diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/evp/evp_cipher.c | 246 |
1 files changed, 125 insertions, 121 deletions
diff --git a/src/lib/libcrypto/evp/evp_cipher.c b/src/lib/libcrypto/evp/evp_cipher.c index c762c968eb..82441cbc94 100644 --- a/src/lib/libcrypto/evp/evp_cipher.c +++ b/src/lib/libcrypto/evp/evp_cipher.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: evp_cipher.c,v 1.7 2024/01/02 18:48:02 tb Exp $ */ | 1 | /* $OpenBSD: evp_cipher.c,v 1.8 2024/01/02 19:56:43 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -741,126 +741,6 @@ EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) | |||
| 741 | } | 741 | } |
| 742 | 742 | ||
| 743 | int | 743 | int |
| 744 | EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type) | ||
| 745 | { | ||
| 746 | int ret; | ||
| 747 | |||
| 748 | if (ctx->cipher->set_asn1_parameters != NULL) | ||
| 749 | ret = ctx->cipher->set_asn1_parameters(ctx, type); | ||
| 750 | else if (ctx->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) | ||
| 751 | ret = EVP_CIPHER_set_asn1_iv(ctx, type); | ||
| 752 | else | ||
| 753 | ret = -1; | ||
| 754 | return (ret); | ||
| 755 | } | ||
| 756 | |||
| 757 | int | ||
| 758 | EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type) | ||
| 759 | { | ||
| 760 | int ret; | ||
| 761 | |||
| 762 | if (ctx->cipher->get_asn1_parameters != NULL) | ||
| 763 | ret = ctx->cipher->get_asn1_parameters(ctx, type); | ||
| 764 | else if (ctx->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) | ||
| 765 | ret = EVP_CIPHER_get_asn1_iv(ctx, type); | ||
| 766 | else | ||
| 767 | ret = -1; | ||
| 768 | return (ret); | ||
| 769 | } | ||
| 770 | |||
| 771 | int | ||
| 772 | EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type) | ||
| 773 | { | ||
| 774 | int i = 0; | ||
| 775 | int l; | ||
| 776 | |||
| 777 | if (type != NULL) { | ||
| 778 | l = EVP_CIPHER_CTX_iv_length(ctx); | ||
| 779 | if (l < 0 || l > sizeof(ctx->iv)) { | ||
| 780 | EVPerror(EVP_R_IV_TOO_LARGE); | ||
| 781 | return 0; | ||
| 782 | } | ||
| 783 | i = ASN1_TYPE_get_octetstring(type, ctx->oiv, l); | ||
| 784 | if (i != l) | ||
| 785 | return (-1); | ||
| 786 | else if (i > 0) | ||
| 787 | memcpy(ctx->iv, ctx->oiv, l); | ||
| 788 | } | ||
| 789 | return (i); | ||
| 790 | } | ||
| 791 | |||
| 792 | int | ||
| 793 | EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type) | ||
| 794 | { | ||
| 795 | int i = 0; | ||
| 796 | int j; | ||
| 797 | |||
| 798 | if (type != NULL) { | ||
| 799 | j = EVP_CIPHER_CTX_iv_length(ctx); | ||
| 800 | if (j < 0 || j > sizeof(ctx->iv)) { | ||
| 801 | EVPerror(EVP_R_IV_TOO_LARGE); | ||
| 802 | return 0; | ||
| 803 | } | ||
| 804 | i = ASN1_TYPE_set_octetstring(type, ctx->oiv, j); | ||
| 805 | } | ||
| 806 | return (i); | ||
| 807 | } | ||
| 808 | |||
| 809 | /* Convert the various cipher NIDs and dummies to a proper OID NID */ | ||
| 810 | int | ||
| 811 | EVP_CIPHER_type(const EVP_CIPHER *cipher) | ||
| 812 | { | ||
| 813 | ASN1_OBJECT *aobj; | ||
| 814 | int nid; | ||
| 815 | |||
| 816 | nid = EVP_CIPHER_nid(cipher); | ||
| 817 | switch (nid) { | ||
| 818 | case NID_rc2_cbc: | ||
| 819 | case NID_rc2_64_cbc: | ||
| 820 | case NID_rc2_40_cbc: | ||
| 821 | return NID_rc2_cbc; | ||
| 822 | |||
| 823 | case NID_rc4: | ||
| 824 | case NID_rc4_40: | ||
| 825 | return NID_rc4; | ||
| 826 | |||
| 827 | case NID_aes_128_cfb128: | ||
| 828 | case NID_aes_128_cfb8: | ||
| 829 | case NID_aes_128_cfb1: | ||
| 830 | return NID_aes_128_cfb128; | ||
| 831 | |||
| 832 | case NID_aes_192_cfb128: | ||
| 833 | case NID_aes_192_cfb8: | ||
| 834 | case NID_aes_192_cfb1: | ||
| 835 | return NID_aes_192_cfb128; | ||
| 836 | |||
| 837 | case NID_aes_256_cfb128: | ||
| 838 | case NID_aes_256_cfb8: | ||
| 839 | case NID_aes_256_cfb1: | ||
| 840 | return NID_aes_256_cfb128; | ||
| 841 | |||
| 842 | case NID_des_cfb64: | ||
| 843 | case NID_des_cfb8: | ||
| 844 | case NID_des_cfb1: | ||
| 845 | return NID_des_cfb64; | ||
| 846 | |||
| 847 | case NID_des_ede3_cfb64: | ||
| 848 | case NID_des_ede3_cfb8: | ||
| 849 | case NID_des_ede3_cfb1: | ||
| 850 | return NID_des_cfb64; | ||
| 851 | |||
| 852 | default: | ||
| 853 | /* Check it has an OID and it is valid */ | ||
| 854 | if (((aobj = OBJ_nid2obj(nid)) == NULL) || aobj->data == NULL) | ||
| 855 | nid = NID_undef; | ||
| 856 | |||
| 857 | ASN1_OBJECT_free(aobj); | ||
| 858 | |||
| 859 | return nid; | ||
| 860 | } | ||
| 861 | } | ||
| 862 | |||
| 863 | int | ||
| 864 | EVP_CIPHER_block_size(const EVP_CIPHER *cipher) | 744 | EVP_CIPHER_block_size(const EVP_CIPHER *cipher) |
| 865 | { | 745 | { |
| 866 | return cipher->block_size; | 746 | return cipher->block_size; |
| @@ -1036,6 +916,130 @@ EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags) | |||
| 1036 | return (ctx->flags & flags); | 916 | return (ctx->flags & flags); |
| 1037 | } | 917 | } |
| 1038 | 918 | ||
| 919 | /* | ||
| 920 | * Used by CMS and its predecessors. Only GOST and RC2 have a custom method. | ||
| 921 | */ | ||
| 922 | |||
| 923 | int | ||
| 924 | EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type) | ||
| 925 | { | ||
| 926 | int ret; | ||
| 927 | |||
| 928 | if (ctx->cipher->set_asn1_parameters != NULL) | ||
| 929 | ret = ctx->cipher->set_asn1_parameters(ctx, type); | ||
| 930 | else if (ctx->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) | ||
| 931 | ret = EVP_CIPHER_set_asn1_iv(ctx, type); | ||
| 932 | else | ||
| 933 | ret = -1; | ||
| 934 | return (ret); | ||
| 935 | } | ||
| 936 | |||
| 937 | int | ||
| 938 | EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type) | ||
| 939 | { | ||
| 940 | int ret; | ||
| 941 | |||
| 942 | if (ctx->cipher->get_asn1_parameters != NULL) | ||
| 943 | ret = ctx->cipher->get_asn1_parameters(ctx, type); | ||
| 944 | else if (ctx->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) | ||
| 945 | ret = EVP_CIPHER_get_asn1_iv(ctx, type); | ||
| 946 | else | ||
| 947 | ret = -1; | ||
| 948 | return (ret); | ||
| 949 | } | ||
| 950 | |||
| 951 | int | ||
| 952 | EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type) | ||
| 953 | { | ||
| 954 | int i = 0; | ||
| 955 | int l; | ||
| 956 | |||
| 957 | if (type != NULL) { | ||
| 958 | l = EVP_CIPHER_CTX_iv_length(ctx); | ||
| 959 | if (l < 0 || l > sizeof(ctx->iv)) { | ||
| 960 | EVPerror(EVP_R_IV_TOO_LARGE); | ||
| 961 | return 0; | ||
| 962 | } | ||
| 963 | i = ASN1_TYPE_get_octetstring(type, ctx->oiv, l); | ||
| 964 | if (i != l) | ||
| 965 | return (-1); | ||
| 966 | else if (i > 0) | ||
| 967 | memcpy(ctx->iv, ctx->oiv, l); | ||
| 968 | } | ||
| 969 | return (i); | ||
| 970 | } | ||
| 971 | |||
| 972 | int | ||
| 973 | EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type) | ||
| 974 | { | ||
| 975 | int i = 0; | ||
| 976 | int j; | ||
| 977 | |||
| 978 | if (type != NULL) { | ||
| 979 | j = EVP_CIPHER_CTX_iv_length(ctx); | ||
| 980 | if (j < 0 || j > sizeof(ctx->iv)) { | ||
| 981 | EVPerror(EVP_R_IV_TOO_LARGE); | ||
| 982 | return 0; | ||
| 983 | } | ||
| 984 | i = ASN1_TYPE_set_octetstring(type, ctx->oiv, j); | ||
| 985 | } | ||
| 986 | return (i); | ||
| 987 | } | ||
| 988 | |||
| 989 | /* Convert the various cipher NIDs and dummies to a proper OID NID */ | ||
| 990 | int | ||
| 991 | EVP_CIPHER_type(const EVP_CIPHER *cipher) | ||
| 992 | { | ||
| 993 | ASN1_OBJECT *aobj; | ||
| 994 | int nid; | ||
| 995 | |||
| 996 | nid = EVP_CIPHER_nid(cipher); | ||
| 997 | switch (nid) { | ||
| 998 | case NID_rc2_cbc: | ||
| 999 | case NID_rc2_64_cbc: | ||
| 1000 | case NID_rc2_40_cbc: | ||
| 1001 | return NID_rc2_cbc; | ||
| 1002 | |||
| 1003 | case NID_rc4: | ||
| 1004 | case NID_rc4_40: | ||
| 1005 | return NID_rc4; | ||
| 1006 | |||
| 1007 | case NID_aes_128_cfb128: | ||
| 1008 | case NID_aes_128_cfb8: | ||
| 1009 | case NID_aes_128_cfb1: | ||
| 1010 | return NID_aes_128_cfb128; | ||
| 1011 | |||
| 1012 | case NID_aes_192_cfb128: | ||
| 1013 | case NID_aes_192_cfb8: | ||
| 1014 | case NID_aes_192_cfb1: | ||
| 1015 | return NID_aes_192_cfb128; | ||
| 1016 | |||
| 1017 | case NID_aes_256_cfb128: | ||
| 1018 | case NID_aes_256_cfb8: | ||
| 1019 | case NID_aes_256_cfb1: | ||
| 1020 | return NID_aes_256_cfb128; | ||
| 1021 | |||
| 1022 | case NID_des_cfb64: | ||
| 1023 | case NID_des_cfb8: | ||
| 1024 | case NID_des_cfb1: | ||
| 1025 | return NID_des_cfb64; | ||
| 1026 | |||
| 1027 | case NID_des_ede3_cfb64: | ||
| 1028 | case NID_des_ede3_cfb8: | ||
| 1029 | case NID_des_ede3_cfb1: | ||
| 1030 | return NID_des_cfb64; | ||
| 1031 | |||
| 1032 | default: | ||
| 1033 | /* Check it has an OID and it is valid */ | ||
| 1034 | if (((aobj = OBJ_nid2obj(nid)) == NULL) || aobj->data == NULL) | ||
| 1035 | nid = NID_undef; | ||
| 1036 | |||
| 1037 | ASN1_OBJECT_free(aobj); | ||
| 1038 | |||
| 1039 | return nid; | ||
| 1040 | } | ||
| 1041 | } | ||
| 1042 | |||
| 1039 | EVP_CIPHER * | 1043 | EVP_CIPHER * |
| 1040 | EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len) | 1044 | EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len) |
| 1041 | { | 1045 | { |