C++ EVP_CIPHER_CTX_block_size函数代码示例

void encrypt_buf(struct encryption_ctx *ctx, char *buf, int *len) {
    if (_method == EncryptionTable) {
        table_encrypt(buf, *len);
    } else {
        if (ctx->status == STATUS_EMPTY) {
            int iv_len = encryption_iv_len[_method];
            unsigned char iv[EVP_MAX_IV_LENGTH];
            memset(iv, 0, iv_len);
            RAND_bytes(iv, iv_len);
            init_cipher(ctx, iv, iv_len, 1);
            int out_len = *len + EVP_CIPHER_CTX_block_size(ctx->ctx);
            unsigned char *cipher_text = malloc(out_len);
            EVP_CipherUpdate(ctx->ctx, cipher_text, &out_len, buf, *len);
            memcpy(buf, iv, iv_len);
            memcpy(buf + iv_len, cipher_text, out_len);
            *len = iv_len + out_len;
            free(cipher_text);
        } else {
            int out_len = *len + EVP_CIPHER_CTX_block_size(ctx->ctx);
            unsigned char *cipher_text = malloc(out_len);
            EVP_CipherUpdate(ctx->ctx, cipher_text, &out_len, buf, *len);
            memcpy(buf, cipher_text, out_len);
            *len = out_len;
            free(cipher_text);
        }
    }
}

soter_status_t soter_sym_aead_decrypt_update(soter_sym_ctx_t *ctx, const void* cipher_data,  const size_t cipher_data_length, void* plain_data, size_t* plain_data_length){
  if(plain_data==NULL || (*plain_data_length)<(cipher_data_length+EVP_CIPHER_CTX_block_size(&(ctx->evp_sym_ctx))-1)){
    (*plain_data_length)=cipher_data_length+EVP_CIPHER_CTX_block_size(&(ctx->evp_sym_ctx))-1;
    return SOTER_BUFFER_TOO_SMALL;
  }
  return soter_sym_ctx_update(ctx, cipher_data,  cipher_data_length, plain_data, plain_data_length, false);
}

int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
              const EVP_CIPHER *cipher, ENGINE *impl)
{
    static unsigned char zero_iv[EVP_MAX_BLOCK_LENGTH];
#ifdef OPENSSL_FIPS
    if (FIPS_mode()) {
        /* If we have an ENGINE need to allow non FIPS */
        if ((impl || ctx->cctx.engine)
            && !(ctx->cctx.flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) {
            EVPerr(EVP_F_CMAC_INIT, EVP_R_DISABLED_FOR_FIPS);
            return 0;
        }
        /*
         * Other algorithm blocking will be done in FIPS_cmac_init, via
         * FIPS_cipherinit().
         */
        if (!impl && !ctx->cctx.engine)
            return FIPS_cmac_init(ctx, key, keylen, cipher, NULL);
    }
#endif
    /* All zeros means restart */
    if (!key && !cipher && !impl && keylen == 0) {
        /* Not initialised */
        if (ctx->nlast_block == -1)
            return 0;
        if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
            return 0;
        sgx_memset(ctx->tbl, 0, EVP_CIPHER_CTX_block_size(&ctx->cctx));
        ctx->nlast_block = 0;
        return 1;
    }
    /* Initialiase context */
    if (cipher && !EVP_EncryptInit_ex(&ctx->cctx, cipher, impl, NULL, NULL))
        return 0;
    /* Non-NULL key means initialisation complete */
    if (key) {
        int bl;
        if (!EVP_CIPHER_CTX_cipher(&ctx->cctx))
            return 0;
        if (!EVP_CIPHER_CTX_set_key_length(&ctx->cctx, keylen))
            return 0;
        if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, key, zero_iv))
            return 0;
        bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
        if (!EVP_Cipher(&ctx->cctx, ctx->tbl, zero_iv, bl))
            return 0;
        make_kn(ctx->k1, ctx->tbl, bl);
        make_kn(ctx->k2, ctx->k1, bl);
        OPENSSL_cleanse(ctx->tbl, bl);
        /* Reset context again ready for first data block */
        if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
            return 0;
        /* Zero tbl so resume works */
        sgx_memset(ctx->tbl, 0, bl);
        ctx->nlast_block = 0;
    }
    return 1;
}

// 입력 파라미터: byte *msg; int msg_len; byte *key;
// 출력 파라미터: byte **enc_msg; int *enc_msg_len;
int encryptAES(byte *msg, int msg_len, byte *key, byte **enc_msg, int *enc_msg_len )
{

		int result = TRUE;
		int templen;

		// EVP 객체를 이용한 AES 암호화
		// ctx(암호화에 사용되는 데이터들이 저장되는 임시 저장소) 초기화
		EVP_CIPHER_CTX ctx;
		EVP_CIPHER_CTX_init(&ctx);

		// 초기화: 암호 알고리즘 할당, 키 할당, IV 할당
		EVP_EncryptInit_ex(&ctx, EVP_des_ofb(), NULL, key, IVseedConstant);

		// 초기화 끝난 후에 암호문 저장될 메모리 할당
		*enc_msg = malloc( msg_len + EVP_CIPHER_CTX_block_size(&ctx) );
		if( enc_msg == NULL )
				return FALSE;

		// 업데이트: 메시지 암호화(마지막 블록 제외)
		if(!EVP_EncryptUpdate(&ctx, *enc_msg, enc_msg_len, msg, msg_len))
				result = FALSE;

		// 종료: 마지막 블록 암호화
		if(!EVP_EncryptFinal_ex(&ctx, enc_msg+(*enc_msg_len), &templen))
				result = FALSE;

		EVP_CIPHER_CTX_cleanup(&ctx);

		return result;
}

/*
 *  call-seq:
 *     cipher.update(data [, buffer]) -> string or buffer
 *
 *  Encrypts data in a streaming fashion. Hand consecutive blocks of data
 *  to the +update+ method in order to encrypt it. Returns the encrypted
 *  data chunk. When done, the output of Cipher#final should be additionally
 *  added to the result.
 *
 *  === Parameters
 *  +data+ is a nonempty string.
 *  +buffer+ is an optional string to store the result.
 */
static VALUE
ossl_cipher_update(int argc, VALUE *argv, VALUE self)
{
    EVP_CIPHER_CTX *ctx;
    unsigned char *in;
    long in_len, out_len;
    VALUE data, str;

    rb_scan_args(argc, argv, "11", &data, &str);

    StringValue(data);
    in = (unsigned char *)RSTRING_PTR(data);
    if ((in_len = RSTRING_LEN(data)) == 0)
        ossl_raise(rb_eArgError, "data must not be empty");
    GetCipher(self, ctx);
    out_len = in_len+EVP_CIPHER_CTX_block_size(ctx);
    if (out_len <= 0) {
	ossl_raise(rb_eRangeError,
		   "data too big to make output buffer: %ld bytes", in_len);
    }

    if (NIL_P(str)) {
        str = rb_str_new(0, out_len);
    } else {
        StringValue(str);
        rb_str_resize(str, out_len);
    }

    if (!ossl_cipher_update_long(ctx, (unsigned char *)RSTRING_PTR(str), &out_len, in, in_len))
	ossl_raise(eCipherError, NULL);
    assert(out_len < RSTRING_LEN(str));
    rb_str_set_len(str, out_len);

    return str;
}

static int
do_cipher(EVP_CIPHER_CTX *cipher_ctx, const u8 *in, size_t in_len,
		u8 **out, size_t *out_len)
{
	const u8 *end;
	u8	*p;
	size_t	bl, done, left, total;

	*out = p = (u8 *) malloc(in_len + EVP_CIPHER_CTX_key_length(cipher_ctx));
	*out_len = total = 0;

	bl = EVP_CIPHER_CTX_block_size(cipher_ctx);
	end = in + in_len;
	while (in < end) {
		if ((left = end - in) > bl)
			left = bl;
		if (!EVP_CipherUpdate(cipher_ctx,
					p + total, (int *) &done,
					(u8 *) in, (int)left))
			goto fail;
		total += done;
		in += left;
	}
	if (1 || total < in_len) {
		if (!EVP_CipherFinal(cipher_ctx, p + total, (int *) &done))
			goto fail;
		total += done;
	}
	*out_len = total;
	return 0;

fail:	free(p);
	return SC_ERROR_INTERNAL;
}

bool AesPasswordCipher::decrypt(const uint8_t* input, size_t input_size, std::vector<uint8_t>& output) {
	if(!evpCipher)
		evpCipher.reset(EVP_CIPHER_CTX_new());

	if(EVP_DecryptInit_ex(evpCipher.get(), EVP_aes_128_cbc(), nullptr, key, key + 16) <= 0)
		return false;

	int bytesWritten = 0;
	size_t totalLength = 0;
	int blockSize = EVP_CIPHER_CTX_block_size(evpCipher.get());
	output.resize(input_size + blockSize);

	if(EVP_DecryptUpdate(evpCipher.get(), &output[0], &bytesWritten, input, input_size) <= 0)
		return false;

	totalLength += bytesWritten;

	if(EVP_DecryptFinal_ex(evpCipher.get(), &output[0] + totalLength, &bytesWritten) <= 0)
		return false;

	totalLength += bytesWritten;
	output.resize(totalLength);

	return true;
}

void encryptfile(FILE * fpin,FILE* fpout,unsigned char* key, unsigned char* iv)
{
	//Using openssl EVP to encrypt a file

	
	const unsigned bufsize = 4096;
	unsigned char* read_buf = malloc(bufsize);
	unsigned char* cipher_buf ;
	unsigned blocksize;
	int out_len;

	EVP_CIPHER_CTX ctx;

	EVP_CipherInit(&ctx,EVP_aes_256_cbc(),key,iv,1);
	blocksize = EVP_CIPHER_CTX_block_size(&ctx);
	cipher_buf = malloc(bufsize+blocksize);

	// read file and write encrypted file until eof
	while(1)
	{
		int bytes_read = fread(read_buf,sizeof(unsigned char),bufsize,fpin);
		EVP_CipherUpdate(&ctx,cipher_buf,&out_len,read_buf, bytes_read);
		fwrite(cipher_buf,sizeof(unsigned char),out_len,fpout);
		if(bytes_read < bufsize)
		{
			break;//EOF
		}
	}

	EVP_CipherFinal(&ctx,cipher_buf,&out_len);
	fwrite(cipher_buf,sizeof(unsigned char),out_len,fpout);

	free(cipher_buf);
	free(read_buf);
}

int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen)
	{
	int i, bl, lb;
#ifdef OPENSSL_FIPS
	if (FIPS_mode() && !ctx->cctx.engine)
		return FIPS_cmac_final(ctx, out, poutlen);
#endif
	if (ctx->nlast_block == -1)
		return 0;
	bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
	*poutlen = (size_t)bl;
	if (!out)
		return 1;
	lb = ctx->nlast_block;
	/* Is last block complete? */
	if (lb == bl)
		{
		for (i = 0; i < bl; i++)
			out[i] = ctx->last_block[i] ^ ctx->k1[i];
		}
	else
		{
		ctx->last_block[lb] = 0x80;
		if (bl - lb > 1)
			memset(ctx->last_block + lb + 1, 0, bl - lb - 1);
		for (i = 0; i < bl; i++)
			out[i] = ctx->last_block[i] ^ ctx->k2[i];
		}
	if (!EVP_Cipher(&ctx->cctx, out, out, bl))
		{
		OPENSSL_cleanse(out, bl);	
		return 0;
		}
	return 1;
	}

std::string problem07() {
    std::ifstream instream;
    instream.open(rootdir + "res/p7.txt", std::ios::in);
    if (!instream.is_open()) {
        std::cerr << "Can't open p7.txt\n";
        return std::string("p07 failed.\n");
    }
    std::string in{};
    std::string line;
    while(std::getline(instream, line)) {
        in += line;
    }
    BinaryBlob b7 = BinaryBlob(in, 64);
    int num_bytes = b7.size();
    int act_num_bytes = 0, tot_bytes = 0;
    unsigned char key[] = "YELLOW SUBMARINE";
    EVP_CIPHER_CTX* my_cipher_ctx = EVP_CIPHER_CTX_new();
    EVP_DecryptInit_ex(my_cipher_ctx, EVP_aes_128_ecb(), NULL, key, NULL);
    unsigned char* out = (unsigned char *) malloc(num_bytes * 2 + EVP_CIPHER_CTX_block_size(my_cipher_ctx));
    if (!out)
        return  "p7 - OOM\n";
    EVP_DecryptUpdate(my_cipher_ctx, out, &act_num_bytes, b7.getRawBuf(), num_bytes);
    tot_bytes += act_num_bytes;
    EVP_DecryptFinal_ex(my_cipher_ctx, out + act_num_bytes, &act_num_bytes);
    tot_bytes += act_num_bytes;
    EVP_CIPHER_CTX_free(my_cipher_ctx);
    BinaryBlob s7 = BinaryBlob(out, tot_bytes);
    return s7.ascii();
}

int
XCBC_Final(XCBC_CTX *xctx,
	   uint8_t  *out)
{
	int bl, n, outl;

	bl = EVP_CIPHER_CTX_block_size(xctx->ctx);

	/* xctx->r = M[n] */
	if (xctx->size == bl) {
		for (n = 0; n < bl; n++)
			xctx->m[n] = xctx->r[n] ^ xctx->e[n] ^ xctx->k2[n];
	} else {
		for (n = xctx->size; n < bl; n++)
			xctx->r[n] = (n == xctx->size) ? 0x80 : 0x00;
		for (n = 0; n < bl; n++) {
			xctx->m[n] = xctx->r[n] ^ xctx->e[n] ^ xctx->k3[n];
		}
	}
	OPENSSL_try(EVP_CipherUpdate(xctx->ctx,
				     xctx->e, &outl,
				     xctx->m, bl),
		    "cipher update error (finalizing)", return0);
	memcpy(out, xctx->e, bl);

	return 1;

return0:
	return 0;
}

/*
 *  call-seq:
 *     cipher.update(data [, buffer]) -> string or buffer
 *
 *  === Parameters
 *  +data+ is a nonempty string.
 *  +buffer+ is an optional string to store the result.
 */
static VALUE 
ossl_cipher_update(int argc, VALUE *argv, VALUE self)
{
    EVP_CIPHER_CTX *ctx;
    char *in;
    int in_len, out_len;
    VALUE data, str;

    rb_scan_args(argc, argv, "11", &data, &str);

    StringValue(data);
    in = RSTRING_PTR(data);
    if ((in_len = RSTRING_LEN(data)) == 0)
        rb_raise(rb_eArgError, "data must not be empty");
    GetCipher(self, ctx);
    out_len = in_len+EVP_CIPHER_CTX_block_size(ctx);

    if (NIL_P(str)) {
        str = rb_str_new(0, out_len);
    } else {
        StringValue(str);
        rb_str_resize(str, out_len);
    }

    if (!EVP_CipherUpdate(ctx, RSTRING_PTR(str), &out_len, in, in_len))
	ossl_raise(eCipherError, NULL);
    assert(out_len < RSTRING_LEN(str));
    rb_str_set_len(str, out_len);

    return str;
}

int
XCBC_Init(XCBC_CTX *xctx,
	  const uint8_t const *k)
{
	int bl, outl;
	EVP_CIPHER_CTX *ctx;
	uint8_t k1[XCBC_MAX_BLOCK_LENGTH];

	ctx = xctx->ctx;

	EVP_CIPHER_CTX_init(ctx);
	OPENSSL_try(EVP_CipherInit_ex(ctx, EVP_aes_128_ecb(), NULL, k, NULL, 1),
		    "cipher init error", return0);
	bl = EVP_CIPHER_CTX_block_size((const EVP_CIPHER_CTX *)ctx);
	OPENSSL_try(EVP_CipherUpdate(ctx,       k1, &outl, ks1, bl),
		    "cipher update error (k1)", return0);
	OPENSSL_try(EVP_CipherUpdate(ctx, xctx->k2, &outl, ks2, bl),
		    "cipher update error (k2)", return0);
	OPENSSL_try(EVP_CipherUpdate(ctx, xctx->k3, &outl, ks3, bl),
		    "cipher update error (k3)", return0);

	OPENSSL_try(EVP_CipherInit_ex(ctx, NULL, NULL, k1, NULL, -1),
		    "cipher reset error", return0);
	memset(xctx->e, 0, bl);
	xctx->size = 0;

	return 1;

return0:
	return 0;
}

unsigned char * aes_oneshot_encrypt( unsigned char * key, int key_len,
                                     unsigned char * salt, int salt_len,
                                     unsigned char * data, int data_len,
                                     int * out_len)
{
   int             nalloc    = 0;
   int             npartial  = 0;
   int             nfinal    = 0;
   unsigned char * encrypted = 0;
   unsigned char   key_buff[SHA256_DIGEST_LENGTH];
   unsigned char   iv_buff[SHA256_DIGEST_LENGTH];

   *out_len = 0;
   
   SHA256( key, key_len, key_buff );
   SHA256( salt, salt_len, iv_buff );

   EVP_CIPHER_CTX ctx;

   EVP_EncryptInit(&ctx, EVP_aes_256_cbc(), key_buff, iv_buff);

   nalloc = data_len + EVP_CIPHER_CTX_block_size(&ctx);

   encrypted = malloc( nalloc );

   EVP_EncryptUpdate(&ctx, encrypted, &npartial, data, data_len);

   
   EVP_EncryptFinal_ex(&ctx, encrypted+npartial, &nfinal);

   *out_len = npartial + nfinal;
   
   return encrypted;
}

soter_status_t soter_sym_ctx_final(soter_sym_ctx_t *ctx,
				   void* out_data,
				   size_t* out_data_length,
				   bool encrypt){
  if((ctx->alg&SOTER_SYM_PADDING_MASK)!=0){
    if((*out_data_length)<EVP_CIPHER_CTX_block_size(&(ctx->evp_sym_ctx))){
      (*out_data_length)=EVP_CIPHER_CTX_block_size(&(ctx->evp_sym_ctx));
      return SOTER_BUFFER_TOO_SMALL;
    }
  }
  if(encrypt){
    SOTER_CHECK(EVP_EncryptFinal(&(ctx->evp_sym_ctx), out_data, (int*)out_data_length)!=0);
  } else {
    SOTER_CHECK(EVP_DecryptFinal(&(ctx->evp_sym_ctx), out_data, (int*)out_data_length)!=0);
  }    
  return SOTER_SUCCESS;
}