void enc_key_init(int method, const char *pass)
{
if (method <= TABLE || method >= CIPHER_NUM) {
LOGE("enc_key_init(): Illegal method");
return;
}
#if defined(USE_CRYPTO_OPENSSL)
OpenSSL_add_all_algorithms();
#endif
uint8_t iv[MAX_IV_LENGTH];
const cipher_kt_t *cipher = get_cipher_type(method);
if (cipher == NULL) {
LOGE("Cipher %s not found in crypto library", supported_ciphers[method]);
FATAL("Cannot initialize cipher");
}
const digest_type_t *md = get_digest_type("MD5");
if (md == NULL) {
FATAL("MD5 Digest not found in crypto library");
}
enc_key_len = bytes_to_key(cipher, md, (const uint8_t *) pass, enc_key, iv);
if (enc_key_len == 0) {
FATAL("Cannot generate key and IV");
}
enc_iv_len = cipher_iv_size(cipher);
}
void enc_key_init(int method, const char *pass)
{
if (method <= TABLE || method >= CIPHER_NUM)
{
LOGE("enc_key_init(): Illegal method");
return;
}
#if defined(USE_CRYPTO_OPENSSL)
OpenSSL_add_all_algorithms();
#endif
#if defined(USE_CRYPTO_POLARSSL) && defined(USE_CRYPTO_APPLECC)
cipher_kt_t cipher_info;
#endif
uint8_t iv[MAX_IV_LENGTH];
const cipher_kt_t *cipher = get_cipher_type(method);
if (cipher == NULL)
{
do
{
#if defined(USE_CRYPTO_POLARSSL) && defined(USE_CRYPTO_APPLECC)
if (supported_ciphers_applecc[method] != kCCAlgorithmInvalid)
{
cipher_info.base = NULL;
cipher_info.key_length = supported_ciphers_key_size[method] * 8;
cipher_info.iv_size = supported_ciphers_iv_size[method];
cipher = (const cipher_kt_t *) &cipher_info;
break;
}
#endif
LOGE("Cipher %s not found in crypto library", supported_ciphers[method]);
FATAL("Cannot initialize cipher");
}
while (0);
}
const digest_type_t *md = get_digest_type("MD5");
if (md == NULL)
{
FATAL("MD5 Digest not found in crypto library");
}
enc_key_len = bytes_to_key(cipher, md, (const uint8_t *) pass, enc_key, iv);
if (enc_key_len == 0)
{
FATAL("Cannot generate key and IV");
}
if (method == RC4_MD5)
{
enc_iv_len = 16;
}
else
{
enc_iv_len = cipher_iv_size(cipher);
}
enc_method = method;
}
/*!
* \brief Create message digest context.
*
* \param key DNSSEC key.
* \param result_context Output message digest context.
*
* \return Error code, KNOT_EOK if successful.
*/
static int create_digest_context(const knot_dnssec_key_t *key,
EVP_MD_CTX **result_context)
{
assert(result_context);
const EVP_MD *digest_type = get_digest_type(key->algorithm);
if (digest_type == NULL)
return KNOT_DNSSEC_ENOTSUP;
EVP_MD_CTX *context = EVP_MD_CTX_create();
if (!context)
return KNOT_ENOMEM;
if (!EVP_SignInit_ex(context, digest_type, NULL)) {
EVP_MD_CTX_destroy(context);
return KNOT_DNSSEC_ECREATE_DIGEST_CONTEXT;
}
*result_context = context;
return KNOT_EOK;
}
void enc_key_init(int method, const char *pass)
{
if (method <= TABLE || method >= CIPHER_NUM) {
LOGE("enc_key_init(): Illegal method");
return;
}
// Inilitialize cache
cache_create(&iv_cache, 256, NULL);
#if defined(USE_CRYPTO_OPENSSL)
OpenSSL_add_all_algorithms();
#endif
uint8_t iv[MAX_IV_LENGTH];
cipher_kt_t *cipher;
cipher_kt_t cipher_info;
if (method == SALSA20 || method == CHACHA20 || method == CHACHA20IETF) {
if (sodium_init() == -1) {
FATAL("Failed to initialize sodium");
}
// Fake cipher
cipher = (cipher_kt_t *)&cipher_info;
#if defined(USE_CRYPTO_OPENSSL)
cipher->key_len = supported_ciphers_key_size[method];
cipher->iv_len = supported_ciphers_iv_size[method];
#endif
#if defined(USE_CRYPTO_POLARSSL)
cipher->base = NULL;
cipher->key_length = supported_ciphers_key_size[method] * 8;
cipher->iv_size = supported_ciphers_iv_size[method];
#endif
#if defined(USE_CRYPTO_MBEDTLS)
// XXX: key_length changed to key_bitlen in mbed TLS 2.0.0
cipher->base = NULL;
cipher->key_bitlen = supported_ciphers_key_size[method] * 8;
cipher->iv_size = supported_ciphers_iv_size[method];
#endif
} else {
cipher = (cipher_kt_t *)get_cipher_type(method);
}
if (cipher == NULL) {
do {
#if defined(USE_CRYPTO_POLARSSL) && defined(USE_CRYPTO_APPLECC)
if (supported_ciphers_applecc[method] != kCCAlgorithmInvalid) {
cipher_info.base = NULL;
cipher_info.key_length = supported_ciphers_key_size[method] * 8;
cipher_info.iv_size = supported_ciphers_iv_size[method];
cipher = (cipher_kt_t *)&cipher_info;
break;
}
#endif
#if defined(USE_CRYPTO_MBEDTLS) && defined(USE_CRYPTO_APPLECC)
// XXX: key_length changed to key_bitlen in mbed TLS 2.0.0
if (supported_ciphers_applecc[method] != kCCAlgorithmInvalid) {
cipher_info.base = NULL;
cipher_info.key_bitlen = supported_ciphers_key_size[method] * 8;
cipher_info.iv_size = supported_ciphers_iv_size[method];
cipher = (cipher_kt_t *)&cipher_info;
break;
}
#endif
LOGE("Cipher %s not found in crypto library",
supported_ciphers[method]);
FATAL("Cannot initialize cipher");
} while (0);
}
const digest_type_t *md = get_digest_type("MD5");
if (md == NULL) {
FATAL("MD5 Digest not found in crypto library");
}
enc_key_len = bytes_to_key(cipher, md, (const uint8_t *)pass, enc_key, iv);
if (enc_key_len == 0) {
FATAL("Cannot generate key and IV");
}
if (method == RC4_MD5) {
enc_iv_len = 16;
} else {
enc_iv_len = cipher_iv_size(cipher);
}
enc_method = method;
}
