static int sms4_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inlen) { EVP_SMS4_WRAP_CTX *wctx = EVP_C_DATA(EVP_SMS4_WRAP_CTX,ctx); size_t rv; /* SMS4 wrap with padding has IV length of 4, without padding 8 */ int pad = EVP_CIPHER_CTX_iv_length(ctx) == 4; /* No final operation so always return zero length */ if (!in) return 0; /* Input length must always be non-zero */ if (!inlen) return -1; /* If decrypting need at least 16 bytes and multiple of 8 */ if (!EVP_CIPHER_CTX_encrypting(ctx) && (inlen < 16 || inlen & 0x7)) return -1; /* If not padding input must be multiple of 8 */ if (!pad && inlen & 0x7) return -1; if (!out) { if (EVP_CIPHER_CTX_encrypting(ctx)) { /* If padding round up to multiple of 8 */ if (pad) inlen = (inlen + 7) / 8 * 8; /* 8 byte prefix */ return inlen + 8; } else { /* * If not padding output will be exactly 8 bytes smaller than * input. If padding it will be at least 8 bytes smaller but we * don't know how much. */ return inlen - 8; } } if (pad) { if (EVP_CIPHER_CTX_encrypting(ctx)) rv = CRYPTO_128_wrap_pad(&wctx->ks.ks, wctx->iv, out, in, inlen, (block128_f)sms4_encrypt); else rv = CRYPTO_128_unwrap_pad(&wctx->ks.ks, wctx->iv, out, in, inlen, (block128_f)sms4_encrypt); } else { if (EVP_CIPHER_CTX_encrypting(ctx)) rv = CRYPTO_128_wrap(&wctx->ks.ks, wctx->iv, out, in, inlen, (block128_f)sms4_encrypt); else rv = CRYPTO_128_unwrap(&wctx->ks.ks, wctx->iv, out, in, inlen, (block128_f)sms4_encrypt); } return rv ? (int)rv : -1; }
int AES_wrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out, const unsigned char *in, unsigned int inlen) { return CRYPTO_128_wrap(key, iv, out, in, inlen, (block128_f)AES_encrypt); }
int sms4_wrap_key(sms4_key_t *key, const unsigned char *iv, unsigned char *out, const unsigned char *in, unsigned int inlen) { return CRYPTO_128_wrap(key, iv, out, in, inlen, (block128_f)sms4_encrypt); }