07/11 08:44:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#ifndef OPENSSL_NO_IDEA
64
65#include <openssl/evp.h>
66#include <openssl/idea.h>
67#include <openssl/objects.h>
68
69#include "evp_locl.h"
70
71static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
72 const unsigned char *iv, int enc);
73
74/* NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a special
75 * case
76 */
77
78static int
79idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
80 const unsigned char *in, size_t inl)
81{
82 BLOCK_CIPHER_ecb_loop()
83 idea_ecb_encrypt(in + i, out + i, ctx->cipher_data);
84 return 1;
85}
86
87/* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */
88
89typedef struct {
90 IDEA_KEY_SCHEDULE ks;
91} EVP_IDEA_KEY;
92
93BLOCK_CIPHER_func_cbc(idea, idea, EVP_IDEA_KEY, ks)
94BLOCK_CIPHER_func_ofb(idea, idea, 64, EVP_IDEA_KEY, ks)
95BLOCK_CIPHER_func_cfb(idea, idea, 64, EVP_IDEA_KEY, ks)
96
97BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64,
98 0, idea_init_key, NULL,
99 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
100
101static int
102idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
103 const unsigned char *iv, int enc)
104{
105 if (!enc) {
106 if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE)
107 enc = 1;
108 else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE)
109 enc = 1;
110 }
111 if (enc)
112 idea_set_encrypt_key(key, ctx->cipher_data);
113 else {
114 IDEA_KEY_SCHEDULE tmp;
115
116 idea_set_encrypt_key(key, &tmp);
117 idea_set_decrypt_key(&tmp, ctx->cipher_data);
118 OPENSSL_cleanse((unsigned char *)&tmp,
119 sizeof(IDEA_KEY_SCHEDULE));
120 }
121 return 1;
122}
123
124#endif
diff --git a/src/lib/libcrypto/evp/e_null.c b/src/lib/libcrypto/evp/e_null.c
deleted file mode 100644
index 65374cc3f5..0000000000
--- a/src/lib/libcrypto/evp/e_null.c
+++ /dev/null
@@ -1,105 +0,0 @@
1/* $OpenBSD: e_null.c,v 1.14 2014/07/11 08:44:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64
65static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
66 const unsigned char *iv, int enc);
67static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
68 const unsigned char *in, size_t inl);
69
70static const EVP_CIPHER n_cipher = {
71 NID_undef,
72 1, 0, 0,
73 0,
74 null_init_key,
75 null_cipher,
76 NULL,
77 0,
78 NULL,
79 NULL,
80 NULL,
81 NULL
82};
83
84const EVP_CIPHER *
85EVP_enc_null(void)
86{
87 return (&n_cipher);
88}
89
90static int
91null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
92 const unsigned char *iv, int enc)
93{
94 /* memset(&(ctx->c),0,sizeof(ctx->c));*/
95 return 1;
96}
97
98static int
99null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
100 const unsigned char *in, size_t inl)
101{
102 if (in != out)
103 memcpy((char *)out, (const char *)in, inl);
104 return 1;
105}
diff --git a/src/lib/libcrypto/evp/e_old.c b/src/lib/libcrypto/evp/e_old.c
deleted file mode 100644
index 71166654b0..0000000000
--- a/src/lib/libcrypto/evp/e_old.c
+++ /dev/null
@@ -1,159 +0,0 @@
1/* $OpenBSD: e_old.c,v 1.8 2015/02/10 11:45:09 jsing Exp $ */
2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3 * project 2004.
4 */
5/* ====================================================================
6 * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <openssl/opensslconf.h>
60
61#ifndef OPENSSL_NO_DEPRECATED
62
63#include <openssl/evp.h>
64
65/* Define some deprecated functions, so older programs
66 don't crash and burn too quickly. On Windows and VMS,
67 these will never be used, since functions and variables
68 in shared libraries are selected by entry point location,
69 not by name. */
70
71#ifndef OPENSSL_NO_BF
72#undef EVP_bf_cfb
73const EVP_CIPHER *EVP_bf_cfb(void);
74const EVP_CIPHER *
75EVP_bf_cfb(void)
76{
77 return EVP_bf_cfb64();
78}
79#endif
80
81#ifndef OPENSSL_NO_DES
82#undef EVP_des_cfb
83const EVP_CIPHER *EVP_des_cfb(void);
84const EVP_CIPHER *
85EVP_des_cfb(void)
86{
87 return EVP_des_cfb64();
88}
89#undef EVP_des_ede3_cfb
90const EVP_CIPHER *EVP_des_ede3_cfb(void);
91const EVP_CIPHER *
92EVP_des_ede3_cfb(void)
93{
94 return EVP_des_ede3_cfb64();
95}
96#undef EVP_des_ede_cfb
97const EVP_CIPHER *EVP_des_ede_cfb(void);
98const EVP_CIPHER *
99EVP_des_ede_cfb(void)
100{
101 return EVP_des_ede_cfb64();
102}
103#endif
104
105#ifndef OPENSSL_NO_IDEA
106#undef EVP_idea_cfb
107const EVP_CIPHER *EVP_idea_cfb(void);
108const EVP_CIPHER *
109EVP_idea_cfb(void)
110{
111 return EVP_idea_cfb64();
112}
113#endif
114
115#ifndef OPENSSL_NO_RC2
116#undef EVP_rc2_cfb
117const EVP_CIPHER *EVP_rc2_cfb(void);
118const EVP_CIPHER *
119EVP_rc2_cfb(void)
120{
121 return EVP_rc2_cfb64();
122}
123#endif
124
125#ifndef OPENSSL_NO_CAST
126#undef EVP_cast5_cfb
127const EVP_CIPHER *EVP_cast5_cfb(void);
128const EVP_CIPHER *
129EVP_cast5_cfb(void)
130{
131 return EVP_cast5_cfb64();
132}
133#endif
134
135#ifndef OPENSSL_NO_AES
136#undef EVP_aes_128_cfb
137const EVP_CIPHER *EVP_aes_128_cfb(void);
138const EVP_CIPHER *
139EVP_aes_128_cfb(void)
140{
141 return EVP_aes_128_cfb128();
142}
143#undef EVP_aes_192_cfb
144const EVP_CIPHER *EVP_aes_192_cfb(void);
145const EVP_CIPHER *
146EVP_aes_192_cfb(void)
147{
148 return EVP_aes_192_cfb128();
149}
150#undef EVP_aes_256_cfb
151const EVP_CIPHER *EVP_aes_256_cfb(void);
152const EVP_CIPHER *
153EVP_aes_256_cfb(void)
154{
155 return EVP_aes_256_cfb128();
156}
157#endif
158
159#endif
diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c
deleted file mode 100644
index 9052195ac2..0000000000
--- a/src/lib/libcrypto/evp/e_rc2.c
+++ /dev/null
@@ -1,254 +0,0 @@
1/* $OpenBSD: e_rc2.c,v 1.11 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#ifndef OPENSSL_NO_RC2
64
65#include <openssl/err.h>
66#include <openssl/evp.h>
67#include <openssl/objects.h>
68#include <openssl/rc2.h>
69
70#include "evp_locl.h"
71
72static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
73 const unsigned char *iv, int enc);
74static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx);
75static int rc2_magic_to_meth(int i);
76static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
77static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
78static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
79
80typedef struct {
81 int key_bits; /* effective key bits */
82 RC2_KEY ks; /* key schedule */
83} EVP_RC2_KEY;
84
85#define data(ctx) ((EVP_RC2_KEY *)(ctx)->cipher_data)
86
87IMPLEMENT_BLOCK_CIPHER(rc2, ks, RC2, EVP_RC2_KEY, NID_rc2,
88 8,
89 RC2_KEY_LENGTH, 8, 64,
90 EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
91 rc2_init_key, NULL,
92 rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv,
93 rc2_ctrl)
94
95#define RC2_40_MAGIC 0xa0
96#define RC2_64_MAGIC 0x78
97#define RC2_128_MAGIC 0x3a
98
99static const EVP_CIPHER r2_64_cbc_cipher = {
100 NID_rc2_64_cbc,
101 8, 8 /* 64 bit */, 8,
102 EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
103 rc2_init_key,
104 rc2_cbc_cipher,
105 NULL,
106 sizeof(EVP_RC2_KEY),
107 rc2_set_asn1_type_and_iv,
108 rc2_get_asn1_type_and_iv,
109 rc2_ctrl,
110 NULL
111};
112
113static const EVP_CIPHER r2_40_cbc_cipher = {
114 NID_rc2_40_cbc,
115 8, 5 /* 40 bit */, 8,
116 EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
117 rc2_init_key,
118 rc2_cbc_cipher,
119 NULL,
120 sizeof(EVP_RC2_KEY),
121 rc2_set_asn1_type_and_iv,
122 rc2_get_asn1_type_and_iv,
123 rc2_ctrl,
124 NULL
125};
126
127const EVP_CIPHER *
128EVP_rc2_64_cbc(void)
129{
130 return (&r2_64_cbc_cipher);
131}
132
133const EVP_CIPHER *
134EVP_rc2_40_cbc(void)
135{
136 return (&r2_40_cbc_cipher);
137}
138
139static int
140rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
141 const unsigned char *iv, int enc)
142{
143 RC2_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
144 key, data(ctx)->key_bits);
145 return 1;
146}
147
148static int
149rc2_meth_to_magic(EVP_CIPHER_CTX *e)
150{
151 int i;
152
153 EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i);
154 if (i == 128)
155 return (RC2_128_MAGIC);
156 else if (i == 64)
157 return (RC2_64_MAGIC);
158 else if (i == 40)
159 return (RC2_40_MAGIC);
160 else
161 return (0);
162}
163
164static int
165rc2_magic_to_meth(int i)
166{
167 if (i == RC2_128_MAGIC)
168 return 128;
169 else if (i == RC2_64_MAGIC)
170 return 64;
171 else if (i == RC2_40_MAGIC)
172 return 40;
173 else {
174 EVPerr(EVP_F_RC2_MAGIC_TO_METH, EVP_R_UNSUPPORTED_KEY_SIZE);
175 return (0);
176 }
177}
178
179static int
180rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
181{
182 long num = 0;
183 int i = 0;
184 int key_bits;
185 unsigned int l;
186 unsigned char iv[EVP_MAX_IV_LENGTH];
187
188 if (type != NULL) {
189 l = EVP_CIPHER_CTX_iv_length(c);
190 if (l > sizeof(iv)) {
191 EVPerr(EVP_F_RC2_GET_ASN1_TYPE_AND_IV,
192 EVP_R_IV_TOO_LARGE);
193 return -1;
194 }
195 i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l);
196 if (i != (int)l)
197 return (-1);
198 key_bits = rc2_magic_to_meth((int)num);
199 if (!key_bits)
200 return (-1);
201 if (i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1))
202 return -1;
203 EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS,
204 key_bits, NULL);
205 EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
206 }
207 return (i);
208}
209
210static int
211rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
212{
213 long num;
214 int i = 0, j;
215
216 if (type != NULL) {
217 num = rc2_meth_to_magic(c);
218 j = EVP_CIPHER_CTX_iv_length(c);
219 i = ASN1_TYPE_set_int_octetstring(type, num, c->oiv, j);
220 }
221 return (i);
222}
223
224static int
225rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
226{
227 switch (type) {
228 case EVP_CTRL_INIT:
229 data(c)->key_bits = EVP_CIPHER_CTX_key_length(c) * 8;
230 return 1;
231
232 case EVP_CTRL_GET_RC2_KEY_BITS:
233 *(int *)ptr = data(c)->key_bits;
234 return 1;
235
236 case EVP_CTRL_SET_RC2_KEY_BITS:
237 if (arg > 0) {
238 data(c)->key_bits = arg;
239 return 1;
240 }
241 return 0;
242
243#ifdef PBE_PRF_TEST
244 case EVP_CTRL_PBE_PRF_NID:
245 *(int *)ptr = NID_hmacWithMD5;
246 return 1;
247#endif
248
249 default:
250 return -1;
251 }
252}
253
254#endif
diff --git a/src/lib/libcrypto/evp/e_rc4.c b/src/lib/libcrypto/evp/e_rc4.c
deleted file mode 100644
index e77a293141..0000000000
--- a/src/lib/libcrypto/evp/e_rc4.c
+++ /dev/null
@@ -1,140 +0,0 @@
1/* $OpenBSD: e_rc4.c,v 1.14 2014/07/11 08:44:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#ifndef OPENSSL_NO_RC4
64
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/rc4.h>
68
69#include "evp_locl.h"
70
71/* FIXME: surely this is available elsewhere? */
72#define EVP_RC4_KEY_SIZE 16
73
74typedef struct {
75 RC4_KEY ks; /* working key */
76} EVP_RC4_KEY;
77
78#define data(ctx) ((EVP_RC4_KEY *)(ctx)->cipher_data)
79
80static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
81 const unsigned char *iv, int enc);
82static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
83 const unsigned char *in, size_t inl);
84
85static const EVP_CIPHER r4_cipher = {
86 NID_rc4,
87 1, EVP_RC4_KEY_SIZE, 0,
88 EVP_CIPH_VARIABLE_LENGTH,
89 rc4_init_key,
90 rc4_cipher,
91 NULL,
92 sizeof(EVP_RC4_KEY),
93 NULL,
94 NULL,
95 NULL,
96 NULL
97};
98
99static const EVP_CIPHER r4_40_cipher = {
100 NID_rc4_40,
101 1, 5 /* 40 bit */, 0,
102 EVP_CIPH_VARIABLE_LENGTH,
103 rc4_init_key,
104 rc4_cipher,
105 NULL,
106 sizeof(EVP_RC4_KEY),
107 NULL,
108 NULL,
109 NULL,
110 NULL
111};
112
113const EVP_CIPHER *
114EVP_rc4(void)
115{
116 return (&r4_cipher);
117}
118
119const EVP_CIPHER *
120EVP_rc4_40(void)
121{
122 return (&r4_40_cipher);
123}
124
125static int
126rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
127 const unsigned char *iv, int enc)
128{
129 RC4_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key);
130 return 1;
131}
132
133static int
134rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
135 const unsigned char *in, size_t inl)
136{
137 RC4(&data(ctx)->ks, inl, in, out);
138 return 1;
139}
140#endif
diff --git a/src/lib/libcrypto/evp/e_rc4_hmac_md5.c b/src/lib/libcrypto/evp/e_rc4_hmac_md5.c
deleted file mode 100644
index 1f085af403..0000000000
--- a/src/lib/libcrypto/evp/e_rc4_hmac_md5.c
+++ /dev/null
@@ -1,309 +0,0 @@
1/* $OpenBSD: e_rc4_hmac_md5.c,v 1.5 2014/08/11 13:29:43 bcook Exp $ */
2/* ====================================================================
3 * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 */
50
51#include <stdio.h>
52#include <string.h>
53
54#include <openssl/opensslconf.h>
55
56#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5)
57
58#include <openssl/evp.h>
59#include <openssl/objects.h>
60#include <openssl/rc4.h>
61#include <openssl/md5.h>
62
63#ifndef EVP_CIPH_FLAG_AEAD_CIPHER
64#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
65#define EVP_CTRL_AEAD_TLS1_AAD 0x16
66#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
67#endif
68
69/* FIXME: surely this is available elsewhere? */
70#define EVP_RC4_KEY_SIZE 16
71
72typedef struct {
73 RC4_KEY ks;
74 MD5_CTX head, tail, md;
75 size_t payload_length;
76} EVP_RC4_HMAC_MD5;
77
78#define NO_PAYLOAD_LENGTH ((size_t)-1)
79
80void rc4_md5_enc (RC4_KEY *key, const void *in0, void *out,
81 MD5_CTX *ctx, const void *inp, size_t blocks);
82
83#define data(ctx) ((EVP_RC4_HMAC_MD5 *)(ctx)->cipher_data)
84
85static int
86rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *inkey,
87 const unsigned char *iv, int enc)
88{
89 EVP_RC4_HMAC_MD5 *key = data(ctx);
90
91 RC4_set_key(&key->ks, EVP_CIPHER_CTX_key_length(ctx), inkey);
92
93 MD5_Init(&key->head); /* handy when benchmarking */
94 key->tail = key->head;
95 key->md = key->head;
96
97 key->payload_length = NO_PAYLOAD_LENGTH;
98
99 return 1;
100}
101
102#if !defined(OPENSSL_NO_ASM) && defined(RC4_MD5_ASM) && ( \
103 defined(__x86_64) || defined(__x86_64__) || \
104 defined(_M_AMD64) || defined(_M_X64) || \
105 defined(__INTEL__) ) && \
106 !(defined(__APPLE__) && defined(__MACH__))
107#define STITCHED_CALL
108#endif
109
110#if !defined(STITCHED_CALL)
111#define rc4_off 0
112#define md5_off 0
113#endif
114
115static int
116rc4_hmac_md5_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
117 const unsigned char *in, size_t len)
118{
119 EVP_RC4_HMAC_MD5 *key = data(ctx);
120#if defined(STITCHED_CALL)
121 size_t rc4_off = 32-1-(key->ks.x&(32-1)), /* 32 is $MOD from rc4_md5-x86_64.pl */
122 md5_off = MD5_CBLOCK - key->md.num,
123 blocks;
124 unsigned int l;
125 extern unsigned int OPENSSL_ia32cap_P[];
126#endif
127 size_t plen = key->payload_length;
128
129 if (plen != NO_PAYLOAD_LENGTH && len != (plen + MD5_DIGEST_LENGTH))
130 return 0;
131
132 if (ctx->encrypt) {
133 if (plen == NO_PAYLOAD_LENGTH)
134 plen = len;
135#if defined(STITCHED_CALL)
136 /* cipher has to "fall behind" */
137 if (rc4_off > md5_off)
138 md5_off += MD5_CBLOCK;
139
140 if (plen > md5_off &&
141 (blocks = (plen - md5_off) / MD5_CBLOCK) &&
142 (OPENSSL_ia32cap_P[0]&(1 << 20)) == 0) {
143 MD5_Update(&key->md, in, md5_off);
144 RC4(&key->ks, rc4_off, in, out);
145
146 rc4_md5_enc(&key->ks, in + rc4_off, out + rc4_off,
147 &key->md, in + md5_off, blocks);
148 blocks *= MD5_CBLOCK;
149 rc4_off += blocks;
150 md5_off += blocks;
151 key->md.Nh += blocks >> 29;
152 key->md.Nl += blocks <<= 3;
153 if (key->md.Nl < (unsigned int)blocks)
154 key->md.Nh++;
155 } else {
156 rc4_off = 0;
157 md5_off = 0;
158 }
159#endif
160 MD5_Update(&key->md, in + md5_off, plen - md5_off);
161
162 if (plen!=len) { /* "TLS" mode of operation */
163 if (in != out)
164 memcpy(out + rc4_off, in + rc4_off,
165 plen - rc4_off);
166
167 /* calculate HMAC and append it to payload */
168 MD5_Final(out + plen, &key->md);
169 key->md = key->tail;
170 MD5_Update(&key->md, out + plen, MD5_DIGEST_LENGTH);
171 MD5_Final(out + plen, &key->md);
172
173 /* encrypt HMAC at once */
174 RC4(&key->ks, len - rc4_off, out + rc4_off,
175 out + rc4_off);
176 } else {
177 RC4(&key->ks, len - rc4_off, in + rc4_off,
178 out + rc4_off);
179 }
180 } else {
181 unsigned char mac[MD5_DIGEST_LENGTH];
182#if defined(STITCHED_CALL)
183 /* digest has to "fall behind" */
184 if (md5_off > rc4_off)
185 rc4_off += 2*MD5_CBLOCK;
186 else
187 rc4_off += MD5_CBLOCK;
188
189 if (len > rc4_off && (blocks = (len - rc4_off) / MD5_CBLOCK) &&
190 (OPENSSL_ia32cap_P[0] & (1 << 20)) == 0) {
191 RC4(&key->ks, rc4_off, in, out);
192 MD5_Update(&key->md, out, md5_off);
193
194 rc4_md5_enc(&key->ks, in + rc4_off, out + rc4_off,
195 &key->md, out + md5_off, blocks);
196 blocks *= MD5_CBLOCK;
197 rc4_off += blocks;
198 md5_off += blocks;
199 l = (key->md.Nl + (blocks << 3)) & 0xffffffffU;
200 if (l < key->md.Nl)
201 key->md.Nh++;
202 key->md.Nl = l;
203 key->md.Nh += blocks >> 29;
204 } else {
205 md5_off = 0;
206 rc4_off = 0;
207 }
208#endif
209 /* decrypt HMAC at once */
210 RC4(&key->ks, len - rc4_off, in + rc4_off, out + rc4_off);
211 if (plen!=NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */
212 MD5_Update(&key->md, out + md5_off, plen - md5_off);
213
214 /* calculate HMAC and verify it */
215 MD5_Final(mac, &key->md);
216 key->md = key->tail;
217 MD5_Update(&key->md, mac, MD5_DIGEST_LENGTH);
218 MD5_Final(mac, &key->md);
219
220 if (memcmp(out + plen, mac, MD5_DIGEST_LENGTH))
221 return 0;
222 } else {
223 MD5_Update(&key->md, out + md5_off, len - md5_off);
224 }
225 }
226
227 key->payload_length = NO_PAYLOAD_LENGTH;
228
229 return 1;
230}
231
232static int
233rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
234{
235 EVP_RC4_HMAC_MD5 *key = data(ctx);
236
237 switch (type) {
238 case EVP_CTRL_AEAD_SET_MAC_KEY:
239 {
240 unsigned int i;
241 unsigned char hmac_key[64];
242
243 memset (hmac_key, 0, sizeof(hmac_key));
244
245 if (arg > (int)sizeof(hmac_key)) {
246 MD5_Init(&key->head);
247 MD5_Update(&key->head, ptr, arg);
248 MD5_Final(hmac_key, &key->head);
249 } else {
250 memcpy(hmac_key, ptr, arg);
251 }
252
253 for (i = 0; i < sizeof(hmac_key); i++)
254 hmac_key[i] ^= 0x36; /* ipad */
255 MD5_Init(&key->head);
256 MD5_Update(&key->head, hmac_key, sizeof(hmac_key));
257
258 for (i = 0; i < sizeof(hmac_key); i++)
259 hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
260 MD5_Init(&key->tail);
261 MD5_Update(&key->tail, hmac_key, sizeof(hmac_key));
262
263 return 1;
264 }
265 case EVP_CTRL_AEAD_TLS1_AAD:
266 {
267 unsigned char *p = ptr;
268 unsigned int len = p[arg - 2] << 8 | p[arg - 1];
269
270 if (!ctx->encrypt) {
271 len -= MD5_DIGEST_LENGTH;
272 p[arg - 2] = len >> 8;
273 p[arg - 1] = len;
274 }
275 key->payload_length = len;
276 key->md = key->head;
277 MD5_Update(&key->md, p, arg);
278
279 return MD5_DIGEST_LENGTH;
280 }
281 default:
282 return -1;
283 }
284}
285
286static EVP_CIPHER r4_hmac_md5_cipher = {
287#ifdef NID_rc4_hmac_md5
288 NID_rc4_hmac_md5,
289#else
290 NID_undef,
291#endif
292 1, EVP_RC4_KEY_SIZE, 0,
293 EVP_CIPH_STREAM_CIPHER|EVP_CIPH_VARIABLE_LENGTH|EVP_CIPH_FLAG_AEAD_CIPHER,
294 rc4_hmac_md5_init_key,
295 rc4_hmac_md5_cipher,
296 NULL,
297 sizeof(EVP_RC4_HMAC_MD5),
298 NULL,
299 NULL,
300 rc4_hmac_md5_ctrl,
301 NULL
302};
303
304const EVP_CIPHER *
305EVP_rc4_hmac_md5(void)
306{
307 return (&r4_hmac_md5_cipher);
308}
309#endif
diff --git a/src/lib/libcrypto/evp/e_xcbc_d.c b/src/lib/libcrypto/evp/e_xcbc_d.c
deleted file mode 100644
index 2aae0a9151..0000000000
--- a/src/lib/libcrypto/evp/e_xcbc_d.c
+++ /dev/null
@@ -1,137 +0,0 @@
1/* $OpenBSD: e_xcbc_d.c,v 1.12 2014/07/11 08:44:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/opensslconf.h>
63
64#ifndef OPENSSL_NO_DES
65
66#include <openssl/des.h>
67#include <openssl/evp.h>
68#include <openssl/objects.h>
69
70#include "evp_locl.h"
71
72static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
73 const unsigned char *iv, int enc);
74static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
75 const unsigned char *in, size_t inl);
76
77
78typedef struct {
79 DES_key_schedule ks;/* key schedule */
80 DES_cblock inw;
81 DES_cblock outw;
82} DESX_CBC_KEY;
83
84#define data(ctx) ((DESX_CBC_KEY *)(ctx)->cipher_data)
85
86static const EVP_CIPHER d_xcbc_cipher = {
87 NID_desx_cbc,
88 8, 24, 8,
89 EVP_CIPH_CBC_MODE,
90 desx_cbc_init_key,
91 desx_cbc_cipher,
92 NULL,
93 sizeof(DESX_CBC_KEY),
94 EVP_CIPHER_set_asn1_iv,
95 EVP_CIPHER_get_asn1_iv,
96 NULL,
97 NULL
98};
99
100const EVP_CIPHER *
101EVP_desx_cbc(void)
102{
103 return (&d_xcbc_cipher);
104}
105
106static int
107desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
108 const unsigned char *iv, int enc)
109{
110 DES_cblock *deskey = (DES_cblock *)key;
111
112 DES_set_key_unchecked(deskey, &data(ctx)->ks);
113 memcpy(&data(ctx)->inw[0], &key[8], 8);
114 memcpy(&data(ctx)->outw[0], &key[16], 8);
115
116 return 1;
117}
118
119static int
120desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
121 const unsigned char *in, size_t inl)
122{
123 while (inl >= EVP_MAXCHUNK) {
124 DES_xcbc_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks,
125 (DES_cblock *)&(ctx->iv[0]), &data(ctx)->inw,
126 &data(ctx)->outw, ctx->encrypt);
127 inl -= EVP_MAXCHUNK;
128 in += EVP_MAXCHUNK;
129 out += EVP_MAXCHUNK;
130 }
131 if (inl)
132 DES_xcbc_encrypt(in, out, (long)inl, &data(ctx)->ks,
133 (DES_cblock *)&(ctx->iv[0]), &data(ctx)->inw,
134 &data(ctx)->outw, ctx->encrypt);
135 return 1;
136}
137#endif
diff --git a/src/lib/libcrypto/evp/encode.c b/src/lib/libcrypto/evp/encode.c
deleted file mode 100644
index 725667bfff..0000000000
--- a/src/lib/libcrypto/evp/encode.c
+++ /dev/null
@@ -1,417 +0,0 @@
1/* $OpenBSD: encode.c,v 1.20 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/evp.h>
63
64#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
65#define conv_ascii2bin(a) (data_ascii2bin[(a)&0x7f])
66
67/* 64 char lines
68 * pad input with 0
69 * left over chars are set to =
70 * 1 byte => xx==
71 * 2 bytes => xxx=
72 * 3 bytes => xxxx
73 */
74#define BIN_PER_LINE (64/4*3)
75#define CHUNKS_PER_LINE (64/4)
76#define CHAR_PER_LINE (64+1)
77
78static const unsigned char data_bin2ascii[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ\
79abcdefghijklmnopqrstuvwxyz0123456789+/";
80
81/* 0xF0 is a EOLN
82 * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
83 * 0xF2 is EOF
84 * 0xE0 is ignore at start of line.
85 * 0xFF is error
86 */
87
88#define B64_EOLN 0xF0
89#define B64_CR 0xF1
90#define B64_EOF 0xF2
91#define B64_WS 0xE0
92#define B64_ERROR 0xFF
93#define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3)
94
95static const unsigned char data_ascii2bin[128] = {
96 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
97 0xFF, 0xE0, 0xF0, 0xFF, 0xFF, 0xF1, 0xFF, 0xFF,
98 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
99 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
100 0xE0, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
101 0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xF2, 0xFF, 0x3F,
102 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B,
103 0x3C, 0x3D, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF,
104 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
105 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
106 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
107 0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
108 0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20,
109 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
110 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
111 0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
112};
113
114void
115EVP_EncodeInit(EVP_ENCODE_CTX *ctx)
116{
117 ctx->length = 48;
118 ctx->num = 0;
119 ctx->line_num = 0;
120}
121
122void
123EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
124 const unsigned char *in, int inl)
125{
126 int i, j;
127 unsigned int total = 0;
128
129 *outl = 0;
130 if (inl == 0)
131 return;
132 OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));
133 if ((ctx->num + inl) < ctx->length) {
134 memcpy(&(ctx->enc_data[ctx->num]), in, inl);
135 ctx->num += inl;
136 return;
137 }
138 if (ctx->num != 0) {
139 i = ctx->length - ctx->num;
140 memcpy(&(ctx->enc_data[ctx->num]), in, i);
141 in += i;
142 inl -= i;
143 j = EVP_EncodeBlock(out, ctx->enc_data, ctx->length);
144 ctx->num = 0;
145 out += j;
146 *(out++) = '\n';
147 *out = '\0';
148 total = j + 1;
149 }
150 while (inl >= ctx->length) {
151 j = EVP_EncodeBlock(out, in, ctx->length);
152 in += ctx->length;
153 inl -= ctx->length;
154 out += j;
155 *(out++) = '\n';
156 *out = '\0';
157 total += j + 1;
158 }
159 if (inl != 0)
160 memcpy(&(ctx->enc_data[0]), in, inl);
161 ctx->num = inl;
162 *outl = total;
163}
164
165void
166EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
167{
168 unsigned int ret = 0;
169
170 if (ctx->num != 0) {
171 ret = EVP_EncodeBlock(out, ctx->enc_data, ctx->num);
172 out[ret++] = '\n';
173 out[ret] = '\0';
174 ctx->num = 0;
175 }
176 *outl = ret;
177}
178
179int
180EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen)
181{
182 int i, ret = 0;
183 unsigned long l;
184
185 for (i = dlen; i > 0; i -= 3) {
186 if (i >= 3) {
187 l = (((unsigned long)f[0]) << 16L) |
188 (((unsigned long)f[1]) << 8L) | f[2];
189 *(t++) = conv_bin2ascii(l >> 18L);
190 *(t++) = conv_bin2ascii(l >> 12L);
191 *(t++) = conv_bin2ascii(l >> 6L);
192 *(t++) = conv_bin2ascii(l );
193 } else {
194 l = ((unsigned long)f[0]) << 16L;
195 if (i == 2)
196 l |= ((unsigned long)f[1] << 8L);
197
198 *(t++) = conv_bin2ascii(l >> 18L);
199 *(t++) = conv_bin2ascii(l >> 12L);
200 *(t++) = (i == 1) ? '=' : conv_bin2ascii(l >> 6L);
201 *(t++) = '=';
202 }
203 ret += 4;
204 f += 3;
205 }
206
207 *t = '\0';
208 return (ret);
209}
210
211void
212EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
213{
214 ctx->length = 30;
215 ctx->num = 0;
216 ctx->line_num = 0;
217 ctx->expect_nl = 0;
218}
219
220/* -1 for error
221 * 0 for last line
222 * 1 for full line
223 */
224int
225EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
226 const unsigned char *in, int inl)
227{
228 int seof = -1, eof = 0, rv = -1, ret = 0, i, v, tmp, n, ln, exp_nl;
229 unsigned char *d;
230
231 n = ctx->num;
232 d = ctx->enc_data;
233 ln = ctx->line_num;
234 exp_nl = ctx->expect_nl;
235
236 /* last line of input. */
237 if ((inl == 0) || ((n == 0) && (conv_ascii2bin(in[0]) == B64_EOF))) {
238 rv = 0;
239 goto end;
240 }
241
242 /* We parse the input data */
243 for (i = 0; i < inl; i++) {
244 /* If the current line is > 80 characters, scream alot */
245 if (ln >= 80) {
246 rv = -1;
247 goto end;
248 }
249
250 /* Get char and put it into the buffer */
251 tmp= *(in++);
252 v = conv_ascii2bin(tmp);
253 /* only save the good data :-) */
254 if (!B64_NOT_BASE64(v)) {
255 OPENSSL_assert(n < (int)sizeof(ctx->enc_data));
256 d[n++] = tmp;
257 ln++;
258 } else if (v == B64_ERROR) {
259 rv = -1;
260 goto end;
261 }
262
263 /* There should not be base64 data after padding. */
264 if (eof && tmp != '=' && tmp != '\r' && tmp != '\n' &&
265 v != B64_EOF) {
266 rv = -1;
267 goto end;
268 }
269
270 /* have we seen a '=' which is 'definitely' the last
271 * input line. seof will point to the character that
272 * holds it. and eof will hold how many characters to
273 * chop off. */
274 if (tmp == '=') {
275 if (seof == -1)
276 seof = n;
277 eof++;
278 }
279
280 /* There should be no more than two padding markers. */
281 if (eof > 2) {
282 rv = -1;
283 goto end;
284 }
285
286 if (v == B64_CR) {
287 ln = 0;
288 if (exp_nl)
289 continue;
290 }
291
292 /* eoln */
293 if (v == B64_EOLN) {
294 ln = 0;
295 if (exp_nl) {
296 exp_nl = 0;
297 continue;
298 }
299 }
300 exp_nl = 0;
301
302 /* If we are at the end of input and it looks like a
303 * line, process it. */
304 if (((i + 1) == inl) && (((n&3) == 0) || eof)) {
305 v = B64_EOF;
306 /* In case things were given us in really small
307 records (so two '=' were given in separate
308 updates), eof may contain the incorrect number
309 of ending bytes to skip, so let's redo the count */
310 eof = 0;
311 if (d[n-1] == '=')
312 eof++;
313 if (d[n-2] == '=')
314 eof++;
315 /* There will never be more than two '=' */
316 }
317
318 if ((v == B64_EOF && (n&3) == 0) || (n >= 64)) {
319 /* This is needed to work correctly on 64 byte input
320 * lines. We process the line and then need to
321 * accept the '\n' */
322 if ((v != B64_EOF) && (n >= 64))
323 exp_nl = 1;
324 if (n > 0) {
325 v = EVP_DecodeBlock(out, d, n);
326 n = 0;
327 if (v < 0) {
328 rv = 0;
329 goto end;
330 }
331 ret += (v - eof);
332 } else {
333 eof = 1;
334 v = 0;
335 }
336
337 /* This is the case where we have had a short
338 * but valid input line */
339 if ((v < ctx->length) && eof) {
340 rv = 0;
341 goto end;
342 } else
343 ctx->length = v;
344
345 if (seof >= 0) {
346 rv = 0;
347 goto end;
348 }
349 out += v;
350 }
351 }
352 rv = 1;
353
354end:
355 *outl = ret;
356 ctx->num = n;
357 ctx->line_num = ln;
358 ctx->expect_nl = exp_nl;
359 return (rv);
360}
361
362int
363EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n)
364{
365 int i, ret = 0, a, b, c, d;
366 unsigned long l;
367
368 /* trim white space from the start of the line. */
369 while ((conv_ascii2bin(*f) == B64_WS) && (n > 0)) {
370 f++;
371 n--;
372 }
373
374 /* strip off stuff at the end of the line
375 * ascii2bin values B64_WS, B64_EOLN, B64_EOLN and B64_EOF */
376 while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n - 1]))))
377 n--;
378
379 if (n % 4 != 0)
380 return (-1);
381
382 for (i = 0; i < n; i += 4) {
383 a = conv_ascii2bin(*(f++));
384 b = conv_ascii2bin(*(f++));
385 c = conv_ascii2bin(*(f++));
386 d = conv_ascii2bin(*(f++));
387 if ((a & 0x80) || (b & 0x80) ||
388 (c & 0x80) || (d & 0x80))
389 return (-1);
390 l = ((((unsigned long)a) << 18L) |
391 (((unsigned long)b) << 12L) |
392 (((unsigned long)c) << 6L) |
393 (((unsigned long)d)));
394 *(t++) = (unsigned char)(l >> 16L) & 0xff;
395 *(t++) = (unsigned char)(l >> 8L) & 0xff;
396 *(t++) = (unsigned char)(l) & 0xff;
397 ret += 3;
398 }
399 return (ret);
400}
401
402int
403EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
404{
405 int i;
406
407 *outl = 0;
408 if (ctx->num != 0) {
409 i = EVP_DecodeBlock(out, ctx->enc_data, ctx->num);
410 if (i < 0)
411 return (-1);
412 ctx->num = 0;
413 *outl = i;
414 return (1);
415 } else
416 return (1);
417}
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
deleted file mode 100644
index 57f8753ced..0000000000
--- a/src/lib/libcrypto/evp/evp.h
+++ /dev/null
@@ -1,1495 +0,0 @@
1/* $OpenBSD: evp.h,v 1.45 2015/06/20 01:07:24 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_ENVELOPE_H
60#define HEADER_ENVELOPE_H
61
62#include <openssl/opensslconf.h>
63
64#include <openssl/ossl_typ.h>
65
66#ifndef OPENSSL_NO_BIO
67#include <openssl/bio.h>
68#endif
69
70/*
71#define EVP_RC2_KEY_SIZE 16
72#define EVP_RC4_KEY_SIZE 16
73#define EVP_BLOWFISH_KEY_SIZE 16
74#define EVP_CAST5_KEY_SIZE 16
75#define EVP_RC5_32_12_16_KEY_SIZE 16
76*/
77#define EVP_MAX_MD_SIZE 64 /* longest known is SHA512 */
78#define EVP_MAX_KEY_LENGTH 64
79#define EVP_MAX_IV_LENGTH 16
80#define EVP_MAX_BLOCK_LENGTH 32
81
82#define PKCS5_SALT_LEN 8
83/* Default PKCS#5 iteration count */
84#define PKCS5_DEFAULT_ITER 2048
85
86#include <openssl/objects.h>
87
88#define EVP_PK_RSA 0x0001
89#define EVP_PK_DSA 0x0002
90#define EVP_PK_DH 0x0004
91#define EVP_PK_EC 0x0008
92#define EVP_PKT_SIGN 0x0010
93#define EVP_PKT_ENC 0x0020
94#define EVP_PKT_EXCH 0x0040
95#define EVP_PKS_RSA 0x0100
96#define EVP_PKS_DSA 0x0200
97#define EVP_PKS_EC 0x0400
98#define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
99
100#define EVP_PKEY_NONE NID_undef
101#define EVP_PKEY_RSA NID_rsaEncryption
102#define EVP_PKEY_RSA2 NID_rsa
103#define EVP_PKEY_DSA NID_dsa
104#define EVP_PKEY_DSA1 NID_dsa_2
105#define EVP_PKEY_DSA2 NID_dsaWithSHA
106#define EVP_PKEY_DSA3 NID_dsaWithSHA1
107#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
108#define EVP_PKEY_DH NID_dhKeyAgreement
109#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
110#define EVP_PKEY_GOSTR01 NID_id_GostR3410_2001
111#define EVP_PKEY_GOSTIMIT NID_id_Gost28147_89_MAC
112#define EVP_PKEY_HMAC NID_hmac
113#define EVP_PKEY_CMAC NID_cmac
114#define EVP_PKEY_GOSTR12_256 NID_id_tc26_gost3410_2012_256
115#define EVP_PKEY_GOSTR12_512 NID_id_tc26_gost3410_2012_512
116
117#ifdef __cplusplus
118extern "C" {
119#endif
120
121/* Type needs to be a bit field
122 * Sub-type needs to be for variations on the method, as in, can it do
123 * arbitrary encryption.... */
124struct evp_pkey_st {
125 int type;
126 int save_type;
127 int references;
128 const EVP_PKEY_ASN1_METHOD *ameth;
129 ENGINE *engine;
130 union {
131 char *ptr;
132#ifndef OPENSSL_NO_RSA
133 struct rsa_st *rsa; /* RSA */
134#endif
135#ifndef OPENSSL_NO_DSA
136 struct dsa_st *dsa; /* DSA */
137#endif
138#ifndef OPENSSL_NO_DH
139 struct dh_st *dh; /* DH */
140#endif
141#ifndef OPENSSL_NO_EC
142 struct ec_key_st *ec; /* ECC */
143#endif
144#ifndef OPENSSL_NO_GOST
145 struct gost_key_st *gost; /* GOST */
146#endif
147 } pkey;
148 int save_parameters;
149 STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
150} /* EVP_PKEY */;
151
152#define EVP_PKEY_MO_SIGN 0x0001
153#define EVP_PKEY_MO_VERIFY 0x0002
154#define EVP_PKEY_MO_ENCRYPT 0x0004
155#define EVP_PKEY_MO_DECRYPT 0x0008
156
157typedef int evp_sign_method(int type, const unsigned char *m,
158 unsigned int m_length, unsigned char *sigret, unsigned int *siglen,
159 void *key);
160typedef int evp_verify_method(int type, const unsigned char *m,
161 unsigned int m_length, const unsigned char *sigbuf, unsigned int siglen,
162 void *key);
163
164#ifndef EVP_MD
165struct env_md_st {
166 int type;
167 int pkey_type;
168 int md_size;
169 unsigned long flags;
170 int (*init)(EVP_MD_CTX *ctx);
171 int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
172 int (*final)(EVP_MD_CTX *ctx, unsigned char *md);
173 int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from);
174 int (*cleanup)(EVP_MD_CTX *ctx);
175
176 evp_sign_method *sign;
177 evp_verify_method *verify;
178 int required_pkey_type[5]; /*EVP_PKEY_xxx */
179 int block_size;
180 int ctx_size; /* how big does the ctx->md_data need to be */
181 /* control function */
182 int (*md_ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
183} /* EVP_MD */;
184
185#define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single
186 * block */
187
188#define EVP_MD_FLAG_PKEY_DIGEST 0x0002 /* digest is a "clone" digest used
189 * which is a copy of an existing
190 * one for a specific public key type.
191 * EVP_dss1() etc */
192
193/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
194
195#define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE 0x0004
196
197/* DigestAlgorithmIdentifier flags... */
198
199#define EVP_MD_FLAG_DIGALGID_MASK 0x0018
200
201/* NULL or absent parameter accepted. Use NULL */
202
203#define EVP_MD_FLAG_DIGALGID_NULL 0x0000
204
205/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */
206
207#define EVP_MD_FLAG_DIGALGID_ABSENT 0x0008
208
209/* Custom handling via ctrl */
210
211#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
212
213#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */
214
215/* Digest ctrls */
216
217#define EVP_MD_CTRL_DIGALGID 0x1
218#define EVP_MD_CTRL_MICALG 0x2
219#define EVP_MD_CTRL_SET_KEY 0x3
220#define EVP_MD_CTRL_GOST_SET_SBOX 0x4
221
222/* Minimum Algorithm specific ctrl value */
223
224#define EVP_MD_CTRL_ALG_CTRL 0x1000
225
226#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
227
228#ifndef OPENSSL_NO_DSA
229#define EVP_PKEY_DSA_method (evp_sign_method *)DSA_sign, \
230 (evp_verify_method *)DSA_verify, \
231 {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
232 EVP_PKEY_DSA4,0}
233#else
234#define EVP_PKEY_DSA_method EVP_PKEY_NULL_method
235#endif
236
237#ifndef OPENSSL_NO_ECDSA
238#define EVP_PKEY_ECDSA_method (evp_sign_method *)ECDSA_sign, \
239 (evp_verify_method *)ECDSA_verify, \
240 {EVP_PKEY_EC,0,0,0}
241#else
242#define EVP_PKEY_ECDSA_method EVP_PKEY_NULL_method
243#endif
244
245#ifndef OPENSSL_NO_RSA
246#define EVP_PKEY_RSA_method (evp_sign_method *)RSA_sign, \
247 (evp_verify_method *)RSA_verify, \
248 {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
249#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
250 (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \
251 (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \
252 {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
253#else
254#define EVP_PKEY_RSA_method EVP_PKEY_NULL_method
255#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
256#endif
257
258#endif /* !EVP_MD */
259
260struct env_md_ctx_st {
261 const EVP_MD *digest;
262 ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */
263 unsigned long flags;
264 void *md_data;
265 /* Public key context for sign/verify */
266 EVP_PKEY_CTX *pctx;
267 /* Update function: usually copied from EVP_MD */
268 int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
269} /* EVP_MD_CTX */;
270
271/* values for EVP_MD_CTX flags */
272
273#define EVP_MD_CTX_FLAG_ONESHOT 0x0001 /* digest update will be called
274 * once only */
275#define EVP_MD_CTX_FLAG_CLEANED 0x0002 /* context has already been
276 * cleaned */
277#define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data
278 * in EVP_MD_CTX_cleanup */
279/* FIPS and pad options are ignored in 1.0.0, definitions are here
280 * so we don't accidentally reuse the values for other purposes.
281 */
282
283#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest
284 * in FIPS mode */
285
286/* The following PAD options are also currently ignored in 1.0.0, digest
287 * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*()
288 * instead.
289 */
290#define EVP_MD_CTX_FLAG_PAD_MASK 0xF0 /* RSA mode to use */
291#define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00 /* PKCS#1 v1.5 mode */
292#define EVP_MD_CTX_FLAG_PAD_X931 0x10 /* X9.31 mode */
293#define EVP_MD_CTX_FLAG_PAD_PSS 0x20 /* PSS mode */
294
295#define EVP_MD_CTX_FLAG_NO_INIT 0x0100 /* Don't initialize md_data */
296
297struct evp_cipher_st {
298 int nid;
299 int block_size;
300 int key_len; /* Default value for variable length ciphers */
301 int iv_len;
302 unsigned long flags; /* Various flags */
303 int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
304 const unsigned char *iv, int enc); /* init key */
305 int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
306 const unsigned char *in, size_t inl);/* encrypt/decrypt data */
307 int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
308 int ctx_size; /* how big ctx->cipher_data needs to be */
309 int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
310 int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
311 int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
312 void *app_data; /* Application data */
313} /* EVP_CIPHER */;
314
315/* Values for cipher flags */
316
317/* Modes for ciphers */
318
319#define EVP_CIPH_STREAM_CIPHER 0x0
320#define EVP_CIPH_ECB_MODE 0x1
321#define EVP_CIPH_CBC_MODE 0x2
322#define EVP_CIPH_CFB_MODE 0x3
323#define EVP_CIPH_OFB_MODE 0x4
324#define EVP_CIPH_CTR_MODE 0x5
325#define EVP_CIPH_GCM_MODE 0x6
326#define EVP_CIPH_CCM_MODE 0x7
327#define EVP_CIPH_XTS_MODE 0x10001
328#define EVP_CIPH_MODE 0xF0007
329/* Set if variable length cipher */
330#define EVP_CIPH_VARIABLE_LENGTH 0x8
331/* Set if the iv handling should be done by the cipher itself */
332#define EVP_CIPH_CUSTOM_IV 0x10
333/* Set if the cipher's init() function should be called if key is NULL */
334#define EVP_CIPH_ALWAYS_CALL_INIT 0x20
335/* Call ctrl() to init cipher parameters */
336#define EVP_CIPH_CTRL_INIT 0x40
337/* Don't use standard key length function */
338#define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80
339/* Don't use standard block padding */
340#define EVP_CIPH_NO_PADDING 0x100
341/* cipher handles random key generation */
342#define EVP_CIPH_RAND_KEY 0x200
343/* cipher has its own additional copying logic */
344#define EVP_CIPH_CUSTOM_COPY 0x400
345/* Allow use default ASN1 get/set iv */
346#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000
347/* Buffer length in bits not bytes: CFB1 mode only */
348#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000
349/* Note if suitable for use in FIPS mode */
350#define EVP_CIPH_FLAG_FIPS 0x4000
351/* Allow non FIPS cipher in FIPS mode */
352#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000
353/* Cipher handles any and all padding logic as well
354 * as finalisation.
355 */
356#define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x100000
357#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
358
359/* ctrl() values */
360
361#define EVP_CTRL_INIT 0x0
362#define EVP_CTRL_SET_KEY_LENGTH 0x1
363#define EVP_CTRL_GET_RC2_KEY_BITS 0x2
364#define EVP_CTRL_SET_RC2_KEY_BITS 0x3
365#define EVP_CTRL_GET_RC5_ROUNDS 0x4
366#define EVP_CTRL_SET_RC5_ROUNDS 0x5
367#define EVP_CTRL_RAND_KEY 0x6
368#define EVP_CTRL_PBE_PRF_NID 0x7
369#define EVP_CTRL_COPY 0x8
370#define EVP_CTRL_GCM_SET_IVLEN 0x9
371#define EVP_CTRL_GCM_GET_TAG 0x10
372#define EVP_CTRL_GCM_SET_TAG 0x11
373#define EVP_CTRL_GCM_SET_IV_FIXED 0x12
374#define EVP_CTRL_GCM_IV_GEN 0x13
375#define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
376#define EVP_CTRL_CCM_GET_TAG EVP_CTRL_GCM_GET_TAG
377#define EVP_CTRL_CCM_SET_TAG EVP_CTRL_GCM_SET_TAG
378#define EVP_CTRL_CCM_SET_L 0x14
379#define EVP_CTRL_CCM_SET_MSGLEN 0x15
380/* AEAD cipher deduces payload length and returns number of bytes
381 * required to store MAC and eventual padding. Subsequent call to
382 * EVP_Cipher even appends/verifies MAC.
383 */
384#define EVP_CTRL_AEAD_TLS1_AAD 0x16
385/* Used by composite AEAD ciphers, no-op in GCM, CCM... */
386#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
387/* Set the GCM invocation field, decrypt only */
388#define EVP_CTRL_GCM_SET_IV_INV 0x18
389/* Set the S-BOX NID for GOST ciphers */
390#define EVP_CTRL_GOST_SET_SBOX 0x19
391
392/* GCM TLS constants */
393/* Length of fixed part of IV derived from PRF */
394#define EVP_GCM_TLS_FIXED_IV_LEN 4
395/* Length of explicit part of IV part of TLS records */
396#define EVP_GCM_TLS_EXPLICIT_IV_LEN 8
397/* Length of tag for TLS */
398#define EVP_GCM_TLS_TAG_LEN 16
399
400typedef struct evp_cipher_info_st {
401 const EVP_CIPHER *cipher;
402 unsigned char iv[EVP_MAX_IV_LENGTH];
403} EVP_CIPHER_INFO;
404
405struct evp_cipher_ctx_st {
406 const EVP_CIPHER *cipher;
407 ENGINE *engine; /* functional reference if 'cipher' is ENGINE-provided */
408 int encrypt; /* encrypt or decrypt */
409 int buf_len; /* number we have left */
410
411 unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
412 unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
413 unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
414 int num; /* used by cfb/ofb/ctr mode */
415
416 void *app_data; /* application stuff */
417 int key_len; /* May change for variable length cipher */
418 unsigned long flags; /* Various flags */
419 void *cipher_data; /* per EVP data */
420 int final_used;
421 int block_mask;
422 unsigned char final[EVP_MAX_BLOCK_LENGTH];/* possible final block */
423} /* EVP_CIPHER_CTX */;
424
425typedef struct evp_Encode_Ctx_st {
426 int num; /* number saved in a partial encode/decode */
427 int length; /* The length is either the output line length
428 * (in input bytes) or the shortest input line
429 * length that is ok. Once decoding begins,
430 * the length is adjusted up each time a longer
431 * line is decoded */
432 unsigned char enc_data[80]; /* data to encode */
433 int line_num; /* number read on current line */
434 int expect_nl;
435} EVP_ENCODE_CTX;
436
437/* Password based encryption function */
438typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
439 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de);
440
441#ifndef OPENSSL_NO_RSA
442#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
443 (char *)(rsa))
444#endif
445
446#ifndef OPENSSL_NO_DSA
447#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
448 (char *)(dsa))
449#endif
450
451#ifndef OPENSSL_NO_DH
452#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
453 (char *)(dh))
454#endif
455
456#ifndef OPENSSL_NO_EC
457#define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\
458 (char *)(eckey))
459#endif
460
461#ifndef OPENSSL_NO_GOST
462#define EVP_PKEY_assign_GOST(pkey,gostkey) EVP_PKEY_assign((pkey),EVP_PKEY_GOSTR01,\
463 (char *)(gostkey))
464#endif
465
466/* Add some extra combinations */
467#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
468#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
469#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
470#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
471
472int EVP_MD_type(const EVP_MD *md);
473#define EVP_MD_nid(e) EVP_MD_type(e)
474#define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e))
475int EVP_MD_pkey_type(const EVP_MD *md);
476int EVP_MD_size(const EVP_MD *md);
477int EVP_MD_block_size(const EVP_MD *md);
478unsigned long EVP_MD_flags(const EVP_MD *md);
479
480const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
481#define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e))
482#define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e))
483#define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e))
484
485int EVP_CIPHER_nid(const EVP_CIPHER *cipher);
486#define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e))
487int EVP_CIPHER_block_size(const EVP_CIPHER *cipher);
488int EVP_CIPHER_key_length(const EVP_CIPHER *cipher);
489int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher);
490unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher);
491#define EVP_CIPHER_mode(e) (EVP_CIPHER_flags(e) & EVP_CIPH_MODE)
492
493const EVP_CIPHER * EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
494int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
495int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
496int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
497int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
498int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
499void * EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
500void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);
501#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
502unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx);
503#define EVP_CIPHER_CTX_mode(e) (EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE)
504
505#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
506#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80)
507
508#define EVP_SignInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c)
509#define EVP_SignInit(a,b) EVP_DigestInit(a,b)
510#define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
511#define EVP_VerifyInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c)
512#define EVP_VerifyInit(a,b) EVP_DigestInit(a,b)
513#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
514#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
515#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
516#define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
517#define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
518
519#define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
520#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
521#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
522#define BIO_set_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp)
523#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
524#define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
525
526int EVP_Cipher(EVP_CIPHER_CTX *c, unsigned char *out, const unsigned char *in,
527 unsigned int inl);
528
529#define EVP_add_cipher_alias(n,alias) \
530 OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
531#define EVP_add_digest_alias(n,alias) \
532 OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
533#define EVP_delete_cipher_alias(alias) \
534 OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
535#define EVP_delete_digest_alias(alias) \
536 OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
537
538void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
539int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
540EVP_MD_CTX *EVP_MD_CTX_create(void);
541void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
542int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
543void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
544void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
545int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr);
546int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
547int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
548int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
549int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
550int EVP_Digest(const void *data, size_t count, unsigned char *md,
551 unsigned int *size, const EVP_MD *type, ENGINE *impl);
552
553int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in);
554int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
555int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
556
557int EVP_read_pw_string(char *buf, int length, const char *prompt, int verify);
558int EVP_read_pw_string_min(char *buf, int minlen, int maxlen,
559 const char *prompt, int verify);
560void EVP_set_pw_prompt(const char *prompt);
561char *EVP_get_pw_prompt(void);
562
563int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
564 const unsigned char *salt, const unsigned char *data, int datal, int count,
565 unsigned char *key, unsigned char *iv);
566
567void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags);
568void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags);
569int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags);
570
571int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
572 const unsigned char *key, const unsigned char *iv);
573int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
574 ENGINE *impl, const unsigned char *key, const unsigned char *iv);
575int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
576 const unsigned char *in, int inl);
577int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
578int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
579
580int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
581 const unsigned char *key, const unsigned char *iv);
582int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
583 ENGINE *impl, const unsigned char *key, const unsigned char *iv);
584int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
585 const unsigned char *in, int inl);
586int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
587int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
588
589int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
590 const unsigned char *key, const unsigned char *iv, int enc);
591int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
592 ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
593int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
594 const unsigned char *in, int inl);
595int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
596int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
597
598int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
599 EVP_PKEY *pkey);
600
601int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
602 unsigned int siglen, EVP_PKEY *pkey);
603
604int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
605 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
606int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen);
607
608int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
609 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
610int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen);
611
612int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
613 const unsigned char *ek, int ekl, const unsigned char *iv, EVP_PKEY *priv);
614int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
615
616int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
617 unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk,
618 int npubk);
619int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
620
621void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
622void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
623 const unsigned char *in, int inl);
624void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
625int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
626
627void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
628int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
629 const unsigned char *in, int inl);
630int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
631int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
632
633void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
634int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
635EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
636void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a);
637int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
638int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad);
639int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
640int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
641
642#ifndef OPENSSL_NO_BIO
643BIO_METHOD *BIO_f_md(void);
644BIO_METHOD *BIO_f_base64(void);
645BIO_METHOD *BIO_f_cipher(void);
646void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
647 const unsigned char *i, int enc);
648#endif
649
650const EVP_MD *EVP_md_null(void);
651#ifndef OPENSSL_NO_MD4
652const EVP_MD *EVP_md4(void);
653#endif
654#ifndef OPENSSL_NO_MD5
655const EVP_MD *EVP_md5(void);
656#endif
657#ifndef OPENSSL_NO_SHA
658const EVP_MD *EVP_sha(void);
659const EVP_MD *EVP_sha1(void);
660const EVP_MD *EVP_dss(void);
661const EVP_MD *EVP_dss1(void);
662const EVP_MD *EVP_ecdsa(void);
663#endif
664#ifndef OPENSSL_NO_SHA256
665const EVP_MD *EVP_sha224(void);
666const EVP_MD *EVP_sha256(void);
667#endif
668#ifndef OPENSSL_NO_SHA512
669const EVP_MD *EVP_sha384(void);
670const EVP_MD *EVP_sha512(void);
671#endif
672#ifndef OPENSSL_NO_RIPEMD
673const EVP_MD *EVP_ripemd160(void);
674#endif
675#ifndef OPENSSL_NO_WHIRLPOOL
676const EVP_MD *EVP_whirlpool(void);
677#endif
678#ifndef OPENSSL_NO_GOST
679const EVP_MD *EVP_gostr341194(void);
680const EVP_MD *EVP_gost2814789imit(void);
681const EVP_MD *EVP_streebog256(void);
682const EVP_MD *EVP_streebog512(void);
683#endif
684const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
685#ifndef OPENSSL_NO_DES
686const EVP_CIPHER *EVP_des_ecb(void);
687const EVP_CIPHER *EVP_des_ede(void);
688const EVP_CIPHER *EVP_des_ede3(void);
689const EVP_CIPHER *EVP_des_ede_ecb(void);
690const EVP_CIPHER *EVP_des_ede3_ecb(void);
691const EVP_CIPHER *EVP_des_cfb64(void);
692# define EVP_des_cfb EVP_des_cfb64
693const EVP_CIPHER *EVP_des_cfb1(void);
694const EVP_CIPHER *EVP_des_cfb8(void);
695const EVP_CIPHER *EVP_des_ede_cfb64(void);
696# define EVP_des_ede_cfb EVP_des_ede_cfb64
697const EVP_CIPHER *EVP_des_ede3_cfb64(void);
698# define EVP_des_ede3_cfb EVP_des_ede3_cfb64
699const EVP_CIPHER *EVP_des_ede3_cfb1(void);
700const EVP_CIPHER *EVP_des_ede3_cfb8(void);
701const EVP_CIPHER *EVP_des_ofb(void);
702const EVP_CIPHER *EVP_des_ede_ofb(void);
703const EVP_CIPHER *EVP_des_ede3_ofb(void);
704const EVP_CIPHER *EVP_des_cbc(void);
705const EVP_CIPHER *EVP_des_ede_cbc(void);
706const EVP_CIPHER *EVP_des_ede3_cbc(void);
707const EVP_CIPHER *EVP_desx_cbc(void);
708#endif
709#ifndef OPENSSL_NO_RC4
710const EVP_CIPHER *EVP_rc4(void);
711const EVP_CIPHER *EVP_rc4_40(void);
712#ifndef OPENSSL_NO_MD5
713const EVP_CIPHER *EVP_rc4_hmac_md5(void);
714#endif
715#endif
716#ifndef OPENSSL_NO_IDEA
717const EVP_CIPHER *EVP_idea_ecb(void);
718const EVP_CIPHER *EVP_idea_cfb64(void);
719# define EVP_idea_cfb EVP_idea_cfb64
720const EVP_CIPHER *EVP_idea_ofb(void);
721const EVP_CIPHER *EVP_idea_cbc(void);
722#endif
723#ifndef OPENSSL_NO_RC2
724const EVP_CIPHER *EVP_rc2_ecb(void);
725const EVP_CIPHER *EVP_rc2_cbc(void);
726const EVP_CIPHER *EVP_rc2_40_cbc(void);
727const EVP_CIPHER *EVP_rc2_64_cbc(void);
728const EVP_CIPHER *EVP_rc2_cfb64(void);
729# define EVP_rc2_cfb EVP_rc2_cfb64
730const EVP_CIPHER *EVP_rc2_ofb(void);
731#endif
732#ifndef OPENSSL_NO_BF
733const EVP_CIPHER *EVP_bf_ecb(void);
734const EVP_CIPHER *EVP_bf_cbc(void);
735const EVP_CIPHER *EVP_bf_cfb64(void);
736# define EVP_bf_cfb EVP_bf_cfb64
737const EVP_CIPHER *EVP_bf_ofb(void);
738#endif
739#ifndef OPENSSL_NO_CAST
740const EVP_CIPHER *EVP_cast5_ecb(void);
741const EVP_CIPHER *EVP_cast5_cbc(void);
742const EVP_CIPHER *EVP_cast5_cfb64(void);
743# define EVP_cast5_cfb EVP_cast5_cfb64
744const EVP_CIPHER *EVP_cast5_ofb(void);
745#endif
746#ifndef OPENSSL_NO_AES
747const EVP_CIPHER *EVP_aes_128_ecb(void);
748const EVP_CIPHER *EVP_aes_128_cbc(void);
749const EVP_CIPHER *EVP_aes_128_cfb1(void);
750const EVP_CIPHER *EVP_aes_128_cfb8(void);
751const EVP_CIPHER *EVP_aes_128_cfb128(void);
752# define EVP_aes_128_cfb EVP_aes_128_cfb128
753const EVP_CIPHER *EVP_aes_128_ofb(void);
754const EVP_CIPHER *EVP_aes_128_ctr(void);
755const EVP_CIPHER *EVP_aes_128_ccm(void);
756const EVP_CIPHER *EVP_aes_128_gcm(void);
757const EVP_CIPHER *EVP_aes_128_xts(void);
758const EVP_CIPHER *EVP_aes_192_ecb(void);
759const EVP_CIPHER *EVP_aes_192_cbc(void);
760const EVP_CIPHER *EVP_aes_192_cfb1(void);
761const EVP_CIPHER *EVP_aes_192_cfb8(void);
762const EVP_CIPHER *EVP_aes_192_cfb128(void);
763# define EVP_aes_192_cfb EVP_aes_192_cfb128
764const EVP_CIPHER *EVP_aes_192_ofb(void);
765const EVP_CIPHER *EVP_aes_192_ctr(void);
766const EVP_CIPHER *EVP_aes_192_ccm(void);
767const EVP_CIPHER *EVP_aes_192_gcm(void);
768const EVP_CIPHER *EVP_aes_256_ecb(void);
769const EVP_CIPHER *EVP_aes_256_cbc(void);
770const EVP_CIPHER *EVP_aes_256_cfb1(void);
771const EVP_CIPHER *EVP_aes_256_cfb8(void);
772const EVP_CIPHER *EVP_aes_256_cfb128(void);
773# define EVP_aes_256_cfb EVP_aes_256_cfb128
774const EVP_CIPHER *EVP_aes_256_ofb(void);
775const EVP_CIPHER *EVP_aes_256_ctr(void);
776const EVP_CIPHER *EVP_aes_256_ccm(void);
777const EVP_CIPHER *EVP_aes_256_gcm(void);
778const EVP_CIPHER *EVP_aes_256_xts(void);
779#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
780const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
781const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
782#endif
783#endif
784#ifndef OPENSSL_NO_CAMELLIA
785const EVP_CIPHER *EVP_camellia_128_ecb(void);
786const EVP_CIPHER *EVP_camellia_128_cbc(void);
787const EVP_CIPHER *EVP_camellia_128_cfb1(void);
788const EVP_CIPHER *EVP_camellia_128_cfb8(void);
789const EVP_CIPHER *EVP_camellia_128_cfb128(void);
790# define EVP_camellia_128_cfb EVP_camellia_128_cfb128
791const EVP_CIPHER *EVP_camellia_128_ofb(void);
792const EVP_CIPHER *EVP_camellia_192_ecb(void);
793const EVP_CIPHER *EVP_camellia_192_cbc(void);
794const EVP_CIPHER *EVP_camellia_192_cfb1(void);
795const EVP_CIPHER *EVP_camellia_192_cfb8(void);
796const EVP_CIPHER *EVP_camellia_192_cfb128(void);
797# define EVP_camellia_192_cfb EVP_camellia_192_cfb128
798const EVP_CIPHER *EVP_camellia_192_ofb(void);
799const EVP_CIPHER *EVP_camellia_256_ecb(void);
800const EVP_CIPHER *EVP_camellia_256_cbc(void);
801const EVP_CIPHER *EVP_camellia_256_cfb1(void);
802const EVP_CIPHER *EVP_camellia_256_cfb8(void);
803const EVP_CIPHER *EVP_camellia_256_cfb128(void);
804# define EVP_camellia_256_cfb EVP_camellia_256_cfb128
805const EVP_CIPHER *EVP_camellia_256_ofb(void);
806#endif
807
808#ifndef OPENSSL_NO_CHACHA
809const EVP_CIPHER *EVP_chacha20(void);
810#endif
811
812#ifndef OPENSSL_NO_GOST
813const EVP_CIPHER *EVP_gost2814789_ecb(void);
814const EVP_CIPHER *EVP_gost2814789_cfb64(void);
815const EVP_CIPHER *EVP_gost2814789_cnt(void);
816#endif
817
818void OPENSSL_add_all_algorithms_noconf(void);
819void OPENSSL_add_all_algorithms_conf(void);
820
821#ifdef OPENSSL_LOAD_CONF
822#define OpenSSL_add_all_algorithms() OPENSSL_add_all_algorithms_conf()
823#else
824#define OpenSSL_add_all_algorithms() OPENSSL_add_all_algorithms_noconf()
825#endif
826
827void OpenSSL_add_all_ciphers(void);
828void OpenSSL_add_all_digests(void);
829
830#define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
831#define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
832#define SSLeay_add_all_digests() OpenSSL_add_all_digests()
833
834int EVP_add_cipher(const EVP_CIPHER *cipher);
835int EVP_add_digest(const EVP_MD *digest);
836
837const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
838const EVP_MD *EVP_get_digestbyname(const char *name);
839void EVP_cleanup(void);
840
841void EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph, const char *from,
842 const char *to, void *x), void *arg);
843void EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph,
844 const char *from, const char *to, void *x), void *arg);
845
846void EVP_MD_do_all(void (*fn)(const EVP_MD *ciph, const char *from,
847 const char *to, void *x), void *arg);
848void EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *ciph, const char *from,
849 const char *to, void *x), void *arg);
850
851int EVP_PKEY_decrypt_old(unsigned char *dec_key, const unsigned char *enc_key,
852 int enc_key_len, EVP_PKEY *private_key);
853int EVP_PKEY_encrypt_old(unsigned char *enc_key, const unsigned char *key,
854 int key_len, EVP_PKEY *pub_key);
855int EVP_PKEY_type(int type);
856int EVP_PKEY_id(const EVP_PKEY *pkey);
857int EVP_PKEY_base_id(const EVP_PKEY *pkey);
858int EVP_PKEY_bits(EVP_PKEY *pkey);
859int EVP_PKEY_size(EVP_PKEY *pkey);
860int EVP_PKEY_set_type(EVP_PKEY *pkey, int type);
861int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
862int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key);
863void *EVP_PKEY_get0(EVP_PKEY *pkey);
864
865#ifndef OPENSSL_NO_RSA
866struct rsa_st;
867int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
868struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
869#endif
870#ifndef OPENSSL_NO_DSA
871struct dsa_st;
872int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key);
873struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
874#endif
875#ifndef OPENSSL_NO_DH
876struct dh_st;
877int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key);
878struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
879#endif
880#ifndef OPENSSL_NO_EC
881struct ec_key_st;
882int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, struct ec_key_st *key);
883struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
884#endif
885#ifndef OPENSSL_NO_GOST
886struct gost_key_st;
887#endif
888
889EVP_PKEY *EVP_PKEY_new(void);
890void EVP_PKEY_free(EVP_PKEY *pkey);
891
892EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
893 long length);
894int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
895
896EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
897 long length);
898EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
899 long length);
900int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
901
902int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
903int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
904int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode);
905int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
906
907int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
908
909int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent,
910 ASN1_PCTX *pctx);
911int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent,
912 ASN1_PCTX *pctx);
913int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent,
914 ASN1_PCTX *pctx);
915
916int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
917
918int EVP_CIPHER_type(const EVP_CIPHER *ctx);
919
920/* calls methods */
921int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
922int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
923
924/* These are used by EVP_CIPHER methods */
925int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
926int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
927
928/* PKCS5 password based encryption */
929int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
930 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de);
931int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
932 const unsigned char *salt, int saltlen, int iter, int keylen,
933 unsigned char *out);
934int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt,
935 int saltlen, int iter, const EVP_MD *digest, int keylen,
936 unsigned char *out);
937int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
938 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
939 int en_de);
940
941void PKCS5_PBE_add(void);
942
943int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
944 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
945
946/* PBE type */
947
948/* Can appear as the outermost AlgorithmIdentifier */
949#define EVP_PBE_TYPE_OUTER 0x0
950/* Is an PRF type OID */
951#define EVP_PBE_TYPE_PRF 0x1
952
953int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
954 EVP_PBE_KEYGEN *keygen);
955int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
956 EVP_PBE_KEYGEN *keygen);
957int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid,
958 EVP_PBE_KEYGEN **pkeygen);
959void EVP_PBE_cleanup(void);
960
961#define ASN1_PKEY_ALIAS 0x1
962#define ASN1_PKEY_DYNAMIC 0x2
963#define ASN1_PKEY_SIGPARAM_NULL 0x4
964
965#define ASN1_PKEY_CTRL_PKCS7_SIGN 0x1
966#define ASN1_PKEY_CTRL_PKCS7_ENCRYPT 0x2
967#define ASN1_PKEY_CTRL_DEFAULT_MD_NID 0x3
968#define ASN1_PKEY_CTRL_CMS_SIGN 0x5
969#define ASN1_PKEY_CTRL_CMS_ENVELOPE 0x7
970
971int EVP_PKEY_asn1_get_count(void);
972const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
973const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
974const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
975 const char *str, int len);
976int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
977int EVP_PKEY_asn1_add_alias(int to, int from);
978int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags,
979 const char **pinfo, const char **ppem_str,
980 const EVP_PKEY_ASN1_METHOD *ameth);
981
982const EVP_PKEY_ASN1_METHOD* EVP_PKEY_get0_asn1(EVP_PKEY *pkey);
983EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags, const char *pem_str,
984 const char *info);
985void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
986 const EVP_PKEY_ASN1_METHOD *src);
987void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
988void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
989 int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub),
990 int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk),
991 int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
992 int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
993 ASN1_PCTX *pctx),
994 int (*pkey_size)(const EVP_PKEY *pk),
995 int (*pkey_bits)(const EVP_PKEY *pk));
996void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
997 int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf),
998 int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk),
999 int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
1000 ASN1_PCTX *pctx));
1001void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
1002 int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen),
1003 int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder),
1004 int (*param_missing)(const EVP_PKEY *pk),
1005 int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from),
1006 int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
1007 int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
1008 ASN1_PCTX *pctx));
1009
1010void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
1011 void (*pkey_free)(EVP_PKEY *pkey));
1012void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
1013 int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2));
1014
1015#define EVP_PKEY_OP_UNDEFINED 0
1016#define EVP_PKEY_OP_PARAMGEN (1<<1)
1017#define EVP_PKEY_OP_KEYGEN (1<<2)
1018#define EVP_PKEY_OP_SIGN (1<<3)
1019#define EVP_PKEY_OP_VERIFY (1<<4)
1020#define EVP_PKEY_OP_VERIFYRECOVER (1<<5)
1021#define EVP_PKEY_OP_SIGNCTX (1<<6)
1022#define EVP_PKEY_OP_VERIFYCTX (1<<7)
1023#define EVP_PKEY_OP_ENCRYPT (1<<8)
1024#define EVP_PKEY_OP_DECRYPT (1<<9)
1025#define EVP_PKEY_OP_DERIVE (1<<10)
1026
1027#define EVP_PKEY_OP_TYPE_SIG \
1028 (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
1029 | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
1030
1031#define EVP_PKEY_OP_TYPE_CRYPT \
1032 (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT)
1033
1034#define EVP_PKEY_OP_TYPE_NOGEN \
1035 (EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE)
1036
1037#define EVP_PKEY_OP_TYPE_GEN \
1038 (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
1039
1040#define EVP_PKEY_CTX_set_signature_md(ctx, md) \
1041 EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \
1042 EVP_PKEY_CTRL_MD, 0, (void *)md)
1043
1044#define EVP_PKEY_CTRL_MD 1
1045#define EVP_PKEY_CTRL_PEER_KEY 2
1046
1047#define EVP_PKEY_CTRL_PKCS7_ENCRYPT 3
1048#define EVP_PKEY_CTRL_PKCS7_DECRYPT 4
1049
1050#define EVP_PKEY_CTRL_PKCS7_SIGN 5
1051
1052#define EVP_PKEY_CTRL_SET_MAC_KEY 6
1053
1054#define EVP_PKEY_CTRL_DIGESTINIT 7
1055
1056/* Used by GOST key encryption in TLS */
1057#define EVP_PKEY_CTRL_SET_IV 8
1058
1059#define EVP_PKEY_CTRL_CMS_ENCRYPT 9
1060#define EVP_PKEY_CTRL_CMS_DECRYPT 10
1061#define EVP_PKEY_CTRL_CMS_SIGN 11
1062
1063#define EVP_PKEY_CTRL_CIPHER 12
1064
1065#define EVP_PKEY_ALG_CTRL 0x1000
1066
1067
1068#define EVP_PKEY_FLAG_AUTOARGLEN 2
1069/* Method handles all operations: don't assume any digest related
1070 * defaults.
1071 */
1072#define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4
1073
1074const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
1075EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags);
1076void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
1077 const EVP_PKEY_METHOD *meth);
1078void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
1079void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
1080int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
1081
1082EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
1083EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
1084EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
1085void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
1086
1087int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd,
1088 int p1, void *p2);
1089int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
1090 const char *value);
1091
1092int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
1093void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
1094
1095EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
1096 int keylen);
1097
1098void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
1099void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
1100EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx);
1101
1102EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx);
1103
1104void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
1105void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
1106
1107int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
1108int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
1109 const unsigned char *tbs, size_t tbslen);
1110int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
1111int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
1112 const unsigned char *tbs, size_t tbslen);
1113int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
1114int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, unsigned char *rout,
1115 size_t *routlen, const unsigned char *sig, size_t siglen);
1116int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
1117int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
1118 const unsigned char *in, size_t inlen);
1119int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
1120int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
1121 const unsigned char *in, size_t inlen);
1122
1123int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
1124int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
1125int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
1126
1127typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
1128
1129int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
1130int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
1131int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
1132int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
1133
1134void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
1135EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
1136
1137int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
1138
1139void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
1140 int (*init)(EVP_PKEY_CTX *ctx));
1141
1142void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
1143 int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src));
1144
1145void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
1146 void (*cleanup)(EVP_PKEY_CTX *ctx));
1147
1148void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
1149 int (*paramgen_init)(EVP_PKEY_CTX *ctx),
1150 int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
1151
1152void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
1153 int (*keygen_init)(EVP_PKEY_CTX *ctx),
1154 int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
1155
1156void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
1157 int (*sign_init)(EVP_PKEY_CTX *ctx),
1158 int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
1159 const unsigned char *tbs, size_t tbslen));
1160
1161void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
1162 int (*verify_init)(EVP_PKEY_CTX *ctx),
1163 int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
1164 const unsigned char *tbs, size_t tbslen));
1165
1166void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
1167 int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
1168 int (*verify_recover)(EVP_PKEY_CTX *ctx, unsigned char *sig,
1169 size_t *siglen, const unsigned char *tbs, size_t tbslen));
1170
1171void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
1172 int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
1173 int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
1174 EVP_MD_CTX *mctx));
1175
1176void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
1177 int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
1178 int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
1179 EVP_MD_CTX *mctx));
1180
1181void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
1182 int (*encrypt_init)(EVP_PKEY_CTX *ctx),
1183 int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
1184 const unsigned char *in, size_t inlen));
1185
1186void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
1187 int (*decrypt_init)(EVP_PKEY_CTX *ctx),
1188 int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
1189 const unsigned char *in, size_t inlen));
1190
1191void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
1192 int (*derive_init)(EVP_PKEY_CTX *ctx),
1193 int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen));
1194
1195void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
1196 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
1197 int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value));
1198
1199/* Authenticated Encryption with Additional Data.
1200 *
1201 * AEAD couples confidentiality and integrity in a single primtive. AEAD
1202 * algorithms take a key and then can seal and open individual messages. Each
1203 * message has a unique, per-message nonce and, optionally, additional data
1204 * which is authenticated but not included in the output. */
1205
1206struct evp_aead_st;
1207typedef struct evp_aead_st EVP_AEAD;
1208
1209#ifndef OPENSSL_NO_AES
1210/* EVP_aes_128_gcm is AES-128 in Galois Counter Mode. */
1211const EVP_AEAD *EVP_aead_aes_128_gcm(void);
1212/* EVP_aes_256_gcm is AES-256 in Galois Counter Mode. */
1213const EVP_AEAD *EVP_aead_aes_256_gcm(void);
1214#endif
1215
1216#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1217/* EVP_aead_chacha20_poly1305 is ChaCha20 with a Poly1305 authenticator. */
1218const EVP_AEAD *EVP_aead_chacha20_poly1305(void);
1219#endif
1220
1221/* EVP_AEAD_key_length returns the length of the keys used. */
1222size_t EVP_AEAD_key_length(const EVP_AEAD *aead);
1223
1224/* EVP_AEAD_nonce_length returns the length of the per-message nonce. */
1225size_t EVP_AEAD_nonce_length(const EVP_AEAD *aead);
1226
1227/* EVP_AEAD_max_overhead returns the maximum number of additional bytes added
1228 * by the act of sealing data with the AEAD. */
1229size_t EVP_AEAD_max_overhead(const EVP_AEAD *aead);
1230
1231/* EVP_AEAD_max_tag_len returns the maximum tag length when using this AEAD.
1232 * This * is the largest value that can be passed as a tag length to
1233 * EVP_AEAD_CTX_init. */
1234size_t EVP_AEAD_max_tag_len(const EVP_AEAD *aead);
1235
1236/* An EVP_AEAD_CTX represents an AEAD algorithm configured with a specific key
1237 * and message-independent IV. */
1238typedef struct evp_aead_ctx_st {
1239 const EVP_AEAD *aead;
1240 /* aead_state is an opaque pointer to the AEAD specific state. */
1241 void *aead_state;
1242} EVP_AEAD_CTX;
1243
1244/* EVP_AEAD_MAX_TAG_LENGTH is the maximum tag length used by any AEAD
1245 * defined in this header. */
1246#define EVP_AEAD_MAX_TAG_LENGTH 16
1247
1248/* EVP_AEAD_DEFAULT_TAG_LENGTH is a magic value that can be passed to
1249 * EVP_AEAD_CTX_init to indicate that the default tag length for an AEAD
1250 * should be used. */
1251#define EVP_AEAD_DEFAULT_TAG_LENGTH 0
1252
1253/* EVP_AEAD_init initializes the context for the given AEAD algorithm.
1254 * The implementation argument may be NULL to choose the default implementation.
1255 * Authentication tags may be truncated by passing a tag length. A tag length
1256 * of zero indicates the default tag length should be used. */
1257int EVP_AEAD_CTX_init(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead,
1258 const unsigned char *key, size_t key_len, size_t tag_len, ENGINE *impl);
1259
1260/* EVP_AEAD_CTX_cleanup frees any data allocated for this context. */
1261void EVP_AEAD_CTX_cleanup(EVP_AEAD_CTX *ctx);
1262
1263/* EVP_AEAD_CTX_seal encrypts and authenticates the input and authenticates
1264 * any additional data (AD), the result being written as output. One is
1265 * returned on success, otherwise zero.
1266 *
1267 * This function may be called (with the same EVP_AEAD_CTX) concurrently with
1268 * itself or EVP_AEAD_CTX_open.
1269 *
1270 * At most max_out_len bytes are written as output and, in order to ensure
1271 * success, this value should be the length of the input plus the result of
1272 * EVP_AEAD_overhead. On successful return, out_len is set to the actual
1273 * number of bytes written.
1274 *
1275 * The length of the nonce is must be equal to the result of
1276 * EVP_AEAD_nonce_length for this AEAD.
1277 *
1278 * EVP_AEAD_CTX_seal never results in a partial output. If max_out_len is
1279 * insufficient, zero will be returned and out_len will be set to zero.
1280 *
1281 * If the input and output are aliased then out must be <= in. */
1282int EVP_AEAD_CTX_seal(const EVP_AEAD_CTX *ctx, unsigned char *out,
1283 size_t *out_len, size_t max_out_len, const unsigned char *nonce,
1284 size_t nonce_len, const unsigned char *in, size_t in_len,
1285 const unsigned char *ad, size_t ad_len);
1286
1287/* EVP_AEAD_CTX_open authenticates the input and additional data, decrypting
1288 * the input and writing it as output. One is returned on success, otherwise
1289 * zero.
1290 *
1291 * This function may be called (with the same EVP_AEAD_CTX) concurrently with
1292 * itself or EVP_AEAD_CTX_seal.
1293 *
1294 * At most the number of input bytes are written as output. In order to ensure
1295 * success, max_out_len should be at least the same as the input length. On
1296 * successful return out_len is set to the actual number of bytes written.
1297 *
1298 * The length of nonce must be equal to the result of EVP_AEAD_nonce_length
1299 * for this AEAD.
1300 *
1301 * EVP_AEAD_CTX_open never results in a partial output. If max_out_len is
1302 * insufficient, zero will be returned and out_len will be set to zero.
1303 *
1304 * If the input and output are aliased then out must be <= in. */
1305int EVP_AEAD_CTX_open(const EVP_AEAD_CTX *ctx, unsigned char *out,
1306 size_t *out_len, size_t max_out_len, const unsigned char *nonce,
1307 size_t nonce_len, const unsigned char *in, size_t in_len,
1308 const unsigned char *ad, size_t ad_len);
1309
1310void EVP_add_alg_module(void);
1311
1312/* BEGIN ERROR CODES */
1313/* The following lines are auto generated by the script mkerr.pl. Any changes
1314 * made after this point may be overwritten when the script is next run.
1315 */
1316void ERR_load_EVP_strings(void);
1317
1318/* Error codes for the EVP functions. */
1319
1320/* Function codes. */
1321#define EVP_F_AEAD_AES_GCM_INIT 187
1322#define EVP_F_AEAD_AES_GCM_OPEN 188
1323#define EVP_F_AEAD_AES_GCM_SEAL 189
1324#define EVP_F_AEAD_CHACHA20_POLY1305_INIT 192
1325#define EVP_F_AEAD_CHACHA20_POLY1305_OPEN 193
1326#define EVP_F_AEAD_CHACHA20_POLY1305_SEAL 194
1327#define EVP_F_AEAD_CTX_OPEN 185
1328#define EVP_F_AEAD_CTX_SEAL 186
1329#define EVP_F_AESNI_INIT_KEY 165
1330#define EVP_F_AESNI_XTS_CIPHER 176
1331#define EVP_F_AES_INIT_KEY 133
1332#define EVP_F_AES_XTS 172
1333#define EVP_F_AES_XTS_CIPHER 175
1334#define EVP_F_ALG_MODULE_INIT 177
1335#define EVP_F_CAMELLIA_INIT_KEY 159
1336#define EVP_F_CMAC_INIT 173
1337#define EVP_F_D2I_PKEY 100
1338#define EVP_F_DO_SIGVER_INIT 161
1339#define EVP_F_DSAPKEY2PKCS8 134
1340#define EVP_F_DSA_PKEY2PKCS8 135
1341#define EVP_F_ECDSA_PKEY2PKCS8 129
1342#define EVP_F_ECKEY_PKEY2PKCS8 132
1343#define EVP_F_EVP_AEAD_CTX_INIT 180
1344#define EVP_F_EVP_AEAD_CTX_OPEN 190
1345#define EVP_F_EVP_AEAD_CTX_SEAL 191
1346#define EVP_F_EVP_BYTESTOKEY 200
1347#define EVP_F_EVP_CIPHERINIT_EX 123
1348#define EVP_F_EVP_CIPHER_CTX_COPY 163
1349#define EVP_F_EVP_CIPHER_CTX_CTRL 124
1350#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
1351#define EVP_F_EVP_CIPHER_GET_ASN1_IV 201
1352#define EVP_F_EVP_CIPHER_SET_ASN1_IV 202
1353#define EVP_F_EVP_DECRYPTFINAL_EX 101
1354#define EVP_F_EVP_DECRYPTUPDATE 199
1355#define EVP_F_EVP_DIGESTFINAL_EX 196
1356#define EVP_F_EVP_DIGESTINIT_EX 128
1357#define EVP_F_EVP_ENCRYPTFINAL_EX 127
1358#define EVP_F_EVP_ENCRYPTUPDATE 198
1359#define EVP_F_EVP_MD_CTX_COPY_EX 110
1360#define EVP_F_EVP_MD_CTX_CTRL 195
1361#define EVP_F_EVP_MD_SIZE 162
1362#define EVP_F_EVP_OPENINIT 102
1363#define EVP_F_EVP_PBE_ALG_ADD 115
1364#define EVP_F_EVP_PBE_ALG_ADD_TYPE 160
1365#define EVP_F_EVP_PBE_CIPHERINIT 116
1366#define EVP_F_EVP_PKCS82PKEY 111
1367#define EVP_F_EVP_PKCS82PKEY_BROKEN 136
1368#define EVP_F_EVP_PKEY2PKCS8_BROKEN 113
1369#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
1370#define EVP_F_EVP_PKEY_CTX_CTRL 137
1371#define EVP_F_EVP_PKEY_CTX_CTRL_STR 150
1372#define EVP_F_EVP_PKEY_CTX_DUP 156
1373#define EVP_F_EVP_PKEY_DECRYPT 104
1374#define EVP_F_EVP_PKEY_DECRYPT_INIT 138
1375#define EVP_F_EVP_PKEY_DECRYPT_OLD 151
1376#define EVP_F_EVP_PKEY_DERIVE 153
1377#define EVP_F_EVP_PKEY_DERIVE_INIT 154
1378#define EVP_F_EVP_PKEY_DERIVE_SET_PEER 155
1379#define EVP_F_EVP_PKEY_ENCRYPT 105
1380#define EVP_F_EVP_PKEY_ENCRYPT_INIT 139
1381#define EVP_F_EVP_PKEY_ENCRYPT_OLD 152
1382#define EVP_F_EVP_PKEY_GET1_DH 119
1383#define EVP_F_EVP_PKEY_GET1_DSA 120
1384#define EVP_F_EVP_PKEY_GET1_ECDSA 130
1385#define EVP_F_EVP_PKEY_GET1_EC_KEY 131
1386#define EVP_F_EVP_PKEY_GET1_RSA 121
1387#define EVP_F_EVP_PKEY_KEYGEN 146
1388#define EVP_F_EVP_PKEY_KEYGEN_INIT 147
1389#define EVP_F_EVP_PKEY_NEW 106
1390#define EVP_F_EVP_PKEY_PARAMGEN 148
1391#define EVP_F_EVP_PKEY_PARAMGEN_INIT 149
1392#define EVP_F_EVP_PKEY_SIGN 140
1393#define EVP_F_EVP_PKEY_SIGN_INIT 141
1394#define EVP_F_EVP_PKEY_VERIFY 142
1395#define EVP_F_EVP_PKEY_VERIFY_INIT 143
1396#define EVP_F_EVP_PKEY_VERIFY_RECOVER 144
1397#define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 145
1398#define EVP_F_EVP_RIJNDAEL 126
1399#define EVP_F_EVP_SIGNFINAL 107
1400#define EVP_F_EVP_VERIFYFINAL 108
1401#define EVP_F_FIPS_CIPHERINIT 166
1402#define EVP_F_FIPS_CIPHER_CTX_COPY 170
1403#define EVP_F_FIPS_CIPHER_CTX_CTRL 167
1404#define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH 171
1405#define EVP_F_FIPS_DIGESTINIT 168
1406#define EVP_F_FIPS_MD_CTX_COPY 169
1407#define EVP_F_HMAC_INIT_EX 174
1408#define EVP_F_INT_CTX_NEW 157
1409#define EVP_F_PKCS5_PBE_KEYIVGEN 117
1410#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
1411#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
1412#define EVP_F_PKCS8_SET_BROKEN 112
1413#define EVP_F_PKEY_SET_TYPE 158
1414#define EVP_F_RC2_GET_ASN1_TYPE_AND_IV 197
1415#define EVP_F_RC2_MAGIC_TO_METH 109
1416#define EVP_F_RC5_CTRL 125
1417
1418/* Reason codes. */
1419#define EVP_R_AES_IV_SETUP_FAILED 162
1420#define EVP_R_AES_KEY_SETUP_FAILED 143
1421#define EVP_R_ASN1_LIB 140
1422#define EVP_R_BAD_BLOCK_LENGTH 136
1423#define EVP_R_BAD_DECRYPT 100
1424#define EVP_R_BAD_KEY_LENGTH 137
1425#define EVP_R_BN_DECODE_ERROR 112
1426#define EVP_R_BN_PUBKEY_ERROR 113
1427#define EVP_R_BUFFER_TOO_SMALL 155
1428#define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157
1429#define EVP_R_CIPHER_PARAMETER_ERROR 122
1430#define EVP_R_COMMAND_NOT_SUPPORTED 147
1431#define EVP_R_CTRL_NOT_IMPLEMENTED 132
1432#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
1433#define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138
1434#define EVP_R_DECODE_ERROR 114
1435#define EVP_R_DIFFERENT_KEY_TYPES 101
1436#define EVP_R_DIFFERENT_PARAMETERS 153
1437#define EVP_R_DISABLED_FOR_FIPS 163
1438#define EVP_R_ENCODE_ERROR 115
1439#define EVP_R_ERROR_LOADING_SECTION 165
1440#define EVP_R_ERROR_SETTING_FIPS_MODE 166
1441#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
1442#define EVP_R_EXPECTING_AN_RSA_KEY 127
1443#define EVP_R_EXPECTING_A_DH_KEY 128
1444#define EVP_R_EXPECTING_A_DSA_KEY 129
1445#define EVP_R_EXPECTING_A_ECDSA_KEY 141
1446#define EVP_R_EXPECTING_A_EC_KEY 142
1447#define EVP_R_FIPS_MODE_NOT_SUPPORTED 167
1448#define EVP_R_INITIALIZATION_ERROR 134
1449#define EVP_R_INPUT_NOT_INITIALIZED 111
1450#define EVP_R_INVALID_DIGEST 152
1451#define EVP_R_INVALID_FIPS_MODE 168
1452#define EVP_R_INVALID_KEY_LENGTH 130
1453#define EVP_R_INVALID_OPERATION 148
1454#define EVP_R_IV_TOO_LARGE 102
1455#define EVP_R_KEYGEN_FAILURE 120
1456#define EVP_R_MESSAGE_DIGEST_IS_NULL 159
1457#define EVP_R_METHOD_NOT_SUPPORTED 144
1458#define EVP_R_MISSING_PARAMETERS 103
1459#define EVP_R_NO_CIPHER_SET 131
1460#define EVP_R_NO_DEFAULT_DIGEST 158
1461#define EVP_R_NO_DIGEST_SET 139
1462#define EVP_R_NO_DSA_PARAMETERS 116
1463#define EVP_R_NO_KEY_SET 154
1464#define EVP_R_NO_OPERATION_SET 149
1465#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
1466#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
1467#define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
1468#define EVP_R_OPERATON_NOT_INITIALIZED 151
1469#define EVP_R_OUTPUT_ALIASES_INPUT 172
1470#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
1471#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
1472#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
1473#define EVP_R_PUBLIC_KEY_NOT_RSA 106
1474#define EVP_R_TAG_TOO_LARGE 171
1475#define EVP_R_TOO_LARGE 164
1476#define EVP_R_UNKNOWN_CIPHER 160
1477#define EVP_R_UNKNOWN_DIGEST 161
1478#define EVP_R_UNKNOWN_OPTION 169
1479#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
1480#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
1481#define EVP_R_UNSUPPORTED_ALGORITHM 156
1482#define EVP_R_UNSUPPORTED_CIPHER 107
1483#define EVP_R_UNSUPPORTED_KEYLENGTH 123
1484#define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
1485#define EVP_R_UNSUPPORTED_KEY_SIZE 108
1486#define EVP_R_UNSUPPORTED_PRF 125
1487#define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118
1488#define EVP_R_UNSUPPORTED_SALT_TYPE 126
1489#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
1490#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
1491
1492#ifdef __cplusplus
1493}
1494#endif
1495#endif
diff --git a/src/lib/libcrypto/evp/evp_aead.c b/src/lib/libcrypto/evp/evp_aead.c
deleted file mode 100644
index 197b7f515f..0000000000
--- a/src/lib/libcrypto/evp/evp_aead.c
+++ /dev/null
@@ -1,144 +0,0 @@
1/* $OpenBSD: evp_aead.c,v 1.5 2014/06/21 15:30:36 jsing Exp $ */
2/*
3 * Copyright (c) 2014, Google Inc.
4 *
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
12 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
14 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
15 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <limits.h>
19#include <string.h>
20
21#include <openssl/evp.h>
22#include <openssl/err.h>
23
24#include "evp_locl.h"
25
26size_t
27EVP_AEAD_key_length(const EVP_AEAD *aead)
28{
29 return aead->key_len;
30}
31
32size_t
33EVP_AEAD_nonce_length(const EVP_AEAD *aead)
34{
35 return aead->nonce_len;
36}
37
38size_t
39EVP_AEAD_max_overhead(const EVP_AEAD *aead)
40{
41 return aead->overhead;
42}
43
44size_t
45EVP_AEAD_max_tag_len(const EVP_AEAD *aead)
46{
47 return aead->max_tag_len;
48}
49
50int
51EVP_AEAD_CTX_init(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead,
52 const unsigned char *key, size_t key_len, size_t tag_len, ENGINE *impl)
53{
54 ctx->aead = aead;
55 if (key_len != aead->key_len) {
56 EVPerr(EVP_F_EVP_AEAD_CTX_INIT, EVP_R_UNSUPPORTED_KEY_SIZE);
57 return 0;
58 }
59 return aead->init(ctx, key, key_len, tag_len);
60}
61
62void
63EVP_AEAD_CTX_cleanup(EVP_AEAD_CTX *ctx)
64{
65 if (ctx->aead == NULL)
66 return;
67 ctx->aead->cleanup(ctx);
68 ctx->aead = NULL;
69}
70
71/* check_alias returns 0 if out points within the buffer determined by in
72 * and in_len and 1 otherwise.
73 *
74 * When processing, there's only an issue if out points within in[:in_len]
75 * and isn't equal to in. If that's the case then writing the output will
76 * stomp input that hasn't been read yet.
77 *
78 * This function checks for that case. */
79static int
80check_alias(const unsigned char *in, size_t in_len, const unsigned char *out)
81{
82 if (out <= in)
83 return 1;
84 if (in + in_len <= out)
85 return 1;
86 return 0;
87}
88
89int
90EVP_AEAD_CTX_seal(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len,
91 size_t max_out_len, const unsigned char *nonce, size_t nonce_len,
92 const unsigned char *in, size_t in_len, const unsigned char *ad,
93 size_t ad_len)
94{
95 size_t possible_out_len = in_len + ctx->aead->overhead;
96
97 /* Overflow. */
98 if (possible_out_len < in_len) {
99 EVPerr(EVP_F_AEAD_CTX_SEAL, EVP_R_TOO_LARGE);
100 goto error;
101 }
102
103 if (!check_alias(in, in_len, out)) {
104 EVPerr(EVP_F_AEAD_CTX_SEAL, EVP_R_OUTPUT_ALIASES_INPUT);
105 goto error;
106 }
107
108 if (ctx->aead->seal(ctx, out, out_len, max_out_len, nonce, nonce_len,
109 in, in_len, ad, ad_len)) {
110 return 1;
111 }
112
113error:
114 /* In the event of an error, clear the output buffer so that a caller
115 * that doesn't check the return value doesn't send raw data. */
116 memset(out, 0, max_out_len);
117 *out_len = 0;
118 return 0;
119}
120
121int
122EVP_AEAD_CTX_open(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len,
123 size_t max_out_len, const unsigned char *nonce, size_t nonce_len,
124 const unsigned char *in, size_t in_len, const unsigned char *ad,
125 size_t ad_len)
126{
127 if (!check_alias(in, in_len, out)) {
128 EVPerr(EVP_F_AEAD_CTX_OPEN, EVP_R_OUTPUT_ALIASES_INPUT);
129 goto error;
130 }
131
132 if (ctx->aead->open(ctx, out, out_len, max_out_len, nonce, nonce_len,
133 in, in_len, ad, ad_len)) {
134 return 1;
135 }
136
137error:
138 /* In the event of an error, clear the output buffer so that a caller
139 * that doesn't check the return value doesn't try and process bad
140 * data. */
141 memset(out, 0, max_out_len);
142 *out_len = 0;
143 return 0;
144}
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
deleted file mode 100644
index 42ccfceec9..0000000000
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ /dev/null
@@ -1,668 +0,0 @@
1/* $OpenBSD: evp_enc.c,v 1.26 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62
63#include <openssl/opensslconf.h>
64
65#include <openssl/err.h>
66#include <openssl/evp.h>
67
68#ifndef OPENSSL_NO_ENGINE
69#include <openssl/engine.h>
70#endif
71
72#include "evp_locl.h"
73
74#define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl)
75
76void
77EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
78{
79 memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
80}
81
82EVP_CIPHER_CTX *
83EVP_CIPHER_CTX_new(void)
84{
85 return calloc(1, sizeof(EVP_CIPHER_CTX));
86}
87
88int
89EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
90 const unsigned char *key, const unsigned char *iv, int enc)
91{
92 if (cipher)
93 EVP_CIPHER_CTX_init(ctx);
94 return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc);
95}
96
97int
98EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
99 const unsigned char *key, const unsigned char *iv, int enc)
100{
101 if (enc == -1)
102 enc = ctx->encrypt;
103 else {
104 if (enc)
105 enc = 1;
106 ctx->encrypt = enc;
107 }
108#ifndef OPENSSL_NO_ENGINE
109 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
110 * so this context may already have an ENGINE! Try to avoid releasing
111 * the previous handle, re-querying for an ENGINE, and having a
112 * reinitialisation, when it may all be unecessary. */
113 if (ctx->engine && ctx->cipher &&
114 (!cipher || (cipher && (cipher->nid == ctx->cipher->nid))))
115 goto skip_to_init;
116#endif
117 if (cipher) {
118 /* Ensure a context left lying around from last time is cleared
119 * (the previous check attempted to avoid this if the same
120 * ENGINE and EVP_CIPHER could be used). */
121 if (ctx->cipher) {
122 unsigned long flags = ctx->flags;
123 EVP_CIPHER_CTX_cleanup(ctx);
124 /* Restore encrypt and flags */
125 ctx->encrypt = enc;
126 ctx->flags = flags;
127 }
128#ifndef OPENSSL_NO_ENGINE
129 if (impl) {
130 if (!ENGINE_init(impl)) {
131 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
132 EVP_R_INITIALIZATION_ERROR);
133 return 0;
134 }
135 } else
136 /* Ask if an ENGINE is reserved for this job */
137 impl = ENGINE_get_cipher_engine(cipher->nid);
138 if (impl) {
139 /* There's an ENGINE for this job ... (apparently) */
140 const EVP_CIPHER *c =
141 ENGINE_get_cipher(impl, cipher->nid);
142 if (!c) {
143 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
144 EVP_R_INITIALIZATION_ERROR);
145 return 0;
146 }
147 /* We'll use the ENGINE's private cipher definition */
148 cipher = c;
149 /* Store the ENGINE functional reference so we know
150 * 'cipher' came from an ENGINE and we need to release
151 * it when done. */
152 ctx->engine = impl;
153 } else
154 ctx->engine = NULL;
155#endif
156
157 ctx->cipher = cipher;
158 if (ctx->cipher->ctx_size) {
159 ctx->cipher_data = malloc(ctx->cipher->ctx_size);
160 if (!ctx->cipher_data) {
161 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
162 ERR_R_MALLOC_FAILURE);
163 return 0;
164 }
165 } else {
166 ctx->cipher_data = NULL;
167 }
168 ctx->key_len = cipher->key_len;
169 ctx->flags = 0;
170 if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
171 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
172 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
173 EVP_R_INITIALIZATION_ERROR);
174 return 0;
175 }
176 }
177 } else if (!ctx->cipher) {
178 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET);
179 return 0;
180 }
181#ifndef OPENSSL_NO_ENGINE
182skip_to_init:
183#endif
184 /* we assume block size is a power of 2 in *cryptUpdate */
185 if (ctx->cipher->block_size != 1 &&
186 ctx->cipher->block_size != 8 &&
187 ctx->cipher->block_size != 16) {
188 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_BAD_BLOCK_LENGTH);
189 return 0;
190 }
191
192 if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
193 switch (EVP_CIPHER_CTX_mode(ctx)) {
194
195 case EVP_CIPH_STREAM_CIPHER:
196 case EVP_CIPH_ECB_MODE:
197 break;
198
199 case EVP_CIPH_CFB_MODE:
200 case EVP_CIPH_OFB_MODE:
201
202 ctx->num = 0;
203 /* fall-through */
204
205 case EVP_CIPH_CBC_MODE:
206
207 if ((size_t)EVP_CIPHER_CTX_iv_length(ctx) >
208 sizeof(ctx->iv)) {
209 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
210 EVP_R_IV_TOO_LARGE);
211 return 0;
212 }
213 if (iv)
214 memcpy(ctx->oiv, iv,
215 EVP_CIPHER_CTX_iv_length(ctx));
216 memcpy(ctx->iv, ctx->oiv,
217 EVP_CIPHER_CTX_iv_length(ctx));
218 break;
219
220 case EVP_CIPH_CTR_MODE:
221 ctx->num = 0;
222 /* Don't reuse IV for CTR mode */
223 if (iv)
224 memcpy(ctx->iv, iv,
225 EVP_CIPHER_CTX_iv_length(ctx));
226 break;
227
228 default:
229 return 0;
230 break;
231 }
232 }
233
234 if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
235 if (!ctx->cipher->init(ctx, key, iv, enc))
236 return 0;
237 }
238 ctx->buf_len = 0;
239 ctx->final_used = 0;
240 ctx->block_mask = ctx->cipher->block_size - 1;
241 return 1;
242}
243
244int
245EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
246 const unsigned char *in, int inl)
247{
248 if (ctx->encrypt)
249 return EVP_EncryptUpdate(ctx, out, outl, in, inl);
250 else
251 return EVP_DecryptUpdate(ctx, out, outl, in, inl);
252}
253
254int
255EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
256{
257 if (ctx->encrypt)
258 return EVP_EncryptFinal_ex(ctx, out, outl);
259 else
260 return EVP_DecryptFinal_ex(ctx, out, outl);
261}
262
263int
264EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
265{
266 if (ctx->encrypt)
267 return EVP_EncryptFinal(ctx, out, outl);
268 else
269 return EVP_DecryptFinal(ctx, out, outl);
270}
271
272int
273EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
274 const unsigned char *key, const unsigned char *iv)
275{
276 return EVP_CipherInit(ctx, cipher, key, iv, 1);
277}
278
279int
280EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
281 const unsigned char *key, const unsigned char *iv)
282{
283 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
284}
285
286int
287EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
288 const unsigned char *key, const unsigned char *iv)
289{
290 return EVP_CipherInit(ctx, cipher, key, iv, 0);
291}
292
293int
294EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
295 const unsigned char *key, const unsigned char *iv)
296{
297 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
298}
299
300int
301EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
302 const unsigned char *in, int inl)
303{
304 int i, j, bl;
305
306 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
307 i = M_do_cipher(ctx, out, in, inl);
308 if (i < 0)
309 return 0;
310 else
311 *outl = i;
312 return 1;
313 }
314
315 if (inl <= 0) {
316 *outl = 0;
317 return inl == 0;
318 }
319
320 if (ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) {
321 if (M_do_cipher(ctx, out, in, inl)) {
322 *outl = inl;
323 return 1;
324 } else {
325 *outl = 0;
326 return 0;
327 }
328 }
329 i = ctx->buf_len;
330 bl = ctx->cipher->block_size;
331 if ((size_t)bl > sizeof(ctx->buf)) {
332 EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH);
333 *outl = 0;
334 return 0;
335 }
336 if (i != 0) {
337 if (i + inl < bl) {
338 memcpy(&(ctx->buf[i]), in, inl);
339 ctx->buf_len += inl;
340 *outl = 0;
341 return 1;
342 } else {
343 j = bl - i;
344 memcpy(&(ctx->buf[i]), in, j);
345 if (!M_do_cipher(ctx, out, ctx->buf, bl))
346 return 0;
347 inl -= j;
348 in += j;
349 out += bl;
350 *outl = bl;
351 }
352 } else
353 *outl = 0;
354 i = inl&(bl - 1);
355 inl -= i;
356 if (inl > 0) {
357 if (!M_do_cipher(ctx, out, in, inl))
358 return 0;
359 *outl += inl;
360 }
361
362 if (i != 0)
363 memcpy(ctx->buf, &(in[inl]), i);
364 ctx->buf_len = i;
365 return 1;
366}
367
368int
369EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
370{
371 int ret;
372
373 ret = EVP_EncryptFinal_ex(ctx, out, outl);
374 return ret;
375}
376
377int
378EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
379{
380 int n, ret;
381 unsigned int i, b, bl;
382
383 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
384 ret = M_do_cipher(ctx, out, NULL, 0);
385 if (ret < 0)
386 return 0;
387 else
388 *outl = ret;
389 return 1;
390 }
391
392 b = ctx->cipher->block_size;
393 if (b > sizeof ctx->buf) {
394 EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_BAD_BLOCK_LENGTH);
395 return 0;
396 }
397 if (b == 1) {
398 *outl = 0;
399 return 1;
400 }
401 bl = ctx->buf_len;
402 if (ctx->flags & EVP_CIPH_NO_PADDING) {
403 if (bl) {
404 EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,
405 EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
406 return 0;
407 }
408 *outl = 0;
409 return 1;
410 }
411
412 n = b - bl;
413 for (i = bl; i < b; i++)
414 ctx->buf[i] = n;
415 ret = M_do_cipher(ctx, out, ctx->buf, b);
416
417
418 if (ret)
419 *outl = b;
420
421 return ret;
422}
423
424int
425EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
426 const unsigned char *in, int inl)
427{
428 int fix_len;
429 unsigned int b;
430
431 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
432 fix_len = M_do_cipher(ctx, out, in, inl);
433 if (fix_len < 0) {
434 *outl = 0;
435 return 0;
436 } else
437 *outl = fix_len;
438 return 1;
439 }
440
441 if (inl <= 0) {
442 *outl = 0;
443 return inl == 0;
444 }
445
446 if (ctx->flags & EVP_CIPH_NO_PADDING)
447 return EVP_EncryptUpdate(ctx, out, outl, in, inl);
448
449 b = ctx->cipher->block_size;
450 if (b > sizeof ctx->final) {
451 EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH);
452 return 0;
453 }
454
455 if (ctx->final_used) {
456 memcpy(out, ctx->final, b);
457 out += b;
458 fix_len = 1;
459 } else
460 fix_len = 0;
461
462
463 if (!EVP_EncryptUpdate(ctx, out, outl, in, inl))
464 return 0;
465
466 /* if we have 'decrypted' a multiple of block size, make sure
467 * we have a copy of this last block */
468 if (b > 1 && !ctx->buf_len) {
469 *outl -= b;
470 ctx->final_used = 1;
471 memcpy(ctx->final, &out[*outl], b);
472 } else
473 ctx->final_used = 0;
474
475 if (fix_len)
476 *outl += b;
477
478 return 1;
479}
480
481int
482EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
483{
484 int ret;
485
486 ret = EVP_DecryptFinal_ex(ctx, out, outl);
487 return ret;
488}
489
490int
491EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
492{
493 int i, n;
494 unsigned int b;
495 *outl = 0;
496
497 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
498 i = M_do_cipher(ctx, out, NULL, 0);
499 if (i < 0)
500 return 0;
501 else
502 *outl = i;
503 return 1;
504 }
505
506 b = ctx->cipher->block_size;
507 if (ctx->flags & EVP_CIPH_NO_PADDING) {
508 if (ctx->buf_len) {
509 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
510 EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
511 return 0;
512 }
513 *outl = 0;
514 return 1;
515 }
516 if (b > 1) {
517 if (ctx->buf_len || !ctx->final_used) {
518 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
519 EVP_R_WRONG_FINAL_BLOCK_LENGTH);
520 return (0);
521 }
522 if (b > sizeof ctx->final) {
523 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
524 EVP_R_BAD_BLOCK_LENGTH);
525 return 0;
526 }
527 n = ctx->final[b - 1];
528 if (n == 0 || n > (int)b) {
529 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
530 return (0);
531 }
532 for (i = 0; i < n; i++) {
533 if (ctx->final[--b] != n) {
534 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
535 EVP_R_BAD_DECRYPT);
536 return (0);
537 }
538 }
539 n = ctx->cipher->block_size - n;
540 for (i = 0; i < n; i++)
541 out[i] = ctx->final[i];
542 *outl = n;
543 } else
544 *outl = 0;
545 return (1);
546}
547
548void
549EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
550{
551 if (ctx) {
552 EVP_CIPHER_CTX_cleanup(ctx);
553 free(ctx);
554 }
555}
556
557int
558EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
559{
560 if (c->cipher != NULL) {
561 if (c->cipher->cleanup && !c->cipher->cleanup(c))
562 return 0;
563 /* Cleanse cipher context data */
564 if (c->cipher_data)
565 OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
566 }
567 free(c->cipher_data);
568#ifndef OPENSSL_NO_ENGINE
569 if (c->engine)
570 /* The EVP_CIPHER we used belongs to an ENGINE, release the
571 * functional reference we held for this reason. */
572 ENGINE_finish(c->engine);
573#endif
574 memset(c, 0, sizeof(EVP_CIPHER_CTX));
575 return 1;
576}
577
578int
579EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
580{
581 if (c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
582 return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH,
583 keylen, NULL);
584 if (c->key_len == keylen)
585 return 1;
586 if ((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) {
587 c->key_len = keylen;
588 return 1;
589 }
590 EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH, EVP_R_INVALID_KEY_LENGTH);
591 return 0;
592}
593
594int
595EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
596{
597 if (pad)
598 ctx->flags &= ~EVP_CIPH_NO_PADDING;
599 else
600 ctx->flags |= EVP_CIPH_NO_PADDING;
601 return 1;
602}
603
604int
605EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
606{
607 int ret;
608
609 if (!ctx->cipher) {
610 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
611 return 0;
612 }
613
614 if (!ctx->cipher->ctrl) {
615 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
616 return 0;
617 }
618
619 ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
620 if (ret == -1) {
621 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL,
622 EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
623 return 0;
624 }
625 return ret;
626}
627
628int
629EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
630{
631 if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
632 return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
633 arc4random_buf(key, ctx->key_len);
634 return 1;
635}
636
637int
638EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
639{
640 if ((in == NULL) || (in->cipher == NULL)) {
641 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INPUT_NOT_INITIALIZED);
642 return 0;
643 }
644#ifndef OPENSSL_NO_ENGINE
645 /* Make sure it's safe to copy a cipher context using an ENGINE */
646 if (in->engine && !ENGINE_init(in->engine)) {
647 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_ENGINE_LIB);
648 return 0;
649 }
650#endif
651
652 EVP_CIPHER_CTX_cleanup(out);
653 memcpy(out, in, sizeof *out);
654
655 if (in->cipher_data && in->cipher->ctx_size) {
656 out->cipher_data = malloc(in->cipher->ctx_size);
657 if (!out->cipher_data) {
658 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE);
659 return 0;
660 }
661 memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
662 }
663
664 if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
665 return in->cipher->ctrl((EVP_CIPHER_CTX *)in,
666 EVP_CTRL_COPY, 0, out);
667 return 1;
668}
diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c
deleted file mode 100644
index dadd5365a0..0000000000
--- a/src/lib/libcrypto/evp/evp_err.c
+++ /dev/null
@@ -1,261 +0,0 @@
1/* $OpenBSD: evp_err.c,v 1.21 2015/02/15 14:35:30 miod Exp $ */
2/* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62
63#include <openssl/opensslconf.h>
64
65#include <openssl/err.h>
66#include <openssl/evp.h>
67
68/* BEGIN ERROR CODES */
69#ifndef OPENSSL_NO_ERR
70
71#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0)
72#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason)
73
74static ERR_STRING_DATA EVP_str_functs[] = {
75 {ERR_FUNC(EVP_F_AEAD_AES_GCM_INIT), "AEAD_AES_GCM_INIT"},
76 {ERR_FUNC(EVP_F_AEAD_AES_GCM_OPEN), "AEAD_AES_GCM_OPEN"},
77 {ERR_FUNC(EVP_F_AEAD_AES_GCM_SEAL), "AEAD_AES_GCM_SEAL"},
78 {ERR_FUNC(EVP_F_AEAD_CHACHA20_POLY1305_INIT), "AEAD_CHACHA20_POLY1305_INIT"},
79 {ERR_FUNC(EVP_F_AEAD_CHACHA20_POLY1305_OPEN), "AEAD_CHACHA20_POLY1305_OPEN"},
80 {ERR_FUNC(EVP_F_AEAD_CHACHA20_POLY1305_SEAL), "AEAD_CHACHA20_POLY1305_SEAL"},
81 {ERR_FUNC(EVP_F_AEAD_CTX_OPEN), "AEAD_CTX_OPEN"},
82 {ERR_FUNC(EVP_F_AEAD_CTX_SEAL), "AEAD_CTX_SEAL"},
83 {ERR_FUNC(EVP_F_AESNI_INIT_KEY), "AESNI_INIT_KEY"},
84 {ERR_FUNC(EVP_F_AESNI_XTS_CIPHER), "AESNI_XTS_CIPHER"},
85 {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
86 {ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"},
87 {ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"},
88 {ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"},
89 {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"},
90 {ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"},
91 {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
92 {ERR_FUNC(EVP_F_DO_SIGVER_INIT), "DO_SIGVER_INIT"},
93 {ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"},
94 {ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"},
95 {ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"},
96 {ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"},
97 {ERR_FUNC(EVP_F_EVP_AEAD_CTX_INIT), "EVP_AEAD_CTX_init"},
98 {ERR_FUNC(EVP_F_EVP_AEAD_CTX_OPEN), "EVP_AEAD_CTX_open"},
99 {ERR_FUNC(EVP_F_EVP_AEAD_CTX_SEAL), "EVP_AEAD_CTX_seal"},
100 {ERR_FUNC(EVP_F_EVP_BYTESTOKEY), "EVP_BytesToKey"},
101 {ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
102 {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"},
103 {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"},
104 {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"},
105 {ERR_FUNC(EVP_F_EVP_CIPHER_GET_ASN1_IV), "EVP_CIPHER_get_asn1_iv"},
106 {ERR_FUNC(EVP_F_EVP_CIPHER_SET_ASN1_IV), "EVP_CIPHER_set_asn1_iv"},
107 {ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"},
108 {ERR_FUNC(EVP_F_EVP_DECRYPTUPDATE), "EVP_DecryptUpdate"},
109 {ERR_FUNC(EVP_F_EVP_DIGESTFINAL_EX), "EVP_DigestFinal_ex"},
110 {ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"},
111 {ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"},
112 {ERR_FUNC(EVP_F_EVP_ENCRYPTUPDATE), "EVP_EncryptUpdate"},
113 {ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"},
114 {ERR_FUNC(EVP_F_EVP_MD_CTX_CTRL), "EVP_MD_CTX_ctrl"},
115 {ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_size"},
116 {ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"},
117 {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"},
118 {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"},
119 {ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"},
120 {ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"},
121 {ERR_FUNC(EVP_F_EVP_PKCS82PKEY_BROKEN), "EVP_PKCS82PKEY_BROKEN"},
122 {ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"},
123 {ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"},
124 {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"},
125 {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"},
126 {ERR_FUNC(EVP_F_EVP_PKEY_CTX_DUP), "EVP_PKEY_CTX_dup"},
127 {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"},
128 {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"},
129 {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"},
130 {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive"},
131 {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_derive_init"},
132 {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_derive_set_peer"},
133 {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"},
134 {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"},
135 {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"},
136 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"},
137 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"},
138 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"},
139 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"},
140 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"},
141 {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
142 {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"},
143 {ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
144 {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"},
145 {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"},
146 {ERR_FUNC(EVP_F_EVP_PKEY_SIGN), "EVP_PKEY_sign"},
147 {ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT), "EVP_PKEY_sign_init"},
148 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY), "EVP_PKEY_verify"},
149 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_verify_init"},
150 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"},
151 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT), "EVP_PKEY_verify_recover_init"},
152 {ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
153 {ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
154 {ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"},
155 {ERR_FUNC(EVP_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"},
156 {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_COPY), "FIPS_CIPHER_CTX_COPY"},
157 {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
158 {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH), "FIPS_CIPHER_CTX_SET_KEY_LENGTH"},
159 {ERR_FUNC(EVP_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"},
160 {ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY), "FIPS_MD_CTX_COPY"},
161 {ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"},
162 {ERR_FUNC(EVP_F_INT_CTX_NEW), "INT_CTX_NEW"},
163 {ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"},
164 {ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
165 {ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_V2_PBKDF2_KEYIVGEN"},
166 {ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"},
167 {ERR_FUNC(EVP_F_PKEY_SET_TYPE), "PKEY_SET_TYPE"},
168 {ERR_FUNC(EVP_F_RC2_GET_ASN1_TYPE_AND_IV), "RC2_GET_ASN1_TYPE_AND_IV"},
169 {ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"},
170 {ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"},
171 {0, NULL}
172};
173
174static ERR_STRING_DATA EVP_str_reasons[] = {
175 {ERR_REASON(EVP_R_AES_IV_SETUP_FAILED) , "aes iv setup failed"},
176 {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED) , "aes key setup failed"},
177 {ERR_REASON(EVP_R_ASN1_LIB) , "asn1 lib"},
178 {ERR_REASON(EVP_R_BAD_BLOCK_LENGTH) , "bad block length"},
179 {ERR_REASON(EVP_R_BAD_DECRYPT) , "bad decrypt"},
180 {ERR_REASON(EVP_R_BAD_KEY_LENGTH) , "bad key length"},
181 {ERR_REASON(EVP_R_BN_DECODE_ERROR) , "bn decode error"},
182 {ERR_REASON(EVP_R_BN_PUBKEY_ERROR) , "bn pubkey error"},
183 {ERR_REASON(EVP_R_BUFFER_TOO_SMALL) , "buffer too small"},
184 {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED), "camellia key setup failed"},
185 {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR), "cipher parameter error"},
186 {ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED) , "command not supported"},
187 {ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) , "ctrl not implemented"},
188 {ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED), "ctrl operation not implemented"},
189 {ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH), "data not multiple of block length"},
190 {ERR_REASON(EVP_R_DECODE_ERROR) , "decode error"},
191 {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) , "different key types"},
192 {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) , "different parameters"},
193 {ERR_REASON(EVP_R_DISABLED_FOR_FIPS) , "disabled for fips"},
194 {ERR_REASON(EVP_R_ENCODE_ERROR) , "encode error"},
195 {ERR_REASON(EVP_R_ERROR_LOADING_SECTION) , "error loading section"},
196 {ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE), "error setting fips mode"},
197 {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR), "evp pbe cipherinit error"},
198 {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) , "expecting an rsa key"},
199 {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) , "expecting a dh key"},
200 {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) , "expecting a dsa key"},
201 {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) , "expecting a ecdsa key"},
202 {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) , "expecting a ec key"},
203 {ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"},
204 {ERR_REASON(EVP_R_INITIALIZATION_ERROR) , "initialization error"},
205 {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) , "input not initialized"},
206 {ERR_REASON(EVP_R_INVALID_DIGEST) , "invalid digest"},
207 {ERR_REASON(EVP_R_INVALID_FIPS_MODE) , "invalid fips mode"},
208 {ERR_REASON(EVP_R_INVALID_KEY_LENGTH) , "invalid key length"},
209 {ERR_REASON(EVP_R_INVALID_OPERATION) , "invalid operation"},
210 {ERR_REASON(EVP_R_IV_TOO_LARGE) , "iv too large"},
211 {ERR_REASON(EVP_R_KEYGEN_FAILURE) , "keygen failure"},
212 {ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL), "message digest is null"},
213 {ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED) , "method not supported"},
214 {ERR_REASON(EVP_R_MISSING_PARAMETERS) , "missing parameters"},
215 {ERR_REASON(EVP_R_NO_CIPHER_SET) , "no cipher set"},
216 {ERR_REASON(EVP_R_NO_DEFAULT_DIGEST) , "no default digest"},
217 {ERR_REASON(EVP_R_NO_DIGEST_SET) , "no digest set"},
218 {ERR_REASON(EVP_R_NO_DSA_PARAMETERS) , "no dsa parameters"},
219 {ERR_REASON(EVP_R_NO_KEY_SET) , "no key set"},
220 {ERR_REASON(EVP_R_NO_OPERATION_SET) , "no operation set"},
221 {ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED), "no sign function configured"},
222 {ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED), "no verify function configured"},
223 {ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE), "operation not supported for this keytype"},
224 {ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
225 {ERR_REASON(EVP_R_OUTPUT_ALIASES_INPUT) , "output aliases input"},
226 {ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE), "pkcs8 unknown broken type"},
227 {ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"},
228 {ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"},
229 {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) , "public key not rsa"},
230 {ERR_REASON(EVP_R_TAG_TOO_LARGE) , "tag too large"},
231 {ERR_REASON(EVP_R_TOO_LARGE) , "too large"},
232 {ERR_REASON(EVP_R_UNKNOWN_CIPHER) , "unknown cipher"},
233 {ERR_REASON(EVP_R_UNKNOWN_DIGEST) , "unknown digest"},
234 {ERR_REASON(EVP_R_UNKNOWN_OPTION) , "unknown option"},
235 {ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) , "unknown pbe algorithm"},
236 {ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS), "unsuported number of rounds"},
237 {ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) , "unsupported algorithm"},
238 {ERR_REASON(EVP_R_UNSUPPORTED_CIPHER) , "unsupported cipher"},
239 {ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH) , "unsupported keylength"},
240 {ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION), "unsupported key derivation function"},
241 {ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE) , "unsupported key size"},
242 {ERR_REASON(EVP_R_UNSUPPORTED_PRF) , "unsupported prf"},
243 {ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM), "unsupported private key algorithm"},
244 {ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE) , "unsupported salt type"},
245 {ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH), "wrong final block length"},
246 {ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE) , "wrong public key type"},
247 {0, NULL}
248};
249
250#endif
251
252void
253ERR_load_EVP_strings(void)
254{
255#ifndef OPENSSL_NO_ERR
256 if (ERR_func_error_string(EVP_str_functs[0].error) == NULL) {
257 ERR_load_strings(0, EVP_str_functs);
258 ERR_load_strings(0, EVP_str_reasons);
259 }
260#endif
261}
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c
deleted file mode 100644
index 0678536ccb..0000000000
--- a/src/lib/libcrypto/evp/evp_key.c
+++ /dev/null
@@ -1,206 +0,0 @@
1/* $OpenBSD: evp_key.c,v 1.22 2015/02/10 09:55:39 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/err.h>
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65#include <openssl/ui.h>
66#include <openssl/x509.h>
67
68/* should be init to zeros. */
69static char prompt_string[80];
70
71void
72EVP_set_pw_prompt(const char *prompt)
73{
74 if (prompt == NULL)
75 prompt_string[0] = '\0';
76 else {
77 strlcpy(prompt_string, prompt, sizeof(prompt_string));
78 }
79}
80
81char *
82EVP_get_pw_prompt(void)
83{
84 if (prompt_string[0] == '\0')
85 return (NULL);
86 else
87 return (prompt_string);
88}
89
90int
91EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
92{
93 return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
94}
95
96int
97EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
98 int verify)
99{
100 int ret;
101 char buff[BUFSIZ];
102 UI *ui;
103
104 if ((prompt == NULL) && (prompt_string[0] != '\0'))
105 prompt = prompt_string;
106 ui = UI_new();
107 if (ui == NULL)
108 return -1;
109 if (UI_add_input_string(ui, prompt, 0, buf, min,
110 (len >= BUFSIZ) ? BUFSIZ - 1 : len) < 0)
111 return -1;
112 if (verify) {
113 if (UI_add_verify_string(ui, prompt, 0, buff, min,
114 (len >= BUFSIZ) ? BUFSIZ - 1 : len, buf) < 0)
115 return -1;
116 }
117 ret = UI_process(ui);
118 UI_free(ui);
119 OPENSSL_cleanse(buff, BUFSIZ);
120 return ret;
121}
122
123int
124EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
125 const unsigned char *salt, const unsigned char *data, int datal,
126 int count, unsigned char *key, unsigned char *iv)
127{
128 EVP_MD_CTX c;
129 unsigned char md_buf[EVP_MAX_MD_SIZE];
130 int niv, nkey, addmd = 0;
131 unsigned int mds = 0, i;
132 int rv = 0;
133
134 nkey = type->key_len;
135 niv = type->iv_len;
136
137 if ((size_t)nkey > EVP_MAX_KEY_LENGTH) {
138 EVPerr(EVP_F_EVP_BYTESTOKEY, EVP_R_BAD_KEY_LENGTH);
139 return 0;
140 }
141 if ((size_t)niv > EVP_MAX_IV_LENGTH) {
142 EVPerr(EVP_F_EVP_BYTESTOKEY, EVP_R_IV_TOO_LARGE);
143 return 0;
144 }
145
146 if (data == NULL)
147 return (nkey);
148
149 EVP_MD_CTX_init(&c);
150 for (;;) {
151 if (!EVP_DigestInit_ex(&c, md, NULL))
152 goto err;
153 if (addmd++)
154 if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
155 goto err;
156 if (!EVP_DigestUpdate(&c, data, datal))
157 goto err;
158 if (salt != NULL)
159 if (!EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN))
160 goto err;
161 if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
162 goto err;
163
164 for (i = 1; i < (unsigned int)count; i++) {
165 if (!EVP_DigestInit_ex(&c, md, NULL))
166 goto err;
167 if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
168 goto err;
169 if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
170 goto err;
171 }
172 i = 0;
173 if (nkey) {
174 for (;;) {
175 if (nkey == 0)
176 break;
177 if (i == mds)
178 break;
179 if (key != NULL)
180 *(key++) = md_buf[i];
181 nkey--;
182 i++;
183 }
184 }
185 if (niv && (i != mds)) {
186 for (;;) {
187 if (niv == 0)
188 break;
189 if (i == mds)
190 break;
191 if (iv != NULL)
192 *(iv++) = md_buf[i];
193 niv--;
194 i++;
195 }
196 }
197 if ((nkey == 0) && (niv == 0))
198 break;
199 }
200 rv = type->key_len;
201
202err:
203 EVP_MD_CTX_cleanup(&c);
204 OPENSSL_cleanse(md_buf, sizeof md_buf);
205 return rv;
206}
diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c
deleted file mode 100644
index 491c8d6f67..0000000000
--- a/src/lib/libcrypto/evp/evp_lib.c
+++ /dev/null
@@ -1,348 +0,0 @@
1/* $OpenBSD: evp_lib.c,v 1.14 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/err.h>
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65
66int
67EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
68{
69 int ret;
70
71 if (c->cipher->set_asn1_parameters != NULL)
72 ret = c->cipher->set_asn1_parameters(c, type);
73 else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
74 ret = EVP_CIPHER_set_asn1_iv(c, type);
75 else
76 ret = -1;
77 return (ret);
78}
79
80int
81EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
82{
83 int ret;
84
85 if (c->cipher->get_asn1_parameters != NULL)
86 ret = c->cipher->get_asn1_parameters(c, type);
87 else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
88 ret = EVP_CIPHER_get_asn1_iv(c, type);
89 else
90 ret = -1;
91 return (ret);
92}
93
94int
95EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
96{
97 int i = 0;
98 unsigned int l;
99
100 if (type != NULL) {
101 l = EVP_CIPHER_CTX_iv_length(c);
102 if (l > sizeof(c->iv)) {
103 EVPerr(EVP_F_EVP_CIPHER_GET_ASN1_IV,
104 EVP_R_IV_TOO_LARGE);
105 return 0;
106 }
107 i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
108 if (i != (int)l)
109 return (-1);
110 else if (i > 0)
111 memcpy(c->iv, c->oiv, l);
112 }
113 return (i);
114}
115
116int
117EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
118{
119 int i = 0;
120 unsigned int j;
121
122 if (type != NULL) {
123 j = EVP_CIPHER_CTX_iv_length(c);
124 if (j > sizeof(c->iv)) {
125 EVPerr(EVP_F_EVP_CIPHER_SET_ASN1_IV,
126 EVP_R_IV_TOO_LARGE);
127 return 0;
128 }
129 i = ASN1_TYPE_set_octetstring(type, c->oiv, j);
130 }
131 return (i);
132}
133
134/* Convert the various cipher NIDs and dummies to a proper OID NID */
135int
136EVP_CIPHER_type(const EVP_CIPHER *ctx)
137{
138 int nid;
139 ASN1_OBJECT *otmp;
140 nid = EVP_CIPHER_nid(ctx);
141
142 switch (nid) {
143 case NID_rc2_cbc:
144 case NID_rc2_64_cbc:
145 case NID_rc2_40_cbc:
146 return NID_rc2_cbc;
147
148 case NID_rc4:
149 case NID_rc4_40:
150 return NID_rc4;
151
152 case NID_aes_128_cfb128:
153 case NID_aes_128_cfb8:
154 case NID_aes_128_cfb1:
155 return NID_aes_128_cfb128;
156
157 case NID_aes_192_cfb128:
158 case NID_aes_192_cfb8:
159 case NID_aes_192_cfb1:
160 return NID_aes_192_cfb128;
161
162 case NID_aes_256_cfb128:
163 case NID_aes_256_cfb8:
164 case NID_aes_256_cfb1:
165 return NID_aes_256_cfb128;
166
167 case NID_des_cfb64:
168 case NID_des_cfb8:
169 case NID_des_cfb1:
170 return NID_des_cfb64;
171
172 case NID_des_ede3_cfb64:
173 case NID_des_ede3_cfb8:
174 case NID_des_ede3_cfb1:
175 return NID_des_cfb64;
176
177 default:
178 /* Check it has an OID and it is valid */
179 otmp = OBJ_nid2obj(nid);
180 if (!otmp || !otmp->data)
181 nid = NID_undef;
182 ASN1_OBJECT_free(otmp);
183 return nid;
184 }
185}
186
187int
188EVP_CIPHER_block_size(const EVP_CIPHER *e)
189{
190 return e->block_size;
191}
192
193int
194EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
195{
196 return ctx->cipher->block_size;
197}
198
199int
200EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
201 unsigned int inl)
202{
203 return ctx->cipher->do_cipher(ctx, out, in, inl);
204}
205
206const EVP_CIPHER *
207EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
208{
209 return ctx->cipher;
210}
211
212unsigned long
213EVP_CIPHER_flags(const EVP_CIPHER *cipher)
214{
215 return cipher->flags;
216}
217
218unsigned long
219EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
220{
221 return ctx->cipher->flags;
222}
223
224void *
225EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
226{
227 return ctx->app_data;
228}
229
230void
231EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
232{
233 ctx->app_data = data;
234}
235
236int
237EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
238{
239 return cipher->iv_len;
240}
241
242int
243EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
244{
245 return ctx->cipher->iv_len;
246}
247
248int
249EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
250{
251 return cipher->key_len;
252}
253
254int
255EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
256{
257 return ctx->key_len;
258}
259
260int
261EVP_CIPHER_nid(const EVP_CIPHER *cipher)
262{
263 return cipher->nid;
264}
265
266int
267EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
268{
269 return ctx->cipher->nid;
270}
271
272int
273EVP_MD_block_size(const EVP_MD *md)
274{
275 return md->block_size;
276}
277
278int
279EVP_MD_type(const EVP_MD *md)
280{
281 return md->type;
282}
283
284int
285EVP_MD_pkey_type(const EVP_MD *md)
286{
287 return md->pkey_type;
288}
289
290int
291EVP_MD_size(const EVP_MD *md)
292{
293 if (!md) {
294 EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
295 return -1;
296 }
297 return md->md_size;
298}
299
300unsigned long
301EVP_MD_flags(const EVP_MD *md)
302{
303 return md->flags;
304}
305
306const EVP_MD *
307EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
308{
309 if (!ctx)
310 return NULL;
311 return ctx->digest;
312}
313
314void
315EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
316{
317 ctx->flags |= flags;
318}
319
320void
321EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
322{
323 ctx->flags &= ~flags;
324}
325
326int
327EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
328{
329 return (ctx->flags & flags);
330}
331
332void
333EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
334{
335 ctx->flags |= flags;
336}
337
338void
339EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
340{
341 ctx->flags &= ~flags;
342}
343
344int
345EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
346{
347 return (ctx->flags & flags);
348}
diff --git a/src/lib/libcrypto/evp/evp_locl.h b/src/lib/libcrypto/evp/evp_locl.h
deleted file mode 100644
index 80071ec1ab..0000000000
--- a/src/lib/libcrypto/evp/evp_locl.h
+++ /dev/null
@@ -1,366 +0,0 @@
1/* $OpenBSD: evp_locl.h,v 1.13 2014/06/12 15:49:29 deraadt Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59/* Macros to code block cipher wrappers */
60
61/* Wrapper functions for each cipher mode */
62
63#define BLOCK_CIPHER_ecb_loop() \
64 size_t i, bl; \
65 bl = ctx->cipher->block_size;\
66 if(inl < bl) return 1;\
67 inl -= bl; \
68 for(i=0; i <= inl; i+=bl)
69
70#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
71static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
72{\
73 BLOCK_CIPHER_ecb_loop() \
74 cprefix##_ecb_encrypt(in + i, out + i, &((kstruct *)ctx->cipher_data)->ksched, ctx->encrypt);\
75 return 1;\
76}
77
78#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
79
80#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
81static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
82{\
83 while(inl>=EVP_MAXCHUNK)\
84 {\
85 cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
86 inl-=EVP_MAXCHUNK;\
87 in +=EVP_MAXCHUNK;\
88 out+=EVP_MAXCHUNK;\
89 }\
90 if (inl)\
91 cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
92 return 1;\
93}
94
95#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
96static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
97{\
98 while(inl>=EVP_MAXCHUNK) \
99 {\
100 cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
101 inl-=EVP_MAXCHUNK;\
102 in +=EVP_MAXCHUNK;\
103 out+=EVP_MAXCHUNK;\
104 }\
105 if (inl)\
106 cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
107 return 1;\
108}
109
110#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
111static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
112{\
113 size_t chunk=EVP_MAXCHUNK;\
114 if (cbits==1) chunk>>=3;\
115 if (inl<chunk) chunk=inl;\
116 while(inl && inl>=chunk)\
117 {\
118 cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
119 inl-=chunk;\
120 in +=chunk;\
121 out+=chunk;\
122 if(inl<chunk) chunk=inl;\
123 }\
124 return 1;\
125}
126
127#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
128 BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
129 BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
130 BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
131 BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
132
133#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
134 key_len, iv_len, flags, init_key, cleanup, \
135 set_asn1, get_asn1, ctrl) \
136static const EVP_CIPHER cname##_##mode = { \
137 nid##_##nmode, block_size, key_len, iv_len, \
138 flags | EVP_CIPH_##MODE##_MODE, \
139 init_key, \
140 cname##_##mode##_cipher, \
141 cleanup, \
142 sizeof(kstruct), \
143 set_asn1, get_asn1,\
144 ctrl, \
145 NULL \
146}; \
147const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
148
149#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
150 iv_len, flags, init_key, cleanup, set_asn1, \
151 get_asn1, ctrl) \
152BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
153 iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
154
155#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
156 iv_len, cbits, flags, init_key, cleanup, \
157 set_asn1, get_asn1, ctrl) \
158BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
159 key_len, iv_len, flags, init_key, cleanup, set_asn1, \
160 get_asn1, ctrl)
161
162#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
163 iv_len, cbits, flags, init_key, cleanup, \
164 set_asn1, get_asn1, ctrl) \
165BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
166 key_len, iv_len, flags, init_key, cleanup, set_asn1, \
167 get_asn1, ctrl)
168
169#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
170 flags, init_key, cleanup, set_asn1, \
171 get_asn1, ctrl) \
172BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
173 0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
174
175#define BLOCK_CIPHER_defs(cname, kstruct, \
176 nid, block_size, key_len, iv_len, cbits, flags, \
177 init_key, cleanup, set_asn1, get_asn1, ctrl) \
178BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
179 init_key, cleanup, set_asn1, get_asn1, ctrl) \
180BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
181 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
182BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
183 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
184BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
185 init_key, cleanup, set_asn1, get_asn1, ctrl)
186
187
188/*
189#define BLOCK_CIPHER_defs(cname, kstruct, \
190 nid, block_size, key_len, iv_len, flags,\
191 init_key, cleanup, set_asn1, get_asn1, ctrl)\
192static const EVP_CIPHER cname##_cbc = {\
193 nid##_cbc, block_size, key_len, iv_len, \
194 flags | EVP_CIPH_CBC_MODE,\
195 init_key,\
196 cname##_cbc_cipher,\
197 cleanup,\
198 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
199 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
200 set_asn1, get_asn1,\
201 ctrl, \
202 NULL \
203};\
204const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
205static const EVP_CIPHER cname##_cfb = {\
206 nid##_cfb64, 1, key_len, iv_len, \
207 flags | EVP_CIPH_CFB_MODE,\
208 init_key,\
209 cname##_cfb_cipher,\
210 cleanup,\
211 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
212 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
213 set_asn1, get_asn1,\
214 ctrl,\
215 NULL \
216};\
217const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
218static const EVP_CIPHER cname##_ofb = {\
219 nid##_ofb64, 1, key_len, iv_len, \
220 flags | EVP_CIPH_OFB_MODE,\
221 init_key,\
222 cname##_ofb_cipher,\
223 cleanup,\
224 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
225 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
226 set_asn1, get_asn1,\
227 ctrl,\
228 NULL \
229};\
230const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
231static const EVP_CIPHER cname##_ecb = {\
232 nid##_ecb, block_size, key_len, iv_len, \
233 flags | EVP_CIPH_ECB_MODE,\
234 init_key,\
235 cname##_ecb_cipher,\
236 cleanup,\
237 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
238 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
239 set_asn1, get_asn1,\
240 ctrl,\
241 NULL \
242};\
243const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
244*/
245
246#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
247 block_size, key_len, iv_len, cbits, \
248 flags, init_key, \
249 cleanup, set_asn1, get_asn1, ctrl) \
250 BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
251 BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
252 cbits, flags, init_key, cleanup, set_asn1, \
253 get_asn1, ctrl)
254
255#define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data)
256
257#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \
258 BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
259 BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
260 NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
261 0, cipher##_init_key, NULL, \
262 EVP_CIPHER_set_asn1_iv, \
263 EVP_CIPHER_get_asn1_iv, \
264 NULL)
265
266 struct evp_pkey_ctx_st {
267 /* Method associated with this operation */
268 const EVP_PKEY_METHOD *pmeth;
269 /* Engine that implements this method or NULL if builtin */
270 ENGINE *engine;
271 /* Key: may be NULL */
272 EVP_PKEY *pkey;
273 /* Peer key for key agreement, may be NULL */
274 EVP_PKEY *peerkey;
275 /* Actual operation */
276 int operation;
277 /* Algorithm specific data */
278 void *data;
279 /* Application specific data */
280 void *app_data;
281 /* Keygen callback */
282 EVP_PKEY_gen_cb *pkey_gencb;
283 /* implementation specific keygen data */
284 int *keygen_info;
285 int keygen_info_count;
286} /* EVP_PKEY_CTX */;
287
288#define EVP_PKEY_FLAG_DYNAMIC 1
289
290struct evp_pkey_method_st {
291 int pkey_id;
292 int flags;
293
294 int (*init)(EVP_PKEY_CTX *ctx);
295 int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
296 void (*cleanup)(EVP_PKEY_CTX *ctx);
297
298 int (*paramgen_init)(EVP_PKEY_CTX *ctx);
299 int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
300
301 int (*keygen_init)(EVP_PKEY_CTX *ctx);
302 int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
303
304 int (*sign_init)(EVP_PKEY_CTX *ctx);
305 int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
306 const unsigned char *tbs, size_t tbslen);
307
308 int (*verify_init)(EVP_PKEY_CTX *ctx);
309 int (*verify)(EVP_PKEY_CTX *ctx,
310 const unsigned char *sig, size_t siglen,
311 const unsigned char *tbs, size_t tbslen);
312
313 int (*verify_recover_init)(EVP_PKEY_CTX *ctx);
314 int (*verify_recover)(EVP_PKEY_CTX *ctx,
315 unsigned char *rout, size_t *routlen,
316 const unsigned char *sig, size_t siglen);
317
318 int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
319 int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
320 EVP_MD_CTX *mctx);
321
322 int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
323 int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,
324 int siglen, EVP_MD_CTX *mctx);
325
326 int (*encrypt_init)(EVP_PKEY_CTX *ctx);
327 int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
328 const unsigned char *in, size_t inlen);
329
330 int (*decrypt_init)(EVP_PKEY_CTX *ctx);
331 int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
332 const unsigned char *in, size_t inlen);
333
334 int (*derive_init)(EVP_PKEY_CTX *ctx);
335 int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
336
337 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
338 int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value);
339} /* EVP_PKEY_METHOD */;
340
341void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
342
343int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
344 ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de);
345
346/* EVP_AEAD represents a specific AEAD algorithm. */
347struct evp_aead_st {
348 unsigned char key_len;
349 unsigned char nonce_len;
350 unsigned char overhead;
351 unsigned char max_tag_len;
352
353 int (*init)(struct evp_aead_ctx_st*, const unsigned char *key,
354 size_t key_len, size_t tag_len);
355 void (*cleanup)(struct evp_aead_ctx_st*);
356
357 int (*seal)(const struct evp_aead_ctx_st *ctx, unsigned char *out,
358 size_t *out_len, size_t max_out_len, const unsigned char *nonce,
359 size_t nonce_len, const unsigned char *in, size_t in_len,
360 const unsigned char *ad, size_t ad_len);
361
362 int (*open)(const struct evp_aead_ctx_st *ctx, unsigned char *out,
363 size_t *out_len, size_t max_out_len, const unsigned char *nonce,
364 size_t nonce_len, const unsigned char *in, size_t in_len,
365 const unsigned char *ad, size_t ad_len);
366};
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c
deleted file mode 100644
index 0787e2dc94..0000000000
--- a/src/lib/libcrypto/evp/evp_pbe.c
+++ /dev/null
@@ -1,295 +0,0 @@
1/* $OpenBSD: evp_pbe.c,v 1.23 2015/02/08 22:20:18 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/opensslconf.h>
63
64#include <openssl/err.h>
65#include <openssl/evp.h>
66#include <openssl/pkcs12.h>
67#include <openssl/x509.h>
68
69#include "evp_locl.h"
70
71/* Password based encryption (PBE) functions */
72
73DECLARE_STACK_OF(EVP_PBE_CTL)
74static STACK_OF(EVP_PBE_CTL) *pbe_algs;
75
76/* Setup a cipher context from a PBE algorithm */
77
78typedef struct {
79 int pbe_type;
80 int pbe_nid;
81 int cipher_nid;
82 int md_nid;
83 EVP_PBE_KEYGEN *keygen;
84} EVP_PBE_CTL;
85
86static const EVP_PBE_CTL builtin_pbe[] = {
87 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC, NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},
88 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC, NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
89 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC, NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
90
91#ifndef OPENSSL_NO_HMAC
92 {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
93#endif
94
95 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4, NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},
96 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4, NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen},
97 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen},
98 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC, NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},
99 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC, NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},
100 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC, NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},
101
102#ifndef OPENSSL_NO_HMAC
103 {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen},
104#endif
105 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC, NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen},
106 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC, NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},
107 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC, NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},
108
109
110 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0},
111 {EVP_PBE_TYPE_PRF, NID_hmacWithMD5, -1, NID_md5, 0},
112 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA224, -1, NID_sha224, 0},
113 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA256, -1, NID_sha256, 0},
114 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},
115 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},
116 {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},
117};
118
119int
120EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
121 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
122{
123 const EVP_CIPHER *cipher;
124 const EVP_MD *md;
125 int cipher_nid, md_nid;
126 EVP_PBE_KEYGEN *keygen;
127
128 if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj),
129 &cipher_nid, &md_nid, &keygen)) {
130 char obj_tmp[80];
131 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
132 if (!pbe_obj)
133 strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
134 else
135 i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
136 ERR_asprintf_error_data("TYPE=%s", obj_tmp);
137 return 0;
138 }
139
140 if (!pass)
141 passlen = 0;
142 else if (passlen == -1)
143 passlen = strlen(pass);
144
145 if (cipher_nid == -1)
146 cipher = NULL;
147 else {
148 cipher = EVP_get_cipherbynid(cipher_nid);
149 if (!cipher) {
150 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_CIPHER);
151 return 0;
152 }
153 }
154
155 if (md_nid == -1)
156 md = NULL;
157 else {
158 md = EVP_get_digestbynid(md_nid);
159 if (!md) {
160 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_DIGEST);
161 return 0;
162 }
163 }
164
165 if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) {
166 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_KEYGEN_FAILURE);
167 return 0;
168 }
169 return 1;
170}
171
172DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
173
174static int
175pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2)
176{
177 int ret = pbe1->pbe_type - pbe2->pbe_type;
178
179 if (ret)
180 return ret;
181 else
182 return pbe1->pbe_nid - pbe2->pbe_nid;
183}
184
185IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
186
187static int
188pbe_cmp(const EVP_PBE_CTL * const *a, const EVP_PBE_CTL * const *b)
189{
190 int ret = (*a)->pbe_type - (*b)->pbe_type;
191
192 if (ret)
193 return ret;
194 else
195 return (*a)->pbe_nid - (*b)->pbe_nid;
196}
197
198/* Add a PBE algorithm */
199
200int
201EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
202 EVP_PBE_KEYGEN *keygen)
203{
204 EVP_PBE_CTL *pbe_tmp;
205
206 if (pbe_algs == NULL) {
207 pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
208 if (pbe_algs == NULL) {
209 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE,
210 ERR_R_MALLOC_FAILURE);
211 return 0;
212 }
213 }
214 pbe_tmp = malloc(sizeof(EVP_PBE_CTL));
215 if (pbe_tmp == NULL) {
216 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
217 return 0;
218 }
219 pbe_tmp->pbe_type = pbe_type;
220 pbe_tmp->pbe_nid = pbe_nid;
221 pbe_tmp->cipher_nid = cipher_nid;
222 pbe_tmp->md_nid = md_nid;
223 pbe_tmp->keygen = keygen;
224
225 if (sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp) == 0) {
226 free(pbe_tmp);
227 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
228 return 0;
229 }
230 return 1;
231}
232
233int
234EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
235 EVP_PBE_KEYGEN *keygen)
236{
237 int cipher_nid, md_nid;
238
239 if (cipher)
240 cipher_nid = EVP_CIPHER_nid(cipher);
241 else
242 cipher_nid = -1;
243 if (md)
244 md_nid = EVP_MD_type(md);
245 else
246 md_nid = -1;
247
248 return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid,
249 cipher_nid, md_nid, keygen);
250}
251
252int
253EVP_PBE_find(int type, int pbe_nid,
254 int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen)
255{
256 EVP_PBE_CTL *pbetmp = NULL, pbelu;
257 int i;
258 if (pbe_nid == NID_undef)
259 return 0;
260
261 pbelu.pbe_type = type;
262 pbelu.pbe_nid = pbe_nid;
263
264 if (pbe_algs) {
265 i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu);
266 if (i != -1)
267 pbetmp = sk_EVP_PBE_CTL_value (pbe_algs, i);
268 }
269 if (pbetmp == NULL) {
270 pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe,
271 sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL));
272 }
273 if (pbetmp == NULL)
274 return 0;
275 if (pcnid)
276 *pcnid = pbetmp->cipher_nid;
277 if (pmnid)
278 *pmnid = pbetmp->md_nid;
279 if (pkeygen)
280 *pkeygen = pbetmp->keygen;
281 return 1;
282}
283
284static void
285free_evp_pbe_ctl(EVP_PBE_CTL *pbe)
286{
287 free(pbe);
288}
289
290void
291EVP_PBE_cleanup(void)
292{
293 sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl);
294 pbe_algs = NULL;
295}
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c
deleted file mode 100644
index 689ff596ce..0000000000
--- a/src/lib/libcrypto/evp/evp_pkey.c
+++ /dev/null
@@ -1,240 +0,0 @@
1/* $OpenBSD: evp_pkey.c,v 1.18 2014/10/18 17:20:40 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61
62#include <openssl/err.h>
63#include <openssl/x509.h>
64
65#include "asn1_locl.h"
66
67/* Extract a private key from a PKCS8 structure */
68
69EVP_PKEY *
70EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
71{
72 EVP_PKEY *pkey = NULL;
73 ASN1_OBJECT *algoid;
74 char obj_tmp[80];
75
76 if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8))
77 return NULL;
78
79 if (!(pkey = EVP_PKEY_new())) {
80 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE);
81 return NULL;
82 }
83
84 if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) {
85 EVPerr(EVP_F_EVP_PKCS82PKEY,
86 EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
87 i2t_ASN1_OBJECT(obj_tmp, 80, algoid);
88 ERR_asprintf_error_data("TYPE=%s", obj_tmp);
89 goto error;
90 }
91
92 if (pkey->ameth->priv_decode) {
93 if (!pkey->ameth->priv_decode(pkey, p8)) {
94 EVPerr(EVP_F_EVP_PKCS82PKEY,
95 EVP_R_PRIVATE_KEY_DECODE_ERROR);
96 goto error;
97 }
98 } else {
99 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED);
100 goto error;
101 }
102
103 return pkey;
104
105error:
106 EVP_PKEY_free(pkey);
107 return NULL;
108}
109
110PKCS8_PRIV_KEY_INFO *
111EVP_PKEY2PKCS8(EVP_PKEY *pkey)
112{
113 return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
114}
115
116/* Turn a private key into a PKCS8 structure */
117
118PKCS8_PRIV_KEY_INFO *
119EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
120{
121 PKCS8_PRIV_KEY_INFO *p8;
122
123 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {
124 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE);
125 return NULL;
126 }
127 p8->broken = broken;
128
129 if (pkey->ameth) {
130 if (pkey->ameth->priv_encode) {
131 if (!pkey->ameth->priv_encode(p8, pkey)) {
132 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
133 EVP_R_PRIVATE_KEY_ENCODE_ERROR);
134 goto error;
135 }
136 } else {
137 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
138 EVP_R_METHOD_NOT_SUPPORTED);
139 goto error;
140 }
141 } else {
142 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
143 EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
144 goto error;
145 }
146 return p8;
147
148error:
149 PKCS8_PRIV_KEY_INFO_free(p8);
150 return NULL;
151}
152
153PKCS8_PRIV_KEY_INFO *
154PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
155{
156 switch (broken) {
157 case PKCS8_OK:
158 p8->broken = PKCS8_OK;
159 return p8;
160 break;
161
162 case PKCS8_NO_OCTET:
163 p8->broken = PKCS8_NO_OCTET;
164 p8->pkey->type = V_ASN1_SEQUENCE;
165 return p8;
166 break;
167
168 default:
169 EVPerr(EVP_F_PKCS8_SET_BROKEN, EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
170 return NULL;
171 }
172}
173
174/* EVP_PKEY attribute functions */
175
176int
177EVP_PKEY_get_attr_count(const EVP_PKEY *key)
178{
179 return X509at_get_attr_count(key->attributes);
180}
181
182int
183EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos)
184{
185 return X509at_get_attr_by_NID(key->attributes, nid, lastpos);
186}
187
188int
189EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, int lastpos)
190{
191 return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos);
192}
193
194X509_ATTRIBUTE *
195EVP_PKEY_get_attr(const EVP_PKEY *key, int loc)
196{
197 return X509at_get_attr(key->attributes, loc);
198}
199
200X509_ATTRIBUTE *
201EVP_PKEY_delete_attr(EVP_PKEY *key, int loc)
202{
203 return X509at_delete_attr(key->attributes, loc);
204}
205
206int
207EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr)
208{
209 if (X509at_add1_attr(&key->attributes, attr))
210 return 1;
211 return 0;
212}
213
214int
215EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, const ASN1_OBJECT *obj, int type,
216 const unsigned char *bytes, int len)
217{
218 if (X509at_add1_attr_by_OBJ(&key->attributes, obj, type, bytes, len))
219 return 1;
220 return 0;
221}
222
223int
224EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, int nid, int type,
225 const unsigned char *bytes, int len)
226{
227 if (X509at_add1_attr_by_NID(&key->attributes, nid, type, bytes, len))
228 return 1;
229 return 0;
230}
231
232int
233EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, const char *attrname, int type,
234 const unsigned char *bytes, int len)
235{
236 if (X509at_add1_attr_by_txt(&key->attributes, attrname, type,
237 bytes, len))
238 return 1;
239 return 0;
240}
diff --git a/src/lib/libcrypto/evp/m_dss.c b/src/lib/libcrypto/evp/m_dss.c
deleted file mode 100644
index d23c9b4e71..0000000000
--- a/src/lib/libcrypto/evp/m_dss.c
+++ /dev/null
@@ -1,117 +0,0 @@
1/* $OpenBSD: m_dss.c,v 1.16 2014/07/11 08:44:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65#include <openssl/sha.h>
66
67#ifndef OPENSSL_NO_DSA
68#include <openssl/dsa.h>
69#endif
70
71#ifndef OPENSSL_NO_SHA
72
73static int
74init(EVP_MD_CTX *ctx)
75{
76 return SHA1_Init(ctx->md_data);
77}
78
79static int
80update(EVP_MD_CTX *ctx, const void *data, size_t count)
81{
82 return SHA1_Update(ctx->md_data, data, count);
83}
84
85static int
86final(EVP_MD_CTX *ctx, unsigned char *md)
87{
88 return SHA1_Final(md, ctx->md_data);
89}
90
91static const EVP_MD dsa_md = {
92 .type = NID_dsaWithSHA,
93 .pkey_type = NID_dsaWithSHA,
94 .md_size = SHA_DIGEST_LENGTH,
95 .flags = EVP_MD_FLAG_PKEY_DIGEST,
96 .init = init,
97 .update = update,
98 .final = final,
99 .copy = NULL,
100 .cleanup = NULL,
101#ifndef OPENSSL_NO_DSA
102 .sign = (evp_sign_method *)DSA_sign,
103 .verify = (evp_verify_method *)DSA_verify,
104 .required_pkey_type = {
105 EVP_PKEY_DSA, EVP_PKEY_DSA2, EVP_PKEY_DSA3, EVP_PKEY_DSA4, 0,
106 },
107#endif
108 .block_size = SHA_CBLOCK,
109 .ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
110};
111
112const EVP_MD *
113EVP_dss(void)
114{
115 return (&dsa_md);
116}
117#endif
diff --git a/src/lib/libcrypto/evp/m_dss1.c b/src/lib/libcrypto/evp/m_dss1.c
deleted file mode 100644
index a906c11b69..0000000000
--- a/src/lib/libcrypto/evp/m_dss1.c
+++ /dev/null
@@ -1,117 +0,0 @@
1/* $OpenBSD: m_dss1.c,v 1.16 2014/07/11 08:44:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#ifndef OPENSSL_NO_SHA
64
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/sha.h>
68
69#ifndef OPENSSL_NO_DSA
70#include <openssl/dsa.h>
71#endif
72
73static int
74init(EVP_MD_CTX *ctx)
75{
76 return SHA1_Init(ctx->md_data);
77}
78
79static int
80update(EVP_MD_CTX *ctx, const void *data, size_t count)
81{
82 return SHA1_Update(ctx->md_data, data, count);
83}
84
85static int
86final(EVP_MD_CTX *ctx, unsigned char *md)
87{
88 return SHA1_Final(md, ctx->md_data);
89}
90
91static const EVP_MD dss1_md = {
92 .type = NID_dsa,
93 .pkey_type = NID_dsaWithSHA1,
94 .md_size = SHA_DIGEST_LENGTH,
95 .flags = EVP_MD_FLAG_PKEY_DIGEST,
96 .init = init,
97 .update = update,
98 .final = final,
99 .copy = NULL,
100 .cleanup = NULL,
101#ifndef OPENSSL_NO_DSA
102 .sign = (evp_sign_method *)DSA_sign,
103 .verify = (evp_verify_method *)DSA_verify,
104 .required_pkey_type = {
105 EVP_PKEY_DSA, EVP_PKEY_DSA2, EVP_PKEY_DSA3, EVP_PKEY_DSA4, 0,
106 },
107#endif
108 .block_size = SHA_CBLOCK,
109 .ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
110};
111
112const EVP_MD *
113EVP_dss1(void)
114{
115 return (&dss1_md);
116}
117#endif
diff --git a/src/lib/libcrypto/evp/m_ecdsa.c b/src/lib/libcrypto/evp/m_ecdsa.c
deleted file mode 100644
index b9af6423b5..0000000000
--- a/src/lib/libcrypto/evp/m_ecdsa.c
+++ /dev/null
@@ -1,166 +0,0 @@
1/* $OpenBSD: m_ecdsa.c,v 1.8 2014/07/11 08:44:48 jsing Exp $ */
2/* ====================================================================
3 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
56 * All rights reserved.
57 *
58 * This package is an SSL implementation written
59 * by Eric Young (eay@cryptsoft.com).
60 * The implementation was written so as to conform with Netscapes SSL.
61 *
62 * This library is free for commercial and non-commercial use as long as
63 * the following conditions are aheared to. The following conditions
64 * apply to all code found in this distribution, be it the RC4, RSA,
65 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
66 * included with this distribution is covered by the same copyright terms
67 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
68 *
69 * Copyright remains Eric Young's, and as such any Copyright notices in
70 * the code are not to be removed.
71 * If this package is used in a product, Eric Young should be given attribution
72 * as the author of the parts of the library used.
73 * This can be in the form of a textual message at program startup or
74 * in documentation (online or textual) provided with the package.
75 *
76 * Redistribution and use in source and binary forms, with or without
77 * modification, are permitted provided that the following conditions
78 * are met:
79 * 1. Redistributions of source code must retain the copyright
80 * notice, this list of conditions and the following disclaimer.
81 * 2. Redistributions in binary form must reproduce the above copyright
82 * notice, this list of conditions and the following disclaimer in the
83 * documentation and/or other materials provided with the distribution.
84 * 3. All advertising materials mentioning features or use of this software
85 * must display the following acknowledgement:
86 * "This product includes cryptographic software written by
87 * Eric Young (eay@cryptsoft.com)"
88 * The word 'cryptographic' can be left out if the rouines from the library
89 * being used are not cryptographic related :-).
90 * 4. If you include any Windows specific code (or a derivative thereof) from
91 * the apps directory (application code) you must include an acknowledgement:
92 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
93 *
94 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
95 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
96 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
97 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
98 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
99 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
100 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
101 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
102 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
103 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
104 * SUCH DAMAGE.
105 *
106 * The licence and distribution terms for any publically available version or
107 * derivative of this code cannot be changed. i.e. this code cannot simply be
108 * copied and put under another distribution licence
109 * [including the GNU Public Licence.]
110 */
111
112#include <stdio.h>
113
114#include <openssl/opensslconf.h>
115
116#include <openssl/evp.h>
117#include <openssl/objects.h>
118#include <openssl/x509.h>
119
120#ifndef OPENSSL_NO_SHA
121
122static int
123init(EVP_MD_CTX *ctx)
124{
125 return SHA1_Init(ctx->md_data);
126}
127
128static int
129update(EVP_MD_CTX *ctx, const void *data, size_t count)
130{
131 return SHA1_Update(ctx->md_data, data, count);
132}
133
134static int
135final(EVP_MD_CTX *ctx, unsigned char *md)
136{
137 return SHA1_Final(md, ctx->md_data);
138}
139
140static const EVP_MD ecdsa_md = {
141 .type = NID_ecdsa_with_SHA1,
142 .pkey_type = NID_ecdsa_with_SHA1,
143 .md_size = SHA_DIGEST_LENGTH,
144 .flags = EVP_MD_FLAG_PKEY_DIGEST,
145 .init = init,
146 .update = update,
147 .final = final,
148 .copy = NULL,
149 .cleanup = NULL,
150#ifndef OPENSSL_NO_ECDSA
151 .sign = (evp_sign_method *)ECDSA_sign,
152 .verify = (evp_verify_method *)ECDSA_verify,
153 .required_pkey_type = {
154 EVP_PKEY_EC, 0, 0, 0,
155 },
156#endif
157 .block_size = SHA_CBLOCK,
158 .ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
159};
160
161const EVP_MD *
162EVP_ecdsa(void)
163{
164 return (&ecdsa_md);
165}
166#endif
diff --git a/src/lib/libcrypto/evp/m_gost2814789.c b/src/lib/libcrypto/evp/m_gost2814789.c
deleted file mode 100644
index 279af872e0..0000000000
--- a/src/lib/libcrypto/evp/m_gost2814789.c
+++ /dev/null
@@ -1,110 +0,0 @@
1/* $OpenBSD: m_gost2814789.c,v 1.2 2014/11/09 23:06:50 miod Exp $ */
2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 *
18 * 3. All advertising materials mentioning features or use of this
19 * software must display the following acknowledgment:
20 * "This product includes software developed by the OpenSSL Project
21 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
22 *
23 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
24 * endorse or promote products derived from this software without
25 * prior written permission. For written permission, please contact
26 * openssl-core@openssl.org.
27 *
28 * 5. Products derived from this software may not be called "OpenSSL"
29 * nor may "OpenSSL" appear in their names without prior written
30 * permission of the OpenSSL Project.
31 *
32 * 6. Redistributions of any form whatsoever must retain the following
33 * acknowledgment:
34 * "This product includes software developed by the OpenSSL Project
35 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
36 *
37 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
38 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
39 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
40 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
41 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
43 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
44 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
45 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
46 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
47 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
48 * OF THE POSSIBILITY OF SUCH DAMAGE.
49 * ====================================================================
50 */
51#include <openssl/opensslconf.h>
52
53#ifndef OPENSSL_NO_GOST
54
55#include <openssl/evp.h>
56#include <openssl/gost.h>
57#include <openssl/objects.h>
58
59static int
60gost2814789_init(EVP_MD_CTX *ctx)
61{
62 return GOST2814789IMIT_Init(ctx->md_data,
63 NID_id_Gost28147_89_CryptoPro_A_ParamSet);
64}
65
66static int
67gost2814789_update(EVP_MD_CTX *ctx, const void *data, size_t count)
68{
69 return GOST2814789IMIT_Update(ctx->md_data, data, count);
70}
71
72static int
73gost2814789_final(EVP_MD_CTX *ctx, unsigned char *md)
74{
75 return GOST2814789IMIT_Final(md, ctx->md_data);
76}
77
78static int
79gost2814789_md_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
80{
81 GOST2814789IMIT_CTX *gctx = ctx->md_data;
82
83 switch (cmd) {
84 case EVP_MD_CTRL_SET_KEY:
85 return Gost2814789_set_key(&gctx->cipher, p2, p1);
86 case EVP_MD_CTRL_GOST_SET_SBOX:
87 return Gost2814789_set_sbox(&gctx->cipher, p1);
88 }
89 return -2;
90}
91
92static const EVP_MD gost2814789imit_md = {
93 .type = NID_id_Gost28147_89_MAC,
94 .pkey_type = NID_undef,
95 .md_size = GOST2814789IMIT_LENGTH,
96 .flags = 0,
97 .init = gost2814789_init,
98 .update = gost2814789_update,
99 .final = gost2814789_final,
100 .block_size = GOST2814789IMIT_CBLOCK,
101 .ctx_size = sizeof(EVP_MD *) + sizeof(GOST2814789IMIT_CTX),
102 .md_ctrl = gost2814789_md_ctrl,
103};
104
105const EVP_MD *
106EVP_gost2814789imit(void)
107{
108 return (&gost2814789imit_md);
109}
110#endif
diff --git a/src/lib/libcrypto/evp/m_gostr341194.c b/src/lib/libcrypto/evp/m_gostr341194.c
deleted file mode 100644
index 66d9b4f303..0000000000
--- a/src/lib/libcrypto/evp/m_gostr341194.c
+++ /dev/null
@@ -1,97 +0,0 @@
1/* $OpenBSD: m_gostr341194.c,v 1.2 2014/11/09 23:06:50 miod Exp $ */
2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 *
18 * 3. All advertising materials mentioning features or use of this
19 * software must display the following acknowledgment:
20 * "This product includes software developed by the OpenSSL Project
21 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
22 *
23 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
24 * endorse or promote products derived from this software without
25 * prior written permission. For written permission, please contact
26 * openssl-core@openssl.org.
27 *
28 * 5. Products derived from this software may not be called "OpenSSL"
29 * nor may "OpenSSL" appear in their names without prior written
30 * permission of the OpenSSL Project.
31 *
32 * 6. Redistributions of any form whatsoever must retain the following
33 * acknowledgment:
34 * "This product includes software developed by the OpenSSL Project
35 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
36 *
37 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
38 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
39 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
40 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
41 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
43 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
44 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
45 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
46 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
47 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
48 * OF THE POSSIBILITY OF SUCH DAMAGE.
49 * ====================================================================
50 */
51#include <stdio.h>
52
53#include <openssl/opensslconf.h>
54
55#ifndef OPENSSL_NO_GOST
56
57#include <openssl/evp.h>
58#include <openssl/gost.h>
59#include <openssl/objects.h>
60
61static int
62gostr341194_init(EVP_MD_CTX *ctx)
63{
64 return GOSTR341194_Init(ctx->md_data,
65 NID_id_GostR3411_94_CryptoProParamSet);
66}
67
68static int
69gostr341194_update(EVP_MD_CTX *ctx, const void *data, size_t count)
70{
71 return GOSTR341194_Update(ctx->md_data, data, count);
72}
73
74static int
75gostr341194_final(EVP_MD_CTX *ctx, unsigned char *md)
76{
77 return GOSTR341194_Final(md, ctx->md_data);
78}
79
80static const EVP_MD gostr341194_md = {
81 .type = NID_id_GostR3411_94,
82 .pkey_type = NID_undef,
83 .md_size = GOSTR341194_LENGTH,
84 .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
85 .init = gostr341194_init,
86 .update = gostr341194_update,
87 .final = gostr341194_final,
88 .block_size = GOSTR341194_CBLOCK,
89 .ctx_size = sizeof(EVP_MD *) + sizeof(GOSTR341194_CTX),
90};
91
92const EVP_MD *
93EVP_gostr341194(void)
94{
95 return (&gostr341194_md);
96}
97#endif
diff --git a/src/lib/libcrypto/evp/m_md4.c b/src/lib/libcrypto/evp/m_md4.c
deleted file mode 100644
index e08980b1ed..0000000000
--- a/src/lib/libcrypto/evp/m_md4.c
+++ /dev/null
@@ -1,118 +0,0 @@
1/* $OpenBSD: m_md4.c,v 1.14 2014/07/13 09:30:02 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#ifndef OPENSSL_NO_MD4
64
65#include <openssl/evp.h>
66#include <openssl/md4.h>
67#include <openssl/objects.h>
68#include <openssl/x509.h>
69
70#ifndef OPENSSL_NO_RSA
71#include <openssl/rsa.h>
72#endif
73
74static int
75init(EVP_MD_CTX *ctx)
76{
77 return MD4_Init(ctx->md_data);
78}
79
80static int
81update(EVP_MD_CTX *ctx, const void *data, size_t count)
82{
83 return MD4_Update(ctx->md_data, data, count);
84}
85
86static int
87final(EVP_MD_CTX *ctx, unsigned char *md)
88{
89 return MD4_Final(md, ctx->md_data);
90}
91
92static const EVP_MD md4_md = {
93 .type = NID_md4,
94 .pkey_type = NID_md4WithRSAEncryption,
95 .md_size = MD4_DIGEST_LENGTH,
96 .flags = 0,
97 .init = init,
98 .update = update,
99 .final = final,
100 .copy = NULL,
101 .cleanup = NULL,
102#ifndef OPENSSL_NO_RSA
103 .sign = (evp_sign_method *)RSA_sign,
104 .verify = (evp_verify_method *)RSA_verify,
105 .required_pkey_type = {
106 EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
107 },
108#endif
109 .block_size = MD4_CBLOCK,
110 .ctx_size = sizeof(EVP_MD *) + sizeof(MD4_CTX),
111};
112
113const EVP_MD *
114EVP_md4(void)
115{
116 return (&md4_md);
117}
118#endif
diff --git a/src/lib/libcrypto/evp/m_md5.c b/src/lib/libcrypto/evp/m_md5.c
deleted file mode 100644
index 36cff7ab51..0000000000
--- a/src/lib/libcrypto/evp/m_md5.c
+++ /dev/null
@@ -1,118 +0,0 @@
1/* $OpenBSD: m_md5.c,v 1.15 2014/07/13 09:30:02 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#ifndef OPENSSL_NO_MD5
64
65#include <openssl/evp.h>
66#include <openssl/md5.h>
67#include <openssl/objects.h>
68#include <openssl/x509.h>
69
70#ifndef OPENSSL_NO_RSA
71#include <openssl/rsa.h>
72#endif
73
74static int
75init(EVP_MD_CTX *ctx)
76{
77 return MD5_Init(ctx->md_data);
78}
79
80static int
81update(EVP_MD_CTX *ctx, const void *data, size_t count)
82{
83 return MD5_Update(ctx->md_data, data, count);
84}
85
86static int
87final(EVP_MD_CTX *ctx, unsigned char *md)
88{
89 return MD5_Final(md, ctx->md_data);
90}
91
92static const EVP_MD md5_md = {
93 .type = NID_md5,
94 .pkey_type = NID_md5WithRSAEncryption,
95 .md_size = MD5_DIGEST_LENGTH,
96 .flags = 0,
97 .init = init,
98 .update = update,
99 .final = final,
100 .copy = NULL,
101 .cleanup = NULL,
102#ifndef OPENSSL_NO_RSA
103 .sign = (evp_sign_method *)RSA_sign,
104 .verify = (evp_verify_method *)RSA_verify,
105 .required_pkey_type = {
106 EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
107 },
108#endif
109 .block_size = MD5_CBLOCK,
110 .ctx_size = sizeof(EVP_MD *) + sizeof(MD5_CTX),
111};
112
113const EVP_MD *
114EVP_md5(void)
115{
116 return (&md5_md);
117}
118#endif
diff --git a/src/lib/libcrypto/evp/m_null.c b/src/lib/libcrypto/evp/m_null.c
deleted file mode 100644
index 897be3cee9..0000000000
--- a/src/lib/libcrypto/evp/m_null.c
+++ /dev/null
@@ -1,106 +0,0 @@
1/* $OpenBSD: m_null.c,v 1.9 2014/07/11 08:44:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65static int
66init(EVP_MD_CTX *ctx)
67{
68 return 1;
69}
70
71static int
72update(EVP_MD_CTX *ctx, const void *data, size_t count)
73{
74 return 1;
75}
76
77static int
78final(EVP_MD_CTX *ctx, unsigned char *md)
79{
80 return 1;
81}
82
83static const EVP_MD null_md = {
84 .type = NID_undef,
85 .pkey_type = NID_undef,
86 .md_size = 0,
87 .flags = 0,
88 .init = init,
89 .update = update,
90 .final = final,
91 .copy = NULL,
92 .cleanup = NULL,
93 .sign = NULL,
94 .verify = NULL,
95 .required_pkey_type = {
96 0, 0, 0, 0,
97 },
98 .block_size = 0,
99 .ctx_size = sizeof(EVP_MD *),
100};
101
102const EVP_MD *
103EVP_md_null(void)
104{
105 return (&null_md);
106}
diff --git a/src/lib/libcrypto/evp/m_ripemd.c b/src/lib/libcrypto/evp/m_ripemd.c
deleted file mode 100644
index be7f1393b0..0000000000
--- a/src/lib/libcrypto/evp/m_ripemd.c
+++ /dev/null
@@ -1,118 +0,0 @@
1/* $OpenBSD: m_ripemd.c,v 1.12 2014/07/13 09:30:02 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#ifndef OPENSSL_NO_RIPEMD
64
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/ripemd.h>
68#include <openssl/x509.h>
69
70#ifndef OPENSSL_NO_RSA
71#include <openssl/rsa.h>
72#endif
73
74static int
75init(EVP_MD_CTX *ctx)
76{
77 return RIPEMD160_Init(ctx->md_data);
78}
79
80static int
81update(EVP_MD_CTX *ctx, const void *data, size_t count)
82{
83 return RIPEMD160_Update(ctx->md_data, data, count);
84}
85
86static int
87final(EVP_MD_CTX *ctx, unsigned char *md)
88{
89 return RIPEMD160_Final(md, ctx->md_data);
90}
91
92static const EVP_MD ripemd160_md = {
93 .type = NID_ripemd160,
94 .pkey_type = NID_ripemd160WithRSA,
95 .md_size = RIPEMD160_DIGEST_LENGTH,
96 .flags = 0,
97 .init = init,
98 .update = update,
99 .final = final,
100 .copy = NULL,
101 .cleanup = NULL,
102#ifndef OPENSSL_NO_RSA
103 .sign = (evp_sign_method *)RSA_sign,
104 .verify = (evp_verify_method *)RSA_verify,
105 .required_pkey_type = {
106 EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
107 },
108#endif
109 .block_size = RIPEMD160_CBLOCK,
110 .ctx_size = sizeof(EVP_MD *) + sizeof(RIPEMD160_CTX),
111};
112
113const EVP_MD *
114EVP_ripemd160(void)
115{
116 return (&ripemd160_md);
117}
118#endif
diff --git a/src/lib/libcrypto/evp/m_sha1.c b/src/lib/libcrypto/evp/m_sha1.c
deleted file mode 100644
index 13d5b030d2..0000000000
--- a/src/lib/libcrypto/evp/m_sha1.c
+++ /dev/null
@@ -1,281 +0,0 @@
1/* $OpenBSD: m_sha1.c,v 1.17 2014/07/11 08:44:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#ifndef OPENSSL_NO_SHA
64
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/sha.h>
68
69#ifndef OPENSSL_NO_RSA
70#include <openssl/rsa.h>
71#endif
72
73static int
74init(EVP_MD_CTX *ctx)
75{
76 return SHA1_Init(ctx->md_data);
77}
78
79static int
80update(EVP_MD_CTX *ctx, const void *data, size_t count)
81{
82 return SHA1_Update(ctx->md_data, data, count);
83}
84
85static int
86final(EVP_MD_CTX *ctx, unsigned char *md)
87{
88 return SHA1_Final(md, ctx->md_data);
89}
90
91static const EVP_MD sha1_md = {
92 .type = NID_sha1,
93 .pkey_type = NID_sha1WithRSAEncryption,
94 .md_size = SHA_DIGEST_LENGTH,
95 .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
96 .init = init,
97 .update = update,
98 .final = final,
99 .copy = NULL,
100 .cleanup = NULL,
101#ifndef OPENSSL_NO_RSA
102 .sign = (evp_sign_method *)RSA_sign,
103 .verify = (evp_verify_method *)RSA_verify,
104 .required_pkey_type = {
105 EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
106 },
107#endif
108 .block_size = SHA_CBLOCK,
109 .ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
110};
111
112const EVP_MD *
113EVP_sha1(void)
114{
115 return (&sha1_md);
116}
117#endif
118
119#ifndef OPENSSL_NO_SHA256
120static int
121init224(EVP_MD_CTX *ctx)
122{
123 return SHA224_Init(ctx->md_data);
124}
125
126static int
127init256(EVP_MD_CTX *ctx)
128{
129 return SHA256_Init(ctx->md_data);
130}
131/*
132 * Even though there're separate SHA224_[Update|Final], we call
133 * SHA256 functions even in SHA224 context. This is what happens
134 * there anyway, so we can spare few CPU cycles:-)
135 */
136static int
137update256(EVP_MD_CTX *ctx, const void *data, size_t count)
138{
139 return SHA256_Update(ctx->md_data, data, count);
140}
141
142static int
143final256(EVP_MD_CTX *ctx, unsigned char *md)
144{
145 return SHA256_Final(md, ctx->md_data);
146}
147
148static const EVP_MD sha224_md = {
149 .type = NID_sha224,
150 .pkey_type = NID_sha224WithRSAEncryption,
151 .md_size = SHA224_DIGEST_LENGTH,
152 .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
153 .init = init224,
154 .update = update256,
155 .final = final256,
156 .copy = NULL,
157 .cleanup = NULL,
158#ifndef OPENSSL_NO_RSA
159 .sign = (evp_sign_method *)RSA_sign,
160 .verify = (evp_verify_method *)RSA_verify,
161 .required_pkey_type = {
162 EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
163 },
164#endif
165 .block_size = SHA256_CBLOCK,
166 .ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX),
167};
168
169const EVP_MD *
170EVP_sha224(void)
171{
172 return (&sha224_md);
173}
174
175static const EVP_MD sha256_md = {
176 .type = NID_sha256,
177 .pkey_type = NID_sha256WithRSAEncryption,
178 .md_size = SHA256_DIGEST_LENGTH,
179 .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
180 .init = init256,
181 .update = update256,
182 .final = final256,
183 .copy = NULL,
184 .cleanup = NULL,
185#ifndef OPENSSL_NO_RSA
186 .sign = (evp_sign_method *)RSA_sign,
187 .verify = (evp_verify_method *)RSA_verify,
188 .required_pkey_type = {
189 EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
190 },
191#endif
192 .block_size = SHA256_CBLOCK,
193 .ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX),
194};
195
196const EVP_MD *
197EVP_sha256(void)
198{
199 return (&sha256_md);
200}
201#endif /* ifndef OPENSSL_NO_SHA256 */
202
203#ifndef OPENSSL_NO_SHA512
204static int
205init384(EVP_MD_CTX *ctx)
206{
207 return SHA384_Init(ctx->md_data);
208}
209
210static int
211init512(EVP_MD_CTX *ctx)
212{
213 return SHA512_Init(ctx->md_data);
214}
215/* See comment in SHA224/256 section */
216static int
217update512(EVP_MD_CTX *ctx, const void *data, size_t count)
218{
219 return SHA512_Update(ctx->md_data, data, count);
220}
221
222static int
223final512(EVP_MD_CTX *ctx, unsigned char *md)
224{
225 return SHA512_Final(md, ctx->md_data);
226}
227
228static const EVP_MD sha384_md = {
229 .type = NID_sha384,
230 .pkey_type = NID_sha384WithRSAEncryption,
231 .md_size = SHA384_DIGEST_LENGTH,
232 .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
233 .init = init384,
234 .update = update512,
235 .final = final512,
236 .copy = NULL,
237 .cleanup = NULL,
238#ifndef OPENSSL_NO_RSA
239 .sign = (evp_sign_method *)RSA_sign,
240 .verify = (evp_verify_method *)RSA_verify,
241 .required_pkey_type = {
242 EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
243 },
244#endif
245 .block_size = SHA512_CBLOCK,
246 .ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX),
247};
248
249const EVP_MD *
250EVP_sha384(void)
251{
252 return (&sha384_md);
253}
254
255static const EVP_MD sha512_md = {
256 .type = NID_sha512,
257 .pkey_type = NID_sha512WithRSAEncryption,
258 .md_size = SHA512_DIGEST_LENGTH,
259 .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
260 .init = init512,
261 .update = update512,
262 .final = final512,
263 .copy = NULL,
264 .cleanup = NULL,
265#ifndef OPENSSL_NO_RSA
266 .sign = (evp_sign_method *)RSA_sign,
267 .verify = (evp_verify_method *)RSA_verify,
268 .required_pkey_type = {
269 EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
270 },
271#endif
272 .block_size = SHA512_CBLOCK,
273 .ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX),
274};
275
276const EVP_MD *
277EVP_sha512(void)
278{
279 return (&sha512_md);
280}
281#endif /* ifndef OPENSSL_NO_SHA512 */
diff --git a/src/lib/libcrypto/evp/m_sigver.c b/src/lib/libcrypto/evp/m_sigver.c
deleted file mode 100644
index cc0927325b..0000000000
--- a/src/lib/libcrypto/evp/m_sigver.c
+++ /dev/null
@@ -1,193 +0,0 @@
1/* $OpenBSD: m_sigver.c,v 1.4 2014/07/11 08:44:48 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006.
4 */
5/* ====================================================================
6 * Copyright (c) 2006,2007 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60
61#include <openssl/err.h>
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65
66#include "evp_locl.h"
67
68static int
69do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
70 ENGINE *e, EVP_PKEY *pkey, int ver)
71{
72 if (ctx->pctx == NULL)
73 ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
74 if (ctx->pctx == NULL)
75 return 0;
76
77 if (type == NULL) {
78 int def_nid;
79 if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
80 type = EVP_get_digestbynid(def_nid);
81 }
82
83 if (type == NULL) {
84 EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
85 return 0;
86 }
87
88 if (ver) {
89 if (ctx->pctx->pmeth->verifyctx_init) {
90 if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx,
91 ctx) <=0)
92 return 0;
93 ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
94 } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
95 return 0;
96 } else {
97 if (ctx->pctx->pmeth->signctx_init) {
98 if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
99 return 0;
100 ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
101 } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
102 return 0;
103 }
104 if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
105 return 0;
106 if (pctx)
107 *pctx = ctx->pctx;
108 if (!EVP_DigestInit_ex(ctx, type, e))
109 return 0;
110 return 1;
111}
112
113int
114EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
115 ENGINE *e, EVP_PKEY *pkey)
116{
117 return do_sigver_init(ctx, pctx, type, e, pkey, 0);
118}
119
120int
121EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
122 ENGINE *e, EVP_PKEY *pkey)
123{
124 return do_sigver_init(ctx, pctx, type, e, pkey, 1);
125}
126
127int
128EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
129{
130 int sctx, r = 0;
131
132 if (ctx->pctx->pmeth->signctx)
133 sctx = 1;
134 else
135 sctx = 0;
136 if (sigret) {
137 EVP_MD_CTX tmp_ctx;
138 unsigned char md[EVP_MAX_MD_SIZE];
139 unsigned int mdlen;
140 EVP_MD_CTX_init(&tmp_ctx);
141 if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
142 return 0;
143 if (sctx)
144 r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
145 sigret, siglen, &tmp_ctx);
146 else
147 r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
148 EVP_MD_CTX_cleanup(&tmp_ctx);
149 if (sctx || !r)
150 return r;
151 if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
152 return 0;
153 } else {
154 if (sctx) {
155 if (ctx->pctx->pmeth->signctx(ctx->pctx, sigret,
156 siglen, ctx) <= 0)
157 return 0;
158 } else {
159 int s = EVP_MD_size(ctx->digest);
160 if (s < 0 || EVP_PKEY_sign(ctx->pctx, sigret, siglen,
161 NULL, s) <= 0)
162 return 0;
163 }
164 }
165 return 1;
166}
167
168int
169EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen)
170{
171 EVP_MD_CTX tmp_ctx;
172 unsigned char md[EVP_MAX_MD_SIZE];
173 int r;
174 unsigned int mdlen;
175 int vctx;
176
177 if (ctx->pctx->pmeth->verifyctx)
178 vctx = 1;
179 else
180 vctx = 0;
181 EVP_MD_CTX_init(&tmp_ctx);
182 if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
183 return -1;
184 if (vctx) {
185 r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx, sig,
186 siglen, &tmp_ctx);
187 } else
188 r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
189 EVP_MD_CTX_cleanup(&tmp_ctx);
190 if (vctx || !r)
191 return r;
192 return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
193}
diff --git a/src/lib/libcrypto/evp/m_streebog.c b/src/lib/libcrypto/evp/m_streebog.c
deleted file mode 100644
index 882c7852bb..0000000000
--- a/src/lib/libcrypto/evp/m_streebog.c
+++ /dev/null
@@ -1,131 +0,0 @@
1/* $OpenBSD: m_streebog.c,v 1.2 2014/11/09 23:06:50 miod Exp $ */
2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 *
18 * 3. All advertising materials mentioning features or use of this
19 * software must display the following acknowledgment:
20 * "This product includes software developed by the OpenSSL Project
21 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
22 *
23 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
24 * endorse or promote products derived from this software without
25 * prior written permission. For written permission, please contact
26 * openssl-core@openssl.org.
27 *
28 * 5. Products derived from this software may not be called "OpenSSL"
29 * nor may "OpenSSL" appear in their names without prior written
30 * permission of the OpenSSL Project.
31 *
32 * 6. Redistributions of any form whatsoever must retain the following
33 * acknowledgment:
34 * "This product includes software developed by the OpenSSL Project
35 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
36 *
37 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
38 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
39 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
40 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
41 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
43 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
44 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
45 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
46 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
47 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
48 * OF THE POSSIBILITY OF SUCH DAMAGE.
49 * ====================================================================
50 */
51
52#include <openssl/opensslconf.h>
53
54#ifndef OPENSSL_NO_GOST
55
56#include <openssl/evp.h>
57#include <openssl/gost.h>
58#include <openssl/objects.h>
59
60static int
61streebog_init256(EVP_MD_CTX *ctx)
62{
63 return STREEBOG256_Init(ctx->md_data);
64}
65
66static int
67streebog_update256(EVP_MD_CTX *ctx, const void *data, size_t count)
68{
69 return STREEBOG256_Update(ctx->md_data, data, count);
70}
71
72static int
73streebog_final256(EVP_MD_CTX *ctx, unsigned char *md)
74{
75 return STREEBOG256_Final(md, ctx->md_data);
76}
77
78static int
79streebog_init512(EVP_MD_CTX *ctx)
80{
81 return STREEBOG512_Init(ctx->md_data);
82}
83
84static int
85streebog_update512(EVP_MD_CTX *ctx, const void *data, size_t count)
86{
87 return STREEBOG512_Update(ctx->md_data, data, count);
88}
89
90static int
91streebog_final512(EVP_MD_CTX *ctx, unsigned char *md)
92{
93 return STREEBOG512_Final(md, ctx->md_data);
94}
95
96static const EVP_MD streebog256_md = {
97 .type = NID_id_tc26_gost3411_2012_256,
98 .pkey_type = NID_undef,
99 .md_size = STREEBOG256_LENGTH,
100 .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
101 .init = streebog_init256,
102 .update = streebog_update256,
103 .final = streebog_final256,
104 .block_size = STREEBOG_CBLOCK,
105 .ctx_size = sizeof(EVP_MD *) + sizeof(STREEBOG_CTX),
106};
107
108static const EVP_MD streebog512_md = {
109 .type = NID_id_tc26_gost3411_2012_512,
110 .pkey_type = NID_undef,
111 .md_size = STREEBOG512_LENGTH,
112 .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
113 .init = streebog_init512,
114 .update = streebog_update512,
115 .final = streebog_final512,
116 .block_size = STREEBOG_CBLOCK,
117 .ctx_size = sizeof(EVP_MD *) + sizeof(STREEBOG_CTX),
118};
119
120const EVP_MD *
121EVP_streebog256(void)
122{
123 return (&streebog256_md);
124}
125
126const EVP_MD *
127EVP_streebog512(void)
128{
129 return (&streebog512_md);
130}
131#endif
diff --git a/src/lib/libcrypto/evp/m_wp.c b/src/lib/libcrypto/evp/m_wp.c
deleted file mode 100644
index 3f543ac0af..0000000000
--- a/src/lib/libcrypto/evp/m_wp.c
+++ /dev/null
@@ -1,56 +0,0 @@
1/* $OpenBSD: m_wp.c,v 1.8 2014/07/13 09:30:02 miod Exp $ */
2
3#include <stdio.h>
4
5#include <openssl/opensslconf.h>
6
7#ifndef OPENSSL_NO_WHIRLPOOL
8
9#include <openssl/evp.h>
10#include <openssl/objects.h>
11#include <openssl/x509.h>
12#include <openssl/whrlpool.h>
13
14static int
15init(EVP_MD_CTX *ctx)
16{
17 return WHIRLPOOL_Init(ctx->md_data);
18}
19
20static int
21update(EVP_MD_CTX *ctx, const void *data, size_t count)
22{
23 return WHIRLPOOL_Update(ctx->md_data, data, count);
24}
25
26static int
27final(EVP_MD_CTX *ctx, unsigned char *md)
28{
29 return WHIRLPOOL_Final(md, ctx->md_data);
30}
31
32static const EVP_MD whirlpool_md = {
33 .type = NID_whirlpool,
34 .pkey_type = 0,
35 .md_size = WHIRLPOOL_DIGEST_LENGTH,
36 .flags = 0,
37 .init = init,
38 .update = update,
39 .final = final,
40 .copy = NULL,
41 .cleanup = NULL,
42 .sign = NULL,
43 .verify = NULL,
44 .required_pkey_type = {
45 0, 0, 0, 0,
46 },
47 .block_size = WHIRLPOOL_BBLOCK / 8,
48 .ctx_size = sizeof(EVP_MD *) + sizeof(WHIRLPOOL_CTX),
49};
50
51const EVP_MD *
52EVP_whirlpool(void)
53{
54 return (&whirlpool_md);
55}
56#endif
diff --git a/src/lib/libcrypto/evp/names.c b/src/lib/libcrypto/evp/names.c
deleted file mode 100644
index 33d7dc8084..0000000000
--- a/src/lib/libcrypto/evp/names.c
+++ /dev/null
@@ -1,228 +0,0 @@
1/* $OpenBSD: names.c,v 1.12 2014/07/11 08:44:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65int
66EVP_add_cipher(const EVP_CIPHER *c)
67{
68 int r;
69
70 if (c == NULL)
71 return 0;
72
73 OPENSSL_init();
74
75 r = OBJ_NAME_add(OBJ_nid2sn(c->nid), OBJ_NAME_TYPE_CIPHER_METH,
76 (const char *)c);
77 if (r == 0)
78 return (0);
79 check_defer(c->nid);
80 r = OBJ_NAME_add(OBJ_nid2ln(c->nid), OBJ_NAME_TYPE_CIPHER_METH,
81 (const char *)c);
82 return (r);
83}
84
85int
86EVP_add_digest(const EVP_MD *md)
87{
88 int r;
89 const char *name;
90
91 OPENSSL_init();
92
93 name = OBJ_nid2sn(md->type);
94 r = OBJ_NAME_add(name, OBJ_NAME_TYPE_MD_METH, (const char *)md);
95 if (r == 0)
96 return (0);
97 check_defer(md->type);
98 r = OBJ_NAME_add(OBJ_nid2ln(md->type), OBJ_NAME_TYPE_MD_METH,
99 (const char *)md);
100 if (r == 0)
101 return (0);
102
103 if (md->pkey_type && md->type != md->pkey_type) {
104 r = OBJ_NAME_add(OBJ_nid2sn(md->pkey_type),
105 OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS, name);
106 if (r == 0)
107 return (0);
108 check_defer(md->pkey_type);
109 r = OBJ_NAME_add(OBJ_nid2ln(md->pkey_type),
110 OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS, name);
111 }
112 return (r);
113}
114
115const EVP_CIPHER *
116EVP_get_cipherbyname(const char *name)
117{
118 const EVP_CIPHER *cp;
119
120 cp = (const EVP_CIPHER *)OBJ_NAME_get(name, OBJ_NAME_TYPE_CIPHER_METH);
121 return (cp);
122}
123
124const EVP_MD *
125EVP_get_digestbyname(const char *name)
126{
127 const EVP_MD *cp;
128
129 cp = (const EVP_MD *)OBJ_NAME_get(name, OBJ_NAME_TYPE_MD_METH);
130 return (cp);
131}
132
133void
134EVP_cleanup(void)
135{
136 OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH);
137 OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH);
138 /* The above calls will only clean out the contents of the name
139 hash table, but not the hash table itself. The following line
140 does that part. -- Richard Levitte */
141 OBJ_NAME_cleanup(-1);
142
143 EVP_PBE_cleanup();
144 if (obj_cleanup_defer == 2) {
145 obj_cleanup_defer = 0;
146 OBJ_cleanup();
147 }
148 OBJ_sigid_free();
149}
150
151struct doall_cipher {
152 void *arg;
153 void (*fn)(const EVP_CIPHER *ciph, const char *from, const char *to,
154 void *arg);
155};
156
157static void
158do_all_cipher_fn(const OBJ_NAME *nm, void *arg)
159{
160 struct doall_cipher *dc = arg;
161
162 if (nm->alias)
163 dc->fn(NULL, nm->name, nm->data, dc->arg);
164 else
165 dc->fn((const EVP_CIPHER *)nm->data, nm->name, NULL, dc->arg);
166}
167
168void
169EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph, const char *from,
170 const char *to, void *x), void *arg)
171{
172 struct doall_cipher dc;
173
174 dc.fn = fn;
175 dc.arg = arg;
176 OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc);
177}
178
179void
180EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph, const char *from,
181 const char *to, void *x), void *arg)
182{
183 struct doall_cipher dc;
184
185 dc.fn = fn;
186 dc.arg = arg;
187 OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
188 do_all_cipher_fn, &dc);
189}
190
191struct doall_md {
192 void *arg;
193 void (*fn)(const EVP_MD *ciph, const char *from, const char *to,
194 void *arg);
195};
196
197static void
198do_all_md_fn(const OBJ_NAME *nm, void *arg)
199{
200 struct doall_md *dc = arg;
201
202 if (nm->alias)
203 dc->fn(NULL, nm->name, nm->data, dc->arg);
204 else
205 dc->fn((const EVP_MD *)nm->data, nm->name, NULL, dc->arg);
206}
207
208void
209EVP_MD_do_all(void (*fn)(const EVP_MD *md, const char *from, const char *to,
210 void *x), void *arg)
211{
212 struct doall_md dc;
213
214 dc.fn = fn;
215 dc.arg = arg;
216 OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
217}
218
219void
220EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *md,
221 const char *from, const char *to, void *x), void *arg)
222{
223 struct doall_md dc;
224
225 dc.fn = fn;
226 dc.arg = arg;
227 OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
228}
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c
deleted file mode 100644
index 112a69114c..0000000000
--- a/src/lib/libcrypto/evp/p5_crpt.c
+++ /dev/null
@@ -1,158 +0,0 @@
1/* $OpenBSD: p5_crpt.c,v 1.15 2015/02/10 09:52:35 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62
63#include <openssl/err.h>
64#include <openssl/evp.h>
65#include <openssl/x509.h>
66
67/* Doesn't do anything now: Builtin PBE algorithms in static table.
68 */
69
70void
71PKCS5_PBE_add(void)
72{
73}
74
75int
76PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
77 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de)
78{
79 EVP_MD_CTX ctx;
80 unsigned char md_tmp[EVP_MAX_MD_SIZE];
81 unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
82 int i;
83 PBEPARAM *pbe;
84 int saltlen, iter;
85 unsigned char *salt;
86 const unsigned char *pbuf;
87 int mdsize;
88 int rv = 0;
89
90 /* Extract useful info from parameter */
91 if (param == NULL || param->type != V_ASN1_SEQUENCE ||
92 param->value.sequence == NULL) {
93 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
94 return 0;
95 }
96
97 mdsize = EVP_MD_size(md);
98 if (mdsize < 0)
99 return 0;
100
101 pbuf = param->value.sequence->data;
102 if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) {
103 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
104 return 0;
105 }
106
107 if (!pbe->iter)
108 iter = 1;
109 else
110 iter = ASN1_INTEGER_get (pbe->iter);
111 salt = pbe->salt->data;
112 saltlen = pbe->salt->length;
113
114 if (!pass)
115 passlen = 0;
116 else if (passlen == -1)
117 passlen = strlen(pass);
118
119 EVP_MD_CTX_init(&ctx);
120
121 if (!EVP_DigestInit_ex(&ctx, md, NULL))
122 goto err;
123 if (!EVP_DigestUpdate(&ctx, pass, passlen))
124 goto err;
125 if (!EVP_DigestUpdate(&ctx, salt, saltlen))
126 goto err;
127 if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
128 goto err;
129 for (i = 1; i < iter; i++) {
130 if (!EVP_DigestInit_ex(&ctx, md, NULL))
131 goto err;
132 if (!EVP_DigestUpdate(&ctx, md_tmp, mdsize))
133 goto err;
134 if (!EVP_DigestFinal_ex (&ctx, md_tmp, NULL))
135 goto err;
136 }
137 if ((size_t)EVP_CIPHER_key_length(cipher) > sizeof(md_tmp)) {
138 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_BAD_KEY_LENGTH);
139 goto err;
140 }
141 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
142 if ((size_t)EVP_CIPHER_iv_length(cipher) > 16) {
143 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_IV_TOO_LARGE);
144 goto err;
145 }
146 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
147 EVP_CIPHER_iv_length(cipher));
148 if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
149 goto err;
150 OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
151 OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
152 OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
153 rv = 1;
154err:
155 EVP_MD_CTX_cleanup(&ctx);
156 PBEPARAM_free(pbe);
157 return rv;
158}
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c
deleted file mode 100644
index afafb9551f..0000000000
--- a/src/lib/libcrypto/evp/p5_crpt2.c
+++ /dev/null
@@ -1,308 +0,0 @@
1/* $OpenBSD: p5_crpt2.c,v 1.20 2015/02/14 15:49:51 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62
63#include <openssl/opensslconf.h>
64
65#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA)
66
67#include <openssl/err.h>
68#include <openssl/evp.h>
69#include <openssl/hmac.h>
70#include <openssl/x509.h>
71
72#include "evp_locl.h"
73
74/* This is an implementation of PKCS#5 v2.0 password based encryption key
75 * derivation function PBKDF2.
76 * SHA1 version verified against test vectors posted by Peter Gutmann
77 * <pgut001@cs.auckland.ac.nz> to the PKCS-TNG <pkcs-tng@rsa.com> mailing list.
78 */
79
80int
81PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt,
82 int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out)
83{
84 unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
85 int cplen, j, k, tkeylen, mdlen;
86 unsigned long i = 1;
87 HMAC_CTX hctx_tpl, hctx;
88
89 mdlen = EVP_MD_size(digest);
90 if (mdlen < 0)
91 return 0;
92
93 HMAC_CTX_init(&hctx_tpl);
94 p = out;
95 tkeylen = keylen;
96 if (!pass)
97 passlen = 0;
98 else if (passlen == -1)
99 passlen = strlen(pass);
100 if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) {
101 HMAC_CTX_cleanup(&hctx_tpl);
102 return 0;
103 }
104 while (tkeylen) {
105 if (tkeylen > mdlen)
106 cplen = mdlen;
107 else
108 cplen = tkeylen;
109 /* We are unlikely to ever use more than 256 blocks (5120 bits!)
110 * but just in case...
111 */
112 itmp[0] = (unsigned char)((i >> 24) & 0xff);
113 itmp[1] = (unsigned char)((i >> 16) & 0xff);
114 itmp[2] = (unsigned char)((i >> 8) & 0xff);
115 itmp[3] = (unsigned char)(i & 0xff);
116 if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
117 HMAC_CTX_cleanup(&hctx_tpl);
118 return 0;
119 }
120 if (!HMAC_Update(&hctx, salt, saltlen) ||
121 !HMAC_Update(&hctx, itmp, 4) ||
122 !HMAC_Final(&hctx, digtmp, NULL)) {
123 HMAC_CTX_cleanup(&hctx_tpl);
124 HMAC_CTX_cleanup(&hctx);
125 return 0;
126 }
127 HMAC_CTX_cleanup(&hctx);
128 memcpy(p, digtmp, cplen);
129 for (j = 1; j < iter; j++) {
130 if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
131 HMAC_CTX_cleanup(&hctx_tpl);
132 return 0;
133 }
134 if (!HMAC_Update(&hctx, digtmp, mdlen) ||
135 !HMAC_Final(&hctx, digtmp, NULL)) {
136 HMAC_CTX_cleanup(&hctx_tpl);
137 HMAC_CTX_cleanup(&hctx);
138 return 0;
139 }
140 HMAC_CTX_cleanup(&hctx);
141 for (k = 0; k < cplen; k++)
142 p[k] ^= digtmp[k];
143 }
144 tkeylen -= cplen;
145 i++;
146 p += cplen;
147 }
148 HMAC_CTX_cleanup(&hctx_tpl);
149 return 1;
150}
151
152int
153PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, const unsigned char *salt,
154 int saltlen, int iter, int keylen, unsigned char *out)
155{
156 return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter,
157 EVP_sha1(), keylen, out);
158}
159
160/* Now the key derivation function itself. This is a bit evil because
161 * it has to check the ASN1 parameters are valid: and there are quite a
162 * few of them...
163 */
164
165int
166PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
167 ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de)
168{
169 const unsigned char *pbuf;
170 int plen;
171 PBE2PARAM *pbe2 = NULL;
172 const EVP_CIPHER *cipher;
173
174 int rv = 0;
175
176 if (param == NULL || param->type != V_ASN1_SEQUENCE ||
177 param->value.sequence == NULL) {
178 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
179 goto err;
180 }
181
182 pbuf = param->value.sequence->data;
183 plen = param->value.sequence->length;
184 if (!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
185 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
186 goto err;
187 }
188
189 /* See if we recognise the key derivation function */
190
191 if (OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) {
192 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
193 EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
194 goto err;
195 }
196
197 /* lets see if we recognise the encryption algorithm.
198 */
199
200 cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm);
201
202 if (!cipher) {
203 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
204 EVP_R_UNSUPPORTED_CIPHER);
205 goto err;
206 }
207
208 /* Fixup cipher based on AlgorithmIdentifier */
209 if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de))
210 goto err;
211 if (EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
212 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
213 EVP_R_CIPHER_PARAMETER_ERROR);
214 goto err;
215 }
216 rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen,
217 pbe2->keyfunc->parameter, c, md, en_de);
218
219err:
220 PBE2PARAM_free(pbe2);
221 return rv;
222}
223
224int
225PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
226 ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de)
227{
228 unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
229 const unsigned char *pbuf;
230 int saltlen, iter, plen;
231 int rv = 0;
232 unsigned int keylen = 0;
233 int prf_nid, hmac_md_nid;
234 PBKDF2PARAM *kdf = NULL;
235 const EVP_MD *prfmd;
236
237 if (EVP_CIPHER_CTX_cipher(ctx) == NULL) {
238 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_NO_CIPHER_SET);
239 return 0;
240 }
241 keylen = EVP_CIPHER_CTX_key_length(ctx);
242 if (keylen > sizeof key) {
243 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_BAD_KEY_LENGTH);
244 return 0;
245 }
246
247 /* Decode parameter */
248
249 if (!param || (param->type != V_ASN1_SEQUENCE)) {
250 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
251 return 0;
252 }
253
254 pbuf = param->value.sequence->data;
255 plen = param->value.sequence->length;
256
257 if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
258 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
259 return 0;
260 }
261
262 /* Now check the parameters of the kdf */
263
264 if (kdf->keylength &&
265 (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){
266 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
267 EVP_R_UNSUPPORTED_KEYLENGTH);
268 goto err;
269 }
270
271 if (kdf->prf)
272 prf_nid = OBJ_obj2nid(kdf->prf->algorithm);
273 else
274 prf_nid = NID_hmacWithSHA1;
275
276 if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0)) {
277 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
278 goto err;
279 }
280
281 prfmd = EVP_get_digestbynid(hmac_md_nid);
282 if (prfmd == NULL) {
283 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
284 goto err;
285 }
286
287 if (kdf->salt->type != V_ASN1_OCTET_STRING) {
288 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
289 EVP_R_UNSUPPORTED_SALT_TYPE);
290 goto err;
291 }
292
293 /* it seems that its all OK */
294 salt = kdf->salt->value.octet_string->data;
295 saltlen = kdf->salt->value.octet_string->length;
296 iter = ASN1_INTEGER_get(kdf->iter);
297 if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
298 keylen, key))
299 goto err;
300 rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
301
302err:
303 OPENSSL_cleanse(key, keylen);
304 PBKDF2PARAM_free(kdf);
305 return rv;
306}
307
308#endif
diff --git a/src/lib/libcrypto/evp/p_dec.c b/src/lib/libcrypto/evp/p_dec.c
deleted file mode 100644
index 2244ae8c62..0000000000
--- a/src/lib/libcrypto/evp/p_dec.c
+++ /dev/null
@@ -1,92 +0,0 @@
1/* $OpenBSD: p_dec.c,v 1.10 2014/10/18 17:20:40 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#include <openssl/evp.h>
64#include <openssl/err.h>
65#include <openssl/objects.h>
66#include <openssl/x509.h>
67
68#ifndef OPENSSL_NO_RSA
69#include <openssl/rsa.h>
70#endif
71
72int
73EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
74 EVP_PKEY *priv)
75{
76 int ret = -1;
77
78#ifndef OPENSSL_NO_RSA
79 if (priv->type != EVP_PKEY_RSA) {
80#endif
81 EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
82#ifndef OPENSSL_NO_RSA
83 goto err;
84 }
85
86 ret = RSA_private_decrypt(ekl, ek, key, priv->pkey.rsa,
87 RSA_PKCS1_PADDING);
88
89err:
90#endif
91 return (ret);
92}
diff --git a/src/lib/libcrypto/evp/p_enc.c b/src/lib/libcrypto/evp/p_enc.c
deleted file mode 100644
index 63d2649f6e..0000000000
--- a/src/lib/libcrypto/evp/p_enc.c
+++ /dev/null
@@ -1,89 +0,0 @@
1/* $OpenBSD: p_enc.c,v 1.10 2014/10/18 17:20:40 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#include <openssl/err.h>
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include <openssl/x509.h>
67
68#ifndef OPENSSL_NO_RSA
69#include <openssl/rsa.h>
70#endif
71
72int
73EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, int key_len,
74 EVP_PKEY *pubk)
75{
76 int ret = 0;
77
78#ifndef OPENSSL_NO_RSA
79 if (pubk->type != EVP_PKEY_RSA) {
80#endif
81 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
82#ifndef OPENSSL_NO_RSA
83 goto err;
84 }
85 ret = RSA_public_encrypt(key_len, key, ek, pubk->pkey.rsa, RSA_PKCS1_PADDING);
86err:
87#endif
88 return (ret);
89}
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c
deleted file mode 100644
index e172c34894..0000000000
--- a/src/lib/libcrypto/evp/p_lib.c
+++ /dev/null
@@ -1,483 +0,0 @@
1/* $OpenBSD: p_lib.c,v 1.16 2014/07/12 22:26:01 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#include <openssl/bn.h>
64#include <openssl/err.h>
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
68
69#ifndef OPENSSL_NO_DH
70#include <openssl/dh.h>
71#endif
72#ifndef OPENSSL_NO_DSA
73#include <openssl/dsa.h>
74#endif
75#ifndef OPENSSL_NO_RSA
76#include <openssl/rsa.h>
77#endif
78
79#ifndef OPENSSL_NO_ENGINE
80#include <openssl/engine.h>
81#endif
82
83#include "asn1_locl.h"
84
85static void EVP_PKEY_free_it(EVP_PKEY *x);
86
87int
88EVP_PKEY_bits(EVP_PKEY *pkey)
89{
90 if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
91 return pkey->ameth->pkey_bits(pkey);
92 return 0;
93}
94
95int
96EVP_PKEY_size(EVP_PKEY *pkey)
97{
98 if (pkey && pkey->ameth && pkey->ameth->pkey_size)
99 return pkey->ameth->pkey_size(pkey);
100 return 0;
101}
102
103int
104EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
105{
106#ifndef OPENSSL_NO_DSA
107 if (pkey->type == EVP_PKEY_DSA) {
108 int ret = pkey->save_parameters;
109
110 if (mode >= 0)
111 pkey->save_parameters = mode;
112 return (ret);
113 }
114#endif
115#ifndef OPENSSL_NO_EC
116 if (pkey->type == EVP_PKEY_EC) {
117 int ret = pkey->save_parameters;
118
119 if (mode >= 0)
120 pkey->save_parameters = mode;
121 return (ret);
122 }
123#endif
124 return (0);
125}
126
127int
128EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
129{
130 if (to->type != from->type) {
131 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,
132 EVP_R_DIFFERENT_KEY_TYPES);
133 goto err;
134 }
135
136 if (EVP_PKEY_missing_parameters(from)) {
137 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,
138 EVP_R_MISSING_PARAMETERS);
139 goto err;
140 }
141 if (from->ameth && from->ameth->param_copy)
142 return from->ameth->param_copy(to, from);
143
144err:
145 return 0;
146}
147
148int
149EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
150{
151 if (pkey->ameth && pkey->ameth->param_missing)
152 return pkey->ameth->param_missing(pkey);
153 return 0;
154}
155
156int
157EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
158{
159 if (a->type != b->type)
160 return -1;
161 if (a->ameth && a->ameth->param_cmp)
162 return a->ameth->param_cmp(a, b);
163 return -2;
164}
165
166int
167EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
168{
169 if (a->type != b->type)
170 return -1;
171
172 if (a->ameth) {
173 int ret;
174 /* Compare parameters if the algorithm has them */
175 if (a->ameth->param_cmp) {
176 ret = a->ameth->param_cmp(a, b);
177 if (ret <= 0)
178 return ret;
179 }
180
181 if (a->ameth->pub_cmp)
182 return a->ameth->pub_cmp(a, b);
183 }
184
185 return -2;
186}
187
188EVP_PKEY *
189EVP_PKEY_new(void)
190{
191 EVP_PKEY *ret;
192
193 ret = malloc(sizeof(EVP_PKEY));
194 if (ret == NULL) {
195 EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE);
196 return (NULL);
197 }
198 ret->type = EVP_PKEY_NONE;
199 ret->save_type = EVP_PKEY_NONE;
200 ret->references = 1;
201 ret->ameth = NULL;
202 ret->engine = NULL;
203 ret->pkey.ptr = NULL;
204 ret->attributes = NULL;
205 ret->save_parameters = 1;
206 return (ret);
207}
208
209/* Setup a public key ASN1 method and ENGINE from a NID or a string.
210 * If pkey is NULL just return 1 or 0 if the algorithm exists.
211 */
212
213static int
214pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
215{
216 const EVP_PKEY_ASN1_METHOD *ameth;
217 ENGINE *e = NULL;
218 if (pkey) {
219 if (pkey->pkey.ptr)
220 EVP_PKEY_free_it(pkey);
221 /* If key type matches and a method exists then this
222 * lookup has succeeded once so just indicate success.
223 */
224 if ((type == pkey->save_type) && pkey->ameth)
225 return 1;
226#ifndef OPENSSL_NO_ENGINE
227 /* If we have an ENGINE release it */
228 if (pkey->engine) {
229 ENGINE_finish(pkey->engine);
230 pkey->engine = NULL;
231 }
232#endif
233 }
234 if (str)
235 ameth = EVP_PKEY_asn1_find_str(&e, str, len);
236 else
237 ameth = EVP_PKEY_asn1_find(&e, type);
238#ifndef OPENSSL_NO_ENGINE
239 if (!pkey && e)
240 ENGINE_finish(e);
241#endif
242 if (!ameth) {
243 EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
244 return 0;
245 }
246 if (pkey) {
247 pkey->ameth = ameth;
248 pkey->engine = e;
249
250 pkey->type = pkey->ameth->pkey_id;
251 pkey->save_type = type;
252 }
253 return 1;
254}
255
256int
257EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
258{
259 return pkey_set_type(pkey, type, NULL, -1);
260}
261
262int
263EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len)
264{
265 return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
266}
267
268int
269EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
270{
271 if (!EVP_PKEY_set_type(pkey, type))
272 return 0;
273 pkey->pkey.ptr = key;
274 return (key != NULL);
275}
276
277void *
278EVP_PKEY_get0(EVP_PKEY *pkey)
279{
280 return pkey->pkey.ptr;
281}
282
283#ifndef OPENSSL_NO_RSA
284int
285EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
286{
287 int ret = EVP_PKEY_assign_RSA(pkey, key);
288 if (ret)
289 RSA_up_ref(key);
290 return ret;
291}
292
293RSA *
294EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
295{
296 if (pkey->type != EVP_PKEY_RSA) {
297 EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
298 return NULL;
299 }
300 RSA_up_ref(pkey->pkey.rsa);
301 return pkey->pkey.rsa;
302}
303#endif
304
305#ifndef OPENSSL_NO_DSA
306int
307EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
308{
309 int ret = EVP_PKEY_assign_DSA(pkey, key);
310 if (ret)
311 DSA_up_ref(key);
312 return ret;
313}
314
315DSA *
316EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
317{
318 if (pkey->type != EVP_PKEY_DSA) {
319 EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
320 return NULL;
321 }
322 DSA_up_ref(pkey->pkey.dsa);
323 return pkey->pkey.dsa;
324}
325#endif
326
327#ifndef OPENSSL_NO_EC
328
329int
330EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
331{
332 int ret = EVP_PKEY_assign_EC_KEY(pkey, key);
333 if (ret)
334 EC_KEY_up_ref(key);
335 return ret;
336}
337
338EC_KEY *
339EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
340{
341 if (pkey->type != EVP_PKEY_EC) {
342 EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
343 return NULL;
344 }
345 EC_KEY_up_ref(pkey->pkey.ec);
346 return pkey->pkey.ec;
347}
348#endif
349
350
351#ifndef OPENSSL_NO_DH
352
353int
354EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
355{
356 int ret = EVP_PKEY_assign_DH(pkey, key);
357 if (ret)
358 DH_up_ref(key);
359 return ret;
360}
361
362DH *
363EVP_PKEY_get1_DH(EVP_PKEY *pkey)
364{
365 if (pkey->type != EVP_PKEY_DH) {
366 EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
367 return NULL;
368 }
369 DH_up_ref(pkey->pkey.dh);
370 return pkey->pkey.dh;
371}
372#endif
373
374int
375EVP_PKEY_type(int type)
376{
377 int ret;
378 const EVP_PKEY_ASN1_METHOD *ameth;
379 ENGINE *e;
380 ameth = EVP_PKEY_asn1_find(&e, type);
381 if (ameth)
382 ret = ameth->pkey_id;
383 else
384 ret = NID_undef;
385#ifndef OPENSSL_NO_ENGINE
386 if (e)
387 ENGINE_finish(e);
388#endif
389 return ret;
390}
391
392int
393EVP_PKEY_id(const EVP_PKEY *pkey)
394{
395 return pkey->type;
396}
397
398int
399EVP_PKEY_base_id(const EVP_PKEY *pkey)
400{
401 return EVP_PKEY_type(pkey->type);
402}
403
404void
405EVP_PKEY_free(EVP_PKEY *x)
406{
407 int i;
408
409 if (x == NULL)
410 return;
411
412 i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_EVP_PKEY);
413 if (i > 0)
414 return;
415
416 EVP_PKEY_free_it(x);
417 if (x->attributes)
418 sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
419 free(x);
420}
421
422static void
423EVP_PKEY_free_it(EVP_PKEY *x)
424{
425 if (x->ameth && x->ameth->pkey_free) {
426 x->ameth->pkey_free(x);
427 x->pkey.ptr = NULL;
428 }
429#ifndef OPENSSL_NO_ENGINE
430 if (x->engine) {
431 ENGINE_finish(x->engine);
432 x->engine = NULL;
433 }
434#endif
435}
436
437static int
438unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, const char *kstr)
439{
440 BIO_indent(out, indent, 128);
441 BIO_printf(out, "%s algorithm \"%s\" unsupported\n",
442 kstr, OBJ_nid2ln(pkey->type));
443 return 1;
444}
445
446int
447EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent,
448 ASN1_PCTX *pctx)
449{
450 if (pkey->ameth && pkey->ameth->pub_print)
451 return pkey->ameth->pub_print(out, pkey, indent, pctx);
452
453 return unsup_alg(out, pkey, indent, "Public Key");
454}
455
456int
457EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent,
458 ASN1_PCTX *pctx)
459{
460 if (pkey->ameth && pkey->ameth->priv_print)
461 return pkey->ameth->priv_print(out, pkey, indent, pctx);
462
463 return unsup_alg(out, pkey, indent, "Private Key");
464}
465
466int
467EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent,
468 ASN1_PCTX *pctx)
469{
470 if (pkey->ameth && pkey->ameth->param_print)
471 return pkey->ameth->param_print(out, pkey, indent, pctx);
472 return unsup_alg(out, pkey, indent, "Parameters");
473}
474
475int
476EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid)
477{
478 if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
479 return -2;
480 return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID,
481 0, pnid);
482}
483
diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c
deleted file mode 100644
index aca83e74f6..0000000000
--- a/src/lib/libcrypto/evp/p_open.c
+++ /dev/null
@@ -1,127 +0,0 @@
1/* $OpenBSD: p_open.c,v 1.16 2014/07/11 08:44:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#ifndef OPENSSL_NO_RSA
64
65#include <openssl/err.h>
66#include <openssl/evp.h>
67#include <openssl/objects.h>
68#include <openssl/rsa.h>
69#include <openssl/x509.h>
70
71int
72EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
73 const unsigned char *ek, int ekl, const unsigned char *iv, EVP_PKEY *priv)
74{
75 unsigned char *key = NULL;
76 int i, size = 0, ret = 0;
77
78 if (type) {
79 EVP_CIPHER_CTX_init(ctx);
80 if (!EVP_DecryptInit_ex(ctx, type, NULL, NULL, NULL))
81 return 0;
82 }
83
84 if (!priv)
85 return 1;
86
87 if (priv->type != EVP_PKEY_RSA) {
88 EVPerr(EVP_F_EVP_OPENINIT, EVP_R_PUBLIC_KEY_NOT_RSA);
89 goto err;
90 }
91
92 size = RSA_size(priv->pkey.rsa);
93 key = malloc(size + 2);
94 if (key == NULL) {
95 /* ERROR */
96 EVPerr(EVP_F_EVP_OPENINIT, ERR_R_MALLOC_FAILURE);
97 goto err;
98 }
99
100 i = EVP_PKEY_decrypt_old(key, ek, ekl, priv);
101 if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i)) {
102 /* ERROR */
103 goto err;
104 }
105 if (!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv))
106 goto err;
107
108 ret = 1;
109
110err:
111 if (key != NULL)
112 OPENSSL_cleanse(key, size);
113 free(key);
114 return (ret);
115}
116
117int
118EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
119{
120 int i;
121
122 i = EVP_DecryptFinal_ex(ctx, out, outl);
123 if (i)
124 i = EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
125 return (i);
126}
127#endif
diff --git a/src/lib/libcrypto/evp/p_seal.c b/src/lib/libcrypto/evp/p_seal.c
deleted file mode 100644
index 8b9740fbcd..0000000000
--- a/src/lib/libcrypto/evp/p_seal.c
+++ /dev/null
@@ -1,124 +0,0 @@
1/* $OpenBSD: p_seal.c,v 1.14 2014/10/22 13:02:04 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61
62#include <openssl/opensslconf.h>
63
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include <openssl/x509.h>
67
68#ifndef OPENSSL_NO_RSA
69#include <openssl/rsa.h>
70#endif
71
72int
73EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
74 int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
75{
76 unsigned char key[EVP_MAX_KEY_LENGTH];
77 int i;
78
79 if (type) {
80 EVP_CIPHER_CTX_init(ctx);
81 if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL))
82 return 0;
83 }
84 if ((npubk <= 0) || !pubk)
85 return 1;
86 if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
87 return 0;
88 if (EVP_CIPHER_CTX_iv_length(ctx))
89 arc4random_buf(iv, EVP_CIPHER_CTX_iv_length(ctx));
90
91 if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
92 return 0;
93
94 for (i = 0; i < npubk; i++) {
95 ekl[i] = EVP_PKEY_encrypt_old(ek[i], key,
96 EVP_CIPHER_CTX_key_length(ctx), pubk[i]);
97 if (ekl[i] <= 0)
98 return (-1);
99 }
100 return (npubk);
101}
102
103/* MACRO
104void EVP_SealUpdate(ctx,out,outl,in,inl)
105EVP_CIPHER_CTX *ctx;
106unsigned char *out;
107int *outl;
108unsigned char *in;
109int inl;
110 {
111 EVP_EncryptUpdate(ctx,out,outl,in,inl);
112 }
113*/
114
115int
116EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
117{
118 int i;
119
120 i = EVP_EncryptFinal_ex(ctx, out, outl);
121 if (i)
122 i = EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, NULL);
123 return i;
124}
diff --git a/src/lib/libcrypto/evp/p_sign.c b/src/lib/libcrypto/evp/p_sign.c
deleted file mode 100644
index 4058d47f07..0000000000
--- a/src/lib/libcrypto/evp/p_sign.c
+++ /dev/null
@@ -1,123 +0,0 @@
1/* $OpenBSD: p_sign.c,v 1.13 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/err.h>
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65
66int
67EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
68 EVP_PKEY *pkey)
69{
70 unsigned char m[EVP_MAX_MD_SIZE];
71 unsigned int m_len;
72 int i = 0, ok = 0, v;
73 EVP_MD_CTX tmp_ctx;
74 EVP_PKEY_CTX *pkctx = NULL;
75
76 *siglen = 0;
77 EVP_MD_CTX_init(&tmp_ctx);
78 if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
79 goto err;
80 if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
81 goto err;
82 EVP_MD_CTX_cleanup(&tmp_ctx);
83
84 if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
85 size_t sltmp = (size_t)EVP_PKEY_size(pkey);
86 i = 0;
87 pkctx = EVP_PKEY_CTX_new(pkey, NULL);
88 if (!pkctx)
89 goto err;
90 if (EVP_PKEY_sign_init(pkctx) <= 0)
91 goto err;
92 if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
93 goto err;
94 if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
95 goto err;
96 *siglen = sltmp;
97 i = 1;
98err:
99 EVP_PKEY_CTX_free(pkctx);
100 return i;
101 }
102
103 for (i = 0; i < 4; i++) {
104 v = ctx->digest->required_pkey_type[i];
105 if (v == 0)
106 break;
107 if (pkey->type == v) {
108 ok = 1;
109 break;
110 }
111 }
112 if (!ok) {
113 EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
114 return (0);
115 }
116
117 if (ctx->digest->sign == NULL) {
118 EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
119 return (0);
120 }
121 return(ctx->digest->sign(ctx->digest->type, m, m_len, sigret, siglen,
122 pkey->pkey.ptr));
123}
diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c
deleted file mode 100644
index e653fcf6a5..0000000000
--- a/src/lib/libcrypto/evp/p_verify.c
+++ /dev/null
@@ -1,119 +0,0 @@
1/* $OpenBSD: p_verify.c,v 1.12 2014/07/11 08:44:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/err.h>
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65
66int
67EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
68 unsigned int siglen, EVP_PKEY *pkey)
69{
70 unsigned char m[EVP_MAX_MD_SIZE];
71 unsigned int m_len;
72 int i = 0, ok = 0, v;
73 EVP_MD_CTX tmp_ctx;
74 EVP_PKEY_CTX *pkctx = NULL;
75
76 EVP_MD_CTX_init(&tmp_ctx);
77 if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
78 goto err;
79 if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
80 goto err;
81 EVP_MD_CTX_cleanup(&tmp_ctx);
82
83 if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
84 i = -1;
85 pkctx = EVP_PKEY_CTX_new(pkey, NULL);
86 if (!pkctx)
87 goto err;
88 if (EVP_PKEY_verify_init(pkctx) <= 0)
89 goto err;
90 if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
91 goto err;
92 i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
93err:
94 EVP_PKEY_CTX_free(pkctx);
95 return i;
96 }
97
98 for (i = 0; i < 4; i++) {
99 v = ctx->digest->required_pkey_type[i];
100 if (v == 0)
101 break;
102 if (pkey->type == v) {
103 ok = 1;
104 break;
105 }
106 }
107 if (!ok) {
108 EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
109 return (-1);
110 }
111 if (ctx->digest->verify == NULL) {
112 EVPerr(EVP_F_EVP_VERIFYFINAL,
113 EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
114 return (0);
115 }
116
117 return(ctx->digest->verify(ctx->digest->type, m, m_len,
118 sigbuf, siglen, pkey->pkey.ptr));
119}
diff --git a/src/lib/libcrypto/evp/pmeth_fn.c b/src/lib/libcrypto/evp/pmeth_fn.c
deleted file mode 100644
index 4cf18a0be1..0000000000
--- a/src/lib/libcrypto/evp/pmeth_fn.c
+++ /dev/null
@@ -1,362 +0,0 @@
1/* $OpenBSD: pmeth_fn.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006.
4 */
5/* ====================================================================
6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61
62#include <openssl/err.h>
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65
66#include "evp_locl.h"
67
68#define M_check_autoarg(ctx, arg, arglen, err) \
69 if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
70 { \
71 size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
72 if (!arg) \
73 { \
74 *arglen = pksize; \
75 return 1; \
76 } \
77 else if (*arglen < pksize) \
78 { \
79 EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\
80 return 0; \
81 } \
82 }
83
84int
85EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
86{
87 int ret;
88
89 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
90 EVPerr(EVP_F_EVP_PKEY_SIGN_INIT,
91 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
92 return -2;
93 }
94 ctx->operation = EVP_PKEY_OP_SIGN;
95 if (!ctx->pmeth->sign_init)
96 return 1;
97 ret = ctx->pmeth->sign_init(ctx);
98 if (ret <= 0)
99 ctx->operation = EVP_PKEY_OP_UNDEFINED;
100 return ret;
101}
102
103int
104EVP_PKEY_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
105 const unsigned char *tbs, size_t tbslen)
106{
107 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
108 EVPerr(EVP_F_EVP_PKEY_SIGN,
109 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
110 return -2;
111 }
112 if (ctx->operation != EVP_PKEY_OP_SIGN) {
113 EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED);
114 return -1;
115 }
116 M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
117 return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen);
118}
119
120int
121EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
122{
123 int ret;
124
125 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
126 EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT,
127 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
128 return -2;
129 }
130 ctx->operation = EVP_PKEY_OP_VERIFY;
131 if (!ctx->pmeth->verify_init)
132 return 1;
133 ret = ctx->pmeth->verify_init(ctx);
134 if (ret <= 0)
135 ctx->operation = EVP_PKEY_OP_UNDEFINED;
136 return ret;
137}
138
139int
140EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
141 const unsigned char *tbs, size_t tbslen)
142{
143 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
144 EVPerr(EVP_F_EVP_PKEY_VERIFY,
145 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
146 return -2;
147 }
148 if (ctx->operation != EVP_PKEY_OP_VERIFY) {
149 EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED);
150 return -1;
151 }
152 return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
153}
154
155int
156EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
157{
158 int ret;
159
160 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
161 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT,
162 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
163 return -2;
164 }
165 ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
166 if (!ctx->pmeth->verify_recover_init)
167 return 1;
168 ret = ctx->pmeth->verify_recover_init(ctx);
169 if (ret <= 0)
170 ctx->operation = EVP_PKEY_OP_UNDEFINED;
171 return ret;
172}
173
174int
175EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen,
176 const unsigned char *sig, size_t siglen)
177{
178 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
179 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
180 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
181 return -2;
182 }
183 if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) {
184 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
185 EVP_R_OPERATON_NOT_INITIALIZED);
186 return -1;
187 }
188 M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
189 return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen);
190}
191
192int
193EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
194{
195 int ret;
196
197 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
198 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT,
199 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
200 return -2;
201 }
202 ctx->operation = EVP_PKEY_OP_ENCRYPT;
203 if (!ctx->pmeth->encrypt_init)
204 return 1;
205 ret = ctx->pmeth->encrypt_init(ctx);
206 if (ret <= 0)
207 ctx->operation = EVP_PKEY_OP_UNDEFINED;
208 return ret;
209}
210
211int
212EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
213 const unsigned char *in, size_t inlen)
214{
215 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
216 EVPerr(EVP_F_EVP_PKEY_ENCRYPT,
217 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
218 return -2;
219 }
220 if (ctx->operation != EVP_PKEY_OP_ENCRYPT) {
221 EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
222 return -1;
223 }
224 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT)
225 return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);
226}
227
228int
229EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
230{
231 int ret;
232
233 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
234 EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT,
235 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
236 return -2;
237 }
238 ctx->operation = EVP_PKEY_OP_DECRYPT;
239 if (!ctx->pmeth->decrypt_init)
240 return 1;
241 ret = ctx->pmeth->decrypt_init(ctx);
242 if (ret <= 0)
243 ctx->operation = EVP_PKEY_OP_UNDEFINED;
244 return ret;
245}
246
247int
248EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
249 const unsigned char *in, size_t inlen)
250{
251 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
252 EVPerr(EVP_F_EVP_PKEY_DECRYPT,
253 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
254 return -2;
255 }
256 if (ctx->operation != EVP_PKEY_OP_DECRYPT) {
257 EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
258 return -1;
259 }
260 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
261 return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
262}
263
264int
265EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
266{
267 int ret;
268
269 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
270 EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT,
271 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
272 return -2;
273 }
274 ctx->operation = EVP_PKEY_OP_DERIVE;
275 if (!ctx->pmeth->derive_init)
276 return 1;
277 ret = ctx->pmeth->derive_init(ctx);
278 if (ret <= 0)
279 ctx->operation = EVP_PKEY_OP_UNDEFINED;
280 return ret;
281}
282
283int
284EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
285{
286 int ret;
287
288 if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive ||
289 ctx->pmeth->encrypt || ctx->pmeth->decrypt) ||
290 !ctx->pmeth->ctrl) {
291 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
292 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
293 return -2;
294 }
295 if (ctx->operation != EVP_PKEY_OP_DERIVE &&
296 ctx->operation != EVP_PKEY_OP_ENCRYPT &&
297 ctx->operation != EVP_PKEY_OP_DECRYPT) {
298 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
299 EVP_R_OPERATON_NOT_INITIALIZED);
300 return -1;
301 }
302
303 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
304
305 if (ret <= 0)
306 return ret;
307
308 if (ret == 2)
309 return 1;
310
311 if (!ctx->pkey) {
312 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET);
313 return -1;
314 }
315
316 if (ctx->pkey->type != peer->type) {
317 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
318 EVP_R_DIFFERENT_KEY_TYPES);
319 return -1;
320 }
321
322 /* ran@cryptocom.ru: For clarity. The error is if parameters in peer are
323 * present (!missing) but don't match. EVP_PKEY_cmp_parameters may return
324 * 1 (match), 0 (don't match) and -2 (comparison is not defined). -1
325 * (different key types) is impossible here because it is checked earlier.
326 * -2 is OK for us here, as well as 1, so we can check for 0 only. */
327 if (!EVP_PKEY_missing_parameters(peer) &&
328 !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
329 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
330 EVP_R_DIFFERENT_PARAMETERS);
331 return -1;
332 }
333
334 EVP_PKEY_free(ctx->peerkey);
335 ctx->peerkey = peer;
336
337 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
338
339 if (ret <= 0) {
340 ctx->peerkey = NULL;
341 return ret;
342 }
343
344 CRYPTO_add(&peer->references, 1, CRYPTO_LOCK_EVP_PKEY);
345 return 1;
346}
347
348int
349EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
350{
351 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
352 EVPerr(EVP_F_EVP_PKEY_DERIVE,
353 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
354 return -2;
355 }
356 if (ctx->operation != EVP_PKEY_OP_DERIVE) {
357 EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
358 return -1;
359 }
360 M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
361 return ctx->pmeth->derive(ctx, key, pkeylen);
362}
diff --git a/src/lib/libcrypto/evp/pmeth_gn.c b/src/lib/libcrypto/evp/pmeth_gn.c
deleted file mode 100644
index 29f533625a..0000000000
--- a/src/lib/libcrypto/evp/pmeth_gn.c
+++ /dev/null
@@ -1,227 +0,0 @@
1/* $OpenBSD: pmeth_gn.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006.
4 */
5/* ====================================================================
6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61
62#include <openssl/bn.h>
63#include <openssl/err.h>
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66
67#include "evp_locl.h"
68
69int
70EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
71{
72 int ret;
73
74 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
75 EVPerr(EVP_F_EVP_PKEY_PARAMGEN_INIT,
76 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
77 return -2;
78 }
79 ctx->operation = EVP_PKEY_OP_PARAMGEN;
80 if (!ctx->pmeth->paramgen_init)
81 return 1;
82 ret = ctx->pmeth->paramgen_init(ctx);
83 if (ret <= 0)
84 ctx->operation = EVP_PKEY_OP_UNDEFINED;
85 return ret;
86}
87
88int
89EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
90{
91 int ret;
92
93 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
94 EVPerr(EVP_F_EVP_PKEY_PARAMGEN,
95 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
96 return -2;
97 }
98
99 if (ctx->operation != EVP_PKEY_OP_PARAMGEN) {
100 EVPerr(EVP_F_EVP_PKEY_PARAMGEN, EVP_R_OPERATON_NOT_INITIALIZED);
101 return -1;
102 }
103
104 if (!ppkey)
105 return -1;
106
107 if (!*ppkey)
108 *ppkey = EVP_PKEY_new();
109
110 ret = ctx->pmeth->paramgen(ctx, *ppkey);
111 if (ret <= 0) {
112 EVP_PKEY_free(*ppkey);
113 *ppkey = NULL;
114 }
115 return ret;
116}
117
118int
119EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx)
120{
121 int ret;
122
123 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
124 EVPerr(EVP_F_EVP_PKEY_KEYGEN_INIT,
125 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
126 return -2;
127 }
128 ctx->operation = EVP_PKEY_OP_KEYGEN;
129 if (!ctx->pmeth->keygen_init)
130 return 1;
131 ret = ctx->pmeth->keygen_init(ctx);
132 if (ret <= 0)
133 ctx->operation = EVP_PKEY_OP_UNDEFINED;
134 return ret;
135}
136
137int
138EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
139{
140 int ret;
141
142 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
143 EVPerr(EVP_F_EVP_PKEY_KEYGEN,
144 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
145 return -2;
146 }
147 if (ctx->operation != EVP_PKEY_OP_KEYGEN) {
148 EVPerr(EVP_F_EVP_PKEY_KEYGEN, EVP_R_OPERATON_NOT_INITIALIZED);
149 return -1;
150 }
151
152 if (!ppkey)
153 return -1;
154
155 if (!*ppkey)
156 *ppkey = EVP_PKEY_new();
157
158 ret = ctx->pmeth->keygen(ctx, *ppkey);
159 if (ret <= 0) {
160 EVP_PKEY_free(*ppkey);
161 *ppkey = NULL;
162 }
163 return ret;
164}
165
166void
167EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb)
168{
169 ctx->pkey_gencb = cb;
170}
171
172EVP_PKEY_gen_cb *
173EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx)
174{
175 return ctx->pkey_gencb;
176}
177
178/* "translation callback" to call EVP_PKEY_CTX callbacks using BN_GENCB
179 * style callbacks.
180 */
181
182static int
183trans_cb(int a, int b, BN_GENCB *gcb)
184{
185 EVP_PKEY_CTX *ctx = gcb->arg;
186 ctx->keygen_info[0] = a;
187 ctx->keygen_info[1] = b;
188 return ctx->pkey_gencb(ctx);
189}
190
191void
192evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx)
193{
194 BN_GENCB_set(cb, trans_cb, ctx)
195}
196
197int
198EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx)
199{
200 if (idx == -1)
201 return ctx->keygen_info_count;
202 if (idx < 0 || idx > ctx->keygen_info_count)
203 return 0;
204 return ctx->keygen_info[idx];
205}
206
207EVP_PKEY *
208EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, int keylen)
209{
210 EVP_PKEY_CTX *mac_ctx = NULL;
211 EVP_PKEY *mac_key = NULL;
212
213 mac_ctx = EVP_PKEY_CTX_new_id(type, e);
214 if (!mac_ctx)
215 return NULL;
216 if (EVP_PKEY_keygen_init(mac_ctx) <= 0)
217 goto merr;
218 if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN,
219 EVP_PKEY_CTRL_SET_MAC_KEY, keylen, (void *)key) <= 0)
220 goto merr;
221 if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0)
222 goto merr;
223
224merr:
225 EVP_PKEY_CTX_free(mac_ctx);
226 return mac_key;
227}
diff --git a/src/lib/libcrypto/evp/pmeth_lib.c b/src/lib/libcrypto/evp/pmeth_lib.c
deleted file mode 100644
index c93fa99cc6..0000000000
--- a/src/lib/libcrypto/evp/pmeth_lib.c
+++ /dev/null
@@ -1,618 +0,0 @@
1/* $OpenBSD: pmeth_lib.c,v 1.11 2015/02/11 03:19:37 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006.
4 */
5/* ====================================================================
6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62
63#include <openssl/opensslconf.h>
64
65#include <openssl/err.h>
66#include <openssl/evp.h>
67#include <openssl/objects.h>
68
69#ifndef OPENSSL_NO_ENGINE
70#include <openssl/engine.h>
71#endif
72
73#include "asn1_locl.h"
74#include "evp_locl.h"
75
76typedef int sk_cmp_fn_type(const char * const *a, const char * const *b);
77
78DECLARE_STACK_OF(EVP_PKEY_METHOD)
79STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
80
81extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
82extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth;
83extern const EVP_PKEY_METHOD gostimit_pkey_meth, gostr01_pkey_meth;
84
85static const EVP_PKEY_METHOD *standard_methods[] = {
86#ifndef OPENSSL_NO_RSA
87 &rsa_pkey_meth,
88#endif
89#ifndef OPENSSL_NO_DH
90 &dh_pkey_meth,
91#endif
92#ifndef OPENSSL_NO_DSA
93 &dsa_pkey_meth,
94#endif
95#ifndef OPENSSL_NO_EC
96 &ec_pkey_meth,
97#endif
98#ifndef OPENSSL_NO_GOST
99 &gostr01_pkey_meth,
100 &gostimit_pkey_meth,
101#endif
102 &hmac_pkey_meth,
103 &cmac_pkey_meth,
104};
105
106DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
107 pmeth);
108
109static int
110pmeth_cmp(const EVP_PKEY_METHOD * const *a, const EVP_PKEY_METHOD * const *b)
111{
112 return ((*a)->pkey_id - (*b)->pkey_id);
113}
114
115IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
116 pmeth);
117
118const EVP_PKEY_METHOD *
119EVP_PKEY_meth_find(int type)
120{
121 EVP_PKEY_METHOD tmp;
122 const EVP_PKEY_METHOD *t = &tmp, **ret;
123
124 tmp.pkey_id = type;
125 if (app_pkey_methods) {
126 int idx;
127 idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
128 if (idx >= 0)
129 return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
130 }
131 ret = OBJ_bsearch_pmeth(&t, standard_methods,
132 sizeof(standard_methods)/sizeof(EVP_PKEY_METHOD *));
133 if (!ret || !*ret)
134 return NULL;
135 return *ret;
136}
137
138static EVP_PKEY_CTX *
139int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
140{
141 EVP_PKEY_CTX *ret;
142 const EVP_PKEY_METHOD *pmeth;
143
144 if (id == -1) {
145 if (!pkey || !pkey->ameth)
146 return NULL;
147 id = pkey->ameth->pkey_id;
148 }
149#ifndef OPENSSL_NO_ENGINE
150 if (pkey && pkey->engine)
151 e = pkey->engine;
152 /* Try to find an ENGINE which implements this method */
153 if (e) {
154 if (!ENGINE_init(e)) {
155 EVPerr(EVP_F_INT_CTX_NEW, ERR_R_ENGINE_LIB);
156 return NULL;
157 }
158 } else
159 e = ENGINE_get_pkey_meth_engine(id);
160
161 /* If an ENGINE handled this method look it up. Othewise
162 * use internal tables.
163 */
164
165 if (e)
166 pmeth = ENGINE_get_pkey_meth(e, id);
167 else
168#endif
169 pmeth = EVP_PKEY_meth_find(id);
170
171 if (pmeth == NULL) {
172 EVPerr(EVP_F_INT_CTX_NEW, EVP_R_UNSUPPORTED_ALGORITHM);
173 return NULL;
174 }
175
176 ret = malloc(sizeof(EVP_PKEY_CTX));
177 if (!ret) {
178#ifndef OPENSSL_NO_ENGINE
179 if (e)
180 ENGINE_finish(e);
181#endif
182 EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE);
183 return NULL;
184 }
185 ret->engine = e;
186 ret->pmeth = pmeth;
187 ret->operation = EVP_PKEY_OP_UNDEFINED;
188 ret->pkey = pkey;
189 ret->peerkey = NULL;
190 ret->pkey_gencb = 0;
191 if (pkey)
192 CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
193 ret->data = NULL;
194
195 if (pmeth->init) {
196 if (pmeth->init(ret) <= 0) {
197 EVP_PKEY_CTX_free(ret);
198 return NULL;
199 }
200 }
201
202 return ret;
203}
204
205EVP_PKEY_METHOD*
206EVP_PKEY_meth_new(int id, int flags)
207{
208 EVP_PKEY_METHOD *pmeth;
209
210 pmeth = calloc(1, sizeof(EVP_PKEY_METHOD));
211 if (!pmeth)
212 return NULL;
213
214 pmeth->pkey_id = id;
215 pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
216
217 pmeth->init = 0;
218 pmeth->copy = 0;
219 pmeth->cleanup = 0;
220 pmeth->paramgen_init = 0;
221 pmeth->paramgen = 0;
222 pmeth->keygen_init = 0;
223 pmeth->keygen = 0;
224 pmeth->sign_init = 0;
225 pmeth->sign = 0;
226 pmeth->verify_init = 0;
227 pmeth->verify = 0;
228 pmeth->verify_recover_init = 0;
229 pmeth->verify_recover = 0;
230 pmeth->signctx_init = 0;
231 pmeth->signctx = 0;
232 pmeth->verifyctx_init = 0;
233 pmeth->verifyctx = 0;
234 pmeth->encrypt_init = 0;
235 pmeth->encrypt = 0;
236 pmeth->decrypt_init = 0;
237 pmeth->decrypt = 0;
238 pmeth->derive_init = 0;
239 pmeth->derive = 0;
240 pmeth->ctrl = 0;
241 pmeth->ctrl_str = 0;
242
243 return pmeth;
244}
245
246void
247EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth)
248{
249 if (ppkey_id)
250 *ppkey_id = meth->pkey_id;
251 if (pflags)
252 *pflags = meth->flags;
253}
254
255void
256EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
257{
258 dst->init = src->init;
259 dst->copy = src->copy;
260 dst->cleanup = src->cleanup;
261
262 dst->paramgen_init = src->paramgen_init;
263 dst->paramgen = src->paramgen;
264
265 dst->keygen_init = src->keygen_init;
266 dst->keygen = src->keygen;
267
268 dst->sign_init = src->sign_init;
269 dst->sign = src->sign;
270
271 dst->verify_init = src->verify_init;
272 dst->verify = src->verify;
273
274 dst->verify_recover_init = src->verify_recover_init;
275 dst->verify_recover = src->verify_recover;
276
277 dst->signctx_init = src->signctx_init;
278 dst->signctx = src->signctx;
279
280 dst->verifyctx_init = src->verifyctx_init;
281 dst->verifyctx = src->verifyctx;
282
283 dst->encrypt_init = src->encrypt_init;
284 dst->encrypt = src->encrypt;
285
286 dst->decrypt_init = src->decrypt_init;
287 dst->decrypt = src->decrypt;
288
289 dst->derive_init = src->derive_init;
290 dst->derive = src->derive;
291
292 dst->ctrl = src->ctrl;
293 dst->ctrl_str = src->ctrl_str;
294}
295
296void
297EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
298{
299 if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
300 free(pmeth);
301}
302
303EVP_PKEY_CTX *
304EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
305{
306 return int_ctx_new(pkey, e, -1);
307}
308
309EVP_PKEY_CTX *
310EVP_PKEY_CTX_new_id(int id, ENGINE *e)
311{
312 return int_ctx_new(NULL, e, id);
313}
314
315EVP_PKEY_CTX *
316EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
317{
318 EVP_PKEY_CTX *rctx;
319
320 if (!pctx->pmeth || !pctx->pmeth->copy)
321 return NULL;
322#ifndef OPENSSL_NO_ENGINE
323 /* Make sure it's safe to copy a pkey context using an ENGINE */
324 if (pctx->engine && !ENGINE_init(pctx->engine)) {
325 EVPerr(EVP_F_EVP_PKEY_CTX_DUP, ERR_R_ENGINE_LIB);
326 return 0;
327 }
328#endif
329 rctx = malloc(sizeof(EVP_PKEY_CTX));
330 if (!rctx)
331 return NULL;
332
333 rctx->pmeth = pctx->pmeth;
334#ifndef OPENSSL_NO_ENGINE
335 rctx->engine = pctx->engine;
336#endif
337
338 if (pctx->pkey)
339 CRYPTO_add(&pctx->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
340
341 rctx->pkey = pctx->pkey;
342
343 if (pctx->peerkey)
344 CRYPTO_add(&pctx->peerkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
345
346 rctx->peerkey = pctx->peerkey;
347
348 rctx->data = NULL;
349 rctx->app_data = NULL;
350 rctx->operation = pctx->operation;
351
352 if (pctx->pmeth->copy(rctx, pctx) > 0)
353 return rctx;
354
355 EVP_PKEY_CTX_free(rctx);
356 return NULL;
357}
358
359int
360EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
361{
362 if (app_pkey_methods == NULL) {
363 app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
364 if (!app_pkey_methods)
365 return 0;
366 }
367 if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))
368 return 0;
369 sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
370 return 1;
371}
372
373void
374EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
375{
376 if (ctx == NULL)
377 return;
378 if (ctx->pmeth && ctx->pmeth->cleanup)
379 ctx->pmeth->cleanup(ctx);
380 EVP_PKEY_free(ctx->pkey);
381 EVP_PKEY_free(ctx->peerkey);
382#ifndef OPENSSL_NO_ENGINE
383 if (ctx->engine)
384 /* The EVP_PKEY_CTX we used belongs to an ENGINE, release the
385 * functional reference we held for this reason. */
386 ENGINE_finish(ctx->engine);
387#endif
388 free(ctx);
389}
390
391int
392EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd,
393 int p1, void *p2)
394{
395 int ret;
396
397 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) {
398 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
399 return -2;
400 }
401 if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))
402 return -1;
403
404 if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {
405 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET);
406 return -1;
407 }
408
409 if ((optype != -1) && !(ctx->operation & optype)) {
410 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION);
411 return -1;
412 }
413
414 ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);
415
416 if (ret == -2)
417 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
418
419 return ret;
420
421}
422
423int
424EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *name, const char *value)
425{
426 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) {
427 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
428 EVP_R_COMMAND_NOT_SUPPORTED);
429 return -2;
430 }
431 if (!strcmp(name, "digest")) {
432 const EVP_MD *md;
433 if (!value || !(md = EVP_get_digestbyname(value))) {
434 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
435 EVP_R_INVALID_DIGEST);
436 return 0;
437 }
438 return EVP_PKEY_CTX_set_signature_md(ctx, md);
439 }
440 return ctx->pmeth->ctrl_str(ctx, name, value);
441}
442
443int
444EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx)
445{
446 return ctx->operation;
447}
448
449void
450EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen)
451{
452 ctx->keygen_info = dat;
453 ctx->keygen_info_count = datlen;
454}
455
456void
457EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data)
458{
459 ctx->data = data;
460}
461
462void *
463EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx)
464{
465 return ctx->data;
466}
467
468EVP_PKEY *
469EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx)
470{
471 return ctx->pkey;
472}
473
474EVP_PKEY *
475EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx)
476{
477 return ctx->peerkey;
478}
479
480void
481EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data)
482{
483 ctx->app_data = data;
484}
485
486void *
487EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
488{
489 return ctx->app_data;
490}
491
492void
493EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
494 int (*init)(EVP_PKEY_CTX *ctx))
495{
496 pmeth->init = init;
497}
498
499void
500EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
501 int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src))
502{
503 pmeth->copy = copy;
504}
505
506void
507EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
508 void (*cleanup)(EVP_PKEY_CTX *ctx))
509{
510 pmeth->cleanup = cleanup;
511}
512
513void
514EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
515 int (*paramgen_init)(EVP_PKEY_CTX *ctx),
516 int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
517{
518 pmeth->paramgen_init = paramgen_init;
519 pmeth->paramgen = paramgen;
520}
521
522void
523EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
524 int (*keygen_init)(EVP_PKEY_CTX *ctx),
525 int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
526{
527 pmeth->keygen_init = keygen_init;
528 pmeth->keygen = keygen;
529}
530
531void
532EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
533 int (*sign_init)(EVP_PKEY_CTX *ctx),
534 int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
535 const unsigned char *tbs, size_t tbslen))
536{
537 pmeth->sign_init = sign_init;
538 pmeth->sign = sign;
539}
540
541void
542EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
543 int (*verify_init)(EVP_PKEY_CTX *ctx),
544 int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
545 const unsigned char *tbs, size_t tbslen))
546{
547 pmeth->verify_init = verify_init;
548 pmeth->verify = verify;
549}
550
551void
552EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
553 int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
554 int (*verify_recover)(EVP_PKEY_CTX *ctx,
555 unsigned char *sig, size_t *siglen,
556 const unsigned char *tbs, size_t tbslen))
557{
558 pmeth->verify_recover_init = verify_recover_init;
559 pmeth->verify_recover = verify_recover;
560}
561
562void
563EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
564 int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
565 int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
566 EVP_MD_CTX *mctx))
567{
568 pmeth->signctx_init = signctx_init;
569 pmeth->signctx = signctx;
570}
571
572void
573EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
574 int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
575 int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
576 EVP_MD_CTX *mctx))
577{
578 pmeth->verifyctx_init = verifyctx_init;
579 pmeth->verifyctx = verifyctx;
580}
581
582void
583EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
584 int (*encrypt_init)(EVP_PKEY_CTX *ctx),
585 int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
586 const unsigned char *in, size_t inlen))
587{
588 pmeth->encrypt_init = encrypt_init;
589 pmeth->encrypt = encryptfn;
590}
591
592void
593EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
594 int (*decrypt_init)(EVP_PKEY_CTX *ctx),
595 int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
596 const unsigned char *in, size_t inlen))
597{
598 pmeth->decrypt_init = decrypt_init;
599 pmeth->decrypt = decrypt;
600}
601
602void
603EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
604 int (*derive_init)(EVP_PKEY_CTX *ctx),
605 int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen))
606{
607 pmeth->derive_init = derive_init;
608 pmeth->derive = derive;
609}
610
611void
612EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
613 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
614 int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value))
615{
616 pmeth->ctrl = ctrl;
617 pmeth->ctrl_str = ctrl_str;
618}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 20:08:24 +0000