1
/* crypto/evp/evp_enc.c */
2
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5
* This package is an SSL implementation written
6
* by Eric Young (eay@cryptsoft.com).
7
* The implementation was written so as to conform with Netscapes SSL.
9
* This library is free for commercial and non-commercial use as long as
10
* the following conditions are aheared to. The following conditions
11
* apply to all code found in this distribution, be it the RC4, RSA,
12
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13
* included with this distribution is covered by the same copyright terms
14
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
16
* Copyright remains Eric Young's, and as such any Copyright notices in
17
* the code are not to be removed.
18
* If this package is used in a product, Eric Young should be given attribution
19
* as the author of the parts of the library used.
20
* This can be in the form of a textual message at program startup or
21
* in documentation (online or textual) provided with the package.
23
* Redistribution and use in source and binary forms, with or without
24
* modification, are permitted provided that the following conditions
26
* 1. Redistributions of source code must retain the copyright
27
* notice, this list of conditions and the following disclaimer.
28
* 2. Redistributions in binary form must reproduce the above copyright
29
* notice, this list of conditions and the following disclaimer in the
30
* documentation and/or other materials provided with the distribution.
31
* 3. All advertising materials mentioning features or use of this software
32
* must display the following acknowledgement:
33
* "This product includes cryptographic software written by
34
* Eric Young (eay@cryptsoft.com)"
35
* The word 'cryptographic' can be left out if the rouines from the library
36
* being used are not cryptographic related :-).
37
* 4. If you include any Windows specific code (or a derivative thereof) from
38
* the apps directory (application code) you must include an acknowledgement:
39
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53
* The licence and distribution terms for any publically available version or
54
* derivative of this code cannot be changed. i.e. this code cannot simply be
55
* copied and put under another distribution licence
56
* [including the GNU Public Licence.]
61
#include <openssl/evp.h>
62
#include <openssl/err.h>
63
#include <openssl/rand.h>
64
#ifndef OPENSSL_NO_ENGINE
65
#include <openssl/engine.h>
70
#define M_do_cipher(ctx, out, in, inl) \
71
EVP_Cipher(ctx,out,in,inl)
73
#define M_do_cipher(ctx, out, in, inl) \
74
ctx->cipher->do_cipher(ctx,out,in,inl)
77
const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT;
79
EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
81
EVP_CIPHER_CTX *ctx=OPENSSL_malloc(sizeof *ctx);
83
EVP_CIPHER_CTX_init(ctx);
87
int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
88
const unsigned char *key, const unsigned char *iv, int enc)
91
EVP_CIPHER_CTX_init(ctx);
92
return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc);
95
int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
96
const unsigned char *in, int inl)
99
return EVP_EncryptUpdate(ctx,out,outl,in,inl);
100
else return EVP_DecryptUpdate(ctx,out,outl,in,inl);
103
int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
106
return EVP_EncryptFinal_ex(ctx,out,outl);
107
else return EVP_DecryptFinal_ex(ctx,out,outl);
110
int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
113
return EVP_EncryptFinal(ctx,out,outl);
114
else return EVP_DecryptFinal(ctx,out,outl);
117
int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
118
const unsigned char *key, const unsigned char *iv)
120
return EVP_CipherInit(ctx, cipher, key, iv, 1);
123
int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
124
const unsigned char *key, const unsigned char *iv)
126
return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
129
int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
130
const unsigned char *key, const unsigned char *iv)
132
return EVP_CipherInit(ctx, cipher, key, iv, 0);
135
int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
136
const unsigned char *key, const unsigned char *iv)
138
return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
141
int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
142
const unsigned char *in, int inl)
152
if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0)
154
if(M_do_cipher(ctx,out,in,inl))
166
bl=ctx->cipher->block_size;
167
OPENSSL_assert(bl <= (int)sizeof(ctx->buf));
172
memcpy(&(ctx->buf[i]),in,inl);
180
memcpy(&(ctx->buf[i]),in,j);
181
if(!M_do_cipher(ctx,out,ctx->buf,bl)) return 0;
194
if(!M_do_cipher(ctx,out,in,inl)) return 0;
199
memcpy(ctx->buf,&(in[inl]),i);
204
int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
207
ret = EVP_EncryptFinal_ex(ctx, out, outl);
211
int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
214
unsigned int i, b, bl;
216
b=ctx->cipher->block_size;
217
OPENSSL_assert(b <= sizeof ctx->buf);
224
if (ctx->flags & EVP_CIPH_NO_PADDING)
228
EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
238
ret=M_do_cipher(ctx,out,ctx->buf,b);
247
int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
248
const unsigned char *in, int inl)
259
if (ctx->flags & EVP_CIPH_NO_PADDING)
260
return EVP_EncryptUpdate(ctx, out, outl, in, inl);
262
b=ctx->cipher->block_size;
263
OPENSSL_assert(b <= sizeof ctx->final);
267
memcpy(out,ctx->final,b);
275
if(!EVP_EncryptUpdate(ctx,out,outl,in,inl))
278
/* if we have 'decrypted' a multiple of block size, make sure
279
* we have a copy of this last block */
280
if (b > 1 && !ctx->buf_len)
284
memcpy(ctx->final,&out[*outl],b);
295
int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
298
ret = EVP_DecryptFinal_ex(ctx, out, outl);
302
int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
308
b=ctx->cipher->block_size;
309
if (ctx->flags & EVP_CIPH_NO_PADDING)
313
EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
321
if (ctx->buf_len || !ctx->final_used)
323
EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
326
OPENSSL_assert(b <= sizeof ctx->final);
328
if (n == 0 || n > (int)b)
330
EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
335
if (ctx->final[--b] != n)
337
EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
341
n=ctx->cipher->block_size-n;
343
out[i]=ctx->final[i];
351
void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
355
EVP_CIPHER_CTX_cleanup(ctx);
360
int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
362
if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
363
return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL);
364
if(c->key_len == keylen) return 1;
365
if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH))
370
EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH);
374
int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
376
if (pad) ctx->flags &= ~EVP_CIPH_NO_PADDING;
377
else ctx->flags |= EVP_CIPH_NO_PADDING;
381
int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
383
if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
384
return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
385
if (RAND_bytes(key, ctx->key_len) <= 0)
390
#ifndef OPENSSL_NO_ENGINE
394
static int do_evp_enc_engine_full(EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pcipher, ENGINE *impl)
398
if (!ENGINE_init(impl))
400
EVPerr(EVP_F_DO_EVP_ENC_ENGINE_FULL, EVP_R_INITIALIZATION_ERROR);
405
/* Ask if an ENGINE is reserved for this job */
406
impl = ENGINE_get_cipher_engine((*pcipher)->nid);
409
/* There's an ENGINE for this job ... (apparently) */
410
const EVP_CIPHER *c = ENGINE_get_cipher(impl, (*pcipher)->nid);
413
/* One positive side-effect of US's export
414
* control history, is that we should at least
415
* be able to avoid using US mispellings of
416
* "initialisation"? */
417
EVPerr(EVP_F_DO_EVP_ENC_ENGINE_FULL, EVP_R_INITIALIZATION_ERROR);
420
/* We'll use the ENGINE's private cipher definition */
422
/* Store the ENGINE functional reference so we know
423
* 'cipher' came from an ENGINE and we need to release
432
void int_EVP_CIPHER_init_engine_callbacks(void)
434
int_EVP_CIPHER_set_engine_callbacks(
435
ENGINE_finish, do_evp_enc_engine_full);