static int FIPS_des3_test(void) { int ret = 0; unsigned char pltmp[8]; unsigned char citmp[8]; unsigned char key[] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24 }; unsigned char plaintext[] = { 'e', 't', 'a', 'o', 'n', 'r', 'i', 's' }; EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); if (EVP_CipherInit_ex(&ctx, EVP_des_ede3_ecb(), NULL, key, NULL, 1) <= 0) goto err; EVP_Cipher(&ctx, citmp, plaintext, 8); if (EVP_CipherInit_ex(&ctx, EVP_des_ede3_ecb(), NULL, key, NULL, 0) <= 0) goto err; EVP_Cipher(&ctx, pltmp, citmp, 8); if (memcmp(pltmp, plaintext, 8)) goto err; ret = 1; err: EVP_CIPHER_CTX_cleanup(&ctx); return ret; }
int FIPS_selftest_des() { int n, ret = 0; EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); /* Encrypt/decrypt with 2-key 3DES and compare to known answers */ for (n = 0; n < 2; ++n) { if (!fips_cipher_test(&ctx, EVP_des_ede_ecb(), tests2[n].key, NULL, tests2[n].plaintext, tests2[n].ciphertext, 8)) goto err; } /* Encrypt/decrypt with 3DES and compare to known answers */ for (n = 0; n < 2; ++n) { if (!fips_cipher_test(&ctx, EVP_des_ede3_ecb(), tests3[n].key, NULL, tests3[n].plaintext, tests3[n].ciphertext, 8)) goto err; } ret = 1; err: EVP_CIPHER_CTX_cleanup(&ctx); if (ret == 0) FIPSerr(FIPS_F_FIPS_SELFTEST_DES, FIPS_R_SELFTEST_FAILED); return ret; }
/** * @brief Create a key from the given passphrase. By default, the PBKDF2 * algorithm is used to generate the key from the passphrase. It is expected * that the same pass phrase will generate the same key, regardless of the * backend crypto platform used. The key is cleaned up when the context * is cleaned, and may be reused with multiple encryption or decryption * operations. * @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If * *key is not NULL, *key must point at a previously created structure. * @param key The key returned, see note. * @param ivSize The size of the initialisation vector will be returned, based * on whether an IV is relevant for this type of crypto. * @param pass The passphrase to use. * @param passLen The passphrase length in bytes * @param salt The salt to use. * @param saltLen The salt length in bytes * @param type 3DES_192, AES_128, AES_192, AES_256. * @param mode Electronic Code Book / Cipher Block Chaining. * @param doPad Pad if necessary. * @param iterations Iteration count * @param f The context to use. * @param p The pool to use. * @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend * error occurred while generating the key. APR_ENOCIPHER if the type or mode * is not supported by the particular backend. APR_EKEYTYPE if the key type is * not known. APR_EPADDING if padding was requested but is not supported. * APR_ENOTIMPL if not implemented. */ static apr_status_t crypto_passphrase(apr_crypto_key_t **k, apr_size_t *ivSize, const char *pass, apr_size_t passLen, const unsigned char * salt, apr_size_t saltLen, const apr_crypto_block_key_type_e type, const apr_crypto_block_key_mode_e mode, const int doPad, const int iterations, const apr_crypto_t *f, apr_pool_t *p) { apr_crypto_key_t *key = *k; if (!key) { *k = key = apr_array_push(f->keys); } if (!key) { return APR_ENOMEM; } key->f = f; key->provider = f->provider; /* determine the cipher to be used */ switch (type) { case (APR_KEY_3DES_192): /* A 3DES key */ if (mode == APR_MODE_CBC) { key->cipher = EVP_des_ede3_cbc(); } else { key->cipher = EVP_des_ede3_ecb(); } break; case (APR_KEY_AES_128): if (mode == APR_MODE_CBC) { key->cipher = EVP_aes_128_cbc(); } else { key->cipher = EVP_aes_128_ecb(); } break; case (APR_KEY_AES_192): if (mode == APR_MODE_CBC) { key->cipher = EVP_aes_192_cbc(); } else { key->cipher = EVP_aes_192_ecb(); } break; case (APR_KEY_AES_256): if (mode == APR_MODE_CBC) { key->cipher = EVP_aes_256_cbc(); } else { key->cipher = EVP_aes_256_ecb(); } break; default: /* unknown key type, give up */ return APR_EKEYTYPE; } /* find the length of the key we need */ key->keyLen = EVP_CIPHER_key_length(key->cipher); /* make space for the key */ key->key = apr_pcalloc(p, key->keyLen); if (!key->key) { return APR_ENOMEM; } apr_crypto_clear(p, key->key, key->keyLen); /* generate the key */ if (PKCS5_PBKDF2_HMAC_SHA1(pass, passLen, (unsigned char *) salt, saltLen, iterations, key->keyLen, key->key) == 0) { return APR_ENOKEY; } key->doPad = doPad; /* note: openssl incorrectly returns non zero IV size values for ECB * algorithms, so work around this by ignoring the IV size. */ if (APR_MODE_ECB != mode) { key->ivSize = EVP_CIPHER_iv_length(key->cipher); } if (ivSize) { *ivSize = key->ivSize; } return APR_SUCCESS; }
const EVP_CIPHER* OSSLDES::getCipher() const { if (currentKey == NULL) return NULL; // Check currentKey bit length; 3DES only supports 56-bit, 112-bit or 168-bit keys if ((currentKey->getBitLen() != 56) && (currentKey->getBitLen() != 112) && (currentKey->getBitLen() != 168)) { ERROR_MSG("Invalid DES currentKey length (%d bits)", currentKey->getBitLen()); return NULL; } // People shouldn't really be using 56-bit DES keys, generate a warning if (currentKey->getBitLen() == 56) { DEBUG_MSG("CAUTION: use of 56-bit DES keys is not recommended!"); } // Determine the cipher mode if (!currentCipherMode.compare("cbc")) { switch(currentKey->getBitLen()) { case 56: return EVP_des_cbc(); case 112: return EVP_des_ede_cbc(); case 168: return EVP_des_ede3_cbc(); }; } else if (!currentCipherMode.compare("ecb")) { switch(currentKey->getBitLen()) { case 56: return EVP_des_ecb(); case 112: return EVP_des_ede_ecb(); case 168: return EVP_des_ede3_ecb(); }; } else if (!currentCipherMode.compare("ofb")) { switch(currentKey->getBitLen()) { case 56: return EVP_des_ofb(); case 112: return EVP_des_ede_ofb(); case 168: return EVP_des_ede3_ofb(); }; } else if (!currentCipherMode.compare("cfb")) { switch(currentKey->getBitLen()) { case 56: return EVP_des_cfb(); case 112: return EVP_des_ede_cfb(); case 168: return EVP_des_ede3_cfb(); }; } ERROR_MSG("Invalid DES cipher mode %s", currentCipherMode.c_str()); return NULL; }
static const EVP_CIPHER * to_evp_cipher(enum_t e) { switch (e) { case BLOWFISH_CBC: return EVP_bf_cbc(); case BLOWFISH_ECB: return EVP_bf_ecb(); case BLOWFISH_OFB: return EVP_bf_ofb(); case CAST5_CBC: return EVP_cast5_cbc(); case CAST5_CFB: return EVP_cast5_cfb64(); case CAST5_ECB: return EVP_cast5_ecb(); case CAST5_OFB: return EVP_cast5_ofb(); case DES_CBC: return EVP_des_cbc(); case DES_CFB: return EVP_des_cfb1(); case DES_OFB: return EVP_des_ofb(); case DES_ECB: return EVP_des_ecb(); case DES_EDE_CBC: return EVP_des_ede_cbc(); case DES_EDE_ECB: return EVP_des_ede_ecb(); case DES_EDE_OFB: return EVP_des_ede_ofb(); case DES_EDE_CFB_64: return EVP_des_ede_cfb64(); case DES_EDE3_CBC: return EVP_des_ede3_cbc(); case DES_EDE3_ECB: return EVP_des_ede3_ecb(); case DES_EDE3_CFB_1: return EVP_des_ede3_cfb1(); case DES_EDE3_CFB_8: return EVP_des_ede3_cfb8(); case DES_EDE3_CFB_64: return EVP_des_ede3_cfb64(); case DES_EDE3_OFB: return EVP_des_ede3_ofb(); case RC2_CBC: return EVP_rc2_cbc(); case RC2_CFB: return EVP_rc2_cfb(); case RC2_ECB: return EVP_rc2_ecb(); case RC2_OFB: return EVP_rc2_ofb(); case RC2_64_CBC: return EVP_rc2_64_cbc(); case RC2_40_CBC: return EVP_rc2_40_cbc(); case RC4: return EVP_rc4(); case RC4_40: return EVP_rc4_40(); case AES_128_CBC: return EVP_aes_128_cbc(); case AES_128_CFB: return EVP_aes_128_cfb(); case AES_128_CFB1: return EVP_aes_128_cfb1(); case AES_128_CFB8: return EVP_aes_128_cfb8(); case AES_128_ECB: return EVP_aes_128_ecb(); case AES_128_OFB: return EVP_aes_128_ofb(); case AES_192_CBC: return EVP_aes_192_cbc(); case AES_192_CFB: return EVP_aes_192_cfb(); case AES_192_CFB1: return EVP_aes_192_cfb1(); case AES_192_CFB8: return EVP_aes_192_cfb8(); case AES_192_ECB: return EVP_aes_192_ecb(); case AES_192_OFB: return EVP_aes_192_ofb(); case AES_256_CBC: return EVP_aes_256_cbc(); case AES_256_CFB: return EVP_aes_256_cfb(); case AES_256_CFB1: return EVP_aes_256_cfb1(); case AES_256_CFB8: return EVP_aes_256_cfb8(); case AES_256_ECB: return EVP_aes_256_ecb(); case AES_256_OFB: return EVP_aes_256_ofb(); default: return 0; } }
INT EVP_Crypto(IN INT iEncrypt, /* 0 解密;1 加密 */ IN UCHAR aucKey[EVP_MAX_KEY_LENGTH], IN UCHAR aucIV[EVP_MAX_KEY_LENGTH], IN INT iInLen, IN UCHAR *pucInBuf, OUT INT *piOutLen, OUT UCHAR *pucOutBuf) { INT iRet; INT iIdx; INT iSingleLen = 0; INT iTotalLen = 0; EVP_CIPHER_CTX stCtx; /* 初始化ctx */ EVP_CIPHER_CTX_init(&stCtx); /* 设置密码算法、key和iv */ iRet = EVP_CipherInit_ex(&stCtx, EVP_des_ede3_ecb(), NULL, aucKey, aucIV, iEncrypt); if (1 == iRet) { /* 加密 */ for (iIdx = 0; iIdx < (iInLen / EVP_MAX_BLOCK_LENGTH); iIdx++) { iRet = EVP_CipherUpdate(&stCtx, (pucOutBuf + iTotalLen), &iSingleLen, pucInBuf + (iIdx * EVP_MAX_BLOCK_LENGTH), EVP_MAX_BLOCK_LENGTH); if (1 == iRet) { iTotalLen += iSingleLen; } else { break; } } if ((1 == iRet) && (0 != (iInLen % EVP_MAX_BLOCK_LENGTH))) { iRet = EVP_CipherUpdate(&stCtx, (pucOutBuf + iTotalLen), &iSingleLen, pucInBuf + (iIdx * EVP_MAX_BLOCK_LENGTH), (iInLen % EVP_MAX_BLOCK_LENGTH)); if (1 == iRet) { iTotalLen += iSingleLen; } } } if (1 == iRet) { /* 加密结束 */ iRet = EVP_CipherFinal_ex(&stCtx, (pucOutBuf + iTotalLen), &iSingleLen); } /* 清除EVP加密上下文环境 */ EVP_CIPHER_CTX_cleanup(&stCtx); if (1 != iRet) { return -1; } *piOutLen = iTotalLen + iSingleLen; return 0; }
static int hb_EVP_CIPHER_ptr_to_id( const EVP_CIPHER * p ) { int n; if( p == EVP_enc_null() ) n = HB_EVP_CIPHER_ENC_NULL; #ifndef OPENSSL_NO_DES else if( p == EVP_des_ecb() ) n = HB_EVP_CIPHER_DES_ECB; else if( p == EVP_des_ede() ) n = HB_EVP_CIPHER_DES_EDE; else if( p == EVP_des_ede3() ) n = HB_EVP_CIPHER_DES_EDE3; #if OPENSSL_VERSION_NUMBER >= 0x00907000L else if( p == EVP_des_ede_ecb() ) n = HB_EVP_CIPHER_DES_EDE_ECB; else if( p == EVP_des_ede3_ecb() ) n = HB_EVP_CIPHER_DES_EDE3_ECB; #endif else if( p == EVP_des_cfb() ) n = HB_EVP_CIPHER_DES_CFB; else if( p == EVP_des_ede_cfb() ) n = HB_EVP_CIPHER_DES_EDE_CFB; else if( p == EVP_des_ede3_cfb() ) n = HB_EVP_CIPHER_DES_EDE3_CFB; #if OPENSSL_VERSION_NUMBER >= 0x00907050L else if( p == EVP_des_cfb64() ) n = HB_EVP_CIPHER_DES_CFB64; else if( p == EVP_des_cfb1() ) n = HB_EVP_CIPHER_DES_CFB1; else if( p == EVP_des_cfb8() ) n = HB_EVP_CIPHER_DES_CFB8; else if( p == EVP_des_ede_cfb64() ) n = HB_EVP_CIPHER_DES_EDE_CFB64; else if( p == EVP_des_ede3_cfb64() ) n = HB_EVP_CIPHER_DES_EDE3_CFB64; else if( p == EVP_des_ede3_cfb1() ) n = HB_EVP_CIPHER_DES_EDE3_CFB1; else if( p == EVP_des_ede3_cfb8() ) n = HB_EVP_CIPHER_DES_EDE3_CFB8; #endif else if( p == EVP_des_ofb() ) n = HB_EVP_CIPHER_DES_OFB; else if( p == EVP_des_ede_ofb() ) n = HB_EVP_CIPHER_DES_EDE_OFB; else if( p == EVP_des_ede3_ofb() ) n = HB_EVP_CIPHER_DES_EDE3_OFB; else if( p == EVP_des_cbc() ) n = HB_EVP_CIPHER_DES_CBC; else if( p == EVP_des_ede_cbc() ) n = HB_EVP_CIPHER_DES_EDE_CBC; else if( p == EVP_des_ede3_cbc() ) n = HB_EVP_CIPHER_DES_EDE3_CBC; else if( p == EVP_desx_cbc() ) n = HB_EVP_CIPHER_DESX_CBC; #endif #ifndef OPENSSL_NO_RC4 else if( p == EVP_rc4() ) n = HB_EVP_CIPHER_RC4; else if( p == EVP_rc4_40() ) n = HB_EVP_CIPHER_RC4_40; #endif #ifndef OPENSSL_NO_IDEA else if( p == EVP_idea_ecb() ) n = HB_EVP_CIPHER_IDEA_ECB; else if( p == EVP_idea_cfb64() ) n = HB_EVP_CIPHER_IDEA_CFB64; else if( p == EVP_idea_cfb() ) n = HB_EVP_CIPHER_IDEA_CFB; else if( p == EVP_idea_ofb() ) n = HB_EVP_CIPHER_IDEA_OFB; else if( p == EVP_idea_cbc() ) n = HB_EVP_CIPHER_IDEA_CBC; #endif #ifndef OPENSSL_NO_RC2 else if( p == EVP_rc2_ecb() ) n = HB_EVP_CIPHER_RC2_ECB; else if( p == EVP_rc2_cbc() ) n = HB_EVP_CIPHER_RC2_CBC; else if( p == EVP_rc2_40_cbc() ) n = HB_EVP_CIPHER_RC2_40_CBC; else if( p == EVP_rc2_64_cbc() ) n = HB_EVP_CIPHER_RC2_64_CBC; #if OPENSSL_VERSION_NUMBER >= 0x00907050L else if( p == EVP_rc2_cfb64() ) n = HB_EVP_CIPHER_RC2_CFB64; #endif else if( p == EVP_rc2_cfb() ) n = HB_EVP_CIPHER_RC2_CFB; else if( p == EVP_rc2_ofb() ) n = HB_EVP_CIPHER_RC2_OFB; #endif #ifndef OPENSSL_NO_BF else if( p == EVP_bf_ecb() ) n = HB_EVP_CIPHER_BF_ECB; else if( p == EVP_bf_cbc() ) n = HB_EVP_CIPHER_BF_CBC; #if OPENSSL_VERSION_NUMBER >= 0x00907050L else if( p == EVP_bf_cfb64() ) n = HB_EVP_CIPHER_BF_CFB64; #endif else if( p == EVP_bf_cfb() ) n = HB_EVP_CIPHER_BF_CFB; else if( p == EVP_bf_ofb() ) n = HB_EVP_CIPHER_BF_OFB; #endif #ifndef OPENSSL_NO_CAST else if( p == EVP_cast5_ecb() ) n = HB_EVP_CIPHER_CAST5_ECB; else if( p == EVP_cast5_cbc() ) n = HB_EVP_CIPHER_CAST5_CBC; #if OPENSSL_VERSION_NUMBER >= 0x00907050L else if( p == EVP_cast5_cfb64() ) n = HB_EVP_CIPHER_CAST5_CFB64; #endif else if( p == EVP_cast5_cfb() ) n = HB_EVP_CIPHER_CAST5_CFB; else if( p == EVP_cast5_ofb() ) n = HB_EVP_CIPHER_CAST5_OFB; #endif #ifndef OPENSSL_NO_RC5 else if( p == EVP_rc5_32_12_16_cbc() ) n = HB_EVP_CIPHER_RC5_32_12_16_CBC; else if( p == EVP_rc5_32_12_16_ecb() ) n = HB_EVP_CIPHER_RC5_32_12_16_ECB; #if OPENSSL_VERSION_NUMBER >= 0x00907050L else if( p == EVP_rc5_32_12_16_cfb64() ) n = HB_EVP_CIPHER_RC5_32_12_16_CFB64; #endif else if( p == EVP_rc5_32_12_16_cfb() ) n = HB_EVP_CIPHER_RC5_32_12_16_CFB; else if( p == EVP_rc5_32_12_16_ofb() ) n = HB_EVP_CIPHER_RC5_32_12_16_OFB; #endif #ifndef OPENSSL_NO_AES else if( p == EVP_aes_128_ecb() ) n = HB_EVP_CIPHER_AES_128_ECB; else if( p == EVP_aes_128_cbc() ) n = HB_EVP_CIPHER_AES_128_CBC; #if OPENSSL_VERSION_NUMBER >= 0x00907050L else if( p == EVP_aes_128_cfb1() ) n = HB_EVP_CIPHER_AES_128_CFB1; else if( p == EVP_aes_128_cfb8() ) n = HB_EVP_CIPHER_AES_128_CFB8; else if( p == EVP_aes_128_cfb128() ) n = HB_EVP_CIPHER_AES_128_CFB128; #endif else if( p == EVP_aes_128_cfb() ) n = HB_EVP_CIPHER_AES_128_CFB; else if( p == EVP_aes_128_ofb() ) n = HB_EVP_CIPHER_AES_128_OFB; else if( p == EVP_aes_192_ecb() ) n = HB_EVP_CIPHER_AES_192_ECB; else if( p == EVP_aes_192_cbc() ) n = HB_EVP_CIPHER_AES_192_CBC; #if OPENSSL_VERSION_NUMBER >= 0x00907050L else if( p == EVP_aes_192_cfb1() ) n = HB_EVP_CIPHER_AES_192_CFB1; else if( p == EVP_aes_192_cfb8() ) n = HB_EVP_CIPHER_AES_192_CFB8; else if( p == EVP_aes_192_cfb128() ) n = HB_EVP_CIPHER_AES_192_CFB128; #endif else if( p == EVP_aes_192_cfb() ) n = HB_EVP_CIPHER_AES_192_CFB; else if( p == EVP_aes_192_ofb() ) n = HB_EVP_CIPHER_AES_192_OFB; else if( p == EVP_aes_256_ecb() ) n = HB_EVP_CIPHER_AES_256_ECB; else if( p == EVP_aes_256_cbc() ) n = HB_EVP_CIPHER_AES_256_CBC; #if OPENSSL_VERSION_NUMBER >= 0x00907050L else if( p == EVP_aes_256_cfb1() ) n = HB_EVP_CIPHER_AES_256_CFB1; else if( p == EVP_aes_256_cfb8() ) n = HB_EVP_CIPHER_AES_256_CFB8; else if( p == EVP_aes_256_cfb128() ) n = HB_EVP_CIPHER_AES_256_CFB128; #endif else if( p == EVP_aes_256_cfb() ) n = HB_EVP_CIPHER_AES_256_CFB; else if( p == EVP_aes_256_ofb() ) n = HB_EVP_CIPHER_AES_256_OFB; #endif #ifndef OPENSSL_NO_CAMELLIA else if( p == EVP_camellia_128_ecb() ) n = HB_EVP_CIPHER_CAMELLIA_128_ECB; else if( p == EVP_camellia_128_cbc() ) n = HB_EVP_CIPHER_CAMELLIA_128_CBC; else if( p == EVP_camellia_128_cfb1() ) n = HB_EVP_CIPHER_CAMELLIA_128_CFB1; else if( p == EVP_camellia_128_cfb8() ) n = HB_EVP_CIPHER_CAMELLIA_128_CFB8; else if( p == EVP_camellia_128_cfb128() ) n = HB_EVP_CIPHER_CAMELLIA_128_CFB128; else if( p == EVP_camellia_128_cfb() ) n = HB_EVP_CIPHER_CAMELLIA_128_CFB; else if( p == EVP_camellia_128_ofb() ) n = HB_EVP_CIPHER_CAMELLIA_128_OFB; else if( p == EVP_camellia_192_ecb() ) n = HB_EVP_CIPHER_CAMELLIA_192_ECB; else if( p == EVP_camellia_192_cbc() ) n = HB_EVP_CIPHER_CAMELLIA_192_CBC; else if( p == EVP_camellia_192_cfb1() ) n = HB_EVP_CIPHER_CAMELLIA_192_CFB1; else if( p == EVP_camellia_192_cfb8() ) n = HB_EVP_CIPHER_CAMELLIA_192_CFB8; else if( p == EVP_camellia_192_cfb128() ) n = HB_EVP_CIPHER_CAMELLIA_192_CFB128; else if( p == EVP_camellia_192_cfb() ) n = HB_EVP_CIPHER_CAMELLIA_192_CFB; else if( p == EVP_camellia_192_ofb() ) n = HB_EVP_CIPHER_CAMELLIA_192_OFB; else if( p == EVP_camellia_256_ecb() ) n = HB_EVP_CIPHER_CAMELLIA_256_ECB; else if( p == EVP_camellia_256_cbc() ) n = HB_EVP_CIPHER_CAMELLIA_256_CBC; else if( p == EVP_camellia_256_cfb1() ) n = HB_EVP_CIPHER_CAMELLIA_256_CFB1; else if( p == EVP_camellia_256_cfb8() ) n = HB_EVP_CIPHER_CAMELLIA_256_CFB8; else if( p == EVP_camellia_256_cfb128() ) n = HB_EVP_CIPHER_CAMELLIA_256_CFB128; else if( p == EVP_camellia_256_cfb() ) n = HB_EVP_CIPHER_CAMELLIA_256_CFB; else if( p == EVP_camellia_256_ofb() ) n = HB_EVP_CIPHER_CAMELLIA_256_OFB; #endif #ifndef OPENSSL_NO_SEED else if( p == EVP_seed_ecb() ) n = HB_EVP_CIPHER_SEED_ECB; else if( p == EVP_seed_cbc() ) n = HB_EVP_CIPHER_SEED_CBC; else if( p == EVP_seed_cfb128() ) n = HB_EVP_CIPHER_SEED_CFB128; else if( p == EVP_seed_cfb() ) n = HB_EVP_CIPHER_SEED_CFB; else if( p == EVP_seed_ofb() ) n = HB_EVP_CIPHER_SEED_OFB; #endif else n = HB_EVP_CIPHER_UNSUPPORTED; return n; }
const EVP_CIPHER * hb_EVP_CIPHER_par( int iParam ) { const EVP_CIPHER * p; if( HB_ISCHAR( iParam ) ) return EVP_get_cipherbyname( hb_parc( iParam ) ); switch( hb_parni( iParam ) ) { case HB_EVP_CIPHER_ENC_NULL: p = EVP_enc_null(); break; #ifndef OPENSSL_NO_DES case HB_EVP_CIPHER_DES_ECB: p = EVP_des_ecb(); break; case HB_EVP_CIPHER_DES_EDE: p = EVP_des_ede(); break; case HB_EVP_CIPHER_DES_EDE3: p = EVP_des_ede3(); break; #if OPENSSL_VERSION_NUMBER >= 0x00907000L case HB_EVP_CIPHER_DES_EDE_ECB: p = EVP_des_ede_ecb(); break; case HB_EVP_CIPHER_DES_EDE3_ECB: p = EVP_des_ede3_ecb(); break; #endif case HB_EVP_CIPHER_DES_CFB: p = EVP_des_cfb(); break; case HB_EVP_CIPHER_DES_EDE_CFB: p = EVP_des_ede_cfb(); break; case HB_EVP_CIPHER_DES_EDE3_CFB: p = EVP_des_ede3_cfb(); break; #if OPENSSL_VERSION_NUMBER >= 0x00907050L case HB_EVP_CIPHER_DES_CFB1: p = EVP_des_cfb1(); break; case HB_EVP_CIPHER_DES_CFB8: p = EVP_des_cfb8(); break; case HB_EVP_CIPHER_DES_CFB64: p = EVP_des_cfb64(); break; case HB_EVP_CIPHER_DES_EDE_CFB64: p = EVP_des_ede_cfb64(); break; case HB_EVP_CIPHER_DES_EDE3_CFB1: p = EVP_des_ede3_cfb1(); break; case HB_EVP_CIPHER_DES_EDE3_CFB8: p = EVP_des_ede3_cfb8(); break; case HB_EVP_CIPHER_DES_EDE3_CFB64: p = EVP_des_ede3_cfb64(); break; #endif case HB_EVP_CIPHER_DES_OFB: p = EVP_des_ofb(); break; case HB_EVP_CIPHER_DES_EDE_OFB: p = EVP_des_ede_ofb(); break; case HB_EVP_CIPHER_DES_EDE3_OFB: p = EVP_des_ede3_ofb(); break; case HB_EVP_CIPHER_DES_CBC: p = EVP_des_cbc(); break; case HB_EVP_CIPHER_DES_EDE_CBC: p = EVP_des_ede_cbc(); break; case HB_EVP_CIPHER_DES_EDE3_CBC: p = EVP_des_ede3_cbc(); break; case HB_EVP_CIPHER_DESX_CBC: p = EVP_desx_cbc(); break; #endif #ifndef OPENSSL_NO_RC4 case HB_EVP_CIPHER_RC4: p = EVP_rc4(); break; case HB_EVP_CIPHER_RC4_40: p = EVP_rc4_40(); break; #endif #ifndef OPENSSL_NO_IDEA case HB_EVP_CIPHER_IDEA_ECB: p = EVP_idea_ecb(); break; case HB_EVP_CIPHER_IDEA_CFB64: p = EVP_idea_cfb64(); break; case HB_EVP_CIPHER_IDEA_CFB: p = EVP_idea_cfb(); break; case HB_EVP_CIPHER_IDEA_OFB: p = EVP_idea_ofb(); break; case HB_EVP_CIPHER_IDEA_CBC: p = EVP_idea_cbc(); break; #endif #ifndef OPENSSL_NO_RC2 case HB_EVP_CIPHER_RC2_ECB: p = EVP_rc2_ecb(); break; case HB_EVP_CIPHER_RC2_CBC: p = EVP_rc2_cbc(); break; case HB_EVP_CIPHER_RC2_40_CBC: p = EVP_rc2_40_cbc(); break; case HB_EVP_CIPHER_RC2_64_CBC: p = EVP_rc2_64_cbc(); break; #if OPENSSL_VERSION_NUMBER >= 0x00907050L case HB_EVP_CIPHER_RC2_CFB64: p = EVP_rc2_cfb64(); break; #endif case HB_EVP_CIPHER_RC2_CFB: p = EVP_rc2_cfb(); break; case HB_EVP_CIPHER_RC2_OFB: p = EVP_rc2_ofb(); break; #endif #ifndef OPENSSL_NO_BF case HB_EVP_CIPHER_BF_ECB: p = EVP_bf_ecb(); break; case HB_EVP_CIPHER_BF_CBC: p = EVP_bf_cbc(); break; #if OPENSSL_VERSION_NUMBER >= 0x00907050L case HB_EVP_CIPHER_BF_CFB64: p = EVP_bf_cfb64(); break; #endif case HB_EVP_CIPHER_BF_CFB: p = EVP_bf_cfb(); break; case HB_EVP_CIPHER_BF_OFB: p = EVP_bf_ofb(); break; #endif #ifndef OPENSSL_NO_CAST case HB_EVP_CIPHER_CAST5_ECB: p = EVP_cast5_ecb(); break; case HB_EVP_CIPHER_CAST5_CBC: p = EVP_cast5_cbc(); break; #if OPENSSL_VERSION_NUMBER >= 0x00907050L case HB_EVP_CIPHER_CAST5_CFB64: p = EVP_cast5_cfb64(); break; #endif case HB_EVP_CIPHER_CAST5_CFB: p = EVP_cast5_cfb(); break; case HB_EVP_CIPHER_CAST5_OFB: p = EVP_cast5_ofb(); break; #endif #ifndef OPENSSL_NO_RC5 case HB_EVP_CIPHER_RC5_32_12_16_CBC: p = EVP_rc5_32_12_16_cbc(); break; case HB_EVP_CIPHER_RC5_32_12_16_ECB: p = EVP_rc5_32_12_16_ecb(); break; case HB_EVP_CIPHER_RC5_32_12_16_CFB: p = EVP_rc5_32_12_16_cfb(); break; case HB_EVP_CIPHER_RC5_32_12_16_OFB: p = EVP_rc5_32_12_16_ofb(); break; #if OPENSSL_VERSION_NUMBER >= 0x00907050L case HB_EVP_CIPHER_RC5_32_12_16_CFB64: p = EVP_rc5_32_12_16_cfb64(); break; #endif #endif #ifndef OPENSSL_NO_AES #if OPENSSL_VERSION_NUMBER >= 0x10001000L case HB_EVP_CIPHER_AES_128_GCM: p = EVP_aes_128_gcm(); break; #endif case HB_EVP_CIPHER_AES_128_ECB: p = EVP_aes_128_ecb(); break; case HB_EVP_CIPHER_AES_128_CBC: p = EVP_aes_128_cbc(); break; #if OPENSSL_VERSION_NUMBER >= 0x00907050L case HB_EVP_CIPHER_AES_128_CFB1: p = EVP_aes_128_cfb1(); break; case HB_EVP_CIPHER_AES_128_CFB8: p = EVP_aes_128_cfb8(); break; case HB_EVP_CIPHER_AES_128_CFB128: p = EVP_aes_128_cfb128(); break; #endif case HB_EVP_CIPHER_AES_128_CFB: p = EVP_aes_128_cfb(); break; case HB_EVP_CIPHER_AES_128_OFB: p = EVP_aes_128_ofb(); break; #if OPENSSL_VERSION_NUMBER >= 0x10001000L case HB_EVP_CIPHER_AES_192_GCM: p = EVP_aes_192_gcm(); break; #endif case HB_EVP_CIPHER_AES_192_ECB: p = EVP_aes_192_ecb(); break; case HB_EVP_CIPHER_AES_192_CBC: p = EVP_aes_192_cbc(); break; #if OPENSSL_VERSION_NUMBER >= 0x00907050L case HB_EVP_CIPHER_AES_192_CFB1: p = EVP_aes_192_cfb1(); break; case HB_EVP_CIPHER_AES_192_CFB8: p = EVP_aes_192_cfb8(); break; case HB_EVP_CIPHER_AES_192_CFB128: p = EVP_aes_192_cfb128(); break; #endif case HB_EVP_CIPHER_AES_192_CFB: p = EVP_aes_192_cfb(); break; case HB_EVP_CIPHER_AES_192_OFB: p = EVP_aes_192_ofb(); break; #if OPENSSL_VERSION_NUMBER >= 0x10001000L case HB_EVP_CIPHER_AES_256_GCM: p = EVP_aes_256_gcm(); break; #endif case HB_EVP_CIPHER_AES_256_ECB: p = EVP_aes_256_ecb(); break; case HB_EVP_CIPHER_AES_256_CBC: p = EVP_aes_256_cbc(); break; #if OPENSSL_VERSION_NUMBER >= 0x00907050L case HB_EVP_CIPHER_AES_256_CFB1: p = EVP_aes_256_cfb1(); break; case HB_EVP_CIPHER_AES_256_CFB8: p = EVP_aes_256_cfb8(); break; case HB_EVP_CIPHER_AES_256_CFB128: p = EVP_aes_256_cfb128(); break; #endif case HB_EVP_CIPHER_AES_256_CFB: p = EVP_aes_256_cfb(); break; case HB_EVP_CIPHER_AES_256_OFB: p = EVP_aes_256_ofb(); break; #endif #ifndef OPENSSL_NO_CAMELLIA case HB_EVP_CIPHER_CAMELLIA_128_ECB: p = EVP_camellia_128_ecb(); break; case HB_EVP_CIPHER_CAMELLIA_128_CBC: p = EVP_camellia_128_cbc(); break; case HB_EVP_CIPHER_CAMELLIA_128_CFB1: p = EVP_camellia_128_cfb1(); break; case HB_EVP_CIPHER_CAMELLIA_128_CFB8: p = EVP_camellia_128_cfb8(); break; case HB_EVP_CIPHER_CAMELLIA_128_CFB128: p = EVP_camellia_128_cfb128(); break; case HB_EVP_CIPHER_CAMELLIA_128_CFB: p = EVP_camellia_128_cfb(); break; case HB_EVP_CIPHER_CAMELLIA_128_OFB: p = EVP_camellia_128_ofb(); break; case HB_EVP_CIPHER_CAMELLIA_192_ECB: p = EVP_camellia_192_ecb(); break; case HB_EVP_CIPHER_CAMELLIA_192_CBC: p = EVP_camellia_192_cbc(); break; case HB_EVP_CIPHER_CAMELLIA_192_CFB1: p = EVP_camellia_192_cfb1(); break; case HB_EVP_CIPHER_CAMELLIA_192_CFB8: p = EVP_camellia_192_cfb8(); break; case HB_EVP_CIPHER_CAMELLIA_192_CFB128: p = EVP_camellia_192_cfb128(); break; case HB_EVP_CIPHER_CAMELLIA_192_CFB: p = EVP_camellia_192_cfb(); break; case HB_EVP_CIPHER_CAMELLIA_192_OFB: p = EVP_camellia_192_ofb(); break; case HB_EVP_CIPHER_CAMELLIA_256_ECB: p = EVP_camellia_256_ecb(); break; case HB_EVP_CIPHER_CAMELLIA_256_CBC: p = EVP_camellia_256_cbc(); break; case HB_EVP_CIPHER_CAMELLIA_256_CFB1: p = EVP_camellia_256_cfb1(); break; case HB_EVP_CIPHER_CAMELLIA_256_CFB8: p = EVP_camellia_256_cfb8(); break; case HB_EVP_CIPHER_CAMELLIA_256_CFB128: p = EVP_camellia_256_cfb128(); break; case HB_EVP_CIPHER_CAMELLIA_256_CFB: p = EVP_camellia_256_cfb(); break; case HB_EVP_CIPHER_CAMELLIA_256_OFB: p = EVP_camellia_256_ofb(); break; #endif #ifndef OPENSSL_NO_SEED case HB_EVP_CIPHER_SEED_ECB: p = EVP_seed_ecb(); break; case HB_EVP_CIPHER_SEED_CBC: p = EVP_seed_cbc(); break; case HB_EVP_CIPHER_SEED_CFB128: p = EVP_seed_cfb128(); break; case HB_EVP_CIPHER_SEED_CFB: p = EVP_seed_cfb(); break; case HB_EVP_CIPHER_SEED_OFB: p = EVP_seed_ofb(); break; #endif default: p = NULL; } return p; }
/* * Work out which mechanism to use. */ static apr_status_t crypto_cipher_mechanism(apr_crypto_key_t *key, const apr_crypto_block_key_type_e type, const apr_crypto_block_key_mode_e mode, const int doPad, apr_pool_t *p) { /* determine the cipher to be used */ switch (type) { case (APR_KEY_3DES_192): /* A 3DES key */ if (mode == APR_MODE_CBC) { key->cipher = EVP_des_ede3_cbc(); } else { key->cipher = EVP_des_ede3_ecb(); } break; case (APR_KEY_AES_128): if (mode == APR_MODE_CBC) { key->cipher = EVP_aes_128_cbc(); } else { key->cipher = EVP_aes_128_ecb(); } break; case (APR_KEY_AES_192): if (mode == APR_MODE_CBC) { key->cipher = EVP_aes_192_cbc(); } else { key->cipher = EVP_aes_192_ecb(); } break; case (APR_KEY_AES_256): if (mode == APR_MODE_CBC) { key->cipher = EVP_aes_256_cbc(); } else { key->cipher = EVP_aes_256_ecb(); } break; default: /* unknown key type, give up */ return APR_EKEYTYPE; } /* find the length of the key we need */ key->keyLen = EVP_CIPHER_key_length(key->cipher); /* make space for the key */ key->key = apr_pcalloc(p, key->keyLen); if (!key->key) { return APR_ENOMEM; } apr_crypto_clear(p, key->key, key->keyLen); return APR_SUCCESS; }
int DESTest(EVP_CIPHER_CTX *ctx, char *amode, int akeysz, unsigned char *aKey, unsigned char *iVec, int dir, /* 0 = decrypt, 1 = encrypt */ unsigned char *out, unsigned char *in, int len) { const EVP_CIPHER *cipher = NULL; int kt = 0; if (ctx) memset(ctx, 0, sizeof(EVP_CIPHER_CTX)); if (strcasecmp(amode, "CBC") == 0) kt = 1000; else if (strcasecmp(amode, "ECB") == 0) kt = 2000; else if (strcasecmp(amode, "CFB64") == 0) kt = 3000; else if (strncasecmp(amode, "OFB", 3) == 0) kt = 4000; else if(!strcasecmp(amode,"CFB1")) kt=5000; else if(!strcasecmp(amode,"CFB8")) kt=6000; else { printf("Unknown mode: %s\n", amode); EXIT(1); } if (akeysz != 64 && akeysz != 192) { printf("Invalid key size: %d\n", akeysz); EXIT(1); } else { kt += akeysz; switch (kt) { case 1064: cipher=EVP_des_cbc(); break; case 1192: cipher=EVP_des_ede3_cbc(); break; case 2064: cipher=EVP_des_ecb(); break; case 2192: cipher=EVP_des_ede3_ecb(); break; case 3064: cipher=EVP_des_cfb64(); break; case 3192: cipher=EVP_des_ede3_cfb64(); break; case 4064: cipher=EVP_des_ofb(); break; case 4192: cipher=EVP_des_ede3_ofb(); break; case 5064: cipher=EVP_des_cfb1(); break; case 5192: cipher=EVP_des_ede3_cfb1(); break; case 6064: cipher=EVP_des_cfb8(); break; case 6192: cipher=EVP_des_ede3_cfb8(); break; default: printf("Didn't handle mode %d\n",kt); EXIT(1); } if(!EVP_CipherInit(ctx, cipher, aKey, iVec, dir)) { ERR_print_errors_fp(stderr); EXIT(1); } EVP_Cipher(ctx, out, in, len); } return 1; }