Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/openssl/openssl.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2000-05-27 03:51:35 +0400
committerDr. Stephen Henson <steve@openssl.org>2000-05-27 03:51:35 +0400
commit7f0606016cbbec917b1fe094b84b062e87abe7da (patch)
tree7238920f63ab28f7babc823ca9e8f18903e25192
parent7b224903f4d4e2c74d1548b6f0ca8b0ba31113ad (diff)
Beginnings of EVP cipher overhaul. This should eventually
enhance and tidy up the EVP interface. This patch adds initial support for variable length ciphers and changes S/MIME code to use this. Some other library functions need modifying to support use of modified cipher parameters. Also need to change all the cipher functions that should return error codes, but currenly don't. And of course it needs extensive testing...
Diffstat
-rw-r--r--CHANGES10
-rw-r--r--STATUS14
-rw-r--r--crypto/evp/e_cbc_3d.c4
-rw-r--r--crypto/evp/e_cbc_bf.c4
-rw-r--r--crypto/evp/e_cbc_c.c4
-rw-r--r--crypto/evp/e_cbc_d.c2
-rw-r--r--crypto/evp/e_cbc_i.c2
-rw-r--r--crypto/evp/e_cbc_r2.c9
-rw-r--r--crypto/evp/e_cbc_r5.c2
-rw-r--r--crypto/evp/e_cfb_3d.c4
-rw-r--r--crypto/evp/e_cfb_bf.c4
-rw-r--r--crypto/evp/e_cfb_c.c4
-rw-r--r--crypto/evp/e_cfb_d.c2
-rw-r--r--crypto/evp/e_cfb_i.c2
-rw-r--r--crypto/evp/e_cfb_r2.c4
-rw-r--r--crypto/evp/e_cfb_r5.c2
-rw-r--r--crypto/evp/e_ecb_3d.c5
-rw-r--r--crypto/evp/e_ecb_bf.c4
-rw-r--r--crypto/evp/e_ecb_c.c4
-rw-r--r--crypto/evp/e_ecb_d.c2
-rw-r--r--crypto/evp/e_ecb_i.c2
-rw-r--r--crypto/evp/e_ecb_r2.c4
-rw-r--r--crypto/evp/e_ecb_r5.c2
-rw-r--r--crypto/evp/e_null.c2
-rw-r--r--crypto/evp/e_ofb_3d.c4
-rw-r--r--crypto/evp/e_ofb_bf.c4
-rw-r--r--crypto/evp/e_ofb_c.c4
-rw-r--r--crypto/evp/e_ofb_d.c2
-rw-r--r--crypto/evp/e_ofb_i.c2
-rw-r--r--crypto/evp/e_ofb_r2.c4
-rw-r--r--crypto/evp/e_ofb_r5.c2
-rw-r--r--crypto/evp/e_rc4.c9
-rw-r--r--crypto/evp/e_xcbc_d.c2
-rw-r--r--crypto/evp/evp.h48
-rw-r--r--crypto/evp/evp_enc.c19
-rw-r--r--crypto/evp/evp_err.c2
-rw-r--r--crypto/pkcs7/pk7_doit.c31
37 files changed, 166 insertions, 65 deletions
diff --git a/CHANGES b/CHANGES
index 4ae08b0e88..94876612c3 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,16 @@
Changes between 0.9.5a and 0.9.6 [xx XXX 2000]
+ *) EVP cipher enhancment. Add hooks for extra EVP features. This will allow
+ various cipher parameters to be set in the EVP interface. Initially
+ support added for variable key length ciphers via the
+ EVP_CIPHER_CTX_set_key_length() function. Other cipher specific
+ parameters will be added later via the new catchall 'ctrl' function.
+ New functionality allows removal of S/MIME code RC2 hack. Still needs
+ support in other library functions, also need to add return codes to
+ some EVP functions.
+ [Steve Henson]
+
*) Implement SSL_OP_TLS_ROLLBACK_BUG: In ssl3_get_client_key_exchange, if
this option is set, tolerate broken clients that send the negotiated
protocol version number instead of the requested protocol version
diff --git a/STATUS b/STATUS
index 410739c045..98b8656af9 100644
--- a/STATUS
+++ b/STATUS
@@ -1,6 +1,6 @@
OpenSSL STATUS Last modified at
- ______________ $Date: 2000/04/14 23:35:50 $
+ ______________ $Date: 2000/05/26 23:51:09 $
DEVELOPMENT STATE
@@ -22,11 +22,11 @@
IN PROGRESS
o Steve is currently working on (in no particular order):
+ EVP cipher enhancement.
Proper (or at least usable) certificate chain verification.
Private key, certificate and CRL API and implementation.
Developing and bugfixing PKCS#7 (S/MIME code).
Various X509 issues: character sets, certificate request extensions.
- Documentation for the openssl utility.
NEEDS PATCH
@@ -79,16 +79,6 @@
to date.
Paul +1
- o The EVP and ASN1 stuff is a mess. Currently you have one EVP_CIPHER
- structure for each cipher. This may make sense for things like DES but
- for variable length ciphers like RC2 and RC4 it is NBG. Need a way to
- use the EVP interface and set up the cipher parameters. The ASN1 stuff
- is also foo wrt ciphers whose AlgorithmIdentifier has more than just
- an IV in it (e.g. RC2, RC5). This also means that EVP_Seal and EVP_Open
- don't work unless the key length matches the fixed value (some vendors
- use a key length decided by the size of the RSA encrypted key and expect
- RC2 to adapt).
-
WISHES
o
diff --git a/crypto/evp/e_cbc_3d.c b/crypto/evp/e_cbc_3d.c
index 5d16b865c5..a458921583 100644
--- a/crypto/evp/e_cbc_3d.c
+++ b/crypto/evp/e_cbc_3d.c
@@ -72,6 +72,7 @@ static EVP_CIPHER d_cbc_ede_cipher2=
{
NID_des_ede_cbc,
8,16,8,
+ EVP_CIPH_CBC_MODE,
des_cbc_ede_init_key,
des_cbc_ede_cipher,
NULL,
@@ -79,12 +80,14 @@ static EVP_CIPHER d_cbc_ede_cipher2=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
static EVP_CIPHER d_cbc_ede_cipher3=
{
NID_des_ede3_cbc,
8,24,8,
+ EVP_CIPH_CBC_MODE,
des_cbc_ede3_init_key,
des_cbc_ede_cipher,
NULL,
@@ -92,6 +95,7 @@ static EVP_CIPHER d_cbc_ede_cipher3=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_des_ede_cbc(void)
diff --git a/crypto/evp/e_cbc_bf.c b/crypto/evp/e_cbc_bf.c
index 9bcba3c516..489e63041d 100644
--- a/crypto/evp/e_cbc_bf.c
+++ b/crypto/evp/e_cbc_bf.c
@@ -70,6 +70,7 @@ static EVP_CIPHER bfish_cbc_cipher=
{
NID_bf_cbc,
8,EVP_BLOWFISH_KEY_SIZE,8,
+ EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH,
bf_cbc_init_key,
bf_cbc_cipher,
NULL,
@@ -77,6 +78,7 @@ static EVP_CIPHER bfish_cbc_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.bf_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_bf_cbc(void)
@@ -91,7 +93,7 @@ static void bf_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
memcpy(&(ctx->oiv[0]),iv,8);
memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
if (key != NULL)
- BF_set_key(&(ctx->c.bf_ks),EVP_BLOWFISH_KEY_SIZE,key);
+ BF_set_key(&(ctx->c.bf_ks),EVP_CIPHER_CTX_key_length(ctx),key);
}
static void bf_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/crypto/evp/e_cbc_c.c b/crypto/evp/e_cbc_c.c
index 6845b0b44c..4e8fda9e64 100644
--- a/crypto/evp/e_cbc_c.c
+++ b/crypto/evp/e_cbc_c.c
@@ -71,6 +71,7 @@ static EVP_CIPHER cast5_cbc_cipher=
{
NID_cast5_cbc,
8,EVP_CAST5_KEY_SIZE,8,
+ EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH,
cast_cbc_init_key,
cast_cbc_cipher,
NULL,
@@ -78,6 +79,7 @@ static EVP_CIPHER cast5_cbc_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.cast_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_cast5_cbc(void)
@@ -92,7 +94,7 @@ static void cast_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
memcpy(&(ctx->oiv[0]),iv,8);
memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
if (key != NULL)
- CAST_set_key(&(ctx->c.cast_ks),EVP_CAST5_KEY_SIZE,key);
+ CAST_set_key(&(ctx->c.cast_ks),EVP_CIPHER_CTX_key_length(ctx),key);
}
static void cast_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/crypto/evp/e_cbc_d.c b/crypto/evp/e_cbc_d.c
index 5b4e5b8601..ae9d25aca1 100644
--- a/crypto/evp/e_cbc_d.c
+++ b/crypto/evp/e_cbc_d.c
@@ -70,6 +70,7 @@ static EVP_CIPHER d_cbc_cipher=
{
NID_des_cbc,
8,8,8,
+ EVP_CIPH_CBC_MODE,
des_cbc_init_key,
des_cbc_cipher,
NULL,
@@ -77,6 +78,7 @@ static EVP_CIPHER d_cbc_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_des_cbc(void)
diff --git a/crypto/evp/e_cbc_i.c b/crypto/evp/e_cbc_i.c
index 34b44aa21f..b74f280614 100644
--- a/crypto/evp/e_cbc_i.c
+++ b/crypto/evp/e_cbc_i.c
@@ -71,6 +71,7 @@ static EVP_CIPHER i_cbc_cipher=
{
NID_idea_cbc,
8,16,8,
+ EVP_CIPH_CBC_MODE,
idea_cbc_init_key,
idea_cbc_cipher,
NULL,
@@ -78,6 +79,7 @@ static EVP_CIPHER i_cbc_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.idea_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_idea_cbc(void)
diff --git a/crypto/evp/e_cbc_r2.c b/crypto/evp/e_cbc_r2.c
index 9dfada4ea6..dc94b4fe1f 100644
--- a/crypto/evp/e_cbc_r2.c
+++ b/crypto/evp/e_cbc_r2.c
@@ -80,6 +80,7 @@ static EVP_CIPHER r2_cbc_cipher=
{
NID_rc2_cbc,
8,EVP_RC2_KEY_SIZE,8,
+ EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH,
rc2_cbc_init_key,
rc2_cbc_cipher,
NULL,
@@ -87,12 +88,14 @@ static EVP_CIPHER r2_cbc_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
rc2_set_asn1_type_and_iv,
rc2_get_asn1_type_and_iv,
+ NULL
};
static EVP_CIPHER r2_64_cbc_cipher=
{
NID_rc2_64_cbc,
8,8 /* 64 bit */,8,
+ EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH,
rc2_cbc_init_key,
rc2_cbc_cipher,
NULL,
@@ -100,12 +103,14 @@ static EVP_CIPHER r2_64_cbc_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
rc2_set_asn1_type_and_iv,
rc2_get_asn1_type_and_iv,
+ NULL
};
static EVP_CIPHER r2_40_cbc_cipher=
{
NID_rc2_40_cbc,
8,5 /* 40 bit */,8,
+ EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH,
rc2_cbc_init_key,
rc2_cbc_cipher,
NULL,
@@ -113,6 +118,7 @@ static EVP_CIPHER r2_40_cbc_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
rc2_set_asn1_type_and_iv,
rc2_get_asn1_type_and_iv,
+ NULL
};
EVP_CIPHER *EVP_rc2_cbc(void)
@@ -138,7 +144,7 @@ static void rc2_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
if (key != NULL)
RC2_set_key(&(ctx->c.rc2_ks),EVP_CIPHER_CTX_key_length(ctx),
- key,EVP_CIPHER_CTX_key_length(ctx)*8);
+ key,EVP_CIPHER_key_length(ctx->cipher)*8);
}
static void rc2_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
@@ -193,6 +199,7 @@ static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
if (e != EVP_CIPHER_CTX_cipher(c))
{
EVP_CIPHER_CTX_cipher(c)=e;
+ EVP_CIPHER_CTX_set_key_length(c, EVP_CIPHER_key_length(c));
rc2_cbc_init_key(c,NULL,NULL,1);
}
}
diff --git a/crypto/evp/e_cbc_r5.c b/crypto/evp/e_cbc_r5.c
index cea3fe333a..4e71f46d02 100644
--- a/crypto/evp/e_cbc_r5.c
+++ b/crypto/evp/e_cbc_r5.c
@@ -71,6 +71,7 @@ static EVP_CIPHER rc5_32_12_16_cbc_cipher=
{
NID_rc5_cbc,
8,EVP_RC5_32_12_16_KEY_SIZE,8,
+ EVP_CIPH_CBC_MODE,
r_32_12_16_cbc_init_key,
r_32_12_16_cbc_cipher,
NULL,
@@ -78,6 +79,7 @@ static EVP_CIPHER rc5_32_12_16_cbc_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc5_ks)),
NULL,
NULL,
+ NULL
};
EVP_CIPHER *EVP_rc5_32_12_16_cbc(void)
diff --git a/crypto/evp/e_cfb_3d.c b/crypto/evp/e_cfb_3d.c
index b364bd4e31..73b989b3b6 100644
--- a/crypto/evp/e_cfb_3d.c
+++ b/crypto/evp/e_cfb_3d.c
@@ -72,6 +72,7 @@ static EVP_CIPHER d_ede_cfb_cipher2=
{
NID_des_ede_cfb64,
1,16,8,
+ EVP_CIPH_CFB_MODE,
des_ede_cfb_init_key,
des_ede_cfb_cipher,
NULL,
@@ -79,12 +80,14 @@ static EVP_CIPHER d_ede_cfb_cipher2=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
static EVP_CIPHER d_ede3_cfb_cipher3=
{
NID_des_ede3_cfb64,
1,24,8,
+ EVP_CIPH_CFB_MODE,
des_ede3_cfb_init_key,
des_ede_cfb_cipher,
NULL,
@@ -92,6 +95,7 @@ static EVP_CIPHER d_ede3_cfb_cipher3=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_des_ede_cfb(void)
diff --git a/crypto/evp/e_cfb_bf.c b/crypto/evp/e_cfb_bf.c
index 63e1e624ea..b09485531f 100644
--- a/crypto/evp/e_cfb_bf.c
+++ b/crypto/evp/e_cfb_bf.c
@@ -70,6 +70,7 @@ static EVP_CIPHER bfish_cfb_cipher=
{
NID_bf_cfb64,
1,EVP_BLOWFISH_KEY_SIZE,8,
+ EVP_CIPH_CFB_MODE | EVP_CIPH_VARIABLE_LENGTH,
bf_cfb_init_key,
bf_cfb_cipher,
NULL,
@@ -77,6 +78,7 @@ static EVP_CIPHER bfish_cfb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.bf_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_bf_cfb(void)
@@ -93,7 +95,7 @@ static void bf_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
memcpy(&(ctx->oiv[0]),iv,8);
memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
if (key != NULL)
- BF_set_key(&(ctx->c.bf_ks),EVP_BLOWFISH_KEY_SIZE,key);
+ BF_set_key(&(ctx->c.bf_ks),EVP_CIPHER_CTX_key_length(ctx),key);
}
static void bf_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/crypto/evp/e_cfb_c.c b/crypto/evp/e_cfb_c.c
index f04bac034b..c4efb64bd2 100644
--- a/crypto/evp/e_cfb_c.c
+++ b/crypto/evp/e_cfb_c.c
@@ -71,6 +71,7 @@ static EVP_CIPHER cast5_cfb_cipher=
{
NID_cast5_cfb64,
1,EVP_CAST5_KEY_SIZE,8,
+ EVP_CIPH_CFB_MODE | EVP_CIPH_VARIABLE_LENGTH,
cast_cfb_init_key,
cast_cfb_cipher,
NULL,
@@ -78,6 +79,7 @@ static EVP_CIPHER cast5_cfb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.cast_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_cast5_cfb(void)
@@ -94,7 +96,7 @@ static void cast_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
memcpy(&(ctx->oiv[0]),iv,8);
memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
if (key != NULL)
- CAST_set_key(&(ctx->c.cast_ks),EVP_CAST5_KEY_SIZE,key);
+ CAST_set_key(&(ctx->c.cast_ks),EVP_CIPHER_CTX_key_length(ctx),key);
}
static void cast_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/crypto/evp/e_cfb_d.c b/crypto/evp/e_cfb_d.c
index 9e1714bd15..6817d78073 100644
--- a/crypto/evp/e_cfb_d.c
+++ b/crypto/evp/e_cfb_d.c
@@ -70,6 +70,7 @@ static EVP_CIPHER d_cfb_cipher=
{
NID_des_cfb64,
1,8,8,
+ EVP_CIPH_CFB_MODE,
des_cfb_init_key,
des_cfb_cipher,
NULL,
@@ -77,6 +78,7 @@ static EVP_CIPHER d_cfb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_des_cfb(void)
diff --git a/crypto/evp/e_cfb_i.c b/crypto/evp/e_cfb_i.c
index 31c76c6dac..e228057fa1 100644
--- a/crypto/evp/e_cfb_i.c
+++ b/crypto/evp/e_cfb_i.c
@@ -71,6 +71,7 @@ static EVP_CIPHER i_cfb_cipher=
{
NID_idea_cfb64,
1,IDEA_KEY_LENGTH,IDEA_BLOCK,
+ EVP_CIPH_CFB_MODE,
idea_cfb_init_key,
idea_cfb_cipher,
NULL,
@@ -78,6 +79,7 @@ static EVP_CIPHER i_cfb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.idea_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_idea_cfb(void)
diff --git a/crypto/evp/e_cfb_r2.c b/crypto/evp/e_cfb_r2.c
index 32dd77eb7c..6e5ee8dac6 100644
--- a/crypto/evp/e_cfb_r2.c
+++ b/crypto/evp/e_cfb_r2.c
@@ -71,6 +71,7 @@ static EVP_CIPHER r2_cfb_cipher=
{
NID_rc2_cfb64,
1,EVP_RC2_KEY_SIZE,8,
+ EVP_CIPH_CFB_MODE | EVP_CIPH_VARIABLE_LENGTH,
rc2_cfb_init_key,
rc2_cfb_cipher,
NULL,
@@ -78,6 +79,7 @@ static EVP_CIPHER r2_cfb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_rc2_cfb(void)
@@ -95,7 +97,7 @@ static void rc2_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
if (key != NULL)
RC2_set_key(&(ctx->c.rc2_ks),EVP_CIPHER_CTX_key_length(ctx),
- key,EVP_CIPHER_CTX_key_length(ctx)*8);
+ key,EVP_CIPHER_key_length(ctx->cipher)*8);
}
static void rc2_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/crypto/evp/e_cfb_r5.c b/crypto/evp/e_cfb_r5.c
index 8e79728946..25ec1193ca 100644
--- a/crypto/evp/e_cfb_r5.c
+++ b/crypto/evp/e_cfb_r5.c
@@ -71,6 +71,7 @@ static EVP_CIPHER rc5_cfb_cipher=
{
NID_rc5_cfb64,
1,EVP_RC5_32_12_16_KEY_SIZE,8,
+ EVP_CIPH_CFB_MODE,
rc5_32_12_16_cfb_init_key,
rc5_32_12_16_cfb_cipher,
NULL,
@@ -78,6 +79,7 @@ static EVP_CIPHER rc5_cfb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc5_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_rc5_32_12_16_cfb(void)
diff --git a/crypto/evp/e_ecb_3d.c b/crypto/evp/e_ecb_3d.c
index 806e971d36..5308557ee4 100644
--- a/crypto/evp/e_ecb_3d.c
+++ b/crypto/evp/e_ecb_3d.c
@@ -72,6 +72,7 @@ static EVP_CIPHER d_ede_cipher2=
{
NID_des_ede,
8,16,0,
+ EVP_CIPH_ECB_MODE,
des_ede_init_key,
des_ede_cipher,
NULL,
@@ -79,18 +80,22 @@ static EVP_CIPHER d_ede_cipher2=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
NULL,
NULL,
+ NULL
};
static EVP_CIPHER d_ede3_cipher3=
{
NID_des_ede3,
8,24,0,
+ EVP_CIPH_ECB_MODE,
des_ede3_init_key,
des_ede_cipher,
NULL,
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
NULL,
+ NULL,
+ NULL
};
EVP_CIPHER *EVP_des_ede(void)
diff --git a/crypto/evp/e_ecb_bf.c b/crypto/evp/e_ecb_bf.c
index 334736d253..31aef248bf 100644
--- a/crypto/evp/e_ecb_bf.c
+++ b/crypto/evp/e_ecb_bf.c
@@ -70,6 +70,7 @@ static EVP_CIPHER bfish_ecb_cipher=
{
NID_bf_ecb,
8,EVP_BLOWFISH_KEY_SIZE,0,
+ EVP_CIPH_ECB_MODE | EVP_CIPH_VARIABLE_LENGTH,
bf_ecb_init_key,
bf_ecb_cipher,
NULL,
@@ -77,6 +78,7 @@ static EVP_CIPHER bfish_ecb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.bf_ks)),
NULL,
NULL,
+ NULL
};
EVP_CIPHER *EVP_bf_ecb(void)
@@ -88,7 +90,7 @@ static void bf_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
unsigned char *iv, int enc)
{
if (key != NULL)
- BF_set_key(&(ctx->c.bf_ks),EVP_BLOWFISH_KEY_SIZE,key);
+ BF_set_key(&(ctx->c.bf_ks),EVP_CIPHER_CTX_key_length(ctx),key);
}
static void bf_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/crypto/evp/e_ecb_c.c b/crypto/evp/e_ecb_c.c
index ad14e203cb..7eafb8d9b2 100644
--- a/crypto/evp/e_ecb_c.c
+++ b/crypto/evp/e_ecb_c.c
@@ -71,6 +71,7 @@ static EVP_CIPHER cast5_ecb_cipher=
{
NID_cast5_ecb,
8,EVP_CAST5_KEY_SIZE,0,
+ EVP_CIPH_ECB_MODE | EVP_CIPH_VARIABLE_LENGTH,
cast_ecb_init_key,
cast_ecb_cipher,
NULL,
@@ -78,6 +79,7 @@ static EVP_CIPHER cast5_ecb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.cast_ks)),
NULL,
NULL,
+ NULL
};
EVP_CIPHER *EVP_cast5_ecb(void)
@@ -89,7 +91,7 @@ static void cast_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
unsigned char *iv, int enc)
{
if (key != NULL)
- CAST_set_key(&(ctx->c.cast_ks),EVP_CAST5_KEY_SIZE,key);
+ CAST_set_key(&(ctx->c.cast_ks),EVP_CIPHER_CTX_key_length(ctx),key);
}
static void cast_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/crypto/evp/e_ecb_d.c b/crypto/evp/e_ecb_d.c
index c11bef55ef..b55d5b0ee4 100644
--- a/crypto/evp/e_ecb_d.c
+++ b/crypto/evp/e_ecb_d.c
@@ -70,6 +70,7 @@ static EVP_CIPHER d_ecb_cipher=
{
NID_des_ecb,
8,8,0,
+ EVP_CIPH_ECB_MODE,
des_ecb_init_key,
des_ecb_cipher,
NULL,
@@ -77,6 +78,7 @@ static EVP_CIPHER d_ecb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ks)),
NULL,
NULL,
+ NULL
};
EVP_CIPHER *EVP_des_ecb(void)
diff --git a/crypto/evp/e_ecb_i.c b/crypto/evp/e_ecb_i.c
index 50a3da1bba..7e614c6439 100644
--- a/crypto/evp/e_ecb_i.c
+++ b/crypto/evp/e_ecb_i.c
@@ -71,6 +71,7 @@ static EVP_CIPHER i_ecb_cipher=
{
NID_idea_ecb,
8,16,0,
+ EVP_CIPH_ECB_MODE,
idea_ecb_init_key,
idea_ecb_cipher,
NULL,
@@ -78,6 +79,7 @@ static EVP_CIPHER i_ecb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.idea_ks)),
NULL,
NULL,
+ NULL
};
EVP_CIPHER *EVP_idea_ecb(void)
diff --git a/crypto/evp/e_ecb_r2.c b/crypto/evp/e_ecb_r2.c
index 3c2330130d..41d6337fc6 100644
--- a/crypto/evp/e_ecb_r2.c
+++ b/crypto/evp/e_ecb_r2.c
@@ -71,6 +71,7 @@ static EVP_CIPHER r2_ecb_cipher=
{
NID_rc2_ecb,
8,EVP_RC2_KEY_SIZE,0,
+ EVP_CIPH_ECB_MODE | EVP_CIPH_VARIABLE_LENGTH,
rc2_ecb_init_key,
rc2_ecb_cipher,
NULL,
@@ -78,6 +79,7 @@ static EVP_CIPHER r2_ecb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
NULL,
NULL,
+ NULL
};
EVP_CIPHER *EVP_rc2_ecb(void)
@@ -90,7 +92,7 @@ static void rc2_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
{
if (key != NULL)
RC2_set_key(&(ctx->c.rc2_ks),EVP_CIPHER_CTX_key_length(ctx),
- key,EVP_CIPHER_CTX_key_length(ctx)*8);
+ key,EVP_CIPHER_key_length(ctx->cipher)*8);
}
static void rc2_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/crypto/evp/e_ecb_r5.c b/crypto/evp/e_ecb_r5.c
index ef43ce34bf..1bf19e6f95 100644
--- a/crypto/evp/e_ecb_r5.c
+++ b/crypto/evp/e_ecb_r5.c
@@ -71,6 +71,7 @@ static EVP_CIPHER rc5_ecb_cipher=
{
NID_rc5_ecb,
8,EVP_RC5_32_12_16_KEY_SIZE,0,
+ EVP_CIPH_ECB_MODE,
rc5_32_12_16_ecb_init_key,
rc5_32_12_16_ecb_cipher,
NULL,
@@ -78,6 +79,7 @@ static EVP_CIPHER rc5_ecb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc5_ks)),
NULL,
NULL,
+ NULL
};
EVP_CIPHER *EVP_rc5_32_12_16_ecb(void)
diff --git a/crypto/evp/e_null.c b/crypto/evp/e_null.c
index 0a62c10aa9..0d31a66061 100644
--- a/crypto/evp/e_null.c
+++ b/crypto/evp/e_null.c
@@ -69,12 +69,14 @@ static EVP_CIPHER n_cipher=
{
NID_undef,
1,0,0,
+ 0,
null_init_key,
null_cipher,
NULL,
0,
NULL,
NULL,
+ NULL
};
EVP_CIPHER *EVP_enc_null(void)
diff --git a/crypto/evp/e_ofb_3d.c b/crypto/evp/e_ofb_3d.c
index d1a33e2ecd..c1714fda8d 100644
--- a/crypto/evp/e_ofb_3d.c
+++ b/crypto/evp/e_ofb_3d.c
@@ -72,6 +72,7 @@ static EVP_CIPHER d_ede_ofb_cipher2=
{
NID_des_ede_ofb64,
1,16,8,
+ EVP_CIPH_OFB_MODE,
des_ede_ofb_init_key,
des_ede_ofb_cipher,
NULL,
@@ -79,12 +80,14 @@ static EVP_CIPHER d_ede_ofb_cipher2=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
static EVP_CIPHER d_ede3_ofb_cipher3=
{
NID_des_ede3_ofb64,
1,24,8,
+ EVP_CIPH_OFB_MODE,
des_ede3_ofb_init_key,
des_ede_ofb_cipher,
NULL,
@@ -92,6 +95,7 @@ static EVP_CIPHER d_ede3_ofb_cipher3=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_des_ede_ofb(void)
diff --git a/crypto/evp/e_ofb_bf.c b/crypto/evp/e_ofb_bf.c
index c82154b549..12d35c122b 100644
--- a/crypto/evp/e_ofb_bf.c
+++ b/crypto/evp/e_ofb_bf.c
@@ -70,6 +70,7 @@ static EVP_CIPHER bfish_ofb_cipher=
{
NID_bf_ofb64,
1,EVP_BLOWFISH_KEY_SIZE,8,
+ EVP_CIPH_OFB_MODE | EVP_CIPH_VARIABLE_LENGTH,
bf_ofb_init_key,
bf_ofb_cipher,
NULL,
@@ -77,6 +78,7 @@ static EVP_CIPHER bfish_ofb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.bf_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_bf_ofb(void)
@@ -93,7 +95,7 @@ static void bf_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
memcpy(&(ctx->oiv[0]),iv,8);
memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
if (key != NULL)
- BF_set_key(&(ctx->c.bf_ks),EVP_BLOWFISH_KEY_SIZE,key);
+ BF_set_key(&(ctx->c.bf_ks),EVP_CIPHER_CTX_key_length(ctx),key);
}
static void bf_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/crypto/evp/e_ofb_c.c b/crypto/evp/e_ofb_c.c
index 971043de4c..fbdcf98c61 100644
--- a/crypto/evp/e_ofb_c.c
+++ b/crypto/evp/e_ofb_c.c
@@ -71,6 +71,7 @@ static EVP_CIPHER cast5_ofb_cipher=
{
NID_cast5_ofb64,
1,EVP_CAST5_KEY_SIZE,8,
+ EVP_CIPH_OFB_MODE | EVP_CIPH_VARIABLE_LENGTH,
cast_ofb_init_key,
cast_ofb_cipher,
NULL,
@@ -78,6 +79,7 @@ static EVP_CIPHER cast5_ofb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.cast_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_cast5_ofb(void)
@@ -94,7 +96,7 @@ static void cast_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
memcpy(&(ctx->oiv[0]),iv,8);
memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
if (key != NULL)
- CAST_set_key(&(ctx->c.cast_ks),EVP_CAST5_KEY_SIZE,key);
+ CAST_set_key(&(ctx->c.cast_ks),EVP_CIPHER_CTX_key_length(ctx),key);
}
static void cast_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/crypto/evp/e_ofb_d.c b/crypto/evp/e_ofb_d.c
index d51ce230f4..7ced394a2b 100644
--- a/crypto/evp/e_ofb_d.c
+++ b/crypto/evp/e_ofb_d.c
@@ -70,6 +70,7 @@ static EVP_CIPHER d_ofb_cipher=
{
NID_des_ofb64,
1,8,8,
+ EVP_CIPH_OFB_MODE,
des_ofb_init_key,
des_ofb_cipher,
NULL,
@@ -77,6 +78,7 @@ static EVP_CIPHER d_ofb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_des_ofb(void)
diff --git a/crypto/evp/e_ofb_i.c b/crypto/evp/e_ofb_i.c
index 389206ef36..7c97cbd7b6 100644
--- a/crypto/evp/e_ofb_i.c
+++ b/crypto/evp/e_ofb_i.c
@@ -71,6 +71,7 @@ static EVP_CIPHER i_ofb_cipher=
{
NID_idea_ofb64,
1,IDEA_KEY_LENGTH,IDEA_BLOCK,
+ EVP_CIPH_OFB_MODE,
idea_ofb_init_key,
idea_ofb_cipher,
NULL,
@@ -78,6 +79,7 @@ static EVP_CIPHER i_ofb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.idea_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_idea_ofb(void)
diff --git a/crypto/evp/e_ofb_r2.c b/crypto/evp/e_ofb_r2.c
index 60ae3d4507..696d58b0c4 100644
--- a/crypto/evp/e_ofb_r2.c
+++ b/crypto/evp/e_ofb_r2.c
@@ -71,6 +71,7 @@ static EVP_CIPHER r2_ofb_cipher=
{
NID_rc2_ofb64,
1,EVP_RC2_KEY_SIZE,8,
+ EVP_CIPH_OFB_MODE | EVP_CIPH_VARIABLE_LENGTH,
rc2_ofb_init_key,
rc2_ofb_cipher,
NULL,
@@ -78,6 +79,7 @@ static EVP_CIPHER r2_ofb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_rc2_ofb(void)
@@ -95,7 +97,7 @@ static void rc2_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
if (key != NULL)
RC2_set_key(&(ctx->c.rc2_ks),EVP_CIPHER_CTX_key_length(ctx),
- key,EVP_CIPHER_CTX_key_length(ctx)*8);
+ key,EVP_CIPHER_key_length(ctx->cipher)*8);
}
static void rc2_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/crypto/evp/e_ofb_r5.c b/crypto/evp/e_ofb_r5.c
index 30136824eb..205aaf9cd7 100644
--- a/crypto/evp/e_ofb_r5.c
+++ b/crypto/evp/e_ofb_r5.c
@@ -71,6 +71,7 @@ static EVP_CIPHER rc5_ofb_cipher=
{
NID_rc5_ofb64,
1,EVP_RC5_32_12_16_KEY_SIZE,8,
+ EVP_CIPH_OFB_MODE,
rc5_32_12_16_ofb_init_key,
rc5_32_12_16_ofb_cipher,
NULL,
@@ -78,6 +79,7 @@ static EVP_CIPHER rc5_ofb_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc5_ks)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_rc5_32_12_16_ofb(void)
diff --git a/crypto/evp/e_rc4.c b/crypto/evp/e_rc4.c
index c7e58a75cc..1ac9f70691 100644
--- a/crypto/evp/e_rc4.c
+++ b/crypto/evp/e_rc4.c
@@ -71,6 +71,7 @@ static EVP_CIPHER r4_cipher=
{
NID_rc4,
1,EVP_RC4_KEY_SIZE,0,
+ EVP_CIPH_VARIABLE_LENGTH,
rc4_init_key,
rc4_cipher,
NULL,
@@ -78,14 +79,22 @@ static EVP_CIPHER r4_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc4)),
NULL,
NULL,
+ NULL
};
static EVP_CIPHER r4_40_cipher=
{
NID_rc4_40,
1,5 /* 40 bit */,0,
+ EVP_CIPH_VARIABLE_LENGTH,
rc4_init_key,
rc4_cipher,
+ NULL,
+ sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+ sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc4)),
+ NULL,
+ NULL,
+ NULL
};
EVP_CIPHER *EVP_rc4(void)
diff --git a/crypto/evp/e_xcbc_d.c b/crypto/evp/e_xcbc_d.c
index 7568fad4ff..dd4cab7a4d 100644
--- a/crypto/evp/e_xcbc_d.c
+++ b/crypto/evp/e_xcbc_d.c
@@ -70,6 +70,7 @@ static EVP_CIPHER d_xcbc_cipher=
{
NID_desx_cbc,
8,24,8,
+ EVP_CIPH_CBC_MODE,
desx_cbc_init_key,
desx_cbc_cipher,
NULL,
@@ -77,6 +78,7 @@ static EVP_CIPHER d_xcbc_cipher=
sizeof((((EVP_CIPHER_CTX *)NULL)->c.desx_cbc)),
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
+ NULL
};
EVP_CIPHER *EVP_desx_cbc(void)
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index c0f982afb1..0d101162e0 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -318,21 +318,37 @@ typedef struct env_md_ctx_st
} md;
} EVP_MD_CTX;
-typedef struct evp_cipher_st
+typedef struct evp_cipher_st EVP_CIPHER;
+typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
+
+struct evp_cipher_st
{
int nid;
int block_size;
- int key_len;
+ int key_len; /* Default value for variable length ciphers */
int iv_len;
- void (*init)(); /* init for encryption */
- void (*do_cipher)(); /* encrypt data */
- void (*cleanup)(); /* used by cipher method */
+ unsigned long flags; /* Various flags */
+ void (*init)(EVP_CIPHER_CTX *, unsigned char *, unsigned char *, int); /* init key */
+ void (*do_cipher)(EVP_CIPHER_CTX *, unsigned char *, unsigned char *, unsigned int);/* encrypt/decrypt data */
+ void (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
int ctx_size; /* how big the ctx needs to be */
- /* int set_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */
- int (*set_asn1_parameters)(); /* Populate a ASN1_TYPE with parameters */
- /* int get_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */
- int (*get_asn1_parameters)(); /* Get parameters from a ASN1_TYPE */
- } EVP_CIPHER;
+ int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
+ int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
+ int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
+ };
+
+/* Values for cipher flags */
+
+/* Modes for block ciphers */
+
+#define EVP_CIPH_ECB_MODE 0x1
+#define EVP_CIPH_CBC_MODE 0x2
+#define EVP_CIPH_CFB_MODE 0x3
+#define EVP_CIPH_OFB_MODE 0x4
+#define EVP_CIPH_BLOCK_MODES 0x7
+/* Set if variable length cipher */
+#define EVP_CIPH_VARIABLE_LENGTH 0x8
+
typedef struct evp_cipher_info_st
{
@@ -340,7 +356,7 @@ typedef struct evp_cipher_info_st
unsigned char iv[EVP_MAX_IV_LENGTH];
} EVP_CIPHER_INFO;
-typedef struct evp_cipher_ctx_st
+struct evp_cipher_ctx_st
{
const EVP_CIPHER *cipher;
int encrypt; /* encrypt or decrypt */
@@ -351,7 +367,8 @@ typedef struct evp_cipher_ctx_st
unsigned char buf[EVP_MAX_IV_LENGTH]; /* saved partial block */
int num; /* used by cfb/ofb mode */
- char *app_data; /* application stuff */
+ void *app_data; /* application stuff */
+ int key_len; /* May change for variable length cipher */
union {
#ifndef NO_RC4
struct
@@ -391,7 +408,7 @@ typedef struct evp_cipher_ctx_st
CAST_KEY cast_ks;/* key schedule */
#endif
} c;
- } EVP_CIPHER_CTX;
+ };
typedef struct evp_Encode_Ctx_st
{
@@ -442,7 +459,7 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
#define EVP_CIPHER_CTX_cipher(e) ((e)->cipher)
#define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid)
#define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size)
-#define EVP_CIPHER_CTX_key_length(e) ((e)->cipher->key_len)
+#define EVP_CIPHER_CTX_key_length(e) ((e)->key_len)
#define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len)
#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
@@ -543,6 +560,7 @@ void ERR_load_EVP_strings(void );
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
void EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
+int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
#ifdef HEADER_BIO_H
BIO_METHOD *BIO_f_md(void);
@@ -691,6 +709,7 @@ void EVP_PBE_cleanup(void);
/* Function codes. */
#define EVP_F_D2I_PKEY 100
+#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
#define EVP_F_EVP_DECRYPTFINAL 101
#define EVP_F_EVP_MD_CTX_COPY 110
#define EVP_F_EVP_OPENINIT 102
@@ -725,6 +744,7 @@ void EVP_PBE_cleanup(void);
#define EVP_R_EXPECTING_A_DH_KEY 128
#define EVP_R_EXPECTING_A_DSA_KEY 129
#define EVP_R_INPUT_NOT_INITIALIZED 111
+#define EVP_R_INVALID_KEY_LENGTH 130
#define EVP_R_IV_TOO_LARGE 102
#define EVP_R_KEYGEN_FAILURE 120
#define EVP_R_MISSING_PARAMETERS 103
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 5299a65b6a..3f69c6052f 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -59,6 +59,7 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/evp.h>
+#include <openssl/err.h>
const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT;
@@ -99,7 +100,10 @@ void EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
unsigned char *key, unsigned char *iv)
{
if (cipher != NULL)
+ {
ctx->cipher=cipher;
+ ctx->key_len = cipher->key_len;
+ }
ctx->cipher->init(ctx,key,iv,1);
ctx->encrypt=1;
ctx->buf_len=0;
@@ -109,7 +113,10 @@ void EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
unsigned char *key, unsigned char *iv)
{
if (cipher != NULL)
+ {
ctx->cipher=cipher;
+ ctx->key_len = cipher->key_len;
+ }
ctx->cipher->init(ctx,key,iv,0);
ctx->encrypt=0;
ctx->buf_len=0;
@@ -268,3 +275,15 @@ void EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
memset(c,0,sizeof(EVP_CIPHER_CTX));
}
+int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
+ {
+ if(c->key_len == keylen) return 1;
+ if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH))
+ {
+ c->key_len = keylen;
+ return 1;
+ }
+ EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH);
+ return 0;
+ }
+
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index fc149cbb1a..335466bfc2 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -67,6 +67,7 @@
static ERR_STRING_DATA EVP_str_functs[]=
{
{ERR_PACK(0,EVP_F_D2I_PKEY,0), "D2I_PKEY"},
+{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0), "EVP_CIPHER_CTX_set_key_length"},
{ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0), "EVP_DecryptFinal"},
{ERR_PACK(0,EVP_F_EVP_MD_CTX_COPY,0), "EVP_MD_CTX_copy"},
{ERR_PACK(0,EVP_F_EVP_OPENINIT,0), "EVP_OpenInit"},
@@ -104,6 +105,7 @@ static ERR_STRING_DATA EVP_str_reasons[]=
{EVP_R_EXPECTING_A_DH_KEY ,"expecting a dh key"},
{EVP_R_EXPECTING_A_DSA_KEY ,"expecting a dsa key"},
{EVP_R_INPUT_NOT_INITIALIZED ,"input not initialized"},
+{EVP_R_INVALID_KEY_LENGTH ,"invalid key length"},
{EVP_R_IV_TOO_LARGE ,"iv too large"},
{EVP_R_KEYGEN_FAILURE ,"keygen failure"},
{EVP_R_MISSING_PARAMETERS ,"missing parameters"},
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 4ab24a86f5..d93b27e737 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -265,13 +265,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
X509_ALGOR *xalg=NULL;
PKCS7_RECIP_INFO *ri=NULL;
-#ifndef NO_RC2
- char is_rc2 = 0;
-#endif
-/* EVP_PKEY *pkey; */
-#if 0
- X509_STORE_CTX s_ctx;
-#endif
i=OBJ_obj2nid(p7->type);
p7->state=PKCS7_S_HEADER;
@@ -312,16 +305,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
goto err;
}
- if(EVP_CIPHER_nid(evp_cipher) == NID_rc2_cbc)
- {
-#ifndef NO_RC2
- is_rc2 = 1;
-#else
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
- goto err;
-#endif
- }
-
/* We will be checking the signature */
if (md_sk != NULL)
{
@@ -413,24 +396,18 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
return(NULL);
if (jj != EVP_CIPHER_CTX_key_length(evp_ctx)) {
- /* HACK: some S/MIME clients don't use the same key
+ /* Some S/MIME clients don't use the same key
* and effective key length. The key length is
* determined by the size of the decrypted RSA key.
- * So we hack things to manually set the RC2 key
- * because we currently can't do this with the EVP
- * interface.
*/
-#ifndef NO_RC2
- if(is_rc2) RC2_set_key(&(evp_ctx->c.rc2_ks),jj, tmp,
- EVP_CIPHER_CTX_key_length(evp_ctx)*8);
- else
-#endif
+ if(!EVP_CIPHER_CTX_set_key_length(evp_ctx, jj))
{
PKCS7err(PKCS7_F_PKCS7_DATADECODE,
PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH);
goto err;
}
- } else EVP_CipherInit(evp_ctx,NULL,tmp,NULL,0);
+ }
+ EVP_CipherInit(evp_ctx,NULL,tmp,NULL,0);
memset(tmp,0,jj);
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-04 16:09:17 +0300