static int aes_ctr_init(archive_crypto_ctx *ctx, const uint8_t *key, size_t key_len) { if ((ctx->ctx = EVP_CIPHER_CTX_new()) == NULL) return -1; switch (key_len) { case 16: ctx->type = EVP_aes_128_ecb(); break; case 24: ctx->type = EVP_aes_192_ecb(); break; case 32: ctx->type = EVP_aes_256_ecb(); break; default: ctx->type = NULL; return -1; } ctx->key_len = key_len; memcpy(ctx->key, key, key_len); memset(ctx->nonce, 0, sizeof(ctx->nonce)); ctx->encr_pos = AES_BLOCK_SIZE; #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) if (!EVP_CIPHER_CTX_reset(ctx->ctx)) { EVP_CIPHER_CTX_free(ctx->ctx); ctx->ctx = NULL; } #else EVP_CIPHER_CTX_init(ctx->ctx); #endif return 0; }
const EVP_CIPHER *OpensslAES::getEvpCipher() const { if (m_type == TypeAes128 && m_mode == ModeCbc) { return EVP_aes_128_cbc(); } else if (m_type == TypeAes128 && m_mode == ModeCfb) { return EVP_aes_128_cfb128(); } else if (m_type == TypeAes128 && m_mode == ModeEcb) { return EVP_aes_128_ecb(); } else if (m_type == TypeAes128 && m_mode == ModeOfb) { return EVP_aes_128_ofb(); } else if (m_type == TypeAes192 && m_mode == ModeCbc) { return EVP_aes_192_cbc(); } else if (m_type == TypeAes192 && m_mode == ModeCfb) { return EVP_aes_192_cfb128(); } else if (m_type == TypeAes192 && m_mode == ModeEcb) { return EVP_aes_192_ecb(); } else if (m_type == TypeAes192 && m_mode == ModeOfb) { return EVP_aes_192_ofb(); } else if (m_type == TypeAes256 && m_mode == ModeCbc) { return EVP_aes_256_cbc(); } else if (m_type == TypeAes256 && m_mode == ModeCfb) { return EVP_aes_256_cfb128(); } else if (m_type == TypeAes256 && m_mode == ModeEcb) { return EVP_aes_256_ecb(); } else if (m_type == TypeAes256 && m_mode == ModeOfb) { return EVP_aes_256_ofb(); } return 0; }
int seafile_decrypt_init (EVP_CIPHER_CTX *ctx, int version, const unsigned char *key, const unsigned char *iv) { int ret; /* Prepare CTX for decryption. */ EVP_CIPHER_CTX_init (ctx); if (version >= 1) ret = EVP_DecryptInit_ex (ctx, EVP_aes_128_cbc(), /* cipher mode */ NULL, /* engine, NULL for default */ key, /* derived key */ iv); /* initial vector */ else ret = EVP_DecryptInit_ex (ctx, EVP_aes_128_ecb(), /* cipher mode */ NULL, /* engine, NULL for default */ key, /* derived key */ iv); /* initial vector */ if (ret == DEC_FAILURE) return -1; return 0; }
static int ossl_aes_ecb_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv) { ossldata *od = c->ptr; int err; err = ossl_aes_init(c, key, klen, iv); if (err) return err; switch (od->klen) { case 128 / 8: od->evp_ciph = EVP_aes_128_ecb(); break; case 192 / 8: od->evp_ciph = EVP_aes_192_ecb(); break; case 256 / 8: od->evp_ciph = EVP_aes_256_ecb(); break; default: /* shouldn't happen */ err = PXE_CIPHER_INIT; break; } return err; }
/** Decrypt. * Do the decryption. * @return size of the plain text message. */ size_t WorldInfoMessageDecryptor::decrypt() { if ( (plain_buffer == NULL) || (plain_buffer_length == 0) || (crypt_buffer == NULL) || (crypt_buffer_length == 0) ) { throw MissingParameterException("Buffer(s) not set for decryption"); } #ifdef HAVE_LIBCRYPTO EVP_CIPHER_CTX ctx; if ( ! EVP_DecryptInit(&ctx, EVP_aes_128_ecb(), key, iv) ) { throw MessageDecryptionException("Could not initialize cipher context"); } int outl = plain_buffer_length; if ( ! EVP_DecryptUpdate(&ctx, (unsigned char *)plain_buffer, &outl, (unsigned char *)crypt_buffer, crypt_buffer_length) ) { throw MessageDecryptionException("DecryptUpdate failed"); } int plen = 0; if ( ! EVP_DecryptFinal(&ctx, (unsigned char *)plain_buffer + outl, &plen) ) { throw MessageDecryptionException("DecryptFinal failed"); } outl += plen; return outl; #else // Plain-text copy-through for debugging. memcpy(plain_buffer, crypt_buffer, crypt_buffer_length); return crypt_buffer_length; #endif }
std::string problem07() { std::ifstream instream; instream.open(rootdir + "res/p7.txt", std::ios::in); if (!instream.is_open()) { std::cerr << "Can't open p7.txt\n"; return std::string("p07 failed.\n"); } std::string in{}; std::string line; while(std::getline(instream, line)) { in += line; } BinaryBlob b7 = BinaryBlob(in, 64); int num_bytes = b7.size(); int act_num_bytes = 0, tot_bytes = 0; unsigned char key[] = "YELLOW SUBMARINE"; EVP_CIPHER_CTX* my_cipher_ctx = EVP_CIPHER_CTX_new(); EVP_DecryptInit_ex(my_cipher_ctx, EVP_aes_128_ecb(), NULL, key, NULL); unsigned char* out = (unsigned char *) malloc(num_bytes * 2 + EVP_CIPHER_CTX_block_size(my_cipher_ctx)); if (!out) return "p7 - OOM\n"; EVP_DecryptUpdate(my_cipher_ctx, out, &act_num_bytes, b7.getRawBuf(), num_bytes); tot_bytes += act_num_bytes; EVP_DecryptFinal_ex(my_cipher_ctx, out + act_num_bytes, &act_num_bytes); tot_bytes += act_num_bytes; EVP_CIPHER_CTX_free(my_cipher_ctx); BinaryBlob s7 = BinaryBlob(out, tot_bytes); return s7.ascii(); }
int XCBC_Init(XCBC_CTX *xctx, const uint8_t const *k) { int bl, outl; EVP_CIPHER_CTX *ctx; uint8_t k1[XCBC_MAX_BLOCK_LENGTH]; ctx = xctx->ctx; EVP_CIPHER_CTX_init(ctx); OPENSSL_try(EVP_CipherInit_ex(ctx, EVP_aes_128_ecb(), NULL, k, NULL, 1), "cipher init error", return0); bl = EVP_CIPHER_CTX_block_size((const EVP_CIPHER_CTX *)ctx); OPENSSL_try(EVP_CipherUpdate(ctx, k1, &outl, ks1, bl), "cipher update error (k1)", return0); OPENSSL_try(EVP_CipherUpdate(ctx, xctx->k2, &outl, ks2, bl), "cipher update error (k2)", return0); OPENSSL_try(EVP_CipherUpdate(ctx, xctx->k3, &outl, ks3, bl), "cipher update error (k3)", return0); OPENSSL_try(EVP_CipherInit_ex(ctx, NULL, NULL, k1, NULL, -1), "cipher reset error", return0); memset(xctx->e, 0, bl); xctx->size = 0; return 1; return0: return 0; }
ndn_Error ndn_AesAlgorithm_decrypt128Ecb (const uint8_t *key, size_t keyLength, const uint8_t *encryptedData, size_t encryptedDataLength, uint8_t *plainData, size_t *plainDataLength) { EVP_CIPHER_CTX *ctx; int outLength1, outLength2; if (keyLength != ndn_AES_128_BLOCK_SIZE) return NDN_ERROR_Incorrect_key_size; ctx = EVP_CIPHER_CTX_new(); if (!ctx) return NDN_ERROR_Error_in_decrypt_operation; EVP_DecryptInit(ctx, EVP_aes_128_ecb(), (const unsigned char*)key, 0); EVP_DecryptUpdate (ctx, (unsigned char*)plainData, &outLength1, (const unsigned char*)encryptedData, encryptedDataLength); EVP_DecryptFinal (ctx, (unsigned char*)plainData + outLength1, &outLength2); EVP_CIPHER_CTX_free(ctx); *plainDataLength = outLength1 + outLength2; return NDN_ERROR_success; }
static inline int aes_128_encrypt_block(EVP_CIPHER_CTX *evp_ctx, uint8_t const key[16], uint8_t const in[16], uint8_t out[16]) { size_t len; if (unlikely(EVP_EncryptInit_ex(evp_ctx, EVP_aes_128_ecb(), NULL, key, NULL) != 1)) { tls_strerror_printf("Failed initialising AES-128-ECB context"); return -1; } /* * By default OpenSSL will try and pad out a 16 byte * plaintext to 32 bytes so that it's detectable that * there was padding. * * In this case we know the length of the plaintext * we're trying to recover, so we explicitly tell * OpenSSL not to pad here, and not to expected padding * when decrypting. */ EVP_CIPHER_CTX_set_padding(evp_ctx, 0); if (unlikely(EVP_EncryptUpdate(evp_ctx, out, (int *)&len, in, 16) != 1) || unlikely(EVP_EncryptFinal_ex(evp_ctx, out + len, (int *)&len) != 1)) { tls_strerror_printf("Failed encrypting data"); return -1; } return 0; }
static int aesEncrypt(char* input, int inlen, char* output, int* outlen) { int c_len; //length of ciphertext int f_len; //rest length of padded ciphertext EVP_CIPHER_CTX ctx; if (input == NULL || inlen <= 0 || output == NULL || *outlen <= 0) { return -1; } EVP_CIPHER_CTX_init(&ctx); if (EVP_EncryptInit_ex(&ctx, EVP_aes_128_ecb(), NULL, key, NULL) != 1) { return -2; } if (EVP_EncryptUpdate(&ctx, (unsigned char*)output, &c_len, (const unsigned char*)input, inlen) != 1) { return -3; } if (EVP_EncryptFinal_ex(&ctx, (unsigned char*)(output + c_len), &f_len) != 1) { return -4; } EVP_CIPHER_CTX_cleanup(&ctx); *outlen = c_len + f_len; return 0; }
vod_status_t mp4_aes_ctr_init( mp4_aes_ctr_state_t* state, request_context_t* request_context, u_char* key) { vod_pool_cleanup_t *cln; state->request_context = request_context; cln = vod_pool_cleanup_add(request_context->pool, 0); if (cln == NULL) { vod_log_debug0(VOD_LOG_DEBUG_LEVEL, request_context->log, 0, "mp4_aes_ctr_init: vod_pool_cleanup_add failed"); return VOD_ALLOC_FAILED; } cln->handler = (vod_pool_cleanup_pt)mp4_aes_ctr_cleanup; cln->data = state; EVP_CIPHER_CTX_init(&state->cipher); if (1 != EVP_EncryptInit_ex(&state->cipher, EVP_aes_128_ecb(), NULL, key, NULL)) { vod_log_error(VOD_LOG_ERR, request_context->log, 0, "mp4_aes_ctr_init: EVP_EncryptInit_ex failed"); return VOD_ALLOC_FAILED; } return VOD_OK; }
static int aes_f8_session_key_init(struct crypto_context *c) { unsigned char m[16]; int i; int k_e_len, k_s_len; /* n_e, n_s */ unsigned char *key; aes_cm_session_key_init(c); k_e_len = c->crypto_suite->session_key_len; k_s_len = c->crypto_suite->session_salt_len; key = (unsigned char *) c->session_key; /* m = k_s || 0x555..5 */ memcpy(m, c->session_salt, k_s_len); for (i = k_s_len; i < k_e_len; i++) m[i] = 0x55; /* IV' = E(k_e XOR m, IV) */ for (i = 0; i < k_e_len; i++) m[i] ^= key[i]; c->session_key_ctx[1] = g_slice_alloc(sizeof(EVP_CIPHER_CTX)); EVP_CIPHER_CTX_init(c->session_key_ctx[1]); EVP_EncryptInit_ex(c->session_key_ctx[1], EVP_aes_128_ecb(), NULL, m, NULL); return 0; }
/** Set the key of <b>cipher</b> to <b>key</b>, which is * <b>key_bits</b> bits long (must be 128, 192, or 256). Also resets * the counter to 0. */ static void aes_set_key(aes_cnt_cipher_t *cipher, const char *key, int key_bits) { if (should_use_EVP) { const EVP_CIPHER *c = 0; switch (key_bits) { case 128: c = EVP_aes_128_ecb(); break; case 192: c = EVP_aes_192_ecb(); break; case 256: c = EVP_aes_256_ecb(); break; default: tor_assert(0); } EVP_EncryptInit(&cipher->key.evp, c, (const unsigned char*)key, NULL); cipher->using_evp = 1; } else { AES_set_encrypt_key((const unsigned char *)key, key_bits,&cipher->key.aes); cipher->using_evp = 0; } #ifdef USING_COUNTER_VARS cipher->counter0 = 0; cipher->counter1 = 0; cipher->counter2 = 0; cipher->counter3 = 0; #endif memset(cipher->ctr_buf.buf, 0, sizeof(cipher->ctr_buf.buf)); cipher->pos = 0; memset(cipher->buf, 0, sizeof(cipher->buf)); }
int seafile_derive_key (const char *data_in, int in_len, int version, unsigned char *key, unsigned char *iv) { if (version == 2) { PKCS5_PBKDF2_HMAC (data_in, in_len, salt, sizeof(salt), KEYGEN_ITERATION2, EVP_sha256(), 32, key); PKCS5_PBKDF2_HMAC ((char *)key, 32, salt, sizeof(salt), 10, EVP_sha256(), 16, iv); return 0; } else if (version == 1) return EVP_BytesToKey (EVP_aes_128_cbc(), /* cipher mode */ EVP_sha1(), /* message digest */ salt, /* salt */ (unsigned char*)data_in, in_len, KEYGEN_ITERATION, /* iteration times */ key, /* the derived key */ iv); /* IV, initial vector */ else return EVP_BytesToKey (EVP_aes_128_ecb(), /* cipher mode */ EVP_sha1(), /* message digest */ NULL, /* salt */ (unsigned char*)data_in, in_len, 3, /* iteration times */ key, /* the derived key */ iv); /* IV, initial vector */ }
const EVP_CIPHER* get_cipher_type(const enum cipher cipher, const enum cipher_mode mode) { switch (mode) { case MODE_ECB: switch (cipher) { case CIPHER_DES: return EVP_des_ecb(); case CIPHER_AES_128: return EVP_aes_128_ecb(); case CIPHER_AES_192: return EVP_aes_192_ecb(); case CIPHER_AES_256: return EVP_aes_256_ecb(); } case MODE_CBC: switch (cipher) { case CIPHER_DES: return EVP_des_cbc(); case CIPHER_AES_128: return EVP_aes_128_cbc(); case CIPHER_AES_192: return EVP_aes_192_cbc(); case CIPHER_AES_256: return EVP_aes_256_cbc(); } case MODE_OFB: switch (cipher) { case CIPHER_DES: return EVP_des_ofb(); case CIPHER_AES_128: return EVP_aes_128_ofb(); case CIPHER_AES_192: return EVP_aes_192_ofb(); case CIPHER_AES_256: return EVP_aes_256_ofb(); } case MODE_CFB: switch (cipher) { case CIPHER_DES: return EVP_des_cfb(); case CIPHER_AES_128: return EVP_aes_128_cfb(); case CIPHER_AES_192: return EVP_aes_192_cfb(); case CIPHER_AES_256: return EVP_aes_256_cfb(); } } abort(); }
static int aes_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) /* init key */ { /* * variable "c" is leaked from this scope, but is later freed * in aes_ctr_cleanup */ aes_ctr_ctx *c; const EVP_CIPHER *aes_cipher; (void) enc; switch(EVP_CIPHER_CTX_key_length(ctx)) { case 16: aes_cipher = EVP_aes_128_ecb(); break; case 24: aes_cipher = EVP_aes_192_ecb(); break; case 32: aes_cipher = EVP_aes_256_ecb(); break; default: return 0; } c = malloc(sizeof(*c)); if(c == NULL) return 0; #ifdef HAVE_OPAQUE_STRUCTS c->aes_ctx = EVP_CIPHER_CTX_new(); #else c->aes_ctx = malloc(sizeof(EVP_CIPHER_CTX)); #endif if(c->aes_ctx == NULL) { free(c); return 0; } if(EVP_EncryptInit(c->aes_ctx, aes_cipher, key, NULL) != 1) { #ifdef HAVE_OPAQUE_STRUCTS EVP_CIPHER_CTX_free(c->aes_ctx); #else free(c->aes_ctx); #endif free(c); return 0; } EVP_CIPHER_CTX_set_padding(c->aes_ctx, 0); memcpy(c->ctr, iv, AES_BLOCK_SIZE); EVP_CIPHER_CTX_set_app_data(ctx, c); return 1; }
static int aes_cm_session_key_init(struct crypto_context *c) { evp_session_key_cleanup(c); c->session_key_ctx[0] = g_slice_alloc(sizeof(EVP_CIPHER_CTX)); EVP_CIPHER_CTX_init(c->session_key_ctx[0]); EVP_EncryptInit_ex(c->session_key_ctx[0], EVP_aes_128_ecb(), NULL, (unsigned char *) c->session_key, NULL); return 0; }
static void aes_ctr_128_no_ctx(char *out, str *in, const char *key, const char *iv) { EVP_CIPHER_CTX ctx; unsigned char block[16]; int len; EVP_CIPHER_CTX_init(&ctx); EVP_EncryptInit_ex(&ctx, EVP_aes_128_ecb(), NULL, (const unsigned char *) key, NULL); aes_ctr_128(out, in, &ctx, iv); EVP_EncryptFinal_ex(&ctx, block, &len); EVP_CIPHER_CTX_cleanup(&ctx); }
void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher, const char *name, const char *unused, void *arg), void *arg) { callback(EVP_aes_128_cbc(), "AES-128-CBC", NULL, arg); callback(EVP_aes_128_ctr(), "AES-128-CTR", NULL, arg); callback(EVP_aes_128_ecb(), "AES-128-ECB", NULL, arg); callback(EVP_aes_128_ofb(), "AES-128-OFB", NULL, arg); callback(EVP_aes_256_cbc(), "AES-256-CBC", NULL, arg); callback(EVP_aes_256_ctr(), "AES-256-CTR", NULL, arg); callback(EVP_aes_256_ecb(), "AES-256-ECB", NULL, arg); callback(EVP_aes_256_ofb(), "AES-256-OFB", NULL, arg); callback(EVP_aes_256_xts(), "AES-256-XTS", NULL, arg); callback(EVP_des_cbc(), "DES-CBC", NULL, arg); callback(EVP_des_ecb(), "DES-ECB", NULL, arg); callback(EVP_des_ede(), "DES-EDE", NULL, arg); callback(EVP_des_ede_cbc(), "DES-EDE-CBC", NULL, arg); callback(EVP_des_ede3_cbc(), "DES-EDE3-CBC", NULL, arg); callback(EVP_rc2_cbc(), "RC2-CBC", NULL, arg); callback(EVP_rc4(), "RC4", NULL, arg); // OpenSSL returns everything twice, the second time in lower case. callback(EVP_aes_128_cbc(), "aes-128-cbc", NULL, arg); callback(EVP_aes_128_ctr(), "aes-128-ctr", NULL, arg); callback(EVP_aes_128_ecb(), "aes-128-ecb", NULL, arg); callback(EVP_aes_128_ofb(), "aes-128-ofb", NULL, arg); callback(EVP_aes_256_cbc(), "aes-256-cbc", NULL, arg); callback(EVP_aes_256_ctr(), "aes-256-ctr", NULL, arg); callback(EVP_aes_256_ecb(), "aes-256-ecb", NULL, arg); callback(EVP_aes_256_ofb(), "aes-256-ofb", NULL, arg); callback(EVP_aes_256_xts(), "aes-256-xts", NULL, arg); callback(EVP_des_cbc(), "des-cbc", NULL, arg); callback(EVP_des_ecb(), "des-ecb", NULL, arg); callback(EVP_des_ede(), "des-ede", NULL, arg); callback(EVP_des_ede_cbc(), "des-ede-cbc", NULL, arg); callback(EVP_des_ede3_cbc(), "des-ede3-cbc", NULL, arg); callback(EVP_rc2_cbc(), "rc2-cbc", NULL, arg); callback(EVP_rc4(), "rc4", NULL, arg); }
/* AES: encrypt and decrypt known plaintext, verify result matches original plaintext */ static int FIPS_aes_test(void) { int ret = 0; unsigned char pltmp[16]; unsigned char citmp[16]; unsigned char key[16] = { 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16}; unsigned char plaintext[16] = "etaonrishdlcu"; EVP_CIPHER_CTX ctx; FIPS_cipher_ctx_init(&ctx); if (FIPS_cipherinit(&ctx, EVP_aes_128_ecb(), key, NULL, 1) <= 0) goto err; FIPS_cipher(&ctx, citmp, plaintext, 16); if (FIPS_cipherinit(&ctx, EVP_aes_128_ecb(), key, NULL, 0) <= 0) goto err; FIPS_cipher(&ctx, pltmp, citmp, 16); if (memcmp(pltmp, plaintext, 16)) goto err; ret = 1; err: FIPS_cipher_ctx_cleanup(&ctx); return ret; }
const EVP_CIPHER * Aes128EncriptionStrategy::getType(EncriptionBlockType mode){ const EVP_CIPHER * type; switch(mode){ case CBC: type = EVP_aes_128_cbc(); break; case OFB: type = EVP_aes_128_ofb(); break; case CFB: type = EVP_aes_128_cfb8(); break; case ECB: type = EVP_aes_128_ecb(); break; } return type; }
void isc_aes128_crypt(const unsigned char *key, const unsigned char *in, unsigned char *out) { EVP_CIPHER_CTX c; int len; EVP_CIPHER_CTX_init(&c); RUNTIME_CHECK(EVP_EncryptInit(&c, EVP_aes_128_ecb(), key, NULL) == 1); EVP_CIPHER_CTX_set_padding(&c, 0); RUNTIME_CHECK(EVP_EncryptUpdate(&c, out, &len, in, ISC_AES_BLOCK_LENGTH) == 1); RUNTIME_CHECK(len == ISC_AES_BLOCK_LENGTH); RUNTIME_CHECK(EVP_CIPHER_CTX_cleanup(&c) == 1); }
explicit Cipher(Name name = N_AES128_CBC) : cipher_(0) { EVP_CIPHER_CTX_init(&ctx_); switch (name) { case N_AES128_CBC: cipher_ = EVP_aes_128_cbc(); break; case N_AES192_CBC: cipher_ = EVP_aes_192_cbc(); break; case N_AES256_CBC: cipher_ = EVP_aes_256_cbc(); break; case N_AES128_ECB: cipher_ = EVP_aes_128_ecb(); break; case N_AES192_ECB: cipher_ = EVP_aes_192_ecb(); break; case N_AES256_ECB: cipher_ = EVP_aes_256_ecb(); break; default: throw cybozu::Exception("crypto:Cipher:Cipher:name") << (int)name; } }
/** Get cipher by name constants. * @param cipher cipher name * @return cipher engine */ const EVP_CIPHER * cipher_by_name(const char *cipher) { if (strcmp(cipher, LN_aes_128_ecb) == 0) { return EVP_aes_128_ecb(); } else if (strcmp(cipher, LN_aes_128_cbc) == 0) { return EVP_aes_128_cbc(); } else if (strcmp(cipher, LN_aes_256_ecb) == 0) { return EVP_aes_256_ecb(); } else if (strcmp(cipher, LN_aes_256_cbc) == 0) { return EVP_aes_256_cbc(); } else { throw std::runtime_error("Unknown cipher type"); } }
int aes_init(unsigned char *key_data, int key_data_len, unsigned char *salt, \ EVP_CIPHER_CTX *ctx, AES_Mode mode, AlgoType algo) { int i, count, ret, def_key_len; unsigned char key16[16], iv16[16]; unsigned char key32[32], iv32[32]; unsigned char *key, *iv; EVP_CIPHER *type; switch (algo) { case AES_ECB_128: key = key16; iv = iv16; def_key_len = 16; type = EVP_aes_128_ecb(); break; case AES_CBC_256: key = key32; iv = iv32; def_key_len = 32; type = EVP_aes_256_cbc(); break; default: break; } count = 5; ret = EVP_BytesToKey(type, EVP_sha1(), salt, key_data, key_data_len, \ count, key, iv); if (ret != def_key_len) { return -1; } EVP_CIPHER_CTX_init(ctx); switch (mode) { case AES_Mode_Encryption: EVP_EncryptInit_ex(ctx, type, NULL, key, iv); break; case AES_Mode_Decryption: EVP_DecryptInit_ex(ctx, type, NULL, key, iv); break; default: break; } return 0; }
int do_crypt(FILE *in, FILE *out, int do_encrypt) { /* Allow enough space in output buffer for additional block */ unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH]; int inlen, outlen; EVP_CIPHER_CTX ctx; /* Bogus key and IV: we'd normally set these from * another source. */ unsigned char key[] = "YELLOW SUBMARINE"; unsigned char iv[] = "1234567887654321"; /* Don't set key or IV right away; we want to check lengths */ EVP_CIPHER_CTX_init(&ctx); EVP_CipherInit_ex(&ctx, EVP_aes_128_ecb(), NULL, NULL, NULL, do_encrypt); OPENSSL_assert(EVP_CIPHER_CTX_key_length(&ctx) == 16); //OPENSSL_assert(EVP_CIPHER_CTX_iv_length(&ctx) == 16); /* Now we can set key and IV */ EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, do_encrypt); for(;;) { inlen = fread(inbuf, 1, 1024, in); if(inlen <= 0) break; if(!EVP_CipherUpdate(&ctx, outbuf, &outlen, inbuf, inlen)) { /* Error */ EVP_CIPHER_CTX_cleanup(&ctx); return 0; } fwrite(outbuf, 1, outlen, out); } if(!EVP_CipherFinal_ex(&ctx, outbuf, &outlen)) { /* Error */ EVP_CIPHER_CTX_cleanup(&ctx); return 0; } fwrite(outbuf, 1, outlen, out); EVP_CIPHER_CTX_cleanup(&ctx); return 1; }
/** Get cipher for PB_ENCRYPTION_* constants. * @param cipher cipher ID * @return cipher engine */ const EVP_CIPHER * cipher_by_id(int cipher) { switch (cipher) { case PB_ENCRYPTION_AES_128_ECB: return EVP_aes_128_ecb(); case PB_ENCRYPTION_AES_128_CBC: return EVP_aes_128_cbc(); case PB_ENCRYPTION_AES_256_ECB: return EVP_aes_256_ecb(); case PB_ENCRYPTION_AES_256_CBC: return EVP_aes_256_cbc(); default: throw std::runtime_error("Unknown cipher type"); } }
static int aes_ctr_init(archive_crypto_ctx *ctx, const uint8_t *key, size_t key_len) { switch (key_len) { case 16: ctx->type = EVP_aes_128_ecb(); break; case 24: ctx->type = EVP_aes_192_ecb(); break; case 32: ctx->type = EVP_aes_256_ecb(); break; default: ctx->type = NULL; return -1; } ctx->key_len = key_len; memcpy(ctx->key, key, key_len); memset(ctx->nonce, 0, sizeof(ctx->nonce)); ctx->encr_pos = AES_BLOCK_SIZE; EVP_CIPHER_CTX_init(&ctx->ctx); return 0; }
const EVP_CIPHER* OSSLAES::getCipher() const { if (currentKey == NULL) return NULL; // Check currentKey bit length; AES only supports 128, 192 or 256 bit keys if ((currentKey->getBitLen() != 128) && (currentKey->getBitLen() != 192) && (currentKey->getBitLen() != 256)) { ERROR_MSG("Invalid AES currentKey length (%d bits)", currentKey->getBitLen()); return NULL; } // Determine the cipher mode if (!currentCipherMode.compare("cbc")) { switch(currentKey->getBitLen()) { case 128: return EVP_aes_128_cbc(); case 192: return EVP_aes_192_cbc(); case 256: return EVP_aes_256_cbc(); }; } else if (!currentCipherMode.compare("ecb")) { switch(currentKey->getBitLen()) { case 128: return EVP_aes_128_ecb(); case 192: return EVP_aes_192_ecb(); case 256: return EVP_aes_256_ecb(); }; } ERROR_MSG("Invalid AES cipher mode %s", currentCipherMode.c_str()); return NULL; }
const EVP_CIPHER* algid_to_evp(uint32_t alg){ switch(alg&(SOTER_SYM_ALG_MASK|SOTER_SYM_PADDING_MASK|SOTER_SYM_KEY_LENGTH_MASK)){ case SOTER_SYM_AES_ECB_PKCS7|SOTER_SYM_256_KEY_LENGTH: return EVP_aes_256_ecb(); case SOTER_SYM_AES_ECB_PKCS7|SOTER_SYM_192_KEY_LENGTH: return EVP_aes_192_ecb(); case SOTER_SYM_AES_ECB_PKCS7|SOTER_SYM_128_KEY_LENGTH: return EVP_aes_128_ecb(); case SOTER_SYM_AES_CTR|SOTER_SYM_256_KEY_LENGTH: return EVP_aes_256_ctr(); case SOTER_SYM_AES_CTR|SOTER_SYM_192_KEY_LENGTH: return EVP_aes_192_ctr(); case SOTER_SYM_AES_CTR|SOTER_SYM_128_KEY_LENGTH: return EVP_aes_128_ctr(); case SOTER_SYM_AES_XTS|SOTER_SYM_256_KEY_LENGTH: return EVP_aes_256_xts(); } return NULL; }