1656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* crypto/evp/evp_enc.c */ 2656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * All rights reserved. 4656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This package is an SSL implementation written 6656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * by Eric Young (eay@cryptsoft.com). 7656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The implementation was written so as to conform with Netscapes SSL. 8656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 9656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This library is free for commercial and non-commercial use as long as 10656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the following conditions are aheared to. The following conditions 11656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * apply to all code found in this distribution, be it the RC4, RSA, 12656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * included with this distribution is covered by the same copyright terms 14656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 16656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright remains Eric Young's, and as such any Copyright notices in 17656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the code are not to be removed. 18656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * If this package is used in a product, Eric Young should be given attribution 19656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * as the author of the parts of the library used. 20656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This can be in the form of a textual message at program startup or 21656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * in documentation (online or textual) provided with the package. 22656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 23656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 24656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 25656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 26656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the copyright 27656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 28656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 29656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in the 30656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * documentation and/or other materials provided with the distribution. 31656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this software 32656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * must display the following acknowledgement: 33656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes cryptographic software written by 34656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Eric Young (eay@cryptsoft.com)" 35656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The word 'cryptographic' can be left out if the rouines from the library 36656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * being used are not cryptographic related :-). 37656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. If you include any Windows specific code (or a derivative thereof) from 38656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the apps directory (application code) you must include an acknowledgement: 39656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 41656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SUCH DAMAGE. 52656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 53656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The licence and distribution terms for any publically available version or 54656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * derivative of this code cannot be changed. i.e. this code cannot simply be 55656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * copied and put under another distribution licence 56656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * [including the GNU Public Licence.] 57656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 58656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 59656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdio.h> 60656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "cryptlib.h" 61656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/evp.h> 62656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/err.h> 63656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/rand.h> 64656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 65656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/engine.h> 66656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 67392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifdef OPENSSL_FIPS 68392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/fips.h> 69392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 70c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root#include "constant_time_locl.h" 71656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "evp_locl.h" 72656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 73392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifdef OPENSSL_FIPS 74392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define M_do_cipher(ctx, out, in, inl) FIPS_cipher(ctx, out, in, inl) 75392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#else 76392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl) 77392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 78392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 79392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 80e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modaduguconst char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT; 81656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 82221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromvoid EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) 83221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 84221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom memset(ctx,0,sizeof(EVP_CIPHER_CTX)); 85221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* ctx->cipher=NULL; */ 86221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 87221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 88656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectEVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) 89656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 90656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_CIPHER_CTX *ctx=OPENSSL_malloc(sizeof *ctx); 91656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx) 92656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_CIPHER_CTX_init(ctx); 93656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return ctx; 94656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 95656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 96656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, 97656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const unsigned char *key, const unsigned char *iv, int enc) 98656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 99656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cipher) 100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_CIPHER_CTX_init(ctx); 101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc); 102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 104221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromint EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, 105221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const unsigned char *key, const unsigned char *iv, int enc) 106221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 107221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (enc == -1) 108221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom enc = ctx->encrypt; 109221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 110221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 111221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (enc) 112221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom enc = 1; 113221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ctx->encrypt = enc; 114221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 115221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_ENGINE 116221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts 117221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * so this context may already have an ENGINE! Try to avoid releasing 118221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * the previous handle, re-querying for an ENGINE, and having a 119221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * reinitialisation, when it may all be unecessary. */ 120221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (ctx->engine && ctx->cipher && (!cipher || 121221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom (cipher && (cipher->nid == ctx->cipher->nid)))) 122221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto skip_to_init; 123221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 124221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (cipher) 125221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 126221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* Ensure a context left lying around from last time is cleared 127221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * (the previous check attempted to avoid this if the same 128221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * ENGINE and EVP_CIPHER could be used). */ 129392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (ctx->cipher) 130392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 131392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom unsigned long flags = ctx->flags; 132392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_CIPHER_CTX_cleanup(ctx); 133392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* Restore encrypt and flags */ 134392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ctx->encrypt = enc; 135392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ctx->flags = flags; 136392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 137221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_ENGINE 138221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(impl) 139221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 140221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!ENGINE_init(impl)) 141221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 142221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); 143221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 144221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 145221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 146221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 147221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* Ask if an ENGINE is reserved for this job */ 148221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom impl = ENGINE_get_cipher_engine(cipher->nid); 149221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(impl) 150221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 151221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* There's an ENGINE for this job ... (apparently) */ 152221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid); 153221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(!c) 154221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 155221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* One positive side-effect of US's export 156221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * control history, is that we should at least 157221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * be able to avoid using US mispellings of 158221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * "initialisation"? */ 159221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); 160221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 161221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 162221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* We'll use the ENGINE's private cipher definition */ 163221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom cipher = c; 164221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* Store the ENGINE functional reference so we know 165221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * 'cipher' came from an ENGINE and we need to release 166221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * it when done. */ 167221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ctx->engine = impl; 168221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 169221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 170221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ctx->engine = NULL; 171221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 172221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 173392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifdef OPENSSL_FIPS 174a1a5710c055e139ea00e785f9eb55b3af3e4dab1Brian Carlstrom if (FIPS_mode()) 175a1a5710c055e139ea00e785f9eb55b3af3e4dab1Brian Carlstrom return FIPS_cipherinit(ctx, cipher, key, iv, enc); 176f42d491ab90c82302b0054c62014c1ee9b638affBrian Carlstrom#endif 177221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ctx->cipher=cipher; 178221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (ctx->cipher->ctx_size) 179221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 180221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); 181221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!ctx->cipher_data) 182221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 183221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE); 184221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 185221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 186221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 187221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 188221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 189221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ctx->cipher_data = NULL; 190221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 191221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ctx->key_len = cipher->key_len; 192221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ctx->flags = 0; 193221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) 194221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 195221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) 196221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 197221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); 198221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 199221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 200221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 201221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 202221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if(!ctx->cipher) 203221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 204221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET); 205221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 206221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 207221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_ENGINE 208221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromskip_to_init: 209221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 210392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifdef OPENSSL_FIPS 211a1a5710c055e139ea00e785f9eb55b3af3e4dab1Brian Carlstrom if (FIPS_mode()) 212a1a5710c055e139ea00e785f9eb55b3af3e4dab1Brian Carlstrom return FIPS_cipherinit(ctx, cipher, key, iv, enc); 213f42d491ab90c82302b0054c62014c1ee9b638affBrian Carlstrom#endif 214221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* we assume block size is a power of 2 in *cryptUpdate */ 215221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom OPENSSL_assert(ctx->cipher->block_size == 1 216221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom || ctx->cipher->block_size == 8 217221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom || ctx->cipher->block_size == 16); 218221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 219221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { 220221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom switch(EVP_CIPHER_CTX_mode(ctx)) { 221221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 222221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom case EVP_CIPH_STREAM_CIPHER: 223221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom case EVP_CIPH_ECB_MODE: 224221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom break; 225221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 226221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom case EVP_CIPH_CFB_MODE: 227221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom case EVP_CIPH_OFB_MODE: 228221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 229221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ctx->num = 0; 23043c12e3d4f9bbbbd4a8ba7b149686437514bc6b6Brian Carlstrom /* fall-through */ 231221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 232221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom case EVP_CIPH_CBC_MODE: 233221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 234221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= 235221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom (int)sizeof(ctx->iv)); 236221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); 237221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); 238221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom break; 239221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 240392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom case EVP_CIPH_CTR_MODE: 241392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ctx->num = 0; 242392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* Don't reuse IV for CTR mode */ 243392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(iv) 244392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx)); 245392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom break; 246392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 247221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom default: 248221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 249221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom break; 250221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 251221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 252221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 253221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { 254221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; 255221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 256221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ctx->buf_len=0; 257221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ctx->final_used=0; 258221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ctx->block_mask=ctx->cipher->block_size-1; 259221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 1; 260221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 261221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 262656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, 263656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const unsigned char *in, int inl) 264656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 265656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx->encrypt) 266656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return EVP_EncryptUpdate(ctx,out,outl,in,inl); 267656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else return EVP_DecryptUpdate(ctx,out,outl,in,inl); 268656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 269656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 271656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 272656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx->encrypt) 273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return EVP_EncryptFinal_ex(ctx,out,outl); 274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else return EVP_DecryptFinal_ex(ctx,out,outl); 275656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 276656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 277656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 278656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 279656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx->encrypt) 280656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return EVP_EncryptFinal(ctx,out,outl); 281656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else return EVP_DecryptFinal(ctx,out,outl); 282656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 283656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 284656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, 285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const unsigned char *key, const unsigned char *iv) 286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return EVP_CipherInit(ctx, cipher, key, iv, 1); 288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, 291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const unsigned char *key, const unsigned char *iv) 292656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 293656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1); 294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 296656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, 297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const unsigned char *key, const unsigned char *iv) 298656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return EVP_CipherInit(ctx, cipher, key, iv, 0); 300656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 301656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, 303656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const unsigned char *key, const unsigned char *iv) 304656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 305656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0); 306656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 307656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 308656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, 309656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const unsigned char *in, int inl) 310656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 311656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i,j,bl; 312656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 313392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) 314392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 315392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom i = M_do_cipher(ctx, out, in, inl); 316392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (i < 0) 317392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 0; 318392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 319392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom *outl = i; 320392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 1; 321392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 322392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 323e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (inl <= 0) 324e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 325e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu *outl = 0; 326e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu return inl == 0; 327e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 328e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu 329656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) 330656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 331392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(M_do_cipher(ctx,out,in,inl)) 332656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 333656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *outl=inl; 334656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 335656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 336656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 337656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 338656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *outl=0; 339656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 340656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 341656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 342656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=ctx->buf_len; 343656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bl=ctx->cipher->block_size; 344656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_assert(bl <= (int)sizeof(ctx->buf)); 345656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i != 0) 346656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 347656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i+inl < bl) 348656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 349656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project memcpy(&(ctx->buf[i]),in,inl); 350656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ctx->buf_len+=inl; 351656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *outl=0; 352656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 353656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 354656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 355656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 356656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j=bl-i; 357656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project memcpy(&(ctx->buf[i]),in,j); 358392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(!M_do_cipher(ctx,out,ctx->buf,bl)) return 0; 359656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project inl-=j; 360656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project in+=j; 361656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project out+=bl; 362656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *outl=bl; 363656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 364656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 365656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 366656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *outl = 0; 367656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=inl&(bl-1); 368656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project inl-=i; 369656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (inl > 0) 370656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 371392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(!M_do_cipher(ctx,out,in,inl)) return 0; 372656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *outl+=inl; 373656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 374656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 375656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i != 0) 376656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project memcpy(ctx->buf,&(in[inl]),i); 377656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ctx->buf_len=i; 378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 379656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 380656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 381656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 382656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 383656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret; 384656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = EVP_EncryptFinal_ex(ctx, out, outl); 385656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return ret; 386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 387656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 388656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 389656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 390656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int n,ret; 391656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned int i, b, bl; 392656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 393392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) 394392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 395392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ret = M_do_cipher(ctx, out, NULL, 0); 396392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (ret < 0) 397392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 0; 398392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 399392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom *outl = ret; 400392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 1; 401392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 402392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 403656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project b=ctx->cipher->block_size; 404656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_assert(b <= sizeof ctx->buf); 405656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (b == 1) 406656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 407656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *outl=0; 408656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 409656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 410656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bl=ctx->buf_len; 411656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx->flags & EVP_CIPH_NO_PADDING) 412656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 413656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(bl) 414656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 415656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); 416656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 417656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 418656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *outl = 0; 419656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 420656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 421656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 422656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project n=b-bl; 423656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=bl; i<b; i++) 424656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ctx->buf[i]=n; 425392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ret=M_do_cipher(ctx,out,ctx->buf,b); 426656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 427656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 428656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(ret) 429656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *outl=b; 430656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 431656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return ret; 432656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 433656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 434656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, 435656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const unsigned char *in, int inl) 436656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 437656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int fix_len; 438656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned int b; 439656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 440392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) 441392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 442392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom fix_len = M_do_cipher(ctx, out, in, inl); 443392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (fix_len < 0) 444392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 445392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom *outl = 0; 446392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 0; 447392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 448392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 449392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom *outl = fix_len; 450392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 1; 451392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 452392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 453e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (inl <= 0) 454656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 455e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu *outl = 0; 456e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu return inl == 0; 457656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 458656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 459656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx->flags & EVP_CIPH_NO_PADDING) 460656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return EVP_EncryptUpdate(ctx, out, outl, in, inl); 461656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 462656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project b=ctx->cipher->block_size; 463656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_assert(b <= sizeof ctx->final); 464656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 465656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(ctx->final_used) 466656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 467656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project memcpy(out,ctx->final,b); 468656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project out+=b; 469656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fix_len = 1; 470656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 471656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 472656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fix_len = 0; 473656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 474656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 475656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!EVP_EncryptUpdate(ctx,out,outl,in,inl)) 476656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 477656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 478656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* if we have 'decrypted' a multiple of block size, make sure 479656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * we have a copy of this last block */ 480656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (b > 1 && !ctx->buf_len) 481656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 482656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *outl-=b; 483656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ctx->final_used=1; 484656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project memcpy(ctx->final,&out[*outl],b); 485656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 486656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 487656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ctx->final_used = 0; 488656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 489656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (fix_len) 490656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *outl += b; 491656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 492656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 493656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 494656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 495656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 496656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 497656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret; 498656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = EVP_DecryptFinal_ex(ctx, out, outl); 499656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return ret; 500656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 501656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 502656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 503656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 504c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root unsigned int i, b; 505c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root unsigned char pad, padding_good; 506656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *outl=0; 507392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 508392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) 509392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 510c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root int ret = M_do_cipher(ctx, out, NULL, 0); 511c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root if (ret < 0) 512392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 0; 513392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 514c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root *outl = ret; 515392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 1; 516392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 517392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 518c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root b=(unsigned int)(ctx->cipher->block_size); 519656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx->flags & EVP_CIPH_NO_PADDING) 520656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 521656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(ctx->buf_len) 522656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 523656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); 524656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 525656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 526656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *outl = 0; 527656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 528656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 529656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (b > 1) 530656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 531656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx->buf_len || !ctx->final_used) 532656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 533656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH); 534656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(0); 535656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 536656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_assert(b <= sizeof ctx->final); 537c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root pad=ctx->final[b-1]; 538c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root 539c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root padding_good = (unsigned char)(~constant_time_is_zero_8(pad)); 540c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root padding_good &= constant_time_ge_8(b, pad); 541c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root 542c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root for (i = 1; i < b; ++i) 543656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 544c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root unsigned char is_pad_index = constant_time_lt_8(i, pad); 545c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root unsigned char pad_byte_good = constant_time_eq_8(ctx->final[b-i-1], pad); 546c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root padding_good &= constant_time_select_8(is_pad_index, pad_byte_good, 0xff); 547656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 548c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root 549c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root /* 550c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root * At least 1 byte is always padding, so we always write b - 1 551c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root * bytes to avoid a timing leak. The caller is required to have |b| 552c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root * bytes space in |out| by the API contract. 553c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root */ 554c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root for (i = 0; i < b - 1; ++i) 555c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root out[i] = ctx->final[i] & padding_good; 556c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root /* Safe cast: for a good padding, EVP_MAX_IV_LENGTH >= b >= pad */ 557c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root *outl = padding_good & ((unsigned char)(b - pad)); 558c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root return padding_good & 1; 559656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 560656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 561c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root { 562c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root *outl = 0; 563c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root return 1; 564c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root } 565656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 566656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 567656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectvoid EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) 568656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 569656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx) 570656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 571656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_CIPHER_CTX_cleanup(ctx); 572656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(ctx); 573656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 574656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 575656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 576221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromint EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) 577221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 578392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_FIPS 579221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (c->cipher != NULL) 580221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 581221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(c->cipher->cleanup && !c->cipher->cleanup(c)) 582221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 583221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* Cleanse cipher context data */ 584221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (c->cipher_data) 585221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); 586221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 587221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (c->cipher_data) 588221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom OPENSSL_free(c->cipher_data); 589392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 590221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_ENGINE 591221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (c->engine) 592221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* The EVP_CIPHER we used belongs to an ENGINE, release the 593221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * functional reference we held for this reason. */ 594221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ENGINE_finish(c->engine); 595221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 596392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifdef OPENSSL_FIPS 597392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom FIPS_cipher_ctx_cleanup(c); 598392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 599221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom memset(c,0,sizeof(EVP_CIPHER_CTX)); 600221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 1; 601221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 602221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 603656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) 604656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 605656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH) 606656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL); 607656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(c->key_len == keylen) return 1; 608656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) 609656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 610656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c->key_len = keylen; 611656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 612656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 613656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH); 614656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 615656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 616656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 617656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad) 618656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 619656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (pad) ctx->flags &= ~EVP_CIPH_NO_PADDING; 620656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else ctx->flags |= EVP_CIPH_NO_PADDING; 621656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 622656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 623656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 624221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromint EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) 625221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom{ 626221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int ret; 627221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(!ctx->cipher) { 628221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET); 629221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 630221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 631221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 632221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(!ctx->cipher->ctrl) { 633221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED); 634221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 635221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 636221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 637221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ret = ctx->cipher->ctrl(ctx, type, arg, ptr); 638221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(ret == -1) { 639221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED); 640221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 641221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 642221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return ret; 643221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom} 644221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 645656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) 646656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 647656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx->cipher->flags & EVP_CIPH_RAND_KEY) 648656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key); 649656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (RAND_bytes(key, ctx->key_len) <= 0) 650656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 651656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 652656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 653656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 654221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromint EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) 655e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 656221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if ((in == NULL) || (in->cipher == NULL)) 657e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 658221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); 659221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 660e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 661221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_ENGINE 662221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* Make sure it's safe to copy a cipher context using an ENGINE */ 663221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (in->engine && !ENGINE_init(in->engine)) 664221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 665221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,ERR_R_ENGINE_LIB); 666221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 667221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 668221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 669221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 670221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVP_CIPHER_CTX_cleanup(out); 671221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom memcpy(out,in,sizeof *out); 672221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 673221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (in->cipher_data && in->cipher->ctx_size) 674e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 675221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom out->cipher_data=OPENSSL_malloc(in->cipher->ctx_size); 676221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!out->cipher_data) 677e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 678221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,ERR_R_MALLOC_FAILURE); 679e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu return 0; 680e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 681221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom memcpy(out->cipher_data,in->cipher_data,in->cipher->ctx_size); 682e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 683e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu 684221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY) 685221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out); 686221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 1; 687e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 688