static int
aes_ctr_init(archive_crypto_ctx *ctx, const uint8_t *key, size_t key_len)
{
if ((ctx->ctx = EVP_CIPHER_CTX_new()) == NULL)
return -1;
switch (key_len) {
case 16: ctx->type = EVP_aes_128_ecb(); break;
case 24: ctx->type = EVP_aes_192_ecb(); break;
case 32: ctx->type = EVP_aes_256_ecb(); break;
default: ctx->type = NULL; return -1;
}
ctx->key_len = key_len;
memcpy(ctx->key, key, key_len);
memset(ctx->nonce, 0, sizeof(ctx->nonce));
ctx->encr_pos = AES_BLOCK_SIZE;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
if (!EVP_CIPHER_CTX_reset(ctx->ctx)) {
EVP_CIPHER_CTX_free(ctx->ctx);
ctx->ctx = NULL;
}
#else
EVP_CIPHER_CTX_init(ctx->ctx);
#endif
return 0;
}
const EVP_CIPHER *OpensslAES::getEvpCipher() const
{
if (m_type == TypeAes128 && m_mode == ModeCbc) {
return EVP_aes_128_cbc();
} else if (m_type == TypeAes128 && m_mode == ModeCfb) {
return EVP_aes_128_cfb128();
} else if (m_type == TypeAes128 && m_mode == ModeEcb) {
return EVP_aes_128_ecb();
} else if (m_type == TypeAes128 && m_mode == ModeOfb) {
return EVP_aes_128_ofb();
} else if (m_type == TypeAes192 && m_mode == ModeCbc) {
return EVP_aes_192_cbc();
} else if (m_type == TypeAes192 && m_mode == ModeCfb) {
return EVP_aes_192_cfb128();
} else if (m_type == TypeAes192 && m_mode == ModeEcb) {
return EVP_aes_192_ecb();
} else if (m_type == TypeAes192 && m_mode == ModeOfb) {
return EVP_aes_192_ofb();
} else if (m_type == TypeAes256 && m_mode == ModeCbc) {
return EVP_aes_256_cbc();
} else if (m_type == TypeAes256 && m_mode == ModeCfb) {
return EVP_aes_256_cfb128();
} else if (m_type == TypeAes256 && m_mode == ModeEcb) {
return EVP_aes_256_ecb();
} else if (m_type == TypeAes256 && m_mode == ModeOfb) {
return EVP_aes_256_ofb();
}
return 0;
}
/** Set the key of <b>cipher</b> to <b>key</b>, which is
* <b>key_bits</b> bits long (must be 128, 192, or 256). Also resets
* the counter to 0.
*/
static void
aes_set_key(aes_cnt_cipher_t *cipher, const char *key, int key_bits)
{
if (should_use_EVP) {
const EVP_CIPHER *c = 0;
switch (key_bits) {
case 128: c = EVP_aes_128_ecb(); break;
case 192: c = EVP_aes_192_ecb(); break;
case 256: c = EVP_aes_256_ecb(); break;
default: tor_assert(0);
}
EVP_EncryptInit(&cipher->key.evp, c, (const unsigned char*)key, NULL);
cipher->using_evp = 1;
} else {
AES_set_encrypt_key((const unsigned char *)key, key_bits,&cipher->key.aes);
cipher->using_evp = 0;
}
#ifdef USING_COUNTER_VARS
cipher->counter0 = 0;
cipher->counter1 = 0;
cipher->counter2 = 0;
cipher->counter3 = 0;
#endif
memset(cipher->ctr_buf.buf, 0, sizeof(cipher->ctr_buf.buf));
cipher->pos = 0;
memset(cipher->buf, 0, sizeof(cipher->buf));
}
static int
ossl_aes_ecb_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
{
ossldata *od = c->ptr;
int err;
err = ossl_aes_init(c, key, klen, iv);
if (err)
return err;
switch (od->klen)
{
case 128 / 8:
od->evp_ciph = EVP_aes_128_ecb();
break;
case 192 / 8:
od->evp_ciph = EVP_aes_192_ecb();
break;
case 256 / 8:
od->evp_ciph = EVP_aes_256_ecb();
break;
default:
/* shouldn't happen */
err = PXE_CIPHER_INIT;
break;
}
return err;
}
static int
aes_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc) /* init key */
{
/*
* variable "c" is leaked from this scope, but is later freed
* in aes_ctr_cleanup
*/
aes_ctr_ctx *c;
const EVP_CIPHER *aes_cipher;
(void) enc;
switch(EVP_CIPHER_CTX_key_length(ctx)) {
case 16:
aes_cipher = EVP_aes_128_ecb();
break;
case 24:
aes_cipher = EVP_aes_192_ecb();
break;
case 32:
aes_cipher = EVP_aes_256_ecb();
break;
default:
return 0;
}
c = malloc(sizeof(*c));
if(c == NULL)
return 0;
#ifdef HAVE_OPAQUE_STRUCTS
c->aes_ctx = EVP_CIPHER_CTX_new();
#else
c->aes_ctx = malloc(sizeof(EVP_CIPHER_CTX));
#endif
if(c->aes_ctx == NULL) {
free(c);
return 0;
}
if(EVP_EncryptInit(c->aes_ctx, aes_cipher, key, NULL) != 1) {
#ifdef HAVE_OPAQUE_STRUCTS
EVP_CIPHER_CTX_free(c->aes_ctx);
#else
free(c->aes_ctx);
#endif
free(c);
return 0;
}
EVP_CIPHER_CTX_set_padding(c->aes_ctx, 0);
memcpy(c->ctr, iv, AES_BLOCK_SIZE);
EVP_CIPHER_CTX_set_app_data(ctx, c);
return 1;
}
const EVP_CIPHER* get_cipher_type(const enum cipher cipher, const enum cipher_mode mode) {
switch (mode) {
case MODE_ECB:
switch (cipher) {
case CIPHER_DES:
return EVP_des_ecb();
case CIPHER_AES_128:
return EVP_aes_128_ecb();
case CIPHER_AES_192:
return EVP_aes_192_ecb();
case CIPHER_AES_256:
return EVP_aes_256_ecb();
}
case MODE_CBC:
switch (cipher) {
case CIPHER_DES:
return EVP_des_cbc();
case CIPHER_AES_128:
return EVP_aes_128_cbc();
case CIPHER_AES_192:
return EVP_aes_192_cbc();
case CIPHER_AES_256:
return EVP_aes_256_cbc();
}
case MODE_OFB:
switch (cipher) {
case CIPHER_DES:
return EVP_des_ofb();
case CIPHER_AES_128:
return EVP_aes_128_ofb();
case CIPHER_AES_192:
return EVP_aes_192_ofb();
case CIPHER_AES_256:
return EVP_aes_256_ofb();
}
case MODE_CFB:
switch (cipher) {
case CIPHER_DES:
return EVP_des_cfb();
case CIPHER_AES_128:
return EVP_aes_128_cfb();
case CIPHER_AES_192:
return EVP_aes_192_cfb();
case CIPHER_AES_256:
return EVP_aes_256_cfb();
}
}
abort();
}
explicit Cipher(Name name = N_AES128_CBC)
: cipher_(0)
{
EVP_CIPHER_CTX_init(&ctx_);
switch (name) {
case N_AES128_CBC: cipher_ = EVP_aes_128_cbc(); break;
case N_AES192_CBC: cipher_ = EVP_aes_192_cbc(); break;
case N_AES256_CBC: cipher_ = EVP_aes_256_cbc(); break;
case N_AES128_ECB: cipher_ = EVP_aes_128_ecb(); break;
case N_AES192_ECB: cipher_ = EVP_aes_192_ecb(); break;
case N_AES256_ECB: cipher_ = EVP_aes_256_ecb(); break;
default:
throw cybozu::Exception("crypto:Cipher:Cipher:name") << (int)name;
}
}
void
isc_aes192_crypt(const unsigned char *key, const unsigned char *in,
unsigned char *out)
{
EVP_CIPHER_CTX c;
int len;
EVP_CIPHER_CTX_init(&c);
RUNTIME_CHECK(EVP_EncryptInit(&c, EVP_aes_192_ecb(), key, NULL) == 1);
EVP_CIPHER_CTX_set_padding(&c, 0);
RUNTIME_CHECK(EVP_EncryptUpdate(&c, out, &len, in,
ISC_AES_BLOCK_LENGTH) == 1);
RUNTIME_CHECK(len == ISC_AES_BLOCK_LENGTH);
RUNTIME_CHECK(EVP_CIPHER_CTX_cleanup(&c) == 1);
}
static int
aes_ctr_init(archive_crypto_ctx *ctx, const uint8_t *key, size_t key_len)
{
switch (key_len) {
case 16: ctx->type = EVP_aes_128_ecb(); break;
case 24: ctx->type = EVP_aes_192_ecb(); break;
case 32: ctx->type = EVP_aes_256_ecb(); break;
default: ctx->type = NULL; return -1;
}
ctx->key_len = key_len;
memcpy(ctx->key, key, key_len);
memset(ctx->nonce, 0, sizeof(ctx->nonce));
ctx->encr_pos = AES_BLOCK_SIZE;
EVP_CIPHER_CTX_init(&ctx->ctx);
return 0;
}
const EVP_CIPHER* OSSLAES::getCipher() const
{
if (currentKey == NULL) return NULL;
// Check currentKey bit length; AES only supports 128, 192 or 256 bit keys
if ((currentKey->getBitLen() != 128) &&
(currentKey->getBitLen() != 192) &&
(currentKey->getBitLen() != 256))
{
ERROR_MSG("Invalid AES currentKey length (%d bits)", currentKey->getBitLen());
return NULL;
}
// Determine the cipher mode
if (!currentCipherMode.compare("cbc"))
{
switch(currentKey->getBitLen())
{
case 128:
return EVP_aes_128_cbc();
case 192:
return EVP_aes_192_cbc();
case 256:
return EVP_aes_256_cbc();
};
}
else if (!currentCipherMode.compare("ecb"))
{
switch(currentKey->getBitLen())
{
case 128:
return EVP_aes_128_ecb();
case 192:
return EVP_aes_192_ecb();
case 256:
return EVP_aes_256_ecb();
};
}
ERROR_MSG("Invalid AES cipher mode %s", currentCipherMode.c_str());
return NULL;
}
void
isc_aes192_crypt(const unsigned char *key, const unsigned char *in,
unsigned char *out)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_CIPHER_CTX _context;
#endif
EVP_CIPHER_CTX *c;
int len;
c = EVP_CIPHER_CTX_new();
RUNTIME_CHECK(c != NULL);
RUNTIME_CHECK(EVP_EncryptInit(c, EVP_aes_192_ecb(), key, NULL) == 1);
EVP_CIPHER_CTX_set_padding(c, 0);
RUNTIME_CHECK(EVP_EncryptUpdate(c, out, &len, in,
ISC_AES_BLOCK_LENGTH) == 1);
RUNTIME_CHECK(len == ISC_AES_BLOCK_LENGTH);
EVP_CIPHER_CTX_free(c);
}
const EVP_CIPHER* algid_to_evp(uint32_t alg){
switch(alg&(SOTER_SYM_ALG_MASK|SOTER_SYM_PADDING_MASK|SOTER_SYM_KEY_LENGTH_MASK)){
case SOTER_SYM_AES_ECB_PKCS7|SOTER_SYM_256_KEY_LENGTH:
return EVP_aes_256_ecb();
case SOTER_SYM_AES_ECB_PKCS7|SOTER_SYM_192_KEY_LENGTH:
return EVP_aes_192_ecb();
case SOTER_SYM_AES_ECB_PKCS7|SOTER_SYM_128_KEY_LENGTH:
return EVP_aes_128_ecb();
case SOTER_SYM_AES_CTR|SOTER_SYM_256_KEY_LENGTH:
return EVP_aes_256_ctr();
case SOTER_SYM_AES_CTR|SOTER_SYM_192_KEY_LENGTH:
return EVP_aes_192_ctr();
case SOTER_SYM_AES_CTR|SOTER_SYM_128_KEY_LENGTH:
return EVP_aes_128_ctr();
case SOTER_SYM_AES_XTS|SOTER_SYM_256_KEY_LENGTH:
return EVP_aes_256_xts();
}
return NULL;
}
void SSLInitImpl()
{
if(0 == ssl_init_counter++)
{
log_info("OpenSSL library initialization");
SSL_library_init();
SSL_load_error_strings();
ERR_load_crypto_strings();
int numLocks = CRYPTO_num_locks();
sslmtx = new Pt::System::Mutex[numLocks];
//CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
CRYPTO_set_locking_callback(pt_locking_callback_impl);
//OpenSSL_add_all_algorithms();
EVP_add_cipher(EVP_des_ede3_cfb());
EVP_add_cipher(EVP_des_ede3_cfb1());
EVP_add_cipher(EVP_des_ede3_cfb8());
EVP_add_cipher(EVP_des_ede3_ofb());
EVP_add_cipher(EVP_aes_128_ecb());
EVP_add_cipher(EVP_aes_128_cbc());
EVP_add_cipher(EVP_aes_128_cfb());
EVP_add_cipher(EVP_aes_128_cfb1());
EVP_add_cipher(EVP_aes_128_cfb8());
EVP_add_cipher(EVP_aes_128_ofb());
EVP_add_cipher(EVP_aes_192_ecb());
EVP_add_cipher(EVP_aes_192_cbc());
EVP_add_cipher(EVP_aes_192_cfb());
EVP_add_cipher(EVP_aes_192_cfb1());
EVP_add_cipher(EVP_aes_192_cfb8());
EVP_add_cipher(EVP_aes_192_ofb());
EVP_add_cipher(EVP_aes_256_ecb());
EVP_add_cipher(EVP_aes_256_cbc());
EVP_add_cipher(EVP_aes_256_cfb());
EVP_add_cipher(EVP_aes_256_cfb1());
EVP_add_cipher(EVP_aes_256_cfb8());
EVP_add_cipher(EVP_aes_256_ofb());
}
}
static int
aes_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc) /* init key */
{
aes_ctr_ctx *c = malloc(sizeof(*c));
const EVP_CIPHER *aes_cipher;
(void) enc;
if (c == NULL)
return 0;
switch (ctx->key_len) {
case 16:
aes_cipher = EVP_aes_128_ecb();
break;
case 24:
aes_cipher = EVP_aes_192_ecb();
break;
case 32:
aes_cipher = EVP_aes_256_ecb();
break;
default:
return 0;
}
c->aes_ctx = malloc(sizeof(EVP_CIPHER_CTX));
if (c->aes_ctx == NULL)
return 0;
if (EVP_EncryptInit(c->aes_ctx, aes_cipher, key, NULL) != 1) {
return 0;
}
EVP_CIPHER_CTX_set_padding(c->aes_ctx, 0);
memcpy(c->ctr, iv, AES_BLOCK_SIZE);
EVP_CIPHER_CTX_set_app_data(ctx, c);
return 1;
}
bool CryptFileDevice::initCipher()
{
const EVP_CIPHER *cipher = EVP_enc_null();
if (m_aesKeyLength == kAesKeyLength128)
cipher = EVP_aes_128_ecb();
else if (m_aesKeyLength == kAesKeyLength192)
cipher = EVP_aes_192_ecb();
else if (m_aesKeyLength == kAesKeyLength256)
cipher = EVP_aes_256_ecb();
else
Q_ASSERT_X(false, Q_FUNC_INFO, "Unknown value of AesKeyLength");
EVP_CIPHER_CTX_init(&m_encCtx);
EVP_EncryptInit_ex(&m_encCtx, cipher, NULL, NULL, NULL);
int keyLength = EVP_CIPHER_CTX_key_length(&m_encCtx);
int ivLength = EVP_CIPHER_CTX_iv_length(&m_encCtx);
unsigned char key[keyLength];
unsigned char iv[ivLength];
int ok = EVP_BytesToKey(cipher,
EVP_sha256(),
m_salt.isEmpty() ? NULL : (unsigned char *)m_salt.data(),
(unsigned char *)m_password.data(),
m_password.length(),
m_numRounds,
key,
iv);
if (ok == 0)
return false;
EVP_CIPHER_CTX_init(&m_encCtx);
EVP_EncryptInit_ex(&m_encCtx, cipher, NULL, key, iv);
EVP_CIPHER_CTX_init(&m_decCtx);
EVP_DecryptInit_ex(&m_decCtx, cipher, NULL, key, iv);
return true;
}
void OpenSSL_add_all_ciphers(void)
{
#ifndef OPENSSL_NO_DES
EVP_add_cipher(EVP_des_cfb());
EVP_add_cipher(EVP_des_cfb1());
EVP_add_cipher(EVP_des_cfb8());
EVP_add_cipher(EVP_des_ede_cfb());
EVP_add_cipher(EVP_des_ede3_cfb());
EVP_add_cipher(EVP_des_ofb());
EVP_add_cipher(EVP_des_ede_ofb());
EVP_add_cipher(EVP_des_ede3_ofb());
EVP_add_cipher(EVP_desx_cbc());
EVP_add_cipher_alias(SN_desx_cbc,"DESX");
EVP_add_cipher_alias(SN_desx_cbc,"desx");
EVP_add_cipher(EVP_des_cbc());
EVP_add_cipher_alias(SN_des_cbc,"DES");
EVP_add_cipher_alias(SN_des_cbc,"des");
EVP_add_cipher(EVP_des_ede_cbc());
EVP_add_cipher(EVP_des_ede3_cbc());
EVP_add_cipher_alias(SN_des_ede3_cbc,"DES3");
EVP_add_cipher_alias(SN_des_ede3_cbc,"des3");
EVP_add_cipher(EVP_des_ecb());
EVP_add_cipher(EVP_des_ede());
EVP_add_cipher(EVP_des_ede3());
#endif
#ifndef OPENSSL_NO_RC4
EVP_add_cipher(EVP_rc4());
EVP_add_cipher(EVP_rc4_40());
#endif
#ifndef OPENSSL_NO_IDEA
EVP_add_cipher(EVP_idea_ecb());
EVP_add_cipher(EVP_idea_cfb());
EVP_add_cipher(EVP_idea_ofb());
EVP_add_cipher(EVP_idea_cbc());
EVP_add_cipher_alias(SN_idea_cbc,"IDEA");
EVP_add_cipher_alias(SN_idea_cbc,"idea");
#endif
#ifndef OPENSSL_NO_RC2
EVP_add_cipher(EVP_rc2_ecb());
EVP_add_cipher(EVP_rc2_cfb());
EVP_add_cipher(EVP_rc2_ofb());
EVP_add_cipher(EVP_rc2_cbc());
EVP_add_cipher(EVP_rc2_40_cbc());
EVP_add_cipher(EVP_rc2_64_cbc());
EVP_add_cipher_alias(SN_rc2_cbc,"RC2");
EVP_add_cipher_alias(SN_rc2_cbc,"rc2");
#endif
#ifndef OPENSSL_NO_BF
EVP_add_cipher(EVP_bf_ecb());
EVP_add_cipher(EVP_bf_cfb());
EVP_add_cipher(EVP_bf_ofb());
EVP_add_cipher(EVP_bf_cbc());
EVP_add_cipher_alias(SN_bf_cbc,"BF");
EVP_add_cipher_alias(SN_bf_cbc,"bf");
EVP_add_cipher_alias(SN_bf_cbc,"blowfish");
#endif
#ifndef OPENSSL_NO_CAST
EVP_add_cipher(EVP_cast5_ecb());
EVP_add_cipher(EVP_cast5_cfb());
EVP_add_cipher(EVP_cast5_ofb());
EVP_add_cipher(EVP_cast5_cbc());
EVP_add_cipher_alias(SN_cast5_cbc,"CAST");
EVP_add_cipher_alias(SN_cast5_cbc,"cast");
EVP_add_cipher_alias(SN_cast5_cbc,"CAST-cbc");
EVP_add_cipher_alias(SN_cast5_cbc,"cast-cbc");
#endif
#ifndef OPENSSL_NO_RC5
EVP_add_cipher(EVP_rc5_32_12_16_ecb());
EVP_add_cipher(EVP_rc5_32_12_16_cfb());
EVP_add_cipher(EVP_rc5_32_12_16_ofb());
EVP_add_cipher(EVP_rc5_32_12_16_cbc());
EVP_add_cipher_alias(SN_rc5_cbc,"rc5");
EVP_add_cipher_alias(SN_rc5_cbc,"RC5");
#endif
#ifndef OPENSSL_NO_AES
EVP_add_cipher(EVP_aes_128_ecb());
EVP_add_cipher(EVP_aes_128_cbc());
EVP_add_cipher(EVP_aes_128_cfb());
EVP_add_cipher(EVP_aes_128_cfb1());
EVP_add_cipher(EVP_aes_128_cfb8());
EVP_add_cipher(EVP_aes_128_ofb());
#if 0
EVP_add_cipher(EVP_aes_128_ctr());
#endif
EVP_add_cipher_alias(SN_aes_128_cbc,"AES128");
EVP_add_cipher_alias(SN_aes_128_cbc,"aes128");
EVP_add_cipher(EVP_aes_192_ecb());
EVP_add_cipher(EVP_aes_192_cbc());
EVP_add_cipher(EVP_aes_192_cfb());
EVP_add_cipher(EVP_aes_192_cfb1());
EVP_add_cipher(EVP_aes_192_cfb8());
EVP_add_cipher(EVP_aes_192_ofb());
#if 0
EVP_add_cipher(EVP_aes_192_ctr());
#endif
EVP_add_cipher_alias(SN_aes_192_cbc,"AES192");
EVP_add_cipher_alias(SN_aes_192_cbc,"aes192");
EVP_add_cipher(EVP_aes_256_ecb());
EVP_add_cipher(EVP_aes_256_cbc());
EVP_add_cipher(EVP_aes_256_cfb());
EVP_add_cipher(EVP_aes_256_cfb1());
EVP_add_cipher(EVP_aes_256_cfb8());
EVP_add_cipher(EVP_aes_256_ofb());
#if 0
EVP_add_cipher(EVP_aes_256_ctr());
#endif
EVP_add_cipher_alias(SN_aes_256_cbc,"AES256");
EVP_add_cipher_alias(SN_aes_256_cbc,"aes256");
#endif
PKCS12_PBE_add();
PKCS5_PBE_add();
}
const EVP_CIPHER * hb_EVP_CIPHER_par( int iParam )
{
const EVP_CIPHER * p;
if( HB_ISCHAR( iParam ) )
return EVP_get_cipherbyname( hb_parc( iParam ) );
switch( hb_parni( iParam ) )
{
case HB_EVP_CIPHER_ENC_NULL: p = EVP_enc_null(); break;
#ifndef OPENSSL_NO_DES
case HB_EVP_CIPHER_DES_ECB: p = EVP_des_ecb(); break;
case HB_EVP_CIPHER_DES_EDE: p = EVP_des_ede(); break;
case HB_EVP_CIPHER_DES_EDE3: p = EVP_des_ede3(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
case HB_EVP_CIPHER_DES_EDE_ECB: p = EVP_des_ede_ecb(); break;
case HB_EVP_CIPHER_DES_EDE3_ECB: p = EVP_des_ede3_ecb(); break;
#endif
case HB_EVP_CIPHER_DES_CFB: p = EVP_des_cfb(); break;
case HB_EVP_CIPHER_DES_EDE_CFB: p = EVP_des_ede_cfb(); break;
case HB_EVP_CIPHER_DES_EDE3_CFB: p = EVP_des_ede3_cfb(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_DES_CFB1: p = EVP_des_cfb1(); break;
case HB_EVP_CIPHER_DES_CFB8: p = EVP_des_cfb8(); break;
case HB_EVP_CIPHER_DES_CFB64: p = EVP_des_cfb64(); break;
case HB_EVP_CIPHER_DES_EDE_CFB64: p = EVP_des_ede_cfb64(); break;
case HB_EVP_CIPHER_DES_EDE3_CFB1: p = EVP_des_ede3_cfb1(); break;
case HB_EVP_CIPHER_DES_EDE3_CFB8: p = EVP_des_ede3_cfb8(); break;
case HB_EVP_CIPHER_DES_EDE3_CFB64: p = EVP_des_ede3_cfb64(); break;
#endif
case HB_EVP_CIPHER_DES_OFB: p = EVP_des_ofb(); break;
case HB_EVP_CIPHER_DES_EDE_OFB: p = EVP_des_ede_ofb(); break;
case HB_EVP_CIPHER_DES_EDE3_OFB: p = EVP_des_ede3_ofb(); break;
case HB_EVP_CIPHER_DES_CBC: p = EVP_des_cbc(); break;
case HB_EVP_CIPHER_DES_EDE_CBC: p = EVP_des_ede_cbc(); break;
case HB_EVP_CIPHER_DES_EDE3_CBC: p = EVP_des_ede3_cbc(); break;
case HB_EVP_CIPHER_DESX_CBC: p = EVP_desx_cbc(); break;
#endif
#ifndef OPENSSL_NO_RC4
case HB_EVP_CIPHER_RC4: p = EVP_rc4(); break;
case HB_EVP_CIPHER_RC4_40: p = EVP_rc4_40(); break;
#endif
#ifndef OPENSSL_NO_IDEA
case HB_EVP_CIPHER_IDEA_ECB: p = EVP_idea_ecb(); break;
case HB_EVP_CIPHER_IDEA_CFB64: p = EVP_idea_cfb64(); break;
case HB_EVP_CIPHER_IDEA_CFB: p = EVP_idea_cfb(); break;
case HB_EVP_CIPHER_IDEA_OFB: p = EVP_idea_ofb(); break;
case HB_EVP_CIPHER_IDEA_CBC: p = EVP_idea_cbc(); break;
#endif
#ifndef OPENSSL_NO_RC2
case HB_EVP_CIPHER_RC2_ECB: p = EVP_rc2_ecb(); break;
case HB_EVP_CIPHER_RC2_CBC: p = EVP_rc2_cbc(); break;
case HB_EVP_CIPHER_RC2_40_CBC: p = EVP_rc2_40_cbc(); break;
case HB_EVP_CIPHER_RC2_64_CBC: p = EVP_rc2_64_cbc(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_RC2_CFB64: p = EVP_rc2_cfb64(); break;
#endif
case HB_EVP_CIPHER_RC2_CFB: p = EVP_rc2_cfb(); break;
case HB_EVP_CIPHER_RC2_OFB: p = EVP_rc2_ofb(); break;
#endif
#ifndef OPENSSL_NO_BF
case HB_EVP_CIPHER_BF_ECB: p = EVP_bf_ecb(); break;
case HB_EVP_CIPHER_BF_CBC: p = EVP_bf_cbc(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_BF_CFB64: p = EVP_bf_cfb64(); break;
#endif
case HB_EVP_CIPHER_BF_CFB: p = EVP_bf_cfb(); break;
case HB_EVP_CIPHER_BF_OFB: p = EVP_bf_ofb(); break;
#endif
#ifndef OPENSSL_NO_CAST
case HB_EVP_CIPHER_CAST5_ECB: p = EVP_cast5_ecb(); break;
case HB_EVP_CIPHER_CAST5_CBC: p = EVP_cast5_cbc(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_CAST5_CFB64: p = EVP_cast5_cfb64(); break;
#endif
case HB_EVP_CIPHER_CAST5_CFB: p = EVP_cast5_cfb(); break;
case HB_EVP_CIPHER_CAST5_OFB: p = EVP_cast5_ofb(); break;
#endif
#ifndef OPENSSL_NO_RC5
case HB_EVP_CIPHER_RC5_32_12_16_CBC: p = EVP_rc5_32_12_16_cbc(); break;
case HB_EVP_CIPHER_RC5_32_12_16_ECB: p = EVP_rc5_32_12_16_ecb(); break;
case HB_EVP_CIPHER_RC5_32_12_16_CFB: p = EVP_rc5_32_12_16_cfb(); break;
case HB_EVP_CIPHER_RC5_32_12_16_OFB: p = EVP_rc5_32_12_16_ofb(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_RC5_32_12_16_CFB64: p = EVP_rc5_32_12_16_cfb64(); break;
#endif
#endif
#ifndef OPENSSL_NO_AES
#if OPENSSL_VERSION_NUMBER >= 0x10001000L
case HB_EVP_CIPHER_AES_128_GCM: p = EVP_aes_128_gcm(); break;
#endif
case HB_EVP_CIPHER_AES_128_ECB: p = EVP_aes_128_ecb(); break;
case HB_EVP_CIPHER_AES_128_CBC: p = EVP_aes_128_cbc(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_AES_128_CFB1: p = EVP_aes_128_cfb1(); break;
case HB_EVP_CIPHER_AES_128_CFB8: p = EVP_aes_128_cfb8(); break;
case HB_EVP_CIPHER_AES_128_CFB128: p = EVP_aes_128_cfb128(); break;
#endif
case HB_EVP_CIPHER_AES_128_CFB: p = EVP_aes_128_cfb(); break;
case HB_EVP_CIPHER_AES_128_OFB: p = EVP_aes_128_ofb(); break;
#if OPENSSL_VERSION_NUMBER >= 0x10001000L
case HB_EVP_CIPHER_AES_192_GCM: p = EVP_aes_192_gcm(); break;
#endif
case HB_EVP_CIPHER_AES_192_ECB: p = EVP_aes_192_ecb(); break;
case HB_EVP_CIPHER_AES_192_CBC: p = EVP_aes_192_cbc(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_AES_192_CFB1: p = EVP_aes_192_cfb1(); break;
case HB_EVP_CIPHER_AES_192_CFB8: p = EVP_aes_192_cfb8(); break;
case HB_EVP_CIPHER_AES_192_CFB128: p = EVP_aes_192_cfb128(); break;
#endif
case HB_EVP_CIPHER_AES_192_CFB: p = EVP_aes_192_cfb(); break;
case HB_EVP_CIPHER_AES_192_OFB: p = EVP_aes_192_ofb(); break;
#if OPENSSL_VERSION_NUMBER >= 0x10001000L
case HB_EVP_CIPHER_AES_256_GCM: p = EVP_aes_256_gcm(); break;
#endif
case HB_EVP_CIPHER_AES_256_ECB: p = EVP_aes_256_ecb(); break;
case HB_EVP_CIPHER_AES_256_CBC: p = EVP_aes_256_cbc(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_AES_256_CFB1: p = EVP_aes_256_cfb1(); break;
case HB_EVP_CIPHER_AES_256_CFB8: p = EVP_aes_256_cfb8(); break;
case HB_EVP_CIPHER_AES_256_CFB128: p = EVP_aes_256_cfb128(); break;
#endif
case HB_EVP_CIPHER_AES_256_CFB: p = EVP_aes_256_cfb(); break;
case HB_EVP_CIPHER_AES_256_OFB: p = EVP_aes_256_ofb(); break;
#endif
#ifndef OPENSSL_NO_CAMELLIA
case HB_EVP_CIPHER_CAMELLIA_128_ECB: p = EVP_camellia_128_ecb(); break;
case HB_EVP_CIPHER_CAMELLIA_128_CBC: p = EVP_camellia_128_cbc(); break;
case HB_EVP_CIPHER_CAMELLIA_128_CFB1: p = EVP_camellia_128_cfb1(); break;
case HB_EVP_CIPHER_CAMELLIA_128_CFB8: p = EVP_camellia_128_cfb8(); break;
case HB_EVP_CIPHER_CAMELLIA_128_CFB128: p = EVP_camellia_128_cfb128(); break;
case HB_EVP_CIPHER_CAMELLIA_128_CFB: p = EVP_camellia_128_cfb(); break;
case HB_EVP_CIPHER_CAMELLIA_128_OFB: p = EVP_camellia_128_ofb(); break;
case HB_EVP_CIPHER_CAMELLIA_192_ECB: p = EVP_camellia_192_ecb(); break;
case HB_EVP_CIPHER_CAMELLIA_192_CBC: p = EVP_camellia_192_cbc(); break;
case HB_EVP_CIPHER_CAMELLIA_192_CFB1: p = EVP_camellia_192_cfb1(); break;
case HB_EVP_CIPHER_CAMELLIA_192_CFB8: p = EVP_camellia_192_cfb8(); break;
case HB_EVP_CIPHER_CAMELLIA_192_CFB128: p = EVP_camellia_192_cfb128(); break;
case HB_EVP_CIPHER_CAMELLIA_192_CFB: p = EVP_camellia_192_cfb(); break;
case HB_EVP_CIPHER_CAMELLIA_192_OFB: p = EVP_camellia_192_ofb(); break;
case HB_EVP_CIPHER_CAMELLIA_256_ECB: p = EVP_camellia_256_ecb(); break;
case HB_EVP_CIPHER_CAMELLIA_256_CBC: p = EVP_camellia_256_cbc(); break;
case HB_EVP_CIPHER_CAMELLIA_256_CFB1: p = EVP_camellia_256_cfb1(); break;
case HB_EVP_CIPHER_CAMELLIA_256_CFB8: p = EVP_camellia_256_cfb8(); break;
case HB_EVP_CIPHER_CAMELLIA_256_CFB128: p = EVP_camellia_256_cfb128(); break;
case HB_EVP_CIPHER_CAMELLIA_256_CFB: p = EVP_camellia_256_cfb(); break;
case HB_EVP_CIPHER_CAMELLIA_256_OFB: p = EVP_camellia_256_ofb(); break;
#endif
#ifndef OPENSSL_NO_SEED
case HB_EVP_CIPHER_SEED_ECB: p = EVP_seed_ecb(); break;
case HB_EVP_CIPHER_SEED_CBC: p = EVP_seed_cbc(); break;
case HB_EVP_CIPHER_SEED_CFB128: p = EVP_seed_cfb128(); break;
case HB_EVP_CIPHER_SEED_CFB: p = EVP_seed_cfb(); break;
case HB_EVP_CIPHER_SEED_OFB: p = EVP_seed_ofb(); break;
#endif
default: p = NULL;
}
return p;
}
static int hb_EVP_CIPHER_ptr_to_id( const EVP_CIPHER * p )
{
int n;
if( p == EVP_enc_null() ) n = HB_EVP_CIPHER_ENC_NULL;
#ifndef OPENSSL_NO_DES
else if( p == EVP_des_ecb() ) n = HB_EVP_CIPHER_DES_ECB;
else if( p == EVP_des_ede() ) n = HB_EVP_CIPHER_DES_EDE;
else if( p == EVP_des_ede3() ) n = HB_EVP_CIPHER_DES_EDE3;
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
else if( p == EVP_des_ede_ecb() ) n = HB_EVP_CIPHER_DES_EDE_ECB;
else if( p == EVP_des_ede3_ecb() ) n = HB_EVP_CIPHER_DES_EDE3_ECB;
#endif
else if( p == EVP_des_cfb() ) n = HB_EVP_CIPHER_DES_CFB;
else if( p == EVP_des_ede_cfb() ) n = HB_EVP_CIPHER_DES_EDE_CFB;
else if( p == EVP_des_ede3_cfb() ) n = HB_EVP_CIPHER_DES_EDE3_CFB;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_des_cfb64() ) n = HB_EVP_CIPHER_DES_CFB64;
else if( p == EVP_des_cfb1() ) n = HB_EVP_CIPHER_DES_CFB1;
else if( p == EVP_des_cfb8() ) n = HB_EVP_CIPHER_DES_CFB8;
else if( p == EVP_des_ede_cfb64() ) n = HB_EVP_CIPHER_DES_EDE_CFB64;
else if( p == EVP_des_ede3_cfb64() ) n = HB_EVP_CIPHER_DES_EDE3_CFB64;
else if( p == EVP_des_ede3_cfb1() ) n = HB_EVP_CIPHER_DES_EDE3_CFB1;
else if( p == EVP_des_ede3_cfb8() ) n = HB_EVP_CIPHER_DES_EDE3_CFB8;
#endif
else if( p == EVP_des_ofb() ) n = HB_EVP_CIPHER_DES_OFB;
else if( p == EVP_des_ede_ofb() ) n = HB_EVP_CIPHER_DES_EDE_OFB;
else if( p == EVP_des_ede3_ofb() ) n = HB_EVP_CIPHER_DES_EDE3_OFB;
else if( p == EVP_des_cbc() ) n = HB_EVP_CIPHER_DES_CBC;
else if( p == EVP_des_ede_cbc() ) n = HB_EVP_CIPHER_DES_EDE_CBC;
else if( p == EVP_des_ede3_cbc() ) n = HB_EVP_CIPHER_DES_EDE3_CBC;
else if( p == EVP_desx_cbc() ) n = HB_EVP_CIPHER_DESX_CBC;
#endif
#ifndef OPENSSL_NO_RC4
else if( p == EVP_rc4() ) n = HB_EVP_CIPHER_RC4;
else if( p == EVP_rc4_40() ) n = HB_EVP_CIPHER_RC4_40;
#endif
#ifndef OPENSSL_NO_IDEA
else if( p == EVP_idea_ecb() ) n = HB_EVP_CIPHER_IDEA_ECB;
else if( p == EVP_idea_cfb64() ) n = HB_EVP_CIPHER_IDEA_CFB64;
else if( p == EVP_idea_cfb() ) n = HB_EVP_CIPHER_IDEA_CFB;
else if( p == EVP_idea_ofb() ) n = HB_EVP_CIPHER_IDEA_OFB;
else if( p == EVP_idea_cbc() ) n = HB_EVP_CIPHER_IDEA_CBC;
#endif
#ifndef OPENSSL_NO_RC2
else if( p == EVP_rc2_ecb() ) n = HB_EVP_CIPHER_RC2_ECB;
else if( p == EVP_rc2_cbc() ) n = HB_EVP_CIPHER_RC2_CBC;
else if( p == EVP_rc2_40_cbc() ) n = HB_EVP_CIPHER_RC2_40_CBC;
else if( p == EVP_rc2_64_cbc() ) n = HB_EVP_CIPHER_RC2_64_CBC;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_rc2_cfb64() ) n = HB_EVP_CIPHER_RC2_CFB64;
#endif
else if( p == EVP_rc2_cfb() ) n = HB_EVP_CIPHER_RC2_CFB;
else if( p == EVP_rc2_ofb() ) n = HB_EVP_CIPHER_RC2_OFB;
#endif
#ifndef OPENSSL_NO_BF
else if( p == EVP_bf_ecb() ) n = HB_EVP_CIPHER_BF_ECB;
else if( p == EVP_bf_cbc() ) n = HB_EVP_CIPHER_BF_CBC;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_bf_cfb64() ) n = HB_EVP_CIPHER_BF_CFB64;
#endif
else if( p == EVP_bf_cfb() ) n = HB_EVP_CIPHER_BF_CFB;
else if( p == EVP_bf_ofb() ) n = HB_EVP_CIPHER_BF_OFB;
#endif
#ifndef OPENSSL_NO_CAST
else if( p == EVP_cast5_ecb() ) n = HB_EVP_CIPHER_CAST5_ECB;
else if( p == EVP_cast5_cbc() ) n = HB_EVP_CIPHER_CAST5_CBC;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_cast5_cfb64() ) n = HB_EVP_CIPHER_CAST5_CFB64;
#endif
else if( p == EVP_cast5_cfb() ) n = HB_EVP_CIPHER_CAST5_CFB;
else if( p == EVP_cast5_ofb() ) n = HB_EVP_CIPHER_CAST5_OFB;
#endif
#ifndef OPENSSL_NO_RC5
else if( p == EVP_rc5_32_12_16_cbc() ) n = HB_EVP_CIPHER_RC5_32_12_16_CBC;
else if( p == EVP_rc5_32_12_16_ecb() ) n = HB_EVP_CIPHER_RC5_32_12_16_ECB;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_rc5_32_12_16_cfb64() ) n = HB_EVP_CIPHER_RC5_32_12_16_CFB64;
#endif
else if( p == EVP_rc5_32_12_16_cfb() ) n = HB_EVP_CIPHER_RC5_32_12_16_CFB;
else if( p == EVP_rc5_32_12_16_ofb() ) n = HB_EVP_CIPHER_RC5_32_12_16_OFB;
#endif
#ifndef OPENSSL_NO_AES
else if( p == EVP_aes_128_ecb() ) n = HB_EVP_CIPHER_AES_128_ECB;
else if( p == EVP_aes_128_cbc() ) n = HB_EVP_CIPHER_AES_128_CBC;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_aes_128_cfb1() ) n = HB_EVP_CIPHER_AES_128_CFB1;
else if( p == EVP_aes_128_cfb8() ) n = HB_EVP_CIPHER_AES_128_CFB8;
else if( p == EVP_aes_128_cfb128() ) n = HB_EVP_CIPHER_AES_128_CFB128;
#endif
else if( p == EVP_aes_128_cfb() ) n = HB_EVP_CIPHER_AES_128_CFB;
else if( p == EVP_aes_128_ofb() ) n = HB_EVP_CIPHER_AES_128_OFB;
else if( p == EVP_aes_192_ecb() ) n = HB_EVP_CIPHER_AES_192_ECB;
else if( p == EVP_aes_192_cbc() ) n = HB_EVP_CIPHER_AES_192_CBC;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_aes_192_cfb1() ) n = HB_EVP_CIPHER_AES_192_CFB1;
else if( p == EVP_aes_192_cfb8() ) n = HB_EVP_CIPHER_AES_192_CFB8;
else if( p == EVP_aes_192_cfb128() ) n = HB_EVP_CIPHER_AES_192_CFB128;
#endif
else if( p == EVP_aes_192_cfb() ) n = HB_EVP_CIPHER_AES_192_CFB;
else if( p == EVP_aes_192_ofb() ) n = HB_EVP_CIPHER_AES_192_OFB;
else if( p == EVP_aes_256_ecb() ) n = HB_EVP_CIPHER_AES_256_ECB;
else if( p == EVP_aes_256_cbc() ) n = HB_EVP_CIPHER_AES_256_CBC;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_aes_256_cfb1() ) n = HB_EVP_CIPHER_AES_256_CFB1;
else if( p == EVP_aes_256_cfb8() ) n = HB_EVP_CIPHER_AES_256_CFB8;
else if( p == EVP_aes_256_cfb128() ) n = HB_EVP_CIPHER_AES_256_CFB128;
#endif
else if( p == EVP_aes_256_cfb() ) n = HB_EVP_CIPHER_AES_256_CFB;
else if( p == EVP_aes_256_ofb() ) n = HB_EVP_CIPHER_AES_256_OFB;
#endif
#ifndef OPENSSL_NO_CAMELLIA
else if( p == EVP_camellia_128_ecb() ) n = HB_EVP_CIPHER_CAMELLIA_128_ECB;
else if( p == EVP_camellia_128_cbc() ) n = HB_EVP_CIPHER_CAMELLIA_128_CBC;
else if( p == EVP_camellia_128_cfb1() ) n = HB_EVP_CIPHER_CAMELLIA_128_CFB1;
else if( p == EVP_camellia_128_cfb8() ) n = HB_EVP_CIPHER_CAMELLIA_128_CFB8;
else if( p == EVP_camellia_128_cfb128() ) n = HB_EVP_CIPHER_CAMELLIA_128_CFB128;
else if( p == EVP_camellia_128_cfb() ) n = HB_EVP_CIPHER_CAMELLIA_128_CFB;
else if( p == EVP_camellia_128_ofb() ) n = HB_EVP_CIPHER_CAMELLIA_128_OFB;
else if( p == EVP_camellia_192_ecb() ) n = HB_EVP_CIPHER_CAMELLIA_192_ECB;
else if( p == EVP_camellia_192_cbc() ) n = HB_EVP_CIPHER_CAMELLIA_192_CBC;
else if( p == EVP_camellia_192_cfb1() ) n = HB_EVP_CIPHER_CAMELLIA_192_CFB1;
else if( p == EVP_camellia_192_cfb8() ) n = HB_EVP_CIPHER_CAMELLIA_192_CFB8;
else if( p == EVP_camellia_192_cfb128() ) n = HB_EVP_CIPHER_CAMELLIA_192_CFB128;
else if( p == EVP_camellia_192_cfb() ) n = HB_EVP_CIPHER_CAMELLIA_192_CFB;
else if( p == EVP_camellia_192_ofb() ) n = HB_EVP_CIPHER_CAMELLIA_192_OFB;
else if( p == EVP_camellia_256_ecb() ) n = HB_EVP_CIPHER_CAMELLIA_256_ECB;
else if( p == EVP_camellia_256_cbc() ) n = HB_EVP_CIPHER_CAMELLIA_256_CBC;
else if( p == EVP_camellia_256_cfb1() ) n = HB_EVP_CIPHER_CAMELLIA_256_CFB1;
else if( p == EVP_camellia_256_cfb8() ) n = HB_EVP_CIPHER_CAMELLIA_256_CFB8;
else if( p == EVP_camellia_256_cfb128() ) n = HB_EVP_CIPHER_CAMELLIA_256_CFB128;
else if( p == EVP_camellia_256_cfb() ) n = HB_EVP_CIPHER_CAMELLIA_256_CFB;
else if( p == EVP_camellia_256_ofb() ) n = HB_EVP_CIPHER_CAMELLIA_256_OFB;
#endif
#ifndef OPENSSL_NO_SEED
else if( p == EVP_seed_ecb() ) n = HB_EVP_CIPHER_SEED_ECB;
else if( p == EVP_seed_cbc() ) n = HB_EVP_CIPHER_SEED_CBC;
else if( p == EVP_seed_cfb128() ) n = HB_EVP_CIPHER_SEED_CFB128;
else if( p == EVP_seed_cfb() ) n = HB_EVP_CIPHER_SEED_CFB;
else if( p == EVP_seed_ofb() ) n = HB_EVP_CIPHER_SEED_OFB;
#endif
else n = HB_EVP_CIPHER_UNSUPPORTED;
return n;
}
void AESCryptoKey::TransformBlock(bool encrypt,
const uint8_t *pbIn,
uint32_t cbIn,
uint8_t *pbOut,
uint32_t & cbOut,
const uint8_t *pbIv,
uint32_t cbIv)
{
if (pbIn == nullptr) {
throw exceptions::RMSCryptoNullPointerException("Null pointer pbIn exception");
}
if (pbOut == nullptr) {
throw exceptions::RMSCryptoNullPointerException("Null pointer pbOut exception");
}
if (((cbIv == 0) && (pbIv != nullptr)) || ((cbIv != 0) && (pbIv == nullptr))) {
pbIv = nullptr;
cbIv = 0;
}
int totalOut = static_cast<int>(cbOut);
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
const EVP_CIPHER *cipher = nullptr;
switch (m_algorithm) {
case api::CRYPTO_ALGORITHM_AES_ECB:
switch(m_key.size()) {
case 16:
cipher = EVP_aes_128_ecb();
break;
case 24:
cipher = EVP_aes_192_ecb();
break;
case 32:
cipher = EVP_aes_256_ecb();
break;
default:
throw exceptions::RMSCryptoInvalidArgumentException("Invalid key length");
}
break;
case api::CRYPTO_ALGORITHM_AES_CBC:
case api::CRYPTO_ALGORITHM_AES_CBC_PKCS7:
switch(m_key.size()) {
case 16:
cipher = EVP_aes_128_cbc();
break;
case 24:
cipher = EVP_aes_192_cbc();
break;
case 32:
cipher = EVP_aes_256_cbc();
break;
default:
throw exceptions::RMSCryptoInvalidArgumentException("Invalid key length");
}
break;
break;
default:
throw exceptions::RMSCryptoInvalidArgumentException("Unsupported algorithm");
}
// check lengths
if ((pbIv != nullptr) &&
(EVP_CIPHER_iv_length(cipher) != static_cast<int>(cbIv))) {
throw exceptions::RMSCryptoInvalidArgumentException(
"Invalid initial vector length");
}
if (EVP_CIPHER_key_length(cipher) != static_cast<int>(m_key.size())) {
throw exceptions::RMSCryptoInvalidArgumentException("Invalid key length");
}
EVP_CipherInit_ex(&ctx, cipher, NULL, m_key.data(), pbIv, encrypt ? 1 : 0);
if (m_algorithm == api::CRYPTO_ALGORITHM_AES_CBC_PKCS7) {
EVP_CIPHER_CTX_set_padding(&ctx, 1);
} else {
EVP_CIPHER_CTX_set_padding(&ctx, 0);
}
if (!EVP_CipherUpdate(&ctx, pbOut, &totalOut, pbIn, static_cast<int>(cbIn))) {
throw exceptions::RMSCryptoIOException(
exceptions::RMSCryptoException::UnknownError,
"Failed to transform data");
}
pbOut += totalOut;
// add padding if necessary
if (m_algorithm == api::CRYPTO_ALGORITHM_AES_CBC_PKCS7) {
int remain = cbOut - totalOut;
if (remain < EVP_CIPHER_block_size(cipher)) {
throw exceptions::RMSCryptoInsufficientBufferException(
"No enough buffer size");
}
if (!EVP_CipherFinal_ex(&ctx, pbOut, &remain)) {
throw exceptions::RMSCryptoIOException(
exceptions::RMSCryptoException::UnknownError,
"Failed to transform final block");
}
totalOut += remain;
}
EVP_CIPHER_CTX_cleanup(&ctx);
// remember total size
cbOut = static_cast<uint32_t>(totalOut);
}
int AESTest(EVP_CIPHER_CTX *ctx,
char *amode, int akeysz, unsigned char *aKey,
unsigned char *iVec,
int dir, /* 0 = decrypt, 1 = encrypt */
unsigned char *plaintext, unsigned char *ciphertext, int len)
{
const EVP_CIPHER *cipher = NULL;
int ret = 1;
int kt = 0;
if (ctx)
memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
if (strcasecmp(amode, "CBC") == 0)
kt = 1000;
else if (strcasecmp(amode, "ECB") == 0)
kt = 2000;
else if (strcasecmp(amode, "CFB128") == 0)
kt = 3000;
else if (strncasecmp(amode, "OFB", 3) == 0)
kt = 4000;
else if(!strcasecmp(amode,"CFB1"))
kt=5000;
else if(!strcasecmp(amode,"CFB8"))
kt=6000;
else
{
printf("Unknown mode: %s\n", amode);
EXIT(1);
}
if (ret)
{
if ((akeysz != 128) && (akeysz != 192) && (akeysz != 256))
{
printf("Invalid key size: %d\n", akeysz);
ret = 0;
}
else
{
kt += akeysz;
switch (kt)
{
case 1128: /* CBC 128 */
cipher = EVP_aes_128_cbc();
break;
case 1192: /* CBC 192 */
cipher = EVP_aes_192_cbc();
break;
case 1256: /* CBC 256 */
cipher = EVP_aes_256_cbc();
break;
case 2128: /* ECB 128 */
cipher = EVP_aes_128_ecb();
break;
case 2192: /* ECB 192 */
cipher = EVP_aes_192_ecb();
break;
case 2256: /* ECB 256 */
cipher = EVP_aes_256_ecb();
break;
case 3128: /* CFB 128 */
cipher = EVP_aes_128_cfb();
break;
case 3192: /* CFB 192 */
cipher = EVP_aes_192_cfb();
break;
case 3256: /* CFB 256 */
cipher = EVP_aes_256_cfb();
break;
case 4128: /* OFB 128 */
cipher = EVP_aes_128_ofb();
break;
case 4192: /* OFB 192 */
cipher = EVP_aes_192_ofb();
break;
case 4256: /* OFB 256 */
cipher = EVP_aes_256_ofb();
break;
case 5128:
cipher=EVP_aes_128_cfb1();
break;
case 5192:
cipher=EVP_aes_192_cfb1();
break;
case 5256:
cipher=EVP_aes_256_cfb1();
break;
case 6128:
cipher=EVP_aes_128_cfb8();
break;
case 6192:
cipher=EVP_aes_192_cfb8();
break;
case 6256:
cipher=EVP_aes_256_cfb8();
break;
default:
printf("Didn't handle mode %d\n",kt);
EXIT(1);
}
if (dir)
{ /* encrypt */
if(!EVP_CipherInit(ctx, cipher, aKey, iVec, AES_ENCRYPT))
{
ERR_print_errors_fp(stderr);
EXIT(1);
}
EVP_Cipher(ctx, ciphertext, (unsigned char*)plaintext, len);
}
else
{ /* decrypt */
if(!EVP_CipherInit(ctx, cipher, aKey, iVec, AES_DECRYPT))
{
ERR_print_errors_fp(stderr);
EXIT(1);
}
EVP_Cipher(ctx, (unsigned char*)plaintext, ciphertext, len);
}
}
}
return ret;
}
extern "C" const EVP_CIPHER* CryptoNative_EvpAes192Ecb()
{
return EVP_aes_192_ecb();
}
/**
* @brief Create a key from the given passphrase. By default, the PBKDF2
* algorithm is used to generate the key from the passphrase. It is expected
* that the same pass phrase will generate the same key, regardless of the
* backend crypto platform used. The key is cleaned up when the context
* is cleaned, and may be reused with multiple encryption or decryption
* operations.
* @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If
* *key is not NULL, *key must point at a previously created structure.
* @param key The key returned, see note.
* @param ivSize The size of the initialisation vector will be returned, based
* on whether an IV is relevant for this type of crypto.
* @param pass The passphrase to use.
* @param passLen The passphrase length in bytes
* @param salt The salt to use.
* @param saltLen The salt length in bytes
* @param type 3DES_192, AES_128, AES_192, AES_256.
* @param mode Electronic Code Book / Cipher Block Chaining.
* @param doPad Pad if necessary.
* @param iterations Iteration count
* @param f The context to use.
* @param p The pool to use.
* @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend
* error occurred while generating the key. APR_ENOCIPHER if the type or mode
* is not supported by the particular backend. APR_EKEYTYPE if the key type is
* not known. APR_EPADDING if padding was requested but is not supported.
* APR_ENOTIMPL if not implemented.
*/
static apr_status_t crypto_passphrase(apr_crypto_key_t **k, apr_size_t *ivSize,
const char *pass, apr_size_t passLen, const unsigned char * salt,
apr_size_t saltLen, const apr_crypto_block_key_type_e type,
const apr_crypto_block_key_mode_e mode, const int doPad,
const int iterations, const apr_crypto_t *f, apr_pool_t *p)
{
apr_crypto_key_t *key = *k;
if (!key) {
*k = key = apr_array_push(f->keys);
}
if (!key) {
return APR_ENOMEM;
}
key->f = f;
key->provider = f->provider;
/* determine the cipher to be used */
switch (type) {
case (APR_KEY_3DES_192):
/* A 3DES key */
if (mode == APR_MODE_CBC) {
key->cipher = EVP_des_ede3_cbc();
}
else {
key->cipher = EVP_des_ede3_ecb();
}
break;
case (APR_KEY_AES_128):
if (mode == APR_MODE_CBC) {
key->cipher = EVP_aes_128_cbc();
}
else {
key->cipher = EVP_aes_128_ecb();
}
break;
case (APR_KEY_AES_192):
if (mode == APR_MODE_CBC) {
key->cipher = EVP_aes_192_cbc();
}
else {
key->cipher = EVP_aes_192_ecb();
}
break;
case (APR_KEY_AES_256):
if (mode == APR_MODE_CBC) {
key->cipher = EVP_aes_256_cbc();
}
else {
key->cipher = EVP_aes_256_ecb();
}
break;
default:
/* unknown key type, give up */
return APR_EKEYTYPE;
}
/* find the length of the key we need */
key->keyLen = EVP_CIPHER_key_length(key->cipher);
/* make space for the key */
key->key = apr_pcalloc(p, key->keyLen);
if (!key->key) {
return APR_ENOMEM;
}
apr_crypto_clear(p, key->key, key->keyLen);
/* generate the key */
if (PKCS5_PBKDF2_HMAC_SHA1(pass, passLen, (unsigned char *) salt, saltLen,
iterations, key->keyLen, key->key) == 0) {
return APR_ENOKEY;
}
key->doPad = doPad;
/* note: openssl incorrectly returns non zero IV size values for ECB
* algorithms, so work around this by ignoring the IV size.
*/
if (APR_MODE_ECB != mode) {
key->ivSize = EVP_CIPHER_iv_length(key->cipher);
}
if (ivSize) {
*ivSize = key->ivSize;
}
return APR_SUCCESS;
}
void AES192(PA_PluginParameters params)
{
sLONG_PTR *pResult = (sLONG_PTR *)params->fResult;
PackagePtr pParams = (PackagePtr)params->fParameters;
C_BLOB Param1;
C_BLOB Param2;
C_LONGINT Param3;
C_LONGINT Param4;
C_LONGINT Param5;
C_LONGINT Param6;
C_BLOB Param7;
C_BLOB Param8;
C_TEXT returnValue;
Param1.fromParamAtIndex(pParams, 1);
Param2.fromParamAtIndex(pParams, 2);
Param3.fromParamAtIndex(pParams, 3);
Param4.fromParamAtIndex(pParams, 4);
Param5.fromParamAtIndex(pParams, 5);
Param6.fromParamAtIndex(pParams, 6);
Param7.fromParamAtIndex(pParams, 7);
Param8.fromParamAtIndex(pParams, 8);
const EVP_CIPHER *cipher;
switch (Param4.getIntValue())
{
case 0:
cipher = EVP_aes_192_ecb();
break;
case 1:
cipher = EVP_aes_192_cbc();
break;
case 2:
cipher = EVP_aes_192_cfb1();
break;
case 3:
cipher = EVP_aes_192_cfb8();
break;
case 4:
cipher = EVP_aes_192_cfb128();
break;
case 5:
cipher = EVP_aes_192_ofb();
break;
case 6:
cipher = EVP_aes_192_ctr();
break;
case 7:
cipher = EVP_aes_192_gcm();
break;
case 8:
cipher = EVP_aes_192_ccm();
break;
default:
cipher = EVP_aes_192_ecb();
break;
}
CC_AES(cipher, Param1, Param2, Param3, Param5, Param6, Param7, Param8, returnValue);
returnValue.setReturn(pResult);
}
CK_RV PKCS11_Encryption_OpenSSL::InitHelper(Cryptoki_Session_Context* pSessionCtx, CK_MECHANISM_PTR pEncryptMech, CK_OBJECT_HANDLE hKey, BOOL isEncrypt)
{
OPENSSL_HEADER();
OpenSSLEncryptData* pEnc;
const EVP_CIPHER* pCipher;
int padding = 0;
if( pSessionCtx == NULL) return CKR_SESSION_CLOSED;
if( isEncrypt && pSessionCtx->EncryptionCtx != NULL) return CKR_SESSION_PARALLEL_NOT_SUPPORTED;
if(!isEncrypt && pSessionCtx->DecryptionCtx != NULL) return CKR_SESSION_PARALLEL_NOT_SUPPORTED;
pEnc = (OpenSSLEncryptData*)TINYCLR_SSL_MALLOC(sizeof(*pEnc));
if(pEnc == NULL) return CKR_DEVICE_MEMORY;
TINYCLR_SSL_MEMSET(pEnc, 0, sizeof(*pEnc));
pEnc->Key = PKCS11_Keys_OpenSSL::GetKeyFromHandle(pSessionCtx, hKey, !isEncrypt);
pEnc->IsSymmetric = TRUE;
switch(pEncryptMech->mechanism)
{
case CKM_AES_CBC:
case CKM_AES_CBC_PAD:
switch(pEnc->Key->size)
{
case 128:
pCipher = EVP_aes_128_cbc();
break;
case 192:
pCipher = EVP_aes_192_cbc();
break;
case 256:
pCipher = EVP_aes_256_cbc();
break;
default:
OPENSSL_SET_AND_LEAVE(CKR_MECHANISM_INVALID);
}
if(pEncryptMech->mechanism == CKM_AES_CBC_PAD)
{
padding = 1;
}
break;
case CKM_AES_ECB:
case CKM_AES_ECB_PAD:
switch(pEnc->Key->size)
{
case 128:
pCipher = EVP_aes_128_ecb();
break;
case 192:
pCipher = EVP_aes_192_ecb();
break;
case 256:
pCipher = EVP_aes_256_ecb();
break;
default:
OPENSSL_SET_AND_LEAVE(CKR_MECHANISM_INVALID);
}
if(pEncryptMech->mechanism == CKM_AES_ECB_PAD)
{
padding = 1;
}
break;
case CKM_DES3_CBC:
pCipher = EVP_des_ede3_cbc();
break;
case CKM_DES3_CBC_PAD:
pCipher = EVP_des_ede3_cbc();
padding = 1;
break;
case CKM_RSA_PKCS:
pEnc->IsSymmetric= FALSE;
padding = RSA_PKCS1_PADDING;
break;
default:
OPENSSL_SET_AND_LEAVE(CKR_MECHANISM_INVALID);
}
if(pEnc->IsSymmetric)
{
if(pEncryptMech->ulParameterLen > 0 && pEncryptMech->ulParameterLen > 0)
{
memcpy(pEnc->IV, pEncryptMech->pParameter, pEncryptMech->ulParameterLen);
}
pEnc->Key->ctx = &pEnc->SymmetricCtx;
if(isEncrypt)
{
OPENSSL_CHECKRESULT(EVP_EncryptInit(&pEnc->SymmetricCtx, pCipher, (const UINT8*)pEnc->Key->key, pEnc->IV));
}
else
{
OPENSSL_CHECKRESULT(EVP_DecryptInit(&pEnc->SymmetricCtx, pCipher, (const UINT8*)pEnc->Key->key, pEnc->IV));
}
OPENSSL_CHECKRESULT(EVP_CIPHER_CTX_set_padding(&pEnc->SymmetricCtx, padding));
}
else
{
pEnc->Key->ctx = EVP_PKEY_CTX_new((EVP_PKEY*)pEnc->Key->key, NULL);
if(isEncrypt)
{
OPENSSL_CHECKRESULT(EVP_PKEY_encrypt_init ((EVP_PKEY_CTX*)pEnc->Key->ctx ));
OPENSSL_CHECKRESULT(EVP_PKEY_CTX_set_rsa_padding((EVP_PKEY_CTX*)pEnc->Key->ctx, padding));
}
else
{
OPENSSL_CHECKRESULT(EVP_PKEY_decrypt_init ((EVP_PKEY_CTX*)pEnc->Key->ctx ));
OPENSSL_CHECKRESULT(EVP_PKEY_CTX_set_rsa_padding((EVP_PKEY_CTX*)pEnc->Key->ctx, padding));
}
}
if(isEncrypt) pSessionCtx->EncryptionCtx = pEnc;
else pSessionCtx->DecryptionCtx = pEnc;
OPENSSL_CLEANUP();
if(retVal != CKR_OK && pEnc != NULL)
{
TINYCLR_SSL_FREE(pEnc);
}
OPENSSL_RETURN();
}
void OpenSSL_add_all_ciphers(void)
{
#ifndef OPENSSL_NO_DES
EVP_add_cipher(EVP_des_cfb());
EVP_add_cipher(EVP_des_cfb1());
EVP_add_cipher(EVP_des_cfb8());
EVP_add_cipher(EVP_des_ede_cfb());
EVP_add_cipher(EVP_des_ede3_cfb());
EVP_add_cipher(EVP_des_ede3_cfb1());
EVP_add_cipher(EVP_des_ede3_cfb8());
EVP_add_cipher(EVP_des_ofb());
EVP_add_cipher(EVP_des_ede_ofb());
EVP_add_cipher(EVP_des_ede3_ofb());
EVP_add_cipher(EVP_desx_cbc());
EVP_add_cipher_alias(SN_desx_cbc, "DESX");
EVP_add_cipher_alias(SN_desx_cbc, "desx");
EVP_add_cipher(EVP_des_cbc());
EVP_add_cipher_alias(SN_des_cbc, "DES");
EVP_add_cipher_alias(SN_des_cbc, "des");
EVP_add_cipher(EVP_des_ede_cbc());
EVP_add_cipher(EVP_des_ede3_cbc());
EVP_add_cipher_alias(SN_des_ede3_cbc, "DES3");
EVP_add_cipher_alias(SN_des_ede3_cbc, "des3");
EVP_add_cipher(EVP_des_ecb());
EVP_add_cipher(EVP_des_ede());
EVP_add_cipher(EVP_des_ede3());
EVP_add_cipher(EVP_des_ede3_wrap());
#endif
#ifndef OPENSSL_NO_RC4
EVP_add_cipher(EVP_rc4());
EVP_add_cipher(EVP_rc4_40());
# ifndef OPENSSL_NO_MD5
EVP_add_cipher(EVP_rc4_hmac_md5());
# endif
#endif
#ifndef OPENSSL_NO_IDEA
EVP_add_cipher(EVP_idea_ecb());
EVP_add_cipher(EVP_idea_cfb());
EVP_add_cipher(EVP_idea_ofb());
EVP_add_cipher(EVP_idea_cbc());
EVP_add_cipher_alias(SN_idea_cbc, "IDEA");
EVP_add_cipher_alias(SN_idea_cbc, "idea");
#endif
#ifndef OPENSSL_NO_SEED
EVP_add_cipher(EVP_seed_ecb());
EVP_add_cipher(EVP_seed_cfb());
EVP_add_cipher(EVP_seed_ofb());
EVP_add_cipher(EVP_seed_cbc());
EVP_add_cipher_alias(SN_seed_cbc, "SEED");
EVP_add_cipher_alias(SN_seed_cbc, "seed");
#endif
#ifndef OPENSSL_NO_RC2
EVP_add_cipher(EVP_rc2_ecb());
EVP_add_cipher(EVP_rc2_cfb());
EVP_add_cipher(EVP_rc2_ofb());
EVP_add_cipher(EVP_rc2_cbc());
EVP_add_cipher(EVP_rc2_40_cbc());
EVP_add_cipher(EVP_rc2_64_cbc());
EVP_add_cipher_alias(SN_rc2_cbc, "RC2");
EVP_add_cipher_alias(SN_rc2_cbc, "rc2");
#endif
#ifndef OPENSSL_NO_BF
EVP_add_cipher(EVP_bf_ecb());
EVP_add_cipher(EVP_bf_cfb());
EVP_add_cipher(EVP_bf_ofb());
EVP_add_cipher(EVP_bf_cbc());
EVP_add_cipher_alias(SN_bf_cbc, "BF");
EVP_add_cipher_alias(SN_bf_cbc, "bf");
EVP_add_cipher_alias(SN_bf_cbc, "blowfish");
#endif
#ifndef OPENSSL_NO_CAST
EVP_add_cipher(EVP_cast5_ecb());
EVP_add_cipher(EVP_cast5_cfb());
EVP_add_cipher(EVP_cast5_ofb());
EVP_add_cipher(EVP_cast5_cbc());
EVP_add_cipher_alias(SN_cast5_cbc, "CAST");
EVP_add_cipher_alias(SN_cast5_cbc, "cast");
EVP_add_cipher_alias(SN_cast5_cbc, "CAST-cbc");
EVP_add_cipher_alias(SN_cast5_cbc, "cast-cbc");
#endif
#ifndef OPENSSL_NO_RC5
EVP_add_cipher(EVP_rc5_32_12_16_ecb());
EVP_add_cipher(EVP_rc5_32_12_16_cfb());
EVP_add_cipher(EVP_rc5_32_12_16_ofb());
EVP_add_cipher(EVP_rc5_32_12_16_cbc());
EVP_add_cipher_alias(SN_rc5_cbc, "rc5");
EVP_add_cipher_alias(SN_rc5_cbc, "RC5");
#endif
#ifndef OPENSSL_NO_AES
EVP_add_cipher(EVP_aes_128_ecb());
EVP_add_cipher(EVP_aes_128_cbc());
EVP_add_cipher(EVP_aes_128_cfb());
EVP_add_cipher(EVP_aes_128_cfb1());
EVP_add_cipher(EVP_aes_128_cfb8());
EVP_add_cipher(EVP_aes_128_ofb());
EVP_add_cipher(EVP_aes_128_ctr());
EVP_add_cipher(EVP_aes_128_gcm());
EVP_add_cipher(EVP_aes_128_xts());
EVP_add_cipher(EVP_aes_128_ccm());
EVP_add_cipher(EVP_aes_128_wrap());
EVP_add_cipher_alias(SN_aes_128_cbc, "AES128");
EVP_add_cipher_alias(SN_aes_128_cbc, "aes128");
EVP_add_cipher(EVP_aes_192_ecb());
EVP_add_cipher(EVP_aes_192_cbc());
EVP_add_cipher(EVP_aes_192_cfb());
EVP_add_cipher(EVP_aes_192_cfb1());
EVP_add_cipher(EVP_aes_192_cfb8());
EVP_add_cipher(EVP_aes_192_ofb());
EVP_add_cipher(EVP_aes_192_ctr());
EVP_add_cipher(EVP_aes_192_gcm());
EVP_add_cipher(EVP_aes_192_ccm());
EVP_add_cipher(EVP_aes_192_wrap());
EVP_add_cipher_alias(SN_aes_192_cbc, "AES192");
EVP_add_cipher_alias(SN_aes_192_cbc, "aes192");
EVP_add_cipher(EVP_aes_256_ecb());
EVP_add_cipher(EVP_aes_256_cbc());
EVP_add_cipher(EVP_aes_256_cfb());
EVP_add_cipher(EVP_aes_256_cfb1());
EVP_add_cipher(EVP_aes_256_cfb8());
EVP_add_cipher(EVP_aes_256_ofb());
EVP_add_cipher(EVP_aes_256_ctr());
EVP_add_cipher(EVP_aes_256_gcm());
EVP_add_cipher(EVP_aes_256_xts());
EVP_add_cipher(EVP_aes_256_ccm());
EVP_add_cipher(EVP_aes_256_wrap());
EVP_add_cipher_alias(SN_aes_256_cbc, "AES256");
EVP_add_cipher_alias(SN_aes_256_cbc, "aes256");
# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
# endif
# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());
EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());
# endif
#endif
#ifndef OPENSSL_NO_CAMELLIA
EVP_add_cipher(EVP_camellia_128_ecb());
EVP_add_cipher(EVP_camellia_128_cbc());
EVP_add_cipher(EVP_camellia_128_cfb());
EVP_add_cipher(EVP_camellia_128_cfb1());
EVP_add_cipher(EVP_camellia_128_cfb8());
EVP_add_cipher(EVP_camellia_128_ofb());
EVP_add_cipher_alias(SN_camellia_128_cbc, "CAMELLIA128");
EVP_add_cipher_alias(SN_camellia_128_cbc, "camellia128");
EVP_add_cipher(EVP_camellia_192_ecb());
EVP_add_cipher(EVP_camellia_192_cbc());
EVP_add_cipher(EVP_camellia_192_cfb());
EVP_add_cipher(EVP_camellia_192_cfb1());
EVP_add_cipher(EVP_camellia_192_cfb8());
EVP_add_cipher(EVP_camellia_192_ofb());
EVP_add_cipher_alias(SN_camellia_192_cbc, "CAMELLIA192");
EVP_add_cipher_alias(SN_camellia_192_cbc, "camellia192");
EVP_add_cipher(EVP_camellia_256_ecb());
EVP_add_cipher(EVP_camellia_256_cbc());
EVP_add_cipher(EVP_camellia_256_cfb());
EVP_add_cipher(EVP_camellia_256_cfb1());
EVP_add_cipher(EVP_camellia_256_cfb8());
EVP_add_cipher(EVP_camellia_256_ofb());
EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256");
EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256");
#endif
}
int update_iv(KA_CTX *ctx, EVP_CIPHER_CTX *cipher_ctx, const BIGNUM *ssc)
{
BUF_MEM *sscbuf = NULL, *ivbuf = NULL;
const EVP_CIPHER *ivcipher = NULL, *oldcipher;
unsigned char *ssc_buf = NULL;
unsigned char *p;
int r = 0;
check(ctx, "Invalid arguments");
switch (EVP_CIPHER_nid(ctx->cipher)) {
case NID_aes_128_cbc:
if (!ivcipher)
ivcipher = EVP_aes_128_ecb();
/* fall through */
case NID_aes_192_cbc:
if (!ivcipher)
ivcipher = EVP_aes_192_ecb();
/* fall through */
case NID_aes_256_cbc:
if (!ivcipher)
ivcipher = EVP_aes_256_ecb();
/* For AES decryption the IV is not needed,
* so we always set it to the encryption IV=E(K_Enc, SSC) */
r = encode_ssc(ssc, ctx, &ssc_buf);
if (r < 0)
goto err;
sscbuf = BUF_MEM_create_init(ssc_buf, r);
if (!sscbuf)
goto err;
oldcipher = ctx->cipher;
ctx->cipher = ivcipher;
ivbuf = cipher_no_pad(ctx, cipher_ctx, ctx->k_enc, sscbuf, 1);
ctx->cipher = oldcipher;
if (!ivbuf)
goto err;
p = OPENSSL_realloc(ctx->iv, ivbuf->length);
if (!p)
goto err;
ctx->iv = p;
/* Flawfinder: ignore */
memcpy(ctx->iv, ivbuf->data, ivbuf->length);
break;
case NID_des_ede_cbc:
/* For 3DES encryption or decryption the IV is always NULL */
if (ctx->iv)
OPENSSL_free(ctx->iv);
ctx->iv = NULL;
break;
default:
log_err("Unknown cipher");
goto err;
}
r = 1;
err:
if (ssc_buf)
OPENSSL_free(ssc_buf);
if (sscbuf)
BUF_MEM_free(sscbuf);
if (ivbuf)
BUF_MEM_free(ivbuf);
return r;
}
void openssl_add_all_ciphers_int(void)
{
#ifndef OPENSSL_NO_DES
EVP_add_cipher(EVP_des_cfb());
EVP_add_cipher(EVP_des_cfb1());
EVP_add_cipher(EVP_des_cfb8());
EVP_add_cipher(EVP_des_ede_cfb());
EVP_add_cipher(EVP_des_ede3_cfb());
EVP_add_cipher(EVP_des_ede3_cfb1());
EVP_add_cipher(EVP_des_ede3_cfb8());
EVP_add_cipher(EVP_des_ofb());
EVP_add_cipher(EVP_des_ede_ofb());
EVP_add_cipher(EVP_des_ede3_ofb());
EVP_add_cipher(EVP_desx_cbc());
EVP_add_cipher_alias(SN_desx_cbc, "DESX");
EVP_add_cipher_alias(SN_desx_cbc, "desx");
EVP_add_cipher(EVP_des_cbc());
EVP_add_cipher_alias(SN_des_cbc, "DES");
EVP_add_cipher_alias(SN_des_cbc, "des");
EVP_add_cipher(EVP_des_ede_cbc());
EVP_add_cipher(EVP_des_ede3_cbc());
EVP_add_cipher_alias(SN_des_ede3_cbc, "DES3");
EVP_add_cipher_alias(SN_des_ede3_cbc, "des3");
EVP_add_cipher(EVP_des_ecb());
EVP_add_cipher(EVP_des_ede());
EVP_add_cipher_alias(SN_des_ede_ecb, "DES-EDE-ECB");
EVP_add_cipher_alias(SN_des_ede_ecb, "des-ede-ecb");
EVP_add_cipher(EVP_des_ede3());
EVP_add_cipher_alias(SN_des_ede3_ecb, "DES-EDE3-ECB");
EVP_add_cipher_alias(SN_des_ede3_ecb, "des-ede3-ecb");
EVP_add_cipher(EVP_des_ede3_wrap());
EVP_add_cipher_alias(SN_id_smime_alg_CMS3DESwrap, "des3-wrap");
#endif
#ifndef OPENSSL_NO_RC4
EVP_add_cipher(EVP_rc4());
EVP_add_cipher(EVP_rc4_40());
# ifndef OPENSSL_NO_MD5
EVP_add_cipher(EVP_rc4_hmac_md5());
# endif
#endif
#ifndef OPENSSL_NO_IDEA
EVP_add_cipher(EVP_idea_ecb());
EVP_add_cipher(EVP_idea_cfb());
EVP_add_cipher(EVP_idea_ofb());
EVP_add_cipher(EVP_idea_cbc());
EVP_add_cipher_alias(SN_idea_cbc, "IDEA");
EVP_add_cipher_alias(SN_idea_cbc, "idea");
#endif
#ifndef OPENSSL_NO_SEED
EVP_add_cipher(EVP_seed_ecb());
EVP_add_cipher(EVP_seed_cfb());
EVP_add_cipher(EVP_seed_ofb());
EVP_add_cipher(EVP_seed_cbc());
EVP_add_cipher_alias(SN_seed_cbc, "SEED");
EVP_add_cipher_alias(SN_seed_cbc, "seed");
#endif
#ifndef OPENSSL_NO_SM4
EVP_add_cipher(EVP_sm4_ecb());
EVP_add_cipher(EVP_sm4_cbc());
EVP_add_cipher(EVP_sm4_cfb());
EVP_add_cipher(EVP_sm4_ofb());
EVP_add_cipher(EVP_sm4_ctr());
EVP_add_cipher_alias(SN_sm4_cbc, "SM4");
EVP_add_cipher_alias(SN_sm4_cbc, "sm4");
#endif
#ifndef OPENSSL_NO_RC2
EVP_add_cipher(EVP_rc2_ecb());
EVP_add_cipher(EVP_rc2_cfb());
EVP_add_cipher(EVP_rc2_ofb());
EVP_add_cipher(EVP_rc2_cbc());
EVP_add_cipher(EVP_rc2_40_cbc());
EVP_add_cipher(EVP_rc2_64_cbc());
EVP_add_cipher_alias(SN_rc2_cbc, "RC2");
EVP_add_cipher_alias(SN_rc2_cbc, "rc2");
EVP_add_cipher_alias(SN_rc2_cbc, "rc2-128");
EVP_add_cipher_alias(SN_rc2_64_cbc, "rc2-64");
EVP_add_cipher_alias(SN_rc2_40_cbc, "rc2-40");
#endif
#ifndef OPENSSL_NO_BF
EVP_add_cipher(EVP_bf_ecb());
EVP_add_cipher(EVP_bf_cfb());
EVP_add_cipher(EVP_bf_ofb());
EVP_add_cipher(EVP_bf_cbc());
EVP_add_cipher_alias(SN_bf_cbc, "BF");
EVP_add_cipher_alias(SN_bf_cbc, "bf");
EVP_add_cipher_alias(SN_bf_cbc, "blowfish");
#endif
#ifndef OPENSSL_NO_CAST
EVP_add_cipher(EVP_cast5_ecb());
EVP_add_cipher(EVP_cast5_cfb());
EVP_add_cipher(EVP_cast5_ofb());
EVP_add_cipher(EVP_cast5_cbc());
EVP_add_cipher_alias(SN_cast5_cbc, "CAST");
EVP_add_cipher_alias(SN_cast5_cbc, "cast");
EVP_add_cipher_alias(SN_cast5_cbc, "CAST-cbc");
EVP_add_cipher_alias(SN_cast5_cbc, "cast-cbc");
#endif
#ifndef OPENSSL_NO_RC5
EVP_add_cipher(EVP_rc5_32_12_16_ecb());
EVP_add_cipher(EVP_rc5_32_12_16_cfb());
EVP_add_cipher(EVP_rc5_32_12_16_ofb());
EVP_add_cipher(EVP_rc5_32_12_16_cbc());
EVP_add_cipher_alias(SN_rc5_cbc, "rc5");
EVP_add_cipher_alias(SN_rc5_cbc, "RC5");
#endif
EVP_add_cipher(EVP_aes_128_ecb());
EVP_add_cipher(EVP_aes_128_cbc());
EVP_add_cipher(EVP_aes_128_cfb());
EVP_add_cipher(EVP_aes_128_cfb1());
EVP_add_cipher(EVP_aes_128_cfb8());
EVP_add_cipher(EVP_aes_128_ofb());
EVP_add_cipher(EVP_aes_128_ctr());
EVP_add_cipher(EVP_aes_128_gcm());
#ifndef OPENSSL_NO_OCB
EVP_add_cipher(EVP_aes_128_ocb());
#endif
EVP_add_cipher(EVP_aes_128_xts());
EVP_add_cipher(EVP_aes_128_ccm());
EVP_add_cipher(EVP_aes_128_wrap());
EVP_add_cipher_alias(SN_id_aes128_wrap, "aes128-wrap");
EVP_add_cipher(EVP_aes_128_wrap_pad());
EVP_add_cipher_alias(SN_aes_128_cbc, "AES128");
EVP_add_cipher_alias(SN_aes_128_cbc, "aes128");
EVP_add_cipher(EVP_aes_192_ecb());
EVP_add_cipher(EVP_aes_192_cbc());
EVP_add_cipher(EVP_aes_192_cfb());
EVP_add_cipher(EVP_aes_192_cfb1());
EVP_add_cipher(EVP_aes_192_cfb8());
EVP_add_cipher(EVP_aes_192_ofb());
EVP_add_cipher(EVP_aes_192_ctr());
EVP_add_cipher(EVP_aes_192_gcm());
#ifndef OPENSSL_NO_OCB
EVP_add_cipher(EVP_aes_192_ocb());
#endif
EVP_add_cipher(EVP_aes_192_ccm());
EVP_add_cipher(EVP_aes_192_wrap());
EVP_add_cipher_alias(SN_id_aes192_wrap, "aes192-wrap");
EVP_add_cipher(EVP_aes_192_wrap_pad());
EVP_add_cipher_alias(SN_aes_192_cbc, "AES192");
EVP_add_cipher_alias(SN_aes_192_cbc, "aes192");
EVP_add_cipher(EVP_aes_256_ecb());
EVP_add_cipher(EVP_aes_256_cbc());
EVP_add_cipher(EVP_aes_256_cfb());
EVP_add_cipher(EVP_aes_256_cfb1());
EVP_add_cipher(EVP_aes_256_cfb8());
EVP_add_cipher(EVP_aes_256_ofb());
EVP_add_cipher(EVP_aes_256_ctr());
EVP_add_cipher(EVP_aes_256_gcm());
#ifndef OPENSSL_NO_OCB
EVP_add_cipher(EVP_aes_256_ocb());
#endif
EVP_add_cipher(EVP_aes_256_xts());
EVP_add_cipher(EVP_aes_256_ccm());
EVP_add_cipher(EVP_aes_256_wrap());
EVP_add_cipher_alias(SN_id_aes256_wrap, "aes256-wrap");
EVP_add_cipher(EVP_aes_256_wrap_pad());
EVP_add_cipher_alias(SN_aes_256_cbc, "AES256");
EVP_add_cipher_alias(SN_aes_256_cbc, "aes256");
EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());
EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());
#ifndef OPENSSL_NO_SIV
EVP_add_cipher(EVP_aes_128_siv());
EVP_add_cipher(EVP_aes_192_siv());
EVP_add_cipher(EVP_aes_256_siv());
#endif
#ifndef OPENSSL_NO_ARIA
EVP_add_cipher(EVP_aria_128_ecb());
EVP_add_cipher(EVP_aria_128_cbc());
EVP_add_cipher(EVP_aria_128_cfb());
EVP_add_cipher(EVP_aria_128_cfb1());
EVP_add_cipher(EVP_aria_128_cfb8());
EVP_add_cipher(EVP_aria_128_ctr());
EVP_add_cipher(EVP_aria_128_ofb());
EVP_add_cipher(EVP_aria_128_gcm());
EVP_add_cipher(EVP_aria_128_ccm());
EVP_add_cipher_alias(SN_aria_128_cbc, "ARIA128");
EVP_add_cipher_alias(SN_aria_128_cbc, "aria128");
EVP_add_cipher(EVP_aria_192_ecb());
EVP_add_cipher(EVP_aria_192_cbc());
EVP_add_cipher(EVP_aria_192_cfb());
EVP_add_cipher(EVP_aria_192_cfb1());
EVP_add_cipher(EVP_aria_192_cfb8());
EVP_add_cipher(EVP_aria_192_ctr());
EVP_add_cipher(EVP_aria_192_ofb());
EVP_add_cipher(EVP_aria_192_gcm());
EVP_add_cipher(EVP_aria_192_ccm());
EVP_add_cipher_alias(SN_aria_192_cbc, "ARIA192");
EVP_add_cipher_alias(SN_aria_192_cbc, "aria192");
EVP_add_cipher(EVP_aria_256_ecb());
EVP_add_cipher(EVP_aria_256_cbc());
EVP_add_cipher(EVP_aria_256_cfb());
EVP_add_cipher(EVP_aria_256_cfb1());
EVP_add_cipher(EVP_aria_256_cfb8());
EVP_add_cipher(EVP_aria_256_ctr());
EVP_add_cipher(EVP_aria_256_ofb());
EVP_add_cipher(EVP_aria_256_gcm());
EVP_add_cipher(EVP_aria_256_ccm());
EVP_add_cipher_alias(SN_aria_256_cbc, "ARIA256");
EVP_add_cipher_alias(SN_aria_256_cbc, "aria256");
#endif
#ifndef OPENSSL_NO_CAMELLIA
EVP_add_cipher(EVP_camellia_128_ecb());
EVP_add_cipher(EVP_camellia_128_cbc());
EVP_add_cipher(EVP_camellia_128_cfb());
EVP_add_cipher(EVP_camellia_128_cfb1());
EVP_add_cipher(EVP_camellia_128_cfb8());
EVP_add_cipher(EVP_camellia_128_ofb());
EVP_add_cipher_alias(SN_camellia_128_cbc, "CAMELLIA128");
EVP_add_cipher_alias(SN_camellia_128_cbc, "camellia128");
EVP_add_cipher(EVP_camellia_192_ecb());
EVP_add_cipher(EVP_camellia_192_cbc());
EVP_add_cipher(EVP_camellia_192_cfb());
EVP_add_cipher(EVP_camellia_192_cfb1());
EVP_add_cipher(EVP_camellia_192_cfb8());
EVP_add_cipher(EVP_camellia_192_ofb());
EVP_add_cipher_alias(SN_camellia_192_cbc, "CAMELLIA192");
EVP_add_cipher_alias(SN_camellia_192_cbc, "camellia192");
EVP_add_cipher(EVP_camellia_256_ecb());
EVP_add_cipher(EVP_camellia_256_cbc());
EVP_add_cipher(EVP_camellia_256_cfb());
EVP_add_cipher(EVP_camellia_256_cfb1());
EVP_add_cipher(EVP_camellia_256_cfb8());
EVP_add_cipher(EVP_camellia_256_ofb());
EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256");
EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256");
EVP_add_cipher(EVP_camellia_128_ctr());
EVP_add_cipher(EVP_camellia_192_ctr());
EVP_add_cipher(EVP_camellia_256_ctr());
#endif
#ifndef OPENSSL_NO_CHACHA
EVP_add_cipher(EVP_chacha20());
# ifndef OPENSSL_NO_POLY1305
EVP_add_cipher(EVP_chacha20_poly1305());
# endif
#endif
}
int AesFileEnc::do_crypt(FILE *in, FILE *out, int do_encrypt)
{
/* Allow enough space in output buffer for additional block */
unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
int inlen, outlen;
EVP_CIPHER_CTX ctx;
std::cout << "tutaj";
unsigned char* key = this->key();
// std::cout <<key<<std::endl;
//unsigned char key[] = "0123456789abcdeF";
std::cout <<key<< std::endl;
//unsigned char iv[] = "1234567887654321";
EVP_CIPHER_CTX_init(&ctx);
switch(this->type)
{
case cbc128:
EVP_CipherInit_ex(&ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
do_encrypt);
break;
case cbc192:
EVP_CipherInit_ex(&ctx, EVP_aes_192_cbc(), NULL, NULL, NULL,
do_encrypt);
break;
case cbc256:
EVP_CipherInit_ex(&ctx, EVP_aes_256_cbc(), NULL, NULL, NULL,
do_encrypt);
break;
case ecb128:
EVP_CipherInit_ex(&ctx, EVP_aes_128_ecb(), NULL, NULL, NULL,
do_encrypt);
break;
case ecb192:
EVP_CipherInit_ex(&ctx, EVP_aes_192_ecb(), NULL, NULL, NULL,
do_encrypt);
break;
case ecb256:
EVP_CipherInit_ex(&ctx, EVP_aes_256_ecb(), NULL, NULL, NULL,
do_encrypt);
break;
case cfb128:
EVP_CipherInit_ex(&ctx, EVP_aes_128_cfb(), NULL, NULL, NULL,
do_encrypt);
break;
case cfb192:
EVP_CipherInit_ex(&ctx, EVP_aes_192_cfb(), NULL, NULL, NULL,
do_encrypt);
break;
case cfb256:
EVP_CipherInit_ex(&ctx, EVP_aes_256_cfb(), NULL, NULL, NULL,
do_encrypt);
break;
case ofb128:
EVP_CipherInit_ex(&ctx, EVP_aes_128_ofb(), NULL, NULL, NULL,
do_encrypt);
break;
case ofb192:
EVP_CipherInit_ex(&ctx, EVP_aes_192_ofb(), NULL, NULL, NULL,
do_encrypt);
break;
case ofb256:
EVP_CipherInit_ex(&ctx, EVP_aes_256_ofb(), NULL, NULL, NULL,
do_encrypt);
break;
}
unsigned char *iv = this->iv(EVP_CIPHER_CTX_iv_length(&ctx));
std::cout<< this->keyLength << std::endl;
std::cout<< EVP_CIPHER_CTX_iv_length(&ctx) <<std::endl;
OPENSSL_assert(EVP_CIPHER_CTX_key_length(&ctx) == this->keyLength);
//OPENSSL_assert(EVP_CIPHER_CTX_iv_length(&ctx) == this->keyLength);
EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, do_encrypt);
for(;;)
{
inlen = fread(inbuf, 1, 1024, in);
if(inlen <= 0) break;
if(!EVP_CipherUpdate(&ctx, outbuf, &outlen, inbuf, inlen))
{
EVP_CIPHER_CTX_cleanup(&ctx);
return 0;
}
fwrite(outbuf, 1, outlen, out);
}
if(!EVP_CipherFinal_ex(&ctx, outbuf, &outlen))
{
EVP_CIPHER_CTX_cleanup(&ctx);
return 0;
}
fwrite(outbuf, 1, outlen, out);
EVP_CIPHER_CTX_cleanup(&ctx);
return 1;
}
static const EVP_CIPHER * to_evp_cipher(enum_t e)
{
switch (e)
{
case BLOWFISH_CBC:
return EVP_bf_cbc();
case BLOWFISH_ECB:
return EVP_bf_ecb();
case BLOWFISH_OFB:
return EVP_bf_ofb();
case CAST5_CBC:
return EVP_cast5_cbc();
case CAST5_CFB:
return EVP_cast5_cfb64();
case CAST5_ECB:
return EVP_cast5_ecb();
case CAST5_OFB:
return EVP_cast5_ofb();
case DES_CBC:
return EVP_des_cbc();
case DES_CFB:
return EVP_des_cfb1();
case DES_OFB:
return EVP_des_ofb();
case DES_ECB:
return EVP_des_ecb();
case DES_EDE_CBC:
return EVP_des_ede_cbc();
case DES_EDE_ECB:
return EVP_des_ede_ecb();
case DES_EDE_OFB:
return EVP_des_ede_ofb();
case DES_EDE_CFB_64:
return EVP_des_ede_cfb64();
case DES_EDE3_CBC:
return EVP_des_ede3_cbc();
case DES_EDE3_ECB:
return EVP_des_ede3_ecb();
case DES_EDE3_CFB_1:
return EVP_des_ede3_cfb1();
case DES_EDE3_CFB_8:
return EVP_des_ede3_cfb8();
case DES_EDE3_CFB_64:
return EVP_des_ede3_cfb64();
case DES_EDE3_OFB:
return EVP_des_ede3_ofb();
case RC2_CBC:
return EVP_rc2_cbc();
case RC2_CFB:
return EVP_rc2_cfb();
case RC2_ECB:
return EVP_rc2_ecb();
case RC2_OFB:
return EVP_rc2_ofb();
case RC2_64_CBC:
return EVP_rc2_64_cbc();
case RC2_40_CBC:
return EVP_rc2_40_cbc();
case RC4:
return EVP_rc4();
case RC4_40:
return EVP_rc4_40();
case AES_128_CBC:
return EVP_aes_128_cbc();
case AES_128_CFB:
return EVP_aes_128_cfb();
case AES_128_CFB1:
return EVP_aes_128_cfb1();
case AES_128_CFB8:
return EVP_aes_128_cfb8();
case AES_128_ECB:
return EVP_aes_128_ecb();
case AES_128_OFB:
return EVP_aes_128_ofb();
case AES_192_CBC:
return EVP_aes_192_cbc();
case AES_192_CFB:
return EVP_aes_192_cfb();
case AES_192_CFB1:
return EVP_aes_192_cfb1();
case AES_192_CFB8:
return EVP_aes_192_cfb8();
case AES_192_ECB:
return EVP_aes_192_ecb();
case AES_192_OFB:
return EVP_aes_192_ofb();
case AES_256_CBC:
return EVP_aes_256_cbc();
case AES_256_CFB:
return EVP_aes_256_cfb();
case AES_256_CFB1:
return EVP_aes_256_cfb1();
case AES_256_CFB8:
return EVP_aes_256_cfb8();
case AES_256_ECB:
return EVP_aes_256_ecb();
case AES_256_OFB:
return EVP_aes_256_ofb();
default:
return 0;
}
}
static int AESTest(EVP_CIPHER_CTX *ctx,
char *amode, int akeysz, unsigned char *aKey,
unsigned char *iVec,
int dir, /* 0 = decrypt, 1 = encrypt */
unsigned char *plaintext, unsigned char *ciphertext, int len)
{
const EVP_CIPHER *cipher = NULL;
if (strcasecmp(amode, "CBC") == 0)
{
switch (akeysz)
{
case 128:
cipher = EVP_aes_128_cbc();
break;
case 192:
cipher = EVP_aes_192_cbc();
break;
case 256:
cipher = EVP_aes_256_cbc();
break;
}
}
else if (strcasecmp(amode, "ECB") == 0)
{
switch (akeysz)
{
case 128:
cipher = EVP_aes_128_ecb();
break;
case 192:
cipher = EVP_aes_192_ecb();
break;
case 256:
cipher = EVP_aes_256_ecb();
break;
}
}
else if (strcasecmp(amode, "CFB128") == 0)
{
switch (akeysz)
{
case 128:
cipher = EVP_aes_128_cfb128();
break;
case 192:
cipher = EVP_aes_192_cfb128();
break;
case 256:
cipher = EVP_aes_256_cfb128();
break;
}
}
else if (strncasecmp(amode, "OFB", 3) == 0)
{
switch (akeysz)
{
case 128:
cipher = EVP_aes_128_ofb();
break;
case 192:
cipher = EVP_aes_192_ofb();
break;
case 256:
cipher = EVP_aes_256_ofb();
break;
}
}
else if(!strcasecmp(amode,"CFB1"))
{
switch (akeysz)
{
case 128:
cipher = EVP_aes_128_cfb1();
break;
case 192:
cipher = EVP_aes_192_cfb1();
break;
case 256:
cipher = EVP_aes_256_cfb1();
break;
}
}
else if(!strcasecmp(amode,"CFB8"))
{
switch (akeysz)
{
case 128:
cipher = EVP_aes_128_cfb8();
break;
case 192:
cipher = EVP_aes_192_cfb8();
break;
case 256:
cipher = EVP_aes_256_cfb8();
break;
}
}
else
{
printf("Unknown mode: %s\n", amode);
return 0;
}
if (!cipher)
{
printf("Invalid key size: %d\n", akeysz);
return 0;
}
if (FIPS_cipherinit(ctx, cipher, aKey, iVec, dir) <= 0)
return 0;
if(!strcasecmp(amode,"CFB1"))
M_EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS);
if (dir)
FIPS_cipher(ctx, ciphertext, plaintext, len);
else
FIPS_cipher(ctx, plaintext, ciphertext, len);
return 1;
}
