summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/evp')
-rw-r--r--src/lib/libcrypto/evp/Makefile70
-rw-r--r--src/lib/libcrypto/evp/bio_b64.c598
-rw-r--r--src/lib/libcrypto/evp/bio_enc.c428
-rw-r--r--src/lib/libcrypto/evp/bio_md.c270
-rw-r--r--src/lib/libcrypto/evp/bio_ok.c103
-rw-r--r--src/lib/libcrypto/evp/c_all.c90
-rw-r--r--src/lib/libcrypto/evp/c_allc.c18
-rw-r--r--src/lib/libcrypto/evp/digest.c377
-rw-r--r--src/lib/libcrypto/evp/e_acss.c85
-rw-r--r--src/lib/libcrypto/evp/e_aes.c120
-rw-r--r--src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c406
-rw-r--r--src/lib/libcrypto/evp/e_bf.c88
-rw-r--r--src/lib/libcrypto/evp/e_camellia.c131
-rw-r--r--src/lib/libcrypto/evp/e_cast.c90
-rw-r--r--src/lib/libcrypto/evp/e_des.c224
-rw-r--r--src/lib/libcrypto/evp/e_des3.c313
-rw-r--r--src/lib/libcrypto/evp/e_idea.c118
-rw-r--r--src/lib/libcrypto/evp/e_null.c102
-rw-r--r--src/lib/libcrypto/evp/e_old.c125
-rw-r--r--src/lib/libcrypto/evp/e_rc2.c237
-rw-r--r--src/lib/libcrypto/evp/e_rc4.c136
-rw-r--r--src/lib/libcrypto/evp/e_rc4_hmac_md5.c298
-rw-r--r--src/lib/libcrypto/evp/e_seed.c (renamed from src/lib/libcrypto/evp/evp_cnf.c)92
-rw-r--r--src/lib/libcrypto/evp/e_xcbc_d.c138
-rw-r--r--src/lib/libcrypto/evp/enc_min.c390
-rw-r--r--src/lib/libcrypto/evp/encode.c445
-rw-r--r--src/lib/libcrypto/evp/evp.h1329
-rw-r--r--src/lib/libcrypto/evp/evp_enc.c604
-rw-r--r--src/lib/libcrypto/evp/evp_err.c219
-rw-r--r--src/lib/libcrypto/evp/evp_fips.c113
-rw-r--r--src/lib/libcrypto/evp/evp_key.c180
-rw-r--r--src/lib/libcrypto/evp/evp_lib.c312
-rw-r--r--src/lib/libcrypto/evp/evp_locl.h345
-rw-r--r--src/lib/libcrypto/evp/evp_pbe.c311
-rw-r--r--src/lib/libcrypto/evp/evp_pkey.c242
-rw-r--r--src/lib/libcrypto/evp/evptests.txt13
-rw-r--r--src/lib/libcrypto/evp/m_dss.c99
-rw-r--r--src/lib/libcrypto/evp/m_dss1.c100
-rw-r--r--src/lib/libcrypto/evp/m_ecdsa.c (renamed from src/lib/libcrypto/evp/dig_eng.c)193
-rw-r--r--src/lib/libcrypto/evp/m_md4.c101
-rw-r--r--src/lib/libcrypto/evp/m_md5.c101
-rw-r--r--src/lib/libcrypto/evp/m_mdc2.c2
-rw-r--r--src/lib/libcrypto/evp/m_null.c95
-rw-r--r--src/lib/libcrypto/evp/m_ripemd.c101
-rw-r--r--src/lib/libcrypto/evp/m_sha.c1
-rw-r--r--src/lib/libcrypto/evp/m_sha1.c204
-rw-r--r--src/lib/libcrypto/evp/m_sigver.c200
-rw-r--r--src/lib/libcrypto/evp/m_wp.c43
-rw-r--r--src/lib/libcrypto/evp/names.c201
-rw-r--r--src/lib/libcrypto/evp/p5_crpt.c132
-rw-r--r--src/lib/libcrypto/evp/p5_crpt2.c299
-rw-r--r--src/lib/libcrypto/evp/p_dec.c87
-rw-r--r--src/lib/libcrypto/evp/p_enc.c86
-rw-r--r--src/lib/libcrypto/evp/p_lib.c469
-rw-r--r--src/lib/libcrypto/evp/p_open.c127
-rw-r--r--src/lib/libcrypto/evp/p_seal.c115
-rw-r--r--src/lib/libcrypto/evp/p_sign.c137
-rw-r--r--src/lib/libcrypto/evp/p_verify.c119
-rw-r--r--src/lib/libcrypto/evp/pmeth_fn.c368
-rw-r--r--src/lib/libcrypto/evp/pmeth_gn.c221
-rw-r--r--src/lib/libcrypto/evp/pmeth_lib.c593
61 files changed, 12628 insertions, 726 deletions
diff --git a/src/lib/libcrypto/evp/Makefile b/src/lib/libcrypto/evp/Makefile
index 0fe1b96bff..82825e5299 100644
--- a/src/lib/libcrypto/evp/Makefile
+++ b/src/lib/libcrypto/evp/Makefile
@@ -28,8 +28,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
28 bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ 28 bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
29 c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \ 29 c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
30 evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c \ 30 evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c \
31 e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c evp_fips.c \ 31 e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c
32 e_aes_cbc_hmac_sha1.c e_rc4_hmac_md5.c
33 32
34LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \ 33LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \
35 e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\ 34 e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
@@ -41,8 +40,7 @@ LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \
41 bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \ 40 bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
42 c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \ 41 c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
43 evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o \ 42 evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o \
44 e_old.o pmeth_lib.o pmeth_fn.o pmeth_gn.o m_sigver.o evp_fips.o \ 43 e_old.o pmeth_lib.o pmeth_fn.o pmeth_gn.o m_sigver.o
45 e_aes_cbc_hmac_sha1.o e_rc4_hmac_md5.o
46 44
47SRC= $(LIBSRC) 45SRC= $(LIBSRC)
48 46
@@ -191,27 +189,11 @@ e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
191e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h 189e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
192e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 190e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
193e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h 191e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
194e_aes.o: ../../include/openssl/modes.h ../../include/openssl/obj_mac.h 192e_aes.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
195e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h 193e_aes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
196e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h 194e_aes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
197e_aes.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h 195e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h e_aes.c
198e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 196e_aes.o: evp_locl.h
199e_aes.o: ../modes/modes_lcl.h e_aes.c evp_locl.h
200e_aes_cbc_hmac_sha1.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
201e_aes_cbc_hmac_sha1.o: ../../include/openssl/bio.h
202e_aes_cbc_hmac_sha1.o: ../../include/openssl/crypto.h
203e_aes_cbc_hmac_sha1.o: ../../include/openssl/e_os2.h
204e_aes_cbc_hmac_sha1.o: ../../include/openssl/evp.h
205e_aes_cbc_hmac_sha1.o: ../../include/openssl/obj_mac.h
206e_aes_cbc_hmac_sha1.o: ../../include/openssl/objects.h
207e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslconf.h
208e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslv.h
209e_aes_cbc_hmac_sha1.o: ../../include/openssl/ossl_typ.h
210e_aes_cbc_hmac_sha1.o: ../../include/openssl/safestack.h
211e_aes_cbc_hmac_sha1.o: ../../include/openssl/sha.h
212e_aes_cbc_hmac_sha1.o: ../../include/openssl/stack.h
213e_aes_cbc_hmac_sha1.o: ../../include/openssl/symhacks.h e_aes_cbc_hmac_sha1.c
214e_aes_cbc_hmac_sha1.o: evp_locl.h
215e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h 197e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
216e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h 198e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h
217e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h 199e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -297,18 +279,7 @@ e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
297e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 279e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
298e_rc4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h 280e_rc4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
299e_rc4.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 281e_rc4.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
300e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc4.c evp_locl.h 282e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc4.c
301e_rc4_hmac_md5.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
302e_rc4_hmac_md5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
303e_rc4_hmac_md5.o: ../../include/openssl/evp.h ../../include/openssl/md5.h
304e_rc4_hmac_md5.o: ../../include/openssl/obj_mac.h
305e_rc4_hmac_md5.o: ../../include/openssl/objects.h
306e_rc4_hmac_md5.o: ../../include/openssl/opensslconf.h
307e_rc4_hmac_md5.o: ../../include/openssl/opensslv.h
308e_rc4_hmac_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
309e_rc4_hmac_md5.o: ../../include/openssl/safestack.h
310e_rc4_hmac_md5.o: ../../include/openssl/stack.h
311e_rc4_hmac_md5.o: ../../include/openssl/symhacks.h e_rc4_hmac_md5.c
312e_rc5.o: ../../e_os.h ../../include/openssl/bio.h 283e_rc5.o: ../../e_os.h ../../include/openssl/bio.h
313e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 284e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
314e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 285e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -378,13 +349,6 @@ evp_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
378evp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h 349evp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
379evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 350evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
380evp_err.o: ../../include/openssl/symhacks.h evp_err.c 351evp_err.o: ../../include/openssl/symhacks.h evp_err.c
381evp_fips.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
382evp_fips.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
383evp_fips.o: ../../include/openssl/evp.h ../../include/openssl/obj_mac.h
384evp_fips.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
385evp_fips.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
386evp_fips.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
387evp_fips.o: ../../include/openssl/symhacks.h evp_fips.c
388evp_key.o: ../../e_os.h ../../include/openssl/asn1.h 352evp_key.o: ../../e_os.h ../../include/openssl/asn1.h
389evp_key.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h 353evp_key.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
390evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h 354evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -419,7 +383,7 @@ evp_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
419evp_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h 383evp_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
420evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h 384evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
421evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h 385evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
422evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h evp_pbe.c 386evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pbe.c
423evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h 387evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
424evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h 388evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
425evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h 389evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -492,7 +456,7 @@ m_md4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
492m_md4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h 456m_md4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
493m_md4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h 457m_md4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
494m_md4.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h 458m_md4.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
495m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_md4.c 459m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md4.c
496m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h 460m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
497m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 461m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
498m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h 462m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@@ -505,7 +469,7 @@ m_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
505m_md5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h 469m_md5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
506m_md5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h 470m_md5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
507m_md5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h 471m_md5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
508m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_md5.c 472m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md5.c
509m_mdc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h 473m_mdc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
510m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 474m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
511m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h 475m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
@@ -520,7 +484,7 @@ m_mdc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
520m_mdc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h 484m_mdc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
521m_mdc2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h 485m_mdc2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
522m_mdc2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h 486m_mdc2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
523m_mdc2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_mdc2.c 487m_mdc2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_mdc2.c
524m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h 488m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
525m_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 489m_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
526m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h 490m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@@ -546,8 +510,7 @@ m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h
546m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h 510m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
547m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h 511m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
548m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h 512m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
549m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h 513m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ripemd.c
550m_ripemd.o: m_ripemd.c
551m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h 514m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
552m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 515m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
553m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h 516m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@@ -560,7 +523,7 @@ m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
560m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h 523m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
561m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 524m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
562m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h 525m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
563m_sha.o: ../cryptlib.h evp_locl.h m_sha.c 526m_sha.o: ../cryptlib.h m_sha.c
564m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h 527m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
565m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 528m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
566m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h 529m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@@ -600,7 +563,7 @@ m_wp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
600m_wp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h 563m_wp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
601m_wp.o: ../../include/openssl/symhacks.h ../../include/openssl/whrlpool.h 564m_wp.o: ../../include/openssl/symhacks.h ../../include/openssl/whrlpool.h
602m_wp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h 565m_wp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
603m_wp.o: ../cryptlib.h evp_locl.h m_wp.c 566m_wp.o: ../cryptlib.h m_wp.c
604names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h 567names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
605names.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 568names.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
606names.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h 569names.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@@ -638,8 +601,7 @@ p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
638p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h 601p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
639p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h 602p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
640p5_crpt2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h 603p5_crpt2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
641p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h 604p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt2.c
642p5_crpt2.o: p5_crpt2.c
643p_dec.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h 605p_dec.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
644p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 606p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
645p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h 607p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
diff --git a/src/lib/libcrypto/evp/bio_b64.c b/src/lib/libcrypto/evp/bio_b64.c
new file mode 100644
index 0000000000..72a2a67277
--- /dev/null
+++ b/src/lib/libcrypto/evp/bio_b64.c
@@ -0,0 +1,598 @@
1/* crypto/evp/bio_b64.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include <openssl/buffer.h>
63#include <openssl/evp.h>
64
65static int b64_write(BIO *h, const char *buf, int num);
66static int b64_read(BIO *h, char *buf, int size);
67static int b64_puts(BIO *h, const char *str);
68/*static int b64_gets(BIO *h, char *str, int size); */
69static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2);
70static int b64_new(BIO *h);
71static int b64_free(BIO *data);
72static long b64_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
73#define B64_BLOCK_SIZE 1024
74#define B64_BLOCK_SIZE2 768
75#define B64_NONE 0
76#define B64_ENCODE 1
77#define B64_DECODE 2
78
79typedef struct b64_struct
80 {
81 /*BIO *bio; moved to the BIO structure */
82 int buf_len;
83 int buf_off;
84 int tmp_len; /* used to find the start when decoding */
85 int tmp_nl; /* If true, scan until '\n' */
86 int encode;
87 int start; /* have we started decoding yet? */
88 int cont; /* <= 0 when finished */
89 EVP_ENCODE_CTX base64;
90 char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE)+10];
91 char tmp[B64_BLOCK_SIZE];
92 } BIO_B64_CTX;
93
94static BIO_METHOD methods_b64=
95 {
96 BIO_TYPE_BASE64,"base64 encoding",
97 b64_write,
98 b64_read,
99 b64_puts,
100 NULL, /* b64_gets, */
101 b64_ctrl,
102 b64_new,
103 b64_free,
104 b64_callback_ctrl,
105 };
106
107BIO_METHOD *BIO_f_base64(void)
108 {
109 return(&methods_b64);
110 }
111
112static int b64_new(BIO *bi)
113 {
114 BIO_B64_CTX *ctx;
115
116 ctx=(BIO_B64_CTX *)OPENSSL_malloc(sizeof(BIO_B64_CTX));
117 if (ctx == NULL) return(0);
118
119 ctx->buf_len=0;
120 ctx->tmp_len=0;
121 ctx->tmp_nl=0;
122 ctx->buf_off=0;
123 ctx->cont=1;
124 ctx->start=1;
125 ctx->encode=0;
126
127 bi->init=1;
128 bi->ptr=(char *)ctx;
129 bi->flags=0;
130 bi->num = 0;
131 return(1);
132 }
133
134static int b64_free(BIO *a)
135 {
136 if (a == NULL) return(0);
137 OPENSSL_free(a->ptr);
138 a->ptr=NULL;
139 a->init=0;
140 a->flags=0;
141 return(1);
142 }
143
144static int b64_read(BIO *b, char *out, int outl)
145 {
146 int ret=0,i,ii,j,k,x,n,num,ret_code=0;
147 BIO_B64_CTX *ctx;
148 unsigned char *p,*q;
149
150 if (out == NULL) return(0);
151 ctx=(BIO_B64_CTX *)b->ptr;
152
153 if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
154
155 BIO_clear_retry_flags(b);
156
157 if (ctx->encode != B64_DECODE)
158 {
159 ctx->encode=B64_DECODE;
160 ctx->buf_len=0;
161 ctx->buf_off=0;
162 ctx->tmp_len=0;
163 EVP_DecodeInit(&(ctx->base64));
164 }
165
166 /* First check if there are bytes decoded/encoded */
167 if (ctx->buf_len > 0)
168 {
169 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
170 i=ctx->buf_len-ctx->buf_off;
171 if (i > outl) i=outl;
172 OPENSSL_assert(ctx->buf_off+i < (int)sizeof(ctx->buf));
173 memcpy(out,&(ctx->buf[ctx->buf_off]),i);
174 ret=i;
175 out+=i;
176 outl-=i;
177 ctx->buf_off+=i;
178 if (ctx->buf_len == ctx->buf_off)
179 {
180 ctx->buf_len=0;
181 ctx->buf_off=0;
182 }
183 }
184
185 /* At this point, we have room of outl bytes and an empty
186 * buffer, so we should read in some more. */
187
188 ret_code=0;
189 while (outl > 0)
190 {
191 if (ctx->cont <= 0)
192 break;
193
194 i=BIO_read(b->next_bio,&(ctx->tmp[ctx->tmp_len]),
195 B64_BLOCK_SIZE-ctx->tmp_len);
196
197 if (i <= 0)
198 {
199 ret_code=i;
200
201 /* Should we continue next time we are called? */
202 if (!BIO_should_retry(b->next_bio))
203 {
204 ctx->cont=i;
205 /* If buffer empty break */
206 if(ctx->tmp_len == 0)
207 break;
208 /* Fall through and process what we have */
209 else
210 i = 0;
211 }
212 /* else we retry and add more data to buffer */
213 else
214 break;
215 }
216 i+=ctx->tmp_len;
217 ctx->tmp_len = i;
218
219 /* We need to scan, a line at a time until we
220 * have a valid line if we are starting. */
221 if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL))
222 {
223 /* ctx->start=1; */
224 ctx->tmp_len=0;
225 }
226 else if (ctx->start)
227 {
228 q=p=(unsigned char *)ctx->tmp;
229 for (j=0; j<i; j++)
230 {
231 if (*(q++) != '\n') continue;
232
233 /* due to a previous very long line,
234 * we need to keep on scanning for a '\n'
235 * before we even start looking for
236 * base64 encoded stuff. */
237 if (ctx->tmp_nl)
238 {
239 p=q;
240 ctx->tmp_nl=0;
241 continue;
242 }
243
244 k=EVP_DecodeUpdate(&(ctx->base64),
245 (unsigned char *)ctx->buf,
246 &num,p,q-p);
247 if ((k <= 0) && (num == 0) && (ctx->start))
248 EVP_DecodeInit(&ctx->base64);
249 else
250 {
251 if (p != (unsigned char *)
252 &(ctx->tmp[0]))
253 {
254 i-=(p- (unsigned char *)
255 &(ctx->tmp[0]));
256 for (x=0; x < i; x++)
257 ctx->tmp[x]=p[x];
258 }
259 EVP_DecodeInit(&ctx->base64);
260 ctx->start=0;
261 break;
262 }
263 p=q;
264 }
265
266 /* we fell off the end without starting */
267 if (j == i)
268 {
269 /* Is this is one long chunk?, if so, keep on
270 * reading until a new line. */
271 if (p == (unsigned char *)&(ctx->tmp[0]))
272 {
273 /* Check buffer full */
274 if (i == B64_BLOCK_SIZE)
275 {
276 ctx->tmp_nl=1;
277 ctx->tmp_len=0;
278 }
279 }
280 else if (p != q) /* finished on a '\n' */
281 {
282 n=q-p;
283 for (ii=0; ii<n; ii++)
284 ctx->tmp[ii]=p[ii];
285 ctx->tmp_len=n;
286 }
287 /* else finished on a '\n' */
288 continue;
289 }
290 else
291 {
292 ctx->tmp_len=0;
293 }
294 }
295 else if ((i < B64_BLOCK_SIZE) && (ctx->cont > 0))
296 {
297 /* If buffer isn't full and we can retry then
298 * restart to read in more data.
299 */
300 continue;
301 }
302
303 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
304 {
305 int z,jj;
306
307#if 0
308 jj=(i>>2)<<2;
309#else
310 jj = i & ~3; /* process per 4 */
311#endif
312 z=EVP_DecodeBlock((unsigned char *)ctx->buf,
313 (unsigned char *)ctx->tmp,jj);
314 if (jj > 2)
315 {
316 if (ctx->tmp[jj-1] == '=')
317 {
318 z--;
319 if (ctx->tmp[jj-2] == '=')
320 z--;
321 }
322 }
323 /* z is now number of output bytes and jj is the
324 * number consumed */
325 if (jj != i)
326 {
327 memmove(ctx->tmp, &ctx->tmp[jj], i-jj);
328 ctx->tmp_len=i-jj;
329 }
330 ctx->buf_len=0;
331 if (z > 0)
332 {
333 ctx->buf_len=z;
334 }
335 i=z;
336 }
337 else
338 {
339 i=EVP_DecodeUpdate(&(ctx->base64),
340 (unsigned char *)ctx->buf,&ctx->buf_len,
341 (unsigned char *)ctx->tmp,i);
342 ctx->tmp_len = 0;
343 }
344 ctx->buf_off=0;
345 if (i < 0)
346 {
347 ret_code=0;
348 ctx->buf_len=0;
349 break;
350 }
351
352 if (ctx->buf_len <= outl)
353 i=ctx->buf_len;
354 else
355 i=outl;
356
357 memcpy(out,ctx->buf,i);
358 ret+=i;
359 ctx->buf_off=i;
360 if (ctx->buf_off == ctx->buf_len)
361 {
362 ctx->buf_len=0;
363 ctx->buf_off=0;
364 }
365 outl-=i;
366 out+=i;
367 }
368 /* BIO_clear_retry_flags(b); */
369 BIO_copy_next_retry(b);
370 return((ret == 0)?ret_code:ret);
371 }
372
373static int b64_write(BIO *b, const char *in, int inl)
374 {
375 int ret=0;
376 int n;
377 int i;
378 BIO_B64_CTX *ctx;
379
380 ctx=(BIO_B64_CTX *)b->ptr;
381 BIO_clear_retry_flags(b);
382
383 if (ctx->encode != B64_ENCODE)
384 {
385 ctx->encode=B64_ENCODE;
386 ctx->buf_len=0;
387 ctx->buf_off=0;
388 ctx->tmp_len=0;
389 EVP_EncodeInit(&(ctx->base64));
390 }
391
392 OPENSSL_assert(ctx->buf_off < (int)sizeof(ctx->buf));
393 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
394 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
395 n=ctx->buf_len-ctx->buf_off;
396 while (n > 0)
397 {
398 i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
399 if (i <= 0)
400 {
401 BIO_copy_next_retry(b);
402 return(i);
403 }
404 OPENSSL_assert(i <= n);
405 ctx->buf_off+=i;
406 OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
407 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
408 n-=i;
409 }
410 /* at this point all pending data has been written */
411 ctx->buf_off=0;
412 ctx->buf_len=0;
413
414 if ((in == NULL) || (inl <= 0)) return(0);
415
416 while (inl > 0)
417 {
418 n=(inl > B64_BLOCK_SIZE)?B64_BLOCK_SIZE:inl;
419
420 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
421 {
422 if (ctx->tmp_len > 0)
423 {
424 OPENSSL_assert(ctx->tmp_len <= 3);
425 n=3-ctx->tmp_len;
426 /* There's a theoretical possibility for this */
427 if (n > inl)
428 n=inl;
429 memcpy(&(ctx->tmp[ctx->tmp_len]),in,n);
430 ctx->tmp_len+=n;
431 ret += n;
432 if (ctx->tmp_len < 3)
433 break;
434 ctx->buf_len=EVP_EncodeBlock((unsigned char *)ctx->buf,(unsigned char *)ctx->tmp,ctx->tmp_len);
435 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
436 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
437 /* Since we're now done using the temporary
438 buffer, the length should be 0'd */
439 ctx->tmp_len=0;
440 }
441 else
442 {
443 if (n < 3)
444 {
445 memcpy(ctx->tmp,in,n);
446 ctx->tmp_len=n;
447 ret += n;
448 break;
449 }
450 n-=n%3;
451 ctx->buf_len=EVP_EncodeBlock((unsigned char *)ctx->buf,(const unsigned char *)in,n);
452 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
453 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
454 ret += n;
455 }
456 }
457 else
458 {
459 EVP_EncodeUpdate(&(ctx->base64),
460 (unsigned char *)ctx->buf,&ctx->buf_len,
461 (unsigned char *)in,n);
462 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
463 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
464 ret += n;
465 }
466 inl-=n;
467 in+=n;
468
469 ctx->buf_off=0;
470 n=ctx->buf_len;
471 while (n > 0)
472 {
473 i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
474 if (i <= 0)
475 {
476 BIO_copy_next_retry(b);
477 return((ret == 0)?i:ret);
478 }
479 OPENSSL_assert(i <= n);
480 n-=i;
481 ctx->buf_off+=i;
482 OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
483 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
484 }
485 ctx->buf_len=0;
486 ctx->buf_off=0;
487 }
488 return(ret);
489 }
490
491static long b64_ctrl(BIO *b, int cmd, long num, void *ptr)
492 {
493 BIO_B64_CTX *ctx;
494 long ret=1;
495 int i;
496
497 ctx=(BIO_B64_CTX *)b->ptr;
498
499 switch (cmd)
500 {
501 case BIO_CTRL_RESET:
502 ctx->cont=1;
503 ctx->start=1;
504 ctx->encode=B64_NONE;
505 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
506 break;
507 case BIO_CTRL_EOF: /* More to read */
508 if (ctx->cont <= 0)
509 ret=1;
510 else
511 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
512 break;
513 case BIO_CTRL_WPENDING: /* More to write in buffer */
514 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
515 ret=ctx->buf_len-ctx->buf_off;
516 if ((ret == 0) && (ctx->encode != B64_NONE)
517 && (ctx->base64.num != 0))
518 ret=1;
519 else if (ret <= 0)
520 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
521 break;
522 case BIO_CTRL_PENDING: /* More to read in buffer */
523 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
524 ret=ctx->buf_len-ctx->buf_off;
525 if (ret <= 0)
526 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
527 break;
528 case BIO_CTRL_FLUSH:
529 /* do a final write */
530again:
531 while (ctx->buf_len != ctx->buf_off)
532 {
533 i=b64_write(b,NULL,0);
534 if (i < 0)
535 return i;
536 }
537 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
538 {
539 if (ctx->tmp_len != 0)
540 {
541 ctx->buf_len=EVP_EncodeBlock(
542 (unsigned char *)ctx->buf,
543 (unsigned char *)ctx->tmp,
544 ctx->tmp_len);
545 ctx->buf_off=0;
546 ctx->tmp_len=0;
547 goto again;
548 }
549 }
550 else if (ctx->encode != B64_NONE && ctx->base64.num != 0)
551 {
552 ctx->buf_off=0;
553 EVP_EncodeFinal(&(ctx->base64),
554 (unsigned char *)ctx->buf,
555 &(ctx->buf_len));
556 /* push out the bytes */
557 goto again;
558 }
559 /* Finally flush the underlying BIO */
560 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
561 break;
562
563 case BIO_C_DO_STATE_MACHINE:
564 BIO_clear_retry_flags(b);
565 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
566 BIO_copy_next_retry(b);
567 break;
568
569 case BIO_CTRL_DUP:
570 break;
571 case BIO_CTRL_INFO:
572 case BIO_CTRL_GET:
573 case BIO_CTRL_SET:
574 default:
575 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
576 break;
577 }
578 return(ret);
579 }
580
581static long b64_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
582 {
583 long ret=1;
584
585 if (b->next_bio == NULL) return(0);
586 switch (cmd)
587 {
588 default:
589 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
590 break;
591 }
592 return(ret);
593 }
594
595static int b64_puts(BIO *b, const char *str)
596 {
597 return b64_write(b,str,strlen(str));
598 }
diff --git a/src/lib/libcrypto/evp/bio_enc.c b/src/lib/libcrypto/evp/bio_enc.c
new file mode 100644
index 0000000000..b6efb5fbc4
--- /dev/null
+++ b/src/lib/libcrypto/evp/bio_enc.c
@@ -0,0 +1,428 @@
1/* crypto/evp/bio_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include <openssl/buffer.h>
63#include <openssl/evp.h>
64
65static int enc_write(BIO *h, const char *buf, int num);
66static int enc_read(BIO *h, char *buf, int size);
67/*static int enc_puts(BIO *h, const char *str); */
68/*static int enc_gets(BIO *h, char *str, int size); */
69static long enc_ctrl(BIO *h, int cmd, long arg1, void *arg2);
70static int enc_new(BIO *h);
71static int enc_free(BIO *data);
72static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
73#define ENC_BLOCK_SIZE (1024*4)
74#define BUF_OFFSET (EVP_MAX_BLOCK_LENGTH*2)
75
76typedef struct enc_struct
77 {
78 int buf_len;
79 int buf_off;
80 int cont; /* <= 0 when finished */
81 int finished;
82 int ok; /* bad decrypt */
83 EVP_CIPHER_CTX cipher;
84 /* buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate
85 * can return up to a block more data than is presented to it
86 */
87 char buf[ENC_BLOCK_SIZE+BUF_OFFSET+2];
88 } BIO_ENC_CTX;
89
90static BIO_METHOD methods_enc=
91 {
92 BIO_TYPE_CIPHER,"cipher",
93 enc_write,
94 enc_read,
95 NULL, /* enc_puts, */
96 NULL, /* enc_gets, */
97 enc_ctrl,
98 enc_new,
99 enc_free,
100 enc_callback_ctrl,
101 };
102
103BIO_METHOD *BIO_f_cipher(void)
104 {
105 return(&methods_enc);
106 }
107
108static int enc_new(BIO *bi)
109 {
110 BIO_ENC_CTX *ctx;
111
112 ctx=(BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX));
113 if (ctx == NULL) return(0);
114 EVP_CIPHER_CTX_init(&ctx->cipher);
115
116 ctx->buf_len=0;
117 ctx->buf_off=0;
118 ctx->cont=1;
119 ctx->finished=0;
120 ctx->ok=1;
121
122 bi->init=0;
123 bi->ptr=(char *)ctx;
124 bi->flags=0;
125 return(1);
126 }
127
128static int enc_free(BIO *a)
129 {
130 BIO_ENC_CTX *b;
131
132 if (a == NULL) return(0);
133 b=(BIO_ENC_CTX *)a->ptr;
134 EVP_CIPHER_CTX_cleanup(&(b->cipher));
135 OPENSSL_cleanse(a->ptr,sizeof(BIO_ENC_CTX));
136 OPENSSL_free(a->ptr);
137 a->ptr=NULL;
138 a->init=0;
139 a->flags=0;
140 return(1);
141 }
142
143static int enc_read(BIO *b, char *out, int outl)
144 {
145 int ret=0,i;
146 BIO_ENC_CTX *ctx;
147
148 if (out == NULL) return(0);
149 ctx=(BIO_ENC_CTX *)b->ptr;
150
151 if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
152
153 /* First check if there are bytes decoded/encoded */
154 if (ctx->buf_len > 0)
155 {
156 i=ctx->buf_len-ctx->buf_off;
157 if (i > outl) i=outl;
158 memcpy(out,&(ctx->buf[ctx->buf_off]),i);
159 ret=i;
160 out+=i;
161 outl-=i;
162 ctx->buf_off+=i;
163 if (ctx->buf_len == ctx->buf_off)
164 {
165 ctx->buf_len=0;
166 ctx->buf_off=0;
167 }
168 }
169
170 /* At this point, we have room of outl bytes and an empty
171 * buffer, so we should read in some more. */
172
173 while (outl > 0)
174 {
175 if (ctx->cont <= 0) break;
176
177 /* read in at IV offset, read the EVP_Cipher
178 * documentation about why */
179 i=BIO_read(b->next_bio,&(ctx->buf[BUF_OFFSET]),ENC_BLOCK_SIZE);
180
181 if (i <= 0)
182 {
183 /* Should be continue next time we are called? */
184 if (!BIO_should_retry(b->next_bio))
185 {
186 ctx->cont=i;
187 i=EVP_CipherFinal_ex(&(ctx->cipher),
188 (unsigned char *)ctx->buf,
189 &(ctx->buf_len));
190 ctx->ok=i;
191 ctx->buf_off=0;
192 }
193 else
194 {
195 ret=(ret == 0)?i:ret;
196 break;
197 }
198 }
199 else
200 {
201 EVP_CipherUpdate(&(ctx->cipher),
202 (unsigned char *)ctx->buf,&ctx->buf_len,
203 (unsigned char *)&(ctx->buf[BUF_OFFSET]),i);
204 ctx->cont=1;
205 /* Note: it is possible for EVP_CipherUpdate to
206 * decrypt zero bytes because this is or looks like
207 * the final block: if this happens we should retry
208 * and either read more data or decrypt the final
209 * block
210 */
211 if(ctx->buf_len == 0) continue;
212 }
213
214 if (ctx->buf_len <= outl)
215 i=ctx->buf_len;
216 else
217 i=outl;
218 if (i <= 0) break;
219 memcpy(out,ctx->buf,i);
220 ret+=i;
221 ctx->buf_off=i;
222 outl-=i;
223 out+=i;
224 }
225
226 BIO_clear_retry_flags(b);
227 BIO_copy_next_retry(b);
228 return((ret == 0)?ctx->cont:ret);
229 }
230
231static int enc_write(BIO *b, const char *in, int inl)
232 {
233 int ret=0,n,i;
234 BIO_ENC_CTX *ctx;
235
236 ctx=(BIO_ENC_CTX *)b->ptr;
237 ret=inl;
238
239 BIO_clear_retry_flags(b);
240 n=ctx->buf_len-ctx->buf_off;
241 while (n > 0)
242 {
243 i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
244 if (i <= 0)
245 {
246 BIO_copy_next_retry(b);
247 return(i);
248 }
249 ctx->buf_off+=i;
250 n-=i;
251 }
252 /* at this point all pending data has been written */
253
254 if ((in == NULL) || (inl <= 0)) return(0);
255
256 ctx->buf_off=0;
257 while (inl > 0)
258 {
259 n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl;
260 EVP_CipherUpdate(&(ctx->cipher),
261 (unsigned char *)ctx->buf,&ctx->buf_len,
262 (unsigned char *)in,n);
263 inl-=n;
264 in+=n;
265
266 ctx->buf_off=0;
267 n=ctx->buf_len;
268 while (n > 0)
269 {
270 i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
271 if (i <= 0)
272 {
273 BIO_copy_next_retry(b);
274 return (ret == inl) ? i : ret - inl;
275 }
276 n-=i;
277 ctx->buf_off+=i;
278 }
279 ctx->buf_len=0;
280 ctx->buf_off=0;
281 }
282 BIO_copy_next_retry(b);
283 return(ret);
284 }
285
286static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)
287 {
288 BIO *dbio;
289 BIO_ENC_CTX *ctx,*dctx;
290 long ret=1;
291 int i;
292 EVP_CIPHER_CTX **c_ctx;
293
294 ctx=(BIO_ENC_CTX *)b->ptr;
295
296 switch (cmd)
297 {
298 case BIO_CTRL_RESET:
299 ctx->ok=1;
300 ctx->finished=0;
301 EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL,
302 ctx->cipher.encrypt);
303 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
304 break;
305 case BIO_CTRL_EOF: /* More to read */
306 if (ctx->cont <= 0)
307 ret=1;
308 else
309 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
310 break;
311 case BIO_CTRL_WPENDING:
312 ret=ctx->buf_len-ctx->buf_off;
313 if (ret <= 0)
314 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
315 break;
316 case BIO_CTRL_PENDING: /* More to read in buffer */
317 ret=ctx->buf_len-ctx->buf_off;
318 if (ret <= 0)
319 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
320 break;
321 case BIO_CTRL_FLUSH:
322 /* do a final write */
323again:
324 while (ctx->buf_len != ctx->buf_off)
325 {
326 i=enc_write(b,NULL,0);
327 if (i < 0)
328 return i;
329 }
330
331 if (!ctx->finished)
332 {
333 ctx->finished=1;
334 ctx->buf_off=0;
335 ret=EVP_CipherFinal_ex(&(ctx->cipher),
336 (unsigned char *)ctx->buf,
337 &(ctx->buf_len));
338 ctx->ok=(int)ret;
339 if (ret <= 0) break;
340
341 /* push out the bytes */
342 goto again;
343 }
344
345 /* Finally flush the underlying BIO */
346 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
347 break;
348 case BIO_C_GET_CIPHER_STATUS:
349 ret=(long)ctx->ok;
350 break;
351 case BIO_C_DO_STATE_MACHINE:
352 BIO_clear_retry_flags(b);
353 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
354 BIO_copy_next_retry(b);
355 break;
356 case BIO_C_GET_CIPHER_CTX:
357 c_ctx=(EVP_CIPHER_CTX **)ptr;
358 (*c_ctx)= &(ctx->cipher);
359 b->init=1;
360 break;
361 case BIO_CTRL_DUP:
362 dbio=(BIO *)ptr;
363 dctx=(BIO_ENC_CTX *)dbio->ptr;
364 EVP_CIPHER_CTX_init(&dctx->cipher);
365 ret = EVP_CIPHER_CTX_copy(&dctx->cipher,&ctx->cipher);
366 if (ret)
367 dbio->init=1;
368 break;
369 default:
370 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
371 break;
372 }
373 return(ret);
374 }
375
376static long enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
377 {
378 long ret=1;
379
380 if (b->next_bio == NULL) return(0);
381 switch (cmd)
382 {
383 default:
384 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
385 break;
386 }
387 return(ret);
388 }
389
390/*
391void BIO_set_cipher_ctx(b,c)
392BIO *b;
393EVP_CIPHER_ctx *c;
394 {
395 if (b == NULL) return;
396
397 if ((b->callback != NULL) &&
398 (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
399 return;
400
401 b->init=1;
402 ctx=(BIO_ENC_CTX *)b->ptr;
403 memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX));
404
405 if (b->callback != NULL)
406 b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
407 }
408*/
409
410void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
411 const unsigned char *i, int e)
412 {
413 BIO_ENC_CTX *ctx;
414
415 if (b == NULL) return;
416
417 if ((b->callback != NULL) &&
418 (b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,0L) <= 0))
419 return;
420
421 b->init=1;
422 ctx=(BIO_ENC_CTX *)b->ptr;
423 EVP_CipherInit_ex(&(ctx->cipher),c,NULL, k,i,e);
424
425 if (b->callback != NULL)
426 b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,1L);
427 }
428
diff --git a/src/lib/libcrypto/evp/bio_md.c b/src/lib/libcrypto/evp/bio_md.c
new file mode 100644
index 0000000000..9841e32e1a
--- /dev/null
+++ b/src/lib/libcrypto/evp/bio_md.c
@@ -0,0 +1,270 @@
1/* crypto/evp/bio_md.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include <openssl/buffer.h>
63#include <openssl/evp.h>
64
65/* BIO_put and BIO_get both add to the digest,
66 * BIO_gets returns the digest */
67
68static int md_write(BIO *h, char const *buf, int num);
69static int md_read(BIO *h, char *buf, int size);
70/*static int md_puts(BIO *h, const char *str); */
71static int md_gets(BIO *h, char *str, int size);
72static long md_ctrl(BIO *h, int cmd, long arg1, void *arg2);
73static int md_new(BIO *h);
74static int md_free(BIO *data);
75static long md_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
76
77static BIO_METHOD methods_md=
78 {
79 BIO_TYPE_MD,"message digest",
80 md_write,
81 md_read,
82 NULL, /* md_puts, */
83 md_gets,
84 md_ctrl,
85 md_new,
86 md_free,
87 md_callback_ctrl,
88 };
89
90BIO_METHOD *BIO_f_md(void)
91 {
92 return(&methods_md);
93 }
94
95static int md_new(BIO *bi)
96 {
97 EVP_MD_CTX *ctx;
98
99 ctx=EVP_MD_CTX_create();
100 if (ctx == NULL) return(0);
101
102 bi->init=0;
103 bi->ptr=(char *)ctx;
104 bi->flags=0;
105 return(1);
106 }
107
108static int md_free(BIO *a)
109 {
110 if (a == NULL) return(0);
111 EVP_MD_CTX_destroy(a->ptr);
112 a->ptr=NULL;
113 a->init=0;
114 a->flags=0;
115 return(1);
116 }
117
118static int md_read(BIO *b, char *out, int outl)
119 {
120 int ret=0;
121 EVP_MD_CTX *ctx;
122
123 if (out == NULL) return(0);
124 ctx=b->ptr;
125
126 if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
127
128 ret=BIO_read(b->next_bio,out,outl);
129 if (b->init)
130 {
131 if (ret > 0)
132 {
133 if (EVP_DigestUpdate(ctx,(unsigned char *)out,
134 (unsigned int)ret)<=0) return (-1);
135 }
136 }
137 BIO_clear_retry_flags(b);
138 BIO_copy_next_retry(b);
139 return(ret);
140 }
141
142static int md_write(BIO *b, const char *in, int inl)
143 {
144 int ret=0;
145 EVP_MD_CTX *ctx;
146
147 if ((in == NULL) || (inl <= 0)) return(0);
148 ctx=b->ptr;
149
150 if ((ctx != NULL) && (b->next_bio != NULL))
151 ret=BIO_write(b->next_bio,in,inl);
152 if (b->init)
153 {
154 if (ret > 0)
155 {
156 EVP_DigestUpdate(ctx,(const unsigned char *)in,
157 (unsigned int)ret);
158 }
159 }
160 if(b->next_bio != NULL)
161 {
162 BIO_clear_retry_flags(b);
163 BIO_copy_next_retry(b);
164 }
165 return(ret);
166 }
167
168static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
169 {
170 EVP_MD_CTX *ctx,*dctx,**pctx;
171 const EVP_MD **ppmd;
172 EVP_MD *md;
173 long ret=1;
174 BIO *dbio;
175
176 ctx=b->ptr;
177
178 switch (cmd)
179 {
180 case BIO_CTRL_RESET:
181 if (b->init)
182 ret = EVP_DigestInit_ex(ctx,ctx->digest, NULL);
183 else
184 ret=0;
185 if (ret > 0)
186 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
187 break;
188 case BIO_C_GET_MD:
189 if (b->init)
190 {
191 ppmd=ptr;
192 *ppmd=ctx->digest;
193 }
194 else
195 ret=0;
196 break;
197 case BIO_C_GET_MD_CTX:
198 pctx=ptr;
199 *pctx=ctx;
200 b->init = 1;
201 break;
202 case BIO_C_SET_MD_CTX:
203 if (b->init)
204 b->ptr=ptr;
205 else
206 ret=0;
207 break;
208 case BIO_C_DO_STATE_MACHINE:
209 BIO_clear_retry_flags(b);
210 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
211 BIO_copy_next_retry(b);
212 break;
213
214 case BIO_C_SET_MD:
215 md=ptr;
216 ret = EVP_DigestInit_ex(ctx,md, NULL);
217 if (ret > 0)
218 b->init=1;
219 break;
220 case BIO_CTRL_DUP:
221 dbio=ptr;
222 dctx=dbio->ptr;
223 EVP_MD_CTX_copy_ex(dctx,ctx);
224 b->init=1;
225 break;
226 default:
227 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
228 break;
229 }
230 return(ret);
231 }
232
233static long md_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
234 {
235 long ret=1;
236
237 if (b->next_bio == NULL) return(0);
238 switch (cmd)
239 {
240 default:
241 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
242 break;
243 }
244 return(ret);
245 }
246
247static int md_gets(BIO *bp, char *buf, int size)
248 {
249 EVP_MD_CTX *ctx;
250 unsigned int ret;
251
252
253 ctx=bp->ptr;
254 if (size < ctx->digest->md_size)
255 return(0);
256 if (EVP_DigestFinal_ex(ctx,(unsigned char *)buf,&ret)<=0)
257 return -1;
258
259 return((int)ret);
260 }
261
262/*
263static int md_puts(bp,str)
264BIO *bp;
265char *str;
266 {
267 return(-1);
268 }
269*/
270
diff --git a/src/lib/libcrypto/evp/bio_ok.c b/src/lib/libcrypto/evp/bio_ok.c
index e64335353f..98bc1ab409 100644
--- a/src/lib/libcrypto/evp/bio_ok.c
+++ b/src/lib/libcrypto/evp/bio_ok.c
@@ -133,10 +133,10 @@ static int ok_new(BIO *h);
133static int ok_free(BIO *data); 133static int ok_free(BIO *data);
134static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp); 134static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
135 135
136static int sig_out(BIO* b); 136static void sig_out(BIO* b);
137static int sig_in(BIO* b); 137static void sig_in(BIO* b);
138static int block_out(BIO* b); 138static void block_out(BIO* b);
139static int block_in(BIO* b); 139static void block_in(BIO* b);
140#define OK_BLOCK_SIZE (1024*4) 140#define OK_BLOCK_SIZE (1024*4)
141#define OK_BLOCK_BLOCK 4 141#define OK_BLOCK_BLOCK 4
142#define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE) 142#define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE)
@@ -266,24 +266,10 @@ static int ok_read(BIO *b, char *out, int outl)
266 ctx->buf_len+= i; 266 ctx->buf_len+= i;
267 267
268 /* no signature yet -- check if we got one */ 268 /* no signature yet -- check if we got one */
269 if (ctx->sigio == 1) 269 if (ctx->sigio == 1) sig_in(b);
270 {
271 if (!sig_in(b))
272 {
273 BIO_clear_retry_flags(b);
274 return 0;
275 }
276 }
277 270
278 /* signature ok -- check if we got block */ 271 /* signature ok -- check if we got block */
279 if (ctx->sigio == 0) 272 if (ctx->sigio == 0) block_in(b);
280 {
281 if (!block_in(b))
282 {
283 BIO_clear_retry_flags(b);
284 return 0;
285 }
286 }
287 273
288 /* invalid block -- cancel */ 274 /* invalid block -- cancel */
289 if (ctx->cont <= 0) break; 275 if (ctx->cont <= 0) break;
@@ -307,8 +293,7 @@ static int ok_write(BIO *b, const char *in, int inl)
307 293
308 if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) return(0); 294 if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) return(0);
309 295
310 if(ctx->sigio && !sig_out(b)) 296 if(ctx->sigio) sig_out(b);
311 return 0;
312 297
313 do{ 298 do{
314 BIO_clear_retry_flags(b); 299 BIO_clear_retry_flags(b);
@@ -347,11 +332,7 @@ static int ok_write(BIO *b, const char *in, int inl)
347 332
348 if(ctx->buf_len >= OK_BLOCK_SIZE+ OK_BLOCK_BLOCK) 333 if(ctx->buf_len >= OK_BLOCK_SIZE+ OK_BLOCK_BLOCK)
349 { 334 {
350 if (!block_out(b)) 335 block_out(b);
351 {
352 BIO_clear_retry_flags(b);
353 return 0;
354 }
355 } 336 }
356 }while(inl > 0); 337 }while(inl > 0);
357 338
@@ -398,8 +379,7 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
398 case BIO_CTRL_FLUSH: 379 case BIO_CTRL_FLUSH:
399 /* do a final write */ 380 /* do a final write */
400 if(ctx->blockout == 0) 381 if(ctx->blockout == 0)
401 if (!block_out(b)) 382 block_out(b);
402 return 0;
403 383
404 while (ctx->blockout) 384 while (ctx->blockout)
405 { 385 {
@@ -428,8 +408,7 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
428 break; 408 break;
429 case BIO_C_SET_MD: 409 case BIO_C_SET_MD:
430 md=ptr; 410 md=ptr;
431 if (!EVP_DigestInit_ex(&ctx->md, md, NULL)) 411 EVP_DigestInit_ex(&ctx->md, md, NULL);
432 return 0;
433 b->init=1; 412 b->init=1;
434 break; 413 break;
435 case BIO_C_GET_MD: 414 case BIO_C_GET_MD:
@@ -476,7 +455,7 @@ static void longswap(void *_ptr, size_t len)
476 } 455 }
477} 456}
478 457
479static int sig_out(BIO* b) 458static void sig_out(BIO* b)
480 { 459 {
481 BIO_OK_CTX *ctx; 460 BIO_OK_CTX *ctx;
482 EVP_MD_CTX *md; 461 EVP_MD_CTX *md;
@@ -484,10 +463,9 @@ static int sig_out(BIO* b)
484 ctx=b->ptr; 463 ctx=b->ptr;
485 md=&ctx->md; 464 md=&ctx->md;
486 465
487 if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return 1; 466 if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return;
488 467
489 if (!EVP_DigestInit_ex(md, md->digest, NULL)) 468 EVP_DigestInit_ex(md, md->digest, NULL);
490 goto berr;
491 /* FIXME: there's absolutely no guarantee this makes any sense at all, 469 /* FIXME: there's absolutely no guarantee this makes any sense at all,
492 * particularly now EVP_MD_CTX has been restructured. 470 * particularly now EVP_MD_CTX has been restructured.
493 */ 471 */
@@ -496,20 +474,14 @@ static int sig_out(BIO* b)
496 longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size); 474 longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
497 ctx->buf_len+= md->digest->md_size; 475 ctx->buf_len+= md->digest->md_size;
498 476
499 if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN))) 477 EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
500 goto berr; 478 EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
501 if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
502 goto berr;
503 ctx->buf_len+= md->digest->md_size; 479 ctx->buf_len+= md->digest->md_size;
504 ctx->blockout= 1; 480 ctx->blockout= 1;
505 ctx->sigio= 0; 481 ctx->sigio= 0;
506 return 1;
507 berr:
508 BIO_clear_retry_flags(b);
509 return 0;
510 } 482 }
511 483
512static int sig_in(BIO* b) 484static void sig_in(BIO* b)
513 { 485 {
514 BIO_OK_CTX *ctx; 486 BIO_OK_CTX *ctx;
515 EVP_MD_CTX *md; 487 EVP_MD_CTX *md;
@@ -519,18 +491,15 @@ static int sig_in(BIO* b)
519 ctx=b->ptr; 491 ctx=b->ptr;
520 md=&ctx->md; 492 md=&ctx->md;
521 493
522 if((int)(ctx->buf_len-ctx->buf_off) < 2*md->digest->md_size) return 1; 494 if((int)(ctx->buf_len-ctx->buf_off) < 2*md->digest->md_size) return;
523 495
524 if (!EVP_DigestInit_ex(md, md->digest, NULL)) 496 EVP_DigestInit_ex(md, md->digest, NULL);
525 goto berr;
526 memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size); 497 memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size);
527 longswap(md->md_data, md->digest->md_size); 498 longswap(md->md_data, md->digest->md_size);
528 ctx->buf_off+= md->digest->md_size; 499 ctx->buf_off+= md->digest->md_size;
529 500
530 if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN))) 501 EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
531 goto berr; 502 EVP_DigestFinal_ex(md, tmp, NULL);
532 if (!EVP_DigestFinal_ex(md, tmp, NULL))
533 goto berr;
534 ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0; 503 ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
535 ctx->buf_off+= md->digest->md_size; 504 ctx->buf_off+= md->digest->md_size;
536 if(ret == 1) 505 if(ret == 1)
@@ -547,13 +516,9 @@ static int sig_in(BIO* b)
547 { 516 {
548 ctx->cont= 0; 517 ctx->cont= 0;
549 } 518 }
550 return 1;
551 berr:
552 BIO_clear_retry_flags(b);
553 return 0;
554 } 519 }
555 520
556static int block_out(BIO* b) 521static void block_out(BIO* b)
557 { 522 {
558 BIO_OK_CTX *ctx; 523 BIO_OK_CTX *ctx;
559 EVP_MD_CTX *md; 524 EVP_MD_CTX *md;
@@ -567,20 +532,13 @@ static int block_out(BIO* b)
567 ctx->buf[1]=(unsigned char)(tl>>16); 532 ctx->buf[1]=(unsigned char)(tl>>16);
568 ctx->buf[2]=(unsigned char)(tl>>8); 533 ctx->buf[2]=(unsigned char)(tl>>8);
569 ctx->buf[3]=(unsigned char)(tl); 534 ctx->buf[3]=(unsigned char)(tl);
570 if (!EVP_DigestUpdate(md, 535 EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
571 (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl)) 536 EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
572 goto berr;
573 if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
574 goto berr;
575 ctx->buf_len+= md->digest->md_size; 537 ctx->buf_len+= md->digest->md_size;
576 ctx->blockout= 1; 538 ctx->blockout= 1;
577 return 1;
578 berr:
579 BIO_clear_retry_flags(b);
580 return 0;
581 } 539 }
582 540
583static int block_in(BIO* b) 541static void block_in(BIO* b)
584 { 542 {
585 BIO_OK_CTX *ctx; 543 BIO_OK_CTX *ctx;
586 EVP_MD_CTX *md; 544 EVP_MD_CTX *md;
@@ -596,13 +554,10 @@ static int block_in(BIO* b)
596 tl|=ctx->buf[2]; tl<<=8; 554 tl|=ctx->buf[2]; tl<<=8;
597 tl|=ctx->buf[3]; 555 tl|=ctx->buf[3];
598 556
599 if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return 1; 557 if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return;
600 558
601 if (!EVP_DigestUpdate(md, 559 EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
602 (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl)) 560 EVP_DigestFinal_ex(md, tmp, NULL);
603 goto berr;
604 if (!EVP_DigestFinal_ex(md, tmp, NULL))
605 goto berr;
606 if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0) 561 if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0)
607 { 562 {
608 /* there might be parts from next block lurking around ! */ 563 /* there might be parts from next block lurking around ! */
@@ -616,9 +571,5 @@ static int block_in(BIO* b)
616 { 571 {
617 ctx->cont= 0; 572 ctx->cont= 0;
618 } 573 }
619 return 1;
620 berr:
621 BIO_clear_retry_flags(b);
622 return 0;
623 } 574 }
624 575
diff --git a/src/lib/libcrypto/evp/c_all.c b/src/lib/libcrypto/evp/c_all.c
new file mode 100644
index 0000000000..766c4cecdf
--- /dev/null
+++ b/src/lib/libcrypto/evp/c_all.c
@@ -0,0 +1,90 @@
1/* crypto/evp/c_all.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#ifndef OPENSSL_NO_ENGINE
63#include <openssl/engine.h>
64#endif
65
66#if 0
67#undef OpenSSL_add_all_algorithms
68
69void OpenSSL_add_all_algorithms(void)
70 {
71 OPENSSL_add_all_algorithms_noconf();
72 }
73#endif
74
75void OPENSSL_add_all_algorithms_noconf(void)
76 {
77 /*
78 * For the moment OPENSSL_cpuid_setup does something
79 * only on IA-32, but we reserve the option for all
80 * platforms...
81 */
82 OPENSSL_cpuid_setup();
83 OpenSSL_add_all_ciphers();
84 OpenSSL_add_all_digests();
85#ifndef OPENSSL_NO_ENGINE
86# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
87 ENGINE_setup_bsd_cryptodev();
88# endif
89#endif
90 }
diff --git a/src/lib/libcrypto/evp/c_allc.c b/src/lib/libcrypto/evp/c_allc.c
index 2a45d435e5..c5f9268378 100644
--- a/src/lib/libcrypto/evp/c_allc.c
+++ b/src/lib/libcrypto/evp/c_allc.c
@@ -98,9 +98,6 @@ void OpenSSL_add_all_ciphers(void)
98#ifndef OPENSSL_NO_RC4 98#ifndef OPENSSL_NO_RC4
99 EVP_add_cipher(EVP_rc4()); 99 EVP_add_cipher(EVP_rc4());
100 EVP_add_cipher(EVP_rc4_40()); 100 EVP_add_cipher(EVP_rc4_40());
101#ifndef OPENSSL_NO_MD5
102 EVP_add_cipher(EVP_rc4_hmac_md5());
103#endif
104#endif 101#endif
105 102
106#ifndef OPENSSL_NO_IDEA 103#ifndef OPENSSL_NO_IDEA
@@ -169,9 +166,9 @@ void OpenSSL_add_all_ciphers(void)
169 EVP_add_cipher(EVP_aes_128_cfb1()); 166 EVP_add_cipher(EVP_aes_128_cfb1());
170 EVP_add_cipher(EVP_aes_128_cfb8()); 167 EVP_add_cipher(EVP_aes_128_cfb8());
171 EVP_add_cipher(EVP_aes_128_ofb()); 168 EVP_add_cipher(EVP_aes_128_ofb());
169#if 0
172 EVP_add_cipher(EVP_aes_128_ctr()); 170 EVP_add_cipher(EVP_aes_128_ctr());
173 EVP_add_cipher(EVP_aes_128_gcm()); 171#endif
174 EVP_add_cipher(EVP_aes_128_xts());
175 EVP_add_cipher_alias(SN_aes_128_cbc,"AES128"); 172 EVP_add_cipher_alias(SN_aes_128_cbc,"AES128");
176 EVP_add_cipher_alias(SN_aes_128_cbc,"aes128"); 173 EVP_add_cipher_alias(SN_aes_128_cbc,"aes128");
177 EVP_add_cipher(EVP_aes_192_ecb()); 174 EVP_add_cipher(EVP_aes_192_ecb());
@@ -180,8 +177,9 @@ void OpenSSL_add_all_ciphers(void)
180 EVP_add_cipher(EVP_aes_192_cfb1()); 177 EVP_add_cipher(EVP_aes_192_cfb1());
181 EVP_add_cipher(EVP_aes_192_cfb8()); 178 EVP_add_cipher(EVP_aes_192_cfb8());
182 EVP_add_cipher(EVP_aes_192_ofb()); 179 EVP_add_cipher(EVP_aes_192_ofb());
180#if 0
183 EVP_add_cipher(EVP_aes_192_ctr()); 181 EVP_add_cipher(EVP_aes_192_ctr());
184 EVP_add_cipher(EVP_aes_192_gcm()); 182#endif
185 EVP_add_cipher_alias(SN_aes_192_cbc,"AES192"); 183 EVP_add_cipher_alias(SN_aes_192_cbc,"AES192");
186 EVP_add_cipher_alias(SN_aes_192_cbc,"aes192"); 184 EVP_add_cipher_alias(SN_aes_192_cbc,"aes192");
187 EVP_add_cipher(EVP_aes_256_ecb()); 185 EVP_add_cipher(EVP_aes_256_ecb());
@@ -190,15 +188,11 @@ void OpenSSL_add_all_ciphers(void)
190 EVP_add_cipher(EVP_aes_256_cfb1()); 188 EVP_add_cipher(EVP_aes_256_cfb1());
191 EVP_add_cipher(EVP_aes_256_cfb8()); 189 EVP_add_cipher(EVP_aes_256_cfb8());
192 EVP_add_cipher(EVP_aes_256_ofb()); 190 EVP_add_cipher(EVP_aes_256_ofb());
191#if 0
193 EVP_add_cipher(EVP_aes_256_ctr()); 192 EVP_add_cipher(EVP_aes_256_ctr());
194 EVP_add_cipher(EVP_aes_256_gcm()); 193#endif
195 EVP_add_cipher(EVP_aes_256_xts());
196 EVP_add_cipher_alias(SN_aes_256_cbc,"AES256"); 194 EVP_add_cipher_alias(SN_aes_256_cbc,"AES256");
197 EVP_add_cipher_alias(SN_aes_256_cbc,"aes256"); 195 EVP_add_cipher_alias(SN_aes_256_cbc,"aes256");
198#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
199 EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
200 EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
201#endif
202#endif 196#endif
203 197
204#ifndef OPENSSL_NO_CAMELLIA 198#ifndef OPENSSL_NO_CAMELLIA
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
new file mode 100644
index 0000000000..982ba2b136
--- /dev/null
+++ b/src/lib/libcrypto/evp/digest.c
@@ -0,0 +1,377 @@
1/* crypto/evp/digest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include "cryptlib.h"
114#include <openssl/objects.h>
115#include <openssl/evp.h>
116#ifndef OPENSSL_NO_ENGINE
117#include <openssl/engine.h>
118#endif
119
120void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
121 {
122 memset(ctx,'\0',sizeof *ctx);
123 }
124
125EVP_MD_CTX *EVP_MD_CTX_create(void)
126 {
127 EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx);
128
129 if (ctx)
130 EVP_MD_CTX_init(ctx);
131
132 return ctx;
133 }
134
135int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
136 {
137 EVP_MD_CTX_init(ctx);
138 return EVP_DigestInit_ex(ctx, type, NULL);
139 }
140
141int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
142 {
143 EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
144#ifndef OPENSSL_NO_ENGINE
145 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
146 * so this context may already have an ENGINE! Try to avoid releasing
147 * the previous handle, re-querying for an ENGINE, and having a
148 * reinitialisation, when it may all be unecessary. */
149 if (ctx->engine && ctx->digest && (!type ||
150 (type && (type->type == ctx->digest->type))))
151 goto skip_to_init;
152 if (type)
153 {
154 /* Ensure an ENGINE left lying around from last time is cleared
155 * (the previous check attempted to avoid this if the same
156 * ENGINE and EVP_MD could be used). */
157 if(ctx->engine)
158 ENGINE_finish(ctx->engine);
159 if(impl)
160 {
161 if (!ENGINE_init(impl))
162 {
163 EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR);
164 return 0;
165 }
166 }
167 else
168 /* Ask if an ENGINE is reserved for this job */
169 impl = ENGINE_get_digest_engine(type->type);
170 if(impl)
171 {
172 /* There's an ENGINE for this job ... (apparently) */
173 const EVP_MD *d = ENGINE_get_digest(impl, type->type);
174 if(!d)
175 {
176 /* Same comment from evp_enc.c */
177 EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR);
178 ENGINE_finish(impl);
179 return 0;
180 }
181 /* We'll use the ENGINE's private digest definition */
182 type = d;
183 /* Store the ENGINE functional reference so we know
184 * 'type' came from an ENGINE and we need to release
185 * it when done. */
186 ctx->engine = impl;
187 }
188 else
189 ctx->engine = NULL;
190 }
191 else
192 if(!ctx->digest)
193 {
194 EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_NO_DIGEST_SET);
195 return 0;
196 }
197#endif
198 if (ctx->digest != type)
199 {
200 if (ctx->digest && ctx->digest->ctx_size)
201 OPENSSL_free(ctx->md_data);
202 ctx->digest=type;
203 if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size)
204 {
205 ctx->update = type->update;
206 ctx->md_data=OPENSSL_malloc(type->ctx_size);
207 if (ctx->md_data == NULL)
208 {
209 EVPerr(EVP_F_EVP_DIGESTINIT_EX,
210 ERR_R_MALLOC_FAILURE);
211 return 0;
212 }
213 }
214 }
215#ifndef OPENSSL_NO_ENGINE
216skip_to_init:
217#endif
218 if (ctx->pctx)
219 {
220 int r;
221 r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
222 EVP_PKEY_CTRL_DIGESTINIT, 0, ctx);
223 if (r <= 0 && (r != -2))
224 return 0;
225 }
226 if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT)
227 return 1;
228 return ctx->digest->init(ctx);
229 }
230
231int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
232 {
233 return ctx->update(ctx,data,count);
234 }
235
236/* The caller can assume that this removes any secret data from the context */
237int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
238 {
239 int ret;
240 ret = EVP_DigestFinal_ex(ctx, md, size);
241 EVP_MD_CTX_cleanup(ctx);
242 return ret;
243 }
244
245/* The caller can assume that this removes any secret data from the context */
246int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
247 {
248 int ret;
249
250 OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
251 ret=ctx->digest->final(ctx,md);
252 if (size != NULL)
253 *size=ctx->digest->md_size;
254 if (ctx->digest->cleanup)
255 {
256 ctx->digest->cleanup(ctx);
257 EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
258 }
259 memset(ctx->md_data,0,ctx->digest->ctx_size);
260 return ret;
261 }
262
263int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
264 {
265 EVP_MD_CTX_init(out);
266 return EVP_MD_CTX_copy_ex(out, in);
267 }
268
269int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
270 {
271 unsigned char *tmp_buf;
272 if ((in == NULL) || (in->digest == NULL))
273 {
274 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,EVP_R_INPUT_NOT_INITIALIZED);
275 return 0;
276 }
277#ifndef OPENSSL_NO_ENGINE
278 /* Make sure it's safe to copy a digest context using an ENGINE */
279 if (in->engine && !ENGINE_init(in->engine))
280 {
281 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_ENGINE_LIB);
282 return 0;
283 }
284#endif
285
286 if (out->digest == in->digest)
287 {
288 tmp_buf = out->md_data;
289 EVP_MD_CTX_set_flags(out,EVP_MD_CTX_FLAG_REUSE);
290 }
291 else tmp_buf = NULL;
292 EVP_MD_CTX_cleanup(out);
293 memcpy(out,in,sizeof *out);
294
295 if (in->md_data && out->digest->ctx_size)
296 {
297 if (tmp_buf)
298 out->md_data = tmp_buf;
299 else
300 {
301 out->md_data=OPENSSL_malloc(out->digest->ctx_size);
302 if (!out->md_data)
303 {
304 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_MALLOC_FAILURE);
305 return 0;
306 }
307 }
308 memcpy(out->md_data,in->md_data,out->digest->ctx_size);
309 }
310
311 out->update = in->update;
312
313 if (in->pctx)
314 {
315 out->pctx = EVP_PKEY_CTX_dup(in->pctx);
316 if (!out->pctx)
317 {
318 EVP_MD_CTX_cleanup(out);
319 return 0;
320 }
321 }
322
323 if (out->digest->copy)
324 return out->digest->copy(out,in);
325
326 return 1;
327 }
328
329int EVP_Digest(const void *data, size_t count,
330 unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl)
331 {
332 EVP_MD_CTX ctx;
333 int ret;
334
335 EVP_MD_CTX_init(&ctx);
336 EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT);
337 ret=EVP_DigestInit_ex(&ctx, type, impl)
338 && EVP_DigestUpdate(&ctx, data, count)
339 && EVP_DigestFinal_ex(&ctx, md, size);
340 EVP_MD_CTX_cleanup(&ctx);
341
342 return ret;
343 }
344
345void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
346 {
347 EVP_MD_CTX_cleanup(ctx);
348 OPENSSL_free(ctx);
349 }
350
351/* This call frees resources associated with the context */
352int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
353 {
354 /* Don't assume ctx->md_data was cleaned in EVP_Digest_Final,
355 * because sometimes only copies of the context are ever finalised.
356 */
357 if (ctx->digest && ctx->digest->cleanup
358 && !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED))
359 ctx->digest->cleanup(ctx);
360 if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
361 && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE))
362 {
363 OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size);
364 OPENSSL_free(ctx->md_data);
365 }
366 if (ctx->pctx)
367 EVP_PKEY_CTX_free(ctx->pctx);
368#ifndef OPENSSL_NO_ENGINE
369 if(ctx->engine)
370 /* The EVP_MD we used belongs to an ENGINE, release the
371 * functional reference we held for this reason. */
372 ENGINE_finish(ctx->engine);
373#endif
374 memset(ctx,'\0',sizeof *ctx);
375
376 return 1;
377 }
diff --git a/src/lib/libcrypto/evp/e_acss.c b/src/lib/libcrypto/evp/e_acss.c
new file mode 100644
index 0000000000..9084a63d51
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_acss.c
@@ -0,0 +1,85 @@
1/* $Id: e_acss.c,v 1.3 2010/10/01 23:33:22 djm Exp $ */
2/*
3 * Copyright (c) 2004 The OpenBSD project
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#ifndef OPENSSL_NO_ACSS
19
20#include "cryptlib.h"
21#include <openssl/evp.h>
22#include <openssl/objects.h>
23#include "evp_locl.h"
24#include <openssl/acss.h>
25
26typedef struct {
27 ACSS_KEY ks;
28} EVP_ACSS_KEY;
29
30#define data(ctx) EVP_C_DATA(EVP_ACSS_KEY,ctx)
31
32static int acss_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
33 const unsigned char *iv, int enc);
34static int acss_ciph(EVP_CIPHER_CTX *ctx, unsigned char *out,
35 const unsigned char *in, size_t inl);
36static int acss_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
37static const EVP_CIPHER acss_cipher = {
38 NID_undef,
39 1,5,0,
40 0,
41 acss_init_key,
42 acss_ciph,
43 NULL,
44 sizeof(EVP_ACSS_KEY),
45 NULL,
46 NULL,
47 acss_ctrl,
48 NULL
49};
50
51const
52EVP_CIPHER *EVP_acss(void)
53{
54 return(&acss_cipher);
55}
56
57static int
58acss_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
59 const unsigned char *iv, int enc)
60{
61 acss_setkey(&data(ctx)->ks,key,enc,ACSS_MODE1);
62 return 1;
63}
64
65static int
66acss_ciph(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
67 size_t inl)
68{
69 acss(&data(ctx)->ks,inl,in,out);
70 return 1;
71}
72
73static int
74acss_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
75{
76 switch(type) {
77 case EVP_CTRL_SET_ACSS_MODE:
78 data(ctx)->ks.mode = arg;
79 return 1;
80
81 default:
82 return -1;
83 }
84}
85#endif
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
new file mode 100644
index 0000000000..bd6c0a3a62
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_aes.c
@@ -0,0 +1,120 @@
1/* ====================================================================
2 * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 *
49 */
50
51#include <openssl/opensslconf.h>
52#ifndef OPENSSL_NO_AES
53#include <openssl/evp.h>
54#include <openssl/err.h>
55#include <string.h>
56#include <assert.h>
57#include <openssl/aes.h>
58#include "evp_locl.h"
59
60static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
61 const unsigned char *iv, int enc);
62
63typedef struct
64 {
65 AES_KEY ks;
66 } EVP_AES_KEY;
67
68#define data(ctx) EVP_C_DATA(EVP_AES_KEY,ctx)
69
70IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY,
71 NID_aes_128, 16, 16, 16, 128,
72 0, aes_init_key, NULL,
73 EVP_CIPHER_set_asn1_iv,
74 EVP_CIPHER_get_asn1_iv,
75 NULL)
76IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY,
77 NID_aes_192, 16, 24, 16, 128,
78 0, aes_init_key, NULL,
79 EVP_CIPHER_set_asn1_iv,
80 EVP_CIPHER_get_asn1_iv,
81 NULL)
82IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
83 NID_aes_256, 16, 32, 16, 128,
84 0, aes_init_key, NULL,
85 EVP_CIPHER_set_asn1_iv,
86 EVP_CIPHER_get_asn1_iv,
87 NULL)
88
89#define IMPLEMENT_AES_CFBR(ksize,cbits) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16)
90
91IMPLEMENT_AES_CFBR(128,1)
92IMPLEMENT_AES_CFBR(192,1)
93IMPLEMENT_AES_CFBR(256,1)
94
95IMPLEMENT_AES_CFBR(128,8)
96IMPLEMENT_AES_CFBR(192,8)
97IMPLEMENT_AES_CFBR(256,8)
98
99static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
100 const unsigned char *iv, int enc)
101 {
102 int ret;
103
104 if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE
105 || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE
106 || enc)
107 ret=AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
108 else
109 ret=AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
110
111 if(ret < 0)
112 {
113 EVPerr(EVP_F_AES_INIT_KEY,EVP_R_AES_KEY_SETUP_FAILED);
114 return 0;
115 }
116
117 return 1;
118 }
119
120#endif
diff --git a/src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c b/src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c
new file mode 100644
index 0000000000..710fb79baf
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c
@@ -0,0 +1,406 @@
1/* ====================================================================
2 * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * licensing@OpenSSL.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 */
49
50#include <openssl/opensslconf.h>
51
52#include <stdio.h>
53#include <string.h>
54
55#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1)
56
57#include <openssl/evp.h>
58#include <openssl/objects.h>
59#include <openssl/aes.h>
60#include <openssl/sha.h>
61#include "evp_locl.h"
62
63#ifndef EVP_CIPH_FLAG_AEAD_CIPHER
64#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
65#define EVP_CTRL_AEAD_TLS1_AAD 0x16
66#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
67#endif
68
69#if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1)
70#define EVP_CIPH_FLAG_DEFAULT_ASN1 0
71#endif
72
73#define TLS1_1_VERSION 0x0302
74
75typedef struct
76 {
77 AES_KEY ks;
78 SHA_CTX head,tail,md;
79 size_t payload_length; /* AAD length in decrypt case */
80 union {
81 unsigned int tls_ver;
82 unsigned char tls_aad[16]; /* 13 used */
83 } aux;
84 } EVP_AES_HMAC_SHA1;
85
86#define NO_PAYLOAD_LENGTH ((size_t)-1)
87
88#if defined(AES_ASM) && ( \
89 defined(__x86_64) || defined(__x86_64__) || \
90 defined(_M_AMD64) || defined(_M_X64) || \
91 defined(__INTEL__) )
92
93extern unsigned int OPENSSL_ia32cap_P[2];
94#define AESNI_CAPABLE (1<<(57-32))
95
96int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
97 AES_KEY *key);
98int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
99 AES_KEY *key);
100
101void aesni_cbc_encrypt(const unsigned char *in,
102 unsigned char *out,
103 size_t length,
104 const AES_KEY *key,
105 unsigned char *ivec, int enc);
106
107void aesni_cbc_sha1_enc (const void *inp, void *out, size_t blocks,
108 const AES_KEY *key, unsigned char iv[16],
109 SHA_CTX *ctx,const void *in0);
110
111#define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data)
112
113static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx,
114 const unsigned char *inkey,
115 const unsigned char *iv, int enc)
116 {
117 EVP_AES_HMAC_SHA1 *key = data(ctx);
118 int ret;
119
120 if (enc)
121 ret=aesni_set_encrypt_key(inkey,ctx->key_len*8,&key->ks);
122 else
123 ret=aesni_set_decrypt_key(inkey,ctx->key_len*8,&key->ks);
124
125 SHA1_Init(&key->head); /* handy when benchmarking */
126 key->tail = key->head;
127 key->md = key->head;
128
129 key->payload_length = NO_PAYLOAD_LENGTH;
130
131 return ret<0?0:1;
132 }
133
134#define STITCHED_CALL
135
136#if !defined(STITCHED_CALL)
137#define aes_off 0
138#endif
139
140void sha1_block_data_order (void *c,const void *p,size_t len);
141
142static void sha1_update(SHA_CTX *c,const void *data,size_t len)
143{ const unsigned char *ptr = data;
144 size_t res;
145
146 if ((res = c->num)) {
147 res = SHA_CBLOCK-res;
148 if (len<res) res=len;
149 SHA1_Update (c,ptr,res);
150 ptr += res;
151 len -= res;
152 }
153
154 res = len % SHA_CBLOCK;
155 len -= res;
156
157 if (len) {
158 sha1_block_data_order(c,ptr,len/SHA_CBLOCK);
159
160 ptr += len;
161 c->Nh += len>>29;
162 c->Nl += len<<=3;
163 if (c->Nl<(unsigned int)len) c->Nh++;
164 }
165
166 if (res)
167 SHA1_Update(c,ptr,res);
168}
169
170#define SHA1_Update sha1_update
171
172static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
173 const unsigned char *in, size_t len)
174 {
175 EVP_AES_HMAC_SHA1 *key = data(ctx);
176 unsigned int l;
177 size_t plen = key->payload_length,
178 iv = 0, /* explicit IV in TLS 1.1 and later */
179 sha_off = 0;
180#if defined(STITCHED_CALL)
181 size_t aes_off = 0,
182 blocks;
183
184 sha_off = SHA_CBLOCK-key->md.num;
185#endif
186
187 if (len%AES_BLOCK_SIZE) return 0;
188
189 if (ctx->encrypt) {
190 if (plen==NO_PAYLOAD_LENGTH)
191 plen = len;
192 else if (len!=((plen+SHA_DIGEST_LENGTH+AES_BLOCK_SIZE)&-AES_BLOCK_SIZE))
193 return 0;
194 else if (key->aux.tls_ver >= TLS1_1_VERSION)
195 iv = AES_BLOCK_SIZE;
196
197#if defined(STITCHED_CALL)
198 if (plen>(sha_off+iv) && (blocks=(plen-(sha_off+iv))/SHA_CBLOCK)) {
199 SHA1_Update(&key->md,in+iv,sha_off);
200
201 aesni_cbc_sha1_enc(in,out,blocks,&key->ks,
202 ctx->iv,&key->md,in+iv+sha_off);
203 blocks *= SHA_CBLOCK;
204 aes_off += blocks;
205 sha_off += blocks;
206 key->md.Nh += blocks>>29;
207 key->md.Nl += blocks<<=3;
208 if (key->md.Nl<(unsigned int)blocks) key->md.Nh++;
209 } else {
210 sha_off = 0;
211 }
212#endif
213 sha_off += iv;
214 SHA1_Update(&key->md,in+sha_off,plen-sha_off);
215
216 if (plen!=len) { /* "TLS" mode of operation */
217 if (in!=out)
218 memcpy(out+aes_off,in+aes_off,plen-aes_off);
219
220 /* calculate HMAC and append it to payload */
221 SHA1_Final(out+plen,&key->md);
222 key->md = key->tail;
223 SHA1_Update(&key->md,out+plen,SHA_DIGEST_LENGTH);
224 SHA1_Final(out+plen,&key->md);
225
226 /* pad the payload|hmac */
227 plen += SHA_DIGEST_LENGTH;
228 for (l=len-plen-1;plen<len;plen++) out[plen]=l;
229 /* encrypt HMAC|padding at once */
230 aesni_cbc_encrypt(out+aes_off,out+aes_off,len-aes_off,
231 &key->ks,ctx->iv,1);
232 } else {
233 aesni_cbc_encrypt(in+aes_off,out+aes_off,len-aes_off,
234 &key->ks,ctx->iv,1);
235 }
236 } else {
237 unsigned char mac[SHA_DIGEST_LENGTH];
238
239 /* decrypt HMAC|padding at once */
240 aesni_cbc_encrypt(in,out,len,
241 &key->ks,ctx->iv,0);
242
243 if (plen) { /* "TLS" mode of operation */
244 /* figure out payload length */
245 if (len<(size_t)(out[len-1]+1+SHA_DIGEST_LENGTH))
246 return 0;
247
248 len -= (out[len-1]+1+SHA_DIGEST_LENGTH);
249
250 if ((key->aux.tls_aad[plen-4]<<8|key->aux.tls_aad[plen-3])
251 >= TLS1_1_VERSION) {
252 len -= AES_BLOCK_SIZE;
253 iv = AES_BLOCK_SIZE;
254 }
255
256 key->aux.tls_aad[plen-2] = len>>8;
257 key->aux.tls_aad[plen-1] = len;
258
259 /* calculate HMAC and verify it */
260 key->md = key->head;
261 SHA1_Update(&key->md,key->aux.tls_aad,plen);
262 SHA1_Update(&key->md,out+iv,len);
263 SHA1_Final(mac,&key->md);
264
265 key->md = key->tail;
266 SHA1_Update(&key->md,mac,SHA_DIGEST_LENGTH);
267 SHA1_Final(mac,&key->md);
268
269 if (memcmp(out+iv+len,mac,SHA_DIGEST_LENGTH))
270 return 0;
271 } else {
272 SHA1_Update(&key->md,out,len);
273 }
274 }
275
276 key->payload_length = NO_PAYLOAD_LENGTH;
277
278 return 1;
279 }
280
281static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
282 {
283 EVP_AES_HMAC_SHA1 *key = data(ctx);
284
285 switch (type)
286 {
287 case EVP_CTRL_AEAD_SET_MAC_KEY:
288 {
289 unsigned int i;
290 unsigned char hmac_key[64];
291
292 memset (hmac_key,0,sizeof(hmac_key));
293
294 if (arg > (int)sizeof(hmac_key)) {
295 SHA1_Init(&key->head);
296 SHA1_Update(&key->head,ptr,arg);
297 SHA1_Final(hmac_key,&key->head);
298 } else {
299 memcpy(hmac_key,ptr,arg);
300 }
301
302 for (i=0;i<sizeof(hmac_key);i++)
303 hmac_key[i] ^= 0x36; /* ipad */
304 SHA1_Init(&key->head);
305 SHA1_Update(&key->head,hmac_key,sizeof(hmac_key));
306
307 for (i=0;i<sizeof(hmac_key);i++)
308 hmac_key[i] ^= 0x36^0x5c; /* opad */
309 SHA1_Init(&key->tail);
310 SHA1_Update(&key->tail,hmac_key,sizeof(hmac_key));
311
312 return 1;
313 }
314 case EVP_CTRL_AEAD_TLS1_AAD:
315 {
316 unsigned char *p=ptr;
317 unsigned int len=p[arg-2]<<8|p[arg-1];
318
319 if (ctx->encrypt)
320 {
321 key->payload_length = len;
322 if ((key->aux.tls_ver=p[arg-4]<<8|p[arg-3]) >= TLS1_1_VERSION) {
323 len -= AES_BLOCK_SIZE;
324 p[arg-2] = len>>8;
325 p[arg-1] = len;
326 }
327 key->md = key->head;
328 SHA1_Update(&key->md,p,arg);
329
330 return (int)(((len+SHA_DIGEST_LENGTH+AES_BLOCK_SIZE)&-AES_BLOCK_SIZE)
331 - len);
332 }
333 else
334 {
335 if (arg>13) arg = 13;
336 memcpy(key->aux.tls_aad,ptr,arg);
337 key->payload_length = arg;
338
339 return SHA_DIGEST_LENGTH;
340 }
341 }
342 default:
343 return -1;
344 }
345 }
346
347static EVP_CIPHER aesni_128_cbc_hmac_sha1_cipher =
348 {
349#ifdef NID_aes_128_cbc_hmac_sha1
350 NID_aes_128_cbc_hmac_sha1,
351#else
352 NID_undef,
353#endif
354 16,16,16,
355 EVP_CIPH_CBC_MODE|EVP_CIPH_FLAG_DEFAULT_ASN1|EVP_CIPH_FLAG_AEAD_CIPHER,
356 aesni_cbc_hmac_sha1_init_key,
357 aesni_cbc_hmac_sha1_cipher,
358 NULL,
359 sizeof(EVP_AES_HMAC_SHA1),
360 EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_set_asn1_iv,
361 EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_get_asn1_iv,
362 aesni_cbc_hmac_sha1_ctrl,
363 NULL
364 };
365
366static EVP_CIPHER aesni_256_cbc_hmac_sha1_cipher =
367 {
368#ifdef NID_aes_256_cbc_hmac_sha1
369 NID_aes_256_cbc_hmac_sha1,
370#else
371 NID_undef,
372#endif
373 16,32,16,
374 EVP_CIPH_CBC_MODE|EVP_CIPH_FLAG_DEFAULT_ASN1|EVP_CIPH_FLAG_AEAD_CIPHER,
375 aesni_cbc_hmac_sha1_init_key,
376 aesni_cbc_hmac_sha1_cipher,
377 NULL,
378 sizeof(EVP_AES_HMAC_SHA1),
379 EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_set_asn1_iv,
380 EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_get_asn1_iv,
381 aesni_cbc_hmac_sha1_ctrl,
382 NULL
383 };
384
385const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void)
386 {
387 return(OPENSSL_ia32cap_P[1]&AESNI_CAPABLE?
388 &aesni_128_cbc_hmac_sha1_cipher:NULL);
389 }
390
391const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void)
392 {
393 return(OPENSSL_ia32cap_P[1]&AESNI_CAPABLE?
394 &aesni_256_cbc_hmac_sha1_cipher:NULL);
395 }
396#else
397const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void)
398 {
399 return NULL;
400 }
401const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void)
402 {
403 return NULL;
404 }
405#endif
406#endif
diff --git a/src/lib/libcrypto/evp/e_bf.c b/src/lib/libcrypto/evp/e_bf.c
new file mode 100644
index 0000000000..cc224e5363
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_bf.c
@@ -0,0 +1,88 @@
1/* crypto/evp/e_bf.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#ifndef OPENSSL_NO_BF
62#include <openssl/evp.h>
63#include "evp_locl.h"
64#include <openssl/objects.h>
65#include <openssl/blowfish.h>
66
67static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
68 const unsigned char *iv, int enc);
69
70typedef struct
71 {
72 BF_KEY ks;
73 } EVP_BF_KEY;
74
75#define data(ctx) EVP_C_DATA(EVP_BF_KEY,ctx)
76
77IMPLEMENT_BLOCK_CIPHER(bf, ks, BF, EVP_BF_KEY, NID_bf, 8, 16, 8, 64,
78 EVP_CIPH_VARIABLE_LENGTH, bf_init_key, NULL,
79 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
80
81static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
82 const unsigned char *iv, int enc)
83 {
84 BF_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),key);
85 return 1;
86 }
87
88#endif
diff --git a/src/lib/libcrypto/evp/e_camellia.c b/src/lib/libcrypto/evp/e_camellia.c
new file mode 100644
index 0000000000..a7b40d1c60
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_camellia.c
@@ -0,0 +1,131 @@
1/* crypto/evp/e_camellia.c -*- mode:C; c-file-style: "eay" -*- */
2/* ====================================================================
3 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56#include <openssl/opensslconf.h>
57#ifndef OPENSSL_NO_CAMELLIA
58#include <openssl/evp.h>
59#include <openssl/err.h>
60#include <string.h>
61#include <assert.h>
62#include <openssl/camellia.h>
63#include "evp_locl.h"
64
65static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
66 const unsigned char *iv, int enc);
67
68/* Camellia subkey Structure */
69typedef struct
70 {
71 CAMELLIA_KEY ks;
72 } EVP_CAMELLIA_KEY;
73
74/* Attribute operation for Camellia */
75#define data(ctx) EVP_C_DATA(EVP_CAMELLIA_KEY,ctx)
76
77IMPLEMENT_BLOCK_CIPHER(camellia_128, ks, Camellia, EVP_CAMELLIA_KEY,
78 NID_camellia_128, 16, 16, 16, 128,
79 0, camellia_init_key, NULL,
80 EVP_CIPHER_set_asn1_iv,
81 EVP_CIPHER_get_asn1_iv,
82 NULL)
83IMPLEMENT_BLOCK_CIPHER(camellia_192, ks, Camellia, EVP_CAMELLIA_KEY,
84 NID_camellia_192, 16, 24, 16, 128,
85 0, camellia_init_key, NULL,
86 EVP_CIPHER_set_asn1_iv,
87 EVP_CIPHER_get_asn1_iv,
88 NULL)
89IMPLEMENT_BLOCK_CIPHER(camellia_256, ks, Camellia, EVP_CAMELLIA_KEY,
90 NID_camellia_256, 16, 32, 16, 128,
91 0, camellia_init_key, NULL,
92 EVP_CIPHER_set_asn1_iv,
93 EVP_CIPHER_get_asn1_iv,
94 NULL)
95
96#define IMPLEMENT_CAMELLIA_CFBR(ksize,cbits) IMPLEMENT_CFBR(camellia,Camellia,EVP_CAMELLIA_KEY,ks,ksize,cbits,16)
97
98IMPLEMENT_CAMELLIA_CFBR(128,1)
99IMPLEMENT_CAMELLIA_CFBR(192,1)
100IMPLEMENT_CAMELLIA_CFBR(256,1)
101
102IMPLEMENT_CAMELLIA_CFBR(128,8)
103IMPLEMENT_CAMELLIA_CFBR(192,8)
104IMPLEMENT_CAMELLIA_CFBR(256,8)
105
106
107
108/* The subkey for Camellia is generated. */
109static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
110 const unsigned char *iv, int enc)
111 {
112 int ret;
113
114 ret=Camellia_set_key(key, ctx->key_len * 8, ctx->cipher_data);
115
116 if(ret < 0)
117 {
118 EVPerr(EVP_F_CAMELLIA_INIT_KEY,EVP_R_CAMELLIA_KEY_SETUP_FAILED);
119 return 0;
120 }
121
122 return 1;
123 }
124
125#else
126
127# ifdef PEDANTIC
128static void *dummy=&dummy;
129# endif
130
131#endif
diff --git a/src/lib/libcrypto/evp/e_cast.c b/src/lib/libcrypto/evp/e_cast.c
new file mode 100644
index 0000000000..d77bcd9298
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_cast.c
@@ -0,0 +1,90 @@
1/* crypto/evp/e_cast.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_CAST
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65#include "evp_locl.h"
66#include <openssl/cast.h>
67
68static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
69 const unsigned char *iv,int enc);
70
71typedef struct
72 {
73 CAST_KEY ks;
74 } EVP_CAST_KEY;
75
76#define data(ctx) EVP_C_DATA(EVP_CAST_KEY,ctx)
77
78IMPLEMENT_BLOCK_CIPHER(cast5, ks, CAST, EVP_CAST_KEY,
79 NID_cast5, 8, CAST_KEY_LENGTH, 8, 64,
80 EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL,
81 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
82
83static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
84 const unsigned char *iv, int enc)
85 {
86 CAST_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),key);
87 return 1;
88 }
89
90#endif
diff --git a/src/lib/libcrypto/evp/e_des.c b/src/lib/libcrypto/evp/e_des.c
new file mode 100644
index 0000000000..ca009f2c52
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_des.c
@@ -0,0 +1,224 @@
1/* crypto/evp/e_des.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#ifndef OPENSSL_NO_DES
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include "evp_locl.h"
65#include <openssl/des.h>
66#include <openssl/rand.h>
67
68static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
69 const unsigned char *iv, int enc);
70static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
71
72/* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */
73
74static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
75 const unsigned char *in, size_t inl)
76{
77 BLOCK_CIPHER_ecb_loop()
78 DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), ctx->cipher_data, ctx->encrypt);
79 return 1;
80}
81
82static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
83 const unsigned char *in, size_t inl)
84{
85 while(inl>=EVP_MAXCHUNK)
86 {
87 DES_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
88 (DES_cblock *)ctx->iv, &ctx->num);
89 inl-=EVP_MAXCHUNK;
90 in +=EVP_MAXCHUNK;
91 out+=EVP_MAXCHUNK;
92 }
93 if (inl)
94 DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data,
95 (DES_cblock *)ctx->iv, &ctx->num);
96 return 1;
97}
98
99static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
100 const unsigned char *in, size_t inl)
101{
102 while(inl>=EVP_MAXCHUNK)
103 {
104 DES_ncbc_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
105 (DES_cblock *)ctx->iv, ctx->encrypt);
106 inl-=EVP_MAXCHUNK;
107 in +=EVP_MAXCHUNK;
108 out+=EVP_MAXCHUNK;
109 }
110 if (inl)
111 DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data,
112 (DES_cblock *)ctx->iv, ctx->encrypt);
113 return 1;
114}
115
116static int des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
117 const unsigned char *in, size_t inl)
118{
119 while(inl>=EVP_MAXCHUNK)
120 {
121 DES_cfb64_encrypt(in,out, (long)EVP_MAXCHUNK, ctx->cipher_data,
122 (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
123 inl-=EVP_MAXCHUNK;
124 in +=EVP_MAXCHUNK;
125 out+=EVP_MAXCHUNK;
126 }
127 if (inl)
128 DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data,
129 (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
130 return 1;
131}
132
133/* Although we have a CFB-r implementation for DES, it doesn't pack the right
134 way, so wrap it here */
135static int des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
136 const unsigned char *in, size_t inl)
137 {
138 size_t n,chunk=EVP_MAXCHUNK/8;
139 unsigned char c[1],d[1];
140
141 if (inl<chunk) chunk=inl;
142
143 while (inl && inl>=chunk)
144 {
145 for(n=0 ; n < chunk*8; ++n)
146 {
147 c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
148 DES_cfb_encrypt(c,d,1,1,ctx->cipher_data,(DES_cblock *)ctx->iv,
149 ctx->encrypt);
150 out[n/8]=(out[n/8]&~(0x80 >> (unsigned int)(n%8))) |
151 ((d[0]&0x80) >> (unsigned int)(n%8));
152 }
153 inl-=chunk;
154 in +=chunk;
155 out+=chunk;
156 if (inl<chunk) chunk=inl;
157 }
158
159 return 1;
160 }
161
162static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
163 const unsigned char *in, size_t inl)
164 {
165 while (inl>=EVP_MAXCHUNK)
166 {
167 DES_cfb_encrypt(in,out,8,(long)EVP_MAXCHUNK,ctx->cipher_data,
168 (DES_cblock *)ctx->iv,ctx->encrypt);
169 inl-=EVP_MAXCHUNK;
170 in +=EVP_MAXCHUNK;
171 out+=EVP_MAXCHUNK;
172 }
173 if (inl)
174 DES_cfb_encrypt(in,out,8,(long)inl,ctx->cipher_data,
175 (DES_cblock *)ctx->iv,ctx->encrypt);
176 return 1;
177 }
178
179BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64,
180 EVP_CIPH_RAND_KEY, des_init_key, NULL,
181 EVP_CIPHER_set_asn1_iv,
182 EVP_CIPHER_get_asn1_iv,
183 des_ctrl)
184
185BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,1,
186 EVP_CIPH_RAND_KEY, des_init_key,NULL,
187 EVP_CIPHER_set_asn1_iv,
188 EVP_CIPHER_get_asn1_iv,des_ctrl)
189
190BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,8,
191 EVP_CIPH_RAND_KEY,des_init_key,NULL,
192 EVP_CIPHER_set_asn1_iv,
193 EVP_CIPHER_get_asn1_iv,des_ctrl)
194
195static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
196 const unsigned char *iv, int enc)
197 {
198 DES_cblock *deskey = (DES_cblock *)key;
199#ifdef EVP_CHECK_DES_KEY
200 if(DES_set_key_checked(deskey,ctx->cipher_data) != 0)
201 return 0;
202#else
203 DES_set_key_unchecked(deskey,ctx->cipher_data);
204#endif
205 return 1;
206 }
207
208static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
209 {
210
211 switch(type)
212 {
213 case EVP_CTRL_RAND_KEY:
214 if (RAND_bytes(ptr, 8) <= 0)
215 return 0;
216 DES_set_odd_parity((DES_cblock *)ptr);
217 return 1;
218
219 default:
220 return -1;
221 }
222 }
223
224#endif
diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c
new file mode 100644
index 0000000000..3232cfe024
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_des3.c
@@ -0,0 +1,313 @@
1/* crypto/evp/e_des3.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#ifndef OPENSSL_NO_DES
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include "evp_locl.h"
65#include <openssl/des.h>
66#include <openssl/rand.h>
67
68static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
69 const unsigned char *iv,int enc);
70
71static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
72 const unsigned char *iv,int enc);
73
74static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
75
76typedef struct
77 {
78 DES_key_schedule ks1;/* key schedule */
79 DES_key_schedule ks2;/* key schedule (for ede) */
80 DES_key_schedule ks3;/* key schedule (for ede3) */
81 } DES_EDE_KEY;
82
83#define data(ctx) ((DES_EDE_KEY *)(ctx)->cipher_data)
84
85/* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */
86
87static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
88 const unsigned char *in, size_t inl)
89{
90 BLOCK_CIPHER_ecb_loop()
91 DES_ecb3_encrypt((const_DES_cblock *)(in + i),
92 (DES_cblock *)(out + i),
93 &data(ctx)->ks1, &data(ctx)->ks2,
94 &data(ctx)->ks3,
95 ctx->encrypt);
96 return 1;
97}
98
99static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
100 const unsigned char *in, size_t inl)
101{
102 if (inl>=EVP_MAXCHUNK)
103 {
104 DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
105 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
106 (DES_cblock *)ctx->iv, &ctx->num);
107 inl-=EVP_MAXCHUNK;
108 in +=EVP_MAXCHUNK;
109 out+=EVP_MAXCHUNK;
110 }
111 if (inl)
112 DES_ede3_ofb64_encrypt(in, out, (long)inl,
113 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
114 (DES_cblock *)ctx->iv, &ctx->num);
115
116 return 1;
117}
118
119static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
120 const unsigned char *in, size_t inl)
121{
122#ifdef KSSL_DEBUG
123 {
124 int i;
125 char *cp;
126 printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len);
127 printf("\t iv= ");
128 for(i=0;i<8;i++)
129 printf("%02X",ctx->iv[i]);
130 printf("\n");
131 }
132#endif /* KSSL_DEBUG */
133 if (inl>=EVP_MAXCHUNK)
134 {
135 DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK,
136 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
137 (DES_cblock *)ctx->iv, ctx->encrypt);
138 inl-=EVP_MAXCHUNK;
139 in +=EVP_MAXCHUNK;
140 out+=EVP_MAXCHUNK;
141 }
142 if (inl)
143 DES_ede3_cbc_encrypt(in, out, (long)inl,
144 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
145 (DES_cblock *)ctx->iv, ctx->encrypt);
146 return 1;
147}
148
149static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
150 const unsigned char *in, size_t inl)
151{
152 if (inl>=EVP_MAXCHUNK)
153 {
154 DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK,
155 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
156 (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
157 inl-=EVP_MAXCHUNK;
158 in +=EVP_MAXCHUNK;
159 out+=EVP_MAXCHUNK;
160 }
161 if (inl)
162 DES_ede3_cfb64_encrypt(in, out, (long)inl,
163 &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
164 (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
165 return 1;
166}
167
168/* Although we have a CFB-r implementation for 3-DES, it doesn't pack the right
169 way, so wrap it here */
170static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
171 const unsigned char *in, size_t inl)
172 {
173 size_t n;
174 unsigned char c[1],d[1];
175
176 for(n=0 ; n < inl ; ++n)
177 {
178 c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
179 DES_ede3_cfb_encrypt(c,d,1,1,
180 &data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3,
181 (DES_cblock *)ctx->iv,ctx->encrypt);
182 out[n/8]=(out[n/8]&~(0x80 >> (unsigned int)(n%8))) |
183 ((d[0]&0x80) >> (unsigned int)(n%8));
184 }
185
186 return 1;
187 }
188
189static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
190 const unsigned char *in, size_t inl)
191 {
192 while (inl>=EVP_MAXCHUNK)
193 {
194 DES_ede3_cfb_encrypt(in,out,8,(long)EVP_MAXCHUNK,
195 &data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3,
196 (DES_cblock *)ctx->iv,ctx->encrypt);
197 inl-=EVP_MAXCHUNK;
198 in +=EVP_MAXCHUNK;
199 out+=EVP_MAXCHUNK;
200 }
201 if (inl)
202 DES_ede3_cfb_encrypt(in,out,8,(long)inl,
203 &data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3,
204 (DES_cblock *)ctx->iv,ctx->encrypt);
205 return 1;
206 }
207
208BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
209 EVP_CIPH_RAND_KEY, des_ede_init_key, NULL,
210 EVP_CIPHER_set_asn1_iv,
211 EVP_CIPHER_get_asn1_iv,
212 des3_ctrl)
213
214#define des_ede3_cfb64_cipher des_ede_cfb64_cipher
215#define des_ede3_ofb_cipher des_ede_ofb_cipher
216#define des_ede3_cbc_cipher des_ede_cbc_cipher
217#define des_ede3_ecb_cipher des_ede_ecb_cipher
218
219BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
220 EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL,
221 EVP_CIPHER_set_asn1_iv,
222 EVP_CIPHER_get_asn1_iv,
223 des3_ctrl)
224
225BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1,
226 EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL,
227 EVP_CIPHER_set_asn1_iv,
228 EVP_CIPHER_get_asn1_iv,
229 des3_ctrl)
230
231BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8,
232 EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL,
233 EVP_CIPHER_set_asn1_iv,
234 EVP_CIPHER_get_asn1_iv,
235 des3_ctrl)
236
237static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
238 const unsigned char *iv, int enc)
239 {
240 DES_cblock *deskey = (DES_cblock *)key;
241#ifdef EVP_CHECK_DES_KEY
242 if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1)
243 !! DES_set_key_checked(&deskey[1],&data(ctx)->ks2))
244 return 0;
245#else
246 DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
247 DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
248#endif
249 memcpy(&data(ctx)->ks3,&data(ctx)->ks1,
250 sizeof(data(ctx)->ks1));
251 return 1;
252 }
253
254static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
255 const unsigned char *iv, int enc)
256 {
257 DES_cblock *deskey = (DES_cblock *)key;
258#ifdef KSSL_DEBUG
259 {
260 int i;
261 printf("des_ede3_init_key(ctx=%lx)\n", ctx);
262 printf("\tKEY= ");
263 for(i=0;i<24;i++) printf("%02X",key[i]); printf("\n");
264 printf("\t IV= ");
265 for(i=0;i<8;i++) printf("%02X",iv[i]); printf("\n");
266 }
267#endif /* KSSL_DEBUG */
268
269#ifdef EVP_CHECK_DES_KEY
270 if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1)
271 || DES_set_key_checked(&deskey[1],&data(ctx)->ks2)
272 || DES_set_key_checked(&deskey[2],&data(ctx)->ks3))
273 return 0;
274#else
275 DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
276 DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
277 DES_set_key_unchecked(&deskey[2],&data(ctx)->ks3);
278#endif
279 return 1;
280 }
281
282static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
283 {
284
285 DES_cblock *deskey = ptr;
286
287 switch(type)
288 {
289 case EVP_CTRL_RAND_KEY:
290 if (RAND_bytes(ptr, c->key_len) <= 0)
291 return 0;
292 DES_set_odd_parity(deskey);
293 if (c->key_len >= 16)
294 DES_set_odd_parity(deskey + 1);
295 if (c->key_len >= 24)
296 DES_set_odd_parity(deskey + 2);
297 return 1;
298
299 default:
300 return -1;
301 }
302 }
303
304const EVP_CIPHER *EVP_des_ede(void)
305{
306 return &des_ede_ecb;
307}
308
309const EVP_CIPHER *EVP_des_ede3(void)
310{
311 return &des_ede3_ecb;
312}
313#endif
diff --git a/src/lib/libcrypto/evp/e_idea.c b/src/lib/libcrypto/evp/e_idea.c
new file mode 100644
index 0000000000..806b080360
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_idea.c
@@ -0,0 +1,118 @@
1/* crypto/evp/e_idea.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_IDEA
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65#include "evp_locl.h"
66#include <openssl/idea.h>
67
68static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
69 const unsigned char *iv,int enc);
70
71/* NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a special
72 * case
73 */
74
75static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
76 const unsigned char *in, size_t inl)
77{
78 BLOCK_CIPHER_ecb_loop()
79 idea_ecb_encrypt(in + i, out + i, ctx->cipher_data);
80 return 1;
81}
82
83/* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */
84
85typedef struct
86 {
87 IDEA_KEY_SCHEDULE ks;
88 } EVP_IDEA_KEY;
89
90BLOCK_CIPHER_func_cbc(idea, idea, EVP_IDEA_KEY, ks)
91BLOCK_CIPHER_func_ofb(idea, idea, 64, EVP_IDEA_KEY, ks)
92BLOCK_CIPHER_func_cfb(idea, idea, 64, EVP_IDEA_KEY, ks)
93
94BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64,
95 0, idea_init_key, NULL,
96 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
97
98static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
99 const unsigned char *iv, int enc)
100 {
101 if(!enc) {
102 if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) enc = 1;
103 else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE) enc = 1;
104 }
105 if (enc) idea_set_encrypt_key(key,ctx->cipher_data);
106 else
107 {
108 IDEA_KEY_SCHEDULE tmp;
109
110 idea_set_encrypt_key(key,&tmp);
111 idea_set_decrypt_key(&tmp,ctx->cipher_data);
112 OPENSSL_cleanse((unsigned char *)&tmp,
113 sizeof(IDEA_KEY_SCHEDULE));
114 }
115 return 1;
116 }
117
118#endif
diff --git a/src/lib/libcrypto/evp/e_null.c b/src/lib/libcrypto/evp/e_null.c
new file mode 100644
index 0000000000..7cf50e1416
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_null.c
@@ -0,0 +1,102 @@
1/* crypto/evp/e_null.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63
64static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
65 const unsigned char *iv,int enc);
66static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
67 const unsigned char *in, size_t inl);
68static const EVP_CIPHER n_cipher=
69 {
70 NID_undef,
71 1,0,0,
72 0,
73 null_init_key,
74 null_cipher,
75 NULL,
76 0,
77 NULL,
78 NULL,
79 NULL,
80 NULL
81 };
82
83const EVP_CIPHER *EVP_enc_null(void)
84 {
85 return(&n_cipher);
86 }
87
88static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
89 const unsigned char *iv, int enc)
90 {
91 /* memset(&(ctx->c),0,sizeof(ctx->c));*/
92 return 1;
93 }
94
95static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
96 const unsigned char *in, size_t inl)
97 {
98 if (in != out)
99 memcpy((char *)out,(const char *)in,inl);
100 return 1;
101 }
102
diff --git a/src/lib/libcrypto/evp/e_old.c b/src/lib/libcrypto/evp/e_old.c
new file mode 100644
index 0000000000..1642af4869
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_old.c
@@ -0,0 +1,125 @@
1/* crypto/evp/e_old.c -*- mode:C; c-file-style: "eay" -*- */
2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3 * project 2004.
4 */
5/* ====================================================================
6 * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#ifdef OPENSSL_NO_DEPRECATED
60static void *dummy = &dummy;
61#else
62
63#include <openssl/evp.h>
64
65/* Define some deprecated functions, so older programs
66 don't crash and burn too quickly. On Windows and VMS,
67 these will never be used, since functions and variables
68 in shared libraries are selected by entry point location,
69 not by name. */
70
71#ifndef OPENSSL_NO_BF
72#undef EVP_bf_cfb
73const EVP_CIPHER *EVP_bf_cfb(void);
74const EVP_CIPHER *EVP_bf_cfb(void) { return EVP_bf_cfb64(); }
75#endif
76
77#ifndef OPENSSL_NO_DES
78#undef EVP_des_cfb
79const EVP_CIPHER *EVP_des_cfb(void);
80const EVP_CIPHER *EVP_des_cfb(void) { return EVP_des_cfb64(); }
81#undef EVP_des_ede3_cfb
82const EVP_CIPHER *EVP_des_ede3_cfb(void);
83const EVP_CIPHER *EVP_des_ede3_cfb(void) { return EVP_des_ede3_cfb64(); }
84#undef EVP_des_ede_cfb
85const EVP_CIPHER *EVP_des_ede_cfb(void);
86const EVP_CIPHER *EVP_des_ede_cfb(void) { return EVP_des_ede_cfb64(); }
87#endif
88
89#ifndef OPENSSL_NO_IDEA
90#undef EVP_idea_cfb
91const EVP_CIPHER *EVP_idea_cfb(void);
92const EVP_CIPHER *EVP_idea_cfb(void) { return EVP_idea_cfb64(); }
93#endif
94
95#ifndef OPENSSL_NO_RC2
96#undef EVP_rc2_cfb
97const EVP_CIPHER *EVP_rc2_cfb(void);
98const EVP_CIPHER *EVP_rc2_cfb(void) { return EVP_rc2_cfb64(); }
99#endif
100
101#ifndef OPENSSL_NO_CAST
102#undef EVP_cast5_cfb
103const EVP_CIPHER *EVP_cast5_cfb(void);
104const EVP_CIPHER *EVP_cast5_cfb(void) { return EVP_cast5_cfb64(); }
105#endif
106
107#ifndef OPENSSL_NO_RC5
108#undef EVP_rc5_32_12_16_cfb
109const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
110const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void) { return EVP_rc5_32_12_16_cfb64(); }
111#endif
112
113#ifndef OPENSSL_NO_AES
114#undef EVP_aes_128_cfb
115const EVP_CIPHER *EVP_aes_128_cfb(void);
116const EVP_CIPHER *EVP_aes_128_cfb(void) { return EVP_aes_128_cfb128(); }
117#undef EVP_aes_192_cfb
118const EVP_CIPHER *EVP_aes_192_cfb(void);
119const EVP_CIPHER *EVP_aes_192_cfb(void) { return EVP_aes_192_cfb128(); }
120#undef EVP_aes_256_cfb
121const EVP_CIPHER *EVP_aes_256_cfb(void);
122const EVP_CIPHER *EVP_aes_256_cfb(void) { return EVP_aes_256_cfb128(); }
123#endif
124
125#endif
diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c
new file mode 100644
index 0000000000..f78d781129
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_rc2.c
@@ -0,0 +1,237 @@
1/* crypto/evp/e_rc2.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_RC2
63
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include "evp_locl.h"
67#include <openssl/rc2.h>
68
69static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
70 const unsigned char *iv,int enc);
71static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx);
72static int rc2_magic_to_meth(int i);
73static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
74static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
75static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
76
77typedef struct
78 {
79 int key_bits; /* effective key bits */
80 RC2_KEY ks; /* key schedule */
81 } EVP_RC2_KEY;
82
83#define data(ctx) ((EVP_RC2_KEY *)(ctx)->cipher_data)
84
85IMPLEMENT_BLOCK_CIPHER(rc2, ks, RC2, EVP_RC2_KEY, NID_rc2,
86 8,
87 RC2_KEY_LENGTH, 8, 64,
88 EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
89 rc2_init_key, NULL,
90 rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv,
91 rc2_ctrl)
92
93#define RC2_40_MAGIC 0xa0
94#define RC2_64_MAGIC 0x78
95#define RC2_128_MAGIC 0x3a
96
97static const EVP_CIPHER r2_64_cbc_cipher=
98 {
99 NID_rc2_64_cbc,
100 8,8 /* 64 bit */,8,
101 EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
102 rc2_init_key,
103 rc2_cbc_cipher,
104 NULL,
105 sizeof(EVP_RC2_KEY),
106 rc2_set_asn1_type_and_iv,
107 rc2_get_asn1_type_and_iv,
108 rc2_ctrl,
109 NULL
110 };
111
112static const EVP_CIPHER r2_40_cbc_cipher=
113 {
114 NID_rc2_40_cbc,
115 8,5 /* 40 bit */,8,
116 EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
117 rc2_init_key,
118 rc2_cbc_cipher,
119 NULL,
120 sizeof(EVP_RC2_KEY),
121 rc2_set_asn1_type_and_iv,
122 rc2_get_asn1_type_and_iv,
123 rc2_ctrl,
124 NULL
125 };
126
127const EVP_CIPHER *EVP_rc2_64_cbc(void)
128 {
129 return(&r2_64_cbc_cipher);
130 }
131
132const EVP_CIPHER *EVP_rc2_40_cbc(void)
133 {
134 return(&r2_40_cbc_cipher);
135 }
136
137static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
138 const unsigned char *iv, int enc)
139 {
140 RC2_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
141 key,data(ctx)->key_bits);
142 return 1;
143 }
144
145static int rc2_meth_to_magic(EVP_CIPHER_CTX *e)
146 {
147 int i;
148
149 EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i);
150 if (i == 128) return(RC2_128_MAGIC);
151 else if (i == 64) return(RC2_64_MAGIC);
152 else if (i == 40) return(RC2_40_MAGIC);
153 else return(0);
154 }
155
156static int rc2_magic_to_meth(int i)
157 {
158 if (i == RC2_128_MAGIC) return 128;
159 else if (i == RC2_64_MAGIC) return 64;
160 else if (i == RC2_40_MAGIC) return 40;
161 else
162 {
163 EVPerr(EVP_F_RC2_MAGIC_TO_METH,EVP_R_UNSUPPORTED_KEY_SIZE);
164 return(0);
165 }
166 }
167
168static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
169 {
170 long num=0;
171 int i=0;
172 int key_bits;
173 unsigned int l;
174 unsigned char iv[EVP_MAX_IV_LENGTH];
175
176 if (type != NULL)
177 {
178 l=EVP_CIPHER_CTX_iv_length(c);
179 OPENSSL_assert(l <= sizeof(iv));
180 i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l);
181 if (i != (int)l)
182 return(-1);
183 key_bits =rc2_magic_to_meth((int)num);
184 if (!key_bits)
185 return(-1);
186 if(i > 0) EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1);
187 EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
188 EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
189 }
190 return(i);
191 }
192
193static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
194 {
195 long num;
196 int i=0,j;
197
198 if (type != NULL)
199 {
200 num=rc2_meth_to_magic(c);
201 j=EVP_CIPHER_CTX_iv_length(c);
202 i=ASN1_TYPE_set_int_octetstring(type,num,c->oiv,j);
203 }
204 return(i);
205 }
206
207static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
208 {
209 switch(type)
210 {
211 case EVP_CTRL_INIT:
212 data(c)->key_bits = EVP_CIPHER_CTX_key_length(c) * 8;
213 return 1;
214
215 case EVP_CTRL_GET_RC2_KEY_BITS:
216 *(int *)ptr = data(c)->key_bits;
217 return 1;
218
219 case EVP_CTRL_SET_RC2_KEY_BITS:
220 if(arg > 0)
221 {
222 data(c)->key_bits = arg;
223 return 1;
224 }
225 return 0;
226#ifdef PBE_PRF_TEST
227 case EVP_CTRL_PBE_PRF_NID:
228 *(int *)ptr = NID_hmacWithMD5;
229 return 1;
230#endif
231
232 default:
233 return -1;
234 }
235 }
236
237#endif
diff --git a/src/lib/libcrypto/evp/e_rc4.c b/src/lib/libcrypto/evp/e_rc4.c
new file mode 100644
index 0000000000..8b5175e0fd
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_rc4.c
@@ -0,0 +1,136 @@
1/* crypto/evp/e_rc4.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_RC4
63
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include <openssl/rc4.h>
67
68/* FIXME: surely this is available elsewhere? */
69#define EVP_RC4_KEY_SIZE 16
70
71typedef struct
72 {
73 RC4_KEY ks; /* working key */
74 } EVP_RC4_KEY;
75
76#define data(ctx) ((EVP_RC4_KEY *)(ctx)->cipher_data)
77
78static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
79 const unsigned char *iv,int enc);
80static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
81 const unsigned char *in, size_t inl);
82static const EVP_CIPHER r4_cipher=
83 {
84 NID_rc4,
85 1,EVP_RC4_KEY_SIZE,0,
86 EVP_CIPH_VARIABLE_LENGTH,
87 rc4_init_key,
88 rc4_cipher,
89 NULL,
90 sizeof(EVP_RC4_KEY),
91 NULL,
92 NULL,
93 NULL,
94 NULL
95 };
96
97static const EVP_CIPHER r4_40_cipher=
98 {
99 NID_rc4_40,
100 1,5 /* 40 bit */,0,
101 EVP_CIPH_VARIABLE_LENGTH,
102 rc4_init_key,
103 rc4_cipher,
104 NULL,
105 sizeof(EVP_RC4_KEY),
106 NULL,
107 NULL,
108 NULL,
109 NULL
110 };
111
112const EVP_CIPHER *EVP_rc4(void)
113 {
114 return(&r4_cipher);
115 }
116
117const EVP_CIPHER *EVP_rc4_40(void)
118 {
119 return(&r4_40_cipher);
120 }
121
122static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
123 const unsigned char *iv, int enc)
124 {
125 RC4_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
126 key);
127 return 1;
128 }
129
130static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
131 const unsigned char *in, size_t inl)
132 {
133 RC4(&data(ctx)->ks,inl,in,out);
134 return 1;
135 }
136#endif
diff --git a/src/lib/libcrypto/evp/e_rc4_hmac_md5.c b/src/lib/libcrypto/evp/e_rc4_hmac_md5.c
new file mode 100644
index 0000000000..56563191ba
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_rc4_hmac_md5.c
@@ -0,0 +1,298 @@
1/* ====================================================================
2 * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * licensing@OpenSSL.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 */
49
50#include <openssl/opensslconf.h>
51
52#include <stdio.h>
53#include <string.h>
54
55#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5)
56
57#include <openssl/evp.h>
58#include <openssl/objects.h>
59#include <openssl/rc4.h>
60#include <openssl/md5.h>
61
62#ifndef EVP_CIPH_FLAG_AEAD_CIPHER
63#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
64#define EVP_CTRL_AEAD_TLS1_AAD 0x16
65#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
66#endif
67
68/* FIXME: surely this is available elsewhere? */
69#define EVP_RC4_KEY_SIZE 16
70
71typedef struct
72 {
73 RC4_KEY ks;
74 MD5_CTX head,tail,md;
75 size_t payload_length;
76 } EVP_RC4_HMAC_MD5;
77
78#define NO_PAYLOAD_LENGTH ((size_t)-1)
79
80void rc4_md5_enc (RC4_KEY *key, const void *in0, void *out,
81 MD5_CTX *ctx,const void *inp,size_t blocks);
82
83#define data(ctx) ((EVP_RC4_HMAC_MD5 *)(ctx)->cipher_data)
84
85static int rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx,
86 const unsigned char *inkey,
87 const unsigned char *iv, int enc)
88 {
89 EVP_RC4_HMAC_MD5 *key = data(ctx);
90
91 RC4_set_key(&key->ks,EVP_CIPHER_CTX_key_length(ctx),
92 inkey);
93
94 MD5_Init(&key->head); /* handy when benchmarking */
95 key->tail = key->head;
96 key->md = key->head;
97
98 key->payload_length = NO_PAYLOAD_LENGTH;
99
100 return 1;
101 }
102
103#if !defined(OPENSSL_NO_ASM) && ( \
104 defined(__x86_64) || defined(__x86_64__) || \
105 defined(_M_AMD64) || defined(_M_X64) || \
106 defined(__INTEL__) ) && \
107 !(defined(__APPLE__) && defined(__MACH__))
108#define STITCHED_CALL
109#endif
110
111#if !defined(STITCHED_CALL)
112#define rc4_off 0
113#define md5_off 0
114#endif
115
116static int rc4_hmac_md5_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
117 const unsigned char *in, size_t len)
118 {
119 EVP_RC4_HMAC_MD5 *key = data(ctx);
120#if defined(STITCHED_CALL)
121 size_t rc4_off = 32-1-(key->ks.x&(32-1)), /* 32 is $MOD from rc4_md5-x86_64.pl */
122 md5_off = MD5_CBLOCK-key->md.num,
123 blocks;
124 unsigned int l;
125 extern unsigned int OPENSSL_ia32cap_P[];
126#endif
127 size_t plen = key->payload_length;
128
129 if (plen!=NO_PAYLOAD_LENGTH && len!=(plen+MD5_DIGEST_LENGTH)) return 0;
130
131 if (ctx->encrypt) {
132 if (plen==NO_PAYLOAD_LENGTH) plen = len;
133#if defined(STITCHED_CALL)
134 /* cipher has to "fall behind" */
135 if (rc4_off>md5_off) md5_off+=MD5_CBLOCK;
136
137 if (plen>md5_off && (blocks=(plen-md5_off)/MD5_CBLOCK) &&
138 (OPENSSL_ia32cap_P[0]&(1<<20))==0) {
139 MD5_Update(&key->md,in,md5_off);
140 RC4(&key->ks,rc4_off,in,out);
141
142 rc4_md5_enc(&key->ks,in+rc4_off,out+rc4_off,
143 &key->md,in+md5_off,blocks);
144 blocks *= MD5_CBLOCK;
145 rc4_off += blocks;
146 md5_off += blocks;
147 key->md.Nh += blocks>>29;
148 key->md.Nl += blocks<<=3;
149 if (key->md.Nl<(unsigned int)blocks) key->md.Nh++;
150 } else {
151 rc4_off = 0;
152 md5_off = 0;
153 }
154#endif
155 MD5_Update(&key->md,in+md5_off,plen-md5_off);
156
157 if (plen!=len) { /* "TLS" mode of operation */
158 if (in!=out)
159 memcpy(out+rc4_off,in+rc4_off,plen-rc4_off);
160
161 /* calculate HMAC and append it to payload */
162 MD5_Final(out+plen,&key->md);
163 key->md = key->tail;
164 MD5_Update(&key->md,out+plen,MD5_DIGEST_LENGTH);
165 MD5_Final(out+plen,&key->md);
166 /* encrypt HMAC at once */
167 RC4(&key->ks,len-rc4_off,out+rc4_off,out+rc4_off);
168 } else {
169 RC4(&key->ks,len-rc4_off,in+rc4_off,out+rc4_off);
170 }
171 } else {
172 unsigned char mac[MD5_DIGEST_LENGTH];
173#if defined(STITCHED_CALL)
174 /* digest has to "fall behind" */
175 if (md5_off>rc4_off) rc4_off += 2*MD5_CBLOCK;
176 else rc4_off += MD5_CBLOCK;
177
178 if (len>rc4_off && (blocks=(len-rc4_off)/MD5_CBLOCK) &&
179 (OPENSSL_ia32cap_P[0]&(1<<20))==0) {
180 RC4(&key->ks,rc4_off,in,out);
181 MD5_Update(&key->md,out,md5_off);
182
183 rc4_md5_enc(&key->ks,in+rc4_off,out+rc4_off,
184 &key->md,out+md5_off,blocks);
185 blocks *= MD5_CBLOCK;
186 rc4_off += blocks;
187 md5_off += blocks;
188 l = (key->md.Nl+(blocks<<3))&0xffffffffU;
189 if (l<key->md.Nl) key->md.Nh++;
190 key->md.Nl = l;
191 key->md.Nh += blocks>>29;
192 } else {
193 md5_off=0;
194 rc4_off=0;
195 }
196#endif
197 /* decrypt HMAC at once */
198 RC4(&key->ks,len-rc4_off,in+rc4_off,out+rc4_off);
199 if (plen!=NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */
200 MD5_Update(&key->md,out+md5_off,plen-md5_off);
201
202 /* calculate HMAC and verify it */
203 MD5_Final(mac,&key->md);
204 key->md = key->tail;
205 MD5_Update(&key->md,mac,MD5_DIGEST_LENGTH);
206 MD5_Final(mac,&key->md);
207
208 if (memcmp(out+plen,mac,MD5_DIGEST_LENGTH))
209 return 0;
210 } else {
211 MD5_Update(&key->md,out+md5_off,len-md5_off);
212 }
213 }
214
215 key->payload_length = NO_PAYLOAD_LENGTH;
216
217 return 1;
218 }
219
220static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
221 {
222 EVP_RC4_HMAC_MD5 *key = data(ctx);
223
224 switch (type)
225 {
226 case EVP_CTRL_AEAD_SET_MAC_KEY:
227 {
228 unsigned int i;
229 unsigned char hmac_key[64];
230
231 memset (hmac_key,0,sizeof(hmac_key));
232
233 if (arg > (int)sizeof(hmac_key)) {
234 MD5_Init(&key->head);
235 MD5_Update(&key->head,ptr,arg);
236 MD5_Final(hmac_key,&key->head);
237 } else {
238 memcpy(hmac_key,ptr,arg);
239 }
240
241 for (i=0;i<sizeof(hmac_key);i++)
242 hmac_key[i] ^= 0x36; /* ipad */
243 MD5_Init(&key->head);
244 MD5_Update(&key->head,hmac_key,sizeof(hmac_key));
245
246 for (i=0;i<sizeof(hmac_key);i++)
247 hmac_key[i] ^= 0x36^0x5c; /* opad */
248 MD5_Init(&key->tail);
249 MD5_Update(&key->tail,hmac_key,sizeof(hmac_key));
250
251 return 1;
252 }
253 case EVP_CTRL_AEAD_TLS1_AAD:
254 {
255 unsigned char *p=ptr;
256 unsigned int len=p[arg-2]<<8|p[arg-1];
257
258 if (!ctx->encrypt)
259 {
260 len -= MD5_DIGEST_LENGTH;
261 p[arg-2] = len>>8;
262 p[arg-1] = len;
263 }
264 key->payload_length=len;
265 key->md = key->head;
266 MD5_Update(&key->md,p,arg);
267
268 return MD5_DIGEST_LENGTH;
269 }
270 default:
271 return -1;
272 }
273 }
274
275static EVP_CIPHER r4_hmac_md5_cipher=
276 {
277#ifdef NID_rc4_hmac_md5
278 NID_rc4_hmac_md5,
279#else
280 NID_undef,
281#endif
282 1,EVP_RC4_KEY_SIZE,0,
283 EVP_CIPH_STREAM_CIPHER|EVP_CIPH_VARIABLE_LENGTH|EVP_CIPH_FLAG_AEAD_CIPHER,
284 rc4_hmac_md5_init_key,
285 rc4_hmac_md5_cipher,
286 NULL,
287 sizeof(EVP_RC4_HMAC_MD5),
288 NULL,
289 NULL,
290 rc4_hmac_md5_ctrl,
291 NULL
292 };
293
294const EVP_CIPHER *EVP_rc4_hmac_md5(void)
295 {
296 return(&r4_hmac_md5_cipher);
297 }
298#endif
diff --git a/src/lib/libcrypto/evp/evp_cnf.c b/src/lib/libcrypto/evp/e_seed.c
index 2e4db30235..2d1759d276 100644
--- a/src/lib/libcrypto/evp/evp_cnf.c
+++ b/src/lib/libcrypto/evp/e_seed.c
@@ -1,7 +1,4 @@
1/* evp_cnf.c */ 1/* crypto/evp/e_seed.c -*- mode:C; c-file-style: "eay" -*- */
2/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
3 * project 2007.
4 */
5/* ==================================================================== 2/* ====================================================================
6 * Copyright (c) 2007 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
7 * 4 *
@@ -20,12 +17,12 @@
20 * 3. All advertising materials mentioning features or use of this 17 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment: 18 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project 19 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24 * 21 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without 23 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact 24 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org. 25 * openssl-core@openssl.org.
29 * 26 *
30 * 5. Products derived from this software may not be called "OpenSSL" 27 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written 28 * nor may "OpenSSL" appear in their names without prior written
@@ -34,7 +31,7 @@
34 * 6. Redistributions of any form whatsoever must retain the following 31 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment: 32 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project 33 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38 * 35 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
@@ -56,70 +53,31 @@
56 * 53 *
57 */ 54 */
58 55
59#include <stdio.h> 56#include <openssl/opensslconf.h>
60#include <ctype.h> 57#ifndef OPENSSL_NO_SEED
61#include <openssl/crypto.h> 58#include <openssl/evp.h>
62#include "cryptlib.h" 59#include <openssl/err.h>
63#include <openssl/conf.h> 60#include <string.h>
64#include <openssl/dso.h> 61#include <assert.h>
65#include <openssl/x509.h> 62#include <openssl/seed.h>
66#include <openssl/x509v3.h> 63#include "evp_locl.h"
67#ifdef OPENSSL_FIPS
68#include <openssl/fips.h>
69#endif
70 64
65static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc);
66
67typedef struct
68 {
69 SEED_KEY_SCHEDULE ks;
70 } EVP_SEED_KEY;
71 71
72/* Algorithm configuration module. */ 72IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed,
73 16, 16, 16, 128,
74 0, seed_init_key, 0, 0, 0, 0)
73 75
74static int alg_module_init(CONF_IMODULE *md, const CONF *cnf) 76static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
77 const unsigned char *iv, int enc)
75 { 78 {
76 int i; 79 SEED_set_key(key, ctx->cipher_data);
77 const char *oid_section;
78 STACK_OF(CONF_VALUE) *sktmp;
79 CONF_VALUE *oval;
80 oid_section = CONF_imodule_get_value(md);
81 if(!(sktmp = NCONF_get_section(cnf, oid_section)))
82 {
83 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);
84 return 0;
85 }
86 for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++)
87 {
88 oval = sk_CONF_VALUE_value(sktmp, i);
89 if (!strcmp(oval->name, "fips_mode"))
90 {
91 int m;
92 if (!X509V3_get_value_bool(oval, &m))
93 {
94 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE);
95 return 0;
96 }
97 if (m > 0)
98 {
99#ifdef OPENSSL_FIPS
100 if (!FIPS_mode() && !FIPS_mode_set(1))
101 {
102 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_SETTING_FIPS_MODE);
103 return 0;
104 }
105#else
106 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED);
107 return 0;
108#endif
109 }
110 }
111 else
112 {
113 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION);
114 ERR_add_error_data(4, "name=", oval->name,
115 ", value=", oval->value);
116 }
117
118 }
119 return 1; 80 return 1;
120 } 81 }
121 82
122void EVP_add_alg_module(void) 83#endif
123 {
124 CONF_module_add("alg_section", alg_module_init, 0);
125 }
diff --git a/src/lib/libcrypto/evp/e_xcbc_d.c b/src/lib/libcrypto/evp/e_xcbc_d.c
new file mode 100644
index 0000000000..250e88c8c5
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_xcbc_d.c
@@ -0,0 +1,138 @@
1/* crypto/evp/e_xcbc_d.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_DES
63
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include "evp_locl.h"
67#include <openssl/des.h>
68
69static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
70 const unsigned char *iv,int enc);
71static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
72 const unsigned char *in, size_t inl);
73
74
75typedef struct
76 {
77 DES_key_schedule ks;/* key schedule */
78 DES_cblock inw;
79 DES_cblock outw;
80 } DESX_CBC_KEY;
81
82#define data(ctx) ((DESX_CBC_KEY *)(ctx)->cipher_data)
83
84static const EVP_CIPHER d_xcbc_cipher=
85 {
86 NID_desx_cbc,
87 8,24,8,
88 EVP_CIPH_CBC_MODE,
89 desx_cbc_init_key,
90 desx_cbc_cipher,
91 NULL,
92 sizeof(DESX_CBC_KEY),
93 EVP_CIPHER_set_asn1_iv,
94 EVP_CIPHER_get_asn1_iv,
95 NULL,
96 NULL
97 };
98
99const EVP_CIPHER *EVP_desx_cbc(void)
100 {
101 return(&d_xcbc_cipher);
102 }
103
104static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
105 const unsigned char *iv, int enc)
106 {
107 DES_cblock *deskey = (DES_cblock *)key;
108
109 DES_set_key_unchecked(deskey,&data(ctx)->ks);
110 memcpy(&data(ctx)->inw[0],&key[8],8);
111 memcpy(&data(ctx)->outw[0],&key[16],8);
112
113 return 1;
114 }
115
116static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
117 const unsigned char *in, size_t inl)
118 {
119 while (inl>=EVP_MAXCHUNK)
120 {
121 DES_xcbc_encrypt(in,out,(long)EVP_MAXCHUNK,&data(ctx)->ks,
122 (DES_cblock *)&(ctx->iv[0]),
123 &data(ctx)->inw,
124 &data(ctx)->outw,
125 ctx->encrypt);
126 inl-=EVP_MAXCHUNK;
127 in +=EVP_MAXCHUNK;
128 out+=EVP_MAXCHUNK;
129 }
130 if (inl)
131 DES_xcbc_encrypt(in,out,(long)inl,&data(ctx)->ks,
132 (DES_cblock *)&(ctx->iv[0]),
133 &data(ctx)->inw,
134 &data(ctx)->outw,
135 ctx->encrypt);
136 return 1;
137 }
138#endif
diff --git a/src/lib/libcrypto/evp/enc_min.c b/src/lib/libcrypto/evp/enc_min.c
deleted file mode 100644
index 7fba38ee24..0000000000
--- a/src/lib/libcrypto/evp/enc_min.c
+++ /dev/null
@@ -1,390 +0,0 @@
1/* crypto/evp/enc_min.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/err.h>
63#include <openssl/rand.h>
64#ifndef OPENSSL_NO_ENGINE
65#include <openssl/engine.h>
66#endif
67#include "evp_locl.h"
68
69void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
70 {
71#ifdef OPENSSL_FIPS
72 FIPS_selftest_check();
73#endif
74 memset(ctx,0,sizeof(EVP_CIPHER_CTX));
75 /* ctx->cipher=NULL; */
76 }
77
78#ifdef OPENSSL_FIPS
79
80/* The purpose of these is to trap programs that attempt to use non FIPS
81 * algorithms in FIPS mode and ignore the errors.
82 */
83
84static int bad_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
85 const unsigned char *iv, int enc)
86 { FIPS_ERROR_IGNORED("Cipher init"); return 0;}
87
88static int bad_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
89 const unsigned char *in, unsigned int inl)
90 { FIPS_ERROR_IGNORED("Cipher update"); return 0;}
91
92/* NB: no cleanup because it is allowed after failed init */
93
94static int bad_set_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ)
95 { FIPS_ERROR_IGNORED("Cipher set_asn1"); return 0;}
96static int bad_get_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ)
97 { FIPS_ERROR_IGNORED("Cipher get_asn1"); return 0;}
98static int bad_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
99 { FIPS_ERROR_IGNORED("Cipher ctrl"); return 0;}
100
101static const EVP_CIPHER bad_cipher =
102 {
103 0,
104 0,
105 0,
106 0,
107 0,
108 bad_init,
109 bad_do_cipher,
110 NULL,
111 0,
112 bad_set_asn1,
113 bad_get_asn1,
114 bad_ctrl,
115 NULL
116 };
117
118#endif
119
120#ifndef OPENSSL_NO_ENGINE
121
122#ifdef OPENSSL_FIPS
123
124static int do_engine_null(ENGINE *impl) { return 0;}
125static int do_evp_enc_engine_null(EVP_CIPHER_CTX *ctx,
126 const EVP_CIPHER **pciph, ENGINE *impl)
127 { return 1; }
128
129static int (*do_engine_finish)(ENGINE *impl)
130 = do_engine_null;
131
132static int (*do_evp_enc_engine)
133 (EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pciph, ENGINE *impl)
134 = do_evp_enc_engine_null;
135
136void int_EVP_CIPHER_set_engine_callbacks(
137 int (*eng_ciph_fin)(ENGINE *impl),
138 int (*eng_ciph_evp)
139 (EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pciph, ENGINE *impl))
140 {
141 do_engine_finish = eng_ciph_fin;
142 do_evp_enc_engine = eng_ciph_evp;
143 }
144
145#else
146
147#define do_engine_finish ENGINE_finish
148
149static int do_evp_enc_engine(EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pcipher, ENGINE *impl)
150 {
151 if(impl)
152 {
153 if (!ENGINE_init(impl))
154 {
155 EVPerr(EVP_F_DO_EVP_ENC_ENGINE, EVP_R_INITIALIZATION_ERROR);
156 return 0;
157 }
158 }
159 else
160 /* Ask if an ENGINE is reserved for this job */
161 impl = ENGINE_get_cipher_engine((*pcipher)->nid);
162 if(impl)
163 {
164 /* There's an ENGINE for this job ... (apparently) */
165 const EVP_CIPHER *c = ENGINE_get_cipher(impl, (*pcipher)->nid);
166 if(!c)
167 {
168 /* One positive side-effect of US's export
169 * control history, is that we should at least
170 * be able to avoid using US mispellings of
171 * "initialisation"? */
172 EVPerr(EVP_F_DO_EVP_ENC_ENGINE, EVP_R_INITIALIZATION_ERROR);
173 return 0;
174 }
175 /* We'll use the ENGINE's private cipher definition */
176 *pcipher = c;
177 /* Store the ENGINE functional reference so we know
178 * 'cipher' came from an ENGINE and we need to release
179 * it when done. */
180 ctx->engine = impl;
181 }
182 else
183 ctx->engine = NULL;
184 return 1;
185 }
186
187#endif
188
189#endif
190
191int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
192 const unsigned char *key, const unsigned char *iv, int enc)
193 {
194 if (enc == -1)
195 enc = ctx->encrypt;
196 else
197 {
198 if (enc)
199 enc = 1;
200 ctx->encrypt = enc;
201 }
202#ifdef OPENSSL_FIPS
203 if(FIPS_selftest_failed())
204 {
205 FIPSerr(FIPS_F_EVP_CIPHERINIT_EX,FIPS_R_FIPS_SELFTEST_FAILED);
206 ctx->cipher = &bad_cipher;
207 return 0;
208 }
209#endif
210#ifndef OPENSSL_NO_ENGINE
211 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
212 * so this context may already have an ENGINE! Try to avoid releasing
213 * the previous handle, re-querying for an ENGINE, and having a
214 * reinitialisation, when it may all be unecessary. */
215 if (ctx->engine && ctx->cipher && (!cipher ||
216 (cipher && (cipher->nid == ctx->cipher->nid))))
217 goto skip_to_init;
218#endif
219 if (cipher)
220 {
221 /* Ensure a context left lying around from last time is cleared
222 * (the previous check attempted to avoid this if the same
223 * ENGINE and EVP_CIPHER could be used). */
224 EVP_CIPHER_CTX_cleanup(ctx);
225
226 /* Restore encrypt field: it is zeroed by cleanup */
227 ctx->encrypt = enc;
228#ifndef OPENSSL_NO_ENGINE
229 if (!do_evp_enc_engine(ctx, &cipher, impl))
230 return 0;
231#endif
232
233 ctx->cipher=cipher;
234 if (ctx->cipher->ctx_size)
235 {
236 ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
237 if (!ctx->cipher_data)
238 {
239 EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE);
240 return 0;
241 }
242 }
243 else
244 {
245 ctx->cipher_data = NULL;
246 }
247 ctx->key_len = cipher->key_len;
248 ctx->flags = 0;
249 if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT)
250 {
251 if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL))
252 {
253 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
254 return 0;
255 }
256 }
257 }
258 else if(!ctx->cipher)
259 {
260 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET);
261 return 0;
262 }
263#ifndef OPENSSL_NO_ENGINE
264skip_to_init:
265#endif
266 /* we assume block size is a power of 2 in *cryptUpdate */
267 OPENSSL_assert(ctx->cipher->block_size == 1
268 || ctx->cipher->block_size == 8
269 || ctx->cipher->block_size == 16);
270
271 if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
272 switch(EVP_CIPHER_CTX_mode(ctx)) {
273
274 case EVP_CIPH_STREAM_CIPHER:
275 case EVP_CIPH_ECB_MODE:
276 break;
277
278 case EVP_CIPH_CFB_MODE:
279 case EVP_CIPH_OFB_MODE:
280
281 ctx->num = 0;
282
283 case EVP_CIPH_CBC_MODE:
284
285 OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
286 (int)sizeof(ctx->iv));
287 if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
288 memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
289 break;
290
291 default:
292 return 0;
293 break;
294 }
295 }
296
297#ifdef OPENSSL_FIPS
298 /* After 'key' is set no further parameters changes are permissible.
299 * So only check for non FIPS enabling at this point.
300 */
301 if (key && FIPS_mode())
302 {
303 if (!(ctx->cipher->flags & EVP_CIPH_FLAG_FIPS)
304 & !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW))
305 {
306 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_DISABLED_FOR_FIPS);
307#if 0
308 ERR_add_error_data(2, "cipher=",
309 EVP_CIPHER_name(ctx->cipher));
310#endif
311 ctx->cipher = &bad_cipher;
312 return 0;
313 }
314 }
315#endif
316
317 if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
318 if(!ctx->cipher->init(ctx,key,iv,enc)) return 0;
319 }
320 ctx->buf_len=0;
321 ctx->final_used=0;
322 ctx->block_mask=ctx->cipher->block_size-1;
323 return 1;
324 }
325
326int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
327 {
328 if (c->cipher != NULL)
329 {
330 if(c->cipher->cleanup && !c->cipher->cleanup(c))
331 return 0;
332 /* Cleanse cipher context data */
333 if (c->cipher_data)
334 OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
335 }
336 if (c->cipher_data)
337 OPENSSL_free(c->cipher_data);
338#ifndef OPENSSL_NO_ENGINE
339 if (c->engine)
340 /* The EVP_CIPHER we used belongs to an ENGINE, release the
341 * functional reference we held for this reason. */
342 do_engine_finish(c->engine);
343#endif
344 memset(c,0,sizeof(EVP_CIPHER_CTX));
345 return 1;
346 }
347
348int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl)
349 {
350#ifdef OPENSSL_FIPS
351 FIPS_selftest_check();
352#endif
353 return ctx->cipher->do_cipher(ctx,out,in,inl);
354 }
355
356int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
357{
358 int ret;
359 if(!ctx->cipher) {
360 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
361 return 0;
362 }
363
364 if(!ctx->cipher->ctrl) {
365 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
366 return 0;
367 }
368
369 ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
370 if(ret == -1) {
371 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
372 return 0;
373 }
374 return ret;
375}
376
377unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
378 {
379 return ctx->cipher->flags;
380 }
381
382int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
383 {
384 return ctx->cipher->iv_len;
385 }
386
387int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
388 {
389 return cipher->nid;
390 }
diff --git a/src/lib/libcrypto/evp/encode.c b/src/lib/libcrypto/evp/encode.c
new file mode 100644
index 0000000000..28546a84bc
--- /dev/null
+++ b/src/lib/libcrypto/evp/encode.c
@@ -0,0 +1,445 @@
1/* crypto/evp/encode.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62
63#ifndef CHARSET_EBCDIC
64#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
65#define conv_ascii2bin(a) (data_ascii2bin[(a)&0x7f])
66#else
67/* We assume that PEM encoded files are EBCDIC files
68 * (i.e., printable text files). Convert them here while decoding.
69 * When encoding, output is EBCDIC (text) format again.
70 * (No need for conversion in the conv_bin2ascii macro, as the
71 * underlying textstring data_bin2ascii[] is already EBCDIC)
72 */
73#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
74#define conv_ascii2bin(a) (data_ascii2bin[os_toascii[a]&0x7f])
75#endif
76
77/* 64 char lines
78 * pad input with 0
79 * left over chars are set to =
80 * 1 byte => xx==
81 * 2 bytes => xxx=
82 * 3 bytes => xxxx
83 */
84#define BIN_PER_LINE (64/4*3)
85#define CHUNKS_PER_LINE (64/4)
86#define CHAR_PER_LINE (64+1)
87
88static const unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\
89abcdefghijklmnopqrstuvwxyz0123456789+/";
90
91/* 0xF0 is a EOLN
92 * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
93 * 0xF2 is EOF
94 * 0xE0 is ignore at start of line.
95 * 0xFF is error
96 */
97
98#define B64_EOLN 0xF0
99#define B64_CR 0xF1
100#define B64_EOF 0xF2
101#define B64_WS 0xE0
102#define B64_ERROR 0xFF
103#define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3)
104
105static const unsigned char data_ascii2bin[128]={
106 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
107 0xFF,0xE0,0xF0,0xFF,0xFF,0xF1,0xFF,0xFF,
108 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
109 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
110 0xE0,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
111 0xFF,0xFF,0xFF,0x3E,0xFF,0xF2,0xFF,0x3F,
112 0x34,0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,
113 0x3C,0x3D,0xFF,0xFF,0xFF,0x00,0xFF,0xFF,
114 0xFF,0x00,0x01,0x02,0x03,0x04,0x05,0x06,
115 0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,
116 0x0F,0x10,0x11,0x12,0x13,0x14,0x15,0x16,
117 0x17,0x18,0x19,0xFF,0xFF,0xFF,0xFF,0xFF,
118 0xFF,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,0x20,
119 0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,
120 0x29,0x2A,0x2B,0x2C,0x2D,0x2E,0x2F,0x30,
121 0x31,0x32,0x33,0xFF,0xFF,0xFF,0xFF,0xFF,
122 };
123
124void EVP_EncodeInit(EVP_ENCODE_CTX *ctx)
125 {
126 ctx->length=48;
127 ctx->num=0;
128 ctx->line_num=0;
129 }
130
131void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
132 const unsigned char *in, int inl)
133 {
134 int i,j;
135 unsigned int total=0;
136
137 *outl=0;
138 if (inl == 0) return;
139 OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));
140 if ((ctx->num+inl) < ctx->length)
141 {
142 memcpy(&(ctx->enc_data[ctx->num]),in,inl);
143 ctx->num+=inl;
144 return;
145 }
146 if (ctx->num != 0)
147 {
148 i=ctx->length-ctx->num;
149 memcpy(&(ctx->enc_data[ctx->num]),in,i);
150 in+=i;
151 inl-=i;
152 j=EVP_EncodeBlock(out,ctx->enc_data,ctx->length);
153 ctx->num=0;
154 out+=j;
155 *(out++)='\n';
156 *out='\0';
157 total=j+1;
158 }
159 while (inl >= ctx->length)
160 {
161 j=EVP_EncodeBlock(out,in,ctx->length);
162 in+=ctx->length;
163 inl-=ctx->length;
164 out+=j;
165 *(out++)='\n';
166 *out='\0';
167 total+=j+1;
168 }
169 if (inl != 0)
170 memcpy(&(ctx->enc_data[0]),in,inl);
171 ctx->num=inl;
172 *outl=total;
173 }
174
175void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
176 {
177 unsigned int ret=0;
178
179 if (ctx->num != 0)
180 {
181 ret=EVP_EncodeBlock(out,ctx->enc_data,ctx->num);
182 out[ret++]='\n';
183 out[ret]='\0';
184 ctx->num=0;
185 }
186 *outl=ret;
187 }
188
189int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen)
190 {
191 int i,ret=0;
192 unsigned long l;
193
194 for (i=dlen; i > 0; i-=3)
195 {
196 if (i >= 3)
197 {
198 l= (((unsigned long)f[0])<<16L)|
199 (((unsigned long)f[1])<< 8L)|f[2];
200 *(t++)=conv_bin2ascii(l>>18L);
201 *(t++)=conv_bin2ascii(l>>12L);
202 *(t++)=conv_bin2ascii(l>> 6L);
203 *(t++)=conv_bin2ascii(l );
204 }
205 else
206 {
207 l=((unsigned long)f[0])<<16L;
208 if (i == 2) l|=((unsigned long)f[1]<<8L);
209
210 *(t++)=conv_bin2ascii(l>>18L);
211 *(t++)=conv_bin2ascii(l>>12L);
212 *(t++)=(i == 1)?'=':conv_bin2ascii(l>> 6L);
213 *(t++)='=';
214 }
215 ret+=4;
216 f+=3;
217 }
218
219 *t='\0';
220 return(ret);
221 }
222
223void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
224 {
225 ctx->length=30;
226 ctx->num=0;
227 ctx->line_num=0;
228 ctx->expect_nl=0;
229 }
230
231/* -1 for error
232 * 0 for last line
233 * 1 for full line
234 */
235int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
236 const unsigned char *in, int inl)
237 {
238 int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,exp_nl;
239 unsigned char *d;
240
241 n=ctx->num;
242 d=ctx->enc_data;
243 ln=ctx->line_num;
244 exp_nl=ctx->expect_nl;
245
246 /* last line of input. */
247 if ((inl == 0) || ((n == 0) && (conv_ascii2bin(in[0]) == B64_EOF)))
248 { rv=0; goto end; }
249
250 /* We parse the input data */
251 for (i=0; i<inl; i++)
252 {
253 /* If the current line is > 80 characters, scream alot */
254 if (ln >= 80) { rv= -1; goto end; }
255
256 /* Get char and put it into the buffer */
257 tmp= *(in++);
258 v=conv_ascii2bin(tmp);
259 /* only save the good data :-) */
260 if (!B64_NOT_BASE64(v))
261 {
262 OPENSSL_assert(n < (int)sizeof(ctx->enc_data));
263 d[n++]=tmp;
264 ln++;
265 }
266 else if (v == B64_ERROR)
267 {
268 rv= -1;
269 goto end;
270 }
271
272 /* have we seen a '=' which is 'definitly' the last
273 * input line. seof will point to the character that
274 * holds it. and eof will hold how many characters to
275 * chop off. */
276 if (tmp == '=')
277 {
278 if (seof == -1) seof=n;
279 eof++;
280 }
281
282 if (v == B64_CR)
283 {
284 ln = 0;
285 if (exp_nl)
286 continue;
287 }
288
289 /* eoln */
290 if (v == B64_EOLN)
291 {
292 ln=0;
293 if (exp_nl)
294 {
295 exp_nl=0;
296 continue;
297 }
298 }
299 exp_nl=0;
300
301 /* If we are at the end of input and it looks like a
302 * line, process it. */
303 if (((i+1) == inl) && (((n&3) == 0) || eof))
304 {
305 v=B64_EOF;
306 /* In case things were given us in really small
307 records (so two '=' were given in separate
308 updates), eof may contain the incorrect number
309 of ending bytes to skip, so let's redo the count */
310 eof = 0;
311 if (d[n-1] == '=') eof++;
312 if (d[n-2] == '=') eof++;
313 /* There will never be more than two '=' */
314 }
315
316 if ((v == B64_EOF && (n&3) == 0) || (n >= 64))
317 {
318 /* This is needed to work correctly on 64 byte input
319 * lines. We process the line and then need to
320 * accept the '\n' */
321 if ((v != B64_EOF) && (n >= 64)) exp_nl=1;
322 if (n > 0)
323 {
324 v=EVP_DecodeBlock(out,d,n);
325 n=0;
326 if (v < 0) { rv=0; goto end; }
327 ret+=(v-eof);
328 }
329 else
330 {
331 eof=1;
332 v=0;
333 }
334
335 /* This is the case where we have had a short
336 * but valid input line */
337 if ((v < ctx->length) && eof)
338 {
339 rv=0;
340 goto end;
341 }
342 else
343 ctx->length=v;
344
345 if (seof >= 0) { rv=0; goto end; }
346 out+=v;
347 }
348 }
349 rv=1;
350end:
351 *outl=ret;
352 ctx->num=n;
353 ctx->line_num=ln;
354 ctx->expect_nl=exp_nl;
355 return(rv);
356 }
357
358int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n)
359 {
360 int i,ret=0,a,b,c,d;
361 unsigned long l;
362
363 /* trim white space from the start of the line. */
364 while ((conv_ascii2bin(*f) == B64_WS) && (n > 0))
365 {
366 f++;
367 n--;
368 }
369
370 /* strip off stuff at the end of the line
371 * ascii2bin values B64_WS, B64_EOLN, B64_EOLN and B64_EOF */
372 while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n-1]))))
373 n--;
374
375 if (n%4 != 0) return(-1);
376
377 for (i=0; i<n; i+=4)
378 {
379 a=conv_ascii2bin(*(f++));
380 b=conv_ascii2bin(*(f++));
381 c=conv_ascii2bin(*(f++));
382 d=conv_ascii2bin(*(f++));
383 if ( (a & 0x80) || (b & 0x80) ||
384 (c & 0x80) || (d & 0x80))
385 return(-1);
386 l=( (((unsigned long)a)<<18L)|
387 (((unsigned long)b)<<12L)|
388 (((unsigned long)c)<< 6L)|
389 (((unsigned long)d) ));
390 *(t++)=(unsigned char)(l>>16L)&0xff;
391 *(t++)=(unsigned char)(l>> 8L)&0xff;
392 *(t++)=(unsigned char)(l )&0xff;
393 ret+=3;
394 }
395 return(ret);
396 }
397
398int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
399 {
400 int i;
401
402 *outl=0;
403 if (ctx->num != 0)
404 {
405 i=EVP_DecodeBlock(out,ctx->enc_data,ctx->num);
406 if (i < 0) return(-1);
407 ctx->num=0;
408 *outl=i;
409 return(1);
410 }
411 else
412 return(1);
413 }
414
415#ifdef undef
416int EVP_DecodeValid(unsigned char *buf, int len)
417 {
418 int i,num=0,bad=0;
419
420 if (len == 0) return(-1);
421 while (conv_ascii2bin(*buf) == B64_WS)
422 {
423 buf++;
424 len--;
425 if (len == 0) return(-1);
426 }
427
428 for (i=len; i >= 4; i-=4)
429 {
430 if ( (conv_ascii2bin(buf[0]) >= 0x40) ||
431 (conv_ascii2bin(buf[1]) >= 0x40) ||
432 (conv_ascii2bin(buf[2]) >= 0x40) ||
433 (conv_ascii2bin(buf[3]) >= 0x40))
434 return(-1);
435 buf+=4;
436 num+=1+(buf[2] != '=')+(buf[3] != '=');
437 }
438 if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN))
439 return(num);
440 if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) &&
441 (conv_ascii2bin(buf[0]) == B64_EOLN))
442 return(num);
443 return(1);
444 }
445#endif
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
new file mode 100644
index 0000000000..da93e945f5
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp.h
@@ -0,0 +1,1329 @@
1/* crypto/evp/evp.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_ENVELOPE_H
60#define HEADER_ENVELOPE_H
61
62#ifdef OPENSSL_ALGORITHM_DEFINES
63# include <openssl/opensslconf.h>
64#else
65# define OPENSSL_ALGORITHM_DEFINES
66# include <openssl/opensslconf.h>
67# undef OPENSSL_ALGORITHM_DEFINES
68#endif
69
70#include <openssl/ossl_typ.h>
71
72#include <openssl/symhacks.h>
73
74#ifndef OPENSSL_NO_BIO
75#include <openssl/bio.h>
76#endif
77
78/*
79#define EVP_RC2_KEY_SIZE 16
80#define EVP_RC4_KEY_SIZE 16
81#define EVP_BLOWFISH_KEY_SIZE 16
82#define EVP_CAST5_KEY_SIZE 16
83#define EVP_RC5_32_12_16_KEY_SIZE 16
84*/
85#define EVP_MAX_MD_SIZE 64 /* longest known is SHA512 */
86#define EVP_MAX_KEY_LENGTH 32
87#define EVP_MAX_IV_LENGTH 16
88#define EVP_MAX_BLOCK_LENGTH 32
89
90#define PKCS5_SALT_LEN 8
91/* Default PKCS#5 iteration count */
92#define PKCS5_DEFAULT_ITER 2048
93
94#include <openssl/objects.h>
95
96#define EVP_PK_RSA 0x0001
97#define EVP_PK_DSA 0x0002
98#define EVP_PK_DH 0x0004
99#define EVP_PK_EC 0x0008
100#define EVP_PKT_SIGN 0x0010
101#define EVP_PKT_ENC 0x0020
102#define EVP_PKT_EXCH 0x0040
103#define EVP_PKS_RSA 0x0100
104#define EVP_PKS_DSA 0x0200
105#define EVP_PKS_EC 0x0400
106#define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
107
108#define EVP_PKEY_NONE NID_undef
109#define EVP_PKEY_RSA NID_rsaEncryption
110#define EVP_PKEY_RSA2 NID_rsa
111#define EVP_PKEY_DSA NID_dsa
112#define EVP_PKEY_DSA1 NID_dsa_2
113#define EVP_PKEY_DSA2 NID_dsaWithSHA
114#define EVP_PKEY_DSA3 NID_dsaWithSHA1
115#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
116#define EVP_PKEY_DH NID_dhKeyAgreement
117#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
118#define EVP_PKEY_HMAC NID_hmac
119
120#ifdef __cplusplus
121extern "C" {
122#endif
123
124/* Type needs to be a bit field
125 * Sub-type needs to be for variations on the method, as in, can it do
126 * arbitrary encryption.... */
127struct evp_pkey_st
128 {
129 int type;
130 int save_type;
131 int references;
132 const EVP_PKEY_ASN1_METHOD *ameth;
133 ENGINE *engine;
134 union {
135 char *ptr;
136#ifndef OPENSSL_NO_RSA
137 struct rsa_st *rsa; /* RSA */
138#endif
139#ifndef OPENSSL_NO_DSA
140 struct dsa_st *dsa; /* DSA */
141#endif
142#ifndef OPENSSL_NO_DH
143 struct dh_st *dh; /* DH */
144#endif
145#ifndef OPENSSL_NO_EC
146 struct ec_key_st *ec; /* ECC */
147#endif
148 } pkey;
149 int save_parameters;
150 STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
151 } /* EVP_PKEY */;
152
153#define EVP_PKEY_MO_SIGN 0x0001
154#define EVP_PKEY_MO_VERIFY 0x0002
155#define EVP_PKEY_MO_ENCRYPT 0x0004
156#define EVP_PKEY_MO_DECRYPT 0x0008
157
158#ifndef EVP_MD
159struct env_md_st
160 {
161 int type;
162 int pkey_type;
163 int md_size;
164 unsigned long flags;
165 int (*init)(EVP_MD_CTX *ctx);
166 int (*update)(EVP_MD_CTX *ctx,const void *data,size_t count);
167 int (*final)(EVP_MD_CTX *ctx,unsigned char *md);
168 int (*copy)(EVP_MD_CTX *to,const EVP_MD_CTX *from);
169 int (*cleanup)(EVP_MD_CTX *ctx);
170
171 /* FIXME: prototype these some day */
172 int (*sign)(int type, const unsigned char *m, unsigned int m_length,
173 unsigned char *sigret, unsigned int *siglen, void *key);
174 int (*verify)(int type, const unsigned char *m, unsigned int m_length,
175 const unsigned char *sigbuf, unsigned int siglen,
176 void *key);
177 int required_pkey_type[5]; /*EVP_PKEY_xxx */
178 int block_size;
179 int ctx_size; /* how big does the ctx->md_data need to be */
180 /* control function */
181 int (*md_ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
182 } /* EVP_MD */;
183
184typedef int evp_sign_method(int type,const unsigned char *m,
185 unsigned int m_length,unsigned char *sigret,
186 unsigned int *siglen, void *key);
187typedef int evp_verify_method(int type,const unsigned char *m,
188 unsigned int m_length,const unsigned char *sigbuf,
189 unsigned int siglen, void *key);
190
191#define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single
192 * block */
193
194#define EVP_MD_FLAG_PKEY_DIGEST 0x0002 /* digest is a "clone" digest used
195 * which is a copy of an existing
196 * one for a specific public key type.
197 * EVP_dss1() etc */
198
199/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
200
201#define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE 0x0004
202
203/* DigestAlgorithmIdentifier flags... */
204
205#define EVP_MD_FLAG_DIGALGID_MASK 0x0018
206
207/* NULL or absent parameter accepted. Use NULL */
208
209#define EVP_MD_FLAG_DIGALGID_NULL 0x0000
210
211/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */
212
213#define EVP_MD_FLAG_DIGALGID_ABSENT 0x0008
214
215/* Custom handling via ctrl */
216
217#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
218
219/* Digest ctrls */
220
221#define EVP_MD_CTRL_DIGALGID 0x1
222#define EVP_MD_CTRL_MICALG 0x2
223
224/* Minimum Algorithm specific ctrl value */
225
226#define EVP_MD_CTRL_ALG_CTRL 0x1000
227
228#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
229
230#ifndef OPENSSL_NO_DSA
231#define EVP_PKEY_DSA_method (evp_sign_method *)DSA_sign, \
232 (evp_verify_method *)DSA_verify, \
233 {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
234 EVP_PKEY_DSA4,0}
235#else
236#define EVP_PKEY_DSA_method EVP_PKEY_NULL_method
237#endif
238
239#ifndef OPENSSL_NO_ECDSA
240#define EVP_PKEY_ECDSA_method (evp_sign_method *)ECDSA_sign, \
241 (evp_verify_method *)ECDSA_verify, \
242 {EVP_PKEY_EC,0,0,0}
243#else
244#define EVP_PKEY_ECDSA_method EVP_PKEY_NULL_method
245#endif
246
247#ifndef OPENSSL_NO_RSA
248#define EVP_PKEY_RSA_method (evp_sign_method *)RSA_sign, \
249 (evp_verify_method *)RSA_verify, \
250 {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
251#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
252 (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \
253 (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \
254 {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
255#else
256#define EVP_PKEY_RSA_method EVP_PKEY_NULL_method
257#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
258#endif
259
260#endif /* !EVP_MD */
261
262struct env_md_ctx_st
263 {
264 const EVP_MD *digest;
265 ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */
266 unsigned long flags;
267 void *md_data;
268 /* Public key context for sign/verify */
269 EVP_PKEY_CTX *pctx;
270 /* Update function: usually copied from EVP_MD */
271 int (*update)(EVP_MD_CTX *ctx,const void *data,size_t count);
272 } /* EVP_MD_CTX */;
273
274/* values for EVP_MD_CTX flags */
275
276#define EVP_MD_CTX_FLAG_ONESHOT 0x0001 /* digest update will be called
277 * once only */
278#define EVP_MD_CTX_FLAG_CLEANED 0x0002 /* context has already been
279 * cleaned */
280#define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data
281 * in EVP_MD_CTX_cleanup */
282/* FIPS and pad options are ignored in 1.0.0, definitions are here
283 * so we don't accidentally reuse the values for other purposes.
284 */
285
286#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest
287 * in FIPS mode */
288
289/* The following PAD options are also currently ignored in 1.0.0, digest
290 * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*()
291 * instead.
292 */
293#define EVP_MD_CTX_FLAG_PAD_MASK 0xF0 /* RSA mode to use */
294#define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00 /* PKCS#1 v1.5 mode */
295#define EVP_MD_CTX_FLAG_PAD_X931 0x10 /* X9.31 mode */
296#define EVP_MD_CTX_FLAG_PAD_PSS 0x20 /* PSS mode */
297
298#define EVP_MD_CTX_FLAG_NO_INIT 0x0100 /* Don't initialize md_data */
299
300struct evp_cipher_st
301 {
302 int nid;
303 int block_size;
304 int key_len; /* Default value for variable length ciphers */
305 int iv_len;
306 unsigned long flags; /* Various flags */
307 int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
308 const unsigned char *iv, int enc); /* init key */
309 int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
310 const unsigned char *in, size_t inl);/* encrypt/decrypt data */
311 int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
312 int ctx_size; /* how big ctx->cipher_data needs to be */
313 int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
314 int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
315 int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
316 void *app_data; /* Application data */
317 } /* EVP_CIPHER */;
318
319/* Values for cipher flags */
320
321/* Modes for ciphers */
322
323#define EVP_CIPH_STREAM_CIPHER 0x0
324#define EVP_CIPH_ECB_MODE 0x1
325#define EVP_CIPH_CBC_MODE 0x2
326#define EVP_CIPH_CFB_MODE 0x3
327#define EVP_CIPH_OFB_MODE 0x4
328#define EVP_CIPH_MODE 0xF0007
329/* Set if variable length cipher */
330#define EVP_CIPH_VARIABLE_LENGTH 0x8
331/* Set if the iv handling should be done by the cipher itself */
332#define EVP_CIPH_CUSTOM_IV 0x10
333/* Set if the cipher's init() function should be called if key is NULL */
334#define EVP_CIPH_ALWAYS_CALL_INIT 0x20
335/* Call ctrl() to init cipher parameters */
336#define EVP_CIPH_CTRL_INIT 0x40
337/* Don't use standard key length function */
338#define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80
339/* Don't use standard block padding */
340#define EVP_CIPH_NO_PADDING 0x100
341/* cipher handles random key generation */
342#define EVP_CIPH_RAND_KEY 0x200
343/* cipher has its own additional copying logic */
344#define EVP_CIPH_CUSTOM_COPY 0x400
345/* Allow use default ASN1 get/set iv */
346#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000
347/* Buffer length in bits not bytes: CFB1 mode only */
348#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000
349
350/* ctrl() values */
351
352#define EVP_CTRL_INIT 0x0
353#define EVP_CTRL_SET_KEY_LENGTH 0x1
354#define EVP_CTRL_GET_RC2_KEY_BITS 0x2
355#define EVP_CTRL_SET_RC2_KEY_BITS 0x3
356#define EVP_CTRL_GET_RC5_ROUNDS 0x4
357#define EVP_CTRL_SET_RC5_ROUNDS 0x5
358#define EVP_CTRL_RAND_KEY 0x6
359#define EVP_CTRL_PBE_PRF_NID 0x7
360#define EVP_CTRL_COPY 0x8
361#define EVP_CTRL_SET_ACSS_MODE 0x9
362
363typedef struct evp_cipher_info_st
364 {
365 const EVP_CIPHER *cipher;
366 unsigned char iv[EVP_MAX_IV_LENGTH];
367 } EVP_CIPHER_INFO;
368
369struct evp_cipher_ctx_st
370 {
371 const EVP_CIPHER *cipher;
372 ENGINE *engine; /* functional reference if 'cipher' is ENGINE-provided */
373 int encrypt; /* encrypt or decrypt */
374 int buf_len; /* number we have left */
375
376 unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
377 unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
378 unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
379 int num; /* used by cfb/ofb mode */
380
381 void *app_data; /* application stuff */
382 int key_len; /* May change for variable length cipher */
383 unsigned long flags; /* Various flags */
384 void *cipher_data; /* per EVP data */
385 int final_used;
386 int block_mask;
387 unsigned char final[EVP_MAX_BLOCK_LENGTH];/* possible final block */
388 } /* EVP_CIPHER_CTX */;
389
390typedef struct evp_Encode_Ctx_st
391 {
392 int num; /* number saved in a partial encode/decode */
393 int length; /* The length is either the output line length
394 * (in input bytes) or the shortest input line
395 * length that is ok. Once decoding begins,
396 * the length is adjusted up each time a longer
397 * line is decoded */
398 unsigned char enc_data[80]; /* data to encode */
399 int line_num; /* number read on current line */
400 int expect_nl;
401 } EVP_ENCODE_CTX;
402
403/* Password based encryption function */
404typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
405 ASN1_TYPE *param, const EVP_CIPHER *cipher,
406 const EVP_MD *md, int en_de);
407
408#ifndef OPENSSL_NO_RSA
409#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
410 (char *)(rsa))
411#endif
412
413#ifndef OPENSSL_NO_DSA
414#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
415 (char *)(dsa))
416#endif
417
418#ifndef OPENSSL_NO_DH
419#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
420 (char *)(dh))
421#endif
422
423#ifndef OPENSSL_NO_EC
424#define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\
425 (char *)(eckey))
426#endif
427
428/* Add some extra combinations */
429#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
430#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
431#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
432#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
433
434int EVP_MD_type(const EVP_MD *md);
435#define EVP_MD_nid(e) EVP_MD_type(e)
436#define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e))
437int EVP_MD_pkey_type(const EVP_MD *md);
438int EVP_MD_size(const EVP_MD *md);
439int EVP_MD_block_size(const EVP_MD *md);
440unsigned long EVP_MD_flags(const EVP_MD *md);
441
442const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
443#define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e))
444#define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e))
445#define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e))
446
447int EVP_CIPHER_nid(const EVP_CIPHER *cipher);
448#define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e))
449int EVP_CIPHER_block_size(const EVP_CIPHER *cipher);
450int EVP_CIPHER_key_length(const EVP_CIPHER *cipher);
451int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher);
452unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher);
453#define EVP_CIPHER_mode(e) (EVP_CIPHER_flags(e) & EVP_CIPH_MODE)
454
455const EVP_CIPHER * EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
456int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
457int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
458int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
459int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
460int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
461void * EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
462void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);
463#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
464unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx);
465#define EVP_CIPHER_CTX_mode(e) (EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE)
466
467#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
468#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80)
469
470#define EVP_SignInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c)
471#define EVP_SignInit(a,b) EVP_DigestInit(a,b)
472#define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
473#define EVP_VerifyInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c)
474#define EVP_VerifyInit(a,b) EVP_DigestInit(a,b)
475#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
476#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
477#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
478#define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
479#define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
480
481#ifdef CONST_STRICT
482void BIO_set_md(BIO *,const EVP_MD *md);
483#else
484# define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
485#endif
486#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
487#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
488#define BIO_set_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp)
489#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
490#define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
491
492int EVP_Cipher(EVP_CIPHER_CTX *c,
493 unsigned char *out,
494 const unsigned char *in,
495 unsigned int inl);
496
497#define EVP_add_cipher_alias(n,alias) \
498 OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
499#define EVP_add_digest_alias(n,alias) \
500 OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
501#define EVP_delete_cipher_alias(alias) \
502 OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
503#define EVP_delete_digest_alias(alias) \
504 OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
505
506void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
507int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
508EVP_MD_CTX *EVP_MD_CTX_create(void);
509void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
510int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);
511void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
512void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
513int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx,int flags);
514int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
515int EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
516 size_t cnt);
517int EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
518int EVP_Digest(const void *data, size_t count,
519 unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl);
520
521int EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in);
522int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
523int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
524
525int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
526int EVP_read_pw_string_min(char *buf,int minlen,int maxlen,const char *prompt,int verify);
527void EVP_set_pw_prompt(const char *prompt);
528char * EVP_get_pw_prompt(void);
529
530int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
531 const unsigned char *salt, const unsigned char *data,
532 int datal, int count, unsigned char *key,unsigned char *iv);
533
534void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags);
535void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags);
536int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx,int flags);
537
538int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
539 const unsigned char *key, const unsigned char *iv);
540int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
541 const unsigned char *key, const unsigned char *iv);
542int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
543 int *outl, const unsigned char *in, int inl);
544int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
545int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
546
547int EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
548 const unsigned char *key, const unsigned char *iv);
549int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
550 const unsigned char *key, const unsigned char *iv);
551int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
552 int *outl, const unsigned char *in, int inl);
553int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
554int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
555
556int EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
557 const unsigned char *key,const unsigned char *iv,
558 int enc);
559int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
560 const unsigned char *key,const unsigned char *iv,
561 int enc);
562int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
563 int *outl, const unsigned char *in, int inl);
564int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
565int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
566
567int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
568 EVP_PKEY *pkey);
569
570int EVP_VerifyFinal(EVP_MD_CTX *ctx,const unsigned char *sigbuf,
571 unsigned int siglen,EVP_PKEY *pkey);
572
573int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
574 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
575int EVP_DigestSignFinal(EVP_MD_CTX *ctx,
576 unsigned char *sigret, size_t *siglen);
577
578int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
579 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
580int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx,
581 unsigned char *sig, size_t siglen);
582
583int EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
584 const unsigned char *ek, int ekl, const unsigned char *iv,
585 EVP_PKEY *priv);
586int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
587
588int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
589 unsigned char **ek, int *ekl, unsigned char *iv,
590 EVP_PKEY **pubk, int npubk);
591int EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
592
593void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
594void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
595 const unsigned char *in,int inl);
596void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl);
597int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
598
599void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
600int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
601 const unsigned char *in, int inl);
602int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
603 char *out, int *outl);
604int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
605
606void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
607int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
608EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
609void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a);
610int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
611int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad);
612int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
613int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
614
615#ifndef OPENSSL_NO_BIO
616BIO_METHOD *BIO_f_md(void);
617BIO_METHOD *BIO_f_base64(void);
618BIO_METHOD *BIO_f_cipher(void);
619BIO_METHOD *BIO_f_reliable(void);
620void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,const unsigned char *k,
621 const unsigned char *i, int enc);
622#endif
623
624const EVP_MD *EVP_md_null(void);
625#ifndef OPENSSL_NO_MD2
626const EVP_MD *EVP_md2(void);
627#endif
628#ifndef OPENSSL_NO_MD4
629const EVP_MD *EVP_md4(void);
630#endif
631#ifndef OPENSSL_NO_MD5
632const EVP_MD *EVP_md5(void);
633#endif
634#ifndef OPENSSL_NO_SHA
635const EVP_MD *EVP_sha(void);
636const EVP_MD *EVP_sha1(void);
637const EVP_MD *EVP_dss(void);
638const EVP_MD *EVP_dss1(void);
639const EVP_MD *EVP_ecdsa(void);
640#endif
641#ifndef OPENSSL_NO_SHA256
642const EVP_MD *EVP_sha224(void);
643const EVP_MD *EVP_sha256(void);
644#endif
645#ifndef OPENSSL_NO_SHA512
646const EVP_MD *EVP_sha384(void);
647const EVP_MD *EVP_sha512(void);
648#endif
649#ifndef OPENSSL_NO_MDC2
650const EVP_MD *EVP_mdc2(void);
651#endif
652#ifndef OPENSSL_NO_RIPEMD
653const EVP_MD *EVP_ripemd160(void);
654#endif
655#ifndef OPENSSL_NO_WHIRLPOOL
656const EVP_MD *EVP_whirlpool(void);
657#endif
658const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
659#ifndef OPENSSL_NO_DES
660const EVP_CIPHER *EVP_des_ecb(void);
661const EVP_CIPHER *EVP_des_ede(void);
662const EVP_CIPHER *EVP_des_ede3(void);
663const EVP_CIPHER *EVP_des_ede_ecb(void);
664const EVP_CIPHER *EVP_des_ede3_ecb(void);
665const EVP_CIPHER *EVP_des_cfb64(void);
666# define EVP_des_cfb EVP_des_cfb64
667const EVP_CIPHER *EVP_des_cfb1(void);
668const EVP_CIPHER *EVP_des_cfb8(void);
669const EVP_CIPHER *EVP_des_ede_cfb64(void);
670# define EVP_des_ede_cfb EVP_des_ede_cfb64
671#if 0
672const EVP_CIPHER *EVP_des_ede_cfb1(void);
673const EVP_CIPHER *EVP_des_ede_cfb8(void);
674#endif
675const EVP_CIPHER *EVP_des_ede3_cfb64(void);
676# define EVP_des_ede3_cfb EVP_des_ede3_cfb64
677const EVP_CIPHER *EVP_des_ede3_cfb1(void);
678const EVP_CIPHER *EVP_des_ede3_cfb8(void);
679const EVP_CIPHER *EVP_des_ofb(void);
680const EVP_CIPHER *EVP_des_ede_ofb(void);
681const EVP_CIPHER *EVP_des_ede3_ofb(void);
682const EVP_CIPHER *EVP_des_cbc(void);
683const EVP_CIPHER *EVP_des_ede_cbc(void);
684const EVP_CIPHER *EVP_des_ede3_cbc(void);
685const EVP_CIPHER *EVP_desx_cbc(void);
686/* This should now be supported through the dev_crypto ENGINE. But also, why are
687 * rc4 and md5 declarations made here inside a "NO_DES" precompiler branch? */
688#if 0
689# ifdef OPENSSL_OPENBSD_DEV_CRYPTO
690const EVP_CIPHER *EVP_dev_crypto_des_ede3_cbc(void);
691const EVP_CIPHER *EVP_dev_crypto_rc4(void);
692const EVP_MD *EVP_dev_crypto_md5(void);
693# endif
694#endif
695#endif
696#ifndef OPENSSL_NO_RC4
697const EVP_CIPHER *EVP_rc4(void);
698const EVP_CIPHER *EVP_rc4_40(void);
699#endif
700#ifndef OPENSSL_NO_IDEA
701const EVP_CIPHER *EVP_idea_ecb(void);
702const EVP_CIPHER *EVP_idea_cfb64(void);
703# define EVP_idea_cfb EVP_idea_cfb64
704const EVP_CIPHER *EVP_idea_ofb(void);
705const EVP_CIPHER *EVP_idea_cbc(void);
706#endif
707#ifndef OPENSSL_NO_RC2
708const EVP_CIPHER *EVP_rc2_ecb(void);
709const EVP_CIPHER *EVP_rc2_cbc(void);
710const EVP_CIPHER *EVP_rc2_40_cbc(void);
711const EVP_CIPHER *EVP_rc2_64_cbc(void);
712const EVP_CIPHER *EVP_rc2_cfb64(void);
713# define EVP_rc2_cfb EVP_rc2_cfb64
714const EVP_CIPHER *EVP_rc2_ofb(void);
715#endif
716#ifndef OPENSSL_NO_BF
717const EVP_CIPHER *EVP_bf_ecb(void);
718const EVP_CIPHER *EVP_bf_cbc(void);
719const EVP_CIPHER *EVP_bf_cfb64(void);
720# define EVP_bf_cfb EVP_bf_cfb64
721const EVP_CIPHER *EVP_bf_ofb(void);
722#endif
723#ifndef OPENSSL_NO_CAST
724const EVP_CIPHER *EVP_cast5_ecb(void);
725const EVP_CIPHER *EVP_cast5_cbc(void);
726const EVP_CIPHER *EVP_cast5_cfb64(void);
727# define EVP_cast5_cfb EVP_cast5_cfb64
728const EVP_CIPHER *EVP_cast5_ofb(void);
729#endif
730#ifndef OPENSSL_NO_RC5
731const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
732const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
733const EVP_CIPHER *EVP_rc5_32_12_16_cfb64(void);
734# define EVP_rc5_32_12_16_cfb EVP_rc5_32_12_16_cfb64
735const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
736#endif
737#ifndef OPENSSL_NO_AES
738const EVP_CIPHER *EVP_aes_128_ecb(void);
739const EVP_CIPHER *EVP_aes_128_cbc(void);
740const EVP_CIPHER *EVP_aes_128_cfb1(void);
741const EVP_CIPHER *EVP_aes_128_cfb8(void);
742const EVP_CIPHER *EVP_aes_128_cfb128(void);
743# define EVP_aes_128_cfb EVP_aes_128_cfb128
744const EVP_CIPHER *EVP_aes_128_ofb(void);
745#if 0
746const EVP_CIPHER *EVP_aes_128_ctr(void);
747#endif
748const EVP_CIPHER *EVP_aes_192_ecb(void);
749const EVP_CIPHER *EVP_aes_192_cbc(void);
750const EVP_CIPHER *EVP_aes_192_cfb1(void);
751const EVP_CIPHER *EVP_aes_192_cfb8(void);
752const EVP_CIPHER *EVP_aes_192_cfb128(void);
753# define EVP_aes_192_cfb EVP_aes_192_cfb128
754const EVP_CIPHER *EVP_aes_192_ofb(void);
755#if 0
756const EVP_CIPHER *EVP_aes_192_ctr(void);
757#endif
758const EVP_CIPHER *EVP_aes_256_ecb(void);
759const EVP_CIPHER *EVP_aes_256_cbc(void);
760const EVP_CIPHER *EVP_aes_256_cfb1(void);
761const EVP_CIPHER *EVP_aes_256_cfb8(void);
762const EVP_CIPHER *EVP_aes_256_cfb128(void);
763# define EVP_aes_256_cfb EVP_aes_256_cfb128
764const EVP_CIPHER *EVP_aes_256_ofb(void);
765#if 0
766const EVP_CIPHER *EVP_aes_256_ctr(void);
767#endif
768#endif
769#ifndef OPENSSL_NO_ACSS
770const EVP_CIPHER *EVP_acss(void);
771#endif
772#ifndef OPENSSL_NO_CAMELLIA
773const EVP_CIPHER *EVP_camellia_128_ecb(void);
774const EVP_CIPHER *EVP_camellia_128_cbc(void);
775const EVP_CIPHER *EVP_camellia_128_cfb1(void);
776const EVP_CIPHER *EVP_camellia_128_cfb8(void);
777const EVP_CIPHER *EVP_camellia_128_cfb128(void);
778# define EVP_camellia_128_cfb EVP_camellia_128_cfb128
779const EVP_CIPHER *EVP_camellia_128_ofb(void);
780const EVP_CIPHER *EVP_camellia_192_ecb(void);
781const EVP_CIPHER *EVP_camellia_192_cbc(void);
782const EVP_CIPHER *EVP_camellia_192_cfb1(void);
783const EVP_CIPHER *EVP_camellia_192_cfb8(void);
784const EVP_CIPHER *EVP_camellia_192_cfb128(void);
785# define EVP_camellia_192_cfb EVP_camellia_192_cfb128
786const EVP_CIPHER *EVP_camellia_192_ofb(void);
787const EVP_CIPHER *EVP_camellia_256_ecb(void);
788const EVP_CIPHER *EVP_camellia_256_cbc(void);
789const EVP_CIPHER *EVP_camellia_256_cfb1(void);
790const EVP_CIPHER *EVP_camellia_256_cfb8(void);
791const EVP_CIPHER *EVP_camellia_256_cfb128(void);
792# define EVP_camellia_256_cfb EVP_camellia_256_cfb128
793const EVP_CIPHER *EVP_camellia_256_ofb(void);
794#endif
795
796#ifndef OPENSSL_NO_SEED
797const EVP_CIPHER *EVP_seed_ecb(void);
798const EVP_CIPHER *EVP_seed_cbc(void);
799const EVP_CIPHER *EVP_seed_cfb128(void);
800# define EVP_seed_cfb EVP_seed_cfb128
801const EVP_CIPHER *EVP_seed_ofb(void);
802#endif
803
804void OPENSSL_add_all_algorithms_noconf(void);
805void OPENSSL_add_all_algorithms_conf(void);
806
807#ifdef OPENSSL_LOAD_CONF
808#define OpenSSL_add_all_algorithms() \
809 OPENSSL_add_all_algorithms_conf()
810#else
811#define OpenSSL_add_all_algorithms() \
812 OPENSSL_add_all_algorithms_noconf()
813#endif
814
815void OpenSSL_add_all_ciphers(void);
816void OpenSSL_add_all_digests(void);
817#define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
818#define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
819#define SSLeay_add_all_digests() OpenSSL_add_all_digests()
820
821int EVP_add_cipher(const EVP_CIPHER *cipher);
822int EVP_add_digest(const EVP_MD *digest);
823
824const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
825const EVP_MD *EVP_get_digestbyname(const char *name);
826void EVP_cleanup(void);
827
828void EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph,
829 const char *from, const char *to, void *x), void *arg);
830void EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph,
831 const char *from, const char *to, void *x), void *arg);
832
833void EVP_MD_do_all(void (*fn)(const EVP_MD *ciph,
834 const char *from, const char *to, void *x), void *arg);
835void EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *ciph,
836 const char *from, const char *to, void *x), void *arg);
837
838int EVP_PKEY_decrypt_old(unsigned char *dec_key,
839 const unsigned char *enc_key,int enc_key_len,
840 EVP_PKEY *private_key);
841int EVP_PKEY_encrypt_old(unsigned char *enc_key,
842 const unsigned char *key,int key_len,
843 EVP_PKEY *pub_key);
844int EVP_PKEY_type(int type);
845int EVP_PKEY_id(const EVP_PKEY *pkey);
846int EVP_PKEY_base_id(const EVP_PKEY *pkey);
847int EVP_PKEY_bits(EVP_PKEY *pkey);
848int EVP_PKEY_size(EVP_PKEY *pkey);
849int EVP_PKEY_set_type(EVP_PKEY *pkey,int type);
850int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
851int EVP_PKEY_assign(EVP_PKEY *pkey,int type,void *key);
852void * EVP_PKEY_get0(EVP_PKEY *pkey);
853
854#ifndef OPENSSL_NO_RSA
855struct rsa_st;
856int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,struct rsa_st *key);
857struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
858#endif
859#ifndef OPENSSL_NO_DSA
860struct dsa_st;
861int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,struct dsa_st *key);
862struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
863#endif
864#ifndef OPENSSL_NO_DH
865struct dh_st;
866int EVP_PKEY_set1_DH(EVP_PKEY *pkey,struct dh_st *key);
867struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
868#endif
869#ifndef OPENSSL_NO_EC
870struct ec_key_st;
871int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey,struct ec_key_st *key);
872struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
873#endif
874
875EVP_PKEY * EVP_PKEY_new(void);
876void EVP_PKEY_free(EVP_PKEY *pkey);
877
878EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, const unsigned char **pp,
879 long length);
880int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
881
882EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, const unsigned char **pp,
883 long length);
884EVP_PKEY * d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
885 long length);
886int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
887
888int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
889int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
890int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode);
891int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
892
893int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
894
895int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
896 int indent, ASN1_PCTX *pctx);
897int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
898 int indent, ASN1_PCTX *pctx);
899int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
900 int indent, ASN1_PCTX *pctx);
901
902int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
903
904int EVP_CIPHER_type(const EVP_CIPHER *ctx);
905
906/* calls methods */
907int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
908int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
909
910/* These are used by EVP_CIPHER methods */
911int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
912int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
913
914/* PKCS5 password based encryption */
915int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
916 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
917 int en_de);
918int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
919 const unsigned char *salt, int saltlen, int iter,
920 int keylen, unsigned char *out);
921int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
922 const unsigned char *salt, int saltlen, int iter,
923 const EVP_MD *digest,
924 int keylen, unsigned char *out);
925int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
926 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
927 int en_de);
928
929void PKCS5_PBE_add(void);
930
931int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
932 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
933
934/* PBE type */
935
936/* Can appear as the outermost AlgorithmIdentifier */
937#define EVP_PBE_TYPE_OUTER 0x0
938/* Is an PRF type OID */
939#define EVP_PBE_TYPE_PRF 0x1
940
941int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
942 EVP_PBE_KEYGEN *keygen);
943int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
944 EVP_PBE_KEYGEN *keygen);
945int EVP_PBE_find(int type, int pbe_nid,
946 int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen);
947void EVP_PBE_cleanup(void);
948
949#define ASN1_PKEY_ALIAS 0x1
950#define ASN1_PKEY_DYNAMIC 0x2
951#define ASN1_PKEY_SIGPARAM_NULL 0x4
952
953#define ASN1_PKEY_CTRL_PKCS7_SIGN 0x1
954#define ASN1_PKEY_CTRL_PKCS7_ENCRYPT 0x2
955#define ASN1_PKEY_CTRL_DEFAULT_MD_NID 0x3
956#define ASN1_PKEY_CTRL_CMS_SIGN 0x5
957#define ASN1_PKEY_CTRL_CMS_ENVELOPE 0x7
958
959int EVP_PKEY_asn1_get_count(void);
960const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
961const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
962const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
963 const char *str, int len);
964int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
965int EVP_PKEY_asn1_add_alias(int to, int from);
966int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags,
967 const char **pinfo, const char **ppem_str,
968 const EVP_PKEY_ASN1_METHOD *ameth);
969
970const EVP_PKEY_ASN1_METHOD* EVP_PKEY_get0_asn1(EVP_PKEY *pkey);
971EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags,
972 const char *pem_str, const char *info);
973void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
974 const EVP_PKEY_ASN1_METHOD *src);
975void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
976void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
977 int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub),
978 int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk),
979 int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
980 int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
981 ASN1_PCTX *pctx),
982 int (*pkey_size)(const EVP_PKEY *pk),
983 int (*pkey_bits)(const EVP_PKEY *pk));
984void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
985 int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf),
986 int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk),
987 int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
988 ASN1_PCTX *pctx));
989void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
990 int (*param_decode)(EVP_PKEY *pkey,
991 const unsigned char **pder, int derlen),
992 int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder),
993 int (*param_missing)(const EVP_PKEY *pk),
994 int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from),
995 int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
996 int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
997 ASN1_PCTX *pctx));
998
999void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
1000 void (*pkey_free)(EVP_PKEY *pkey));
1001void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
1002 int (*pkey_ctrl)(EVP_PKEY *pkey, int op,
1003 long arg1, void *arg2));
1004
1005
1006#define EVP_PKEY_OP_UNDEFINED 0
1007#define EVP_PKEY_OP_PARAMGEN (1<<1)
1008#define EVP_PKEY_OP_KEYGEN (1<<2)
1009#define EVP_PKEY_OP_SIGN (1<<3)
1010#define EVP_PKEY_OP_VERIFY (1<<4)
1011#define EVP_PKEY_OP_VERIFYRECOVER (1<<5)
1012#define EVP_PKEY_OP_SIGNCTX (1<<6)
1013#define EVP_PKEY_OP_VERIFYCTX (1<<7)
1014#define EVP_PKEY_OP_ENCRYPT (1<<8)
1015#define EVP_PKEY_OP_DECRYPT (1<<9)
1016#define EVP_PKEY_OP_DERIVE (1<<10)
1017
1018#define EVP_PKEY_OP_TYPE_SIG \
1019 (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
1020 | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
1021
1022#define EVP_PKEY_OP_TYPE_CRYPT \
1023 (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT)
1024
1025#define EVP_PKEY_OP_TYPE_NOGEN \
1026 (EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE)
1027
1028#define EVP_PKEY_OP_TYPE_GEN \
1029 (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
1030
1031#define EVP_PKEY_CTX_set_signature_md(ctx, md) \
1032 EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \
1033 EVP_PKEY_CTRL_MD, 0, (void *)md)
1034
1035#define EVP_PKEY_CTRL_MD 1
1036#define EVP_PKEY_CTRL_PEER_KEY 2
1037
1038#define EVP_PKEY_CTRL_PKCS7_ENCRYPT 3
1039#define EVP_PKEY_CTRL_PKCS7_DECRYPT 4
1040
1041#define EVP_PKEY_CTRL_PKCS7_SIGN 5
1042
1043#define EVP_PKEY_CTRL_SET_MAC_KEY 6
1044
1045#define EVP_PKEY_CTRL_DIGESTINIT 7
1046
1047/* Used by GOST key encryption in TLS */
1048#define EVP_PKEY_CTRL_SET_IV 8
1049
1050#define EVP_PKEY_CTRL_CMS_ENCRYPT 9
1051#define EVP_PKEY_CTRL_CMS_DECRYPT 10
1052#define EVP_PKEY_CTRL_CMS_SIGN 11
1053
1054#define EVP_PKEY_ALG_CTRL 0x1000
1055
1056
1057#define EVP_PKEY_FLAG_AUTOARGLEN 2
1058
1059const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
1060EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags);
1061void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
1062int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
1063
1064EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
1065EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
1066EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
1067void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
1068
1069int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
1070 int cmd, int p1, void *p2);
1071int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
1072 const char *value);
1073
1074int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
1075void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
1076
1077EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
1078 unsigned char *key, int keylen);
1079
1080void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
1081void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
1082EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx);
1083
1084EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx);
1085
1086void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
1087void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
1088
1089int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
1090int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
1091 unsigned char *sig, size_t *siglen,
1092 const unsigned char *tbs, size_t tbslen);
1093int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
1094int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
1095 const unsigned char *sig, size_t siglen,
1096 const unsigned char *tbs, size_t tbslen);
1097int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
1098int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
1099 unsigned char *rout, size_t *routlen,
1100 const unsigned char *sig, size_t siglen);
1101int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
1102int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
1103 unsigned char *out, size_t *outlen,
1104 const unsigned char *in, size_t inlen);
1105int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
1106int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
1107 unsigned char *out, size_t *outlen,
1108 const unsigned char *in, size_t inlen);
1109
1110int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
1111int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
1112int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
1113
1114typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
1115
1116int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
1117int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
1118int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
1119int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
1120
1121void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
1122EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
1123
1124int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
1125
1126void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
1127 int (*init)(EVP_PKEY_CTX *ctx));
1128
1129void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
1130 int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src));
1131
1132void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
1133 void (*cleanup)(EVP_PKEY_CTX *ctx));
1134
1135void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
1136 int (*paramgen_init)(EVP_PKEY_CTX *ctx),
1137 int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
1138
1139void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
1140 int (*keygen_init)(EVP_PKEY_CTX *ctx),
1141 int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
1142
1143void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
1144 int (*sign_init)(EVP_PKEY_CTX *ctx),
1145 int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
1146 const unsigned char *tbs, size_t tbslen));
1147
1148void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
1149 int (*verify_init)(EVP_PKEY_CTX *ctx),
1150 int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
1151 const unsigned char *tbs, size_t tbslen));
1152
1153void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
1154 int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
1155 int (*verify_recover)(EVP_PKEY_CTX *ctx,
1156 unsigned char *sig, size_t *siglen,
1157 const unsigned char *tbs, size_t tbslen));
1158
1159void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
1160 int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
1161 int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
1162 EVP_MD_CTX *mctx));
1163
1164void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
1165 int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
1166 int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen,
1167 EVP_MD_CTX *mctx));
1168
1169void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
1170 int (*encrypt_init)(EVP_PKEY_CTX *ctx),
1171 int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
1172 const unsigned char *in, size_t inlen));
1173
1174void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
1175 int (*decrypt_init)(EVP_PKEY_CTX *ctx),
1176 int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
1177 const unsigned char *in, size_t inlen));
1178
1179void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
1180 int (*derive_init)(EVP_PKEY_CTX *ctx),
1181 int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen));
1182
1183void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
1184 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
1185 int (*ctrl_str)(EVP_PKEY_CTX *ctx,
1186 const char *type, const char *value));
1187
1188/* BEGIN ERROR CODES */
1189/* The following lines are auto generated by the script mkerr.pl. Any changes
1190 * made after this point may be overwritten when the script is next run.
1191 */
1192void ERR_load_EVP_strings(void);
1193
1194/* Error codes for the EVP functions. */
1195
1196/* Function codes. */
1197#define EVP_F_AESNI_INIT_KEY 165
1198#define EVP_F_AES_INIT_KEY 133
1199#define EVP_F_CAMELLIA_INIT_KEY 159
1200#define EVP_F_D2I_PKEY 100
1201#define EVP_F_DO_SIGVER_INIT 161
1202#define EVP_F_DSAPKEY2PKCS8 134
1203#define EVP_F_DSA_PKEY2PKCS8 135
1204#define EVP_F_ECDSA_PKEY2PKCS8 129
1205#define EVP_F_ECKEY_PKEY2PKCS8 132
1206#define EVP_F_EVP_CIPHERINIT_EX 123
1207#define EVP_F_EVP_CIPHER_CTX_COPY 163
1208#define EVP_F_EVP_CIPHER_CTX_CTRL 124
1209#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
1210#define EVP_F_EVP_DECRYPTFINAL_EX 101
1211#define EVP_F_EVP_DIGESTINIT_EX 128
1212#define EVP_F_EVP_ENCRYPTFINAL_EX 127
1213#define EVP_F_EVP_MD_CTX_COPY_EX 110
1214#define EVP_F_EVP_MD_SIZE 162
1215#define EVP_F_EVP_OPENINIT 102
1216#define EVP_F_EVP_PBE_ALG_ADD 115
1217#define EVP_F_EVP_PBE_ALG_ADD_TYPE 160
1218#define EVP_F_EVP_PBE_CIPHERINIT 116
1219#define EVP_F_EVP_PKCS82PKEY 111
1220#define EVP_F_EVP_PKCS82PKEY_BROKEN 136
1221#define EVP_F_EVP_PKEY2PKCS8_BROKEN 113
1222#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
1223#define EVP_F_EVP_PKEY_CTX_CTRL 137
1224#define EVP_F_EVP_PKEY_CTX_CTRL_STR 150
1225#define EVP_F_EVP_PKEY_CTX_DUP 156
1226#define EVP_F_EVP_PKEY_DECRYPT 104
1227#define EVP_F_EVP_PKEY_DECRYPT_INIT 138
1228#define EVP_F_EVP_PKEY_DECRYPT_OLD 151
1229#define EVP_F_EVP_PKEY_DERIVE 153
1230#define EVP_F_EVP_PKEY_DERIVE_INIT 154
1231#define EVP_F_EVP_PKEY_DERIVE_SET_PEER 155
1232#define EVP_F_EVP_PKEY_ENCRYPT 105
1233#define EVP_F_EVP_PKEY_ENCRYPT_INIT 139
1234#define EVP_F_EVP_PKEY_ENCRYPT_OLD 152
1235#define EVP_F_EVP_PKEY_GET1_DH 119
1236#define EVP_F_EVP_PKEY_GET1_DSA 120
1237#define EVP_F_EVP_PKEY_GET1_ECDSA 130
1238#define EVP_F_EVP_PKEY_GET1_EC_KEY 131
1239#define EVP_F_EVP_PKEY_GET1_RSA 121
1240#define EVP_F_EVP_PKEY_KEYGEN 146
1241#define EVP_F_EVP_PKEY_KEYGEN_INIT 147
1242#define EVP_F_EVP_PKEY_NEW 106
1243#define EVP_F_EVP_PKEY_PARAMGEN 148
1244#define EVP_F_EVP_PKEY_PARAMGEN_INIT 149
1245#define EVP_F_EVP_PKEY_SIGN 140
1246#define EVP_F_EVP_PKEY_SIGN_INIT 141
1247#define EVP_F_EVP_PKEY_VERIFY 142
1248#define EVP_F_EVP_PKEY_VERIFY_INIT 143
1249#define EVP_F_EVP_PKEY_VERIFY_RECOVER 144
1250#define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 145
1251#define EVP_F_EVP_RIJNDAEL 126
1252#define EVP_F_EVP_SIGNFINAL 107
1253#define EVP_F_EVP_VERIFYFINAL 108
1254#define EVP_F_INT_CTX_NEW 157
1255#define EVP_F_PKCS5_PBE_KEYIVGEN 117
1256#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
1257#define EVP_F_PKCS8_SET_BROKEN 112
1258#define EVP_F_PKEY_SET_TYPE 158
1259#define EVP_F_RC2_MAGIC_TO_METH 109
1260#define EVP_F_RC5_CTRL 125
1261
1262/* Reason codes. */
1263#define EVP_R_AES_KEY_SETUP_FAILED 143
1264#define EVP_R_ASN1_LIB 140
1265#define EVP_R_BAD_BLOCK_LENGTH 136
1266#define EVP_R_BAD_DECRYPT 100
1267#define EVP_R_BAD_KEY_LENGTH 137
1268#define EVP_R_BN_DECODE_ERROR 112
1269#define EVP_R_BN_PUBKEY_ERROR 113
1270#define EVP_R_BUFFER_TOO_SMALL 155
1271#define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157
1272#define EVP_R_CIPHER_PARAMETER_ERROR 122
1273#define EVP_R_COMMAND_NOT_SUPPORTED 147
1274#define EVP_R_CTRL_NOT_IMPLEMENTED 132
1275#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
1276#define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138
1277#define EVP_R_DECODE_ERROR 114
1278#define EVP_R_DIFFERENT_KEY_TYPES 101
1279#define EVP_R_DIFFERENT_PARAMETERS 153
1280#define EVP_R_ENCODE_ERROR 115
1281#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
1282#define EVP_R_EXPECTING_AN_RSA_KEY 127
1283#define EVP_R_EXPECTING_A_DH_KEY 128
1284#define EVP_R_EXPECTING_A_DSA_KEY 129
1285#define EVP_R_EXPECTING_A_ECDSA_KEY 141
1286#define EVP_R_EXPECTING_A_EC_KEY 142
1287#define EVP_R_INITIALIZATION_ERROR 134
1288#define EVP_R_INPUT_NOT_INITIALIZED 111
1289#define EVP_R_INVALID_DIGEST 152
1290#define EVP_R_INVALID_KEY_LENGTH 130
1291#define EVP_R_INVALID_OPERATION 148
1292#define EVP_R_IV_TOO_LARGE 102
1293#define EVP_R_KEYGEN_FAILURE 120
1294#define EVP_R_MESSAGE_DIGEST_IS_NULL 159
1295#define EVP_R_METHOD_NOT_SUPPORTED 144
1296#define EVP_R_MISSING_PARAMETERS 103
1297#define EVP_R_NO_CIPHER_SET 131
1298#define EVP_R_NO_DEFAULT_DIGEST 158
1299#define EVP_R_NO_DIGEST_SET 139
1300#define EVP_R_NO_DSA_PARAMETERS 116
1301#define EVP_R_NO_KEY_SET 154
1302#define EVP_R_NO_OPERATION_SET 149
1303#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
1304#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
1305#define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
1306#define EVP_R_OPERATON_NOT_INITIALIZED 151
1307#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
1308#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
1309#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
1310#define EVP_R_PUBLIC_KEY_NOT_RSA 106
1311#define EVP_R_UNKNOWN_CIPHER 160
1312#define EVP_R_UNKNOWN_DIGEST 161
1313#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
1314#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
1315#define EVP_R_UNSUPPORTED_ALGORITHM 156
1316#define EVP_R_UNSUPPORTED_CIPHER 107
1317#define EVP_R_UNSUPPORTED_KEYLENGTH 123
1318#define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
1319#define EVP_R_UNSUPPORTED_KEY_SIZE 108
1320#define EVP_R_UNSUPPORTED_PRF 125
1321#define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118
1322#define EVP_R_UNSUPPORTED_SALT_TYPE 126
1323#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
1324#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
1325
1326#ifdef __cplusplus
1327}
1328#endif
1329#endif
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
new file mode 100644
index 0000000000..c268d25cb4
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -0,0 +1,604 @@
1/* crypto/evp/evp_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/err.h>
63#include <openssl/rand.h>
64#ifndef OPENSSL_NO_ENGINE
65#include <openssl/engine.h>
66#endif
67#include "evp_locl.h"
68
69const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT;
70
71void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
72 {
73 memset(ctx,0,sizeof(EVP_CIPHER_CTX));
74 /* ctx->cipher=NULL; */
75 }
76
77EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
78 {
79 EVP_CIPHER_CTX *ctx=OPENSSL_malloc(sizeof *ctx);
80 if (ctx)
81 EVP_CIPHER_CTX_init(ctx);
82 return ctx;
83 }
84
85int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
86 const unsigned char *key, const unsigned char *iv, int enc)
87 {
88 if (cipher)
89 EVP_CIPHER_CTX_init(ctx);
90 return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc);
91 }
92
93int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
94 const unsigned char *key, const unsigned char *iv, int enc)
95 {
96 if (enc == -1)
97 enc = ctx->encrypt;
98 else
99 {
100 if (enc)
101 enc = 1;
102 ctx->encrypt = enc;
103 }
104#ifndef OPENSSL_NO_ENGINE
105 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
106 * so this context may already have an ENGINE! Try to avoid releasing
107 * the previous handle, re-querying for an ENGINE, and having a
108 * reinitialisation, when it may all be unecessary. */
109 if (ctx->engine && ctx->cipher && (!cipher ||
110 (cipher && (cipher->nid == ctx->cipher->nid))))
111 goto skip_to_init;
112#endif
113 if (cipher)
114 {
115 /* Ensure a context left lying around from last time is cleared
116 * (the previous check attempted to avoid this if the same
117 * ENGINE and EVP_CIPHER could be used). */
118 EVP_CIPHER_CTX_cleanup(ctx);
119
120 /* Restore encrypt field: it is zeroed by cleanup */
121 ctx->encrypt = enc;
122#ifndef OPENSSL_NO_ENGINE
123 if(impl)
124 {
125 if (!ENGINE_init(impl))
126 {
127 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
128 return 0;
129 }
130 }
131 else
132 /* Ask if an ENGINE is reserved for this job */
133 impl = ENGINE_get_cipher_engine(cipher->nid);
134 if(impl)
135 {
136 /* There's an ENGINE for this job ... (apparently) */
137 const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid);
138 if(!c)
139 {
140 /* One positive side-effect of US's export
141 * control history, is that we should at least
142 * be able to avoid using US mispellings of
143 * "initialisation"? */
144 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
145 return 0;
146 }
147 /* We'll use the ENGINE's private cipher definition */
148 cipher = c;
149 /* Store the ENGINE functional reference so we know
150 * 'cipher' came from an ENGINE and we need to release
151 * it when done. */
152 ctx->engine = impl;
153 }
154 else
155 ctx->engine = NULL;
156#endif
157
158 ctx->cipher=cipher;
159 if (ctx->cipher->ctx_size)
160 {
161 ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
162 if (!ctx->cipher_data)
163 {
164 EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE);
165 return 0;
166 }
167 }
168 else
169 {
170 ctx->cipher_data = NULL;
171 }
172 ctx->key_len = cipher->key_len;
173 ctx->flags = 0;
174 if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT)
175 {
176 if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL))
177 {
178 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
179 return 0;
180 }
181 }
182 }
183 else if(!ctx->cipher)
184 {
185 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET);
186 return 0;
187 }
188#ifndef OPENSSL_NO_ENGINE
189skip_to_init:
190#endif
191 /* we assume block size is a power of 2 in *cryptUpdate */
192 OPENSSL_assert(ctx->cipher->block_size == 1
193 || ctx->cipher->block_size == 8
194 || ctx->cipher->block_size == 16);
195
196 if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
197 switch(EVP_CIPHER_CTX_mode(ctx)) {
198
199 case EVP_CIPH_STREAM_CIPHER:
200 case EVP_CIPH_ECB_MODE:
201 break;
202
203 case EVP_CIPH_CFB_MODE:
204 case EVP_CIPH_OFB_MODE:
205
206 ctx->num = 0;
207 /* fall-through */
208
209 case EVP_CIPH_CBC_MODE:
210
211 OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
212 (int)sizeof(ctx->iv));
213 if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
214 memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
215 break;
216
217 default:
218 return 0;
219 break;
220 }
221 }
222
223 if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
224 if(!ctx->cipher->init(ctx,key,iv,enc)) return 0;
225 }
226 ctx->buf_len=0;
227 ctx->final_used=0;
228 ctx->block_mask=ctx->cipher->block_size-1;
229 return 1;
230 }
231
232int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
233 const unsigned char *in, int inl)
234 {
235 if (ctx->encrypt)
236 return EVP_EncryptUpdate(ctx,out,outl,in,inl);
237 else return EVP_DecryptUpdate(ctx,out,outl,in,inl);
238 }
239
240int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
241 {
242 if (ctx->encrypt)
243 return EVP_EncryptFinal_ex(ctx,out,outl);
244 else return EVP_DecryptFinal_ex(ctx,out,outl);
245 }
246
247int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
248 {
249 if (ctx->encrypt)
250 return EVP_EncryptFinal(ctx,out,outl);
251 else return EVP_DecryptFinal(ctx,out,outl);
252 }
253
254int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
255 const unsigned char *key, const unsigned char *iv)
256 {
257 return EVP_CipherInit(ctx, cipher, key, iv, 1);
258 }
259
260int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
261 const unsigned char *key, const unsigned char *iv)
262 {
263 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
264 }
265
266int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
267 const unsigned char *key, const unsigned char *iv)
268 {
269 return EVP_CipherInit(ctx, cipher, key, iv, 0);
270 }
271
272int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
273 const unsigned char *key, const unsigned char *iv)
274 {
275 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
276 }
277
278int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
279 const unsigned char *in, int inl)
280 {
281 int i,j,bl;
282
283 if (inl <= 0)
284 {
285 *outl = 0;
286 return inl == 0;
287 }
288
289 if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0)
290 {
291 if(ctx->cipher->do_cipher(ctx,out,in,inl))
292 {
293 *outl=inl;
294 return 1;
295 }
296 else
297 {
298 *outl=0;
299 return 0;
300 }
301 }
302 i=ctx->buf_len;
303 bl=ctx->cipher->block_size;
304 OPENSSL_assert(bl <= (int)sizeof(ctx->buf));
305 if (i != 0)
306 {
307 if (i+inl < bl)
308 {
309 memcpy(&(ctx->buf[i]),in,inl);
310 ctx->buf_len+=inl;
311 *outl=0;
312 return 1;
313 }
314 else
315 {
316 j=bl-i;
317 memcpy(&(ctx->buf[i]),in,j);
318 if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,bl)) return 0;
319 inl-=j;
320 in+=j;
321 out+=bl;
322 *outl=bl;
323 }
324 }
325 else
326 *outl = 0;
327 i=inl&(bl-1);
328 inl-=i;
329 if (inl > 0)
330 {
331 if(!ctx->cipher->do_cipher(ctx,out,in,inl)) return 0;
332 *outl+=inl;
333 }
334
335 if (i != 0)
336 memcpy(ctx->buf,&(in[inl]),i);
337 ctx->buf_len=i;
338 return 1;
339 }
340
341int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
342 {
343 int ret;
344 ret = EVP_EncryptFinal_ex(ctx, out, outl);
345 return ret;
346 }
347
348int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
349 {
350 int n,ret;
351 unsigned int i, b, bl;
352
353 b=ctx->cipher->block_size;
354 OPENSSL_assert(b <= sizeof ctx->buf);
355 if (b == 1)
356 {
357 *outl=0;
358 return 1;
359 }
360 bl=ctx->buf_len;
361 if (ctx->flags & EVP_CIPH_NO_PADDING)
362 {
363 if(bl)
364 {
365 EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
366 return 0;
367 }
368 *outl = 0;
369 return 1;
370 }
371
372 n=b-bl;
373 for (i=bl; i<b; i++)
374 ctx->buf[i]=n;
375 ret=ctx->cipher->do_cipher(ctx,out,ctx->buf,b);
376
377
378 if(ret)
379 *outl=b;
380
381 return ret;
382 }
383
384int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
385 const unsigned char *in, int inl)
386 {
387 int fix_len;
388 unsigned int b;
389
390 if (inl <= 0)
391 {
392 *outl = 0;
393 return inl == 0;
394 }
395
396 if (ctx->flags & EVP_CIPH_NO_PADDING)
397 return EVP_EncryptUpdate(ctx, out, outl, in, inl);
398
399 b=ctx->cipher->block_size;
400 OPENSSL_assert(b <= sizeof ctx->final);
401
402 if(ctx->final_used)
403 {
404 memcpy(out,ctx->final,b);
405 out+=b;
406 fix_len = 1;
407 }
408 else
409 fix_len = 0;
410
411
412 if(!EVP_EncryptUpdate(ctx,out,outl,in,inl))
413 return 0;
414
415 /* if we have 'decrypted' a multiple of block size, make sure
416 * we have a copy of this last block */
417 if (b > 1 && !ctx->buf_len)
418 {
419 *outl-=b;
420 ctx->final_used=1;
421 memcpy(ctx->final,&out[*outl],b);
422 }
423 else
424 ctx->final_used = 0;
425
426 if (fix_len)
427 *outl += b;
428
429 return 1;
430 }
431
432int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
433 {
434 int ret;
435 ret = EVP_DecryptFinal_ex(ctx, out, outl);
436 return ret;
437 }
438
439int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
440 {
441 int i,n;
442 unsigned int b;
443
444 *outl=0;
445 b=ctx->cipher->block_size;
446 if (ctx->flags & EVP_CIPH_NO_PADDING)
447 {
448 if(ctx->buf_len)
449 {
450 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
451 return 0;
452 }
453 *outl = 0;
454 return 1;
455 }
456 if (b > 1)
457 {
458 if (ctx->buf_len || !ctx->final_used)
459 {
460 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
461 return(0);
462 }
463 OPENSSL_assert(b <= sizeof ctx->final);
464 n=ctx->final[b-1];
465 if (n == 0 || n > (int)b)
466 {
467 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
468 return(0);
469 }
470 for (i=0; i<n; i++)
471 {
472 if (ctx->final[--b] != n)
473 {
474 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
475 return(0);
476 }
477 }
478 n=ctx->cipher->block_size-n;
479 for (i=0; i<n; i++)
480 out[i]=ctx->final[i];
481 *outl=n;
482 }
483 else
484 *outl=0;
485 return(1);
486 }
487
488void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
489 {
490 if (ctx)
491 {
492 EVP_CIPHER_CTX_cleanup(ctx);
493 OPENSSL_free(ctx);
494 }
495 }
496
497int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
498 {
499 if (c->cipher != NULL)
500 {
501 if(c->cipher->cleanup && !c->cipher->cleanup(c))
502 return 0;
503 /* Cleanse cipher context data */
504 if (c->cipher_data)
505 OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
506 }
507 if (c->cipher_data)
508 OPENSSL_free(c->cipher_data);
509#ifndef OPENSSL_NO_ENGINE
510 if (c->engine)
511 /* The EVP_CIPHER we used belongs to an ENGINE, release the
512 * functional reference we held for this reason. */
513 ENGINE_finish(c->engine);
514#endif
515 memset(c,0,sizeof(EVP_CIPHER_CTX));
516 return 1;
517 }
518
519int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
520 {
521 if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
522 return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL);
523 if(c->key_len == keylen) return 1;
524 if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH))
525 {
526 c->key_len = keylen;
527 return 1;
528 }
529 EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH);
530 return 0;
531 }
532
533int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
534 {
535 if (pad) ctx->flags &= ~EVP_CIPH_NO_PADDING;
536 else ctx->flags |= EVP_CIPH_NO_PADDING;
537 return 1;
538 }
539
540int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
541{
542 int ret;
543 if(!ctx->cipher) {
544 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
545 return 0;
546 }
547
548 if(!ctx->cipher->ctrl) {
549 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
550 return 0;
551 }
552
553 ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
554 if(ret == -1) {
555 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
556 return 0;
557 }
558 return ret;
559}
560
561int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
562 {
563 if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
564 return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
565 if (RAND_bytes(key, ctx->key_len) <= 0)
566 return 0;
567 return 1;
568 }
569
570int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
571 {
572 if ((in == NULL) || (in->cipher == NULL))
573 {
574 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
575 return 0;
576 }
577#ifndef OPENSSL_NO_ENGINE
578 /* Make sure it's safe to copy a cipher context using an ENGINE */
579 if (in->engine && !ENGINE_init(in->engine))
580 {
581 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,ERR_R_ENGINE_LIB);
582 return 0;
583 }
584#endif
585
586 EVP_CIPHER_CTX_cleanup(out);
587 memcpy(out,in,sizeof *out);
588
589 if (in->cipher_data && in->cipher->ctx_size)
590 {
591 out->cipher_data=OPENSSL_malloc(in->cipher->ctx_size);
592 if (!out->cipher_data)
593 {
594 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,ERR_R_MALLOC_FAILURE);
595 return 0;
596 }
597 memcpy(out->cipher_data,in->cipher_data,in->cipher->ctx_size);
598 }
599
600 if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
601 return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out);
602 return 1;
603 }
604
diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c
new file mode 100644
index 0000000000..6b585c7483
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp_err.c
@@ -0,0 +1,219 @@
1/* crypto/evp/evp_err.c */
2/* ====================================================================
3 * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/evp.h>
64
65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason)
70
71static ERR_STRING_DATA EVP_str_functs[]=
72 {
73{ERR_FUNC(EVP_F_AESNI_INIT_KEY), "AESNI_INIT_KEY"},
74{ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
75{ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"},
76{ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
77{ERR_FUNC(EVP_F_DO_SIGVER_INIT), "DO_SIGVER_INIT"},
78{ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"},
79{ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"},
80{ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"},
81{ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"},
82{ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
83{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"},
84{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"},
85{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"},
86{ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"},
87{ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"},
88{ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"},
89{ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"},
90{ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_SIZE"},
91{ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"},
92{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"},
93{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"},
94{ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"},
95{ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"},
96{ERR_FUNC(EVP_F_EVP_PKCS82PKEY_BROKEN), "EVP_PKCS82PKEY_BROKEN"},
97{ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"},
98{ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"},
99{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"},
100{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"},
101{ERR_FUNC(EVP_F_EVP_PKEY_CTX_DUP), "EVP_PKEY_CTX_dup"},
102{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"},
103{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"},
104{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"},
105{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive"},
106{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_derive_init"},
107{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_derive_set_peer"},
108{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"},
109{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"},
110{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"},
111{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"},
112{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"},
113{ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"},
114{ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"},
115{ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"},
116{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
117{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"},
118{ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
119{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"},
120{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"},
121{ERR_FUNC(EVP_F_EVP_PKEY_SIGN), "EVP_PKEY_sign"},
122{ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT), "EVP_PKEY_sign_init"},
123{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY), "EVP_PKEY_verify"},
124{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_verify_init"},
125{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"},
126{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT), "EVP_PKEY_verify_recover_init"},
127{ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
128{ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
129{ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"},
130{ERR_FUNC(EVP_F_INT_CTX_NEW), "INT_CTX_NEW"},
131{ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"},
132{ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
133{ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"},
134{ERR_FUNC(EVP_F_PKEY_SET_TYPE), "PKEY_SET_TYPE"},
135{ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"},
136{ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"},
137{0,NULL}
138 };
139
140static ERR_STRING_DATA EVP_str_reasons[]=
141 {
142{ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED) ,"aes key setup failed"},
143{ERR_REASON(EVP_R_ASN1_LIB) ,"asn1 lib"},
144{ERR_REASON(EVP_R_BAD_BLOCK_LENGTH) ,"bad block length"},
145{ERR_REASON(EVP_R_BAD_DECRYPT) ,"bad decrypt"},
146{ERR_REASON(EVP_R_BAD_KEY_LENGTH) ,"bad key length"},
147{ERR_REASON(EVP_R_BN_DECODE_ERROR) ,"bn decode error"},
148{ERR_REASON(EVP_R_BN_PUBKEY_ERROR) ,"bn pubkey error"},
149{ERR_REASON(EVP_R_BUFFER_TOO_SMALL) ,"buffer too small"},
150{ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED),"camellia key setup failed"},
151{ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR),"cipher parameter error"},
152{ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED) ,"command not supported"},
153{ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) ,"ctrl not implemented"},
154{ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),"ctrl operation not implemented"},
155{ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),"data not multiple of block length"},
156{ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"},
157{ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"},
158{ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) ,"different parameters"},
159{ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"},
160{ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"},
161{ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"},
162{ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"},
163{ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"},
164{ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"},
165{ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) ,"expecting a ec key"},
166{ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"},
167{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"},
168{ERR_REASON(EVP_R_INVALID_DIGEST) ,"invalid digest"},
169{ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"},
170{ERR_REASON(EVP_R_INVALID_OPERATION) ,"invalid operation"},
171{ERR_REASON(EVP_R_IV_TOO_LARGE) ,"iv too large"},
172{ERR_REASON(EVP_R_KEYGEN_FAILURE) ,"keygen failure"},
173{ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL),"message digest is null"},
174{ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED) ,"method not supported"},
175{ERR_REASON(EVP_R_MISSING_PARAMETERS) ,"missing parameters"},
176{ERR_REASON(EVP_R_NO_CIPHER_SET) ,"no cipher set"},
177{ERR_REASON(EVP_R_NO_DEFAULT_DIGEST) ,"no default digest"},
178{ERR_REASON(EVP_R_NO_DIGEST_SET) ,"no digest set"},
179{ERR_REASON(EVP_R_NO_DSA_PARAMETERS) ,"no dsa parameters"},
180{ERR_REASON(EVP_R_NO_KEY_SET) ,"no key set"},
181{ERR_REASON(EVP_R_NO_OPERATION_SET) ,"no operation set"},
182{ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED),"no sign function configured"},
183{ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),"no verify function configured"},
184{ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"},
185{ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED),"operaton not initialized"},
186{ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE),"pkcs8 unknown broken type"},
187{ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR),"private key decode error"},
188{ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR),"private key encode error"},
189{ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) ,"public key not rsa"},
190{ERR_REASON(EVP_R_UNKNOWN_CIPHER) ,"unknown cipher"},
191{ERR_REASON(EVP_R_UNKNOWN_DIGEST) ,"unknown digest"},
192{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"},
193{ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"},
194{ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) ,"unsupported algorithm"},
195{ERR_REASON(EVP_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"},
196{ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH) ,"unsupported keylength"},
197{ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION),"unsupported key derivation function"},
198{ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE) ,"unsupported key size"},
199{ERR_REASON(EVP_R_UNSUPPORTED_PRF) ,"unsupported prf"},
200{ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM),"unsupported private key algorithm"},
201{ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE) ,"unsupported salt type"},
202{ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH),"wrong final block length"},
203{ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE) ,"wrong public key type"},
204{0,NULL}
205 };
206
207#endif
208
209void ERR_load_EVP_strings(void)
210 {
211#ifndef OPENSSL_NO_ERR
212
213 if (ERR_func_error_string(EVP_str_functs[0].error) == NULL)
214 {
215 ERR_load_strings(0,EVP_str_functs);
216 ERR_load_strings(0,EVP_str_reasons);
217 }
218#endif
219 }
diff --git a/src/lib/libcrypto/evp/evp_fips.c b/src/lib/libcrypto/evp/evp_fips.c
new file mode 100644
index 0000000000..cb7f4fc0fa
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp_fips.c
@@ -0,0 +1,113 @@
1/* crypto/evp/evp_fips.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project.
4 */
5/* ====================================================================
6 * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 */
53
54
55#include <openssl/evp.h>
56
57#ifdef OPENSSL_FIPS
58#include <openssl/fips.h>
59
60const EVP_CIPHER *EVP_aes_128_cbc(void) { return FIPS_evp_aes_128_cbc(); }
61const EVP_CIPHER *EVP_aes_128_ccm(void) { return FIPS_evp_aes_128_ccm(); }
62const EVP_CIPHER *EVP_aes_128_cfb1(void) { return FIPS_evp_aes_128_cfb1(); }
63const EVP_CIPHER *EVP_aes_128_cfb128(void) { return FIPS_evp_aes_128_cfb128(); }
64const EVP_CIPHER *EVP_aes_128_cfb8(void) { return FIPS_evp_aes_128_cfb8(); }
65const EVP_CIPHER *EVP_aes_128_ctr(void) { return FIPS_evp_aes_128_ctr(); }
66const EVP_CIPHER *EVP_aes_128_ecb(void) { return FIPS_evp_aes_128_ecb(); }
67const EVP_CIPHER *EVP_aes_128_gcm(void) { return FIPS_evp_aes_128_gcm(); }
68const EVP_CIPHER *EVP_aes_128_ofb(void) { return FIPS_evp_aes_128_ofb(); }
69const EVP_CIPHER *EVP_aes_128_xts(void) { return FIPS_evp_aes_128_xts(); }
70const EVP_CIPHER *EVP_aes_192_cbc(void) { return FIPS_evp_aes_192_cbc(); }
71const EVP_CIPHER *EVP_aes_192_ccm(void) { return FIPS_evp_aes_192_ccm(); }
72const EVP_CIPHER *EVP_aes_192_cfb1(void) { return FIPS_evp_aes_192_cfb1(); }
73const EVP_CIPHER *EVP_aes_192_cfb128(void) { return FIPS_evp_aes_192_cfb128(); }
74const EVP_CIPHER *EVP_aes_192_cfb8(void) { return FIPS_evp_aes_192_cfb8(); }
75const EVP_CIPHER *EVP_aes_192_ctr(void) { return FIPS_evp_aes_192_ctr(); }
76const EVP_CIPHER *EVP_aes_192_ecb(void) { return FIPS_evp_aes_192_ecb(); }
77const EVP_CIPHER *EVP_aes_192_gcm(void) { return FIPS_evp_aes_192_gcm(); }
78const EVP_CIPHER *EVP_aes_192_ofb(void) { return FIPS_evp_aes_192_ofb(); }
79const EVP_CIPHER *EVP_aes_256_cbc(void) { return FIPS_evp_aes_256_cbc(); }
80const EVP_CIPHER *EVP_aes_256_ccm(void) { return FIPS_evp_aes_256_ccm(); }
81const EVP_CIPHER *EVP_aes_256_cfb1(void) { return FIPS_evp_aes_256_cfb1(); }
82const EVP_CIPHER *EVP_aes_256_cfb128(void) { return FIPS_evp_aes_256_cfb128(); }
83const EVP_CIPHER *EVP_aes_256_cfb8(void) { return FIPS_evp_aes_256_cfb8(); }
84const EVP_CIPHER *EVP_aes_256_ctr(void) { return FIPS_evp_aes_256_ctr(); }
85const EVP_CIPHER *EVP_aes_256_ecb(void) { return FIPS_evp_aes_256_ecb(); }
86const EVP_CIPHER *EVP_aes_256_gcm(void) { return FIPS_evp_aes_256_gcm(); }
87const EVP_CIPHER *EVP_aes_256_ofb(void) { return FIPS_evp_aes_256_ofb(); }
88const EVP_CIPHER *EVP_aes_256_xts(void) { return FIPS_evp_aes_256_xts(); }
89const EVP_CIPHER *EVP_des_ede(void) { return FIPS_evp_des_ede(); }
90const EVP_CIPHER *EVP_des_ede3(void) { return FIPS_evp_des_ede3(); }
91const EVP_CIPHER *EVP_des_ede3_cbc(void) { return FIPS_evp_des_ede3_cbc(); }
92const EVP_CIPHER *EVP_des_ede3_cfb1(void) { return FIPS_evp_des_ede3_cfb1(); }
93const EVP_CIPHER *EVP_des_ede3_cfb64(void) { return FIPS_evp_des_ede3_cfb64(); }
94const EVP_CIPHER *EVP_des_ede3_cfb8(void) { return FIPS_evp_des_ede3_cfb8(); }
95const EVP_CIPHER *EVP_des_ede3_ecb(void) { return FIPS_evp_des_ede3_ecb(); }
96const EVP_CIPHER *EVP_des_ede3_ofb(void) { return FIPS_evp_des_ede3_ofb(); }
97const EVP_CIPHER *EVP_des_ede_cbc(void) { return FIPS_evp_des_ede_cbc(); }
98const EVP_CIPHER *EVP_des_ede_cfb64(void) { return FIPS_evp_des_ede_cfb64(); }
99const EVP_CIPHER *EVP_des_ede_ecb(void) { return FIPS_evp_des_ede_ecb(); }
100const EVP_CIPHER *EVP_des_ede_ofb(void) { return FIPS_evp_des_ede_ofb(); }
101const EVP_CIPHER *EVP_enc_null(void) { return FIPS_evp_enc_null(); }
102
103const EVP_MD *EVP_sha1(void) { return FIPS_evp_sha1(); }
104const EVP_MD *EVP_sha224(void) { return FIPS_evp_sha224(); }
105const EVP_MD *EVP_sha256(void) { return FIPS_evp_sha256(); }
106const EVP_MD *EVP_sha384(void) { return FIPS_evp_sha384(); }
107const EVP_MD *EVP_sha512(void) { return FIPS_evp_sha512(); }
108
109const EVP_MD *EVP_dss(void) { return FIPS_evp_dss(); }
110const EVP_MD *EVP_dss1(void) { return FIPS_evp_dss1(); }
111const EVP_MD *EVP_ecdsa(void) { return FIPS_evp_ecdsa(); }
112
113#endif
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c
new file mode 100644
index 0000000000..839d6a3a16
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp_key.c
@@ -0,0 +1,180 @@
1/* crypto/evp/evp_key.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/x509.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/ui.h>
65
66/* should be init to zeros. */
67static char prompt_string[80];
68
69void EVP_set_pw_prompt(const char *prompt)
70 {
71 if (prompt == NULL)
72 prompt_string[0]='\0';
73 else
74 {
75 strncpy(prompt_string,prompt,79);
76 prompt_string[79]='\0';
77 }
78 }
79
80char *EVP_get_pw_prompt(void)
81 {
82 if (prompt_string[0] == '\0')
83 return(NULL);
84 else
85 return(prompt_string);
86 }
87
88/* For historical reasons, the standard function for reading passwords is
89 * in the DES library -- if someone ever wants to disable DES,
90 * this function will fail */
91int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
92 {
93 return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
94 }
95
96int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, int verify)
97 {
98 int ret;
99 char buff[BUFSIZ];
100 UI *ui;
101
102 if ((prompt == NULL) && (prompt_string[0] != '\0'))
103 prompt=prompt_string;
104 ui = UI_new();
105 UI_add_input_string(ui,prompt,0,buf,min,(len>=BUFSIZ)?BUFSIZ-1:len);
106 if (verify)
107 UI_add_verify_string(ui,prompt,0,
108 buff,min,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
109 ret = UI_process(ui);
110 UI_free(ui);
111 OPENSSL_cleanse(buff,BUFSIZ);
112 return ret;
113 }
114
115int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
116 const unsigned char *salt, const unsigned char *data, int datal,
117 int count, unsigned char *key, unsigned char *iv)
118 {
119 EVP_MD_CTX c;
120 unsigned char md_buf[EVP_MAX_MD_SIZE];
121 int niv,nkey,addmd=0;
122 unsigned int mds=0,i;
123
124 nkey=type->key_len;
125 niv=type->iv_len;
126 OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
127 OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
128
129 if (data == NULL) return(nkey);
130
131 EVP_MD_CTX_init(&c);
132 for (;;)
133 {
134 if (!EVP_DigestInit_ex(&c,md, NULL))
135 return 0;
136 if (addmd++)
137 EVP_DigestUpdate(&c,&(md_buf[0]),mds);
138 EVP_DigestUpdate(&c,data,datal);
139 if (salt != NULL)
140 EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN);
141 EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
142
143 for (i=1; i<(unsigned int)count; i++)
144 {
145 EVP_DigestInit_ex(&c,md, NULL);
146 EVP_DigestUpdate(&c,&(md_buf[0]),mds);
147 EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
148 }
149 i=0;
150 if (nkey)
151 {
152 for (;;)
153 {
154 if (nkey == 0) break;
155 if (i == mds) break;
156 if (key != NULL)
157 *(key++)=md_buf[i];
158 nkey--;
159 i++;
160 }
161 }
162 if (niv && (i != mds))
163 {
164 for (;;)
165 {
166 if (niv == 0) break;
167 if (i == mds) break;
168 if (iv != NULL)
169 *(iv++)=md_buf[i];
170 niv--;
171 i++;
172 }
173 }
174 if ((nkey == 0) && (niv == 0)) break;
175 }
176 EVP_MD_CTX_cleanup(&c);
177 OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE);
178 return(type->key_len);
179 }
180
diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c
new file mode 100644
index 0000000000..40951a04f0
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp_lib.c
@@ -0,0 +1,312 @@
1/* crypto/evp/evp_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63
64int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
65 {
66 int ret;
67
68 if (c->cipher->set_asn1_parameters != NULL)
69 ret=c->cipher->set_asn1_parameters(c,type);
70 else
71 ret=-1;
72 return(ret);
73 }
74
75int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
76 {
77 int ret;
78
79 if (c->cipher->get_asn1_parameters != NULL)
80 ret=c->cipher->get_asn1_parameters(c,type);
81 else
82 ret=-1;
83 return(ret);
84 }
85
86int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
87 {
88 int i=0;
89 unsigned int l;
90
91 if (type != NULL)
92 {
93 l=EVP_CIPHER_CTX_iv_length(c);
94 OPENSSL_assert(l <= sizeof(c->iv));
95 i=ASN1_TYPE_get_octetstring(type,c->oiv,l);
96 if (i != (int)l)
97 return(-1);
98 else if (i > 0)
99 memcpy(c->iv,c->oiv,l);
100 }
101 return(i);
102 }
103
104int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
105 {
106 int i=0;
107 unsigned int j;
108
109 if (type != NULL)
110 {
111 j=EVP_CIPHER_CTX_iv_length(c);
112 OPENSSL_assert(j <= sizeof(c->iv));
113 i=ASN1_TYPE_set_octetstring(type,c->oiv,j);
114 }
115 return(i);
116 }
117
118/* Convert the various cipher NIDs and dummies to a proper OID NID */
119int EVP_CIPHER_type(const EVP_CIPHER *ctx)
120{
121 int nid;
122 ASN1_OBJECT *otmp;
123 nid = EVP_CIPHER_nid(ctx);
124
125 switch(nid) {
126
127 case NID_rc2_cbc:
128 case NID_rc2_64_cbc:
129 case NID_rc2_40_cbc:
130
131 return NID_rc2_cbc;
132
133 case NID_rc4:
134 case NID_rc4_40:
135
136 return NID_rc4;
137
138 case NID_aes_128_cfb128:
139 case NID_aes_128_cfb8:
140 case NID_aes_128_cfb1:
141
142 return NID_aes_128_cfb128;
143
144 case NID_aes_192_cfb128:
145 case NID_aes_192_cfb8:
146 case NID_aes_192_cfb1:
147
148 return NID_aes_192_cfb128;
149
150 case NID_aes_256_cfb128:
151 case NID_aes_256_cfb8:
152 case NID_aes_256_cfb1:
153
154 return NID_aes_256_cfb128;
155
156 case NID_des_cfb64:
157 case NID_des_cfb8:
158 case NID_des_cfb1:
159
160 return NID_des_cfb64;
161
162 case NID_des_ede3_cfb64:
163 case NID_des_ede3_cfb8:
164 case NID_des_ede3_cfb1:
165
166 return NID_des_cfb64;
167
168 default:
169 /* Check it has an OID and it is valid */
170 otmp = OBJ_nid2obj(nid);
171 if(!otmp || !otmp->data) nid = NID_undef;
172 ASN1_OBJECT_free(otmp);
173 return nid;
174 }
175}
176
177int EVP_CIPHER_block_size(const EVP_CIPHER *e)
178 {
179 return e->block_size;
180 }
181
182int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
183 {
184 return ctx->cipher->block_size;
185 }
186
187int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl)
188 {
189 return ctx->cipher->do_cipher(ctx,out,in,inl);
190 }
191
192const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
193 {
194 return ctx->cipher;
195 }
196
197unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher)
198 {
199 return cipher->flags;
200 }
201
202unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
203 {
204 return ctx->cipher->flags;
205 }
206
207void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
208 {
209 return ctx->app_data;
210 }
211
212void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
213 {
214 ctx->app_data = data;
215 }
216
217int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
218 {
219 return cipher->iv_len;
220 }
221
222int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
223 {
224 return ctx->cipher->iv_len;
225 }
226
227int EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
228 {
229 return cipher->key_len;
230 }
231
232int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
233 {
234 return ctx->key_len;
235 }
236
237int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
238 {
239 return cipher->nid;
240 }
241
242int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
243 {
244 return ctx->cipher->nid;
245 }
246
247int EVP_MD_block_size(const EVP_MD *md)
248 {
249 return md->block_size;
250 }
251
252int EVP_MD_type(const EVP_MD *md)
253 {
254 return md->type;
255 }
256
257int EVP_MD_pkey_type(const EVP_MD *md)
258 {
259 return md->pkey_type;
260 }
261
262int EVP_MD_size(const EVP_MD *md)
263 {
264 if (!md)
265 {
266 EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
267 return -1;
268 }
269 return md->md_size;
270 }
271
272unsigned long EVP_MD_flags(const EVP_MD *md)
273 {
274 return md->flags;
275 }
276
277const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
278 {
279 if (!ctx)
280 return NULL;
281 return ctx->digest;
282 }
283
284void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
285 {
286 ctx->flags |= flags;
287 }
288
289void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
290 {
291 ctx->flags &= ~flags;
292 }
293
294int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
295 {
296 return (ctx->flags & flags);
297 }
298
299void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
300 {
301 ctx->flags |= flags;
302 }
303
304void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
305 {
306 ctx->flags &= ~flags;
307 }
308
309int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
310 {
311 return (ctx->flags & flags);
312 }
diff --git a/src/lib/libcrypto/evp/evp_locl.h b/src/lib/libcrypto/evp/evp_locl.h
new file mode 100644
index 0000000000..292d74c188
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp_locl.h
@@ -0,0 +1,345 @@
1/* evp_locl.h */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59/* Macros to code block cipher wrappers */
60
61/* Wrapper functions for each cipher mode */
62
63#define BLOCK_CIPHER_ecb_loop() \
64 size_t i, bl; \
65 bl = ctx->cipher->block_size;\
66 if(inl < bl) return 1;\
67 inl -= bl; \
68 for(i=0; i <= inl; i+=bl)
69
70#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
71static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
72{\
73 BLOCK_CIPHER_ecb_loop() \
74 cprefix##_ecb_encrypt(in + i, out + i, &((kstruct *)ctx->cipher_data)->ksched, ctx->encrypt);\
75 return 1;\
76}
77
78#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
79
80#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
81static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
82{\
83 while(inl>=EVP_MAXCHUNK)\
84 {\
85 cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
86 inl-=EVP_MAXCHUNK;\
87 in +=EVP_MAXCHUNK;\
88 out+=EVP_MAXCHUNK;\
89 }\
90 if (inl)\
91 cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
92 return 1;\
93}
94
95#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
96static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
97{\
98 while(inl>=EVP_MAXCHUNK) \
99 {\
100 cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
101 inl-=EVP_MAXCHUNK;\
102 in +=EVP_MAXCHUNK;\
103 out+=EVP_MAXCHUNK;\
104 }\
105 if (inl)\
106 cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
107 return 1;\
108}
109
110#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
111static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
112{\
113 size_t chunk=EVP_MAXCHUNK;\
114 if (cbits==1) chunk>>=3;\
115 if (inl<chunk) chunk=inl;\
116 while(inl && inl>=chunk)\
117 {\
118 cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
119 inl-=chunk;\
120 in +=chunk;\
121 out+=chunk;\
122 if(inl<chunk) chunk=inl;\
123 }\
124 return 1;\
125}
126
127#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
128 BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
129 BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
130 BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
131 BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
132
133#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
134 key_len, iv_len, flags, init_key, cleanup, \
135 set_asn1, get_asn1, ctrl) \
136static const EVP_CIPHER cname##_##mode = { \
137 nid##_##nmode, block_size, key_len, iv_len, \
138 flags | EVP_CIPH_##MODE##_MODE, \
139 init_key, \
140 cname##_##mode##_cipher, \
141 cleanup, \
142 sizeof(kstruct), \
143 set_asn1, get_asn1,\
144 ctrl, \
145 NULL \
146}; \
147const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
148
149#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
150 iv_len, flags, init_key, cleanup, set_asn1, \
151 get_asn1, ctrl) \
152BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
153 iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
154
155#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
156 iv_len, cbits, flags, init_key, cleanup, \
157 set_asn1, get_asn1, ctrl) \
158BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
159 key_len, iv_len, flags, init_key, cleanup, set_asn1, \
160 get_asn1, ctrl)
161
162#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
163 iv_len, cbits, flags, init_key, cleanup, \
164 set_asn1, get_asn1, ctrl) \
165BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
166 key_len, iv_len, flags, init_key, cleanup, set_asn1, \
167 get_asn1, ctrl)
168
169#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
170 flags, init_key, cleanup, set_asn1, \
171 get_asn1, ctrl) \
172BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
173 0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
174
175#define BLOCK_CIPHER_defs(cname, kstruct, \
176 nid, block_size, key_len, iv_len, cbits, flags, \
177 init_key, cleanup, set_asn1, get_asn1, ctrl) \
178BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
179 init_key, cleanup, set_asn1, get_asn1, ctrl) \
180BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
181 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
182BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
183 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
184BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
185 init_key, cleanup, set_asn1, get_asn1, ctrl)
186
187
188/*
189#define BLOCK_CIPHER_defs(cname, kstruct, \
190 nid, block_size, key_len, iv_len, flags,\
191 init_key, cleanup, set_asn1, get_asn1, ctrl)\
192static const EVP_CIPHER cname##_cbc = {\
193 nid##_cbc, block_size, key_len, iv_len, \
194 flags | EVP_CIPH_CBC_MODE,\
195 init_key,\
196 cname##_cbc_cipher,\
197 cleanup,\
198 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
199 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
200 set_asn1, get_asn1,\
201 ctrl, \
202 NULL \
203};\
204const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
205static const EVP_CIPHER cname##_cfb = {\
206 nid##_cfb64, 1, key_len, iv_len, \
207 flags | EVP_CIPH_CFB_MODE,\
208 init_key,\
209 cname##_cfb_cipher,\
210 cleanup,\
211 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
212 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
213 set_asn1, get_asn1,\
214 ctrl,\
215 NULL \
216};\
217const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
218static const EVP_CIPHER cname##_ofb = {\
219 nid##_ofb64, 1, key_len, iv_len, \
220 flags | EVP_CIPH_OFB_MODE,\
221 init_key,\
222 cname##_ofb_cipher,\
223 cleanup,\
224 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
225 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
226 set_asn1, get_asn1,\
227 ctrl,\
228 NULL \
229};\
230const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
231static const EVP_CIPHER cname##_ecb = {\
232 nid##_ecb, block_size, key_len, iv_len, \
233 flags | EVP_CIPH_ECB_MODE,\
234 init_key,\
235 cname##_ecb_cipher,\
236 cleanup,\
237 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
238 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
239 set_asn1, get_asn1,\
240 ctrl,\
241 NULL \
242};\
243const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
244*/
245
246#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
247 block_size, key_len, iv_len, cbits, \
248 flags, init_key, \
249 cleanup, set_asn1, get_asn1, ctrl) \
250 BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
251 BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
252 cbits, flags, init_key, cleanup, set_asn1, \
253 get_asn1, ctrl)
254
255#define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data)
256
257#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \
258 BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
259 BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
260 NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
261 0, cipher##_init_key, NULL, \
262 EVP_CIPHER_set_asn1_iv, \
263 EVP_CIPHER_get_asn1_iv, \
264 NULL)
265
266struct evp_pkey_ctx_st
267 {
268 /* Method associated with this operation */
269 const EVP_PKEY_METHOD *pmeth;
270 /* Engine that implements this method or NULL if builtin */
271 ENGINE *engine;
272 /* Key: may be NULL */
273 EVP_PKEY *pkey;
274 /* Peer key for key agreement, may be NULL */
275 EVP_PKEY *peerkey;
276 /* Actual operation */
277 int operation;
278 /* Algorithm specific data */
279 void *data;
280 /* Application specific data */
281 void *app_data;
282 /* Keygen callback */
283 EVP_PKEY_gen_cb *pkey_gencb;
284 /* implementation specific keygen data */
285 int *keygen_info;
286 int keygen_info_count;
287 } /* EVP_PKEY_CTX */;
288
289#define EVP_PKEY_FLAG_DYNAMIC 1
290
291struct evp_pkey_method_st
292 {
293 int pkey_id;
294 int flags;
295
296 int (*init)(EVP_PKEY_CTX *ctx);
297 int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
298 void (*cleanup)(EVP_PKEY_CTX *ctx);
299
300 int (*paramgen_init)(EVP_PKEY_CTX *ctx);
301 int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
302
303 int (*keygen_init)(EVP_PKEY_CTX *ctx);
304 int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
305
306 int (*sign_init)(EVP_PKEY_CTX *ctx);
307 int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
308 const unsigned char *tbs, size_t tbslen);
309
310 int (*verify_init)(EVP_PKEY_CTX *ctx);
311 int (*verify)(EVP_PKEY_CTX *ctx,
312 const unsigned char *sig, size_t siglen,
313 const unsigned char *tbs, size_t tbslen);
314
315 int (*verify_recover_init)(EVP_PKEY_CTX *ctx);
316 int (*verify_recover)(EVP_PKEY_CTX *ctx,
317 unsigned char *rout, size_t *routlen,
318 const unsigned char *sig, size_t siglen);
319
320 int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
321 int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
322 EVP_MD_CTX *mctx);
323
324 int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
325 int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen,
326 EVP_MD_CTX *mctx);
327
328 int (*encrypt_init)(EVP_PKEY_CTX *ctx);
329 int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
330 const unsigned char *in, size_t inlen);
331
332 int (*decrypt_init)(EVP_PKEY_CTX *ctx);
333 int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
334 const unsigned char *in, size_t inlen);
335
336 int (*derive_init)(EVP_PKEY_CTX *ctx);
337 int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
338
339 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
340 int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value);
341
342
343 } /* EVP_PKEY_METHOD */;
344
345void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c
new file mode 100644
index 0000000000..c9d932d205
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp_pbe.c
@@ -0,0 +1,311 @@
1/* evp_pbe.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/pkcs12.h>
63#include <openssl/x509.h>
64
65/* Password based encryption (PBE) functions */
66
67DECLARE_STACK_OF(EVP_PBE_CTL)
68static STACK_OF(EVP_PBE_CTL) *pbe_algs;
69
70/* Setup a cipher context from a PBE algorithm */
71
72typedef struct
73 {
74 int pbe_type;
75 int pbe_nid;
76 int cipher_nid;
77 int md_nid;
78 EVP_PBE_KEYGEN *keygen;
79 } EVP_PBE_CTL;
80
81static const EVP_PBE_CTL builtin_pbe[] =
82 {
83 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC,
84 NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},
85 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC,
86 NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
87 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC,
88 NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
89
90 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4,
91 NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},
92 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4,
93 NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen},
94 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
95 NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen},
96 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
97 NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},
98 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC,
99 NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},
100 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC,
101 NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},
102
103#ifndef OPENSSL_NO_HMAC
104 {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen},
105#endif
106 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC,
107 NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen},
108 {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC,
109 NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},
110 {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC,
111 NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},
112
113
114 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0},
115 {EVP_PBE_TYPE_PRF, NID_hmacWithMD5, -1, NID_md5, 0},
116 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA224, -1, NID_sha224, 0},
117 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA256, -1, NID_sha256, 0},
118 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},
119 {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},
120 {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},
121 };
122
123#ifdef TEST
124int main(int argc, char **argv)
125 {
126 int i, nid_md, nid_cipher;
127 EVP_PBE_CTL *tpbe, *tpbe2;
128 /*OpenSSL_add_all_algorithms();*/
129
130 for (i = 0; i < sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL); i++)
131 {
132 tpbe = builtin_pbe + i;
133 fprintf(stderr, "%d %d %s ", tpbe->pbe_type, tpbe->pbe_nid,
134 OBJ_nid2sn(tpbe->pbe_nid));
135 if (EVP_PBE_find(tpbe->pbe_type, tpbe->pbe_nid,
136 &nid_cipher ,&nid_md,0))
137 fprintf(stderr, "Found %s %s\n",
138 OBJ_nid2sn(nid_cipher),
139 OBJ_nid2sn(nid_md));
140 else
141 fprintf(stderr, "Find ERROR!!\n");
142 }
143
144 return 0;
145 }
146#endif
147
148
149
150int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
151 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
152 {
153 const EVP_CIPHER *cipher;
154 const EVP_MD *md;
155 int cipher_nid, md_nid;
156 EVP_PBE_KEYGEN *keygen;
157
158 if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj),
159 &cipher_nid, &md_nid, &keygen))
160 {
161 char obj_tmp[80];
162 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM);
163 if (!pbe_obj) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp);
164 else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
165 ERR_add_error_data(2, "TYPE=", obj_tmp);
166 return 0;
167 }
168
169 if(!pass)
170 passlen = 0;
171 else if (passlen == -1)
172 passlen = strlen(pass);
173
174 if (cipher_nid == -1)
175 cipher = NULL;
176 else
177 {
178 cipher = EVP_get_cipherbynid(cipher_nid);
179 if (!cipher)
180 {
181 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_CIPHER);
182 return 0;
183 }
184 }
185
186 if (md_nid == -1)
187 md = NULL;
188 else
189 {
190 md = EVP_get_digestbynid(md_nid);
191 if (!md)
192 {
193 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_DIGEST);
194 return 0;
195 }
196 }
197
198 if (!keygen(ctx, pass, passlen, param, cipher, md, en_de))
199 {
200 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE);
201 return 0;
202 }
203 return 1;
204}
205
206DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
207
208static int pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2)
209 {
210 int ret = pbe1->pbe_type - pbe2->pbe_type;
211 if (ret)
212 return ret;
213 else
214 return pbe1->pbe_nid - pbe2->pbe_nid;
215 }
216
217IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
218
219static int pbe_cmp(const EVP_PBE_CTL * const *a, const EVP_PBE_CTL * const *b)
220 {
221 int ret = (*a)->pbe_type - (*b)->pbe_type;
222 if (ret)
223 return ret;
224 else
225 return (*a)->pbe_nid - (*b)->pbe_nid;
226 }
227
228/* Add a PBE algorithm */
229
230int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
231 EVP_PBE_KEYGEN *keygen)
232 {
233 EVP_PBE_CTL *pbe_tmp;
234 if (!pbe_algs)
235 pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
236 if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL))))
237 {
238 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE,ERR_R_MALLOC_FAILURE);
239 return 0;
240 }
241 pbe_tmp->pbe_type = pbe_type;
242 pbe_tmp->pbe_nid = pbe_nid;
243 pbe_tmp->cipher_nid = cipher_nid;
244 pbe_tmp->md_nid = md_nid;
245 pbe_tmp->keygen = keygen;
246
247
248 sk_EVP_PBE_CTL_push (pbe_algs, pbe_tmp);
249 return 1;
250 }
251
252int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
253 EVP_PBE_KEYGEN *keygen)
254 {
255 int cipher_nid, md_nid;
256 if (cipher)
257 cipher_nid = EVP_CIPHER_type(cipher);
258 else
259 cipher_nid = -1;
260 if (md)
261 md_nid = EVP_MD_type(md);
262 else
263 md_nid = -1;
264
265 return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid,
266 cipher_nid, md_nid, keygen);
267 }
268
269int EVP_PBE_find(int type, int pbe_nid,
270 int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen)
271 {
272 EVP_PBE_CTL *pbetmp = NULL, pbelu;
273 int i;
274 if (pbe_nid == NID_undef)
275 return 0;
276
277 pbelu.pbe_type = type;
278 pbelu.pbe_nid = pbe_nid;
279
280 if (pbe_algs)
281 {
282 i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu);
283 if (i != -1)
284 pbetmp = sk_EVP_PBE_CTL_value (pbe_algs, i);
285 }
286 if (pbetmp == NULL)
287 {
288 pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe,
289 sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL));
290 }
291 if (pbetmp == NULL)
292 return 0;
293 if (pcnid)
294 *pcnid = pbetmp->cipher_nid;
295 if (pmnid)
296 *pmnid = pbetmp->md_nid;
297 if (pkeygen)
298 *pkeygen = pbetmp->keygen;
299 return 1;
300 }
301
302static void free_evp_pbe_ctl(EVP_PBE_CTL *pbe)
303 {
304 OPENSSL_freeFunc(pbe);
305 }
306
307void EVP_PBE_cleanup(void)
308 {
309 sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl);
310 pbe_algs = NULL;
311 }
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c
new file mode 100644
index 0000000000..ceebf69284
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp_pkey.c
@@ -0,0 +1,242 @@
1/* evp_pkey.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include "cryptlib.h"
62#include <openssl/x509.h>
63#include <openssl/rand.h>
64#include "asn1_locl.h"
65
66/* Extract a private key from a PKCS8 structure */
67
68EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
69{
70 EVP_PKEY *pkey = NULL;
71 ASN1_OBJECT *algoid;
72 char obj_tmp[80];
73
74 if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8))
75 return NULL;
76
77 if (!(pkey = EVP_PKEY_new())) {
78 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
79 return NULL;
80 }
81
82 if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid)))
83 {
84 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
85 i2t_ASN1_OBJECT(obj_tmp, 80, algoid);
86 ERR_add_error_data(2, "TYPE=", obj_tmp);
87 goto error;
88 }
89
90 if (pkey->ameth->priv_decode)
91 {
92 if (!pkey->ameth->priv_decode(pkey, p8))
93 {
94 EVPerr(EVP_F_EVP_PKCS82PKEY,
95 EVP_R_PRIVATE_KEY_DECODE_ERROR);
96 goto error;
97 }
98 }
99 else
100 {
101 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED);
102 goto error;
103 }
104
105 return pkey;
106
107 error:
108 EVP_PKEY_free (pkey);
109 return NULL;
110}
111
112PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
113{
114 return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
115}
116
117/* Turn a private key into a PKCS8 structure */
118
119PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
120{
121 PKCS8_PRIV_KEY_INFO *p8;
122
123 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {
124 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE);
125 return NULL;
126 }
127 p8->broken = broken;
128
129 if (pkey->ameth)
130 {
131 if (pkey->ameth->priv_encode)
132 {
133 if (!pkey->ameth->priv_encode(p8, pkey))
134 {
135 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
136 EVP_R_PRIVATE_KEY_ENCODE_ERROR);
137 goto error;
138 }
139 }
140 else
141 {
142 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
143 EVP_R_METHOD_NOT_SUPPORTED);
144 goto error;
145 }
146 }
147 else
148 {
149 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
150 EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
151 goto error;
152 }
153 RAND_add(p8->pkey->value.octet_string->data,
154 p8->pkey->value.octet_string->length, 0.0);
155 return p8;
156 error:
157 PKCS8_PRIV_KEY_INFO_free(p8);
158 return NULL;
159}
160
161PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
162{
163 switch (broken) {
164
165 case PKCS8_OK:
166 p8->broken = PKCS8_OK;
167 return p8;
168 break;
169
170 case PKCS8_NO_OCTET:
171 p8->broken = PKCS8_NO_OCTET;
172 p8->pkey->type = V_ASN1_SEQUENCE;
173 return p8;
174 break;
175
176 default:
177 EVPerr(EVP_F_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
178 return NULL;
179 }
180}
181
182/* EVP_PKEY attribute functions */
183
184int EVP_PKEY_get_attr_count(const EVP_PKEY *key)
185{
186 return X509at_get_attr_count(key->attributes);
187}
188
189int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid,
190 int lastpos)
191{
192 return X509at_get_attr_by_NID(key->attributes, nid, lastpos);
193}
194
195int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj,
196 int lastpos)
197{
198 return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos);
199}
200
201X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc)
202{
203 return X509at_get_attr(key->attributes, loc);
204}
205
206X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc)
207{
208 return X509at_delete_attr(key->attributes, loc);
209}
210
211int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr)
212{
213 if(X509at_add1_attr(&key->attributes, attr)) return 1;
214 return 0;
215}
216
217int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
218 const ASN1_OBJECT *obj, int type,
219 const unsigned char *bytes, int len)
220{
221 if(X509at_add1_attr_by_OBJ(&key->attributes, obj,
222 type, bytes, len)) return 1;
223 return 0;
224}
225
226int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
227 int nid, int type,
228 const unsigned char *bytes, int len)
229{
230 if(X509at_add1_attr_by_NID(&key->attributes, nid,
231 type, bytes, len)) return 1;
232 return 0;
233}
234
235int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
236 const char *attrname, int type,
237 const unsigned char *bytes, int len)
238{
239 if(X509at_add1_attr_by_txt(&key->attributes, attrname,
240 type, bytes, len)) return 1;
241 return 0;
242}
diff --git a/src/lib/libcrypto/evp/evptests.txt b/src/lib/libcrypto/evp/evptests.txt
index c273707c14..beb12144b6 100644
--- a/src/lib/libcrypto/evp/evptests.txt
+++ b/src/lib/libcrypto/evp/evptests.txt
@@ -158,19 +158,6 @@ AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7B
158AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0 158AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0
159AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0 159AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0
160 160
161# AES Counter test vectors from RFC3686
162aes-128-ctr:AE6852F8121067CC4BF7A5765577F39E:00000030000000000000000000000001:53696E676C6520626C6F636B206D7367:E4095D4FB7A7B3792D6175A3261311B8:1
163aes-128-ctr:7E24067817FAE0D743D6CE1F32539163:006CB6DBC0543B59DA48D90B00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28:1
164aes-128-ctr:7691BE035E5020A8AC6E618529F9A0DC:00E0017B27777F3F4A1786F000000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F:1
165
166aes-192-ctr:16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515:0000004836733C147D6D93CB00000001:53696E676C6520626C6F636B206D7367:4B55384FE259C9C84E7935A003CBE928:1
167aes-192-ctr:7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A:0096B03B020C6EADC2CB500D00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:453243FC609B23327EDFAAFA7131CD9F8490701C5AD4A79CFC1FE0FF42F4FB00:1
168aes-192-ctr:02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE:0007BDFD5CBD60278DCC091200000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:96893FC55E5C722F540B7DD1DDF7E758D288BC95C69165884536C811662F2188ABEE0935:1
169
170aes-256-ctr:776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104:00000060DB5672C97AA8F0B200000001:53696E676C6520626C6F636B206D7367:145AD01DBF824EC7560863DC71E3E0C0:1
171aes-256-ctr:F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884:00FAAC24C1585EF15A43D87500000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C:1
172aes-256-ctr:FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D:001CC5B751A51D70A1C1114800000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8:1
173
174# DES ECB tests (from destest) 161# DES ECB tests (from destest)
175 162
176DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7 163DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7
diff --git a/src/lib/libcrypto/evp/m_dss.c b/src/lib/libcrypto/evp/m_dss.c
new file mode 100644
index 0000000000..48c2689504
--- /dev/null
+++ b/src/lib/libcrypto/evp/m_dss.c
@@ -0,0 +1,99 @@
1/* crypto/evp/m_dss.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64#ifndef OPENSSL_NO_DSA
65#include <openssl/dsa.h>
66#endif
67
68#ifndef OPENSSL_NO_SHA
69
70static int init(EVP_MD_CTX *ctx)
71 { return SHA1_Init(ctx->md_data); }
72
73static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
74 { return SHA1_Update(ctx->md_data,data,count); }
75
76static int final(EVP_MD_CTX *ctx,unsigned char *md)
77 { return SHA1_Final(md,ctx->md_data); }
78
79static const EVP_MD dsa_md=
80 {
81 NID_dsaWithSHA,
82 NID_dsaWithSHA,
83 SHA_DIGEST_LENGTH,
84 EVP_MD_FLAG_PKEY_DIGEST,
85 init,
86 update,
87 final,
88 NULL,
89 NULL,
90 EVP_PKEY_DSA_method,
91 SHA_CBLOCK,
92 sizeof(EVP_MD *)+sizeof(SHA_CTX),
93 };
94
95const EVP_MD *EVP_dss(void)
96 {
97 return(&dsa_md);
98 }
99#endif
diff --git a/src/lib/libcrypto/evp/m_dss1.c b/src/lib/libcrypto/evp/m_dss1.c
new file mode 100644
index 0000000000..4f03fb70e0
--- /dev/null
+++ b/src/lib/libcrypto/evp/m_dss1.c
@@ -0,0 +1,100 @@
1/* crypto/evp/m_dss1.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_SHA
63
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include <openssl/x509.h>
67#ifndef OPENSSL_NO_DSA
68#include <openssl/dsa.h>
69#endif
70
71static int init(EVP_MD_CTX *ctx)
72 { return SHA1_Init(ctx->md_data); }
73
74static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
75 { return SHA1_Update(ctx->md_data,data,count); }
76
77static int final(EVP_MD_CTX *ctx,unsigned char *md)
78 { return SHA1_Final(md,ctx->md_data); }
79
80static const EVP_MD dss1_md=
81 {
82 NID_dsa,
83 NID_dsaWithSHA1,
84 SHA_DIGEST_LENGTH,
85 EVP_MD_FLAG_PKEY_DIGEST,
86 init,
87 update,
88 final,
89 NULL,
90 NULL,
91 EVP_PKEY_DSA_method,
92 SHA_CBLOCK,
93 sizeof(EVP_MD *)+sizeof(SHA_CTX),
94 };
95
96const EVP_MD *EVP_dss1(void)
97 {
98 return(&dss1_md);
99 }
100#endif
diff --git a/src/lib/libcrypto/evp/dig_eng.c b/src/lib/libcrypto/evp/m_ecdsa.c
index 64cdf9366c..4b15fb0f6c 100644
--- a/src/lib/libcrypto/evp/dig_eng.c
+++ b/src/lib/libcrypto/evp/m_ecdsa.c
@@ -1,4 +1,57 @@
1/* crypto/evp/digest.c */ 1/* crypto/evp/m_ecdsa.c */
2/* ====================================================================
3 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 55/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 56 * All rights reserved.
4 * 57 *
@@ -55,126 +108,44 @@
55 * copied and put under another distribution licence 108 * copied and put under another distribution licence
56 * [including the GNU Public Licence.] 109 * [including the GNU Public Licence.]
57 */ 110 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111 111
112#include <stdio.h> 112#include <stdio.h>
113#include "cryptlib.h" 113#include "cryptlib.h"
114#include <openssl/objects.h>
115#include <openssl/evp.h> 114#include <openssl/evp.h>
116#ifndef OPENSSL_NO_ENGINE 115#include <openssl/objects.h>
117#include <openssl/engine.h> 116#include <openssl/x509.h>
118#endif
119#include "evp_locl.h"
120 117
121#ifndef OPENSSL_NO_ENGINE 118#ifndef OPENSSL_NO_SHA
119#ifndef OPENSSL_FIPS
122 120
123#ifdef OPENSSL_FIPS 121static int init(EVP_MD_CTX *ctx)
122 { return SHA1_Init(ctx->md_data); }
124 123
125static int do_evp_md_engine_full(EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) 124static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
125 { return SHA1_Update(ctx->md_data,data,count); }
126
127static int final(EVP_MD_CTX *ctx,unsigned char *md)
128 { return SHA1_Final(md,ctx->md_data); }
129
130static const EVP_MD ecdsa_md=
126 { 131 {
127 if (*ptype) 132 NID_ecdsa_with_SHA1,
128 { 133 NID_ecdsa_with_SHA1,
129 /* Ensure an ENGINE left lying around from last time is cleared 134 SHA_DIGEST_LENGTH,
130 * (the previous check attempted to avoid this if the same 135 EVP_MD_FLAG_PKEY_DIGEST,
131 * ENGINE and EVP_MD could be used). */ 136 init,
132 if(ctx->engine) 137 update,
133 ENGINE_finish(ctx->engine); 138 final,
134 if(impl) 139 NULL,
135 { 140 NULL,
136 if (!ENGINE_init(impl)) 141 EVP_PKEY_ECDSA_method,
137 { 142 SHA_CBLOCK,
138 EVPerr(EVP_F_DO_EVP_MD_ENGINE_FULL,EVP_R_INITIALIZATION_ERROR); 143 sizeof(EVP_MD *)+sizeof(SHA_CTX),
139 return 0; 144 };
140 }
141 }
142 else
143 /* Ask if an ENGINE is reserved for this job */
144 impl = ENGINE_get_digest_engine((*ptype)->type);
145 if(impl)
146 {
147 /* There's an ENGINE for this job ... (apparently) */
148 const EVP_MD *d = ENGINE_get_digest(impl, (*ptype)->type);
149 if(!d)
150 {
151 /* Same comment from evp_enc.c */
152 EVPerr(EVP_F_DO_EVP_MD_ENGINE_FULL,EVP_R_INITIALIZATION_ERROR);
153 return 0;
154 }
155 /* We'll use the ENGINE's private digest definition */
156 *ptype = d;
157 /* Store the ENGINE functional reference so we know
158 * 'type' came from an ENGINE and we need to release
159 * it when done. */
160 ctx->engine = impl;
161 }
162 else
163 ctx->engine = NULL;
164 }
165 else
166 if(!ctx->digest)
167 {
168 EVPerr(EVP_F_DO_EVP_MD_ENGINE_FULL,EVP_R_NO_DIGEST_SET);
169 return 0;
170 }
171 return 1;
172 }
173 145
174void int_EVP_MD_init_engine_callbacks(void) 146const EVP_MD *EVP_ecdsa(void)
175 { 147 {
176 int_EVP_MD_set_engine_callbacks( 148 return(&ecdsa_md);
177 ENGINE_init, ENGINE_finish, do_evp_md_engine_full);
178 } 149 }
179#endif 150#endif
180#endif 151#endif
diff --git a/src/lib/libcrypto/evp/m_md4.c b/src/lib/libcrypto/evp/m_md4.c
new file mode 100644
index 0000000000..1e0b7c5b42
--- /dev/null
+++ b/src/lib/libcrypto/evp/m_md4.c
@@ -0,0 +1,101 @@
1/* crypto/evp/m_md4.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_MD4
63
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include <openssl/x509.h>
67#include <openssl/md4.h>
68#ifndef OPENSSL_NO_RSA
69#include <openssl/rsa.h>
70#endif
71
72static int init(EVP_MD_CTX *ctx)
73 { return MD4_Init(ctx->md_data); }
74
75static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
76 { return MD4_Update(ctx->md_data,data,count); }
77
78static int final(EVP_MD_CTX *ctx,unsigned char *md)
79 { return MD4_Final(md,ctx->md_data); }
80
81static const EVP_MD md4_md=
82 {
83 NID_md4,
84 NID_md4WithRSAEncryption,
85 MD4_DIGEST_LENGTH,
86 0,
87 init,
88 update,
89 final,
90 NULL,
91 NULL,
92 EVP_PKEY_RSA_method,
93 MD4_CBLOCK,
94 sizeof(EVP_MD *)+sizeof(MD4_CTX),
95 };
96
97const EVP_MD *EVP_md4(void)
98 {
99 return(&md4_md);
100 }
101#endif
diff --git a/src/lib/libcrypto/evp/m_md5.c b/src/lib/libcrypto/evp/m_md5.c
new file mode 100644
index 0000000000..63c142119e
--- /dev/null
+++ b/src/lib/libcrypto/evp/m_md5.c
@@ -0,0 +1,101 @@
1/* crypto/evp/m_md5.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_MD5
63
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include <openssl/x509.h>
67#include <openssl/md5.h>
68#ifndef OPENSSL_NO_RSA
69#include <openssl/rsa.h>
70#endif
71
72static int init(EVP_MD_CTX *ctx)
73 { return MD5_Init(ctx->md_data); }
74
75static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
76 { return MD5_Update(ctx->md_data,data,count); }
77
78static int final(EVP_MD_CTX *ctx,unsigned char *md)
79 { return MD5_Final(md,ctx->md_data); }
80
81static const EVP_MD md5_md=
82 {
83 NID_md5,
84 NID_md5WithRSAEncryption,
85 MD5_DIGEST_LENGTH,
86 0,
87 init,
88 update,
89 final,
90 NULL,
91 NULL,
92 EVP_PKEY_RSA_method,
93 MD5_CBLOCK,
94 sizeof(EVP_MD *)+sizeof(MD5_CTX),
95 };
96
97const EVP_MD *EVP_md5(void)
98 {
99 return(&md5_md);
100 }
101#endif
diff --git a/src/lib/libcrypto/evp/m_mdc2.c b/src/lib/libcrypto/evp/m_mdc2.c
index 3602bed316..b08d559803 100644
--- a/src/lib/libcrypto/evp/m_mdc2.c
+++ b/src/lib/libcrypto/evp/m_mdc2.c
@@ -69,8 +69,6 @@
69#include <openssl/rsa.h> 69#include <openssl/rsa.h>
70#endif 70#endif
71 71
72#include "evp_locl.h"
73
74static int init(EVP_MD_CTX *ctx) 72static int init(EVP_MD_CTX *ctx)
75 { return MDC2_Init(ctx->md_data); } 73 { return MDC2_Init(ctx->md_data); }
76 74
diff --git a/src/lib/libcrypto/evp/m_null.c b/src/lib/libcrypto/evp/m_null.c
new file mode 100644
index 0000000000..cb0721699d
--- /dev/null
+++ b/src/lib/libcrypto/evp/m_null.c
@@ -0,0 +1,95 @@
1/* crypto/evp/m_null.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65static int init(EVP_MD_CTX *ctx)
66 { return 1; }
67
68static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
69 { return 1; }
70
71static int final(EVP_MD_CTX *ctx,unsigned char *md)
72 { return 1; }
73
74static const EVP_MD null_md=
75 {
76 NID_undef,
77 NID_undef,
78 0,
79 0,
80 init,
81 update,
82 final,
83 NULL,
84 NULL,
85 EVP_PKEY_NULL_method,
86 0,
87 sizeof(EVP_MD *),
88 };
89
90const EVP_MD *EVP_md_null(void)
91 {
92 return(&null_md);
93 }
94
95
diff --git a/src/lib/libcrypto/evp/m_ripemd.c b/src/lib/libcrypto/evp/m_ripemd.c
new file mode 100644
index 0000000000..a1d60ee78d
--- /dev/null
+++ b/src/lib/libcrypto/evp/m_ripemd.c
@@ -0,0 +1,101 @@
1/* crypto/evp/m_ripemd.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_RIPEMD
63
64#include <openssl/ripemd.h>
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
68#ifndef OPENSSL_NO_RSA
69#include <openssl/rsa.h>
70#endif
71
72static int init(EVP_MD_CTX *ctx)
73 { return RIPEMD160_Init(ctx->md_data); }
74
75static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
76 { return RIPEMD160_Update(ctx->md_data,data,count); }
77
78static int final(EVP_MD_CTX *ctx,unsigned char *md)
79 { return RIPEMD160_Final(md,ctx->md_data); }
80
81static const EVP_MD ripemd160_md=
82 {
83 NID_ripemd160,
84 NID_ripemd160WithRSA,
85 RIPEMD160_DIGEST_LENGTH,
86 0,
87 init,
88 update,
89 final,
90 NULL,
91 NULL,
92 EVP_PKEY_RSA_method,
93 RIPEMD160_CBLOCK,
94 sizeof(EVP_MD *)+sizeof(RIPEMD160_CTX),
95 };
96
97const EVP_MD *EVP_ripemd160(void)
98 {
99 return(&ripemd160_md);
100 }
101#endif
diff --git a/src/lib/libcrypto/evp/m_sha.c b/src/lib/libcrypto/evp/m_sha.c
index 8769cdd42f..acccc8f92d 100644
--- a/src/lib/libcrypto/evp/m_sha.c
+++ b/src/lib/libcrypto/evp/m_sha.c
@@ -67,7 +67,6 @@
67#ifndef OPENSSL_NO_RSA 67#ifndef OPENSSL_NO_RSA
68#include <openssl/rsa.h> 68#include <openssl/rsa.h>
69#endif 69#endif
70#include "evp_locl.h"
71 70
72static int init(EVP_MD_CTX *ctx) 71static int init(EVP_MD_CTX *ctx)
73 { return SHA_Init(ctx->md_data); } 72 { return SHA_Init(ctx->md_data); }
diff --git a/src/lib/libcrypto/evp/m_sha1.c b/src/lib/libcrypto/evp/m_sha1.c
new file mode 100644
index 0000000000..9a2790fdea
--- /dev/null
+++ b/src/lib/libcrypto/evp/m_sha1.c
@@ -0,0 +1,204 @@
1/* crypto/evp/m_sha1.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_SHA
63
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include <openssl/x509.h>
67#ifndef OPENSSL_NO_RSA
68#include <openssl/rsa.h>
69#endif
70
71static int init(EVP_MD_CTX *ctx)
72 { return SHA1_Init(ctx->md_data); }
73
74static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
75 { return SHA1_Update(ctx->md_data,data,count); }
76
77static int final(EVP_MD_CTX *ctx,unsigned char *md)
78 { return SHA1_Final(md,ctx->md_data); }
79
80static const EVP_MD sha1_md=
81 {
82 NID_sha1,
83 NID_sha1WithRSAEncryption,
84 SHA_DIGEST_LENGTH,
85 EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
86 init,
87 update,
88 final,
89 NULL,
90 NULL,
91 EVP_PKEY_RSA_method,
92 SHA_CBLOCK,
93 sizeof(EVP_MD *)+sizeof(SHA_CTX),
94 };
95
96const EVP_MD *EVP_sha1(void)
97 {
98 return(&sha1_md);
99 }
100#endif
101
102#ifndef OPENSSL_NO_SHA256
103static int init224(EVP_MD_CTX *ctx)
104 { return SHA224_Init(ctx->md_data); }
105static int init256(EVP_MD_CTX *ctx)
106 { return SHA256_Init(ctx->md_data); }
107/*
108 * Even though there're separate SHA224_[Update|Final], we call
109 * SHA256 functions even in SHA224 context. This is what happens
110 * there anyway, so we can spare few CPU cycles:-)
111 */
112static int update256(EVP_MD_CTX *ctx,const void *data,size_t count)
113 { return SHA256_Update(ctx->md_data,data,count); }
114static int final256(EVP_MD_CTX *ctx,unsigned char *md)
115 { return SHA256_Final(md,ctx->md_data); }
116
117static const EVP_MD sha224_md=
118 {
119 NID_sha224,
120 NID_sha224WithRSAEncryption,
121 SHA224_DIGEST_LENGTH,
122 EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
123 init224,
124 update256,
125 final256,
126 NULL,
127 NULL,
128 EVP_PKEY_RSA_method,
129 SHA256_CBLOCK,
130 sizeof(EVP_MD *)+sizeof(SHA256_CTX),
131 };
132
133const EVP_MD *EVP_sha224(void)
134 { return(&sha224_md); }
135
136static const EVP_MD sha256_md=
137 {
138 NID_sha256,
139 NID_sha256WithRSAEncryption,
140 SHA256_DIGEST_LENGTH,
141 EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
142 init256,
143 update256,
144 final256,
145 NULL,
146 NULL,
147 EVP_PKEY_RSA_method,
148 SHA256_CBLOCK,
149 sizeof(EVP_MD *)+sizeof(SHA256_CTX),
150 };
151
152const EVP_MD *EVP_sha256(void)
153 { return(&sha256_md); }
154#endif /* ifndef OPENSSL_NO_SHA256 */
155
156#ifndef OPENSSL_NO_SHA512
157static int init384(EVP_MD_CTX *ctx)
158 { return SHA384_Init(ctx->md_data); }
159static int init512(EVP_MD_CTX *ctx)
160 { return SHA512_Init(ctx->md_data); }
161/* See comment in SHA224/256 section */
162static int update512(EVP_MD_CTX *ctx,const void *data,size_t count)
163 { return SHA512_Update(ctx->md_data,data,count); }
164static int final512(EVP_MD_CTX *ctx,unsigned char *md)
165 { return SHA512_Final(md,ctx->md_data); }
166
167static const EVP_MD sha384_md=
168 {
169 NID_sha384,
170 NID_sha384WithRSAEncryption,
171 SHA384_DIGEST_LENGTH,
172 EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
173 init384,
174 update512,
175 final512,
176 NULL,
177 NULL,
178 EVP_PKEY_RSA_method,
179 SHA512_CBLOCK,
180 sizeof(EVP_MD *)+sizeof(SHA512_CTX),
181 };
182
183const EVP_MD *EVP_sha384(void)
184 { return(&sha384_md); }
185
186static const EVP_MD sha512_md=
187 {
188 NID_sha512,
189 NID_sha512WithRSAEncryption,
190 SHA512_DIGEST_LENGTH,
191 EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
192 init512,
193 update512,
194 final512,
195 NULL,
196 NULL,
197 EVP_PKEY_RSA_method,
198 SHA512_CBLOCK,
199 sizeof(EVP_MD *)+sizeof(SHA512_CTX),
200 };
201
202const EVP_MD *EVP_sha512(void)
203 { return(&sha512_md); }
204#endif /* ifndef OPENSSL_NO_SHA512 */
diff --git a/src/lib/libcrypto/evp/m_sigver.c b/src/lib/libcrypto/evp/m_sigver.c
new file mode 100644
index 0000000000..7e2731f4a4
--- /dev/null
+++ b/src/lib/libcrypto/evp/m_sigver.c
@@ -0,0 +1,200 @@
1/* m_sigver.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006.
4 */
5/* ====================================================================
6 * Copyright (c) 2006,2007 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64#include "evp_locl.h"
65
66static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
67 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey,
68 int ver)
69 {
70 if (ctx->pctx == NULL)
71 ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
72 if (ctx->pctx == NULL)
73 return 0;
74
75 if (type == NULL)
76 {
77 int def_nid;
78 if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
79 type = EVP_get_digestbynid(def_nid);
80 }
81
82 if (type == NULL)
83 {
84 EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
85 return 0;
86 }
87
88 if (ver)
89 {
90 if (ctx->pctx->pmeth->verifyctx_init)
91 {
92 if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx) <=0)
93 return 0;
94 ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
95 }
96 else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
97 return 0;
98 }
99 else
100 {
101 if (ctx->pctx->pmeth->signctx_init)
102 {
103 if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
104 return 0;
105 ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
106 }
107 else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
108 return 0;
109 }
110 if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
111 return 0;
112 if (pctx)
113 *pctx = ctx->pctx;
114 if (!EVP_DigestInit_ex(ctx, type, e))
115 return 0;
116 return 1;
117 }
118
119int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
120 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
121 {
122 return do_sigver_init(ctx, pctx, type, e, pkey, 0);
123 }
124
125int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
126 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
127 {
128 return do_sigver_init(ctx, pctx, type, e, pkey, 1);
129 }
130
131int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
132 {
133 int sctx, r = 0;
134 if (ctx->pctx->pmeth->signctx)
135 sctx = 1;
136 else
137 sctx = 0;
138 if (sigret)
139 {
140 EVP_MD_CTX tmp_ctx;
141 unsigned char md[EVP_MAX_MD_SIZE];
142 unsigned int mdlen;
143 EVP_MD_CTX_init(&tmp_ctx);
144 if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
145 return 0;
146 if (sctx)
147 r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
148 sigret, siglen, &tmp_ctx);
149 else
150 r = EVP_DigestFinal_ex(&tmp_ctx,md,&mdlen);
151 EVP_MD_CTX_cleanup(&tmp_ctx);
152 if (sctx || !r)
153 return r;
154 if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
155 return 0;
156 }
157 else
158 {
159 if (sctx)
160 {
161 if (ctx->pctx->pmeth->signctx(ctx->pctx, sigret, siglen, ctx) <= 0)
162 return 0;
163 }
164 else
165 {
166 int s = EVP_MD_size(ctx->digest);
167 if (s < 0 || EVP_PKEY_sign(ctx->pctx, sigret, siglen, NULL, s) <= 0)
168 return 0;
169 }
170 }
171 return 1;
172 }
173
174int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen)
175 {
176 EVP_MD_CTX tmp_ctx;
177 unsigned char md[EVP_MAX_MD_SIZE];
178 int r;
179 unsigned int mdlen;
180 int vctx;
181
182 if (ctx->pctx->pmeth->verifyctx)
183 vctx = 1;
184 else
185 vctx = 0;
186 EVP_MD_CTX_init(&tmp_ctx);
187 if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
188 return -1;
189 if (vctx)
190 {
191 r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx,
192 sig, siglen, &tmp_ctx);
193 }
194 else
195 r = EVP_DigestFinal_ex(&tmp_ctx,md,&mdlen);
196 EVP_MD_CTX_cleanup(&tmp_ctx);
197 if (vctx || !r)
198 return r;
199 return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
200 }
diff --git a/src/lib/libcrypto/evp/m_wp.c b/src/lib/libcrypto/evp/m_wp.c
new file mode 100644
index 0000000000..c51bc2d5d1
--- /dev/null
+++ b/src/lib/libcrypto/evp/m_wp.c
@@ -0,0 +1,43 @@
1/* crypto/evp/m_wp.c */
2
3#include <stdio.h>
4#include "cryptlib.h"
5
6#ifndef OPENSSL_NO_WHIRLPOOL
7
8#include <openssl/evp.h>
9#include <openssl/objects.h>
10#include <openssl/x509.h>
11#include <openssl/whrlpool.h>
12#include "evp_locl.h"
13
14static int init(EVP_MD_CTX *ctx)
15 { return WHIRLPOOL_Init(ctx->md_data); }
16
17static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
18 { return WHIRLPOOL_Update(ctx->md_data,data,count); }
19
20static int final(EVP_MD_CTX *ctx,unsigned char *md)
21 { return WHIRLPOOL_Final(md,ctx->md_data); }
22
23static const EVP_MD whirlpool_md=
24 {
25 NID_whirlpool,
26 0,
27 WHIRLPOOL_DIGEST_LENGTH,
28 0,
29 init,
30 update,
31 final,
32 NULL,
33 NULL,
34 EVP_PKEY_NULL_method,
35 WHIRLPOOL_BBLOCK/8,
36 sizeof(EVP_MD *)+sizeof(WHIRLPOOL_CTX),
37 };
38
39const EVP_MD *EVP_whirlpool(void)
40 {
41 return(&whirlpool_md);
42 }
43#endif
diff --git a/src/lib/libcrypto/evp/names.c b/src/lib/libcrypto/evp/names.c
new file mode 100644
index 0000000000..f2869f5c78
--- /dev/null
+++ b/src/lib/libcrypto/evp/names.c
@@ -0,0 +1,201 @@
1/* crypto/evp/names.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65int EVP_add_cipher(const EVP_CIPHER *c)
66 {
67 int r;
68
69 r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c);
70 if (r == 0) return(0);
71 check_defer(c->nid);
72 r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c);
73 return(r);
74 }
75
76
77int EVP_add_digest(const EVP_MD *md)
78 {
79 int r;
80 const char *name;
81
82 name=OBJ_nid2sn(md->type);
83 r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(const char *)md);
84 if (r == 0) return(0);
85 check_defer(md->type);
86 r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(const char *)md);
87 if (r == 0) return(0);
88
89 if (md->pkey_type && md->type != md->pkey_type)
90 {
91 r=OBJ_NAME_add(OBJ_nid2sn(md->pkey_type),
92 OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name);
93 if (r == 0) return(0);
94 check_defer(md->pkey_type);
95 r=OBJ_NAME_add(OBJ_nid2ln(md->pkey_type),
96 OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name);
97 }
98 return(r);
99 }
100
101const EVP_CIPHER *EVP_get_cipherbyname(const char *name)
102 {
103 const EVP_CIPHER *cp;
104
105 cp=(const EVP_CIPHER *)OBJ_NAME_get(name,OBJ_NAME_TYPE_CIPHER_METH);
106 return(cp);
107 }
108
109const EVP_MD *EVP_get_digestbyname(const char *name)
110 {
111 const EVP_MD *cp;
112
113 cp=(const EVP_MD *)OBJ_NAME_get(name,OBJ_NAME_TYPE_MD_METH);
114 return(cp);
115 }
116
117void EVP_cleanup(void)
118 {
119 OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH);
120 OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH);
121 /* The above calls will only clean out the contents of the name
122 hash table, but not the hash table itself. The following line
123 does that part. -- Richard Levitte */
124 OBJ_NAME_cleanup(-1);
125
126 EVP_PBE_cleanup();
127 if (obj_cleanup_defer == 2)
128 {
129 obj_cleanup_defer = 0;
130 OBJ_cleanup();
131 }
132 OBJ_sigid_free();
133 }
134
135struct doall_cipher
136 {
137 void *arg;
138 void (*fn)(const EVP_CIPHER *ciph,
139 const char *from, const char *to, void *arg);
140 };
141
142static void do_all_cipher_fn(const OBJ_NAME *nm, void *arg)
143 {
144 struct doall_cipher *dc = arg;
145 if (nm->alias)
146 dc->fn(NULL, nm->name, nm->data, dc->arg);
147 else
148 dc->fn((const EVP_CIPHER *)nm->data, nm->name, NULL, dc->arg);
149 }
150
151void EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph,
152 const char *from, const char *to, void *x), void *arg)
153 {
154 struct doall_cipher dc;
155 dc.fn = fn;
156 dc.arg = arg;
157 OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc);
158 }
159
160void EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph,
161 const char *from, const char *to, void *x), void *arg)
162 {
163 struct doall_cipher dc;
164 dc.fn = fn;
165 dc.arg = arg;
166 OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn,&dc);
167 }
168
169struct doall_md
170 {
171 void *arg;
172 void (*fn)(const EVP_MD *ciph,
173 const char *from, const char *to, void *arg);
174 };
175
176static void do_all_md_fn(const OBJ_NAME *nm, void *arg)
177 {
178 struct doall_md *dc = arg;
179 if (nm->alias)
180 dc->fn(NULL, nm->name, nm->data, dc->arg);
181 else
182 dc->fn((const EVP_MD *)nm->data, nm->name, NULL, dc->arg);
183 }
184
185void EVP_MD_do_all(void (*fn)(const EVP_MD *md,
186 const char *from, const char *to, void *x), void *arg)
187 {
188 struct doall_md dc;
189 dc.fn = fn;
190 dc.arg = arg;
191 OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
192 }
193
194void EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *md,
195 const char *from, const char *to, void *x), void *arg)
196 {
197 struct doall_md dc;
198 dc.fn = fn;
199 dc.arg = arg;
200 OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
201 }
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c
new file mode 100644
index 0000000000..7ecfa8dad9
--- /dev/null
+++ b/src/lib/libcrypto/evp/p5_crpt.c
@@ -0,0 +1,132 @@
1/* p5_crpt.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include "cryptlib.h"
62#include <openssl/x509.h>
63#include <openssl/evp.h>
64
65/* Doesn't do anything now: Builtin PBE algorithms in static table.
66 */
67
68void PKCS5_PBE_add(void)
69{
70}
71
72int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
73 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
74 int en_de)
75{
76 EVP_MD_CTX ctx;
77 unsigned char md_tmp[EVP_MAX_MD_SIZE];
78 unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
79 int i;
80 PBEPARAM *pbe;
81 int saltlen, iter;
82 unsigned char *salt;
83 const unsigned char *pbuf;
84 int mdsize;
85
86 /* Extract useful info from parameter */
87 if (param == NULL || param->type != V_ASN1_SEQUENCE ||
88 param->value.sequence == NULL) {
89 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
90 return 0;
91 }
92
93 pbuf = param->value.sequence->data;
94 if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) {
95 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
96 return 0;
97 }
98
99 if (!pbe->iter) iter = 1;
100 else iter = ASN1_INTEGER_get (pbe->iter);
101 salt = pbe->salt->data;
102 saltlen = pbe->salt->length;
103
104 if(!pass) passlen = 0;
105 else if(passlen == -1) passlen = strlen(pass);
106
107 EVP_MD_CTX_init(&ctx);
108 EVP_DigestInit_ex(&ctx, md, NULL);
109 EVP_DigestUpdate(&ctx, pass, passlen);
110 EVP_DigestUpdate(&ctx, salt, saltlen);
111 PBEPARAM_free(pbe);
112 EVP_DigestFinal_ex(&ctx, md_tmp, NULL);
113 mdsize = EVP_MD_size(md);
114 if (mdsize < 0)
115 return 0;
116 for (i = 1; i < iter; i++) {
117 EVP_DigestInit_ex(&ctx, md, NULL);
118 EVP_DigestUpdate(&ctx, md_tmp, mdsize);
119 EVP_DigestFinal_ex (&ctx, md_tmp, NULL);
120 }
121 EVP_MD_CTX_cleanup(&ctx);
122 OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp));
123 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
124 OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
125 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
126 EVP_CIPHER_iv_length(cipher));
127 EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de);
128 OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
129 OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
130 OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
131 return 1;
132}
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c
new file mode 100644
index 0000000000..334379f310
--- /dev/null
+++ b/src/lib/libcrypto/evp/p5_crpt2.c
@@ -0,0 +1,299 @@
1/* p5_crpt2.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58#include <stdio.h>
59#include <stdlib.h>
60#include "cryptlib.h"
61#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA)
62#include <openssl/x509.h>
63#include <openssl/evp.h>
64#include <openssl/hmac.h>
65
66/* set this to print out info about the keygen algorithm */
67/* #define DEBUG_PKCS5V2 */
68
69#ifdef DEBUG_PKCS5V2
70 static void h__dump (const unsigned char *p, int len);
71#endif
72
73/* This is an implementation of PKCS#5 v2.0 password based encryption key
74 * derivation function PBKDF2.
75 * SHA1 version verified against test vectors posted by Peter Gutmann
76 * <pgut001@cs.auckland.ac.nz> to the PKCS-TNG <pkcs-tng@rsa.com> mailing list.
77 */
78
79int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
80 const unsigned char *salt, int saltlen, int iter,
81 const EVP_MD *digest,
82 int keylen, unsigned char *out)
83 {
84 unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
85 int cplen, j, k, tkeylen, mdlen;
86 unsigned long i = 1;
87 HMAC_CTX hctx;
88
89 mdlen = EVP_MD_size(digest);
90 if (mdlen < 0)
91 return 0;
92
93 HMAC_CTX_init(&hctx);
94 p = out;
95 tkeylen = keylen;
96 if(!pass)
97 passlen = 0;
98 else if(passlen == -1)
99 passlen = strlen(pass);
100 while(tkeylen)
101 {
102 if(tkeylen > mdlen)
103 cplen = mdlen;
104 else
105 cplen = tkeylen;
106 /* We are unlikely to ever use more than 256 blocks (5120 bits!)
107 * but just in case...
108 */
109 itmp[0] = (unsigned char)((i >> 24) & 0xff);
110 itmp[1] = (unsigned char)((i >> 16) & 0xff);
111 itmp[2] = (unsigned char)((i >> 8) & 0xff);
112 itmp[3] = (unsigned char)(i & 0xff);
113 HMAC_Init_ex(&hctx, pass, passlen, digest, NULL);
114 HMAC_Update(&hctx, salt, saltlen);
115 HMAC_Update(&hctx, itmp, 4);
116 HMAC_Final(&hctx, digtmp, NULL);
117 memcpy(p, digtmp, cplen);
118 for(j = 1; j < iter; j++)
119 {
120 HMAC(digest, pass, passlen,
121 digtmp, mdlen, digtmp, NULL);
122 for(k = 0; k < cplen; k++)
123 p[k] ^= digtmp[k];
124 }
125 tkeylen-= cplen;
126 i++;
127 p+= cplen;
128 }
129 HMAC_CTX_cleanup(&hctx);
130#ifdef DEBUG_PKCS5V2
131 fprintf(stderr, "Password:\n");
132 h__dump (pass, passlen);
133 fprintf(stderr, "Salt:\n");
134 h__dump (salt, saltlen);
135 fprintf(stderr, "Iteration count %d\n", iter);
136 fprintf(stderr, "Key:\n");
137 h__dump (out, keylen);
138#endif
139 return 1;
140 }
141
142int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
143 const unsigned char *salt, int saltlen, int iter,
144 int keylen, unsigned char *out)
145 {
146 return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, EVP_sha1(),
147 keylen, out);
148 }
149
150#ifdef DO_TEST
151main()
152{
153 unsigned char out[4];
154 unsigned char salt[] = {0x12, 0x34, 0x56, 0x78};
155 PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out);
156 fprintf(stderr, "Out %02X %02X %02X %02X\n",
157 out[0], out[1], out[2], out[3]);
158}
159
160#endif
161
162/* Now the key derivation function itself. This is a bit evil because
163 * it has to check the ASN1 parameters are valid: and there are quite a
164 * few of them...
165 */
166
167int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
168 ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md,
169 int en_de)
170{
171 unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
172 const unsigned char *pbuf;
173 int saltlen, iter, plen;
174 unsigned int keylen;
175 PBE2PARAM *pbe2 = NULL;
176 const EVP_CIPHER *cipher;
177 PBKDF2PARAM *kdf = NULL;
178 const EVP_MD *prfmd;
179 int prf_nid, hmac_md_nid;
180
181 if (param == NULL || param->type != V_ASN1_SEQUENCE ||
182 param->value.sequence == NULL) {
183 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
184 return 0;
185 }
186
187 pbuf = param->value.sequence->data;
188 plen = param->value.sequence->length;
189 if(!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
190 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
191 return 0;
192 }
193
194 /* See if we recognise the key derivation function */
195
196 if(OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) {
197 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
198 EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
199 goto err;
200 }
201
202 /* lets see if we recognise the encryption algorithm.
203 */
204
205 cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm);
206
207 if(!cipher) {
208 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
209 EVP_R_UNSUPPORTED_CIPHER);
210 goto err;
211 }
212
213 /* Fixup cipher based on AlgorithmIdentifier */
214 EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de);
215 if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
216 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
217 EVP_R_CIPHER_PARAMETER_ERROR);
218 goto err;
219 }
220 keylen = EVP_CIPHER_CTX_key_length(ctx);
221 OPENSSL_assert(keylen <= sizeof key);
222
223 /* Now decode key derivation function */
224
225 if(!pbe2->keyfunc->parameter ||
226 (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE))
227 {
228 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
229 goto err;
230 }
231
232 pbuf = pbe2->keyfunc->parameter->value.sequence->data;
233 plen = pbe2->keyfunc->parameter->value.sequence->length;
234 if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
235 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
236 goto err;
237 }
238
239 PBE2PARAM_free(pbe2);
240 pbe2 = NULL;
241
242 /* Now check the parameters of the kdf */
243
244 if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){
245 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
246 EVP_R_UNSUPPORTED_KEYLENGTH);
247 goto err;
248 }
249
250 if (kdf->prf)
251 prf_nid = OBJ_obj2nid(kdf->prf->algorithm);
252 else
253 prf_nid = NID_hmacWithSHA1;
254
255 if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0))
256 {
257 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
258 goto err;
259 }
260
261 prfmd = EVP_get_digestbynid(hmac_md_nid);
262 if (prfmd == NULL)
263 {
264 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
265 goto err;
266 }
267
268 if(kdf->salt->type != V_ASN1_OCTET_STRING) {
269 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
270 EVP_R_UNSUPPORTED_SALT_TYPE);
271 goto err;
272 }
273
274 /* it seems that its all OK */
275 salt = kdf->salt->value.octet_string->data;
276 saltlen = kdf->salt->value.octet_string->length;
277 iter = ASN1_INTEGER_get(kdf->iter);
278 if(!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
279 keylen, key))
280 goto err;
281 EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
282 OPENSSL_cleanse(key, keylen);
283 PBKDF2PARAM_free(kdf);
284 return 1;
285
286 err:
287 PBE2PARAM_free(pbe2);
288 PBKDF2PARAM_free(kdf);
289 return 0;
290}
291
292#ifdef DEBUG_PKCS5V2
293static void h__dump (const unsigned char *p, int len)
294{
295 for (; len --; p++) fprintf(stderr, "%02X ", *p);
296 fprintf(stderr, "\n");
297}
298#endif
299#endif
diff --git a/src/lib/libcrypto/evp/p_dec.c b/src/lib/libcrypto/evp/p_dec.c
new file mode 100644
index 0000000000..4201dcbad9
--- /dev/null
+++ b/src/lib/libcrypto/evp/p_dec.c
@@ -0,0 +1,87 @@
1/* crypto/evp/p_dec.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/rand.h>
62#ifndef OPENSSL_NO_RSA
63#include <openssl/rsa.h>
64#endif
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
68
69int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
70 EVP_PKEY *priv)
71 {
72 int ret= -1;
73
74#ifndef OPENSSL_NO_RSA
75 if (priv->type != EVP_PKEY_RSA)
76 {
77#endif
78 EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD,EVP_R_PUBLIC_KEY_NOT_RSA);
79#ifndef OPENSSL_NO_RSA
80 goto err;
81 }
82
83 ret=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING);
84err:
85#endif
86 return(ret);
87 }
diff --git a/src/lib/libcrypto/evp/p_enc.c b/src/lib/libcrypto/evp/p_enc.c
new file mode 100644
index 0000000000..b5a3a84c41
--- /dev/null
+++ b/src/lib/libcrypto/evp/p_enc.c
@@ -0,0 +1,86 @@
1/* crypto/evp/p_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/rand.h>
62#ifndef OPENSSL_NO_RSA
63#include <openssl/rsa.h>
64#endif
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
68
69int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, int key_len,
70 EVP_PKEY *pubk)
71 {
72 int ret=0;
73
74#ifndef OPENSSL_NO_RSA
75 if (pubk->type != EVP_PKEY_RSA)
76 {
77#endif
78 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD,EVP_R_PUBLIC_KEY_NOT_RSA);
79#ifndef OPENSSL_NO_RSA
80 goto err;
81 }
82 ret=RSA_public_encrypt(key_len,key,ek,pubk->pkey.rsa,RSA_PKCS1_PADDING);
83err:
84#endif
85 return(ret);
86 }
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c
new file mode 100644
index 0000000000..e26ccd0d08
--- /dev/null
+++ b/src/lib/libcrypto/evp/p_lib.c
@@ -0,0 +1,469 @@
1/* crypto/evp/p_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/err.h>
63#include <openssl/objects.h>
64#include <openssl/evp.h>
65#include <openssl/asn1_mac.h>
66#include <openssl/x509.h>
67#ifndef OPENSSL_NO_RSA
68#include <openssl/rsa.h>
69#endif
70#ifndef OPENSSL_NO_DSA
71#include <openssl/dsa.h>
72#endif
73#ifndef OPENSSL_NO_DH
74#include <openssl/dh.h>
75#endif
76
77#ifndef OPENSSL_NO_ENGINE
78#include <openssl/engine.h>
79#endif
80
81#include "asn1_locl.h"
82
83static void EVP_PKEY_free_it(EVP_PKEY *x);
84
85int EVP_PKEY_bits(EVP_PKEY *pkey)
86 {
87 if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
88 return pkey->ameth->pkey_bits(pkey);
89 return 0;
90 }
91
92int EVP_PKEY_size(EVP_PKEY *pkey)
93 {
94 if (pkey && pkey->ameth && pkey->ameth->pkey_size)
95 return pkey->ameth->pkey_size(pkey);
96 return 0;
97 }
98
99int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
100 {
101#ifndef OPENSSL_NO_DSA
102 if (pkey->type == EVP_PKEY_DSA)
103 {
104 int ret=pkey->save_parameters;
105
106 if (mode >= 0)
107 pkey->save_parameters=mode;
108 return(ret);
109 }
110#endif
111#ifndef OPENSSL_NO_EC
112 if (pkey->type == EVP_PKEY_EC)
113 {
114 int ret = pkey->save_parameters;
115
116 if (mode >= 0)
117 pkey->save_parameters = mode;
118 return(ret);
119 }
120#endif
121 return(0);
122 }
123
124int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
125 {
126 if (to->type != from->type)
127 {
128 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES);
129 goto err;
130 }
131
132 if (EVP_PKEY_missing_parameters(from))
133 {
134 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS);
135 goto err;
136 }
137 if (from->ameth && from->ameth->param_copy)
138 return from->ameth->param_copy(to, from);
139err:
140 return 0;
141 }
142
143int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
144 {
145 if (pkey->ameth && pkey->ameth->param_missing)
146 return pkey->ameth->param_missing(pkey);
147 return 0;
148 }
149
150int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
151 {
152 if (a->type != b->type)
153 return -1;
154 if (a->ameth && a->ameth->param_cmp)
155 return a->ameth->param_cmp(a, b);
156 return -2;
157 }
158
159int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
160 {
161 if (a->type != b->type)
162 return -1;
163
164 if (a->ameth)
165 {
166 int ret;
167 /* Compare parameters if the algorithm has them */
168 if (a->ameth->param_cmp)
169 {
170 ret = a->ameth->param_cmp(a, b);
171 if (ret <= 0)
172 return ret;
173 }
174
175 if (a->ameth->pub_cmp)
176 return a->ameth->pub_cmp(a, b);
177 }
178
179 return -2;
180 }
181
182EVP_PKEY *EVP_PKEY_new(void)
183 {
184 EVP_PKEY *ret;
185
186 ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY));
187 if (ret == NULL)
188 {
189 EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE);
190 return(NULL);
191 }
192 ret->type=EVP_PKEY_NONE;
193 ret->save_type=EVP_PKEY_NONE;
194 ret->references=1;
195 ret->ameth=NULL;
196 ret->engine=NULL;
197 ret->pkey.ptr=NULL;
198 ret->attributes=NULL;
199 ret->save_parameters=1;
200 return(ret);
201 }
202
203/* Setup a public key ASN1 method and ENGINE from a NID or a string.
204 * If pkey is NULL just return 1 or 0 if the algorithm exists.
205 */
206
207static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
208 {
209 const EVP_PKEY_ASN1_METHOD *ameth;
210 ENGINE *e = NULL;
211 if (pkey)
212 {
213 if (pkey->pkey.ptr)
214 EVP_PKEY_free_it(pkey);
215 /* If key type matches and a method exists then this
216 * lookup has succeeded once so just indicate success.
217 */
218 if ((type == pkey->save_type) && pkey->ameth)
219 return 1;
220#ifndef OPENSSL_NO_ENGINE
221 /* If we have an ENGINE release it */
222 if (pkey->engine)
223 {
224 ENGINE_finish(pkey->engine);
225 pkey->engine = NULL;
226 }
227#endif
228 }
229 if (str)
230 ameth = EVP_PKEY_asn1_find_str(&e, str, len);
231 else
232 ameth = EVP_PKEY_asn1_find(&e, type);
233#ifndef OPENSSL_NO_ENGINE
234 if (!pkey && e)
235 ENGINE_finish(e);
236#endif
237 if (!ameth)
238 {
239 EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
240 return 0;
241 }
242 if (pkey)
243 {
244 pkey->ameth = ameth;
245 pkey->engine = e;
246
247 pkey->type = pkey->ameth->pkey_id;
248 pkey->save_type=type;
249 }
250 return 1;
251 }
252
253int EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
254 {
255 return pkey_set_type(pkey, type, NULL, -1);
256 }
257
258int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len)
259 {
260 return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
261 }
262
263int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
264 {
265 if (!EVP_PKEY_set_type(pkey, type))
266 return 0;
267 pkey->pkey.ptr=key;
268 return (key != NULL);
269 }
270
271void *EVP_PKEY_get0(EVP_PKEY *pkey)
272 {
273 return pkey->pkey.ptr;
274 }
275
276#ifndef OPENSSL_NO_RSA
277int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
278{
279 int ret = EVP_PKEY_assign_RSA(pkey, key);
280 if(ret)
281 RSA_up_ref(key);
282 return ret;
283}
284
285RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
286 {
287 if(pkey->type != EVP_PKEY_RSA) {
288 EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
289 return NULL;
290 }
291 RSA_up_ref(pkey->pkey.rsa);
292 return pkey->pkey.rsa;
293}
294#endif
295
296#ifndef OPENSSL_NO_DSA
297int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
298{
299 int ret = EVP_PKEY_assign_DSA(pkey, key);
300 if(ret)
301 DSA_up_ref(key);
302 return ret;
303}
304
305DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
306 {
307 if(pkey->type != EVP_PKEY_DSA) {
308 EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
309 return NULL;
310 }
311 DSA_up_ref(pkey->pkey.dsa);
312 return pkey->pkey.dsa;
313}
314#endif
315
316#ifndef OPENSSL_NO_EC
317
318int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
319{
320 int ret = EVP_PKEY_assign_EC_KEY(pkey,key);
321 if (ret)
322 EC_KEY_up_ref(key);
323 return ret;
324}
325
326EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
327{
328 if (pkey->type != EVP_PKEY_EC)
329 {
330 EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
331 return NULL;
332 }
333 EC_KEY_up_ref(pkey->pkey.ec);
334 return pkey->pkey.ec;
335}
336#endif
337
338
339#ifndef OPENSSL_NO_DH
340
341int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
342{
343 int ret = EVP_PKEY_assign_DH(pkey, key);
344 if(ret)
345 DH_up_ref(key);
346 return ret;
347}
348
349DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
350 {
351 if(pkey->type != EVP_PKEY_DH) {
352 EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
353 return NULL;
354 }
355 DH_up_ref(pkey->pkey.dh);
356 return pkey->pkey.dh;
357}
358#endif
359
360int EVP_PKEY_type(int type)
361 {
362 int ret;
363 const EVP_PKEY_ASN1_METHOD *ameth;
364 ENGINE *e;
365 ameth = EVP_PKEY_asn1_find(&e, type);
366 if (ameth)
367 ret = ameth->pkey_id;
368 else
369 ret = NID_undef;
370#ifndef OPENSSL_NO_ENGINE
371 if (e)
372 ENGINE_finish(e);
373#endif
374 return ret;
375 }
376
377int EVP_PKEY_id(const EVP_PKEY *pkey)
378 {
379 return pkey->type;
380 }
381
382int EVP_PKEY_base_id(const EVP_PKEY *pkey)
383 {
384 return EVP_PKEY_type(pkey->type);
385 }
386
387void EVP_PKEY_free(EVP_PKEY *x)
388 {
389 int i;
390
391 if (x == NULL) return;
392
393 i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY);
394#ifdef REF_PRINT
395 REF_PRINT("EVP_PKEY",x);
396#endif
397 if (i > 0) return;
398#ifdef REF_CHECK
399 if (i < 0)
400 {
401 fprintf(stderr,"EVP_PKEY_free, bad reference count\n");
402 abort();
403 }
404#endif
405 EVP_PKEY_free_it(x);
406 if (x->attributes)
407 sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
408 OPENSSL_free(x);
409 }
410
411static void EVP_PKEY_free_it(EVP_PKEY *x)
412 {
413 if (x->ameth && x->ameth->pkey_free)
414 {
415 x->ameth->pkey_free(x);
416 x->pkey.ptr = NULL;
417 }
418#ifndef OPENSSL_NO_ENGINE
419 if (x->engine)
420 {
421 ENGINE_finish(x->engine);
422 x->engine = NULL;
423 }
424#endif
425 }
426
427static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent,
428 const char *kstr)
429 {
430 BIO_indent(out, indent, 128);
431 BIO_printf(out, "%s algorithm \"%s\" unsupported\n",
432 kstr, OBJ_nid2ln(pkey->type));
433 return 1;
434 }
435
436int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
437 int indent, ASN1_PCTX *pctx)
438 {
439 if (pkey->ameth && pkey->ameth->pub_print)
440 return pkey->ameth->pub_print(out, pkey, indent, pctx);
441
442 return unsup_alg(out, pkey, indent, "Public Key");
443 }
444
445int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
446 int indent, ASN1_PCTX *pctx)
447 {
448 if (pkey->ameth && pkey->ameth->priv_print)
449 return pkey->ameth->priv_print(out, pkey, indent, pctx);
450
451 return unsup_alg(out, pkey, indent, "Private Key");
452 }
453
454int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
455 int indent, ASN1_PCTX *pctx)
456 {
457 if (pkey->ameth && pkey->ameth->param_print)
458 return pkey->ameth->param_print(out, pkey, indent, pctx);
459 return unsup_alg(out, pkey, indent, "Parameters");
460 }
461
462int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid)
463 {
464 if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
465 return -2;
466 return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID,
467 0, pnid);
468 }
469
diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c
new file mode 100644
index 0000000000..53a59a295c
--- /dev/null
+++ b/src/lib/libcrypto/evp/p_open.c
@@ -0,0 +1,127 @@
1/* crypto/evp/p_open.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61
62#ifndef OPENSSL_NO_RSA
63
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include <openssl/x509.h>
67#include <openssl/rsa.h>
68
69int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
70 const unsigned char *ek, int ekl, const unsigned char *iv,
71 EVP_PKEY *priv)
72 {
73 unsigned char *key=NULL;
74 int i,size=0,ret=0;
75
76 if(type) {
77 EVP_CIPHER_CTX_init(ctx);
78 if(!EVP_DecryptInit_ex(ctx,type,NULL, NULL,NULL)) return 0;
79 }
80
81 if(!priv) return 1;
82
83 if (priv->type != EVP_PKEY_RSA)
84 {
85 EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
86 goto err;
87 }
88
89 size=RSA_size(priv->pkey.rsa);
90 key=(unsigned char *)OPENSSL_malloc(size+2);
91 if (key == NULL)
92 {
93 /* ERROR */
94 EVPerr(EVP_F_EVP_OPENINIT,ERR_R_MALLOC_FAILURE);
95 goto err;
96 }
97
98 i=EVP_PKEY_decrypt_old(key,ek,ekl,priv);
99 if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i))
100 {
101 /* ERROR */
102 goto err;
103 }
104 if(!EVP_DecryptInit_ex(ctx,NULL,NULL,key,iv)) goto err;
105
106 ret=1;
107err:
108 if (key != NULL) OPENSSL_cleanse(key,size);
109 OPENSSL_free(key);
110 return(ret);
111 }
112
113int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
114 {
115 int i;
116
117 i=EVP_DecryptFinal_ex(ctx,out,outl);
118 EVP_DecryptInit_ex(ctx,NULL,NULL,NULL,NULL);
119 return(i);
120 }
121#else /* !OPENSSL_NO_RSA */
122
123# ifdef PEDANTIC
124static void *dummy=&dummy;
125# endif
126
127#endif
diff --git a/src/lib/libcrypto/evp/p_seal.c b/src/lib/libcrypto/evp/p_seal.c
new file mode 100644
index 0000000000..d8324526e7
--- /dev/null
+++ b/src/lib/libcrypto/evp/p_seal.c
@@ -0,0 +1,115 @@
1/* crypto/evp/p_seal.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/rand.h>
62#ifndef OPENSSL_NO_RSA
63#include <openssl/rsa.h>
64#endif
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
68
69int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
70 int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
71 {
72 unsigned char key[EVP_MAX_KEY_LENGTH];
73 int i;
74
75 if(type) {
76 EVP_CIPHER_CTX_init(ctx);
77 if(!EVP_EncryptInit_ex(ctx,type,NULL,NULL,NULL)) return 0;
78 }
79 if ((npubk <= 0) || !pubk)
80 return 1;
81 if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
82 return 0;
83 if (EVP_CIPHER_CTX_iv_length(ctx))
84 RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx));
85
86 if(!EVP_EncryptInit_ex(ctx,NULL,NULL,key,iv)) return 0;
87
88 for (i=0; i<npubk; i++)
89 {
90 ekl[i]=EVP_PKEY_encrypt_old(ek[i],key,EVP_CIPHER_CTX_key_length(ctx),
91 pubk[i]);
92 if (ekl[i] <= 0) return(-1);
93 }
94 return(npubk);
95 }
96
97/* MACRO
98void EVP_SealUpdate(ctx,out,outl,in,inl)
99EVP_CIPHER_CTX *ctx;
100unsigned char *out;
101int *outl;
102unsigned char *in;
103int inl;
104 {
105 EVP_EncryptUpdate(ctx,out,outl,in,inl);
106 }
107*/
108
109int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
110 {
111 int i;
112 i = EVP_EncryptFinal_ex(ctx,out,outl);
113 EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);
114 return i;
115 }
diff --git a/src/lib/libcrypto/evp/p_sign.c b/src/lib/libcrypto/evp/p_sign.c
new file mode 100644
index 0000000000..bb893f5bde
--- /dev/null
+++ b/src/lib/libcrypto/evp/p_sign.c
@@ -0,0 +1,137 @@
1/* crypto/evp/p_sign.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65#ifdef undef
66void EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
67 {
68 EVP_DigestInit_ex(ctx,type);
69 }
70
71void EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
72 unsigned int count)
73 {
74 EVP_DigestUpdate(ctx,data,count);
75 }
76#endif
77
78int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
79 EVP_PKEY *pkey)
80 {
81 unsigned char m[EVP_MAX_MD_SIZE];
82 unsigned int m_len;
83 int i,ok=0,v;
84 EVP_MD_CTX tmp_ctx;
85
86 *siglen=0;
87 EVP_MD_CTX_init(&tmp_ctx);
88 EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);
89 EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);
90 EVP_MD_CTX_cleanup(&tmp_ctx);
91
92 if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
93 {
94 EVP_PKEY_CTX *pkctx = NULL;
95 size_t sltmp = (size_t)EVP_PKEY_size(pkey);
96 i = 0;
97 pkctx = EVP_PKEY_CTX_new(pkey, NULL);
98 if (!pkctx)
99 goto err;
100 if (EVP_PKEY_sign_init(pkctx) <= 0)
101 goto err;
102 if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
103 goto err;
104 if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
105 goto err;
106 *siglen = sltmp;
107 i = 1;
108 err:
109 EVP_PKEY_CTX_free(pkctx);
110 return i;
111 }
112
113 for (i=0; i<4; i++)
114 {
115 v=ctx->digest->required_pkey_type[i];
116 if (v == 0) break;
117 if (pkey->type == v)
118 {
119 ok=1;
120 break;
121 }
122 }
123 if (!ok)
124 {
125 EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
126 return(0);
127 }
128
129 if (ctx->digest->sign == NULL)
130 {
131 EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
132 return(0);
133 }
134 return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen,
135 pkey->pkey.ptr));
136 }
137
diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c
new file mode 100644
index 0000000000..41d4b67130
--- /dev/null
+++ b/src/lib/libcrypto/evp/p_verify.c
@@ -0,0 +1,119 @@
1/* crypto/evp/p_verify.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
66 unsigned int siglen, EVP_PKEY *pkey)
67 {
68 unsigned char m[EVP_MAX_MD_SIZE];
69 unsigned int m_len;
70 int i,ok=0,v;
71 EVP_MD_CTX tmp_ctx;
72
73 EVP_MD_CTX_init(&tmp_ctx);
74 EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);
75 EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);
76 EVP_MD_CTX_cleanup(&tmp_ctx);
77
78 if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
79 {
80 EVP_PKEY_CTX *pkctx = NULL;
81 i = -1;
82 pkctx = EVP_PKEY_CTX_new(pkey, NULL);
83 if (!pkctx)
84 goto err;
85 if (EVP_PKEY_verify_init(pkctx) <= 0)
86 goto err;
87 if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
88 goto err;
89 i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
90 err:
91 EVP_PKEY_CTX_free(pkctx);
92 return i;
93 }
94
95 for (i=0; i<4; i++)
96 {
97 v=ctx->digest->required_pkey_type[i];
98 if (v == 0) break;
99 if (pkey->type == v)
100 {
101 ok=1;
102 break;
103 }
104 }
105 if (!ok)
106 {
107 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
108 return(-1);
109 }
110 if (ctx->digest->verify == NULL)
111 {
112 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
113 return(0);
114 }
115
116 return(ctx->digest->verify(ctx->digest->type,m,m_len,
117 sigbuf,siglen,pkey->pkey.ptr));
118 }
119
diff --git a/src/lib/libcrypto/evp/pmeth_fn.c b/src/lib/libcrypto/evp/pmeth_fn.c
new file mode 100644
index 0000000000..c4676f2f8d
--- /dev/null
+++ b/src/lib/libcrypto/evp/pmeth_fn.c
@@ -0,0 +1,368 @@
1/* pmeth_fn.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006.
4 */
5/* ====================================================================
6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include "cryptlib.h"
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include "evp_locl.h"
65
66#define M_check_autoarg(ctx, arg, arglen, err) \
67 if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
68 { \
69 size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
70 if (!arg) \
71 { \
72 *arglen = pksize; \
73 return 1; \
74 } \
75 else if (*arglen < pksize) \
76 { \
77 EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\
78 return 0; \
79 } \
80 }
81
82int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
83 {
84 int ret;
85 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign)
86 {
87 EVPerr(EVP_F_EVP_PKEY_SIGN_INIT,
88 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
89 return -2;
90 }
91 ctx->operation = EVP_PKEY_OP_SIGN;
92 if (!ctx->pmeth->sign_init)
93 return 1;
94 ret = ctx->pmeth->sign_init(ctx);
95 if (ret <= 0)
96 ctx->operation = EVP_PKEY_OP_UNDEFINED;
97 return ret;
98 }
99
100int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
101 unsigned char *sig, size_t *siglen,
102 const unsigned char *tbs, size_t tbslen)
103 {
104 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign)
105 {
106 EVPerr(EVP_F_EVP_PKEY_SIGN,
107 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
108 return -2;
109 }
110 if (ctx->operation != EVP_PKEY_OP_SIGN)
111 {
112 EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED);
113 return -1;
114 }
115 M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
116 return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen);
117 }
118
119int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
120 {
121 int ret;
122 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify)
123 {
124 EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT,
125 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
126 return -2;
127 }
128 ctx->operation = EVP_PKEY_OP_VERIFY;
129 if (!ctx->pmeth->verify_init)
130 return 1;
131 ret = ctx->pmeth->verify_init(ctx);
132 if (ret <= 0)
133 ctx->operation = EVP_PKEY_OP_UNDEFINED;
134 return ret;
135 }
136
137int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
138 const unsigned char *sig, size_t siglen,
139 const unsigned char *tbs, size_t tbslen)
140 {
141 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify)
142 {
143 EVPerr(EVP_F_EVP_PKEY_VERIFY,
144 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
145 return -2;
146 }
147 if (ctx->operation != EVP_PKEY_OP_VERIFY)
148 {
149 EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED);
150 return -1;
151 }
152 return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
153 }
154
155int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
156 {
157 int ret;
158 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover)
159 {
160 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT,
161 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
162 return -2;
163 }
164 ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
165 if (!ctx->pmeth->verify_recover_init)
166 return 1;
167 ret = ctx->pmeth->verify_recover_init(ctx);
168 if (ret <= 0)
169 ctx->operation = EVP_PKEY_OP_UNDEFINED;
170 return ret;
171 }
172
173int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
174 unsigned char *rout, size_t *routlen,
175 const unsigned char *sig, size_t siglen)
176 {
177 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover)
178 {
179 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
180 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
181 return -2;
182 }
183 if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER)
184 {
185 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, EVP_R_OPERATON_NOT_INITIALIZED);
186 return -1;
187 }
188 M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
189 return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen);
190 }
191
192int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
193 {
194 int ret;
195 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt)
196 {
197 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT,
198 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
199 return -2;
200 }
201 ctx->operation = EVP_PKEY_OP_ENCRYPT;
202 if (!ctx->pmeth->encrypt_init)
203 return 1;
204 ret = ctx->pmeth->encrypt_init(ctx);
205 if (ret <= 0)
206 ctx->operation = EVP_PKEY_OP_UNDEFINED;
207 return ret;
208 }
209
210int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
211 unsigned char *out, size_t *outlen,
212 const unsigned char *in, size_t inlen)
213 {
214 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt)
215 {
216 EVPerr(EVP_F_EVP_PKEY_ENCRYPT,
217 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
218 return -2;
219 }
220 if (ctx->operation != EVP_PKEY_OP_ENCRYPT)
221 {
222 EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
223 return -1;
224 }
225 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT)
226 return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);
227 }
228
229int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
230 {
231 int ret;
232 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt)
233 {
234 EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT,
235 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
236 return -2;
237 }
238 ctx->operation = EVP_PKEY_OP_DECRYPT;
239 if (!ctx->pmeth->decrypt_init)
240 return 1;
241 ret = ctx->pmeth->decrypt_init(ctx);
242 if (ret <= 0)
243 ctx->operation = EVP_PKEY_OP_UNDEFINED;
244 return ret;
245 }
246
247int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
248 unsigned char *out, size_t *outlen,
249 const unsigned char *in, size_t inlen)
250 {
251 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt)
252 {
253 EVPerr(EVP_F_EVP_PKEY_DECRYPT,
254 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
255 return -2;
256 }
257 if (ctx->operation != EVP_PKEY_OP_DECRYPT)
258 {
259 EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
260 return -1;
261 }
262 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
263 return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
264 }
265
266
267int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
268 {
269 int ret;
270 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive)
271 {
272 EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT,
273 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
274 return -2;
275 }
276 ctx->operation = EVP_PKEY_OP_DERIVE;
277 if (!ctx->pmeth->derive_init)
278 return 1;
279 ret = ctx->pmeth->derive_init(ctx);
280 if (ret <= 0)
281 ctx->operation = EVP_PKEY_OP_UNDEFINED;
282 return ret;
283 }
284
285int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
286 {
287 int ret;
288 if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive||ctx->pmeth->encrypt||ctx->pmeth->decrypt) || !ctx->pmeth->ctrl)
289 {
290 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
291 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
292 return -2;
293 }
294 if (ctx->operation != EVP_PKEY_OP_DERIVE && ctx->operation != EVP_PKEY_OP_ENCRYPT && ctx->operation != EVP_PKEY_OP_DECRYPT)
295 {
296 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
297 EVP_R_OPERATON_NOT_INITIALIZED);
298 return -1;
299 }
300
301 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
302
303 if (ret <= 0)
304 return ret;
305
306 if (ret == 2)
307 return 1;
308
309 if (!ctx->pkey)
310 {
311 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET);
312 return -1;
313 }
314
315 if (ctx->pkey->type != peer->type)
316 {
317 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
318 EVP_R_DIFFERENT_KEY_TYPES);
319 return -1;
320 }
321
322 /* ran@cryptocom.ru: For clarity. The error is if parameters in peer are
323 * present (!missing) but don't match. EVP_PKEY_cmp_parameters may return
324 * 1 (match), 0 (don't match) and -2 (comparison is not defined). -1
325 * (different key types) is impossible here because it is checked earlier.
326 * -2 is OK for us here, as well as 1, so we can check for 0 only. */
327 if (!EVP_PKEY_missing_parameters(peer) &&
328 !EVP_PKEY_cmp_parameters(ctx->pkey, peer))
329 {
330 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
331 EVP_R_DIFFERENT_PARAMETERS);
332 return -1;
333 }
334
335 if (ctx->peerkey)
336 EVP_PKEY_free(ctx->peerkey);
337 ctx->peerkey = peer;
338
339 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
340
341 if (ret <= 0)
342 {
343 ctx->peerkey = NULL;
344 return ret;
345 }
346
347 CRYPTO_add(&peer->references,1,CRYPTO_LOCK_EVP_PKEY);
348 return 1;
349 }
350
351
352int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
353 {
354 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive)
355 {
356 EVPerr(EVP_F_EVP_PKEY_DERIVE,
357 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
358 return -2;
359 }
360 if (ctx->operation != EVP_PKEY_OP_DERIVE)
361 {
362 EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
363 return -1;
364 }
365 M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
366 return ctx->pmeth->derive(ctx, key, pkeylen);
367 }
368
diff --git a/src/lib/libcrypto/evp/pmeth_gn.c b/src/lib/libcrypto/evp/pmeth_gn.c
new file mode 100644
index 0000000000..4651c81370
--- /dev/null
+++ b/src/lib/libcrypto/evp/pmeth_gn.c
@@ -0,0 +1,221 @@
1/* pmeth_gn.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006.
4 */
5/* ====================================================================
6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include "cryptlib.h"
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/bn.h>
65#include "evp_locl.h"
66
67int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
68 {
69 int ret;
70 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen)
71 {
72 EVPerr(EVP_F_EVP_PKEY_PARAMGEN_INIT,
73 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
74 return -2;
75 }
76 ctx->operation = EVP_PKEY_OP_PARAMGEN;
77 if (!ctx->pmeth->paramgen_init)
78 return 1;
79 ret = ctx->pmeth->paramgen_init(ctx);
80 if (ret <= 0)
81 ctx->operation = EVP_PKEY_OP_UNDEFINED;
82 return ret;
83 }
84
85int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
86 {
87 int ret;
88 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen)
89 {
90 EVPerr(EVP_F_EVP_PKEY_PARAMGEN,
91 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
92 return -2;
93 }
94
95 if (ctx->operation != EVP_PKEY_OP_PARAMGEN)
96 {
97 EVPerr(EVP_F_EVP_PKEY_PARAMGEN, EVP_R_OPERATON_NOT_INITIALIZED);
98 return -1;
99 }
100
101 if (!ppkey)
102 return -1;
103
104 if (!*ppkey)
105 *ppkey = EVP_PKEY_new();
106
107 ret = ctx->pmeth->paramgen(ctx, *ppkey);
108 if (ret <= 0)
109 {
110 EVP_PKEY_free(*ppkey);
111 *ppkey = NULL;
112 }
113 return ret;
114 }
115
116int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx)
117 {
118 int ret;
119 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen)
120 {
121 EVPerr(EVP_F_EVP_PKEY_KEYGEN_INIT,
122 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
123 return -2;
124 }
125 ctx->operation = EVP_PKEY_OP_KEYGEN;
126 if (!ctx->pmeth->keygen_init)
127 return 1;
128 ret = ctx->pmeth->keygen_init(ctx);
129 if (ret <= 0)
130 ctx->operation = EVP_PKEY_OP_UNDEFINED;
131 return ret;
132 }
133
134int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
135 {
136 int ret;
137
138 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen)
139 {
140 EVPerr(EVP_F_EVP_PKEY_KEYGEN,
141 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
142 return -2;
143 }
144 if (ctx->operation != EVP_PKEY_OP_KEYGEN)
145 {
146 EVPerr(EVP_F_EVP_PKEY_KEYGEN, EVP_R_OPERATON_NOT_INITIALIZED);
147 return -1;
148 }
149
150 if (!ppkey)
151 return -1;
152
153 if (!*ppkey)
154 *ppkey = EVP_PKEY_new();
155
156 ret = ctx->pmeth->keygen(ctx, *ppkey);
157 if (ret <= 0)
158 {
159 EVP_PKEY_free(*ppkey);
160 *ppkey = NULL;
161 }
162 return ret;
163 }
164
165void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb)
166 {
167 ctx->pkey_gencb = cb;
168 }
169
170EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx)
171 {
172 return ctx->pkey_gencb;
173 }
174
175/* "translation callback" to call EVP_PKEY_CTX callbacks using BN_GENCB
176 * style callbacks.
177 */
178
179static int trans_cb(int a, int b, BN_GENCB *gcb)
180 {
181 EVP_PKEY_CTX *ctx = gcb->arg;
182 ctx->keygen_info[0] = a;
183 ctx->keygen_info[1] = b;
184 return ctx->pkey_gencb(ctx);
185 }
186
187void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx)
188 {
189 BN_GENCB_set(cb, trans_cb, ctx)
190 }
191
192int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx)
193 {
194 if (idx == -1)
195 return ctx->keygen_info_count;
196 if (idx < 0 || idx > ctx->keygen_info_count)
197 return 0;
198 return ctx->keygen_info[idx];
199 }
200
201EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
202 const unsigned char *key, int keylen)
203 {
204 EVP_PKEY_CTX *mac_ctx = NULL;
205 EVP_PKEY *mac_key = NULL;
206 mac_ctx = EVP_PKEY_CTX_new_id(type, e);
207 if (!mac_ctx)
208 return NULL;
209 if (EVP_PKEY_keygen_init(mac_ctx) <= 0)
210 goto merr;
211 if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN,
212 EVP_PKEY_CTRL_SET_MAC_KEY,
213 keylen, (void *)key) <= 0)
214 goto merr;
215 if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0)
216 goto merr;
217 merr:
218 if (mac_ctx)
219 EVP_PKEY_CTX_free(mac_ctx);
220 return mac_key;
221 }
diff --git a/src/lib/libcrypto/evp/pmeth_lib.c b/src/lib/libcrypto/evp/pmeth_lib.c
new file mode 100644
index 0000000000..acfa7b6f87
--- /dev/null
+++ b/src/lib/libcrypto/evp/pmeth_lib.c
@@ -0,0 +1,593 @@
1/* pmeth_lib.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006.
4 */
5/* ====================================================================
6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include "cryptlib.h"
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#ifndef OPENSSL_NO_ENGINE
65#include <openssl/engine.h>
66#endif
67#include "asn1_locl.h"
68#include "evp_locl.h"
69
70typedef int sk_cmp_fn_type(const char * const *a, const char * const *b);
71
72DECLARE_STACK_OF(EVP_PKEY_METHOD)
73STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
74
75extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
76extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth;
77
78static const EVP_PKEY_METHOD *standard_methods[] =
79 {
80#ifndef OPENSSL_NO_RSA
81 &rsa_pkey_meth,
82#endif
83#ifndef OPENSSL_NO_DH
84 &dh_pkey_meth,
85#endif
86#ifndef OPENSSL_NO_DSA
87 &dsa_pkey_meth,
88#endif
89#ifndef OPENSSL_NO_EC
90 &ec_pkey_meth,
91#endif
92 &hmac_pkey_meth,
93 &cmac_pkey_meth
94 };
95
96DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
97 pmeth);
98
99static int pmeth_cmp(const EVP_PKEY_METHOD * const *a,
100 const EVP_PKEY_METHOD * const *b)
101 {
102 return ((*a)->pkey_id - (*b)->pkey_id);
103 }
104
105IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
106 pmeth);
107
108const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type)
109 {
110 EVP_PKEY_METHOD tmp;
111 const EVP_PKEY_METHOD *t = &tmp, **ret;
112 tmp.pkey_id = type;
113 if (app_pkey_methods)
114 {
115 int idx;
116 idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
117 if (idx >= 0)
118 return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
119 }
120 ret = OBJ_bsearch_pmeth(&t, standard_methods,
121 sizeof(standard_methods)/sizeof(EVP_PKEY_METHOD *));
122 if (!ret || !*ret)
123 return NULL;
124 return *ret;
125 }
126
127static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
128 {
129 EVP_PKEY_CTX *ret;
130 const EVP_PKEY_METHOD *pmeth;
131 if (id == -1)
132 {
133 if (!pkey || !pkey->ameth)
134 return NULL;
135 id = pkey->ameth->pkey_id;
136 }
137#ifndef OPENSSL_NO_ENGINE
138 if (pkey && pkey->engine)
139 e = pkey->engine;
140 /* Try to find an ENGINE which implements this method */
141 if (e)
142 {
143 if (!ENGINE_init(e))
144 {
145 EVPerr(EVP_F_INT_CTX_NEW,ERR_R_ENGINE_LIB);
146 return NULL;
147 }
148 }
149 else
150 e = ENGINE_get_pkey_meth_engine(id);
151
152 /* If an ENGINE handled this method look it up. Othewise
153 * use internal tables.
154 */
155
156 if (e)
157 pmeth = ENGINE_get_pkey_meth(e, id);
158 else
159#endif
160 pmeth = EVP_PKEY_meth_find(id);
161
162 if (pmeth == NULL)
163 {
164 EVPerr(EVP_F_INT_CTX_NEW,EVP_R_UNSUPPORTED_ALGORITHM);
165 return NULL;
166 }
167
168 ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
169 if (!ret)
170 {
171#ifndef OPENSSL_NO_ENGINE
172 if (e)
173 ENGINE_finish(e);
174#endif
175 EVPerr(EVP_F_INT_CTX_NEW,ERR_R_MALLOC_FAILURE);
176 return NULL;
177 }
178 ret->engine = e;
179 ret->pmeth = pmeth;
180 ret->operation = EVP_PKEY_OP_UNDEFINED;
181 ret->pkey = pkey;
182 ret->peerkey = NULL;
183 ret->pkey_gencb = 0;
184 if (pkey)
185 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
186 ret->data = NULL;
187
188 if (pmeth->init)
189 {
190 if (pmeth->init(ret) <= 0)
191 {
192 EVP_PKEY_CTX_free(ret);
193 return NULL;
194 }
195 }
196
197 return ret;
198 }
199
200EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags)
201 {
202 EVP_PKEY_METHOD *pmeth;
203 pmeth = OPENSSL_malloc(sizeof(EVP_PKEY_METHOD));
204 if (!pmeth)
205 return NULL;
206
207 memset(pmeth, 0, sizeof(EVP_PKEY_METHOD));
208
209 pmeth->pkey_id = id;
210 pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
211
212 pmeth->init = 0;
213 pmeth->copy = 0;
214 pmeth->cleanup = 0;
215 pmeth->paramgen_init = 0;
216 pmeth->paramgen = 0;
217 pmeth->keygen_init = 0;
218 pmeth->keygen = 0;
219 pmeth->sign_init = 0;
220 pmeth->sign = 0;
221 pmeth->verify_init = 0;
222 pmeth->verify = 0;
223 pmeth->verify_recover_init = 0;
224 pmeth->verify_recover = 0;
225 pmeth->signctx_init = 0;
226 pmeth->signctx = 0;
227 pmeth->verifyctx_init = 0;
228 pmeth->verifyctx = 0;
229 pmeth->encrypt_init = 0;
230 pmeth->encrypt = 0;
231 pmeth->decrypt_init = 0;
232 pmeth->decrypt = 0;
233 pmeth->derive_init = 0;
234 pmeth->derive = 0;
235 pmeth->ctrl = 0;
236 pmeth->ctrl_str = 0;
237
238 return pmeth;
239 }
240
241void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
242 const EVP_PKEY_METHOD *meth)
243 {
244 if (ppkey_id)
245 *ppkey_id = meth->pkey_id;
246 if (pflags)
247 *pflags = meth->flags;
248 }
249
250void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
251 {
252
253 dst->init = src->init;
254 dst->copy = src->copy;
255 dst->cleanup = src->cleanup;
256
257 dst->paramgen_init = src->paramgen_init;
258 dst->paramgen = src->paramgen;
259
260 dst->keygen_init = src->keygen_init;
261 dst->keygen = src->keygen;
262
263 dst->sign_init = src->sign_init;
264 dst->sign = src->sign;
265
266 dst->verify_init = src->verify_init;
267 dst->verify = src->verify;
268
269 dst->verify_recover_init = src->verify_recover_init;
270 dst->verify_recover = src->verify_recover;
271
272 dst->signctx_init = src->signctx_init;
273 dst->signctx = src->signctx;
274
275 dst->verifyctx_init = src->verifyctx_init;
276 dst->verifyctx = src->verifyctx;
277
278 dst->encrypt_init = src->encrypt_init;
279 dst->encrypt = src->encrypt;
280
281 dst->decrypt_init = src->decrypt_init;
282 dst->decrypt = src->decrypt;
283
284 dst->derive_init = src->derive_init;
285 dst->derive = src->derive;
286
287 dst->ctrl = src->ctrl;
288 dst->ctrl_str = src->ctrl_str;
289 }
290
291void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
292 {
293 if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
294 OPENSSL_free(pmeth);
295 }
296
297EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
298 {
299 return int_ctx_new(pkey, e, -1);
300 }
301
302EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e)
303 {
304 return int_ctx_new(NULL, e, id);
305 }
306
307EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
308 {
309 EVP_PKEY_CTX *rctx;
310 if (!pctx->pmeth || !pctx->pmeth->copy)
311 return NULL;
312#ifndef OPENSSL_NO_ENGINE
313 /* Make sure it's safe to copy a pkey context using an ENGINE */
314 if (pctx->engine && !ENGINE_init(pctx->engine))
315 {
316 EVPerr(EVP_F_EVP_PKEY_CTX_DUP,ERR_R_ENGINE_LIB);
317 return 0;
318 }
319#endif
320 rctx = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
321 if (!rctx)
322 return NULL;
323
324 rctx->pmeth = pctx->pmeth;
325#ifndef OPENSSL_NO_ENGINE
326 rctx->engine = pctx->engine;
327#endif
328
329 if (pctx->pkey)
330 CRYPTO_add(&pctx->pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
331
332 rctx->pkey = pctx->pkey;
333
334 if (pctx->peerkey)
335 CRYPTO_add(&pctx->peerkey->references,1,CRYPTO_LOCK_EVP_PKEY);
336
337 rctx->peerkey = pctx->peerkey;
338
339 rctx->data = NULL;
340 rctx->app_data = NULL;
341 rctx->operation = pctx->operation;
342
343 if (pctx->pmeth->copy(rctx, pctx) > 0)
344 return rctx;
345
346 EVP_PKEY_CTX_free(rctx);
347 return NULL;
348
349 }
350
351int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
352 {
353 if (app_pkey_methods == NULL)
354 {
355 app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
356 if (!app_pkey_methods)
357 return 0;
358 }
359 if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))
360 return 0;
361 sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
362 return 1;
363 }
364
365void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
366 {
367 if (ctx == NULL)
368 return;
369 if (ctx->pmeth && ctx->pmeth->cleanup)
370 ctx->pmeth->cleanup(ctx);
371 if (ctx->pkey)
372 EVP_PKEY_free(ctx->pkey);
373 if (ctx->peerkey)
374 EVP_PKEY_free(ctx->peerkey);
375#ifndef OPENSSL_NO_ENGINE
376 if(ctx->engine)
377 /* The EVP_PKEY_CTX we used belongs to an ENGINE, release the
378 * functional reference we held for this reason. */
379 ENGINE_finish(ctx->engine);
380#endif
381 OPENSSL_free(ctx);
382 }
383
384int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
385 int cmd, int p1, void *p2)
386 {
387 int ret;
388 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl)
389 {
390 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
391 return -2;
392 }
393 if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))
394 return -1;
395
396 if (ctx->operation == EVP_PKEY_OP_UNDEFINED)
397 {
398 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET);
399 return -1;
400 }
401
402 if ((optype != -1) && !(ctx->operation & optype))
403 {
404 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION);
405 return -1;
406 }
407
408 ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);
409
410 if (ret == -2)
411 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
412
413 return ret;
414
415 }
416
417int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx,
418 const char *name, const char *value)
419 {
420 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str)
421 {
422 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
423 EVP_R_COMMAND_NOT_SUPPORTED);
424 return -2;
425 }
426 if (!strcmp(name, "digest"))
427 {
428 const EVP_MD *md;
429 if (!value || !(md = EVP_get_digestbyname(value)))
430 {
431 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
432 EVP_R_INVALID_DIGEST);
433 return 0;
434 }
435 return EVP_PKEY_CTX_set_signature_md(ctx, md);
436 }
437 return ctx->pmeth->ctrl_str(ctx, name, value);
438 }
439
440int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx)
441 {
442 return ctx->operation;
443 }
444
445void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen)
446 {
447 ctx->keygen_info = dat;
448 ctx->keygen_info_count = datlen;
449 }
450
451void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data)
452 {
453 ctx->data = data;
454 }
455
456void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx)
457 {
458 return ctx->data;
459 }
460
461EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx)
462 {
463 return ctx->pkey;
464 }
465
466EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx)
467 {
468 return ctx->peerkey;
469 }
470
471void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data)
472 {
473 ctx->app_data = data;
474 }
475
476void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
477 {
478 return ctx->app_data;
479 }
480
481void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
482 int (*init)(EVP_PKEY_CTX *ctx))
483 {
484 pmeth->init = init;
485 }
486
487void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
488 int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src))
489 {
490 pmeth->copy = copy;
491 }
492
493void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
494 void (*cleanup)(EVP_PKEY_CTX *ctx))
495 {
496 pmeth->cleanup = cleanup;
497 }
498
499void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
500 int (*paramgen_init)(EVP_PKEY_CTX *ctx),
501 int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
502 {
503 pmeth->paramgen_init = paramgen_init;
504 pmeth->paramgen = paramgen;
505 }
506
507void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
508 int (*keygen_init)(EVP_PKEY_CTX *ctx),
509 int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
510 {
511 pmeth->keygen_init = keygen_init;
512 pmeth->keygen = keygen;
513 }
514
515void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
516 int (*sign_init)(EVP_PKEY_CTX *ctx),
517 int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
518 const unsigned char *tbs, size_t tbslen))
519 {
520 pmeth->sign_init = sign_init;
521 pmeth->sign = sign;
522 }
523
524void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
525 int (*verify_init)(EVP_PKEY_CTX *ctx),
526 int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
527 const unsigned char *tbs, size_t tbslen))
528 {
529 pmeth->verify_init = verify_init;
530 pmeth->verify = verify;
531 }
532
533void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
534 int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
535 int (*verify_recover)(EVP_PKEY_CTX *ctx,
536 unsigned char *sig, size_t *siglen,
537 const unsigned char *tbs, size_t tbslen))
538 {
539 pmeth->verify_recover_init = verify_recover_init;
540 pmeth->verify_recover = verify_recover;
541 }
542
543void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
544 int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
545 int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
546 EVP_MD_CTX *mctx))
547 {
548 pmeth->signctx_init = signctx_init;
549 pmeth->signctx = signctx;
550 }
551
552void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
553 int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
554 int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen,
555 EVP_MD_CTX *mctx))
556 {
557 pmeth->verifyctx_init = verifyctx_init;
558 pmeth->verifyctx = verifyctx;
559 }
560
561void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
562 int (*encrypt_init)(EVP_PKEY_CTX *ctx),
563 int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
564 const unsigned char *in, size_t inlen))
565 {
566 pmeth->encrypt_init = encrypt_init;
567 pmeth->encrypt = encryptfn;
568 }
569
570void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
571 int (*decrypt_init)(EVP_PKEY_CTX *ctx),
572 int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
573 const unsigned char *in, size_t inlen))
574 {
575 pmeth->decrypt_init = decrypt_init;
576 pmeth->decrypt = decrypt;
577 }
578
579void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
580 int (*derive_init)(EVP_PKEY_CTX *ctx),
581 int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen))
582 {
583 pmeth->derive_init = derive_init;
584 pmeth->derive = derive;
585 }
586
587void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
588 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
589 int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value))
590 {
591 pmeth->ctrl = ctrl;
592 pmeth->ctrl_str = ctrl_str;
593 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-08 05:25:32 +0000