2 * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 RCSID("$Id: evp.c 22379 2007-12-29 11:13:26Z lha $");
40 #include <sys/types.h>
48 #include <krb5-types.h>
61 * @page page_evp EVP - generic crypto interface
63 * See the library functions here: @ref hcrypto_evp
67 typedef int (*evp_md_init)(EVP_MD_CTX *);
68 typedef int (*evp_md_update)(EVP_MD_CTX *,const void *, size_t);
69 typedef int (*evp_md_final)(void *, EVP_MD_CTX *);
70 typedef int (*evp_md_cleanup)(EVP_MD_CTX *);
79 evp_md_cleanup cleanup;
83 * Return the output size of the message digest function.
85 * @param md the evp message
87 * @return size output size of the message digest function.
89 * @ingroup hcrypto_evp
93 EVP_MD_size(const EVP_MD *md)
99 * Return the blocksize of the message digest function.
101 * @param md the evp message
103 * @return size size of the message digest block size
105 * @ingroup hcrypto_evp
109 EVP_MD_block_size(const EVP_MD *md)
111 return md->block_size;
115 * Allocate a messsage digest context object. Free with
116 * EVP_MD_CTX_destroy().
118 * @return a newly allocated message digest context object.
120 * @ingroup hcrypto_evp
124 EVP_MD_CTX_create(void)
126 return calloc(1, sizeof(EVP_MD_CTX));
130 * Initiate a messsage digest context object. Deallocate with
131 * EVP_MD_CTX_cleanup(). Please use EVP_MD_CTX_create() instead.
133 * @param ctx variable to initiate.
135 * @ingroup hcrypto_evp
139 EVP_MD_CTX_init(EVP_MD_CTX *ctx)
141 memset(ctx, 0, sizeof(*ctx));
145 * Free a messsage digest context object.
147 * @param ctx context to free.
149 * @ingroup hcrypto_evp
153 EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
155 EVP_MD_CTX_cleanup(ctx);
160 * Free the resources used by the EVP_MD context.
162 * @param ctx the context to free the resources from.
164 * @return 1 on success.
166 * @ingroup hcrypto_evp
170 EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
172 if (ctx->md && ctx->md->cleanup)
173 (ctx->md->cleanup)(ctx);
177 memset(ctx, 0, sizeof(*ctx));
182 * Get the EVP_MD use for a specified context.
184 * @param ctx the EVP_MD context to get the EVP_MD for.
186 * @return the EVP_MD used for the context.
188 * @ingroup hcrypto_evp
192 EVP_MD_CTX_md(EVP_MD_CTX *ctx)
198 * Return the output size of the message digest function.
200 * @param ctx the evp message digest context
202 * @return size output size of the message digest function.
204 * @ingroup hcrypto_evp
208 EVP_MD_CTX_size(EVP_MD_CTX *ctx)
210 return EVP_MD_size(ctx->md);
214 * Return the blocksize of the message digest function.
216 * @param ctx the evp message digest context
218 * @return size size of the message digest block size
220 * @ingroup hcrypto_evp
224 EVP_MD_CTX_block_size(EVP_MD_CTX *ctx)
226 return EVP_MD_block_size(ctx->md);
230 * Init a EVP_MD_CTX for use a specific message digest and engine.
232 * @param ctx the message digest context to init.
233 * @param md the message digest to use.
234 * @param engine the engine to use, NULL to use the default engine.
236 * @return 1 on success.
238 * @ingroup hcrypto_evp
242 EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *md, ENGINE *engine)
244 if (ctx->md != md || ctx->engine != engine) {
245 EVP_MD_CTX_cleanup(ctx);
247 ctx->engine = engine;
249 ctx->ptr = calloc(1, md->ctx_size);
250 if (ctx->ptr == NULL)
253 (ctx->md->init)(ctx->ptr);
258 * Update the digest with some data.
260 * @param ctx the context to update
261 * @param data the data to update the context with
262 * @param size length of data
264 * @return 1 on success.
266 * @ingroup hcrypto_evp
270 EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t size)
272 (ctx->md->update)(ctx->ptr, data, size);
277 * Complete the message digest.
279 * @param ctx the context to complete.
280 * @param hash the output of the message digest function. At least
282 * @param size the output size of hash.
284 * @return 1 on success.
286 * @ingroup hcrypto_evp
290 EVP_DigestFinal_ex(EVP_MD_CTX *ctx, void *hash, unsigned int *size)
292 (ctx->md->final)(hash, ctx->ptr);
294 *size = ctx->md->hash_size;
299 * Do the whole EVP_MD_CTX_create(), EVP_DigestInit_ex(),
300 * EVP_DigestUpdate(), EVP_DigestFinal_ex(), EVP_MD_CTX_destroy()
303 * @param data the data to update the context with
304 * @param dsize length of data
305 * @param hash output data of at least EVP_MD_size() length.
306 * @param hsize output length of hash.
307 * @param md message digest to use
308 * @param engine engine to use, NULL for default engine.
310 * @return 1 on success.
312 * @ingroup hcrypto_evp
316 EVP_Digest(const void *data, size_t dsize, void *hash, unsigned int *hsize,
317 const EVP_MD *md, ENGINE *engine)
322 ctx = EVP_MD_CTX_create();
325 ret = EVP_DigestInit_ex(ctx, md, engine);
327 EVP_MD_CTX_destroy(ctx);
330 ret = EVP_DigestUpdate(ctx, data, dsize);
332 EVP_MD_CTX_destroy(ctx);
335 ret = EVP_DigestFinal_ex(ctx, hash, hsize);
336 EVP_MD_CTX_destroy(ctx);
341 * The message digest SHA256
343 * @return the message digest type.
345 * @ingroup hcrypto_evp
351 static const struct hc_evp_md sha256 = {
355 (evp_md_init)SHA256_Init,
356 (evp_md_update)SHA256_Update,
357 (evp_md_final)SHA256_Final,
363 static const struct hc_evp_md sha1 = {
367 (evp_md_init)SHA1_Init,
368 (evp_md_update)SHA1_Update,
369 (evp_md_final)SHA1_Final,
374 * The message digest SHA1
376 * @return the message digest type.
378 * @ingroup hcrypto_evp
388 * The message digest SHA1
390 * @return the message digest type.
392 * @ingroup hcrypto_evp
402 * The message digest MD5
404 * @return the message digest type.
406 * @ingroup hcrypto_evp
412 static const struct hc_evp_md md5 = {
416 (evp_md_init)MD5_Init,
417 (evp_md_update)MD5_Update,
418 (evp_md_final)MD5_Final,
425 * The message digest MD4
427 * @return the message digest type.
429 * @ingroup hcrypto_evp
435 static const struct hc_evp_md md4 = {
439 (evp_md_init)MD4_Init,
440 (evp_md_update)MD4_Update,
441 (evp_md_final)MD4_Final,
448 * The message digest MD2
450 * @return the message digest type.
452 * @ingroup hcrypto_evp
458 static const struct hc_evp_md md2 = {
462 (evp_md_init)MD2_Init,
463 (evp_md_update)MD2_Update,
464 (evp_md_final)MD2_Final,
479 null_Update (void *m, const void * data, size_t size)
483 null_Final(void *res, void *m)
488 * The null message digest
490 * @return the message digest type.
492 * @ingroup hcrypto_evp
498 static const struct hc_evp_md null = {
502 (evp_md_init)null_Init,
503 (evp_md_update)null_Update,
504 (evp_md_final)null_Final,
511 void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
512 int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
513 int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
514 int EVP_SignFinal(EVP_MD_CTX *, void *, size_t *, EVP_PKEY *);
515 int EVP_VerifyFinal(EVP_MD_CTX *, const void *, size_t, EVP_PKEY *);
519 * Return the block size of the cipher.
521 * @param c cipher to get the block size from.
523 * @return the block size of the cipher.
525 * @ingroup hcrypto_evp
529 EVP_CIPHER_block_size(const EVP_CIPHER *c)
531 return c->block_size;
535 * Return the key size of the cipher.
537 * @param c cipher to get the key size from.
539 * @return the key size of the cipher.
541 * @ingroup hcrypto_evp
545 EVP_CIPHER_key_length(const EVP_CIPHER *c)
551 * Return the IV size of the cipher.
553 * @param c cipher to get the IV size from.
555 * @return the IV size of the cipher.
557 * @ingroup hcrypto_evp
561 EVP_CIPHER_iv_length(const EVP_CIPHER *c)
567 * Initiate a EVP_CIPHER_CTX context. Clean up with
568 * EVP_CIPHER_CTX_cleanup().
570 * @param c the cipher initiate.
572 * @ingroup hcrypto_evp
576 EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *c)
578 memset(c, 0, sizeof(*c));
582 * Clean up the EVP_CIPHER_CTX context.
584 * @param c the cipher to clean up.
586 * @return 1 on success.
588 * @ingroup hcrypto_evp
592 EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
594 if (c->cipher && c->cipher->cleanup)
595 c->cipher->cleanup(c);
596 if (c->cipher_data) {
597 free(c->cipher_data);
598 c->cipher_data = NULL;
605 EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int length)
611 EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad)
618 * Return the EVP_CIPHER for a EVP_CIPHER_CTX context.
620 * @param ctx the context to get the cipher type from.
622 * @return the EVP_CIPHER pointer.
624 * @ingroup hcrypto_evp
628 EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX *ctx)
634 * Return the block size of the cipher context.
636 * @param ctx cipher context to get the block size from.
638 * @return the block size of the cipher context.
640 * @ingroup hcrypto_evp
644 EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
646 return EVP_CIPHER_block_size(ctx->cipher);
650 * Return the key size of the cipher context.
652 * @param ctx cipher context to get the key size from.
654 * @return the key size of the cipher context.
656 * @ingroup hcrypto_evp
660 EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
662 return EVP_CIPHER_key_length(ctx->cipher);
666 * Return the IV size of the cipher context.
668 * @param ctx cipher context to get the IV size from.
670 * @return the IV size of the cipher context.
672 * @ingroup hcrypto_evp
676 EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
678 return EVP_CIPHER_iv_length(ctx->cipher);
682 * Get the flags for an EVP_CIPHER_CTX context.
684 * @param ctx the EVP_CIPHER_CTX to get the flags from
686 * @return the flags for an EVP_CIPHER_CTX.
688 * @ingroup hcrypto_evp
692 EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
694 return ctx->cipher->flags;
698 * Get the mode for an EVP_CIPHER_CTX context.
700 * @param ctx the EVP_CIPHER_CTX to get the mode from
702 * @return the mode for an EVP_CIPHER_CTX.
704 * @ingroup hcrypto_evp
708 EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx)
710 return EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_MODE;
714 * Get the app data for an EVP_CIPHER_CTX context.
716 * @param ctx the EVP_CIPHER_CTX to get the app data from
718 * @return the app data for an EVP_CIPHER_CTX.
720 * @ingroup hcrypto_evp
724 EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX *ctx)
726 return ctx->app_data;
730 * Set the app data for an EVP_CIPHER_CTX context.
732 * @param ctx the EVP_CIPHER_CTX to set the app data for
733 * @param data the app data to set for an EVP_CIPHER_CTX.
735 * @ingroup hcrypto_evp
739 EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
741 ctx->app_data = data;
745 * Initiate the EVP_CIPHER_CTX context to encrypt or decrypt data.
746 * Clean up with EVP_CIPHER_CTX_cleanup().
748 * @param ctx context to initiate
749 * @param c cipher to use.
750 * @param engine crypto engine to use, NULL to select default.
751 * @param key the crypto key to use, NULL will use the previous value.
752 * @param iv the IV to use, NULL will use the previous value.
753 * @param encp non zero will encrypt, -1 use the previous value.
755 * @return 1 on success.
757 * @ingroup hcrypto_evp
761 EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *c, ENGINE *engine,
762 const void *key, const void *iv, int encp)
767 ctx->encrypt = (encp ? 1 : 0);
769 if (c && (c != ctx->cipher)) {
770 EVP_CIPHER_CTX_cleanup(ctx);
772 ctx->key_len = c->key_len;
774 ctx->cipher_data = malloc(c->ctx_size);
775 if (ctx->cipher_data == NULL && c->ctx_size != 0)
778 } else if (ctx->cipher == NULL) {
779 /* reuse of cipher, but not any cipher ever set! */
783 switch (EVP_CIPHER_CTX_flags(ctx)) {
784 case EVP_CIPH_CBC_MODE:
786 assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof(ctx->iv));
789 memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
790 memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
796 if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT))
797 ctx->cipher->init(ctx, key, iv, encp);
803 * Encypher/decypher data
805 * @param ctx the cipher context.
806 * @param out out data from the operation.
807 * @param in in data to the operation.
808 * @param size length of data.
810 * @return 1 on success.
814 EVP_Cipher(EVP_CIPHER_CTX *ctx, void *out, const void *in,size_t size)
816 return ctx->cipher->do_cipher(ctx, out, in, size);
824 enc_null_init(EVP_CIPHER_CTX *ctx,
825 const unsigned char * key,
826 const unsigned char * iv,
833 enc_null_do_cipher(EVP_CIPHER_CTX *ctx,
835 const unsigned char *in,
838 memmove(out, in, size);
843 enc_null_cleanup(EVP_CIPHER_CTX *ctx)
849 * The NULL cipher type, does no encryption/decryption.
851 * @return the null EVP_CIPHER pointer.
853 * @ingroup hcrypto_evp
859 static const EVP_CIPHER enc_null = {
882 unsigned int maximum_effective_key;
887 rc2_init(EVP_CIPHER_CTX *ctx,
888 const unsigned char * key,
889 const unsigned char * iv,
892 struct rc2_cbc *k = ctx->cipher_data;
893 k->maximum_effective_key = EVP_CIPHER_CTX_key_length(ctx) * 8;
895 EVP_CIPHER_CTX_key_length(ctx),
897 k->maximum_effective_key);
902 rc2_do_cipher(EVP_CIPHER_CTX *ctx,
904 const unsigned char *in,
907 struct rc2_cbc *k = ctx->cipher_data;
908 RC2_cbc_encrypt(in, out, size, &k->key, ctx->iv, ctx->encrypt);
913 rc2_cleanup(EVP_CIPHER_CTX *ctx)
915 memset(ctx->cipher_data, 0, sizeof(struct rc2_cbc));
920 * The RC2 cipher type
922 * @return the RC2 EVP_CIPHER pointer.
924 * @ingroup hcrypto_evp
930 static const EVP_CIPHER rc2_cbc = {
939 sizeof(struct rc2_cbc),
949 * The RC2-40 cipher type
951 * @return the RC2-40 EVP_CIPHER pointer.
953 * @ingroup hcrypto_evp
959 static const EVP_CIPHER rc2_40_cbc = {
968 sizeof(struct rc2_cbc),
978 * The RC2-64 cipher type
980 * @return the RC2-64 EVP_CIPHER pointer.
982 * @ingroup hcrypto_evp
988 static const EVP_CIPHER rc2_64_cbc = {
997 sizeof(struct rc2_cbc),
1007 * The RC4 cipher type
1009 * @return the RC4 EVP_CIPHER pointer.
1011 * @ingroup hcrypto_evp
1017 printf("evp rc4\n");
1023 * The RC4-40 cipher type
1025 * @return the RC4-40 EVP_CIPHER pointer.
1027 * @ingroup hcrypto_evp
1033 printf("evp rc4_40\n");
1042 struct des_ede3_cbc {
1043 DES_key_schedule ks[3];
1047 des_ede3_cbc_init(EVP_CIPHER_CTX *ctx,
1048 const unsigned char * key,
1049 const unsigned char * iv,
1052 struct des_ede3_cbc *k = ctx->cipher_data;
1054 DES_key_sched((DES_cblock *)(key), &k->ks[0]);
1055 DES_key_sched((DES_cblock *)(key + 8), &k->ks[1]);
1056 DES_key_sched((DES_cblock *)(key + 16), &k->ks[2]);
1062 des_ede3_cbc_do_cipher(EVP_CIPHER_CTX *ctx,
1064 const unsigned char *in,
1067 struct des_ede3_cbc *k = ctx->cipher_data;
1068 DES_ede3_cbc_encrypt(in, out, size,
1069 &k->ks[0], &k->ks[1], &k->ks[2],
1070 (DES_cblock *)ctx->iv, ctx->encrypt);
1075 des_ede3_cbc_cleanup(EVP_CIPHER_CTX *ctx)
1077 memset(ctx->cipher_data, 0, sizeof(struct des_ede3_cbc));
1082 * The tripple DES cipher type
1084 * @return the DES-EDE3-CBC EVP_CIPHER pointer.
1086 * @ingroup hcrypto_evp
1090 EVP_des_ede3_cbc(void)
1092 static const EVP_CIPHER des_ede3_cbc = {
1099 des_ede3_cbc_do_cipher,
1100 des_ede3_cbc_cleanup,
1101 sizeof(struct des_ede3_cbc),
1107 return &des_ede3_cbc;
1115 aes_init(EVP_CIPHER_CTX *ctx,
1116 const unsigned char * key,
1117 const unsigned char * iv,
1120 AES_KEY *k = ctx->cipher_data;
1122 AES_set_encrypt_key(key, ctx->cipher->key_len * 8, k);
1124 AES_set_decrypt_key(key, ctx->cipher->key_len * 8, k);
1129 aes_do_cipher(EVP_CIPHER_CTX *ctx,
1131 const unsigned char *in,
1134 AES_KEY *k = ctx->cipher_data;
1135 AES_cbc_encrypt(in, out, size, k, ctx->iv, ctx->encrypt);
1140 aes_cleanup(EVP_CIPHER_CTX *ctx)
1142 memset(ctx->cipher_data, 0, sizeof(AES_KEY));
1147 * The AES-128 cipher type
1149 * @return the AES-128 EVP_CIPHER pointer.
1151 * @ingroup hcrypto_evp
1155 EVP_aes_128_cbc(void)
1157 static const EVP_CIPHER aes_128_cbc = {
1172 return &aes_128_cbc;
1176 * The AES-192 cipher type
1178 * @return the AES-192 EVP_CIPHER pointer.
1180 * @ingroup hcrypto_evp
1184 EVP_aes_192_cbc(void)
1186 static const EVP_CIPHER aes_192_cbc = {
1201 return &aes_192_cbc;
1205 * The AES-256 cipher type
1207 * @return the AES-256 EVP_CIPHER pointer.
1209 * @ingroup hcrypto_evp
1213 EVP_aes_256_cbc(void)
1215 static const EVP_CIPHER aes_256_cbc = {
1230 return &aes_256_cbc;
1234 camellia_init(EVP_CIPHER_CTX *ctx,
1235 const unsigned char * key,
1236 const unsigned char * iv,
1239 CAMELLIA_KEY *k = ctx->cipher_data;
1240 k->bits = ctx->cipher->key_len * 8;
1241 CAMELLIA_set_key(key, ctx->cipher->key_len * 8, k);
1246 camellia_do_cipher(EVP_CIPHER_CTX *ctx,
1248 const unsigned char *in,
1251 CAMELLIA_KEY *k = ctx->cipher_data;
1252 CAMELLIA_cbc_encrypt(in, out, size, k, ctx->iv, ctx->encrypt);
1257 camellia_cleanup(EVP_CIPHER_CTX *ctx)
1259 memset(ctx->cipher_data, 0, sizeof(CAMELLIA_KEY));
1264 * The Camellia-128 cipher type
1266 * @return the Camellia-128 EVP_CIPHER pointer.
1268 * @ingroup hcrypto_evp
1272 EVP_camellia_128_cbc(void)
1274 static const EVP_CIPHER cipher = {
1283 sizeof(CAMELLIA_KEY),
1293 * The Camellia-198 cipher type
1295 * @return the Camellia-198 EVP_CIPHER pointer.
1297 * @ingroup hcrypto_evp
1301 EVP_camellia_192_cbc(void)
1303 static const EVP_CIPHER cipher = {
1312 sizeof(CAMELLIA_KEY),
1322 * The Camellia-256 cipher type
1324 * @return the Camellia-256 EVP_CIPHER pointer.
1326 * @ingroup hcrypto_evp
1330 EVP_camellia_256_cbc(void)
1332 static const EVP_CIPHER cipher = {
1341 sizeof(CAMELLIA_KEY),
1354 static const struct cipher_name {
1356 const EVP_CIPHER *(*func)(void);
1358 { "des-ede3-cbc", EVP_des_ede3_cbc },
1359 { "aes-128-cbc", EVP_aes_128_cbc },
1360 { "aes-192-cbc", EVP_aes_192_cbc },
1361 { "aes-256-cbc", EVP_aes_256_cbc },
1362 { "camellia-128-cbc", EVP_camellia_128_cbc },
1363 { "camellia-192-cbc", EVP_camellia_192_cbc },
1364 { "camellia-256-cbc", EVP_camellia_256_cbc }
1368 * Get the cipher type using their name.
1370 * @param name the name of the cipher.
1372 * @return the selected EVP_CIPHER pointer or NULL if not found.
1374 * @ingroup hcrypto_evp
1378 EVP_get_cipherbyname(const char *name)
1381 for (i = 0; i < sizeof(cipher_name)/sizeof(cipher_name[0]); i++) {
1382 if (strcasecmp(cipher_name[i].name, name) == 0)
1383 return (*cipher_name[i].func)();
1394 #define min(a,b) (((a)>(b))?(b):(a))
1398 * Provides a legancy string to key function, used in PEM files.
1400 * New protocols should use new string to key functions like NIST
1401 * SP56-800A or PKCS#5 v2.0 (see PKCS5_PBKDF2_HMAC_SHA1()).
1403 * @param type type of cipher to use
1404 * @param md message digest to use
1405 * @param salt salt salt string, should be an binary 8 byte buffer.
1406 * @param data the password/input key string.
1407 * @param datalen length of data parameter.
1408 * @param count iteration counter.
1409 * @param keydata output keydata, needs to of the size EVP_CIPHER_key_length().
1410 * @param ivdata output ivdata, needs to of the size EVP_CIPHER_block_size().
1412 * @return the size of derived key.
1414 * @ingroup hcrypto_evp
1418 EVP_BytesToKey(const EVP_CIPHER *type,
1421 const void *data, size_t datalen,
1426 int ivlen, keylen, first = 0;
1427 unsigned int mds = 0, i;
1428 unsigned char *key = keydata;
1429 unsigned char *iv = ivdata;
1433 keylen = EVP_CIPHER_key_length(type);
1434 ivlen = EVP_CIPHER_iv_length(type);
1439 buf = malloc(EVP_MD_size(md));
1443 EVP_MD_CTX_init(&c);
1447 EVP_DigestInit_ex(&c, md, NULL);
1449 EVP_DigestUpdate(&c, buf, mds);
1451 EVP_DigestUpdate(&c,data,datalen);
1453 #define PKCS5_SALT_LEN 8
1456 EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN);
1458 EVP_DigestFinal_ex(&c, buf, &mds);
1459 assert(mds == EVP_MD_size(md));
1461 for (i = 1; i < count; i++) {
1462 EVP_DigestInit_ex(&c, md, NULL);
1463 EVP_DigestUpdate(&c, buf, mds);
1464 EVP_DigestFinal_ex(&c, buf, &mds);
1465 assert(mds == EVP_MD_size(md));
1470 size_t sz = min(keylen, mds);
1472 memcpy(key, buf, sz);
1478 if (ivlen && mds > i) {
1479 size_t sz = min(ivlen, (mds - i));
1481 memcpy(iv, &buf[i], sz);
1486 if (keylen == 0 && ivlen == 0)
1490 EVP_MD_CTX_cleanup(&c);
1493 return EVP_CIPHER_key_length(type);
1497 * Add all algorithms to the crypto core.
1499 * @ingroup hcrypto_core
1503 OpenSSL_add_all_algorithms(void)
1509 * Add all algorithms to the crypto core using configuration file.
1511 * @ingroup hcrypto_core
1515 OpenSSL_add_all_algorithms_conf(void)
1521 * Add all algorithms to the crypto core, but don't use the
1522 * configuration file.
1524 * @ingroup hcrypto_core
1528 OpenSSL_add_all_algorithms_noconf(void)
git.samba.org / samba.git / blob