1/* 2 * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10#include <stdio.h> 11#include "internal/cryptlib.h" 12#include "internal/provider.h" 13#include <openssl/rand.h> 14#include <openssl/rsa.h> 15#include <openssl/evp.h> 16#include <openssl/objects.h> 17#include <openssl/x509.h> 18#include <openssl/evp.h> 19 20int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, 21 unsigned char **ek, int *ekl, unsigned char *iv, 22 EVP_PKEY **pubk, int npubk) 23{ 24 unsigned char key[EVP_MAX_KEY_LENGTH]; 25 const OSSL_PROVIDER *prov; 26 OSSL_LIB_CTX *libctx = NULL; 27 EVP_PKEY_CTX *pctx = NULL; 28 const EVP_CIPHER *cipher; 29 int i, len; 30 int rv = 0; 31 32 if (type != NULL) { 33 EVP_CIPHER_CTX_reset(ctx); 34 if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL)) 35 return 0; 36 } 37 if ((cipher = EVP_CIPHER_CTX_get0_cipher(ctx)) != NULL 38 && (prov = EVP_CIPHER_get0_provider(cipher)) != NULL) 39 libctx = ossl_provider_libctx(prov); 40 if ((npubk <= 0) || !pubk) 41 return 1; 42 43 if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0) 44 return 0; 45 46 len = EVP_CIPHER_CTX_get_iv_length(ctx); 47 if (len < 0 || RAND_priv_bytes_ex(libctx, iv, len, 0) <= 0) 48 goto err; 49 50 len = EVP_CIPHER_CTX_get_key_length(ctx); 51 if (len < 0) 52 goto err; 53 54 if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv)) 55 goto err; 56 57 for (i = 0; i < npubk; i++) { 58 size_t keylen = len; 59 60 pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pubk[i], NULL); 61 if (pctx == NULL) { 62 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 63 goto err; 64 } 65 66 if (EVP_PKEY_encrypt_init(pctx) <= 0 67 || EVP_PKEY_encrypt(pctx, ek[i], &keylen, key, keylen) <= 0) 68 goto err; 69 ekl[i] = (int)keylen; 70 EVP_PKEY_CTX_free(pctx); 71 } 72 pctx = NULL; 73 rv = npubk; 74err: 75 EVP_PKEY_CTX_free(pctx); 76 OPENSSL_cleanse(key, sizeof(key)); 77 return rv; 78} 79 80int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 81{ 82 int i; 83 i = EVP_EncryptFinal_ex(ctx, out, outl); 84 if (i) 85 i = EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, NULL); 86 return i; 87} 88