/**
@fn int soap_mec_begin(struct soap *soap, struct soap_mec_data *data, int alg, SOAP_MEC_KEY_TYPE *pkey, unsigned char *key, int *keylen)
@brief Initialize the mecevp engine data and begin encryption or decryption
message sequence using a private/public key or symmetric secret key.
@param soap context
@param[in,out] data mecevp engine context
@param[in] alg encryption/decryption algorithm
@param[in] pkey public/private key or NULL
@param[in,out] key secret key or encrypted ephemeral secret key set with envelope encryption, or NULL
@param[in,out] keylen secret key length
@return SOAP_OK or error code
*/
int
soap_mec_begin(struct soap *soap, struct soap_mec_data *data, int alg, SOAP_MEC_KEY_TYPE *pkey, unsigned char *key, int *keylen)
{ DBGLOG(TEST, SOAP_MESSAGE(fdebug, "MEC Begin alg=%x\n", alg));
/* save and set the engine's 'data' field to pass data to the callbacks */
soap->data[1] = (void*)data;
data->ctx = NULL;
data->type = EVP_enc_null();
data->pkey = NULL;
data->key = NULL;
data->buf = NULL;
/* save the mode flag */
data->mode = soap->mode;
if (alg & SOAP_MEC_ENC)
{ /* clear the IO flags and DOM flag */
soap->mode &= ~(SOAP_IO | SOAP_IO_LENGTH | SOAP_ENC_ZLIB | SOAP_XML_DOM);
/* clear the XML attribute store */
soap_clr_attr(soap);
/* load the local XML namespaces store */
soap_set_local_namespaces(soap);
if (soap->mode & SOAP_XML_CANONICAL)
soap->ns = 0; /* for in c14n, we must have all xmlns bindings available */
}
else
{ /* save and override the callbacks */
data->ffilterrecv = soap->ffilterrecv;
soap->ffilterrecv = soap_mec_filterrecv;
}
/* init the soap_mec engine */
return soap_mec_init(soap, data, alg, pkey, key, keylen);
}
/// 通过标志得到信封算法结构
const EVP_CIPHER * get_cipher(int type)
{
switch(type)
{
case 0:
return EVP_enc_null();
case 1:
return EVP_des_ede_cbc();
case 2:
return EVP_des_ede3_cbc();
case 3:
return EVP_idea_cbc();
case 4:
return EVP_rc2_cbc();
case 5:
return EVP_bf_cbc();
case 6:
return EVP_cast5_cbc();
case 7:
return EVP_rc5_32_12_16_cbc();
default:
return EVP_enc_null();
}
}
bool CryptFileDevice::initCipher()
{
const EVP_CIPHER *cipher = EVP_enc_null();
if (m_aesKeyLength == kAesKeyLength128)
cipher = EVP_aes_128_ctr();
else if (m_aesKeyLength == kAesKeyLength192)
cipher = EVP_aes_192_ctr();
else if (m_aesKeyLength == kAesKeyLength256)
cipher = EVP_aes_256_ctr();
else
Q_ASSERT_X(false, Q_FUNC_INFO, "Unknown value of AesKeyLength");
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
EVP_EncryptInit_ex(&ctx, cipher, NULL, NULL, NULL);
int keyLength = EVP_CIPHER_CTX_key_length(&ctx);
int ivLength = EVP_CIPHER_CTX_iv_length(&ctx);
unsigned char key[keyLength];
unsigned char iv[ivLength];
int ok = EVP_BytesToKey(cipher,
EVP_sha256(),
m_salt.isEmpty() ? NULL : (unsigned char *)m_salt.data(),
(unsigned char *)m_password.data(),
m_password.length(),
m_numRounds,
key,
iv);
EVP_CIPHER_CTX_cleanup(&ctx);
if (ok == 0)
return false;
int res = AES_set_encrypt_key(key, keyLength * 8, &m_aesKey);
if (res != 0)
return false;
initCtr(&m_ctrState, iv);
return true;
}
int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size,SSL_COMP **comp)
{
int i;
const SSL_CIPHER *c;
c=s->cipher;
if (c == NULL) return(0);
if (comp != NULL)
{
SSL_COMP ctmp;
#ifndef OPENSSL_NO_COMP
load_builtin_compressions();
#endif
*comp=NULL;
ctmp.id=s->compress_meth;
if (ssl_comp_methods != NULL)
{
i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp);
if (i >= 0)
*comp=sk_SSL_COMP_value(ssl_comp_methods,i);
else
*comp=NULL;
}
}
if ((enc == NULL) || (md == NULL)) return(0);
switch (c->algorithm_enc)
{
case SSL_DES:
i=SSL_ENC_DES_IDX;
break;
case SSL_3DES:
i=SSL_ENC_3DES_IDX;
break;
case SSL_RC4:
i=SSL_ENC_RC4_IDX;
break;
case SSL_RC2:
i=SSL_ENC_RC2_IDX;
break;
case SSL_IDEA:
i=SSL_ENC_IDEA_IDX;
break;
case SSL_eNULL:
i=SSL_ENC_NULL_IDX;
break;
case SSL_AES128:
i=SSL_ENC_AES128_IDX;
break;
case SSL_AES256:
i=SSL_ENC_AES256_IDX;
break;
case SSL_CAMELLIA128:
i=SSL_ENC_CAMELLIA128_IDX;
break;
case SSL_CAMELLIA256:
i=SSL_ENC_CAMELLIA256_IDX;
break;
case SSL_eGOST2814789CNT:
i=SSL_ENC_GOST89_IDX;
break;
case SSL_SEED:
i=SSL_ENC_SEED_IDX;
break;
default:
i= -1;
break;
}
if ((i < 0) || (i > SSL_ENC_NUM_IDX))
*enc=NULL;
else
{
if (i == SSL_ENC_NULL_IDX)
*enc=EVP_enc_null();
else
*enc=ssl_cipher_methods[i];
}
switch (c->algorithm_mac)
{
case SSL_MD5:
i=SSL_MD_MD5_IDX;
break;
case SSL_SHA1:
i=SSL_MD_SHA1_IDX;
break;
case SSL_GOST94:
i = SSL_MD_GOST94_IDX;
break;
case SSL_GOST89MAC:
i = SSL_MD_GOST89MAC_IDX;
break;
default:
i= -1;
break;
}
if ((i < 0) || (i > SSL_MD_NUM_IDX))
{
*md=NULL;
if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef;
if (mac_secret_size!=NULL) *mac_secret_size = 0;
}
else
{
*md=ssl_digest_methods[i];
if (mac_pkey_type!=NULL) *mac_pkey_type = ssl_mac_pkey_id[i];
if (mac_secret_size!=NULL) *mac_secret_size = ssl_mac_secret_size[i];
}
if ((*enc != NULL) && (*md != NULL) && (!mac_pkey_type||*mac_pkey_type != NID_undef))
return(1);
else
return(0);
}
int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
const EVP_MD **md, SSL_COMP **comp)
{
int i;
SSL_CIPHER *c;
c=s->cipher;
if (c == NULL) return(0);
if (comp != NULL)
{
SSL_COMP ctmp;
#ifndef OPENSSL_NO_COMP
load_builtin_compressions();
#endif
*comp=NULL;
ctmp.id=s->compress_meth;
if (ssl_comp_methods != NULL)
{
i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp);
if (i >= 0)
*comp=sk_SSL_COMP_value(ssl_comp_methods,i);
else
*comp=NULL;
}
}
if ((enc == NULL) || (md == NULL)) return(0);
switch (c->algorithms & SSL_ENC_MASK)
{
case SSL_DES:
i=SSL_ENC_DES_IDX;
break;
case SSL_3DES:
i=SSL_ENC_3DES_IDX;
break;
case SSL_RC4:
i=SSL_ENC_RC4_IDX;
break;
case SSL_RC2:
i=SSL_ENC_RC2_IDX;
break;
case SSL_IDEA:
i=SSL_ENC_IDEA_IDX;
break;
case SSL_eNULL:
i=SSL_ENC_NULL_IDX;
break;
case SSL_AES:
switch(c->alg_bits)
{
case 128: i=SSL_ENC_AES128_IDX; break;
case 256: i=SSL_ENC_AES256_IDX; break;
default: i=-1; break;
}
break;
case SSL_CAMELLIA:
switch(c->alg_bits)
{
case 128: i=SSL_ENC_CAMELLIA128_IDX; break;
case 256: i=SSL_ENC_CAMELLIA256_IDX; break;
default: i=-1; break;
}
break;
case SSL_SEED:
i=SSL_ENC_SEED_IDX;
break;
default:
i= -1;
break;
}
if ((i < 0) || (i > SSL_ENC_NUM_IDX))
*enc=NULL;
else
{
if (i == SSL_ENC_NULL_IDX)
*enc=EVP_enc_null();
else
*enc=ssl_cipher_methods[i];
}
switch (c->algorithms & SSL_MAC_MASK)
{
case SSL_MD5:
i=SSL_MD_MD5_IDX;
break;
case SSL_SHA1:
i=SSL_MD_SHA1_IDX;
break;
default:
i= -1;
break;
}
if ((i < 0) || (i > SSL_MD_NUM_IDX))
*md=NULL;
else
*md=ssl_digest_methods[i];
if ((*enc != NULL) && (*md != NULL))
return(1);
else
return(0);
}
/**
@fn int soap_mec_start_alg(struct soap *soap, int alg, const unsigned char *key)
@brief Start encryption or decryption of current message. If key is non-NULL,
use the symmetric triple DES key. Use soap_mec_start only after soap_mec_begin.
The soap_mec_start should be followed by a soap_mec_stop call.
@param soap context
@param[in] alg algorithm
@param[in] key secret triple DES key or NULL
@return SOAP_OK or error code
*/
int
soap_mec_start_alg(struct soap *soap, int alg, const unsigned char *key)
{ struct soap_mec_data *data;
int ok = 1;
data = (struct soap_mec_data*)soap->data[1];
if (!data)
return soap->error = SOAP_USER_ERROR;
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "MEC Start alg=%x\n", data->alg));
if (key)
data->key = key;
if (alg != SOAP_MEC_NONE)
data->alg = alg;
if (data->alg & SOAP_MEC_ENC)
{ unsigned char iv[EVP_MAX_IV_LENGTH];
int ivlen;
/* save and override the callbacks */
data->ffiltersend = soap->ffiltersend;
soap->ffiltersend = soap_mec_filtersend;
data->bufidx = 0;
data->i = 0;
data->m = 0;
ivlen = EVP_CIPHER_iv_length(data->type);
if (ivlen)
{ RAND_pseudo_bytes(iv, ivlen);
soap_mec_put_base64(soap, data, (unsigned char*)iv, ivlen);
}
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "IV = "));
DBGHEX(TEST, iv, ivlen);
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "\n--\n"));
ok = EVP_EncryptInit_ex(data->ctx, NULL, NULL, data->key, iv);
}
else
{ size_t len;
/* algorithm */
if (data->alg & SOAP_MEC_DES_CBC)
data->type = EVP_des_ede3_cbc(); /* triple DES CBC */
else if (data->alg & SOAP_MEC_AES128_CBC)
data->type = EVP_get_cipherbyname("AES128");
else if (data->alg & SOAP_MEC_AES192_CBC)
data->type = EVP_get_cipherbyname("AES192");
else if (data->alg & SOAP_MEC_AES256_CBC)
data->type = EVP_get_cipherbyname("AES256");
else if (data->alg & SOAP_MEC_AES512_CBC)
data->type = EVP_get_cipherbyname("AES512");
else
data->type = EVP_enc_null();
len = 2 * sizeof(soap->buf) + EVP_CIPHER_block_size(data->type);
if (!data->buf || data->buflen < len)
{ if (data->buf)
SOAP_FREE(soap, data->buf);
data->buflen = len;
data->buf = (char*)SOAP_MALLOC(soap, data->buflen);
}
data->bufidx = soap->buflen - soap->bufidx;
/* copy buf[bufidx..buflen-1] to data buf */
memcpy(data->buf, soap->buf + soap->bufidx, data->bufidx);
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "Alloc buf=%lu, copy %lu message bytes\n", (unsigned long)data->buflen, (unsigned long)data->bufidx));
/* trigger ffilterrecv() */
soap->bufidx = soap->buflen;
/* INIT state */
data->i = 0;
data->m = 0;
data->state = SOAP_MEC_STATE_INIT;
}
return soap_mec_check(soap, data, ok, "soap_mec_start() failed");
}
/**
@fn int soap_mec_init(struct soap *soap, struct soap_mec_data *data, int alg, SOAP_MEC_KEY_TYPE *pkey, unsigned char *key, int *keylen)
@brief Initialize mecevp engine state and create context for
encryption/decryption algorithm using a private/public key or symmetric secret
key.
@param soap context
@param[in,out] data mecevp engine context
@param[in] alg encryption/decryption algorithm
@param[in] pkey public/private key or NULL
@param[in,out] key secret key or encrypted ephemeral secret key set with envelope encryption, or NULL
@param[in,out] keylen secret key length
@return SOAP_OK or SOAP_SSL_ERROR
*/
int
soap_mec_init(struct soap *soap, struct soap_mec_data *data, int alg, SOAP_MEC_KEY_TYPE *pkey, unsigned char *key, int *keylen)
{ int ok = 1;
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "soap_mec_init()\n"));
soap_ssl_init();
data->ctx = (EVP_CIPHER_CTX*)SOAP_MALLOC(soap, sizeof(EVP_CIPHER_CTX));
if (!data->ctx)
return soap->error = SOAP_EOM;
EVP_CIPHER_CTX_init(data->ctx);
data->alg = alg;
data->state = SOAP_MEC_STATE_NONE;
if (alg & SOAP_MEC_DES_CBC)
data->type = EVP_des_ede3_cbc(); /* triple DES CBC */
else if (alg & SOAP_MEC_AES128_CBC)
data->type = EVP_get_cipherbyname("AES128");
else if (alg & SOAP_MEC_AES192_CBC)
data->type = EVP_get_cipherbyname("AES192");
else if (alg & SOAP_MEC_AES256_CBC)
data->type = EVP_get_cipherbyname("AES256");
else if (alg & SOAP_MEC_AES512_CBC)
data->type = EVP_get_cipherbyname("AES512");
else
data->type = EVP_enc_null();
data->buf = NULL;
data->rest = NULL;
data->restlen = 0;
if (alg & SOAP_MEC_ENC)
{ if (!data->type)
return soap_mec_check(soap, data, 0, "soap_mec_init() failed: cannot load cipher");
EVP_EncryptInit_ex(data->ctx, data->type, NULL, NULL, NULL);
}
if (alg & SOAP_MEC_OAEP)
EVP_CIPHER_CTX_set_padding(data->ctx, RSA_PKCS1_OAEP_PADDING);
else
EVP_CIPHER_CTX_set_padding(data->ctx, RSA_PKCS1_PADDING);
switch (alg & SOAP_MEC_MASK)
{ case SOAP_MEC_ENV_ENC_AES128_CBC:
case SOAP_MEC_ENV_ENC_AES192_CBC:
case SOAP_MEC_ENV_ENC_AES256_CBC:
case SOAP_MEC_ENV_ENC_AES512_CBC:
case SOAP_MEC_ENV_ENC_DES_CBC:
ok = EVP_CIPHER_CTX_rand_key(data->ctx, data->ekey);
/* generate ephemeral secret key */
#if (OPENSSL_VERSION_NUMBER >= 0x01000000L)
*keylen = EVP_PKEY_encrypt_old(key, data->ekey, EVP_CIPHER_CTX_key_length(data->ctx), pkey);
#else
*keylen = EVP_PKEY_encrypt(key, data->ekey, EVP_CIPHER_CTX_key_length(data->ctx), pkey);
#endif
key = data->ekey;
/* fall through to next arm */
case SOAP_MEC_ENC_DES_CBC:
case SOAP_MEC_ENC_AES128_CBC:
case SOAP_MEC_ENC_AES192_CBC:
case SOAP_MEC_ENC_AES256_CBC:
case SOAP_MEC_ENC_AES512_CBC:
data->bufidx = 0;
data->buflen = 1024; /* > iv in base64 must fit */
data->buf = (char*)SOAP_MALLOC(soap, data->buflen);
data->key = key;
break;
case SOAP_MEC_ENV_DEC_AES128_CBC:
case SOAP_MEC_ENV_DEC_AES192_CBC:
case SOAP_MEC_ENV_DEC_AES256_CBC:
case SOAP_MEC_ENV_DEC_AES512_CBC:
case SOAP_MEC_ENV_DEC_DES_CBC:
case SOAP_MEC_DEC_DES_CBC:
case SOAP_MEC_DEC_AES128_CBC:
case SOAP_MEC_DEC_AES192_CBC:
case SOAP_MEC_DEC_AES256_CBC:
case SOAP_MEC_DEC_AES512_CBC:
data->pkey = pkey;
data->key = key;
data->keylen = *keylen;
break;
default:
return soap_set_receiver_error(soap, "Unsupported encryption algorithm", NULL, SOAP_SSL_ERROR);
}
return soap_mec_check(soap, data, ok, "soap_mec_init() failed");
}
/*-
* Copyright (c) 2005-2010 Pawel Jakub Dawidek <*****@*****.**>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
__FBSDID("$FreeBSD: releng/9.3/sys/geom/eli/g_eli_crypto.c 266750 2014-05-27 15:30:06Z marius $");
#include <sys/param.h>
#ifdef _KERNEL
#include <sys/systm.h>
#include <sys/kernel.h>
#include <sys/malloc.h>
#include <sys/uio.h>
#else
#include <stdint.h>
#include <string.h>
#include <strings.h>
#include <errno.h>
#include <assert.h>
#include <openssl/evp.h>
#define _OpenSSL_
#endif
#include <geom/eli/g_eli.h>
#ifdef _KERNEL
MALLOC_DECLARE(M_ELI);
static int
g_eli_crypto_done(struct cryptop *crp)
{
crp->crp_opaque = (void *)crp;
wakeup(crp);
return (0);
}
static int
g_eli_crypto_cipher(u_int algo, int enc, u_char *data, size_t datasize,
const u_char *key, size_t keysize)
{
struct cryptoini cri;
struct cryptop *crp;
struct cryptodesc *crd;
struct uio *uio;
struct iovec *iov;
uint64_t sid;
u_char *p;
int error;
KASSERT(algo != CRYPTO_AES_XTS,
("%s: CRYPTO_AES_XTS unexpected here", __func__));
bzero(&cri, sizeof(cri));
cri.cri_alg = algo;
cri.cri_key = __DECONST(void *, key);
cri.cri_klen = keysize;
error = crypto_newsession(&sid, &cri, CRYPTOCAP_F_SOFTWARE);
if (error != 0)
return (error);
p = malloc(sizeof(*crp) + sizeof(*crd) + sizeof(*uio) + sizeof(*iov),
M_ELI, M_NOWAIT | M_ZERO);
if (p == NULL) {
crypto_freesession(sid);
return (ENOMEM);
}
crp = (struct cryptop *)p; p += sizeof(*crp);
crd = (struct cryptodesc *)p; p += sizeof(*crd);
uio = (struct uio *)p; p += sizeof(*uio);
iov = (struct iovec *)p; p += sizeof(*iov);
iov->iov_len = datasize;
iov->iov_base = data;
uio->uio_iov = iov;
uio->uio_iovcnt = 1;
uio->uio_segflg = UIO_SYSSPACE;
uio->uio_resid = datasize;
crd->crd_skip = 0;
crd->crd_len = datasize;
crd->crd_flags = CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT;
if (enc)
crd->crd_flags |= CRD_F_ENCRYPT;
crd->crd_alg = algo;
crd->crd_key = __DECONST(void *, key);
crd->crd_klen = keysize;
bzero(crd->crd_iv, sizeof(crd->crd_iv));
crd->crd_next = NULL;
crp->crp_sid = sid;
crp->crp_ilen = datasize;
crp->crp_olen = datasize;
crp->crp_opaque = NULL;
crp->crp_callback = g_eli_crypto_done;
crp->crp_buf = (void *)uio;
crp->crp_flags = CRYPTO_F_IOV | CRYPTO_F_CBIFSYNC | CRYPTO_F_REL;
crp->crp_desc = crd;
error = crypto_dispatch(crp);
if (error == 0) {
while (crp->crp_opaque == NULL)
tsleep(crp, PRIBIO, "geli", hz / 5);
error = crp->crp_etype;
}
free(crp, M_ELI);
crypto_freesession(sid);
return (error);
}
#else /* !_KERNEL */
static int
g_eli_crypto_cipher(u_int algo, int enc, u_char *data, size_t datasize,
const u_char *key, size_t keysize)
{
EVP_CIPHER_CTX ctx;
const EVP_CIPHER *type;
u_char iv[keysize];
int outsize;
assert(algo != CRYPTO_AES_XTS);
switch (algo) {
case CRYPTO_NULL_CBC:
type = EVP_enc_null();
break;
case CRYPTO_AES_CBC:
switch (keysize) {
case 128:
type = EVP_aes_128_cbc();
break;
case 192:
type = EVP_aes_192_cbc();
break;
case 256:
type = EVP_aes_256_cbc();
break;
default:
return (EINVAL);
}
break;
case CRYPTO_BLF_CBC:
type = EVP_bf_cbc();
break;
#ifndef OPENSSL_NO_CAMELLIA
case CRYPTO_CAMELLIA_CBC:
switch (keysize) {
case 128:
type = EVP_camellia_128_cbc();
break;
case 192:
type = EVP_camellia_192_cbc();
break;
case 256:
type = EVP_camellia_256_cbc();
break;
default:
return (EINVAL);
}
break;
#endif
case CRYPTO_3DES_CBC:
type = EVP_des_ede3_cbc();
break;
default:
return (EINVAL);
}
EVP_CIPHER_CTX_init(&ctx);
EVP_CipherInit_ex(&ctx, type, NULL, NULL, NULL, enc);
EVP_CIPHER_CTX_set_key_length(&ctx, keysize / 8);
EVP_CIPHER_CTX_set_padding(&ctx, 0);
bzero(iv, sizeof(iv));
EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, enc);
if (EVP_CipherUpdate(&ctx, data, &outsize, data, datasize) == 0) {
EVP_CIPHER_CTX_cleanup(&ctx);
return (EINVAL);
}
assert(outsize == (int)datasize);
if (EVP_CipherFinal_ex(&ctx, data + outsize, &outsize) == 0) {
EVP_CIPHER_CTX_cleanup(&ctx);
return (EINVAL);
}
assert(outsize == 0);
EVP_CIPHER_CTX_cleanup(&ctx);
return (0);
}
static int aead_null_sha1_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
size_t key_len, size_t tag_len,
enum evp_aead_direction_t dir) {
return aead_tls_init(ctx, key, key_len, tag_len, dir, EVP_enc_null(),
EVP_sha1(), 1 /* implicit iv */);
}
static int hb_EVP_CIPHER_ptr_to_id( const EVP_CIPHER * p )
{
int n;
if( p == EVP_enc_null() ) n = HB_EVP_CIPHER_ENC_NULL;
#ifndef OPENSSL_NO_DES
else if( p == EVP_des_ecb() ) n = HB_EVP_CIPHER_DES_ECB;
else if( p == EVP_des_ede() ) n = HB_EVP_CIPHER_DES_EDE;
else if( p == EVP_des_ede3() ) n = HB_EVP_CIPHER_DES_EDE3;
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
else if( p == EVP_des_ede_ecb() ) n = HB_EVP_CIPHER_DES_EDE_ECB;
else if( p == EVP_des_ede3_ecb() ) n = HB_EVP_CIPHER_DES_EDE3_ECB;
#endif
else if( p == EVP_des_cfb() ) n = HB_EVP_CIPHER_DES_CFB;
else if( p == EVP_des_ede_cfb() ) n = HB_EVP_CIPHER_DES_EDE_CFB;
else if( p == EVP_des_ede3_cfb() ) n = HB_EVP_CIPHER_DES_EDE3_CFB;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_des_cfb64() ) n = HB_EVP_CIPHER_DES_CFB64;
else if( p == EVP_des_cfb1() ) n = HB_EVP_CIPHER_DES_CFB1;
else if( p == EVP_des_cfb8() ) n = HB_EVP_CIPHER_DES_CFB8;
else if( p == EVP_des_ede_cfb64() ) n = HB_EVP_CIPHER_DES_EDE_CFB64;
else if( p == EVP_des_ede3_cfb64() ) n = HB_EVP_CIPHER_DES_EDE3_CFB64;
else if( p == EVP_des_ede3_cfb1() ) n = HB_EVP_CIPHER_DES_EDE3_CFB1;
else if( p == EVP_des_ede3_cfb8() ) n = HB_EVP_CIPHER_DES_EDE3_CFB8;
#endif
else if( p == EVP_des_ofb() ) n = HB_EVP_CIPHER_DES_OFB;
else if( p == EVP_des_ede_ofb() ) n = HB_EVP_CIPHER_DES_EDE_OFB;
else if( p == EVP_des_ede3_ofb() ) n = HB_EVP_CIPHER_DES_EDE3_OFB;
else if( p == EVP_des_cbc() ) n = HB_EVP_CIPHER_DES_CBC;
else if( p == EVP_des_ede_cbc() ) n = HB_EVP_CIPHER_DES_EDE_CBC;
else if( p == EVP_des_ede3_cbc() ) n = HB_EVP_CIPHER_DES_EDE3_CBC;
else if( p == EVP_desx_cbc() ) n = HB_EVP_CIPHER_DESX_CBC;
#endif
#ifndef OPENSSL_NO_RC4
else if( p == EVP_rc4() ) n = HB_EVP_CIPHER_RC4;
else if( p == EVP_rc4_40() ) n = HB_EVP_CIPHER_RC4_40;
#endif
#ifndef OPENSSL_NO_IDEA
else if( p == EVP_idea_ecb() ) n = HB_EVP_CIPHER_IDEA_ECB;
else if( p == EVP_idea_cfb64() ) n = HB_EVP_CIPHER_IDEA_CFB64;
else if( p == EVP_idea_cfb() ) n = HB_EVP_CIPHER_IDEA_CFB;
else if( p == EVP_idea_ofb() ) n = HB_EVP_CIPHER_IDEA_OFB;
else if( p == EVP_idea_cbc() ) n = HB_EVP_CIPHER_IDEA_CBC;
#endif
#ifndef OPENSSL_NO_RC2
else if( p == EVP_rc2_ecb() ) n = HB_EVP_CIPHER_RC2_ECB;
else if( p == EVP_rc2_cbc() ) n = HB_EVP_CIPHER_RC2_CBC;
else if( p == EVP_rc2_40_cbc() ) n = HB_EVP_CIPHER_RC2_40_CBC;
else if( p == EVP_rc2_64_cbc() ) n = HB_EVP_CIPHER_RC2_64_CBC;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_rc2_cfb64() ) n = HB_EVP_CIPHER_RC2_CFB64;
#endif
else if( p == EVP_rc2_cfb() ) n = HB_EVP_CIPHER_RC2_CFB;
else if( p == EVP_rc2_ofb() ) n = HB_EVP_CIPHER_RC2_OFB;
#endif
#ifndef OPENSSL_NO_BF
else if( p == EVP_bf_ecb() ) n = HB_EVP_CIPHER_BF_ECB;
else if( p == EVP_bf_cbc() ) n = HB_EVP_CIPHER_BF_CBC;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_bf_cfb64() ) n = HB_EVP_CIPHER_BF_CFB64;
#endif
else if( p == EVP_bf_cfb() ) n = HB_EVP_CIPHER_BF_CFB;
else if( p == EVP_bf_ofb() ) n = HB_EVP_CIPHER_BF_OFB;
#endif
#ifndef OPENSSL_NO_CAST
else if( p == EVP_cast5_ecb() ) n = HB_EVP_CIPHER_CAST5_ECB;
else if( p == EVP_cast5_cbc() ) n = HB_EVP_CIPHER_CAST5_CBC;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_cast5_cfb64() ) n = HB_EVP_CIPHER_CAST5_CFB64;
#endif
else if( p == EVP_cast5_cfb() ) n = HB_EVP_CIPHER_CAST5_CFB;
else if( p == EVP_cast5_ofb() ) n = HB_EVP_CIPHER_CAST5_OFB;
#endif
#ifndef OPENSSL_NO_RC5
else if( p == EVP_rc5_32_12_16_cbc() ) n = HB_EVP_CIPHER_RC5_32_12_16_CBC;
else if( p == EVP_rc5_32_12_16_ecb() ) n = HB_EVP_CIPHER_RC5_32_12_16_ECB;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_rc5_32_12_16_cfb64() ) n = HB_EVP_CIPHER_RC5_32_12_16_CFB64;
#endif
else if( p == EVP_rc5_32_12_16_cfb() ) n = HB_EVP_CIPHER_RC5_32_12_16_CFB;
else if( p == EVP_rc5_32_12_16_ofb() ) n = HB_EVP_CIPHER_RC5_32_12_16_OFB;
#endif
#ifndef OPENSSL_NO_AES
else if( p == EVP_aes_128_ecb() ) n = HB_EVP_CIPHER_AES_128_ECB;
else if( p == EVP_aes_128_cbc() ) n = HB_EVP_CIPHER_AES_128_CBC;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_aes_128_cfb1() ) n = HB_EVP_CIPHER_AES_128_CFB1;
else if( p == EVP_aes_128_cfb8() ) n = HB_EVP_CIPHER_AES_128_CFB8;
else if( p == EVP_aes_128_cfb128() ) n = HB_EVP_CIPHER_AES_128_CFB128;
#endif
else if( p == EVP_aes_128_cfb() ) n = HB_EVP_CIPHER_AES_128_CFB;
else if( p == EVP_aes_128_ofb() ) n = HB_EVP_CIPHER_AES_128_OFB;
else if( p == EVP_aes_192_ecb() ) n = HB_EVP_CIPHER_AES_192_ECB;
else if( p == EVP_aes_192_cbc() ) n = HB_EVP_CIPHER_AES_192_CBC;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_aes_192_cfb1() ) n = HB_EVP_CIPHER_AES_192_CFB1;
else if( p == EVP_aes_192_cfb8() ) n = HB_EVP_CIPHER_AES_192_CFB8;
else if( p == EVP_aes_192_cfb128() ) n = HB_EVP_CIPHER_AES_192_CFB128;
#endif
else if( p == EVP_aes_192_cfb() ) n = HB_EVP_CIPHER_AES_192_CFB;
else if( p == EVP_aes_192_ofb() ) n = HB_EVP_CIPHER_AES_192_OFB;
else if( p == EVP_aes_256_ecb() ) n = HB_EVP_CIPHER_AES_256_ECB;
else if( p == EVP_aes_256_cbc() ) n = HB_EVP_CIPHER_AES_256_CBC;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
else if( p == EVP_aes_256_cfb1() ) n = HB_EVP_CIPHER_AES_256_CFB1;
else if( p == EVP_aes_256_cfb8() ) n = HB_EVP_CIPHER_AES_256_CFB8;
else if( p == EVP_aes_256_cfb128() ) n = HB_EVP_CIPHER_AES_256_CFB128;
#endif
else if( p == EVP_aes_256_cfb() ) n = HB_EVP_CIPHER_AES_256_CFB;
else if( p == EVP_aes_256_ofb() ) n = HB_EVP_CIPHER_AES_256_OFB;
#endif
#ifndef OPENSSL_NO_CAMELLIA
else if( p == EVP_camellia_128_ecb() ) n = HB_EVP_CIPHER_CAMELLIA_128_ECB;
else if( p == EVP_camellia_128_cbc() ) n = HB_EVP_CIPHER_CAMELLIA_128_CBC;
else if( p == EVP_camellia_128_cfb1() ) n = HB_EVP_CIPHER_CAMELLIA_128_CFB1;
else if( p == EVP_camellia_128_cfb8() ) n = HB_EVP_CIPHER_CAMELLIA_128_CFB8;
else if( p == EVP_camellia_128_cfb128() ) n = HB_EVP_CIPHER_CAMELLIA_128_CFB128;
else if( p == EVP_camellia_128_cfb() ) n = HB_EVP_CIPHER_CAMELLIA_128_CFB;
else if( p == EVP_camellia_128_ofb() ) n = HB_EVP_CIPHER_CAMELLIA_128_OFB;
else if( p == EVP_camellia_192_ecb() ) n = HB_EVP_CIPHER_CAMELLIA_192_ECB;
else if( p == EVP_camellia_192_cbc() ) n = HB_EVP_CIPHER_CAMELLIA_192_CBC;
else if( p == EVP_camellia_192_cfb1() ) n = HB_EVP_CIPHER_CAMELLIA_192_CFB1;
else if( p == EVP_camellia_192_cfb8() ) n = HB_EVP_CIPHER_CAMELLIA_192_CFB8;
else if( p == EVP_camellia_192_cfb128() ) n = HB_EVP_CIPHER_CAMELLIA_192_CFB128;
else if( p == EVP_camellia_192_cfb() ) n = HB_EVP_CIPHER_CAMELLIA_192_CFB;
else if( p == EVP_camellia_192_ofb() ) n = HB_EVP_CIPHER_CAMELLIA_192_OFB;
else if( p == EVP_camellia_256_ecb() ) n = HB_EVP_CIPHER_CAMELLIA_256_ECB;
else if( p == EVP_camellia_256_cbc() ) n = HB_EVP_CIPHER_CAMELLIA_256_CBC;
else if( p == EVP_camellia_256_cfb1() ) n = HB_EVP_CIPHER_CAMELLIA_256_CFB1;
else if( p == EVP_camellia_256_cfb8() ) n = HB_EVP_CIPHER_CAMELLIA_256_CFB8;
else if( p == EVP_camellia_256_cfb128() ) n = HB_EVP_CIPHER_CAMELLIA_256_CFB128;
else if( p == EVP_camellia_256_cfb() ) n = HB_EVP_CIPHER_CAMELLIA_256_CFB;
else if( p == EVP_camellia_256_ofb() ) n = HB_EVP_CIPHER_CAMELLIA_256_OFB;
#endif
#ifndef OPENSSL_NO_SEED
else if( p == EVP_seed_ecb() ) n = HB_EVP_CIPHER_SEED_ECB;
else if( p == EVP_seed_cbc() ) n = HB_EVP_CIPHER_SEED_CBC;
else if( p == EVP_seed_cfb128() ) n = HB_EVP_CIPHER_SEED_CFB128;
else if( p == EVP_seed_cfb() ) n = HB_EVP_CIPHER_SEED_CFB;
else if( p == EVP_seed_ofb() ) n = HB_EVP_CIPHER_SEED_OFB;
#endif
else n = HB_EVP_CIPHER_UNSUPPORTED;
return n;
}
const EVP_CIPHER * hb_EVP_CIPHER_par( int iParam )
{
const EVP_CIPHER * p;
if( HB_ISCHAR( iParam ) )
return EVP_get_cipherbyname( hb_parc( iParam ) );
switch( hb_parni( iParam ) )
{
case HB_EVP_CIPHER_ENC_NULL: p = EVP_enc_null(); break;
#ifndef OPENSSL_NO_DES
case HB_EVP_CIPHER_DES_ECB: p = EVP_des_ecb(); break;
case HB_EVP_CIPHER_DES_EDE: p = EVP_des_ede(); break;
case HB_EVP_CIPHER_DES_EDE3: p = EVP_des_ede3(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
case HB_EVP_CIPHER_DES_EDE_ECB: p = EVP_des_ede_ecb(); break;
case HB_EVP_CIPHER_DES_EDE3_ECB: p = EVP_des_ede3_ecb(); break;
#endif
case HB_EVP_CIPHER_DES_CFB: p = EVP_des_cfb(); break;
case HB_EVP_CIPHER_DES_EDE_CFB: p = EVP_des_ede_cfb(); break;
case HB_EVP_CIPHER_DES_EDE3_CFB: p = EVP_des_ede3_cfb(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_DES_CFB1: p = EVP_des_cfb1(); break;
case HB_EVP_CIPHER_DES_CFB8: p = EVP_des_cfb8(); break;
case HB_EVP_CIPHER_DES_CFB64: p = EVP_des_cfb64(); break;
case HB_EVP_CIPHER_DES_EDE_CFB64: p = EVP_des_ede_cfb64(); break;
case HB_EVP_CIPHER_DES_EDE3_CFB1: p = EVP_des_ede3_cfb1(); break;
case HB_EVP_CIPHER_DES_EDE3_CFB8: p = EVP_des_ede3_cfb8(); break;
case HB_EVP_CIPHER_DES_EDE3_CFB64: p = EVP_des_ede3_cfb64(); break;
#endif
case HB_EVP_CIPHER_DES_OFB: p = EVP_des_ofb(); break;
case HB_EVP_CIPHER_DES_EDE_OFB: p = EVP_des_ede_ofb(); break;
case HB_EVP_CIPHER_DES_EDE3_OFB: p = EVP_des_ede3_ofb(); break;
case HB_EVP_CIPHER_DES_CBC: p = EVP_des_cbc(); break;
case HB_EVP_CIPHER_DES_EDE_CBC: p = EVP_des_ede_cbc(); break;
case HB_EVP_CIPHER_DES_EDE3_CBC: p = EVP_des_ede3_cbc(); break;
case HB_EVP_CIPHER_DESX_CBC: p = EVP_desx_cbc(); break;
#endif
#ifndef OPENSSL_NO_RC4
case HB_EVP_CIPHER_RC4: p = EVP_rc4(); break;
case HB_EVP_CIPHER_RC4_40: p = EVP_rc4_40(); break;
#endif
#ifndef OPENSSL_NO_IDEA
case HB_EVP_CIPHER_IDEA_ECB: p = EVP_idea_ecb(); break;
case HB_EVP_CIPHER_IDEA_CFB64: p = EVP_idea_cfb64(); break;
case HB_EVP_CIPHER_IDEA_CFB: p = EVP_idea_cfb(); break;
case HB_EVP_CIPHER_IDEA_OFB: p = EVP_idea_ofb(); break;
case HB_EVP_CIPHER_IDEA_CBC: p = EVP_idea_cbc(); break;
#endif
#ifndef OPENSSL_NO_RC2
case HB_EVP_CIPHER_RC2_ECB: p = EVP_rc2_ecb(); break;
case HB_EVP_CIPHER_RC2_CBC: p = EVP_rc2_cbc(); break;
case HB_EVP_CIPHER_RC2_40_CBC: p = EVP_rc2_40_cbc(); break;
case HB_EVP_CIPHER_RC2_64_CBC: p = EVP_rc2_64_cbc(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_RC2_CFB64: p = EVP_rc2_cfb64(); break;
#endif
case HB_EVP_CIPHER_RC2_CFB: p = EVP_rc2_cfb(); break;
case HB_EVP_CIPHER_RC2_OFB: p = EVP_rc2_ofb(); break;
#endif
#ifndef OPENSSL_NO_BF
case HB_EVP_CIPHER_BF_ECB: p = EVP_bf_ecb(); break;
case HB_EVP_CIPHER_BF_CBC: p = EVP_bf_cbc(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_BF_CFB64: p = EVP_bf_cfb64(); break;
#endif
case HB_EVP_CIPHER_BF_CFB: p = EVP_bf_cfb(); break;
case HB_EVP_CIPHER_BF_OFB: p = EVP_bf_ofb(); break;
#endif
#ifndef OPENSSL_NO_CAST
case HB_EVP_CIPHER_CAST5_ECB: p = EVP_cast5_ecb(); break;
case HB_EVP_CIPHER_CAST5_CBC: p = EVP_cast5_cbc(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_CAST5_CFB64: p = EVP_cast5_cfb64(); break;
#endif
case HB_EVP_CIPHER_CAST5_CFB: p = EVP_cast5_cfb(); break;
case HB_EVP_CIPHER_CAST5_OFB: p = EVP_cast5_ofb(); break;
#endif
#ifndef OPENSSL_NO_RC5
case HB_EVP_CIPHER_RC5_32_12_16_CBC: p = EVP_rc5_32_12_16_cbc(); break;
case HB_EVP_CIPHER_RC5_32_12_16_ECB: p = EVP_rc5_32_12_16_ecb(); break;
case HB_EVP_CIPHER_RC5_32_12_16_CFB: p = EVP_rc5_32_12_16_cfb(); break;
case HB_EVP_CIPHER_RC5_32_12_16_OFB: p = EVP_rc5_32_12_16_ofb(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_RC5_32_12_16_CFB64: p = EVP_rc5_32_12_16_cfb64(); break;
#endif
#endif
#ifndef OPENSSL_NO_AES
#if OPENSSL_VERSION_NUMBER >= 0x10001000L
case HB_EVP_CIPHER_AES_128_GCM: p = EVP_aes_128_gcm(); break;
#endif
case HB_EVP_CIPHER_AES_128_ECB: p = EVP_aes_128_ecb(); break;
case HB_EVP_CIPHER_AES_128_CBC: p = EVP_aes_128_cbc(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_AES_128_CFB1: p = EVP_aes_128_cfb1(); break;
case HB_EVP_CIPHER_AES_128_CFB8: p = EVP_aes_128_cfb8(); break;
case HB_EVP_CIPHER_AES_128_CFB128: p = EVP_aes_128_cfb128(); break;
#endif
case HB_EVP_CIPHER_AES_128_CFB: p = EVP_aes_128_cfb(); break;
case HB_EVP_CIPHER_AES_128_OFB: p = EVP_aes_128_ofb(); break;
#if OPENSSL_VERSION_NUMBER >= 0x10001000L
case HB_EVP_CIPHER_AES_192_GCM: p = EVP_aes_192_gcm(); break;
#endif
case HB_EVP_CIPHER_AES_192_ECB: p = EVP_aes_192_ecb(); break;
case HB_EVP_CIPHER_AES_192_CBC: p = EVP_aes_192_cbc(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_AES_192_CFB1: p = EVP_aes_192_cfb1(); break;
case HB_EVP_CIPHER_AES_192_CFB8: p = EVP_aes_192_cfb8(); break;
case HB_EVP_CIPHER_AES_192_CFB128: p = EVP_aes_192_cfb128(); break;
#endif
case HB_EVP_CIPHER_AES_192_CFB: p = EVP_aes_192_cfb(); break;
case HB_EVP_CIPHER_AES_192_OFB: p = EVP_aes_192_ofb(); break;
#if OPENSSL_VERSION_NUMBER >= 0x10001000L
case HB_EVP_CIPHER_AES_256_GCM: p = EVP_aes_256_gcm(); break;
#endif
case HB_EVP_CIPHER_AES_256_ECB: p = EVP_aes_256_ecb(); break;
case HB_EVP_CIPHER_AES_256_CBC: p = EVP_aes_256_cbc(); break;
#if OPENSSL_VERSION_NUMBER >= 0x00907050L
case HB_EVP_CIPHER_AES_256_CFB1: p = EVP_aes_256_cfb1(); break;
case HB_EVP_CIPHER_AES_256_CFB8: p = EVP_aes_256_cfb8(); break;
case HB_EVP_CIPHER_AES_256_CFB128: p = EVP_aes_256_cfb128(); break;
#endif
case HB_EVP_CIPHER_AES_256_CFB: p = EVP_aes_256_cfb(); break;
case HB_EVP_CIPHER_AES_256_OFB: p = EVP_aes_256_ofb(); break;
#endif
#ifndef OPENSSL_NO_CAMELLIA
case HB_EVP_CIPHER_CAMELLIA_128_ECB: p = EVP_camellia_128_ecb(); break;
case HB_EVP_CIPHER_CAMELLIA_128_CBC: p = EVP_camellia_128_cbc(); break;
case HB_EVP_CIPHER_CAMELLIA_128_CFB1: p = EVP_camellia_128_cfb1(); break;
case HB_EVP_CIPHER_CAMELLIA_128_CFB8: p = EVP_camellia_128_cfb8(); break;
case HB_EVP_CIPHER_CAMELLIA_128_CFB128: p = EVP_camellia_128_cfb128(); break;
case HB_EVP_CIPHER_CAMELLIA_128_CFB: p = EVP_camellia_128_cfb(); break;
case HB_EVP_CIPHER_CAMELLIA_128_OFB: p = EVP_camellia_128_ofb(); break;
case HB_EVP_CIPHER_CAMELLIA_192_ECB: p = EVP_camellia_192_ecb(); break;
case HB_EVP_CIPHER_CAMELLIA_192_CBC: p = EVP_camellia_192_cbc(); break;
case HB_EVP_CIPHER_CAMELLIA_192_CFB1: p = EVP_camellia_192_cfb1(); break;
case HB_EVP_CIPHER_CAMELLIA_192_CFB8: p = EVP_camellia_192_cfb8(); break;
case HB_EVP_CIPHER_CAMELLIA_192_CFB128: p = EVP_camellia_192_cfb128(); break;
case HB_EVP_CIPHER_CAMELLIA_192_CFB: p = EVP_camellia_192_cfb(); break;
case HB_EVP_CIPHER_CAMELLIA_192_OFB: p = EVP_camellia_192_ofb(); break;
case HB_EVP_CIPHER_CAMELLIA_256_ECB: p = EVP_camellia_256_ecb(); break;
case HB_EVP_CIPHER_CAMELLIA_256_CBC: p = EVP_camellia_256_cbc(); break;
case HB_EVP_CIPHER_CAMELLIA_256_CFB1: p = EVP_camellia_256_cfb1(); break;
case HB_EVP_CIPHER_CAMELLIA_256_CFB8: p = EVP_camellia_256_cfb8(); break;
case HB_EVP_CIPHER_CAMELLIA_256_CFB128: p = EVP_camellia_256_cfb128(); break;
case HB_EVP_CIPHER_CAMELLIA_256_CFB: p = EVP_camellia_256_cfb(); break;
case HB_EVP_CIPHER_CAMELLIA_256_OFB: p = EVP_camellia_256_ofb(); break;
#endif
#ifndef OPENSSL_NO_SEED
case HB_EVP_CIPHER_SEED_ECB: p = EVP_seed_ecb(); break;
case HB_EVP_CIPHER_SEED_CBC: p = EVP_seed_cbc(); break;
case HB_EVP_CIPHER_SEED_CFB128: p = EVP_seed_cfb128(); break;
case HB_EVP_CIPHER_SEED_CFB: p = EVP_seed_cfb(); break;
case HB_EVP_CIPHER_SEED_OFB: p = EVP_seed_ofb(); break;
#endif
default: p = NULL;
}
return p;
}
int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc,
const EVP_MD **md, SSL_COMP **comp)
{
int i;
SSL_CIPHER *c;
c=s->cipher;
if (c == NULL) return(0);
if (comp != NULL)
{
SSL_COMP ctmp;
if (s->compress_meth == 0)
*comp=NULL;
else if (ssl_comp_methods == NULL)
{
/* bad */
*comp=NULL;
}
else
{
ctmp.id=s->compress_meth;
i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp);
if (i >= 0)
*comp=sk_SSL_COMP_value(ssl_comp_methods,i);
else
*comp=NULL;
}
}
if ((enc == NULL) || (md == NULL)) return(0);
switch (c->algorithms & SSL_ENC_MASK)
{
case SSL_DES:
i=SSL_ENC_DES_IDX;
break;
case SSL_3DES:
i=SSL_ENC_3DES_IDX;
break;
case SSL_RC4:
i=SSL_ENC_RC4_IDX;
break;
case SSL_RC2:
i=SSL_ENC_RC2_IDX;
break;
case SSL_IDEA:
i=SSL_ENC_IDEA_IDX;
break;
case SSL_eNULL:
i=SSL_ENC_NULL_IDX;
break;
default:
i= -1;
break;
}
if ((i < 0) || (i > SSL_ENC_NUM_IDX))
*enc=NULL;
else
{
if (i == SSL_ENC_NULL_IDX)
*enc=EVP_enc_null();
else
*enc=ssl_cipher_methods[i];
}
switch (c->algorithms & SSL_MAC_MASK)
{
case SSL_MD5:
i=SSL_MD_MD5_IDX;
break;
case SSL_SHA1:
i=SSL_MD_SHA1_IDX;
break;
default:
i= -1;
break;
}
if ((i < 0) || (i > SSL_MD_NUM_IDX))
*md=NULL;
else
*md=ssl_digest_methods[i];
if ((*enc != NULL) && (*md != NULL))
return(1);
else
return(0);
}
