int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) { int ret; if (c->cipher->set_asn1_parameters != NULL) ret = c->cipher->set_asn1_parameters(c, type); else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) { switch (EVP_CIPHER_CTX_mode(c)) { case EVP_CIPH_WRAP_MODE: if (EVP_CIPHER_CTX_nid(c) == NID_id_smime_alg_CMS3DESwrap) ASN1_TYPE_set(type, V_ASN1_NULL, NULL); ret = 1; break; case EVP_CIPH_GCM_MODE: case EVP_CIPH_CCM_MODE: case EVP_CIPH_XTS_MODE: ret = -1; break; default: ret = EVP_CIPHER_set_asn1_iv(c, type); } } else ret = -1; return (ret); }
static int cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { struct cipher_ctx *cipher_ctx = (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); const struct cipher_data_st *cipher_d = get_cipher_data(EVP_CIPHER_CTX_nid(ctx)); /* cleanup a previous session */ if (cipher_ctx->sess.ses != 0 && clean_devcrypto_session(&cipher_ctx->sess) == 0) return 0; cipher_ctx->sess.cipher = cipher_d->devcryptoid; cipher_ctx->sess.keylen = cipher_d->keylen; cipher_ctx->sess.key = (void *)key; cipher_ctx->op = enc ? COP_ENCRYPT : COP_DECRYPT; cipher_ctx->mode = cipher_d->flags & EVP_CIPH_MODE; cipher_ctx->blocksize = cipher_d->blocksize; if (ioctl(cfd, CIOCGSESSION, &cipher_ctx->sess) < 0) { SYSerr(SYS_F_IOCTL, errno); return 0; } return 1; }
static int cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { struct cipher_ctx *cipher_ctx = (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); const struct cipher_data_st *cipher_d = get_cipher_data(EVP_CIPHER_CTX_nid(ctx)); if ((cipher_ctx->cfd = open("/dev/crypto", O_RDWR, 0)) < 0) { SYSerr(SYS_F_OPEN, errno); return 0; } memset(&cipher_ctx->sess, 0, sizeof(cipher_ctx->sess)); cipher_ctx->sess.cipher = cipher_d->devcryptoid; cipher_ctx->sess.keylen = cipher_d->keylen; cipher_ctx->sess.key = (void *)key; cipher_ctx->op = enc ? COP_ENCRYPT : COP_DECRYPT; if (ioctl(cipher_ctx->cfd, CIOCGSESSION, &cipher_ctx->sess) < 0) { SYSerr(SYS_F_IOCTL, errno); close(cipher_ctx->cfd); return 0; } return 1; }
STDMETHODIMP CBCipher::get_Name(BSTR *pVal) { if(!m_ctx.cipher)return SetErrorInfo(s_strAlgoError); *pVal = CBString(OBJ_nid2sn(EVP_CIPHER_CTX_nid(&m_ctx))).AllocSysString(); return S_OK; }
static int cuda_crypt(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, const unsigned char *in_arg, size_t nbytes) { assert(in_arg && out_arg && ctx && nbytes); size_t current=0; int chunk; cuda_crypt_parameters crypt = {in_arg, out_arg, nbytes, ctx, host_data, device_data_in, device_data_out}; switch(EVP_CIPHER_CTX_nid(ctx)) { case NID_des_ecb: case NID_des_cbc: cuda_device_crypt = DES_cuda_crypt; break; case NID_bf_ecb: case NID_bf_cbc: cuda_device_crypt = BF_cuda_crypt; break; case NID_cast5_ecb: case NID_cast5_cbc: cuda_device_crypt = CAST_cuda_crypt; break; case NID_camellia_128_ecb: case NID_camellia_128_cbc: cuda_device_crypt = CMLL_cuda_crypt; break; case NID_idea_ecb: case NID_idea_cbc: cuda_device_crypt = IDEA_cuda_crypt; break; case NID_aes_128_ecb: case NID_aes_128_cbc: case NID_aes_192_ecb: case NID_aes_192_cbc: case NID_aes_256_ecb: case NID_aes_256_cbc: cuda_device_crypt = AES_cuda_crypt; break; default: return 0; } while (nbytes!=current) { chunk=(nbytes-current)/maxbytes; if(chunk>=1) { crypt.nbytes=maxbytes; cuda_device_crypt(&crypt); current+=maxbytes; crypt.in+=maxbytes; crypt.out+=maxbytes; } else { cuda_device_crypt(&crypt); current+=(nbytes-current); crypt.in+=(nbytes-current); crypt.out+=(nbytes-current); } } return 1; }
/* * call-seq: * cipher.authenticated? -> boolean * * Indicated whether this Cipher instance uses an Authenticated Encryption * mode. */ static VALUE ossl_cipher_is_authenticated(VALUE self) { EVP_CIPHER_CTX *ctx; int nid; GetCipher(self, ctx); nid = EVP_CIPHER_CTX_nid(ctx); if (ossl_is_gcm(nid)) { return Qtrue; } else { return Qfalse; } }
static LUA_FUNCTION(openssl_cipher_ctx_info) { EVP_CIPHER_CTX *ctx = CHECK_OBJECT(1, EVP_CIPHER_CTX, "openssl.evp_cipher_ctx"); lua_newtable(L); AUXILIAR_SET(L, -1, "block_size", EVP_CIPHER_CTX_block_size(ctx), integer); AUXILIAR_SET(L, -1, "key_length", EVP_CIPHER_CTX_key_length(ctx), integer); AUXILIAR_SET(L, -1, "iv_length", EVP_CIPHER_CTX_iv_length(ctx), integer); AUXILIAR_SET(L, -1, "flags", EVP_CIPHER_CTX_flags(ctx), integer); AUXILIAR_SET(L, -1, "nid", EVP_CIPHER_CTX_nid(ctx), integer); AUXILIAR_SET(L, -1, "type", EVP_CIPHER_CTX_mode(ctx), integer); AUXILIAR_SET(L, -1, "mode", EVP_CIPHER_CTX_type(ctx), integer); AUXILIAR_SETOBJECT(L, EVP_CIPHER_CTX_cipher(ctx), "openssl.evp_cipher", -1, "cipher"); return 1; }
/* * call-seq: * cipher.auth_tag = string -> string * * Sets the authentication tag to verify the contents of the * ciphertext. The tag must be set after calling Cipher#decrypt, * Cipher#key= and Cipher#iv=, but before assigning the associated * authenticated data using Cipher#auth_data= and of course, before * decrypting any of the ciphertext. After all decryption is * performed, the tag is verified automatically in the call to * Cipher#final. */ static VALUE ossl_cipher_set_auth_tag(VALUE self, VALUE vtag) { EVP_CIPHER_CTX *ctx; int nid; unsigned char *tag; int tag_len; StringValue(vtag); tag = (unsigned char *) RSTRING_PTR(vtag); tag_len = RSTRING_LENINT(vtag); GetCipher(self, ctx); nid = EVP_CIPHER_CTX_nid(ctx); if (ossl_is_gcm(nid)) { ossl_set_gcm_auth_tag(ctx, tag, tag_len); } else { ossl_raise(eCipherError, "authentication tag not supported by this cipher"); } return vtag; }
/* * call-seq: * cipher.auth_tag([ tag_len ] -> string * * Gets the authentication tag generated by Authenticated Encryption Cipher * modes (GCM for example). This tag may be stored along with the ciphertext, * then set on the decryption cipher to authenticate the contents of the * ciphertext against changes. If the optional integer parameter +tag_len+ is * given, the returned tag will be +tag_len+ bytes long. If the parameter is * omitted, the maximum length of 16 bytes will be returned. For maximum * security, the default of 16 bytes should be chosen. * * The tag may only be retrieved after calling Cipher#final. */ static VALUE ossl_cipher_get_auth_tag(int argc, VALUE *argv, VALUE self) { VALUE vtag_len; EVP_CIPHER_CTX *ctx; int nid, tag_len; if (rb_scan_args(argc, argv, "01", &vtag_len) == 0) { tag_len = 16; } else { tag_len = NUM2INT(vtag_len); } GetCipher(self, ctx); nid = EVP_CIPHER_CTX_nid(ctx); if (ossl_is_gcm(nid)) { return ossl_get_gcm_auth_tag(ctx, tag_len); } else { ossl_raise(eCipherError, "authentication tag not supported by this cipher"); return Qnil; /* dummy */ } }
static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { int ciphertype; int ret; afalg_ctx *actx; char ciphername[ALG_MAX_SALG_NAME]; if (ctx == NULL || key == NULL) { ALG_WARN("%s: Null Parameter\n", __func__); return 0; } if (EVP_CIPHER_CTX_cipher(ctx) == NULL) { ALG_WARN("%s: Cipher object NULL\n", __func__); return 0; } actx = EVP_CIPHER_CTX_get_cipher_data(ctx); if (actx == NULL) { ALG_WARN("%s: Cipher data NULL\n", __func__); return 0; } ciphertype = EVP_CIPHER_CTX_nid(ctx); switch (ciphertype) { case NID_aes_128_cbc: strncpy(ciphername, "cbc(aes)", ALG_MAX_SALG_NAME); break; default: ALG_WARN("%s: Unsupported Cipher type %d\n", __func__, ciphertype); return 0; } ciphername[ALG_MAX_SALG_NAME-1]='\0'; if (ALG_AES_IV_LEN != EVP_CIPHER_CTX_iv_length(ctx)) { ALG_WARN("%s: Unsupported IV length :%d\n", __func__, EVP_CIPHER_CTX_iv_length(ctx)); return 0; } /* Setup AFALG socket for crypto processing */ ret = afalg_create_sk(actx, "skcipher", ciphername); if (ret < 1) return 0; ret = afalg_set_key(actx, key, EVP_CIPHER_CTX_key_length(ctx)); if (ret < 1) goto err; /* Setup AIO ctx to allow async AFALG crypto processing */ if (afalg_init_aio(&actx->aio) == 0) goto err; # ifdef ALG_ZERO_COPY pipe(actx->zc_pipe); # endif actx->init_done = MAGIC_INIT_NUM; return 1; err: close(actx->sfd); close(actx->bfd); return 0; }
int main(int argc, char * argv[]) { unsigned char st[BUFFER_SIZE]; // sifrovany text unsigned char * key; // klic pro sifrovani unsigned char iv[EVP_MAX_IV_LENGTH]; // inicializacni vektor unsigned char readBuffer[BUFFER_SIZE]; const char * filename = argv[1]; const char * outfilename = argv[3]; const char * keyfile = argv[2]; if(argc != 4){ fprintf(stderr, "Error shoud be: pem soubor_s_daty soubor_s_verejnym_klicem vystupni_soubor \n" ); exit(1); } int stLength = 0; int tmpLength = 0; int readlen = 0; int keyLength = 0; FILE * fplainin = fopen(filename,"rb"); FILE * fcyphedout = fopen(outfilename,"w+b"); EVP_PKEY * pubkey; EVP_CIPHER_CTX ctx; FILE * fpubkey = fopen(keyfile,"rb"); pubkey = PEM_read_PUBKEY(fpubkey, NULL, NULL, NULL); //No password protection of the key itself fclose(fpubkey); // printf("Reading pubkey\n"); //EVP_PKEY_CTX * ctx = EVP_PKEY_CTX_new(pubkey,NULL); keyLength = EVP_PKEY_size(pubkey); key = (unsigned char*) malloc(keyLength); EVP_SealInit(&ctx, EVP_des_cbc(), &key, &keyLength, iv, &pubkey, 1); /* printf("Key length: %d\n",keyLength); for(int i=0 ; i < keyLength ; i++){ printf("%x",key[i]); } printf("\n"); */ // printf("Seal Init\n"); int nid = EVP_CIPHER_CTX_nid(&ctx); fwrite(&nid,sizeof(nid),1,fcyphedout); writeData(fcyphedout,(void*)iv,EVP_MAX_IV_LENGTH); fwrite(&keyLength,sizeof(keyLength),1,fcyphedout); writeData(fcyphedout,(void*)key,keyLength); printf("NID: %d\n",nid); while((readlen =fread(readBuffer,1,BUFFER_SIZE,fplainin))!=0){ EVP_SealUpdate(&ctx, st,&stLength, readBuffer, readlen); fwrite(st,1,stLength,fcyphedout); // printf("Seal update\n"); } EVP_SealFinal(&ctx, st, &tmpLength); //printf("Seal final\n"); fwrite(st,1,tmpLength,fcyphedout); fclose(fplainin); fclose(fcyphedout); /* Encrypting end */ //EVP_CIPHER_CTX ctx; free(key); }