summaryrefslogtreecommitdiff
path: root/source4/heimdal/lib/hcrypto/evp.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/heimdal/lib/hcrypto/evp.c')
-rw-r--r--source4/heimdal/lib/hcrypto/evp.c445
1 files changed, 70 insertions, 375 deletions
diff --git a/source4/heimdal/lib/hcrypto/evp.c b/source4/heimdal/lib/hcrypto/evp.c
index ac6cac972a..006db35939 100644
--- a/source4/heimdal/lib/hcrypto/evp.c
+++ b/source4/heimdal/lib/hcrypto/evp.c
@@ -45,17 +45,19 @@
#include <assert.h>
#include <evp.h>
+#include <evp-hcrypto.h>
+#include <evp-cc.h>
#include <krb5-types.h>
-#include "camellia.h"
-#include <des.h>
-#include <sha.h>
-#include <rc2.h>
-#include <rc4.h>
-#include <md2.h>
-#include <md4.h>
-#include <md5.h>
+#ifndef HCRYPTO_DEF_PROVIDER
+#define HCRYPTO_DEF_PROVIDER hcrypto
+#endif
+
+#define HC_CONCAT4(x,y,z,aa) x ## y ## z ## aa
+
+
+#define EVP_DEF_OP(_prov,_op) HC_CONCAT4(EVP_,_prov,_,_op)()
/**
* @page page_evp EVP - generic crypto interface
@@ -138,8 +140,8 @@ EVP_MD_CTX_create(void)
* @ingroup hcrypto_evp
*/
-void HC_DEPRECATED
-EVP_MD_CTX_init(EVP_MD_CTX *ctx)
+void
+EVP_MD_CTX_init(EVP_MD_CTX *ctx) HC_DEPRECATED
{
memset(ctx, 0, sizeof(*ctx));
}
@@ -169,11 +171,13 @@ EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
* @ingroup hcrypto_evp
*/
-int HC_DEPRECATED
-EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
+int
+EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) HC_DEPRECATED
{
if (ctx->md && ctx->md->cleanup)
(ctx->md->cleanup)(ctx);
+ else if (ctx->md)
+ memset(ctx->ptr, 0, ctx->md->ctx_size);
ctx->md = NULL;
ctx->engine = NULL;
free(ctx->ptr);
@@ -351,28 +355,9 @@ EVP_Digest(const void *data, size_t dsize, void *hash, unsigned int *hsize,
const EVP_MD *
EVP_sha256(void)
{
- static const struct hc_evp_md sha256 = {
- 32,
- 64,
- sizeof(SHA256_CTX),
- (hc_evp_md_init)SHA256_Init,
- (hc_evp_md_update)SHA256_Update,
- (hc_evp_md_final)SHA256_Final,
- NULL
- };
- return &sha256;
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha256);
}
-static const struct hc_evp_md sha1 = {
- 20,
- 64,
- sizeof(SHA_CTX),
- (hc_evp_md_init)SHA1_Init,
- (hc_evp_md_update)SHA1_Update,
- (hc_evp_md_final)SHA1_Final,
- NULL
-};
-
/**
* The message digest SHA1
*
@@ -384,7 +369,7 @@ static const struct hc_evp_md sha1 = {
const EVP_MD *
EVP_sha1(void)
{
- return &sha1;
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha1);
}
/**
@@ -396,9 +381,10 @@ EVP_sha1(void)
*/
const EVP_MD *
-EVP_sha(void)
+EVP_sha(void) HC_DEPRECATED
+
{
- return &sha1;
+ return EVP_sha1();
}
/**
@@ -410,18 +396,9 @@ EVP_sha(void)
*/
const EVP_MD *
-EVP_md5(void)
-{
- static const struct hc_evp_md md5 = {
- 16,
- 64,
- sizeof(MD5_CTX),
- (hc_evp_md_init)MD5_Init,
- (hc_evp_md_update)MD5_Update,
- (hc_evp_md_final)MD5_Final,
- NULL
- };
- return &md5;
+EVP_md5(void) HC_DEPRECATED_CRYPTO
+{
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md5);
}
/**
@@ -433,18 +410,9 @@ EVP_md5(void)
*/
const EVP_MD *
-EVP_md4(void)
-{
- static const struct hc_evp_md md4 = {
- 16,
- 64,
- sizeof(MD4_CTX),
- (hc_evp_md_init)MD4_Init,
- (hc_evp_md_update)MD4_Update,
- (hc_evp_md_final)MD4_Final,
- NULL
- };
- return &md4;
+EVP_md4(void) HC_DEPRECATED_CRYPTO
+{
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md4);
}
/**
@@ -456,18 +424,9 @@ EVP_md4(void)
*/
const EVP_MD *
-EVP_md2(void)
-{
- static const struct hc_evp_md md2 = {
- 16,
- 16,
- sizeof(MD2_CTX),
- (hc_evp_md_init)MD2_Init,
- (hc_evp_md_update)MD2_Update,
- (hc_evp_md_final)MD2_Final,
- NULL
- };
- return &md2;
+EVP_md2(void) HC_DEPRECATED_CRYPTO
+{
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md2);
}
/*
@@ -589,19 +548,35 @@ EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
if (c->cipher && c->cipher->cleanup)
c->cipher->cleanup(c);
if (c->cipher_data) {
+ memset(c->cipher_data, 0, c->cipher->ctx_size);
free(c->cipher_data);
c->cipher_data = NULL;
}
return 1;
}
-#if 0
+/**
+ * If the cipher type supports it, change the key length
+ *
+ * @param c the cipher context to change the key length for
+ * @param length new key length
+ *
+ * @return 1 on success.
+ *
+ * @ingroup hcrypto_evp
+ */
+
int
EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int length)
{
+ if ((c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH) && length > 0) {
+ c->key_len = length;
+ return 1;
+ }
return 0;
}
+#if 0
int
EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad)
{
@@ -768,7 +743,7 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *c, ENGINE *engine,
ctx->cipher = c;
ctx->key_len = c->key_len;
- ctx->cipher_data = malloc(c->ctx_size);
+ ctx->cipher_data = calloc(1, c->ctx_size);
if (ctx->cipher_data == NULL && c->ctx_size != 0)
return 0;
@@ -780,7 +755,7 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *c, ENGINE *engine,
return 0;
}
- switch (EVP_CIPHER_CTX_flags(ctx)) {
+ switch (EVP_CIPHER_CTX_mode(ctx)) {
case EVP_CIPH_CBC_MODE:
assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof(ctx->iv));
@@ -789,6 +764,10 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *c, ENGINE *engine,
memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
break;
+
+ case EVP_CIPH_STREAM_CIPHER:
+ break;
+
default:
return 0;
}
@@ -1005,48 +984,6 @@ EVP_enc_null(void)
return &enc_null;
}
-/*
- *
- */
-
-struct rc2_cbc {
- unsigned int maximum_effective_key;
- RC2_KEY key;
-};
-
-static int
-rc2_init(EVP_CIPHER_CTX *ctx,
- const unsigned char * key,
- const unsigned char * iv,
- int encp)
-{
- struct rc2_cbc *k = ctx->cipher_data;
- k->maximum_effective_key = EVP_CIPHER_CTX_key_length(ctx) * 8;
- RC2_set_key(&k->key,
- EVP_CIPHER_CTX_key_length(ctx),
- key,
- k->maximum_effective_key);
- return 1;
-}
-
-static int
-rc2_do_cipher(EVP_CIPHER_CTX *ctx,
- unsigned char *out,
- const unsigned char *in,
- unsigned int size)
-{
- struct rc2_cbc *k = ctx->cipher_data;
- RC2_cbc_encrypt(in, out, size, &k->key, ctx->iv, ctx->encrypt);
- return 1;
-}
-
-static int
-rc2_cleanup(EVP_CIPHER_CTX *ctx)
-{
- memset(ctx->cipher_data, 0, sizeof(struct rc2_cbc));
- return 1;
-}
-
/**
* The RC2 cipher type
*
@@ -1058,28 +995,13 @@ rc2_cleanup(EVP_CIPHER_CTX *ctx)
const EVP_CIPHER *
EVP_rc2_cbc(void)
{
- static const EVP_CIPHER rc2_cbc = {
- 0,
- RC2_BLOCK_SIZE,
- RC2_KEY_LENGTH,
- RC2_BLOCK_SIZE,
- EVP_CIPH_CBC_MODE,
- rc2_init,
- rc2_do_cipher,
- rc2_cleanup,
- sizeof(struct rc2_cbc),
- NULL,
- NULL,
- NULL,
- NULL
- };
- return &rc2_cbc;
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_cbc);
}
/**
- * The RC2-40 cipher type
+ * The RC2 cipher type
*
- * @return the RC2-40 EVP_CIPHER pointer.
+ * @return the RC2 EVP_CIPHER pointer.
*
* @ingroup hcrypto_evp
*/
@@ -1087,28 +1009,13 @@ EVP_rc2_cbc(void)
const EVP_CIPHER *
EVP_rc2_40_cbc(void)
{
- static const EVP_CIPHER rc2_40_cbc = {
- 0,
- RC2_BLOCK_SIZE,
- 5,
- RC2_BLOCK_SIZE,
- EVP_CIPH_CBC_MODE,
- rc2_init,
- rc2_do_cipher,
- rc2_cleanup,
- sizeof(struct rc2_cbc),
- NULL,
- NULL,
- NULL,
- NULL
- };
- return &rc2_40_cbc;
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_40_cbc);
}
/**
- * The RC2-64 cipher type
+ * The RC2 cipher type
*
- * @return the RC2-64 EVP_CIPHER pointer.
+ * @return the RC2 EVP_CIPHER pointer.
*
* @ingroup hcrypto_evp
*/
@@ -1116,22 +1023,7 @@ EVP_rc2_40_cbc(void)
const EVP_CIPHER *
EVP_rc2_64_cbc(void)
{
- static const EVP_CIPHER rc2_64_cbc = {
- 0,
- RC2_BLOCK_SIZE,
- 8,
- RC2_BLOCK_SIZE,
- EVP_CIPH_CBC_MODE,
- rc2_init,
- rc2_do_cipher,
- rc2_cleanup,
- sizeof(struct rc2_cbc),
- NULL,
- NULL,
- NULL,
- NULL
- };
- return &rc2_64_cbc;
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_64_cbc);
}
/**
@@ -1145,9 +1037,7 @@ EVP_rc2_64_cbc(void)
const EVP_CIPHER *
EVP_rc4(void)
{
- printf("evp rc4\n");
- abort();
- return NULL;
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc4);
}
/**
@@ -1161,45 +1051,7 @@ EVP_rc4(void)
const EVP_CIPHER *
EVP_rc4_40(void)
{
- printf("evp rc4_40\n");
- abort();
- return NULL;
-}
-
-/*
- *
- */
-
-static int
-des_cbc_init(EVP_CIPHER_CTX *ctx,
- const unsigned char * key,
- const unsigned char * iv,
- int encp)
-{
- DES_key_schedule *k = ctx->cipher_data;
- DES_cblock deskey;
- memcpy(&deskey, key, sizeof(deskey));
- DES_set_key_unchecked(&deskey, k);
- return 1;
-}
-
-static int
-des_cbc_do_cipher(EVP_CIPHER_CTX *ctx,
- unsigned char *out,
- const unsigned char *in,
- unsigned int size)
-{
- DES_key_schedule *k = ctx->cipher_data;
- DES_cbc_encrypt(in, out, size,
- k, (DES_cblock *)ctx->iv, ctx->encrypt);
- return 1;
-}
-
-static int
-des_cbc_cleanup(EVP_CIPHER_CTX *ctx)
-{
- memset(ctx->cipher_data, 0, sizeof(struct DES_key_schedule));
- return 1;
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc4_40);
}
/**
@@ -1213,74 +1065,7 @@ des_cbc_cleanup(EVP_CIPHER_CTX *ctx)
const EVP_CIPHER *
EVP_des_cbc(void)
{
- static const EVP_CIPHER des_ede3_cbc = {
- 0,
- 8,
- 8,
- 8,
- EVP_CIPH_CBC_MODE,
- des_cbc_init,
- des_cbc_do_cipher,
- des_cbc_cleanup,
- sizeof(DES_key_schedule),
- NULL,
- NULL,
- NULL,
- NULL
- };
- return &des_ede3_cbc;
-}
-
-/*
- *
- */
-
-struct des_ede3_cbc {
- DES_key_schedule ks[3];
-};
-
-static int
-des_ede3_cbc_init(EVP_CIPHER_CTX *ctx,
- const unsigned char * key,
- const unsigned char * iv,
- int encp)
-{
- struct des_ede3_cbc *k = ctx->cipher_data;
- DES_cblock deskey;
-
- memcpy(&deskey, key, sizeof(deskey));
- DES_set_odd_parity(&deskey);
- DES_set_key_unchecked(&deskey, &k->ks[0]);
-
- memcpy(&deskey, key + 8, sizeof(deskey));
- DES_set_odd_parity(&deskey);
- DES_set_key_unchecked(&deskey, &k->ks[1]);
-
- memcpy(&deskey, key + 16, sizeof(deskey));
- DES_set_odd_parity(&deskey);
- DES_set_key_unchecked(&deskey, &k->ks[2]);
-
- return 1;
-}
-
-static int
-des_ede3_cbc_do_cipher(EVP_CIPHER_CTX *ctx,
- unsigned char *out,
- const unsigned char *in,
- unsigned int size)
-{
- struct des_ede3_cbc *k = ctx->cipher_data;
- DES_ede3_cbc_encrypt(in, out, size,
- &k->ks[0], &k->ks[1], &k->ks[2],
- (DES_cblock *)ctx->iv, ctx->encrypt);
- return 1;
-}
-
-static int
-des_ede3_cbc_cleanup(EVP_CIPHER_CTX *ctx)
-{
- memset(ctx->cipher_data, 0, sizeof(struct des_ede3_cbc));
- return 1;
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, des_cbc);
}
/**
@@ -1294,22 +1079,7 @@ des_ede3_cbc_cleanup(EVP_CIPHER_CTX *ctx)
const EVP_CIPHER *
EVP_des_ede3_cbc(void)
{
- static const EVP_CIPHER des_ede3_cbc = {
- 0,
- 8,
- 24,
- 8,
- EVP_CIPH_CBC_MODE,
- des_ede3_cbc_init,
- des_ede3_cbc_do_cipher,
- des_ede3_cbc_cleanup,
- sizeof(struct des_ede3_cbc),
- NULL,
- NULL,
- NULL,
- NULL
- };
- return &des_ede3_cbc;
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, des_ede3_cbc);
}
/**
@@ -1323,7 +1093,7 @@ EVP_des_ede3_cbc(void)
const EVP_CIPHER *
EVP_aes_128_cbc(void)
{
- return EVP_hcrypto_aes_128_cbc();
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_128_cbc);
}
/**
@@ -1337,7 +1107,7 @@ EVP_aes_128_cbc(void)
const EVP_CIPHER *
EVP_aes_192_cbc(void)
{
- return EVP_hcrypto_aes_192_cbc();
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_192_cbc);
}
/**
@@ -1351,37 +1121,7 @@ EVP_aes_192_cbc(void)
const EVP_CIPHER *
EVP_aes_256_cbc(void)
{
- return EVP_hcrypto_aes_256_cbc();
-}
-
-static int
-camellia_init(EVP_CIPHER_CTX *ctx,
- const unsigned char * key,
- const unsigned char * iv,
- int encp)
-{
- CAMELLIA_KEY *k = ctx->cipher_data;
- k->bits = ctx->cipher->key_len * 8;
- CAMELLIA_set_key(key, ctx->cipher->key_len * 8, k);
- return 1;
-}
-
-static int
-camellia_do_cipher(EVP_CIPHER_CTX *ctx,
- unsigned char *out,
- const unsigned char *in,
- unsigned int size)
-{
- CAMELLIA_KEY *k = ctx->cipher_data;
- CAMELLIA_cbc_encrypt(in, out, size, k, ctx->iv, ctx->encrypt);
- return 1;
-}
-
-static int
-camellia_cleanup(EVP_CIPHER_CTX *ctx)
-{
- memset(ctx->cipher_data, 0, sizeof(CAMELLIA_KEY));
- return 1;
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_256_cbc);
}
/**
@@ -1395,22 +1135,7 @@ camellia_cleanup(EVP_CIPHER_CTX *ctx)
const EVP_CIPHER *
EVP_camellia_128_cbc(void)
{
- static const EVP_CIPHER cipher = {
- 0,
- 16,
- 16,
- 16,
- EVP_CIPH_CBC_MODE,
- camellia_init,
- camellia_do_cipher,
- camellia_cleanup,
- sizeof(CAMELLIA_KEY),
- NULL,
- NULL,
- NULL,
- NULL
- };
- return &cipher;
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_128_cbc);
}
/**
@@ -1424,22 +1149,7 @@ EVP_camellia_128_cbc(void)
const EVP_CIPHER *
EVP_camellia_192_cbc(void)
{
- static const EVP_CIPHER cipher = {
- 0,
- 16,
- 24,
- 16,
- EVP_CIPH_CBC_MODE,
- camellia_init,
- camellia_do_cipher,
- camellia_cleanup,
- sizeof(CAMELLIA_KEY),
- NULL,
- NULL,
- NULL,
- NULL
- };
- return &cipher;
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_192_cbc);
}
/**
@@ -1453,22 +1163,7 @@ EVP_camellia_192_cbc(void)
const EVP_CIPHER *
EVP_camellia_256_cbc(void)
{
- static const EVP_CIPHER cipher = {
- 0,
- 16,
- 32,
- 16,
- EVP_CIPH_CBC_MODE,
- camellia_init,
- camellia_do_cipher,
- camellia_cleanup,
- sizeof(CAMELLIA_KEY),
- NULL,
- NULL,
- NULL,
- NULL
- };
- return &cipher;
+ return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_256_cbc);
}
/*
generated by cgit (git 2.34.1) at 2024-06-25 05:46:33 +0000