generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Modify EVP cipher behaviour in a similar way

Browse Source 
to digests to retain compatibility.
This commit is contained in:
Dr. Stephen Henson 2001-10-17 00:37:12 +00:00
parent 41ebed27fa
commit 581f1c8494
27 changed files with 96 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@ -12,6 +12,10 @@
*) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7 *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
+) applies to 0.9.7 only +) applies to 0.9.7 only
+) Modify the behaviour of EVP cipher functions in similar way to digests
to retain compatibility with existing code.
[Steve Henson]
+) Modify the behaviour of EVP_DigestInit() and EVP_DigestFinal() to retain +) Modify the behaviour of EVP_DigestInit() and EVP_DigestFinal() to retain
compatibility with existing code. In particular the 'ctx' parameter is compatibility with existing code. In particular the 'ctx' parameter is
not assumed to be valid before the call to EVP_DigestInit() and it is tidied not assumed to be valid before the call to EVP_DigestInit() and it is tidied

8
apps/speed.c
View File

@ -1216,9 +1216,9 @@ int MAIN(int argc, char **argv)
print_message(names[D_EVP],save_count, print_message(names[D_EVP],save_count,
lengths[j]); lengths[j]);
if(decrypt) if(decrypt)
EVP_DecryptInit(&ctx,evp,key16,iv); EVP_DecryptInit_ex(&ctx,evp,NULL,key16,iv);
else else
EVP_EncryptInit(&ctx,evp,key16,iv); EVP_EncryptInit_ex(&ctx,evp,NULL,key16,iv);
Time_F(START,usertime); Time_F(START,usertime);
if(decrypt) if(decrypt)
@ -1228,9 +1228,9 @@ int MAIN(int argc, char **argv)
for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++) for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++)
EVP_EncryptUpdate(&ctx,buf,&outl,buf,lengths[j]); EVP_EncryptUpdate(&ctx,buf,&outl,buf,lengths[j]);
if(decrypt) if(decrypt)
EVP_DecryptFinal(&ctx,buf,&outl); EVP_DecryptFinal_ex(&ctx,buf,&outl);
else else
EVP_EncryptFinal(&ctx,buf,&outl); EVP_EncryptFinal_ex(&ctx,buf,&outl);
d=Time_F(STOP,usertime); d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n", BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_EVP],d); count,names[D_EVP],d);

8
crypto/asn1/n_pkey.c
View File

@ -207,9 +207,9 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
/* Encrypt private key in place */ /* Encrypt private key in place */
zz = enckey->enckey->digest->data; zz = enckey->enckey->digest->data;
EVP_CIPHER_CTX_init(&ctx); EVP_CIPHER_CTX_init(&ctx);
EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL); EVP_EncryptInit_ex(&ctx,EVP_rc4(),NULL,key,NULL);
EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen); EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen);
EVP_EncryptFinal(&ctx,zz + i,&j); EVP_EncryptFinal_ex(&ctx,zz + i,&j);
EVP_CIPHER_CTX_cleanup(&ctx); EVP_CIPHER_CTX_cleanup(&ctx);
ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp); ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp);
@ -293,9 +293,9 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
memset(buf,0,256); memset(buf,0,256);
EVP_CIPHER_CTX_init(&ctx); EVP_CIPHER_CTX_init(&ctx);
EVP_DecryptInit(&ctx,EVP_rc4(),key,NULL); EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL);
EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length); EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length);
EVP_DecryptFinal(&ctx,&(os->data[i]),&j); EVP_DecryptFinal_ex(&ctx,&(os->data[i]),&j);
EVP_CIPHER_CTX_cleanup(&ctx); EVP_CIPHER_CTX_cleanup(&ctx);
os->length=i+j; os->length=i+j;

2
crypto/asn1/p5_pbev2.c
View File

@ -117,7 +117,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
goto err; goto err;
/* Dummy cipherinit to just setup the IV */ /* Dummy cipherinit to just setup the IV */
EVP_CipherInit(&ctx, cipher, NULL, iv, 0); EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0);
if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) { if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
ASN1err(ASN1_F_PKCS5_PBE2_SET, ASN1err(ASN1_F_PKCS5_PBE2_SET,
ASN1_R_ERROR_SETTING_CIPHER_PARAMS); ASN1_R_ERROR_SETTING_CIPHER_PARAMS);

8
crypto/evp/bio_enc.c
View File

@ -184,7 +184,7 @@ static int enc_read(BIO *b, char *out, int outl)
if (!BIO_should_retry(b->next_bio)) if (!BIO_should_retry(b->next_bio))
{ {
ctx->cont=i; ctx->cont=i;
i=EVP_CipherFinal(&(ctx->cipher), i=EVP_CipherFinal_ex(&(ctx->cipher),
(unsigned char *)ctx->buf, (unsigned char *)ctx->buf,
&(ctx->buf_len)); &(ctx->buf_len));
ctx->ok=i; ctx->ok=i;
@ -298,7 +298,7 @@ static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)
case BIO_CTRL_RESET: case BIO_CTRL_RESET:
ctx->ok=1; ctx->ok=1;
ctx->finished=0; ctx->finished=0;
EVP_CipherInit(&(ctx->cipher),NULL,NULL,NULL, EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL,
ctx->cipher.encrypt); ctx->cipher.encrypt);
ret=BIO_ctrl(b->next_bio,cmd,num,ptr); ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
break; break;
@ -335,7 +335,7 @@ again:
{ {
ctx->finished=1; ctx->finished=1;
ctx->buf_off=0; ctx->buf_off=0;
ret=EVP_CipherFinal(&(ctx->cipher), ret=EVP_CipherFinal_ex(&(ctx->cipher),
(unsigned char *)ctx->buf, (unsigned char *)ctx->buf,
&(ctx->buf_len)); &(ctx->buf_len));
ctx->ok=(int)ret; ctx->ok=(int)ret;
@ -421,7 +421,7 @@ void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, unsigned char *k,
b->init=1; b->init=1;
ctx=(BIO_ENC_CTX *)b->ptr; ctx=(BIO_ENC_CTX *)b->ptr;
EVP_CipherInit(&(ctx->cipher),c,k,i,e); EVP_CipherInit_ex(&(ctx->cipher),c,NULL, k,i,e);
if (b->callback != NULL) if (b->callback != NULL)
b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,1L); b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,1L);

2
crypto/evp/e_rc2.c
View File

@ -180,7 +180,7 @@ static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
key_bits =rc2_magic_to_meth((int)num); key_bits =rc2_magic_to_meth((int)num);
if (!key_bits) if (!key_bits)
return(-1); return(-1);
if(i > 0) EVP_CipherInit(c, NULL, NULL, iv, -1); if(i > 0) EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1);
EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL); EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
EVP_CIPHER_CTX_set_key_length(c, key_bits / 8); EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
} }

3
crypto/evp/evp.h
View File

@ -488,6 +488,7 @@ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *imp
const unsigned char *key, const unsigned char *iv); const unsigned char *key, const unsigned char *iv);
int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, const unsigned char *in, int inl); int *outl, const unsigned char *in, int inl);
int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
int EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, int EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
@ -497,6 +498,7 @@ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *imp
int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, const unsigned char *in, int inl); int *outl, const unsigned char *in, int inl);
int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
int EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, int EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
const unsigned char *key,const unsigned char *iv, const unsigned char *key,const unsigned char *iv,
@ -507,6 +509,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl
int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, const unsigned char *in, int inl); int *outl, const unsigned char *in, int inl);
int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s, int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
EVP_PKEY *pkey); EVP_PKEY *pkey);

28
crypto/evp/evp_enc.c
View File

@ -73,11 +73,14 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
/* ctx->cipher=NULL; */ /* ctx->cipher=NULL; */
} }
int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
const unsigned char *key, const unsigned char *iv, int enc) const unsigned char *key, const unsigned char *iv, int enc)
{ {
EVP_CIPHER_CTX_init(ctx);
return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc); return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc);
} }
int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
const unsigned char *key, const unsigned char *iv, int enc) const unsigned char *key, const unsigned char *iv, int enc)
{ {
@ -187,6 +190,13 @@ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
else return EVP_DecryptUpdate(ctx,out,outl,in,inl); else return EVP_DecryptUpdate(ctx,out,outl,in,inl);
} }
int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
{
if (ctx->encrypt)
return EVP_EncryptFinal_ex(ctx,out,outl);
else return EVP_DecryptFinal_ex(ctx,out,outl);
}
int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
{ {
if (ctx->encrypt) if (ctx->encrypt)
@ -197,7 +207,7 @@ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
const unsigned char *key, const unsigned char *iv) const unsigned char *key, const unsigned char *iv)
{ {
return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 1); return EVP_CipherInit(ctx, cipher, key, iv, 1);
} }
int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
@ -275,6 +285,14 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
} }
int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
{
int ret;
ret = EVP_EncryptFinal_ex(ctx, out, outl);
EVP_CIPHER_CTX_cleanup(ctx);
return ret;
}
int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
{ {
int i,n,b,bl,ret; int i,n,b,bl,ret;
@ -358,6 +376,14 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
} }
int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
{
int ret;
ret = EVP_DecryptFinal_ex(ctx, out, outl);
EVP_CIPHER_CTX_cleanup(ctx);
return ret;
}
int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
{ {
int i,b; int i,b;
int n; int n;

8
crypto/evp/evp_test.c
View File

@ -142,7 +142,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
exit(5); exit(5);
} }
EVP_CIPHER_CTX_init(&ctx); EVP_CIPHER_CTX_init(&ctx);
if(!EVP_EncryptInit(&ctx,c,key,iv)) if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,iv))
{ {
fprintf(stderr,"EncryptInit failed\n"); fprintf(stderr,"EncryptInit failed\n");
exit(10); exit(10);
@ -154,7 +154,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
fprintf(stderr,"Encrypt failed\n"); fprintf(stderr,"Encrypt failed\n");
exit(6); exit(6);
} }
if(!EVP_EncryptFinal(&ctx,out+outl,&outl2)) if(!EVP_EncryptFinal_ex(&ctx,out+outl,&outl2))
{ {
fprintf(stderr,"EncryptFinal failed\n"); fprintf(stderr,"EncryptFinal failed\n");
exit(7); exit(7);
@ -175,7 +175,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
exit(9); exit(9);
} }
if(!EVP_DecryptInit(&ctx,c,key,iv)) if(!EVP_DecryptInit_ex(&ctx,c,NULL,key,iv))
{ {
fprintf(stderr,"DecryptInit failed\n"); fprintf(stderr,"DecryptInit failed\n");
exit(11); exit(11);
@ -187,7 +187,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
fprintf(stderr,"Decrypt failed\n"); fprintf(stderr,"Decrypt failed\n");
exit(6); exit(6);
} }
if(!EVP_DecryptFinal(&ctx,out+outl,&outl2)) if(!EVP_DecryptFinal_ex(&ctx,out+outl,&outl2))
{ {
fprintf(stderr,"DecryptFinal failed\n"); fprintf(stderr,"DecryptFinal failed\n");
exit(7); exit(7);

2
crypto/evp/p5_crpt.c
View File

@ -143,7 +143,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
EVP_CIPHER_iv_length(cipher)); EVP_CIPHER_iv_length(cipher));
EVP_CipherInit(cctx, cipher, key, iv, en_de); EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de);
memset(md_tmp, 0, EVP_MAX_MD_SIZE); memset(md_tmp, 0, EVP_MAX_MD_SIZE);
memset(key, 0, EVP_MAX_KEY_LENGTH); memset(key, 0, EVP_MAX_KEY_LENGTH);
memset(iv, 0, EVP_MAX_IV_LENGTH); memset(iv, 0, EVP_MAX_IV_LENGTH);

4
crypto/evp/p5_crpt2.c
View File

@ -183,7 +183,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
} }
/* Fixup cipher based on AlgorithmIdentifier */ /* Fixup cipher based on AlgorithmIdentifier */
EVP_CipherInit(ctx, cipher, NULL, NULL, en_de); EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de);
if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) { if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
EVP_R_CIPHER_PARAMETER_ERROR); EVP_R_CIPHER_PARAMETER_ERROR);
@ -229,7 +229,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
saltlen = kdf->salt->value.octet_string->length; saltlen = kdf->salt->value.octet_string->length;
iter = ASN1_INTEGER_get(kdf->iter); iter = ASN1_INTEGER_get(kdf->iter);
PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key); PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key);
EVP_CipherInit(ctx, NULL, key, NULL, en_de); EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
memset(key, 0, keylen); memset(key, 0, keylen);
PBKDF2PARAM_free(kdf); PBKDF2PARAM_free(kdf);
return 1; return 1;

8
crypto/evp/p_open.c
View File

@ -71,7 +71,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *ek,
if(type) { if(type) {
EVP_CIPHER_CTX_init(ctx); EVP_CIPHER_CTX_init(ctx);
if(!EVP_DecryptInit(ctx,type,NULL,NULL)) return 0; if(!EVP_DecryptInit_ex(ctx,type,NULL, NULL,NULL)) return 0;
} }
if(!priv) return 1; if(!priv) return 1;
@ -97,7 +97,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *ek,
/* ERROR */ /* ERROR */
goto err; goto err;
} }
if(!EVP_DecryptInit(ctx,NULL,key,iv)) goto err; if(!EVP_DecryptInit_ex(ctx,NULL,NULL,key,iv)) goto err;
ret=1; ret=1;
err: err:
@ -110,8 +110,8 @@ int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
{ {
int i; int i;
i=EVP_DecryptFinal(ctx,out,outl); i=EVP_DecryptFinal_ex(ctx,out,outl);
EVP_DecryptInit(ctx,NULL,NULL,NULL); EVP_DecryptInit_ex(ctx,NULL,NULL,NULL,NULL);
return(i); return(i);
} }
#else /* !OPENSSL_NO_RSA */ #else /* !OPENSSL_NO_RSA */

8
crypto/evp/p_seal.c
View File

@ -74,7 +74,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek
if(type) { if(type) {
EVP_CIPHER_CTX_init(ctx); EVP_CIPHER_CTX_init(ctx);
if(!EVP_EncryptInit(ctx,type,NULL,NULL)) return 0; if(!EVP_EncryptInit_ex(ctx,type,NULL,NULL,NULL)) return 0;
} }
if (npubk <= 0) return(0); if (npubk <= 0) return(0);
if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) <= 0) if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) <= 0)
@ -82,7 +82,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek
if (EVP_CIPHER_CTX_iv_length(ctx)) if (EVP_CIPHER_CTX_iv_length(ctx))
RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx)); RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx));
if(!EVP_EncryptInit(ctx,NULL,key,iv)) return 0; if(!EVP_EncryptInit_ex(ctx,NULL,NULL,key,iv)) return 0;
for (i=0; i<npubk; i++) for (i=0; i<npubk; i++)
{ {
@ -107,6 +107,6 @@ int inl;
void EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) void EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
{ {
EVP_EncryptFinal(ctx,out,outl); EVP_EncryptFinal_ex(ctx,out,outl);
EVP_EncryptInit(ctx,NULL,NULL,NULL); EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);
} }

8
crypto/pem/pem_lib.c
View File

@ -346,9 +346,9 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
PEM_dek_info(buf,objstr,8,(char *)iv); PEM_dek_info(buf,objstr,8,(char *)iv);
/* k=strlen(buf); */ /* k=strlen(buf); */
EVP_EncryptInit(&ctx,enc,key,iv); EVP_EncryptInit_ex(&ctx,enc,NULL,key,iv);
EVP_EncryptUpdate(&ctx,data,&j,data,i); EVP_EncryptUpdate(&ctx,data,&j,data,i);
EVP_EncryptFinal(&ctx,&(data[j]),&i); EVP_EncryptFinal_ex(&ctx,&(data[j]),&i);
i+=j; i+=j;
ret=1; ret=1;
} }
@ -399,9 +399,9 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
(unsigned char *)buf,klen,1,key,NULL); (unsigned char *)buf,klen,1,key,NULL);
j=(int)len; j=(int)len;
EVP_DecryptInit(&ctx,cipher->cipher,key,&(cipher->iv[0])); EVP_DecryptInit_ex(&ctx,cipher->cipher,NULL, key,&(cipher->iv[0]));
EVP_DecryptUpdate(&ctx,data,&i,data,j); EVP_DecryptUpdate(&ctx,data,&i,data,j);
o=EVP_DecryptFinal(&ctx,&(data[i]),&j); o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j);
EVP_CIPHER_CTX_cleanup(&ctx); EVP_CIPHER_CTX_cleanup(&ctx);
memset((char *)buf,0,sizeof(buf)); memset((char *)buf,0,sizeof(buf));
memset((char *)key,0,sizeof(key)); memset((char *)key,0,sizeof(key));

2
crypto/pem/pem_seal.c
View File

@ -161,7 +161,7 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
goto err; goto err;
} }
EVP_EncryptFinal(&ctx->cipher,s,(int *)&i); EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i);
EVP_EncodeUpdate(&ctx->encode,out,&j,s,i); EVP_EncodeUpdate(&ctx->encode,out,&j,s,i);
*outl=j; *outl=j;
out+=j; out+=j;

2
crypto/pkcs12/p12_crpt.c
View File

@ -117,7 +117,7 @@ int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
return 0; return 0;
} }
PBEPARAM_free(pbe); PBEPARAM_free(pbe);
EVP_CipherInit(ctx, cipher, key, iv, en_de); EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de);
memset(key, 0, EVP_MAX_KEY_LENGTH); memset(key, 0, EVP_MAX_KEY_LENGTH);
memset(iv, 0, EVP_MAX_IV_LENGTH); memset(iv, 0, EVP_MAX_IV_LENGTH);
return 1; return 1;

2
crypto/pkcs12/p12_decr.c
View File

@ -90,7 +90,7 @@ unsigned char * PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
EVP_CipherUpdate (&ctx, out, &i, in, inlen); EVP_CipherUpdate (&ctx, out, &i, in, inlen);
outlen = i; outlen = i;
if(!EVP_CipherFinal (&ctx, out + i, &i)) { if(!EVP_CipherFinal_ex (&ctx, out + i, &i)) {
OPENSSL_free (out); OPENSSL_free (out);
PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_CIPHERFINAL_ERROR); PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_CIPHERFINAL_ERROR);
return NULL; return NULL;

6
crypto/pkcs7/bio_ber.c
View File

@ -339,7 +339,7 @@ static long ber_ctrl(BIO *b, int cmd, long num, char *ptr)
case BIO_CTRL_RESET: case BIO_CTRL_RESET:
ctx->ok=1; ctx->ok=1;
ctx->finished=0; ctx->finished=0;
EVP_CipherInit(&(ctx->cipher),NULL,NULL,NULL, EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL,
ctx->cipher.berrypt); ctx->cipher.berrypt);
ret=BIO_ctrl(b->next_bio,cmd,num,ptr); ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
break; break;
@ -376,7 +376,7 @@ again:
{ {
ctx->finished=1; ctx->finished=1;
ctx->buf_off=0; ctx->buf_off=0;
ret=EVP_CipherFinal(&(ctx->cipher), ret=EVP_CipherFinal_ex(&(ctx->cipher),
(unsigned char *)ctx->buf, (unsigned char *)ctx->buf,
&(ctx->buf_len)); &(ctx->buf_len));
ctx->ok=(int)ret; ctx->ok=(int)ret;
@ -458,7 +458,7 @@ void BIO_set_cipher(BIO *b, EVP_CIPHER *c, unsigned char *k, unsigned char *i,
b->init=1; b->init=1;
ctx=(BIO_ENC_CTX *)b->ptr; ctx=(BIO_ENC_CTX *)b->ptr;
EVP_CipherInit(&(ctx->cipher),c,k,i,e); EVP_CipherInit_ex(&(ctx->cipher),c,NULL,k,i,e);
if (b->callback != NULL) if (b->callback != NULL)
b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L); b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);

6
crypto/pkcs7/pk7_doit.c
View File

@ -165,7 +165,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
goto err; goto err;
xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher)); xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
if (ivlen > 0) RAND_pseudo_bytes(iv,ivlen); if (ivlen > 0) RAND_pseudo_bytes(iv,ivlen);
EVP_CipherInit(ctx, evp_cipher, key, iv, 1); EVP_CipherInit_ex(ctx, evp_cipher, NULL, key, iv, 1);
if (ivlen > 0) { if (ivlen > 0) {
if (xalg->parameter == NULL) if (xalg->parameter == NULL)
@ -391,7 +391,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
evp_ctx=NULL; evp_ctx=NULL;
BIO_get_cipher_ctx(etmp,&evp_ctx); BIO_get_cipher_ctx(etmp,&evp_ctx);
EVP_CipherInit(evp_ctx,evp_cipher,NULL,NULL,0); EVP_CipherInit_ex(evp_ctx,evp_cipher,NULL,NULL,NULL,0);
if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0) if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0)
goto err; goto err;
@ -407,7 +407,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
goto err; goto err;
} }
} }
EVP_CipherInit(evp_ctx,NULL,tmp,NULL,0); EVP_CipherInit_ex(evp_ctx,NULL,NULL,tmp,NULL,0);
memset(tmp,0,jj); memset(tmp,0,jj);

4
demos/maurice/example1.c
View File

@ -126,7 +126,7 @@ void main_encrypt(void)
void main_decrypt(void) void main_decrypt(void)
{ {
char buf[512]; char buf[520];
char ebuf[512]; char ebuf[512];
unsigned int buflen; unsigned int buflen;
EVP_CIPHER_CTX ectx; EVP_CIPHER_CTX ectx;
@ -164,7 +164,6 @@ void main_decrypt(void)
read(STDIN, encryptKey, ekeylen); read(STDIN, encryptKey, ekeylen);
read(STDIN, iv, sizeof(iv)); read(STDIN, iv, sizeof(iv));
EVP_OpenInit(&ectx, EVP_OpenInit(&ectx,
EVP_des_ede3_cbc(), EVP_des_ede3_cbc(),
encryptKey, encryptKey,
@ -185,7 +184,6 @@ void main_decrypt(void)
} }
EVP_OpenUpdate(&ectx, buf, &buflen, ebuf, readlen); EVP_OpenUpdate(&ectx, buf, &buflen, ebuf, readlen);
write(STDOUT, buf, buflen); write(STDOUT, buf, buflen);
} }

6
demos/maurice/example3.c
View File

@ -57,7 +57,8 @@ void do_cipher(char *pw, int operation)
EVP_BytesToKey(ALG, EVP_md5(), "salu", pw, strlen(pw), 1, key, iv); EVP_BytesToKey(ALG, EVP_md5(), "salu", pw, strlen(pw), 1, key, iv);
EVP_CipherInit(&ectx, ALG, key, iv, operation); EVP_CIPHER_CTX_init(&ectx);
EVP_CipherInit_ex(&ectx, ALG, NULL, key, iv, operation);
while(1) while(1)
{ {
@ -79,7 +80,8 @@ void do_cipher(char *pw, int operation)
write(STDOUT, ebuf, ebuflen); write(STDOUT, ebuf, ebuflen);
} }
EVP_CipherFinal(&ectx, ebuf, &ebuflen); EVP_CipherFinal_ex(&ectx, ebuf, &ebuflen);
EVP_CIPHER_CTX_cleanup(&ectx);
write(STDOUT, ebuf, ebuflen); write(STDOUT, ebuf, ebuflen);
} }

8
ssl/kssl.c
View File

@ -1997,10 +1997,10 @@ krb5_error_code kssl_check_authent(
*/ */
goto err; goto err;
} }
if (!EVP_DecryptInit(&ciph_ctx, enc, kssl_ctx->key, iv)) if (!EVP_DecryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv))
{ {
kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
"EVP_DecryptInit error decrypting authenticator.\n"); "EVP_DecryptInit_ex error decrypting authenticator.\n");
krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
goto err; goto err;
} }
@ -2019,10 +2019,10 @@ krb5_error_code kssl_check_authent(
krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
goto err; goto err;
} }
if (!EVP_DecryptFinal(&ciph_ctx, &(unenc_authent[outl]), &padl)) if (!EVP_DecryptFinal_ex(&ciph_ctx, &(unenc_authent[outl]), &padl))
{ {
kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
"EVP_DecryptFinal error decrypting authenticator.\n"); "EVP_DecryptFinal_ex error decrypting authenticator.\n");
krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
goto err; goto err;
} }

4
ssl/s2_enc.c
View File

@ -98,9 +98,9 @@ int ssl2_enc_init(SSL *s, int client)
ssl2_generate_key_material(s); ssl2_generate_key_material(s);
EVP_EncryptInit(ws,c,&(s->s2->key_material[(client)?num:0]), EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]),
s->session->key_arg); s->session->key_arg);
EVP_DecryptInit(rs,c,&(s->s2->key_material[(client)?0:num]), EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]),
s->session->key_arg); s->session->key_arg);
s->s2->read_key= &(s->s2->key_material[(client)?0:num]); s->s2->read_key= &(s->s2->key_material[(client)?0:num]);
s->s2->write_key= &(s->s2->key_material[(client)?num:0]); s->s2->write_key= &(s->s2->key_material[(client)?num:0]);

8
ssl/s3_clnt.c
View File

@ -1519,17 +1519,17 @@ static int ssl3_send_client_key_exchange(SSL *s)
goto err; goto err;
/* 20010420 VRS. Tried it this way; failed. /* 20010420 VRS. Tried it this way; failed.
** EVP_EncryptInit(&ciph_ctx,enc, NULL,NULL); ** EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
** EVP_CIPHER_CTX_set_key_length(&ciph_ctx, ** EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
** kssl_ctx->length); ** kssl_ctx->length);
** EVP_EncryptInit(&ciph_ctx,NULL, key,iv); ** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
*/ */
memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */ memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */
EVP_EncryptInit(&ciph_ctx,enc, kssl_ctx->key,iv); EVP_EncryptInit_ex(&ciph_ctx,enc, kssl_ctx->key,iv);
EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf, EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf,
SSL_MAX_MASTER_KEY_LENGTH); SSL_MAX_MASTER_KEY_LENGTH);
EVP_EncryptFinal(&ciph_ctx,&(epms[outl]),&padl); EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
outl += padl; outl += padl;
EVP_CIPHER_CTX_cleanup(&ciph_ctx); EVP_CIPHER_CTX_cleanup(&ciph_ctx);

2
ssl/s3_enc.c
View File

@ -275,7 +275,7 @@ int ssl3_change_cipher_state(SSL *s, int which)
s->session->key_arg_length=0; s->session->key_arg_length=0;
EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE)); EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE));
memset(&(exp_key[0]),0,sizeof(exp_key)); memset(&(exp_key[0]),0,sizeof(exp_key));
memset(&(exp_iv[0]),0,sizeof(exp_iv)); memset(&(exp_iv[0]),0,sizeof(exp_iv));

4
ssl/s3_srvr.c
View File

@ -1618,7 +1618,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */ memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */
if (!EVP_DecryptInit(&ciph_ctx,enc,kssl_ctx->key,iv)) if (!EVP_DecryptInit_ex(&ciph_ctx,enc,kssl_ctx->key,iv))
{ {
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DECRYPTION_FAILED); SSL_R_DECRYPTION_FAILED);
@ -1637,7 +1637,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
SSL_R_DATA_LENGTH_TOO_LONG); SSL_R_DATA_LENGTH_TOO_LONG);
goto err; goto err;
} }
if (!EVP_DecryptFinal(&ciph_ctx,&(pms[outl]),&padl)) if (!EVP_DecryptFinal_ex(&ciph_ctx,&(pms[outl]),&padl))
{ {
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DECRYPTION_FAILED); SSL_R_DECRYPTION_FAILED);

4
ssl/t1_enc.c
View File

@ -341,7 +341,7 @@ printf("which = %04X\nmac key=",which);
#ifdef KSSL_DEBUG #ifdef KSSL_DEBUG
{ {
int i; int i;
printf("EVP_CipherInit(dd,c,key=,iv=,which)\n"); printf("EVP_CipherInit_ex(dd,c,key=,iv=,which)\n");
printf("\tkey= "); for (i=0; i<c->key_len; i++) printf("%02x", key[i]); printf("\tkey= "); for (i=0; i<c->key_len; i++) printf("%02x", key[i]);
printf("\n"); printf("\n");
printf("\t iv= "); for (i=0; i<c->iv_len; i++) printf("%02x", iv[i]); printf("\t iv= "); for (i=0; i<c->iv_len; i++) printf("%02x", iv[i]);
@ -349,7 +349,7 @@ printf("which = %04X\nmac key=",which);
} }
#endif /* KSSL_DEBUG */ #endif /* KSSL_DEBUG */
EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE)); EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE));
#ifdef TLS_DEBUG #ifdef TLS_DEBUG
printf("which = %04X\nkey=",which); printf("which = %04X\nkey=",which);
{ int z; for (z=0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c",key[z],((z+1)%16)?' ':'\n'); } { int z; for (z=0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c",key[z],((z+1)%16)?' ':'\n'); }