evp_enc.c revision 68651 
155714Skris/* crypto/evp/evp_enc.c */
255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
355714Skris * All rights reserved.
455714Skris *
555714Skris * This package is an SSL implementation written
655714Skris * by Eric Young (eay@cryptsoft.com).
755714Skris * The implementation was written so as to conform with Netscapes SSL.
855714Skris *
955714Skris * This library is free for commercial and non-commercial use as long as
1055714Skris * the following conditions are aheared to.  The following conditions
1155714Skris * apply to all code found in this distribution, be it the RC4, RSA,
1255714Skris * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
1355714Skris * included with this distribution is covered by the same copyright terms
1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com).
1555714Skris *
1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in
1755714Skris * the code are not to be removed.
1855714Skris * If this package is used in a product, Eric Young should be given attribution
1955714Skris * as the author of the parts of the library used.
2055714Skris * This can be in the form of a textual message at program startup or
2155714Skris * in documentation (online or textual) provided with the package.
2255714Skris *
2355714Skris * Redistribution and use in source and binary forms, with or without
2455714Skris * modification, are permitted provided that the following conditions
2555714Skris * are met:
2655714Skris * 1. Redistributions of source code must retain the copyright
2755714Skris *    notice, this list of conditions and the following disclaimer.
2855714Skris * 2. Redistributions in binary form must reproduce the above copyright
2955714Skris *    notice, this list of conditions and the following disclaimer in the
3055714Skris *    documentation and/or other materials provided with the distribution.
3155714Skris * 3. All advertising materials mentioning features or use of this software
3255714Skris *    must display the following acknowledgement:
3355714Skris *    "This product includes cryptographic software written by
3455714Skris *     Eric Young (eay@cryptsoft.com)"
3555714Skris *    The word 'cryptographic' can be left out if the rouines from the library
3655714Skris *    being used are not cryptographic related :-).
3755714Skris * 4. If you include any Windows specific code (or a derivative thereof) from
3855714Skris *    the apps directory (application code) you must include an acknowledgement:
3955714Skris *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
4055714Skris *
4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
4455714Skris * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
5155714Skris * SUCH DAMAGE.
5255714Skris *
5355714Skris * The licence and distribution terms for any publically available version or
5455714Skris * derivative of this code cannot be changed.  i.e. this code cannot simply be
5555714Skris * copied and put under another distribution licence
5655714Skris * [including the GNU Public Licence.]
5755714Skris */
5855714Skris
5955714Skris#include <stdio.h>
6055714Skris#include "cryptlib.h"
6155714Skris#include <openssl/evp.h>
6268651Skris#include <openssl/err.h>
6368651Skris#include "evp_locl.h"
6455714Skris
6555714Skrisconst char *EVP_version="EVP" OPENSSL_VERSION_PTEXT;
6655714Skris
6755714Skrisvoid EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
6855714Skris	{
6955714Skris	memset(ctx,0,sizeof(EVP_CIPHER_CTX));
7055714Skris	/* ctx->cipher=NULL; */
7155714Skris	}
7255714Skris
7368651Skrisint EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
7455714Skris	     unsigned char *key, unsigned char *iv, int enc)
7555714Skris	{
7668651Skris	if(enc && (enc != -1)) enc = 1;
7768651Skris	if (cipher) {
7868651Skris		ctx->cipher=cipher;
7968651Skris		ctx->key_len = cipher->key_len;
8068651Skris		if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
8168651Skris			if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
8268651Skris				EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
8368651Skris				return 0;
8468651Skris			}
8568651Skris		}
8668651Skris	} else if(!ctx->cipher) {
8768651Skris		EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET);
8868651Skris		return 0;
8955714Skris	}
9068651Skris	if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
9168651Skris		switch(EVP_CIPHER_CTX_mode(ctx)) {
9255714Skris
9368651Skris			case EVP_CIPH_STREAM_CIPHER:
9468651Skris			case EVP_CIPH_ECB_MODE:
9568651Skris			break;
9668651Skris
9768651Skris			case EVP_CIPH_CFB_MODE:
9868651Skris			case EVP_CIPH_OFB_MODE:
9968651Skris
10068651Skris			ctx->num = 0;
10168651Skris
10268651Skris			case EVP_CIPH_CBC_MODE:
10368651Skris
10468651Skris			if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
10568651Skris			memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
10668651Skris			break;
10768651Skris
10868651Skris			default:
10968651Skris			return 0;
11068651Skris			break;
11168651Skris		}
11268651Skris	}
11368651Skris
11468651Skris	if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
11568651Skris		if(!ctx->cipher->init(ctx,key,iv,enc)) return 0;
11668651Skris	}
11768651Skris	if(enc != -1) ctx->encrypt=enc;
11868651Skris	ctx->buf_len=0;
11968651Skris	return 1;
12068651Skris	}
12168651Skris
12268651Skrisint EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
12355714Skris	     unsigned char *in, int inl)
12455714Skris	{
12555714Skris	if (ctx->encrypt)
12668651Skris		return EVP_EncryptUpdate(ctx,out,outl,in,inl);
12768651Skris	else	return EVP_DecryptUpdate(ctx,out,outl,in,inl);
12855714Skris	}
12955714Skris
13055714Skrisint EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
13155714Skris	{
13255714Skris	if (ctx->encrypt)
13368651Skris		return EVP_EncryptFinal(ctx,out,outl);
13455714Skris	else	return(EVP_DecryptFinal(ctx,out,outl));
13555714Skris	}
13655714Skris
13768651Skrisint EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
13855714Skris	     unsigned char *key, unsigned char *iv)
13955714Skris	{
14068651Skris	return EVP_CipherInit(ctx, cipher, key, iv, 1);
14155714Skris	}
14255714Skris
14368651Skrisint EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
14455714Skris	     unsigned char *key, unsigned char *iv)
14555714Skris	{
14668651Skris	return EVP_CipherInit(ctx, cipher, key, iv, 0);
14755714Skris	}
14855714Skris
14955714Skris
15068651Skrisint EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
15155714Skris	     unsigned char *in, int inl)
15255714Skris	{
15355714Skris	int i,j,bl;
15455714Skris
15555714Skris	i=ctx->buf_len;
15655714Skris	bl=ctx->cipher->block_size;
15755714Skris	*outl=0;
15868651Skris	if ((inl == 0) && (i != bl)) return 1;
15955714Skris	if (i != 0)
16055714Skris		{
16155714Skris		if (i+inl < bl)
16255714Skris			{
16355714Skris			memcpy(&(ctx->buf[i]),in,inl);
16455714Skris			ctx->buf_len+=inl;
16568651Skris			return 1;
16655714Skris			}
16755714Skris		else
16855714Skris			{
16955714Skris			j=bl-i;
17055714Skris			if (j != 0) memcpy(&(ctx->buf[i]),in,j);
17168651Skris			if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,bl)) return 0;
17255714Skris			inl-=j;
17355714Skris			in+=j;
17455714Skris			out+=bl;
17555714Skris			*outl+=bl;
17655714Skris			}
17755714Skris		}
17855714Skris	i=inl%bl; /* how much is left */
17955714Skris	inl-=i;
18055714Skris	if (inl > 0)
18155714Skris		{
18268651Skris		if(!ctx->cipher->do_cipher(ctx,out,in,inl)) return 0;
18355714Skris		*outl+=inl;
18455714Skris		}
18555714Skris
18655714Skris	if (i != 0)
18755714Skris		memcpy(ctx->buf,&(in[inl]),i);
18855714Skris	ctx->buf_len=i;
18968651Skris	return 1;
19055714Skris	}
19155714Skris
19268651Skrisint EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
19355714Skris	{
19455714Skris	int i,n,b,bl;
19555714Skris
19655714Skris	b=ctx->cipher->block_size;
19755714Skris	if (b == 1)
19855714Skris		{
19955714Skris		*outl=0;
20068651Skris		return 1;
20155714Skris		}
20255714Skris	bl=ctx->buf_len;
20355714Skris	n=b-bl;
20455714Skris	for (i=bl; i<b; i++)
20555714Skris		ctx->buf[i]=n;
20668651Skris	if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,b)) return 0;
20755714Skris	*outl=b;
20868651Skris	return 1;
20955714Skris	}
21055714Skris
21168651Skrisint EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
21255714Skris	     unsigned char *in, int inl)
21355714Skris	{
21455714Skris	int b,bl,n;
21555714Skris	int keep_last=0;
21655714Skris
21755714Skris	*outl=0;
21868651Skris	if (inl == 0) return 1;
21955714Skris
22055714Skris	b=ctx->cipher->block_size;
22155714Skris	if (b > 1)
22255714Skris		{
22355714Skris		/* Is the input a multiple of the block size? */
22455714Skris		bl=ctx->buf_len;
22555714Skris		n=inl+bl;
22655714Skris		if (n%b == 0)
22755714Skris			{
22855714Skris			if (inl < b) /* must be 'just one' buff */
22955714Skris				{
23055714Skris				memcpy(&(ctx->buf[bl]),in,inl);
23155714Skris				ctx->buf_len=b;
23255714Skris				*outl=0;
23368651Skris				return 1;
23455714Skris				}
23555714Skris			keep_last=1;
23655714Skris			inl-=b; /* don't do the last block */
23755714Skris			}
23855714Skris		}
23968651Skris	if(!EVP_EncryptUpdate(ctx,out,outl,in,inl)) return 0;
24055714Skris
24155714Skris	/* if we have 'decrypted' a multiple of block size, make sure
24255714Skris	 * we have a copy of this last block */
24355714Skris	if (keep_last)
24455714Skris		{
24555714Skris		memcpy(&(ctx->buf[0]),&(in[inl]),b);
24655714Skris#ifdef DEBUG
24755714Skris		if (ctx->buf_len != 0)
24855714Skris			{
24955714Skris			abort();
25055714Skris			}
25155714Skris#endif
25255714Skris		ctx->buf_len=b;
25355714Skris		}
25468651Skris	return 1;
25555714Skris	}
25655714Skris
25755714Skrisint EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
25855714Skris	{
25955714Skris	int i,b;
26055714Skris	int n;
26155714Skris
26255714Skris	*outl=0;
26355714Skris	b=ctx->cipher->block_size;
26455714Skris	if (b > 1)
26555714Skris		{
26655714Skris		if (ctx->buf_len != b)
26755714Skris			{
26855714Skris			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
26955714Skris			return(0);
27055714Skris			}
27168651Skris		if(!EVP_EncryptUpdate(ctx,ctx->buf,&n,ctx->buf,0)) return 0;
27255714Skris		if (n != b)
27355714Skris			return(0);
27455714Skris		n=ctx->buf[b-1];
27555714Skris		if (n > b)
27655714Skris			{
27755714Skris			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
27855714Skris			return(0);
27955714Skris			}
28055714Skris		for (i=0; i<n; i++)
28155714Skris			{
28255714Skris			if (ctx->buf[--b] != n)
28355714Skris				{
28455714Skris				EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
28555714Skris				return(0);
28655714Skris				}
28755714Skris			}
28855714Skris		n=ctx->cipher->block_size-n;
28955714Skris		for (i=0; i<n; i++)
29055714Skris			out[i]=ctx->buf[i];
29155714Skris		*outl=n;
29255714Skris		}
29355714Skris	else
29455714Skris		*outl=0;
29555714Skris	return(1);
29655714Skris	}
29755714Skris
29868651Skrisint EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
29955714Skris	{
30055714Skris	if ((c->cipher != NULL) && (c->cipher->cleanup != NULL))
30168651Skris		{
30268651Skris		if(!c->cipher->cleanup(c)) return 0;
30368651Skris		}
30455714Skris	memset(c,0,sizeof(EVP_CIPHER_CTX));
30568651Skris	return 1;
30655714Skris	}
30755714Skris
30868651Skrisint EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
30968651Skris	{
31068651Skris	if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
31168651Skris		return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL);
31268651Skris	if(c->key_len == keylen) return 1;
31368651Skris	if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH))
31468651Skris		{
31568651Skris		c->key_len = keylen;
31668651Skris		return 1;
31768651Skris		}
31868651Skris	EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH);
31968651Skris	return 0;
32068651Skris	}
32168651Skris
32268651Skrisint EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
32368651Skris{
32468651Skris	int ret;
32568651Skris	if(!ctx->cipher) {
32668651Skris		EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
32768651Skris		return 0;
32868651Skris	}
32968651Skris
33068651Skris	if(!ctx->cipher->ctrl) {
33168651Skris		EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
33268651Skris		return 0;
33368651Skris	}
33468651Skris
33568651Skris	ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
33668651Skris	if(ret == -1) {
33768651Skris		EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
33868651Skris		return 0;
33968651Skris	}
34068651Skris	return ret;
34168651Skris}
342