3 * Wrapper for OpenSSL library.
5 * Copyright (c) 2001 Marko Kreen
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * $Id: openssl.c,v 1.7 2001/10/28 06:25:41 momjian Exp $
36 #include <openssl/evp.h>
37 #include <openssl/blowfish.h>
40 digest_result_size(PX_MD * h)
42 return EVP_MD_CTX_size((EVP_MD_CTX *) h->p.ptr);
46 digest_block_size(PX_MD * h)
48 return EVP_MD_CTX_block_size((EVP_MD_CTX *) h->p.ptr);
52 digest_reset(PX_MD * h)
54 EVP_MD_CTX *ctx = (EVP_MD_CTX *) h->p.ptr;
57 md = EVP_MD_CTX_md(ctx);
59 EVP_DigestInit(ctx, md);
63 digest_update(PX_MD * h, const uint8 *data, uint dlen)
65 EVP_MD_CTX *ctx = (EVP_MD_CTX *) h->p.ptr;
67 EVP_DigestUpdate(ctx, data, dlen);
71 digest_finish(PX_MD * h, uint8 *dst)
73 EVP_MD_CTX *ctx = (EVP_MD_CTX *) h->p.ptr;
75 EVP_DigestFinal(ctx, dst, NULL);
79 digest_free(PX_MD * h)
81 EVP_MD_CTX *ctx = (EVP_MD_CTX *) h->p.ptr;
90 * The problem with OpenSSL is that the EVP* family
91 * of functions does not allow enough flexibility
92 * and forces some of the parameters (keylen,
93 * padding) to SSL defaults.
106 EVP_CIPHER_CTX evp_ctx;
108 const EVP_CIPHER *evp_ciph;
109 uint8 key[EVP_MAX_KEY_LENGTH];
110 uint8 iv[EVP_MAX_IV_LENGTH];
118 gen_evp_block_size(PX_Cipher * c)
120 ossldata *od = (ossldata *) c->ptr;
122 return EVP_CIPHER_block_size(od->evp_ciph);
126 gen_evp_key_size(PX_Cipher * c)
128 ossldata *od = (ossldata *) c->ptr;
130 return EVP_CIPHER_key_length(od->evp_ciph);
134 gen_evp_iv_size(PX_Cipher * c)
137 ossldata *od = (ossldata *) c->ptr;
139 ivlen = EVP_CIPHER_iv_length(od->evp_ciph);
144 gen_evp_free(PX_Cipher * c)
146 ossldata *od = (ossldata *) c->ptr;
148 memset(od, 0, sizeof(*od));
156 gen_evp_init(PX_Cipher * c, const uint8 *key, uint klen, const uint8 *iv)
158 ossldata *od = (ossldata *) c->ptr;
159 uint bs = gen_evp_block_size(c);
162 memcpy(od->iv, iv, bs);
164 memset(od->iv, 0, bs);
165 memcpy(od->key, key, klen);
172 _gen_init(PX_Cipher * c, int enc)
174 ossldata *od = c->ptr;
176 od->evp_ciph->init(&od->u.evp_ctx, od->key, od->iv, enc);
178 od->u.evp_ctx.encrypt = enc;
182 gen_evp_encrypt(PX_Cipher * c, const uint8 *data, uint dlen, uint8 *res)
184 ossldata *od = c->ptr;
188 od->evp_ciph->do_cipher(&od->u.evp_ctx, res, data, dlen);
193 gen_evp_decrypt(PX_Cipher * c, const uint8 *data, uint dlen, uint8 *res)
195 ossldata *od = c->ptr;
199 od->evp_ciph->do_cipher(&od->u.evp_ctx, res, data, dlen);
206 bf_init(PX_Cipher * c, const uint8 *key, uint klen, const uint8 *iv)
208 ossldata *od = c->ptr;
210 BF_set_key(&od->u.bf.key, klen, key);
212 memcpy(od->iv, iv, BF_BLOCK);
214 memset(od->iv, 0, BF_BLOCK);
220 bf_ecb_encrypt(PX_Cipher * c, const uint8 *data, uint dlen, uint8 *res)
222 uint bs = gen_evp_block_size(c),
224 ossldata *od = c->ptr;
226 for (i = 0; i < dlen / bs; i++)
227 BF_ecb_encrypt(data + i * bs, res + i * bs, &od->u.bf.key, BF_ENCRYPT);
232 bf_ecb_decrypt(PX_Cipher * c, const uint8 *data, uint dlen, uint8 *res)
234 uint bs = gen_evp_block_size(c),
236 ossldata *od = c->ptr;
238 for (i = 0; i < dlen / bs; i++)
239 BF_ecb_encrypt(data + i * bs, res + i * bs, &od->u.bf.key, BF_DECRYPT);
244 bf_cbc_encrypt(PX_Cipher * c, const uint8 *data, uint dlen, uint8 *res)
246 ossldata *od = c->ptr;
248 BF_cbc_encrypt(data, res, dlen, &od->u.bf.key, od->iv, BF_ENCRYPT);
253 bf_cbc_decrypt(PX_Cipher * c, const uint8 *data, uint dlen, uint8 *res)
255 ossldata *od = c->ptr;
257 BF_cbc_encrypt(data, res, dlen, &od->u.bf.key, od->iv, BF_DECRYPT);
262 bf_cfb64_encrypt(PX_Cipher * c, const uint8 *data, uint dlen, uint8 *res)
264 ossldata *od = c->ptr;
266 BF_cfb64_encrypt(data, res, dlen, &od->u.bf.key, od->iv,
267 &od->u.bf.num, BF_ENCRYPT);
272 bf_cfb64_decrypt(PX_Cipher * c, const uint8 *data, uint dlen, uint8 *res)
274 ossldata *od = c->ptr;
276 BF_cfb64_encrypt(data, res, dlen, &od->u.bf.key, od->iv,
277 &od->u.bf.num, BF_DECRYPT);
282 bf_ofb64_encrypt(PX_Cipher * c, const uint8 *data, uint dlen, uint8 *res)
284 ossldata *od = c->ptr;
286 BF_ofb64_encrypt(data, res, dlen, &od->u.bf.key, od->iv, &od->u.bf.num);
291 bf_ofb64_decrypt(PX_Cipher * c, const uint8 *data, uint dlen, uint8 *res)
293 ossldata *od = c->ptr;
295 BF_ofb64_encrypt(data, res, dlen, &od->u.bf.key, od->iv, &od->u.bf.num);
303 static PX_Alias ossl_aliases[] = {
305 {"blowfish", "bf-cbc"},
306 {"blowfish-cbc", "bf-cbc"},
307 {"blowfish-ecb", "bf-ecb"},
308 {"blowfish-cfb", "bf-cfb"},
309 {"blowfish-ofb", "bf-ofb"},
314 static PX_Alias ossl_mode_aliases [] = {
333 gen_evp_block_size, gen_evp_key_size, gen_evp_iv_size,
334 bf_init, bf_cbc_encrypt, bf_cbc_decrypt, gen_evp_free
340 gen_evp_block_size, gen_evp_key_size, gen_evp_iv_size,
341 bf_init, bf_ecb_encrypt, bf_ecb_decrypt, gen_evp_free
347 gen_evp_block_size, gen_evp_key_size, gen_evp_iv_size,
348 bf_init, bf_cfb64_encrypt, bf_cfb64_decrypt, gen_evp_free
354 gen_evp_block_size, gen_evp_key_size, gen_evp_iv_size,
355 bf_init, bf_ofb64_encrypt, bf_ofb64_decrypt, gen_evp_free
364 * Generic EVP_* functions handler
366 static PX_Cipher gen_evp_handler = {
367 gen_evp_block_size, gen_evp_key_size, gen_evp_iv_size,
368 gen_evp_init, gen_evp_encrypt, gen_evp_decrypt, gen_evp_free
371 static int px_openssl_initialized = 0;
374 static void *o_alloc(uint s) { return px_alloc(s); }
375 static void *o_realloc(void *p) { return px_realloc(p); }
376 static void o_free(void *p) { px_free(p); }
379 /* PUBLIC functions */
382 px_find_digest(const char *name, PX_MD ** res)
388 if (!px_openssl_initialized)
390 px_openssl_initialized = 1;
391 /* CRYPTO_set_mem_functions(o_alloc, o_realloc, o_free); */
392 OpenSSL_add_all_algorithms();
395 md = EVP_get_digestbyname(name);
399 ctx = px_alloc(sizeof(*ctx));
400 EVP_DigestInit(ctx, md);
402 h = px_alloc(sizeof(*h));
403 h->result_size = digest_result_size;
404 h->block_size = digest_block_size;
405 h->reset = digest_reset;
406 h->update = digest_update;
407 h->finish = digest_finish;
408 h->free = digest_free;
409 h->p.ptr = (void *) ctx;
417 px_find_cipher(const char *name, PX_Cipher ** res)
424 const EVP_CIPHER *evp_c;
426 if (!px_openssl_initialized)
428 px_openssl_initialized = 1;
429 /* CRYPTO_set_mem_functions(o_alloc, o_realloc, o_free); */
430 OpenSSL_add_all_algorithms();
433 name = px_resolve_alias(ossl_aliases, name);
434 evp_c = EVP_get_cipherbyname(name);
438 od = px_alloc(sizeof(*od));
439 memset(od, 0, sizeof(*od));
440 od->evp_ciph = evp_c;
444 for (i = 0; spec_types[i].name; i++)
445 if (!strcmp(name, spec_types[i].name))
447 csrc = &spec_types[i].cf;
452 csrc = &gen_evp_handler;
454 c = px_alloc(sizeof(*c));
455 memcpy(c, csrc, sizeof(*c));