]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | #include <stdio.h> | |
11 | #include "internal/cryptlib.h" | |
12 | #include "internal/provider.h" | |
13 | #include <openssl/rand.h> | |
14 | #include <openssl/rsa.h> | |
15 | #include <openssl/evp.h> | |
16 | #include <openssl/objects.h> | |
17 | #include <openssl/x509.h> | |
18 | #include <openssl/evp.h> | |
19 | ||
20 | int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, | |
21 | unsigned char **ek, int *ekl, unsigned char *iv, | |
22 | EVP_PKEY **pubk, int npubk) | |
23 | { | |
24 | unsigned char key[EVP_MAX_KEY_LENGTH]; | |
25 | const OSSL_PROVIDER *prov; | |
26 | OSSL_LIB_CTX *libctx = NULL; | |
27 | EVP_PKEY_CTX *pctx = NULL; | |
28 | const EVP_CIPHER *cipher; | |
29 | int i, len; | |
30 | int rv = 0; | |
31 | ||
32 | if (type != NULL) { | |
33 | EVP_CIPHER_CTX_reset(ctx); | |
34 | if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL)) | |
35 | return 0; | |
36 | } | |
37 | if ((cipher = EVP_CIPHER_CTX_get0_cipher(ctx)) != NULL | |
38 | && (prov = EVP_CIPHER_get0_provider(cipher)) != NULL) | |
39 | libctx = ossl_provider_libctx(prov); | |
40 | if ((npubk <= 0) || !pubk) | |
41 | return 1; | |
42 | ||
43 | if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0) | |
44 | return 0; | |
45 | ||
46 | len = EVP_CIPHER_CTX_get_iv_length(ctx); | |
47 | if (len < 0 || RAND_priv_bytes_ex(libctx, iv, len, 0) <= 0) | |
48 | goto err; | |
49 | ||
50 | len = EVP_CIPHER_CTX_get_key_length(ctx); | |
51 | if (len < 0) | |
52 | goto err; | |
53 | ||
54 | if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv)) | |
55 | goto err; | |
56 | ||
57 | for (i = 0; i < npubk; i++) { | |
58 | size_t keylen = len; | |
59 | ||
60 | pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pubk[i], NULL); | |
61 | if (pctx == NULL) { | |
62 | ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); | |
63 | goto err; | |
64 | } | |
65 | ||
66 | if (EVP_PKEY_encrypt_init(pctx) <= 0 | |
67 | || EVP_PKEY_encrypt(pctx, ek[i], &keylen, key, keylen) <= 0) | |
68 | goto err; | |
69 | ekl[i] = (int)keylen; | |
70 | EVP_PKEY_CTX_free(pctx); | |
71 | } | |
72 | pctx = NULL; | |
73 | rv = npubk; | |
74 | err: | |
75 | EVP_PKEY_CTX_free(pctx); | |
76 | OPENSSL_cleanse(key, sizeof(key)); | |
77 | return rv; | |
78 | } | |
79 | ||
80 | int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) | |
81 | { | |
82 | int i; | |
83 | i = EVP_EncryptFinal_ex(ctx, out, outl); | |
84 | if (i) | |
85 | i = EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, NULL); | |
86 | return i; | |
87 | } |