1 /* crypto/evp/evp_enc.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  *
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  *
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  *
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  *
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  *
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 
59 #include <stdio.h>
60 #include "cryptlib.h"
61 #include <openssl/evp.h>
62 #include <openssl/err.h>
63 #ifndef OPENSSL_NO_ENGINE
64 #include <openssl/engine.h>
65 #endif
66 #include "evp_locl.h"
67 
68 const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT;
69 
EVP_CIPHER_CTX_init(EVP_CIPHER_CTX * ctx)70 void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
71 	{
72 	memset(ctx,0,sizeof(EVP_CIPHER_CTX));
73 	/* ctx->cipher=NULL; */
74 	}
75 
76 
EVP_CipherInit(EVP_CIPHER_CTX * ctx,const EVP_CIPHER * cipher,const unsigned char * key,const unsigned char * iv,int enc)77 int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
78 	     const unsigned char *key, const unsigned char *iv, int enc)
79 	{
80 	if (cipher)
81 		EVP_CIPHER_CTX_init(ctx);
82 	return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc);
83 	}
84 
85 #ifdef OPENSSL_FIPS
86 
87 /* The purpose of these is to trap programs that attempt to use non FIPS
88  * algorithms in FIPS mode and ignore the errors.
89  */
90 
bad_init(EVP_CIPHER_CTX * ctx,const unsigned char * key,const unsigned char * iv,int enc)91 int bad_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
92 	    const unsigned char *iv, int enc)
93 	{ FIPS_ERROR_IGNORED("Cipher init"); return 0;}
94 
bad_do_cipher(EVP_CIPHER_CTX * ctx,unsigned char * out,const unsigned char * in,unsigned int inl)95 int bad_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
96 		 const unsigned char *in, unsigned int inl)
97 	{ FIPS_ERROR_IGNORED("Cipher update"); return 0;}
98 
99 /* NB: no cleanup because it is allowed after failed init */
100 
bad_set_asn1(EVP_CIPHER_CTX * ctx,ASN1_TYPE * typ)101 int bad_set_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ)
102 	{ FIPS_ERROR_IGNORED("Cipher set_asn1"); return 0;}
bad_get_asn1(EVP_CIPHER_CTX * ctx,ASN1_TYPE * typ)103 int bad_get_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ)
104 	{ FIPS_ERROR_IGNORED("Cipher get_asn1"); return 0;}
bad_ctrl(EVP_CIPHER_CTX * ctx,int type,int arg,void * ptr)105 int bad_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
106 	{ FIPS_ERROR_IGNORED("Cipher ctrl"); return 0;}
107 
108 static const EVP_CIPHER bad_cipher =
109 	{
110 	0,
111 	0,
112 	0,
113 	0,
114 	0,
115 	bad_init,
116 	bad_do_cipher,
117 	NULL,
118 	0,
119 	bad_set_asn1,
120 	bad_get_asn1,
121 	bad_ctrl,
122 	NULL
123 	};
124 
125 #endif
126 
EVP_CipherInit_ex(EVP_CIPHER_CTX * ctx,const EVP_CIPHER * cipher,ENGINE * impl,const unsigned char * key,const unsigned char * iv,int enc)127 int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
128 	     const unsigned char *key, const unsigned char *iv, int enc)
129 	{
130 	if (enc == -1)
131 		enc = ctx->encrypt;
132 	else
133 		{
134 		if (enc)
135 			enc = 1;
136 		ctx->encrypt = enc;
137 		}
138 #ifndef OPENSSL_NO_ENGINE
139 	/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
140 	 * so this context may already have an ENGINE! Try to avoid releasing
141 	 * the previous handle, re-querying for an ENGINE, and having a
142 	 * reinitialisation, when it may all be unecessary. */
143 	if (ctx->engine && ctx->cipher && (!cipher ||
144 			(cipher && (cipher->nid == ctx->cipher->nid))))
145 		goto skip_to_init;
146 #endif
147 	if (cipher)
148 		{
149 		/* Ensure a context left lying around from last time is cleared
150 		 * (the previous check attempted to avoid this if the same
151 		 * ENGINE and EVP_CIPHER could be used). */
152 		EVP_CIPHER_CTX_cleanup(ctx);
153 
154 		/* Restore encrypt field: it is zeroed by cleanup */
155 		ctx->encrypt = enc;
156 #ifndef OPENSSL_NO_ENGINE
157 		if(impl)
158 			{
159 			if (!ENGINE_init(impl))
160 				{
161 				EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
162 				return 0;
163 				}
164 			}
165 		else
166 			/* Ask if an ENGINE is reserved for this job */
167 			impl = ENGINE_get_cipher_engine(cipher->nid);
168 		if(impl)
169 			{
170 			/* There's an ENGINE for this job ... (apparently) */
171 			const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid);
172 			if(!c)
173 				{
174 				/* One positive side-effect of US's export
175 				 * control history, is that we should at least
176 				 * be able to avoid using US mispellings of
177 				 * "initialisation"? */
178 				EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
179 				return 0;
180 				}
181 			/* We'll use the ENGINE's private cipher definition */
182 			cipher = c;
183 			/* Store the ENGINE functional reference so we know
184 			 * 'cipher' came from an ENGINE and we need to release
185 			 * it when done. */
186 			ctx->engine = impl;
187 			}
188 		else
189 			ctx->engine = NULL;
190 #endif
191 		ctx->cipher=cipher;
192 		if (ctx->cipher->ctx_size)
193 			{
194 			ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
195 			if (!ctx->cipher_data)
196 				{
197 				EVPerr(EVP_F_EVP_CIPHERINIT, ERR_R_MALLOC_FAILURE);
198 				return 0;
199 				}
200 			}
201 		else
202 			{
203 			ctx->cipher_data = NULL;
204 			}
205 		ctx->key_len = cipher->key_len;
206 		ctx->flags = 0;
207 		if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT)
208 			{
209 			if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL))
210 				{
211 				EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
212 				return 0;
213 				}
214 			}
215 		}
216 	else if(!ctx->cipher)
217 		{
218 		EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET);
219 		return 0;
220 		}
221 #ifndef OPENSSL_NO_ENGINE
222 skip_to_init:
223 #endif
224 	/* we assume block size is a power of 2 in *cryptUpdate */
225 	OPENSSL_assert(ctx->cipher->block_size == 1
226 	    || ctx->cipher->block_size == 8
227 	    || ctx->cipher->block_size == 16);
228 
229 	if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
230 		switch(EVP_CIPHER_CTX_mode(ctx)) {
231 
232 			case EVP_CIPH_STREAM_CIPHER:
233 			case EVP_CIPH_ECB_MODE:
234 			break;
235 
236 			case EVP_CIPH_CFB_MODE:
237 			case EVP_CIPH_OFB_MODE:
238 
239 			ctx->num = 0;
240 
241 			case EVP_CIPH_CBC_MODE:
242 
243 			OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof ctx->iv);
244 			if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
245 			memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
246 			break;
247 
248 			default:
249 			return 0;
250 			break;
251 		}
252 	}
253 
254 #ifdef OPENSSL_FIPS
255 	/* After 'key' is set no further parameters changes are permissible.
256 	 * So only check for non FIPS enabling at this point.
257 	 */
258 	if (key && FIPS_mode())
259 		{
260 		if (!(ctx->cipher->flags & EVP_CIPH_FLAG_FIPS)
261 			& !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW))
262 			{
263 			EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_DISABLED_FOR_FIPS);
264 			ERR_add_error_data(2, "cipher=",
265 						EVP_CIPHER_name(ctx->cipher));
266 			ctx->cipher = &bad_cipher;
267 			return 0;
268 			}
269 		}
270 #endif
271 
272 	if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
273 		if(!ctx->cipher->init(ctx,key,iv,enc)) return 0;
274 	}
275 	ctx->buf_len=0;
276 	ctx->final_used=0;
277 	ctx->block_mask=ctx->cipher->block_size-1;
278 	return 1;
279 	}
280 
EVP_CipherUpdate(EVP_CIPHER_CTX * ctx,unsigned char * out,int * outl,const unsigned char * in,int inl)281 int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
282 	     const unsigned char *in, int inl)
283 	{
284 	if (ctx->encrypt)
285 		return EVP_EncryptUpdate(ctx,out,outl,in,inl);
286 	else	return EVP_DecryptUpdate(ctx,out,outl,in,inl);
287 	}
288 
EVP_CipherFinal_ex(EVP_CIPHER_CTX * ctx,unsigned char * out,int * outl)289 int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
290 	{
291 	if (ctx->encrypt)
292 		return EVP_EncryptFinal_ex(ctx,out,outl);
293 	else	return EVP_DecryptFinal_ex(ctx,out,outl);
294 	}
295 
EVP_CipherFinal(EVP_CIPHER_CTX * ctx,unsigned char * out,int * outl)296 int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
297 	{
298 	if (ctx->encrypt)
299 		return EVP_EncryptFinal(ctx,out,outl);
300 	else	return EVP_DecryptFinal(ctx,out,outl);
301 	}
302 
EVP_EncryptInit(EVP_CIPHER_CTX * ctx,const EVP_CIPHER * cipher,const unsigned char * key,const unsigned char * iv)303 int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
304 	     const unsigned char *key, const unsigned char *iv)
305 	{
306 	return EVP_CipherInit(ctx, cipher, key, iv, 1);
307 	}
308 
EVP_EncryptInit_ex(EVP_CIPHER_CTX * ctx,const EVP_CIPHER * cipher,ENGINE * impl,const unsigned char * key,const unsigned char * iv)309 int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
310 		const unsigned char *key, const unsigned char *iv)
311 	{
312 	return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
313 	}
314 
EVP_DecryptInit(EVP_CIPHER_CTX * ctx,const EVP_CIPHER * cipher,const unsigned char * key,const unsigned char * iv)315 int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
316 	     const unsigned char *key, const unsigned char *iv)
317 	{
318 	return EVP_CipherInit(ctx, cipher, key, iv, 0);
319 	}
320 
EVP_DecryptInit_ex(EVP_CIPHER_CTX * ctx,const EVP_CIPHER * cipher,ENGINE * impl,const unsigned char * key,const unsigned char * iv)321 int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
322 	     const unsigned char *key, const unsigned char *iv)
323 	{
324 	return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
325 	}
326 
EVP_EncryptUpdate(EVP_CIPHER_CTX * ctx,unsigned char * out,int * outl,const unsigned char * in,int inl)327 int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
328 	     const unsigned char *in, int inl)
329 	{
330 	int i,j,bl;
331 
332 	OPENSSL_assert(inl > 0);
333 	if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0)
334 		{
335 		if(ctx->cipher->do_cipher(ctx,out,in,inl))
336 			{
337 			*outl=inl;
338 			return 1;
339 			}
340 		else
341 			{
342 			*outl=0;
343 			return 0;
344 			}
345 		}
346 	i=ctx->buf_len;
347 	bl=ctx->cipher->block_size;
348 	OPENSSL_assert(bl <= sizeof ctx->buf);
349 	if (i != 0)
350 		{
351 		if (i+inl < bl)
352 			{
353 			memcpy(&(ctx->buf[i]),in,inl);
354 			ctx->buf_len+=inl;
355 			*outl=0;
356 			return 1;
357 			}
358 		else
359 			{
360 			j=bl-i;
361 			memcpy(&(ctx->buf[i]),in,j);
362 			if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,bl)) return 0;
363 			inl-=j;
364 			in+=j;
365 			out+=bl;
366 			*outl=bl;
367 			}
368 		}
369 	else
370 		*outl = 0;
371 	i=inl&(bl-1);
372 	inl-=i;
373 	if (inl > 0)
374 		{
375 		if(!ctx->cipher->do_cipher(ctx,out,in,inl)) return 0;
376 		*outl+=inl;
377 		}
378 
379 	if (i != 0)
380 		memcpy(ctx->buf,&(in[inl]),i);
381 	ctx->buf_len=i;
382 	return 1;
383 	}
384 
EVP_EncryptFinal(EVP_CIPHER_CTX * ctx,unsigned char * out,int * outl)385 int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
386 	{
387 	int ret;
388 	ret = EVP_EncryptFinal_ex(ctx, out, outl);
389 	return ret;
390 	}
391 
EVP_EncryptFinal_ex(EVP_CIPHER_CTX * ctx,unsigned char * out,int * outl)392 int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
393 	{
394 	int i,n,b,bl,ret;
395 
396 	b=ctx->cipher->block_size;
397 	OPENSSL_assert(b <= sizeof ctx->buf);
398 	if (b == 1)
399 		{
400 		*outl=0;
401 		return 1;
402 		}
403 	bl=ctx->buf_len;
404 	if (ctx->flags & EVP_CIPH_NO_PADDING)
405 		{
406 		if(bl)
407 			{
408 			EVPerr(EVP_F_EVP_ENCRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
409 			return 0;
410 			}
411 		*outl = 0;
412 		return 1;
413 		}
414 
415 	n=b-bl;
416 	for (i=bl; i<b; i++)
417 		ctx->buf[i]=n;
418 	ret=ctx->cipher->do_cipher(ctx,out,ctx->buf,b);
419 
420 
421 	if(ret)
422 		*outl=b;
423 
424 	return ret;
425 	}
426 
EVP_DecryptUpdate(EVP_CIPHER_CTX * ctx,unsigned char * out,int * outl,const unsigned char * in,int inl)427 int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
428 	     const unsigned char *in, int inl)
429 	{
430 	int b, fix_len;
431 
432 	if (inl == 0)
433 		{
434 		*outl=0;
435 		return 1;
436 		}
437 
438 	if (ctx->flags & EVP_CIPH_NO_PADDING)
439 		return EVP_EncryptUpdate(ctx, out, outl, in, inl);
440 
441 	b=ctx->cipher->block_size;
442 	OPENSSL_assert(b <= sizeof ctx->final);
443 
444 	if(ctx->final_used)
445 		{
446 		memcpy(out,ctx->final,b);
447 		out+=b;
448 		fix_len = 1;
449 		}
450 	else
451 		fix_len = 0;
452 
453 
454 	if(!EVP_EncryptUpdate(ctx,out,outl,in,inl))
455 		return 0;
456 
457 	/* if we have 'decrypted' a multiple of block size, make sure
458 	 * we have a copy of this last block */
459 	if (b > 1 && !ctx->buf_len)
460 		{
461 		*outl-=b;
462 		ctx->final_used=1;
463 		memcpy(ctx->final,&out[*outl],b);
464 		}
465 	else
466 		ctx->final_used = 0;
467 
468 	if (fix_len)
469 		*outl += b;
470 
471 	return 1;
472 	}
473 
EVP_DecryptFinal(EVP_CIPHER_CTX * ctx,unsigned char * out,int * outl)474 int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
475 	{
476 	int ret;
477 	ret = EVP_DecryptFinal_ex(ctx, out, outl);
478 	return ret;
479 	}
480 
EVP_DecryptFinal_ex(EVP_CIPHER_CTX * ctx,unsigned char * out,int * outl)481 int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
482 	{
483 	int i,b;
484 	int n;
485 
486 	*outl=0;
487 	b=ctx->cipher->block_size;
488 	if (ctx->flags & EVP_CIPH_NO_PADDING)
489 		{
490 		if(ctx->buf_len)
491 			{
492 			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
493 			return 0;
494 			}
495 		*outl = 0;
496 		return 1;
497 		}
498 	if (b > 1)
499 		{
500 		if (ctx->buf_len || !ctx->final_used)
501 			{
502 			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
503 			return(0);
504 			}
505 		OPENSSL_assert(b <= sizeof ctx->final);
506 		n=ctx->final[b-1];
507 		if (n > b)
508 			{
509 			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
510 			return(0);
511 			}
512 		for (i=0; i<n; i++)
513 			{
514 			if (ctx->final[--b] != n)
515 				{
516 				EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
517 				return(0);
518 				}
519 			}
520 		n=ctx->cipher->block_size-n;
521 		for (i=0; i<n; i++)
522 			out[i]=ctx->final[i];
523 		*outl=n;
524 		}
525 	else
526 		*outl=0;
527 	return(1);
528 	}
529 
EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX * c)530 int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
531 	{
532 	if (c->cipher != NULL)
533 		{
534 		if(c->cipher->cleanup && !c->cipher->cleanup(c))
535 			return 0;
536 		/* Cleanse cipher context data */
537 		if (c->cipher_data)
538 			OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
539 		}
540 	if (c->cipher_data)
541 		OPENSSL_free(c->cipher_data);
542 #ifndef OPENSSL_NO_ENGINE
543 	if (c->engine)
544 		/* The EVP_CIPHER we used belongs to an ENGINE, release the
545 		 * functional reference we held for this reason. */
546 		ENGINE_finish(c->engine);
547 #endif
548 	memset(c,0,sizeof(EVP_CIPHER_CTX));
549 	return 1;
550 	}
551 
EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX * c,int keylen)552 int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
553 	{
554 	if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
555 		return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL);
556 	if(c->key_len == keylen) return 1;
557 	if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH))
558 		{
559 		c->key_len = keylen;
560 		return 1;
561 		}
562 	EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH);
563 	return 0;
564 	}
565 
EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX * ctx,int pad)566 int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
567 	{
568 	if (pad) ctx->flags &= ~EVP_CIPH_NO_PADDING;
569 	else ctx->flags |= EVP_CIPH_NO_PADDING;
570 	return 1;
571 	}
572 
EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX * ctx,int type,int arg,void * ptr)573 int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
574 {
575 	int ret;
576 	if(!ctx->cipher) {
577 		EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
578 		return 0;
579 	}
580 
581 	if(!ctx->cipher->ctrl) {
582 		EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
583 		return 0;
584 	}
585 
586 	ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
587 	if(ret == -1) {
588 		EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
589 		return 0;
590 	}
591 	return ret;
592 }
593