Gitiles
Code Review Sign In
gerrit.openfyde.cn / boringssl.googlesource.com / boringssl / 81f030b10678bf5afd073f8898a61d469b424f6a / . / crypto / fipsmodule / cipher / cipher.c
blob: 7b00c3f2e75ed0486747aff3c893137792b27e7a [file] [log] [blame]
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2 * All rights reserved.
3 *
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
7 *
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14 *
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
21 *
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
24 * are met:
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50 * SUCH DAMAGE.
51 *
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.] */
56
57#include <openssl/cipher.h>
58
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]59#include <assert.h>
Adam Langley704453f2014-09-23 16:19:16 -0700[diff] [blame]60#include <string.h>
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]61
62#include <openssl/err.h>
63#include <openssl/mem.h>
David Benjamin98193672016-03-25 18:07:11 -0400[diff] [blame]64#include <openssl/nid.h>
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]65
66#include "internal.h"
Adam Langley2e2a2262017-05-03 13:23:37 -0700[diff] [blame]67#include "../../internal.h"
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]68
69
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]70void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) {
David Benjamin17cf2cb2016-12-13 01:07:13 -0500[diff] [blame]71 OPENSSL_memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]72}
73
74EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) {
75 EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof(EVP_CIPHER_CTX));
76 if (ctx) {
77 EVP_CIPHER_CTX_init(ctx);
78 }
79 return ctx;
80}
81
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]82int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) {
Martin Kreichgauer6dc892f2017-08-30 10:49:05 -0700[diff] [blame]83 if (c->cipher != NULL && c->cipher->cleanup) {
84 c->cipher->cleanup(c);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]85 }
David Benjamin3fa65f02015-05-15 19:11:57 -0400[diff] [blame]86 OPENSSL_free(c->cipher_data);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]87
David Benjamin17cf2cb2016-12-13 01:07:13 -0500[diff] [blame]88 OPENSSL_memset(c, 0, sizeof(EVP_CIPHER_CTX));
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]89 return 1;
90}
91
92void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) {
93 if (ctx) {
94 EVP_CIPHER_CTX_cleanup(ctx);
95 OPENSSL_free(ctx);
96 }
97}
98
99int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) {
100 if (in == NULL || in->cipher == NULL) {
David Benjamin3570d732015-06-29 00:28:17 -0400[diff] [blame]101 OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INPUT_NOT_INITIALIZED);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]102 return 0;
103 }
104
105 EVP_CIPHER_CTX_cleanup(out);
David Benjamin17cf2cb2016-12-13 01:07:13 -0500[diff] [blame]106 OPENSSL_memcpy(out, in, sizeof(EVP_CIPHER_CTX));
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]107
108 if (in->cipher_data && in->cipher->ctx_size) {
109 out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
110 if (!out->cipher_data) {
David Benjaminec1d9632017-02-09 17:45:33 -0500[diff] [blame]111 out->cipher = NULL;
David Benjamin3570d732015-06-29 00:28:17 -0400[diff] [blame]112 OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]113 return 0;
114 }
David Benjamin17cf2cb2016-12-13 01:07:13 -0500[diff] [blame]115 OPENSSL_memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]116 }
117
Adam Langley7578f3f2014-07-24 17:42:11 -0700[diff] [blame]118 if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY) {
David Benjaminec1d9632017-02-09 17:45:33 -0500[diff] [blame]119 if (!in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out)) {
120 out->cipher = NULL;
121 return 0;
122 }
Adam Langley7578f3f2014-07-24 17:42:11 -0700[diff] [blame]123 }
124
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]125 return 1;
126}
127
David Benjamin81f030b2016-08-12 14:48:19 -0400[diff] [blame^]128void EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx) {
129 EVP_CIPHER_CTX_cleanup(ctx);
130 EVP_CIPHER_CTX_init(ctx);
131}
132
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]133int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
134 ENGINE *engine, const uint8_t *key, const uint8_t *iv,
135 int enc) {
136 if (enc == -1) {
137 enc = ctx->encrypt;
138 } else {
139 if (enc) {
140 enc = 1;
141 }
142 ctx->encrypt = enc;
143 }
144
145 if (cipher) {
David Benjamin808f8322017-08-18 14:06:02 -0400[diff] [blame]146 // Ensure a context left from last time is cleared (the previous check
147 // attempted to avoid this if the same ENGINE and EVP_CIPHER could be
148 // used).
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]149 if (ctx->cipher) {
150 EVP_CIPHER_CTX_cleanup(ctx);
David Benjamin808f8322017-08-18 14:06:02 -0400[diff] [blame]151 // Restore encrypt and flags
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]152 ctx->encrypt = enc;
153 }
154
155 ctx->cipher = cipher;
156 if (ctx->cipher->ctx_size) {
157 ctx->cipher_data = OPENSSL_malloc(ctx->cipher->ctx_size);
158 if (!ctx->cipher_data) {
David Benjamin3fa65f02015-05-15 19:11:57 -0400[diff] [blame]159 ctx->cipher = NULL;
David Benjamin3570d732015-06-29 00:28:17 -0400[diff] [blame]160 OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]161 return 0;
162 }
163 } else {
164 ctx->cipher_data = NULL;
165 }
166
167 ctx->key_len = cipher->key_len;
168 ctx->flags = 0;
169
170 if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
171 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
David Benjamin3fa65f02015-05-15 19:11:57 -0400[diff] [blame]172 ctx->cipher = NULL;
David Benjamin3570d732015-06-29 00:28:17 -0400[diff] [blame]173 OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INITIALIZATION_ERROR);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]174 return 0;
175 }
176 }
177 } else if (!ctx->cipher) {
David Benjamin3570d732015-06-29 00:28:17 -0400[diff] [blame]178 OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_NO_CIPHER_SET);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]179 return 0;
180 }
181
David Benjamin808f8322017-08-18 14:06:02 -0400[diff] [blame]182 // we assume block size is a power of 2 in *cryptUpdate
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]183 assert(ctx->cipher->block_size == 1 || ctx->cipher->block_size == 8 ||
184 ctx->cipher->block_size == 16);
185
186 if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
187 switch (EVP_CIPHER_CTX_mode(ctx)) {
188 case EVP_CIPH_STREAM_CIPHER:
189 case EVP_CIPH_ECB_MODE:
190 break;
191
192 case EVP_CIPH_CFB_MODE:
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]193 ctx->num = 0;
David Benjamin808f8322017-08-18 14:06:02 -0400[diff] [blame]194 // fall-through
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]195
196 case EVP_CIPH_CBC_MODE:
197 assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof(ctx->iv));
198 if (iv) {
David Benjamin17cf2cb2016-12-13 01:07:13 -0500[diff] [blame]199 OPENSSL_memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]200 }
David Benjamin17cf2cb2016-12-13 01:07:13 -0500[diff] [blame]201 OPENSSL_memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]202 break;
203
204 case EVP_CIPH_CTR_MODE:
Adam Langley087930f2015-02-24 12:44:40 -0800[diff] [blame]205 case EVP_CIPH_OFB_MODE:
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]206 ctx->num = 0;
David Benjamin808f8322017-08-18 14:06:02 -0400[diff] [blame]207 // Don't reuse IV for CTR mode
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]208 if (iv) {
David Benjamin17cf2cb2016-12-13 01:07:13 -0500[diff] [blame]209 OPENSSL_memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]210 }
211 break;
212
213 default:
214 return 0;
215 }
216 }
217
218 if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
219 if (!ctx->cipher->init(ctx, key, iv, enc)) {
220 return 0;
221 }
222 }
223
224 ctx->buf_len = 0;
225 ctx->final_used = 0;
226 ctx->block_mask = ctx->cipher->block_size - 1;
227 return 1;
228}
229
230int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
231 ENGINE *impl, const uint8_t *key, const uint8_t *iv) {
232 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
233}
234
235int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
236 ENGINE *impl, const uint8_t *key, const uint8_t *iv) {
237 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
238}
239
240int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out, int *out_len,
241 const uint8_t *in, int in_len) {
242 int i, j, bl;
243
244 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
245 i = ctx->cipher->cipher(ctx, out, in, in_len);
246 if (i < 0) {
247 return 0;
248 } else {
249 *out_len = i;
250 }
251 return 1;
252 }
253
254 if (in_len <= 0) {
255 *out_len = 0;
256 return in_len == 0;
257 }
258
259 if (ctx->buf_len == 0 && (in_len & ctx->block_mask) == 0) {
260 if (ctx->cipher->cipher(ctx, out, in, in_len)) {
261 *out_len = in_len;
262 return 1;
263 } else {
264 *out_len = 0;
265 return 0;
266 }
267 }
268
269 i = ctx->buf_len;
270 bl = ctx->cipher->block_size;
271 assert(bl <= (int)sizeof(ctx->buf));
272 if (i != 0) {
David Benjamin204dea82016-05-03 07:42:19 -0400[diff] [blame]273 if (bl - i > in_len) {
David Benjamin17cf2cb2016-12-13 01:07:13 -0500[diff] [blame]274 OPENSSL_memcpy(&ctx->buf[i], in, in_len);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]275 ctx->buf_len += in_len;
276 *out_len = 0;
277 return 1;
278 } else {
279 j = bl - i;
David Benjamin17cf2cb2016-12-13 01:07:13 -0500[diff] [blame]280 OPENSSL_memcpy(&ctx->buf[i], in, j);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]281 if (!ctx->cipher->cipher(ctx, out, ctx->buf, bl)) {
282 return 0;
283 }
284 in_len -= j;
285 in += j;
286 out += bl;
287 *out_len = bl;
288 }
289 } else {
290 *out_len = 0;
291 }
292
293 i = in_len & ctx->block_mask;
294 in_len -= i;
295 if (in_len > 0) {
296 if (!ctx->cipher->cipher(ctx, out, in, in_len)) {
297 return 0;
298 }
299 *out_len += in_len;
300 }
301
302 if (i != 0) {
David Benjamin17cf2cb2016-12-13 01:07:13 -0500[diff] [blame]303 OPENSSL_memcpy(ctx->buf, &in[in_len], i);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]304 }
305 ctx->buf_len = i;
306 return 1;
307}
308
309int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, uint8_t *out, int *out_len) {
310 int n, ret;
311 unsigned int i, b, bl;
312
313 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
314 ret = ctx->cipher->cipher(ctx, out, NULL, 0);
315 if (ret < 0) {
316 return 0;
317 } else {
318 *out_len = ret;
319 }
320 return 1;
321 }
322
323 b = ctx->cipher->block_size;
324 assert(b <= sizeof(ctx->buf));
325 if (b == 1) {
326 *out_len = 0;
327 return 1;
328 }
329
330 bl = ctx->buf_len;
331 if (ctx->flags & EVP_CIPH_NO_PADDING) {
332 if (bl) {
David Benjamin3570d732015-06-29 00:28:17 -0400[diff] [blame]333 OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]334 return 0;
335 }
336 *out_len = 0;
337 return 1;
338 }
339
340 n = b - bl;
341 for (i = bl; i < b; i++) {
342 ctx->buf[i] = n;
343 }
344 ret = ctx->cipher->cipher(ctx, out, ctx->buf, b);
345
346 if (ret) {
347 *out_len = b;
348 }
349
350 return ret;
351}
352
353int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out, int *out_len,
354 const uint8_t *in, int in_len) {
355 int fix_len;
356 unsigned int b;
357
358 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
359 int r = ctx->cipher->cipher(ctx, out, in, in_len);
360 if (r < 0) {
361 *out_len = 0;
362 return 0;
363 } else {
364 *out_len = r;
365 }
366 return 1;
367 }
368
369 if (in_len <= 0) {
370 *out_len = 0;
371 return in_len == 0;
372 }
373
374 if (ctx->flags & EVP_CIPH_NO_PADDING) {
375 return EVP_EncryptUpdate(ctx, out, out_len, in, in_len);
376 }
377
378 b = ctx->cipher->block_size;
379 assert(b <= sizeof(ctx->final));
380
381 if (ctx->final_used) {
David Benjamin17cf2cb2016-12-13 01:07:13 -0500[diff] [blame]382 OPENSSL_memcpy(out, ctx->final, b);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]383 out += b;
384 fix_len = 1;
385 } else {
386 fix_len = 0;
387 }
388
389 if (!EVP_EncryptUpdate(ctx, out, out_len, in, in_len)) {
390 return 0;
391 }
392
David Benjamin808f8322017-08-18 14:06:02 -0400[diff] [blame]393 // if we have 'decrypted' a multiple of block size, make sure
394 // we have a copy of this last block
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]395 if (b > 1 && !ctx->buf_len) {
396 *out_len -= b;
397 ctx->final_used = 1;
David Benjamin17cf2cb2016-12-13 01:07:13 -0500[diff] [blame]398 OPENSSL_memcpy(ctx->final, &out[*out_len], b);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]399 } else {
400 ctx->final_used = 0;
401 }
402
403 if (fix_len) {
404 *out_len += b;
405 }
406
407 return 1;
408}
409
410int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) {
411 int i, n;
412 unsigned int b;
413 *out_len = 0;
414
415 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
416 i = ctx->cipher->cipher(ctx, out, NULL, 0);
417 if (i < 0) {
418 return 0;
419 } else {
420 *out_len = i;
421 }
422 return 1;
423 }
424
425 b = ctx->cipher->block_size;
426 if (ctx->flags & EVP_CIPH_NO_PADDING) {
427 if (ctx->buf_len) {
David Benjamin3570d732015-06-29 00:28:17 -0400[diff] [blame]428 OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]429 return 0;
430 }
431 *out_len = 0;
432 return 1;
433 }
434
435 if (b > 1) {
436 if (ctx->buf_len || !ctx->final_used) {
David Benjamin3570d732015-06-29 00:28:17 -0400[diff] [blame]437 OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_WRONG_FINAL_BLOCK_LENGTH);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]438 return 0;
439 }
440 assert(b <= sizeof(ctx->final));
441
David Benjamin808f8322017-08-18 14:06:02 -0400[diff] [blame]442 // The following assumes that the ciphertext has been authenticated.
443 // Otherwise it provides a padding oracle.
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]444 n = ctx->final[b - 1];
445 if (n == 0 || n > (int)b) {
David Benjamin3570d732015-06-29 00:28:17 -0400[diff] [blame]446 OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]447 return 0;
448 }
449
450 for (i = 0; i < n; i++) {
451 if (ctx->final[--b] != n) {
David Benjamin3570d732015-06-29 00:28:17 -0400[diff] [blame]452 OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]453 return 0;
454 }
455 }
456
457 n = ctx->cipher->block_size - n;
458 for (i = 0; i < n; i++) {
459 out[i] = ctx->final[i];
460 }
461 *out_len = n;
462 } else {
463 *out_len = 0;
464 }
465
466 return 1;
467}
468
469int EVP_Cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in,
470 size_t in_len) {
471 return ctx->cipher->cipher(ctx, out, in, in_len);
472}
473
474int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out, int *out_len,
475 const uint8_t *in, int in_len) {
476 if (ctx->encrypt) {
477 return EVP_EncryptUpdate(ctx, out, out_len, in, in_len);
478 } else {
479 return EVP_DecryptUpdate(ctx, out, out_len, in, in_len);
480 }
481}
482
483int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, uint8_t *out, int *out_len) {
484 if (ctx->encrypt) {
485 return EVP_EncryptFinal_ex(ctx, out, out_len);
486 } else {
487 return EVP_DecryptFinal_ex(ctx, out, out_len);
488 }
489}
490
491const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx) {
492 return ctx->cipher;
493}
494
495int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx) {
496 return ctx->cipher->nid;
497}
498
499unsigned EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx) {
500 return ctx->cipher->block_size;
501}
502
503unsigned EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx) {
504 return ctx->key_len;
505}
506
507unsigned EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) {
508 return ctx->cipher->iv_len;
509}
510
511void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) {
512 return ctx->app_data;
513}
514
515void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data) {
516 ctx->app_data = data;
517}
518
519uint32_t EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx) {
520 return ctx->cipher->flags & ~EVP_CIPH_MODE_MASK;
521}
522
523uint32_t EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx) {
524 return ctx->cipher->flags & EVP_CIPH_MODE_MASK;
525}
526
527int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int command, int arg, void *ptr) {
528 int ret;
529 if (!ctx->cipher) {
David Benjamin3570d732015-06-29 00:28:17 -0400[diff] [blame]530 OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_NO_CIPHER_SET);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]531 return 0;
532 }
533
534 if (!ctx->cipher->ctrl) {
David Benjamin3570d732015-06-29 00:28:17 -0400[diff] [blame]535 OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_CTRL_NOT_IMPLEMENTED);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]536 return 0;
537 }
538
539 ret = ctx->cipher->ctrl(ctx, command, arg, ptr);
540 if (ret == -1) {
David Benjamin3570d732015-06-29 00:28:17 -0400[diff] [blame]541 OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_CTRL_OPERATION_NOT_IMPLEMENTED);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]542 return 0;
543 }
544
545 return ret;
546}
547
548int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad) {
549 if (pad) {
550 ctx->flags &= ~EVP_CIPH_NO_PADDING;
551 } else {
552 ctx->flags |= EVP_CIPH_NO_PADDING;
553 }
554 return 1;
555}
556
Adam Langley539112f2014-08-22 11:06:41 -0700[diff] [blame]557int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, unsigned key_len) {
558 if (c->key_len == key_len) {
559 return 1;
560 }
561
562 if (key_len == 0 || !(c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) {
David Benjamin3570d732015-06-29 00:28:17 -0400[diff] [blame]563 OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_KEY_LENGTH);
Adam Langley539112f2014-08-22 11:06:41 -0700[diff] [blame]564 return 0;
565 }
566
567 c->key_len = key_len;
568 return 1;
569}
570
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]571int EVP_CIPHER_nid(const EVP_CIPHER *cipher) { return cipher->nid; }
572
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]573unsigned EVP_CIPHER_block_size(const EVP_CIPHER *cipher) {
574 return cipher->block_size;
575}
576
577unsigned EVP_CIPHER_key_length(const EVP_CIPHER *cipher) {
578 return cipher->key_len;
579}
580
581unsigned EVP_CIPHER_iv_length(const EVP_CIPHER *cipher) {
582 return cipher->iv_len;
583}
584
585uint32_t EVP_CIPHER_flags(const EVP_CIPHER *cipher) {
586 return cipher->flags & ~EVP_CIPH_MODE_MASK;
587}
588
589uint32_t EVP_CIPHER_mode(const EVP_CIPHER *cipher) {
590 return cipher->flags & EVP_CIPH_MODE_MASK;
591}
Adam Langley704453f2014-09-23 16:19:16 -0700[diff] [blame]592
593int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
594 const uint8_t *key, const uint8_t *iv, int enc) {
595 if (cipher) {
596 EVP_CIPHER_CTX_init(ctx);
597 }
598 return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc);
599}
600
601int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
602 const uint8_t *key, const uint8_t *iv) {
603 return EVP_CipherInit(ctx, cipher, key, iv, 1);
604}
605
606int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
607 const uint8_t *key, const uint8_t *iv) {
608 return EVP_CipherInit(ctx, cipher, key, iv, 0);
609}
610
611int EVP_add_cipher_alias(const char *a, const char *b) {
612 return 1;
613}