2 * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 RCSID("$Id: evp.c 23144 2008-04-29 05:47:16Z lha $");
42 #include <sys/types.h>
50 #include <krb5-types.h>
63 * @page page_evp EVP - generic crypto interface
65 * See the library functions here: @ref hcrypto_evp
69 typedef int (*evp_md_init)(EVP_MD_CTX *);
70 typedef int (*evp_md_update)(EVP_MD_CTX *,const void *, size_t);
71 typedef int (*evp_md_final)(void *, EVP_MD_CTX *);
72 typedef int (*evp_md_cleanup)(EVP_MD_CTX *);
81 evp_md_cleanup cleanup;
84 struct hc_EVP_MD_CTX {
92 * Return the output size of the message digest function.
94 * @param md the evp message
96 * @return size output size of the message digest function.
98 * @ingroup hcrypto_evp
102 EVP_MD_size(const EVP_MD *md)
104 return md->hash_size;
108 * Return the blocksize of the message digest function.
110 * @param md the evp message
112 * @return size size of the message digest block size
114 * @ingroup hcrypto_evp
118 EVP_MD_block_size(const EVP_MD *md)
120 return md->block_size;
124 * Allocate a messsage digest context object. Free with
125 * EVP_MD_CTX_destroy().
127 * @return a newly allocated message digest context object.
129 * @ingroup hcrypto_evp
133 EVP_MD_CTX_create(void)
135 return calloc(1, sizeof(EVP_MD_CTX));
139 * Initiate a messsage digest context object. Deallocate with
140 * EVP_MD_CTX_cleanup(). Please use EVP_MD_CTX_create() instead.
142 * @param ctx variable to initiate.
144 * @ingroup hcrypto_evp
148 EVP_MD_CTX_init(EVP_MD_CTX *ctx)
150 memset(ctx, 0, sizeof(*ctx));
154 * Free a messsage digest context object.
156 * @param ctx context to free.
158 * @ingroup hcrypto_evp
162 EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
164 EVP_MD_CTX_cleanup(ctx);
169 * Free the resources used by the EVP_MD context.
171 * @param ctx the context to free the resources from.
173 * @return 1 on success.
175 * @ingroup hcrypto_evp
179 EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
181 if (ctx->md && ctx->md->cleanup)
182 (ctx->md->cleanup)(ctx);
186 memset(ctx, 0, sizeof(*ctx));
191 * Get the EVP_MD use for a specified context.
193 * @param ctx the EVP_MD context to get the EVP_MD for.
195 * @return the EVP_MD used for the context.
197 * @ingroup hcrypto_evp
201 EVP_MD_CTX_md(EVP_MD_CTX *ctx)
207 * Return the output size of the message digest function.
209 * @param ctx the evp message digest context
211 * @return size output size of the message digest function.
213 * @ingroup hcrypto_evp
217 EVP_MD_CTX_size(EVP_MD_CTX *ctx)
219 return EVP_MD_size(ctx->md);
223 * Return the blocksize of the message digest function.
225 * @param ctx the evp message digest context
227 * @return size size of the message digest block size
229 * @ingroup hcrypto_evp
233 EVP_MD_CTX_block_size(EVP_MD_CTX *ctx)
235 return EVP_MD_block_size(ctx->md);
239 * Init a EVP_MD_CTX for use a specific message digest and engine.
241 * @param ctx the message digest context to init.
242 * @param md the message digest to use.
243 * @param engine the engine to use, NULL to use the default engine.
245 * @return 1 on success.
247 * @ingroup hcrypto_evp
251 EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *md, ENGINE *engine)
253 if (ctx->md != md || ctx->engine != engine) {
254 EVP_MD_CTX_cleanup(ctx);
256 ctx->engine = engine;
258 ctx->ptr = calloc(1, md->ctx_size);
259 if (ctx->ptr == NULL)
262 (ctx->md->init)(ctx->ptr);
267 * Update the digest with some data.
269 * @param ctx the context to update
270 * @param data the data to update the context with
271 * @param size length of data
273 * @return 1 on success.
275 * @ingroup hcrypto_evp
279 EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t size)
281 (ctx->md->update)(ctx->ptr, data, size);
286 * Complete the message digest.
288 * @param ctx the context to complete.
289 * @param hash the output of the message digest function. At least
291 * @param size the output size of hash.
293 * @return 1 on success.
295 * @ingroup hcrypto_evp
299 EVP_DigestFinal_ex(EVP_MD_CTX *ctx, void *hash, unsigned int *size)
301 (ctx->md->final)(hash, ctx->ptr);
303 *size = ctx->md->hash_size;
308 * Do the whole EVP_MD_CTX_create(), EVP_DigestInit_ex(),
309 * EVP_DigestUpdate(), EVP_DigestFinal_ex(), EVP_MD_CTX_destroy()
312 * @param data the data to update the context with
313 * @param dsize length of data
314 * @param hash output data of at least EVP_MD_size() length.
315 * @param hsize output length of hash.
316 * @param md message digest to use
317 * @param engine engine to use, NULL for default engine.
319 * @return 1 on success.
321 * @ingroup hcrypto_evp
325 EVP_Digest(const void *data, size_t dsize, void *hash, unsigned int *hsize,
326 const EVP_MD *md, ENGINE *engine)
331 ctx = EVP_MD_CTX_create();
334 ret = EVP_DigestInit_ex(ctx, md, engine);
336 EVP_MD_CTX_destroy(ctx);
339 ret = EVP_DigestUpdate(ctx, data, dsize);
341 EVP_MD_CTX_destroy(ctx);
344 ret = EVP_DigestFinal_ex(ctx, hash, hsize);
345 EVP_MD_CTX_destroy(ctx);
350 * The message digest SHA256
352 * @return the message digest type.
354 * @ingroup hcrypto_evp
360 static const struct hc_evp_md sha256 = {
364 (evp_md_init)SHA256_Init,
365 (evp_md_update)SHA256_Update,
366 (evp_md_final)SHA256_Final,
372 static const struct hc_evp_md sha1 = {
376 (evp_md_init)SHA1_Init,
377 (evp_md_update)SHA1_Update,
378 (evp_md_final)SHA1_Final,
383 * The message digest SHA1
385 * @return the message digest type.
387 * @ingroup hcrypto_evp
397 * The message digest SHA1
399 * @return the message digest type.
401 * @ingroup hcrypto_evp
411 * The message digest MD5
413 * @return the message digest type.
415 * @ingroup hcrypto_evp
421 static const struct hc_evp_md md5 = {
425 (evp_md_init)MD5_Init,
426 (evp_md_update)MD5_Update,
427 (evp_md_final)MD5_Final,
434 * The message digest MD4
436 * @return the message digest type.
438 * @ingroup hcrypto_evp
444 static const struct hc_evp_md md4 = {
448 (evp_md_init)MD4_Init,
449 (evp_md_update)MD4_Update,
450 (evp_md_final)MD4_Final,
457 * The message digest MD2
459 * @return the message digest type.
461 * @ingroup hcrypto_evp
467 static const struct hc_evp_md md2 = {
471 (evp_md_init)MD2_Init,
472 (evp_md_update)MD2_Update,
473 (evp_md_final)MD2_Final,
488 null_Update (void *m, const void * data, size_t size)
492 null_Final(void *res, void *m)
497 * The null message digest
499 * @return the message digest type.
501 * @ingroup hcrypto_evp
507 static const struct hc_evp_md null = {
511 (evp_md_init)null_Init,
512 (evp_md_update)null_Update,
513 (evp_md_final)null_Final,
520 int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
521 int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
522 int EVP_SignFinal(EVP_MD_CTX *, void *, size_t *, EVP_PKEY *);
523 int EVP_VerifyFinal(EVP_MD_CTX *, const void *, size_t, EVP_PKEY *);
527 * Return the block size of the cipher.
529 * @param c cipher to get the block size from.
531 * @return the block size of the cipher.
533 * @ingroup hcrypto_evp
537 EVP_CIPHER_block_size(const EVP_CIPHER *c)
539 return c->block_size;
543 * Return the key size of the cipher.
545 * @param c cipher to get the key size from.
547 * @return the key size of the cipher.
549 * @ingroup hcrypto_evp
553 EVP_CIPHER_key_length(const EVP_CIPHER *c)
559 * Return the IV size of the cipher.
561 * @param c cipher to get the IV size from.
563 * @return the IV size of the cipher.
565 * @ingroup hcrypto_evp
569 EVP_CIPHER_iv_length(const EVP_CIPHER *c)
575 * Initiate a EVP_CIPHER_CTX context. Clean up with
576 * EVP_CIPHER_CTX_cleanup().
578 * @param c the cipher initiate.
580 * @ingroup hcrypto_evp
584 EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *c)
586 memset(c, 0, sizeof(*c));
590 * Clean up the EVP_CIPHER_CTX context.
592 * @param c the cipher to clean up.
594 * @return 1 on success.
596 * @ingroup hcrypto_evp
600 EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
602 if (c->cipher && c->cipher->cleanup)
603 c->cipher->cleanup(c);
604 if (c->cipher_data) {
605 free(c->cipher_data);
606 c->cipher_data = NULL;
613 EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int length)
619 EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad)
626 * Return the EVP_CIPHER for a EVP_CIPHER_CTX context.
628 * @param ctx the context to get the cipher type from.
630 * @return the EVP_CIPHER pointer.
632 * @ingroup hcrypto_evp
636 EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX *ctx)
642 * Return the block size of the cipher context.
644 * @param ctx cipher context to get the block size from.
646 * @return the block size of the cipher context.
648 * @ingroup hcrypto_evp
652 EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
654 return EVP_CIPHER_block_size(ctx->cipher);
658 * Return the key size of the cipher context.
660 * @param ctx cipher context to get the key size from.
662 * @return the key size of the cipher context.
664 * @ingroup hcrypto_evp
668 EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
670 return EVP_CIPHER_key_length(ctx->cipher);
674 * Return the IV size of the cipher context.
676 * @param ctx cipher context to get the IV size from.
678 * @return the IV size of the cipher context.
680 * @ingroup hcrypto_evp
684 EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
686 return EVP_CIPHER_iv_length(ctx->cipher);
690 * Get the flags for an EVP_CIPHER_CTX context.
692 * @param ctx the EVP_CIPHER_CTX to get the flags from
694 * @return the flags for an EVP_CIPHER_CTX.
696 * @ingroup hcrypto_evp
700 EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
702 return ctx->cipher->flags;
706 * Get the mode for an EVP_CIPHER_CTX context.
708 * @param ctx the EVP_CIPHER_CTX to get the mode from
710 * @return the mode for an EVP_CIPHER_CTX.
712 * @ingroup hcrypto_evp
716 EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx)
718 return EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_MODE;
722 * Get the app data for an EVP_CIPHER_CTX context.
724 * @param ctx the EVP_CIPHER_CTX to get the app data from
726 * @return the app data for an EVP_CIPHER_CTX.
728 * @ingroup hcrypto_evp
732 EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX *ctx)
734 return ctx->app_data;
738 * Set the app data for an EVP_CIPHER_CTX context.
740 * @param ctx the EVP_CIPHER_CTX to set the app data for
741 * @param data the app data to set for an EVP_CIPHER_CTX.
743 * @ingroup hcrypto_evp
747 EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
749 ctx->app_data = data;
753 * Initiate the EVP_CIPHER_CTX context to encrypt or decrypt data.
754 * Clean up with EVP_CIPHER_CTX_cleanup().
756 * @param ctx context to initiate
757 * @param c cipher to use.
758 * @param engine crypto engine to use, NULL to select default.
759 * @param key the crypto key to use, NULL will use the previous value.
760 * @param iv the IV to use, NULL will use the previous value.
761 * @param encp non zero will encrypt, -1 use the previous value.
763 * @return 1 on success.
765 * @ingroup hcrypto_evp
769 EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *c, ENGINE *engine,
770 const void *key, const void *iv, int encp)
775 ctx->encrypt = (encp ? 1 : 0);
777 if (c && (c != ctx->cipher)) {
778 EVP_CIPHER_CTX_cleanup(ctx);
780 ctx->key_len = c->key_len;
782 ctx->cipher_data = malloc(c->ctx_size);
783 if (ctx->cipher_data == NULL && c->ctx_size != 0)
786 } else if (ctx->cipher == NULL) {
787 /* reuse of cipher, but not any cipher ever set! */
791 switch (EVP_CIPHER_CTX_flags(ctx)) {
792 case EVP_CIPH_CBC_MODE:
794 assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof(ctx->iv));
797 memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
798 memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
804 if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT))
805 ctx->cipher->init(ctx, key, iv, encp);
811 * Encypher/decypher data
813 * @param ctx the cipher context.
814 * @param out out data from the operation.
815 * @param in in data to the operation.
816 * @param size length of data.
818 * @return 1 on success.
822 EVP_Cipher(EVP_CIPHER_CTX *ctx, void *out, const void *in,size_t size)
824 return ctx->cipher->do_cipher(ctx, out, in, size);
832 enc_null_init(EVP_CIPHER_CTX *ctx,
833 const unsigned char * key,
834 const unsigned char * iv,
841 enc_null_do_cipher(EVP_CIPHER_CTX *ctx,
843 const unsigned char *in,
846 memmove(out, in, size);
851 enc_null_cleanup(EVP_CIPHER_CTX *ctx)
857 * The NULL cipher type, does no encryption/decryption.
859 * @return the null EVP_CIPHER pointer.
861 * @ingroup hcrypto_evp
867 static const EVP_CIPHER enc_null = {
890 unsigned int maximum_effective_key;
895 rc2_init(EVP_CIPHER_CTX *ctx,
896 const unsigned char * key,
897 const unsigned char * iv,
900 struct rc2_cbc *k = ctx->cipher_data;
901 k->maximum_effective_key = EVP_CIPHER_CTX_key_length(ctx) * 8;
903 EVP_CIPHER_CTX_key_length(ctx),
905 k->maximum_effective_key);
910 rc2_do_cipher(EVP_CIPHER_CTX *ctx,
912 const unsigned char *in,
915 struct rc2_cbc *k = ctx->cipher_data;
916 RC2_cbc_encrypt(in, out, size, &k->key, ctx->iv, ctx->encrypt);
921 rc2_cleanup(EVP_CIPHER_CTX *ctx)
923 memset(ctx->cipher_data, 0, sizeof(struct rc2_cbc));
928 * The RC2 cipher type
930 * @return the RC2 EVP_CIPHER pointer.
932 * @ingroup hcrypto_evp
938 static const EVP_CIPHER rc2_cbc = {
947 sizeof(struct rc2_cbc),
957 * The RC2-40 cipher type
959 * @return the RC2-40 EVP_CIPHER pointer.
961 * @ingroup hcrypto_evp
967 static const EVP_CIPHER rc2_40_cbc = {
976 sizeof(struct rc2_cbc),
986 * The RC2-64 cipher type
988 * @return the RC2-64 EVP_CIPHER pointer.
990 * @ingroup hcrypto_evp
996 static const EVP_CIPHER rc2_64_cbc = {
1005 sizeof(struct rc2_cbc),
1015 * The RC4 cipher type
1017 * @return the RC4 EVP_CIPHER pointer.
1019 * @ingroup hcrypto_evp
1025 printf("evp rc4\n");
1031 * The RC4-40 cipher type
1033 * @return the RC4-40 EVP_CIPHER pointer.
1035 * @ingroup hcrypto_evp
1041 printf("evp rc4_40\n");
1050 struct des_ede3_cbc {
1051 DES_key_schedule ks[3];
1055 des_ede3_cbc_init(EVP_CIPHER_CTX *ctx,
1056 const unsigned char * key,
1057 const unsigned char * iv,
1060 struct des_ede3_cbc *k = ctx->cipher_data;
1063 memcpy(&deskey, key, sizeof(deskey));
1064 DES_set_odd_parity(&deskey);
1065 DES_set_key_unchecked(&deskey, &k->ks[0]);
1067 memcpy(&deskey, key + 8, sizeof(deskey));
1068 DES_set_odd_parity(&deskey);
1069 DES_set_key_unchecked(&deskey, &k->ks[1]);
1071 memcpy(&deskey, key + 16, sizeof(deskey));
1072 DES_set_odd_parity(&deskey);
1073 DES_set_key_unchecked(&deskey, &k->ks[2]);
1079 des_ede3_cbc_do_cipher(EVP_CIPHER_CTX *ctx,
1081 const unsigned char *in,
1084 struct des_ede3_cbc *k = ctx->cipher_data;
1085 DES_ede3_cbc_encrypt(in, out, size,
1086 &k->ks[0], &k->ks[1], &k->ks[2],
1087 (DES_cblock *)ctx->iv, ctx->encrypt);
1092 des_ede3_cbc_cleanup(EVP_CIPHER_CTX *ctx)
1094 memset(ctx->cipher_data, 0, sizeof(struct des_ede3_cbc));
1099 * The tripple DES cipher type
1101 * @return the DES-EDE3-CBC EVP_CIPHER pointer.
1103 * @ingroup hcrypto_evp
1107 EVP_des_ede3_cbc(void)
1109 static const EVP_CIPHER des_ede3_cbc = {
1116 des_ede3_cbc_do_cipher,
1117 des_ede3_cbc_cleanup,
1118 sizeof(struct des_ede3_cbc),
1124 return &des_ede3_cbc;
1132 aes_init(EVP_CIPHER_CTX *ctx,
1133 const unsigned char * key,
1134 const unsigned char * iv,
1137 AES_KEY *k = ctx->cipher_data;
1139 AES_set_encrypt_key(key, ctx->cipher->key_len * 8, k);
1141 AES_set_decrypt_key(key, ctx->cipher->key_len * 8, k);
1146 aes_do_cipher(EVP_CIPHER_CTX *ctx,
1148 const unsigned char *in,
1151 AES_KEY *k = ctx->cipher_data;
1152 AES_cbc_encrypt(in, out, size, k, ctx->iv, ctx->encrypt);
1157 aes_cleanup(EVP_CIPHER_CTX *ctx)
1159 memset(ctx->cipher_data, 0, sizeof(AES_KEY));
1164 * The AES-128 cipher type
1166 * @return the AES-128 EVP_CIPHER pointer.
1168 * @ingroup hcrypto_evp
1172 EVP_aes_128_cbc(void)
1174 static const EVP_CIPHER aes_128_cbc = {
1189 return &aes_128_cbc;
1193 * The AES-192 cipher type
1195 * @return the AES-192 EVP_CIPHER pointer.
1197 * @ingroup hcrypto_evp
1201 EVP_aes_192_cbc(void)
1203 static const EVP_CIPHER aes_192_cbc = {
1218 return &aes_192_cbc;
1222 * The AES-256 cipher type
1224 * @return the AES-256 EVP_CIPHER pointer.
1226 * @ingroup hcrypto_evp
1230 EVP_aes_256_cbc(void)
1232 static const EVP_CIPHER aes_256_cbc = {
1247 return &aes_256_cbc;
1251 camellia_init(EVP_CIPHER_CTX *ctx,
1252 const unsigned char * key,
1253 const unsigned char * iv,
1256 CAMELLIA_KEY *k = ctx->cipher_data;
1257 k->bits = ctx->cipher->key_len * 8;
1258 CAMELLIA_set_key(key, ctx->cipher->key_len * 8, k);
1263 camellia_do_cipher(EVP_CIPHER_CTX *ctx,
1265 const unsigned char *in,
1268 CAMELLIA_KEY *k = ctx->cipher_data;
1269 CAMELLIA_cbc_encrypt(in, out, size, k, ctx->iv, ctx->encrypt);
1274 camellia_cleanup(EVP_CIPHER_CTX *ctx)
1276 memset(ctx->cipher_data, 0, sizeof(CAMELLIA_KEY));
1281 * The Camellia-128 cipher type
1283 * @return the Camellia-128 EVP_CIPHER pointer.
1285 * @ingroup hcrypto_evp
1289 EVP_camellia_128_cbc(void)
1291 static const EVP_CIPHER cipher = {
1300 sizeof(CAMELLIA_KEY),
1310 * The Camellia-198 cipher type
1312 * @return the Camellia-198 EVP_CIPHER pointer.
1314 * @ingroup hcrypto_evp
1318 EVP_camellia_192_cbc(void)
1320 static const EVP_CIPHER cipher = {
1329 sizeof(CAMELLIA_KEY),
1339 * The Camellia-256 cipher type
1341 * @return the Camellia-256 EVP_CIPHER pointer.
1343 * @ingroup hcrypto_evp
1347 EVP_camellia_256_cbc(void)
1349 static const EVP_CIPHER cipher = {
1358 sizeof(CAMELLIA_KEY),
1371 static const struct cipher_name {
1373 const EVP_CIPHER *(*func)(void);
1375 { "des-ede3-cbc", EVP_des_ede3_cbc },
1376 { "aes-128-cbc", EVP_aes_128_cbc },
1377 { "aes-192-cbc", EVP_aes_192_cbc },
1378 { "aes-256-cbc", EVP_aes_256_cbc },
1379 { "camellia-128-cbc", EVP_camellia_128_cbc },
1380 { "camellia-192-cbc", EVP_camellia_192_cbc },
1381 { "camellia-256-cbc", EVP_camellia_256_cbc }
1385 * Get the cipher type using their name.
1387 * @param name the name of the cipher.
1389 * @return the selected EVP_CIPHER pointer or NULL if not found.
1391 * @ingroup hcrypto_evp
1395 EVP_get_cipherbyname(const char *name)
1398 for (i = 0; i < sizeof(cipher_name)/sizeof(cipher_name[0]); i++) {
1399 if (strcasecmp(cipher_name[i].name, name) == 0)
1400 return (*cipher_name[i].func)();
1411 #define min(a,b) (((a)>(b))?(b):(a))
1415 * Provides a legancy string to key function, used in PEM files.
1417 * New protocols should use new string to key functions like NIST
1418 * SP56-800A or PKCS#5 v2.0 (see PKCS5_PBKDF2_HMAC_SHA1()).
1420 * @param type type of cipher to use
1421 * @param md message digest to use
1422 * @param salt salt salt string, should be an binary 8 byte buffer.
1423 * @param data the password/input key string.
1424 * @param datalen length of data parameter.
1425 * @param count iteration counter.
1426 * @param keydata output keydata, needs to of the size EVP_CIPHER_key_length().
1427 * @param ivdata output ivdata, needs to of the size EVP_CIPHER_block_size().
1429 * @return the size of derived key.
1431 * @ingroup hcrypto_evp
1435 EVP_BytesToKey(const EVP_CIPHER *type,
1438 const void *data, size_t datalen,
1443 int ivlen, keylen, first = 0;
1444 unsigned int mds = 0, i;
1445 unsigned char *key = keydata;
1446 unsigned char *iv = ivdata;
1450 keylen = EVP_CIPHER_key_length(type);
1451 ivlen = EVP_CIPHER_iv_length(type);
1456 buf = malloc(EVP_MD_size(md));
1460 EVP_MD_CTX_init(&c);
1464 EVP_DigestInit_ex(&c, md, NULL);
1466 EVP_DigestUpdate(&c, buf, mds);
1468 EVP_DigestUpdate(&c,data,datalen);
1470 #define PKCS5_SALT_LEN 8
1473 EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN);
1475 EVP_DigestFinal_ex(&c, buf, &mds);
1476 assert(mds == EVP_MD_size(md));
1478 for (i = 1; i < count; i++) {
1479 EVP_DigestInit_ex(&c, md, NULL);
1480 EVP_DigestUpdate(&c, buf, mds);
1481 EVP_DigestFinal_ex(&c, buf, &mds);
1482 assert(mds == EVP_MD_size(md));
1487 size_t sz = min(keylen, mds);
1489 memcpy(key, buf, sz);
1495 if (ivlen && mds > i) {
1496 size_t sz = min(ivlen, (mds - i));
1498 memcpy(iv, &buf[i], sz);
1503 if (keylen == 0 && ivlen == 0)
1507 EVP_MD_CTX_cleanup(&c);
1510 return EVP_CIPHER_key_length(type);
1514 * Add all algorithms to the crypto core.
1516 * @ingroup hcrypto_core
1520 OpenSSL_add_all_algorithms(void)
1526 * Add all algorithms to the crypto core using configuration file.
1528 * @ingroup hcrypto_core
1532 OpenSSL_add_all_algorithms_conf(void)
1538 * Add all algorithms to the crypto core, but don't use the
1539 * configuration file.
1541 * @ingroup hcrypto_core
1545 OpenSSL_add_all_algorithms_noconf(void)
git.samba.org / tprouty / samba.git / blob