GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: lib/libcrypto/evp/evp_enc.c Lines: 199 310 64.2 %
Date: 2017-11-07 Branches: 116 205 56.6 %

Line Branch Exec Source
1
/* $OpenBSD: evp_enc.c,v 1.36 2017/01/29 17:49:23 beck Exp $ */
2
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3
 * All rights reserved.
4
 *
5
 * This package is an SSL implementation written
6
 * by Eric Young (eay@cryptsoft.com).
7
 * The implementation was written so as to conform with Netscapes SSL.
8
 *
9
 * This library is free for commercial and non-commercial use as long as
10
 * the following conditions are aheared to.  The following conditions
11
 * apply to all code found in this distribution, be it the RC4, RSA,
12
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13
 * included with this distribution is covered by the same copyright terms
14
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15
 *
16
 * Copyright remains Eric Young's, and as such any Copyright notices in
17
 * the code are not to be removed.
18
 * If this package is used in a product, Eric Young should be given attribution
19
 * as the author of the parts of the library used.
20
 * This can be in the form of a textual message at program startup or
21
 * in documentation (online or textual) provided with the package.
22
 *
23
 * Redistribution and use in source and binary forms, with or without
24
 * modification, are permitted provided that the following conditions
25
 * are met:
26
 * 1. Redistributions of source code must retain the copyright
27
 *    notice, this list of conditions and the following disclaimer.
28
 * 2. Redistributions in binary form must reproduce the above copyright
29
 *    notice, this list of conditions and the following disclaimer in the
30
 *    documentation and/or other materials provided with the distribution.
31
 * 3. All advertising materials mentioning features or use of this software
32
 *    must display the following acknowledgement:
33
 *    "This product includes cryptographic software written by
34
 *     Eric Young (eay@cryptsoft.com)"
35
 *    The word 'cryptographic' can be left out if the rouines from the library
36
 *    being used are not cryptographic related :-).
37
 * 4. If you include any Windows specific code (or a derivative thereof) from
38
 *    the apps directory (application code) you must include an acknowledgement:
39
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40
 *
41
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51
 * SUCH DAMAGE.
52
 *
53
 * The licence and distribution terms for any publically available version or
54
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
55
 * copied and put under another distribution licence
56
 * [including the GNU Public Licence.]
57
 */
58
59
#include <stdio.h>
60
#include <stdlib.h>
61
#include <string.h>
62
63
#include <sys/types.h>
64
65
#include <openssl/opensslconf.h>
66
67
#include <openssl/err.h>
68
#include <openssl/evp.h>
69
70
#ifndef OPENSSL_NO_ENGINE
71
#include <openssl/engine.h>
72
#endif
73
74
#include "evp_locl.h"
75
76
#define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl)
77
78
void
79
EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
80
{
81
4436
	memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
82
2218
}
83
84
EVP_CIPHER_CTX *
85
EVP_CIPHER_CTX_new(void)
86
{
87
1312
	return calloc(1, sizeof(EVP_CIPHER_CTX));
88
}
89
90
int
91
EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
92
    const unsigned char *key, const unsigned char *iv, int enc)
93
{
94
	if (cipher)
95
		EVP_CIPHER_CTX_init(ctx);
96
	return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc);
97
}
98
99
int
100
EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
101
    const unsigned char *key, const unsigned char *iv, int enc)
102
{
103
7864
	if (enc == -1)
104
		enc = ctx->encrypt;
105
	else {
106
3932
		if (enc)
107
2220
			enc = 1;
108
3932
		ctx->encrypt = enc;
109
	}
110
#ifndef OPENSSL_NO_ENGINE
111
	/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
112
	 * so this context may already have an ENGINE! Try to avoid releasing
113
	 * the previous handle, re-querying for an ENGINE, and having a
114
	 * reinitialisation, when it may all be unecessary. */
115

3932
	if (ctx->engine && ctx->cipher &&
116
	    (!cipher || (cipher && (cipher->nid == ctx->cipher->nid))))
117
		goto skip_to_init;
118
#endif
119
3932
	if (cipher) {
120
		/* Ensure a context left lying around from last time is cleared
121
		 * (the previous check attempted to avoid this if the same
122
		 * ENGINE and EVP_CIPHER could be used). */
123
3192
		if (ctx->cipher) {
124
396
			unsigned long flags = ctx->flags;
125
396
			EVP_CIPHER_CTX_cleanup(ctx);
126
			/* Restore encrypt and flags */
127
396
			ctx->encrypt = enc;
128
396
			ctx->flags = flags;
129
396
		}
130
#ifndef OPENSSL_NO_ENGINE
131
3192
		if (impl) {
132
			if (!ENGINE_init(impl)) {
133
				EVPerror(EVP_R_INITIALIZATION_ERROR);
134
				return 0;
135
			}
136
		} else
137
			/* Ask if an ENGINE is reserved for this job */
138
3192
			impl = ENGINE_get_cipher_engine(cipher->nid);
139
3192
		if (impl) {
140
			/* There's an ENGINE for this job ... (apparently) */
141
			const EVP_CIPHER *c =
142
			    ENGINE_get_cipher(impl, cipher->nid);
143
			if (!c) {
144
				EVPerror(EVP_R_INITIALIZATION_ERROR);
145
				return 0;
146
			}
147
			/* We'll use the ENGINE's private cipher definition */
148
			cipher = c;
149
			/* Store the ENGINE functional reference so we know
150
			 * 'cipher' came from an ENGINE and we need to release
151
			 * it when done. */
152
			ctx->engine = impl;
153
		} else
154
3192
			ctx->engine = NULL;
155
#endif
156
157
3192
		ctx->cipher = cipher;
158
3192
		if (ctx->cipher->ctx_size) {
159
3144
			ctx->cipher_data = malloc(ctx->cipher->ctx_size);
160
3144
			if (!ctx->cipher_data) {
161
				EVPerror(ERR_R_MALLOC_FAILURE);
162
				return 0;
163
			}
164
		} else {
165
48
			ctx->cipher_data = NULL;
166
		}
167
3192
		ctx->key_len = cipher->key_len;
168
3192
		ctx->flags = 0;
169
3192
		if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
170
148
			if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
171
				EVPerror(EVP_R_INITIALIZATION_ERROR);
172
				return 0;
173
			}
174
		}
175
740
	} else if (!ctx->cipher) {
176
		EVPerror(EVP_R_NO_CIPHER_SET);
177
		return 0;
178
	}
179
#ifndef OPENSSL_NO_ENGINE
180
skip_to_init:
181
#endif
182
	/* we assume block size is a power of 2 in *cryptUpdate */
183

5826
	if (ctx->cipher->block_size != 1 &&
184
2518
	    ctx->cipher->block_size != 8 &&
185
1894
	    ctx->cipher->block_size != 16) {
186
		EVPerror(EVP_R_BAD_BLOCK_LENGTH);
187
		return 0;
188
	}
189
190
3932
	if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
191

8060
		switch (EVP_CIPHER_CTX_mode(ctx)) {
192
193
		case EVP_CIPH_STREAM_CIPHER:
194
		case EVP_CIPH_ECB_MODE:
195
			break;
196
197
		case EVP_CIPH_CFB_MODE:
198
		case EVP_CIPH_OFB_MODE:
199
200
1136
			ctx->num = 0;
201
			/* fall-through */
202
203
		case EVP_CIPH_CBC_MODE:
204
205
2938
			if ((size_t)EVP_CIPHER_CTX_iv_length(ctx) >
206
			    sizeof(ctx->iv)) {
207
				EVPerror(EVP_R_IV_TOO_LARGE);
208
				return 0;
209
			}
210
2938
			if (iv)
211
4700
				memcpy(ctx->oiv, iv,
212
2350
				    EVP_CIPHER_CTX_iv_length(ctx));
213
5876
			memcpy(ctx->iv, ctx->oiv,
214
2938
			    EVP_CIPHER_CTX_iv_length(ctx));
215
2938
			break;
216
217
		case EVP_CIPH_CTR_MODE:
218
54
			ctx->num = 0;
219
			/* Don't reuse IV for CTR mode */
220
54
			if (iv)
221
108
				memcpy(ctx->iv, iv,
222
54
				    EVP_CIPHER_CTX_iv_length(ctx));
223
			break;
224
225
		default:
226
			return 0;
227
			break;
228
		}
229
	}
230
231

4688
	if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
232
3176
		if (!ctx->cipher->init(ctx, key, iv, enc))
233
			return 0;
234
	}
235
3932
	ctx->buf_len = 0;
236
3932
	ctx->final_used = 0;
237
3932
	ctx->block_mask = ctx->cipher->block_size - 1;
238
3932
	return 1;
239
3932
}
240
241
int
242
EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
243
    const unsigned char *in, int inl)
244
{
245
6036
	if (ctx->encrypt)
246
1698
		return EVP_EncryptUpdate(ctx, out, outl, in, inl);
247
	else
248
1320
		return EVP_DecryptUpdate(ctx, out, outl, in, inl);
249
3018
}
250
251
int
252
EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
253
{
254
1332
	if (ctx->encrypt)
255
326
		return EVP_EncryptFinal_ex(ctx, out, outl);
256
	else
257
340
		return EVP_DecryptFinal_ex(ctx, out, outl);
258
666
}
259
260
__warn_references(EVP_CipherFinal,
261
    "warning: EVP_CipherFinal is often misused, please use EVP_CipherFinal_ex and EVP_CIPHER_CTX_cleanup");
262
263
int
264
EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
265
{
266
	int ret;
267
	if (ctx->encrypt)
268
		ret = EVP_EncryptFinal_ex(ctx, out, outl);
269
	else
270
		ret = EVP_DecryptFinal_ex(ctx, out, outl);
271
	return ret;
272
}
273
274
int
275
EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
276
    const unsigned char *key, const unsigned char *iv)
277
{
278
	return EVP_CipherInit(ctx, cipher, key, iv, 1);
279
}
280
281
int
282
EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
283
    const unsigned char *key, const unsigned char *iv)
284
{
285
2484
	return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
286
}
287
288
int
289
EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
290
    const unsigned char *key, const unsigned char *iv)
291
{
292
	return EVP_CipherInit(ctx, cipher, key, iv, 0);
293
}
294
295
int
296
EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
297
    const unsigned char *key, const unsigned char *iv)
298
{
299
1380
	return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
300
}
301
302
int
303
EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
304
    const unsigned char *in, int inl)
305
{
306
	int i, j, bl;
307
308
9692
	if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
309
		i = M_do_cipher(ctx, out, in, inl);
310
		if (i < 0)
311
			return 0;
312
		else
313
			*outl = i;
314
		return 1;
315
	}
316
317
4846
	if (inl <= 0) {
318
		*outl = 0;
319
		return inl == 0;
320
	}
321
322

8636
	if (ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) {
323
3276
		if (M_do_cipher(ctx, out, in, inl)) {
324
3276
			*outl = inl;
325
3276
			return 1;
326
		} else {
327
			*outl = 0;
328
			return 0;
329
		}
330
	}
331
1570
	i = ctx->buf_len;
332
1570
	bl = ctx->cipher->block_size;
333
1570
	if ((size_t)bl > sizeof(ctx->buf)) {
334
		EVPerror(EVP_R_BAD_BLOCK_LENGTH);
335
		*outl = 0;
336
		return 0;
337
	}
338
1570
	if (i != 0) {
339
1056
		if (bl - i > inl) {
340
			memcpy(&(ctx->buf[i]), in, inl);
341
			ctx->buf_len += inl;
342
			*outl = 0;
343
			return 1;
344
		} else {
345
			j = bl - i;
346
1056
			memcpy(&(ctx->buf[i]), in, j);
347
1056
			if (!M_do_cipher(ctx, out, ctx->buf, bl))
348
				return 0;
349
1056
			inl -= j;
350
1056
			in += j;
351
1056
			out += bl;
352
1056
			*outl = bl;
353
		}
354
1056
	} else
355
514
		*outl = 0;
356
1570
	i = inl&(bl - 1);
357
1570
	inl -= i;
358
1570
	if (inl > 0) {
359
1570
		if (!M_do_cipher(ctx, out, in, inl))
360
			return 0;
361
1570
		*outl += inl;
362
1570
	}
363
364
1570
	if (i != 0)
365
1482
		memcpy(ctx->buf, &(in[inl]), i);
366
1570
	ctx->buf_len = i;
367
1570
	return 1;
368
4846
}
369
370
__warn_references(EVP_EncryptFinal,
371
    "warning: EVP_EncryptFinal is often misused, please use EVP_EncryptFinal_ex and EVP_CIPHER_CTX_cleanup");
372
373
int
374
EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
375
{
376
	int ret;
377
378
	ret = EVP_EncryptFinal_ex(ctx, out, outl);
379
	return ret;
380
}
381
382
int
383
EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
384
{
385
	int n, ret;
386
	unsigned int i, b, bl;
387
388
2880
	if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
389
		ret = M_do_cipher(ctx, out, NULL, 0);
390
		if (ret < 0)
391
			return 0;
392
		else
393
			*outl = ret;
394
		return 1;
395
	}
396
397
1440
	b = ctx->cipher->block_size;
398
1440
	if (b > sizeof ctx->buf) {
399
		EVPerror(EVP_R_BAD_BLOCK_LENGTH);
400
		return 0;
401
	}
402
1440
	if (b == 1) {
403
616
		*outl = 0;
404
616
		return 1;
405
	}
406
824
	bl = ctx->buf_len;
407
824
	if (ctx->flags & EVP_CIPH_NO_PADDING) {
408
396
		if (bl) {
409
			EVPerror(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
410
			return 0;
411
		}
412
396
		*outl = 0;
413
396
		return 1;
414
	}
415
416
428
	n = b - bl;
417
7090
	for (i = bl; i < b; i++)
418
3117
		ctx->buf[i] = n;
419
428
	ret = M_do_cipher(ctx, out, ctx->buf, b);
420
421
422
428
	if (ret)
423
428
		*outl = b;
424
425
428
	return ret;
426
1440
}
427
428
int
429
EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
430
    const unsigned char *in, int inl)
431
{
432
	int fix_len;
433
	unsigned int b;
434
435
4020
	if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
436
		fix_len = M_do_cipher(ctx, out, in, inl);
437
		if (fix_len < 0) {
438
			*outl = 0;
439
			return 0;
440
		} else
441
			*outl = fix_len;
442
		return 1;
443
	}
444
445
2010
	if (inl <= 0) {
446
		*outl = 0;
447
		return inl == 0;
448
	}
449
450
2010
	if (ctx->flags & EVP_CIPH_NO_PADDING)
451
684
		return EVP_EncryptUpdate(ctx, out, outl, in, inl);
452
453
1326
	b = ctx->cipher->block_size;
454
1326
	if (b > sizeof ctx->final) {
455
		EVPerror(EVP_R_BAD_BLOCK_LENGTH);
456
		return 0;
457
	}
458
459
1326
	if (ctx->final_used) {
460
		memcpy(out, ctx->final, b);
461
		out += b;
462
		fix_len = 1;
463
	} else
464
		fix_len = 0;
465
466
467
1326
	if (!EVP_EncryptUpdate(ctx, out, outl, in, inl))
468
		return 0;
469
470
	/* if we have 'decrypted' a multiple of block size, make sure
471
	 * we have a copy of this last block */
472

1970
	if (b > 1 && !ctx->buf_len) {
473
204
		*outl -= b;
474
204
		ctx->final_used = 1;
475
204
		memcpy(ctx->final, &out[*outl], b);
476
204
	} else
477
1122
		ctx->final_used = 0;
478
479
1326
	if (fix_len)
480
		*outl += b;
481
482
1326
	return 1;
483
2010
}
484
485
__warn_references(EVP_DecryptFinal,
486
    "warning: EVP_DecryptFinal is often misused, please use EVP_DecryptFinal_ex and EVP_CIPHER_CTX_cleanup");
487
488
int
489
EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
490
{
491
	int ret;
492
493
	ret = EVP_DecryptFinal_ex(ctx, out, outl);
494
	return ret;
495
}
496
497
int
498
EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
499
{
500
	int i, n;
501
	unsigned int b;
502
2060
	*outl = 0;
503
504
1030
	if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
505
		i = M_do_cipher(ctx, out, NULL, 0);
506
		if (i < 0)
507
			return 0;
508
		else
509
			*outl = i;
510
		return 1;
511
	}
512
513
1030
	b = ctx->cipher->block_size;
514
1030
	if (ctx->flags & EVP_CIPH_NO_PADDING) {
515
684
		if (ctx->buf_len) {
516
			EVPerror(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
517
			return 0;
518
		}
519
684
		*outl = 0;
520
684
		return 1;
521
	}
522
346
	if (b > 1) {
523

408
		if (ctx->buf_len || !ctx->final_used) {
524
			EVPerror(EVP_R_WRONG_FINAL_BLOCK_LENGTH);
525
			return (0);
526
		}
527
204
		if (b > sizeof ctx->final) {
528
			EVPerror(EVP_R_BAD_BLOCK_LENGTH);
529
			return 0;
530
		}
531
204
		n = ctx->final[b - 1];
532

408
		if (n == 0 || n > (int)b) {
533
			EVPerror(EVP_R_BAD_DECRYPT);
534
			return (0);
535
		}
536
2846
		for (i = 0; i < n; i++) {
537
1219
			if (ctx->final[--b] != n) {
538
				EVPerror(EVP_R_BAD_DECRYPT);
539
				return (0);
540
			}
541
		}
542
204
		n = ctx->cipher->block_size - n;
543
2674
		for (i = 0; i < n; i++)
544
1133
			out[i] = ctx->final[i];
545
204
		*outl = n;
546
204
	} else
547
142
		*outl = 0;
548
346
	return (1);
549
1030
}
550
551
void
552
EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
553
{
554
81548
	if (ctx) {
555
656
		EVP_CIPHER_CTX_cleanup(ctx);
556
656
		free(ctx);
557
656
	}
558
40774
}
559
560
int
561
EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
562
{
563
6696
	if (c->cipher != NULL) {
564

3270
		if (c->cipher->cleanup && !c->cipher->cleanup(c))
565
			return 0;
566
		/* Cleanse cipher context data */
567
3270
		if (c->cipher_data)
568
3222
			explicit_bzero(c->cipher_data, c->cipher->ctx_size);
569
	}
570
3348
	free(c->cipher_data);
571
#ifndef OPENSSL_NO_ENGINE
572
3348
	if (c->engine)
573
		/* The EVP_CIPHER we used belongs to an ENGINE, release the
574
		 * functional reference we held for this reason. */
575
		ENGINE_finish(c->engine);
576
#endif
577
3348
	explicit_bzero(c, sizeof(EVP_CIPHER_CTX));
578
3348
	return 1;
579
3348
}
580
581
int
582
EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
583
{
584
52
	if (c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
585
		return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH,
586
		    keylen, NULL);
587
26
	if (c->key_len == keylen)
588
26
		return 1;
589
	if ((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) {
590
		c->key_len = keylen;
591
		return 1;
592
	}
593
	EVPerror(EVP_R_INVALID_KEY_LENGTH);
594
	return 0;
595
26
}
596
597
int
598
EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
599
{
600
4518
	if (pad)
601
1506
		ctx->flags &= ~EVP_CIPH_NO_PADDING;
602
	else
603
1506
		ctx->flags |= EVP_CIPH_NO_PADDING;
604
1506
	return 1;
605
}
606
607
int
608
EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
609
{
610
	int ret;
611
612
3064
	if (!ctx->cipher) {
613
		EVPerror(EVP_R_NO_CIPHER_SET);
614
		return 0;
615
	}
616
617
1532
	if (!ctx->cipher->ctrl) {
618
14
		EVPerror(EVP_R_CTRL_NOT_IMPLEMENTED);
619
14
		return 0;
620
	}
621
622
1518
	ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
623
1518
	if (ret == -1) {
624
2
		EVPerror(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
625
2
		return 0;
626
	}
627
1516
	return ret;
628
1532
}
629
630
int
631
EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
632
{
633
24
	if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
634
		return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
635
12
	arc4random_buf(key, ctx->key_len);
636
12
	return 1;
637
12
}
638
639
int
640
EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
641
{
642

234
	if ((in == NULL) || (in->cipher == NULL)) {
643
		EVPerror(EVP_R_INPUT_NOT_INITIALIZED);
644
		return 0;
645
	}
646
#ifndef OPENSSL_NO_ENGINE
647
	/* Make sure it's safe to copy a cipher context using an ENGINE */
648

78
	if (in->engine && !ENGINE_init(in->engine)) {
649
		EVPerror(ERR_R_ENGINE_LIB);
650
		return 0;
651
	}
652
#endif
653
654
78
	EVP_CIPHER_CTX_cleanup(out);
655
78
	memcpy(out, in, sizeof *out);
656
657

156
	if (in->cipher_data && in->cipher->ctx_size) {
658
78
		out->cipher_data = malloc(in->cipher->ctx_size);
659
78
		if (!out->cipher_data) {
660
			EVPerror(ERR_R_MALLOC_FAILURE);
661
			return 0;
662
		}
663
78
		memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
664
78
	}
665
666
78
	if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
667
		return in->cipher->ctrl((EVP_CIPHER_CTX *)in,
668
		    EVP_CTRL_COPY, 0, out);
669
78
	return 1;
670
78
}