本文整理汇总了C++中EVP_CIPHER_CTX_ctrl函数的典型用法代码示例。如果您正苦于以下问题:C++ EVP_CIPHER_CTX_ctrl函数的具体用法?C++ EVP_CIPHER_CTX_ctrl怎么用?C++ EVP_CIPHER_CTX_ctrl使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了EVP_CIPHER_CTX_ctrl函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: cipher_set_keyiv
int
cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv, size_t len)
{
#ifdef WITH_OPENSSL
const struct sshcipher *c = cc->cipher;
int evplen = 0;
#endif
if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
return 0;
if ((cc->cipher->flags & CFLAG_NONE) != 0)
return 0;
#ifdef WITH_OPENSSL
evplen = EVP_CIPHER_CTX_iv_length(cc->evp);
if (evplen <= 0)
return SSH_ERR_LIBCRYPTO_ERROR;
if ((size_t)evplen != len)
return SSH_ERR_INVALID_ARGUMENT;
#ifndef OPENSSL_HAVE_EVPCTR
/* XXX iv arg is const, but ssh_aes_ctr_iv isn't */
if (c->evptype == evp_aes_128_ctr)
ssh_aes_ctr_iv(cc->evp, 1, (u_char *)iv, evplen);
else
#endif
if (cipher_authlen(c)) {
/* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */
if (!EVP_CIPHER_CTX_ctrl(cc->evp,
EVP_CTRL_GCM_SET_IV_FIXED, -1, (void *)iv))
return SSH_ERR_LIBCRYPTO_ERROR;
} else if (!EVP_CIPHER_CTX_set_iv(cc->evp, iv, evplen))
return SSH_ERR_LIBCRYPTO_ERROR;
#endif
return 0;
}示例2: Java_com_facebook_crypto_cipher_NativeGCMCipher_nativeEncryptFinal
JNIEXPORT int JNICALL Java_com_facebook_crypto_cipher_NativeGCMCipher_nativeEncryptFinal(
JNIEnv* env,
jobject obj,
jbyteArray macTag,
jint tagLen) {
int bytesWritten = 0;
EVP_CIPHER_CTX* ctx = Get_Cipher_CTX(env, obj);
if (!ctx) {
return CRYPTO_FAILURE;
}
jbyte* tagBytes = (*env)->GetByteArrayElements(env, macTag, NULL);
if (!tagBytes) {
return CRYPTO_FAILURE;
}
int retCode = CRYPTO_SUCCESS;
if (!retCode || !EVP_EncryptFinal_ex(ctx, tagBytes, &bytesWritten)) {
retCode = CRYPTO_FAILURE;
}
if (!retCode || !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, tagLen, tagBytes)) {
retCode = CRYPTO_FAILURE;
}
(*env)->ReleaseByteArrayElements(env, macTag, tagBytes, 0);
return retCode;
}示例3: srtp_aes_gcm_openssl_set_iv
/*
* aes_gcm_openssl_set_iv(c, iv) sets the counter value to the exor of iv with
* the offset
*/
static srtp_err_status_t srtp_aes_gcm_openssl_set_iv(
void *cv,
uint8_t *iv,
srtp_cipher_direction_t direction)
{
srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
if (direction != srtp_direction_encrypt &&
direction != srtp_direction_decrypt) {
return (srtp_err_status_bad_param);
}
c->dir = direction;
debug_print(srtp_mod_aes_gcm, "setting iv: %s",
v128_hex_string((v128_t *)iv));
if (!EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_SET_IVLEN, 12, 0)) {
return (srtp_err_status_init_fail);
}
if (!EVP_CipherInit_ex(c->ctx, NULL, NULL, NULL, iv,
(c->dir == srtp_direction_encrypt ? 1 : 0))) {
return (srtp_err_status_init_fail);
}
return (srtp_err_status_ok);
}示例4: cmd_start_crypt_in
void cmd_start_crypt_in(struct ctrl_command *cmd)
{
#ifdef HAVE_LIBCRYPTO
if (in_state.crypt)
send_error("can't start decryption - already started!");
if (!in_state.crypt_state.cipher)
send_error("can't start decryption - no cipher set!");
if (!in_state.crypt_state.key)
send_error("can't start decryption - no key set!");
in_state.crypt = 1;
if (!EVP_DecryptInit(&in_state.crypt_state.ctx,
in_state.crypt_state.cipher, NULL, NULL))
send_error("can't start decryption - DecryptInit (1) failed: %s!",
ERR_error_string(ERR_get_error(), NULL));
/*
* XXX - ugly hack to work around OpenSSL bug
* if/when OpenSSL fix it, or give proper workaround
* use that, and force minimum OpenSSL version
*
* Without this hack, BF/256 will fail.
*/
/* cast to avoid warning */
*(unsigned int *)( &in_state.crypt_state.ctx.cipher->flags)
|= EVP_CIPH_VARIABLE_LENGTH;
if (!EVP_CIPHER_CTX_set_key_length(&in_state.crypt_state.ctx,
in_state.crypt_state.keylen))
send_error("can't start decryption - set_key_length failed: %s!",
ERR_error_string(ERR_get_error(), NULL));
in_state.crypt_state.ivlen =
EVP_CIPHER_CTX_iv_length(&in_state.crypt_state.ctx);
if (in_state.crypt_state.ivlen)
in_state.crypt_state.iv = calloc(in_state.crypt_state.ivlen, 1);
if (in_state.crypt_state.rounds)
{
if (!EVP_CIPHER_CTX_ctrl(&in_state.crypt_state.ctx,
EVP_CTRL_SET_RC5_ROUNDS,
in_state.crypt_state.rounds,
NULL))
send_error("can't start decryption - SET_RC5_ROUNDS failed: %s!",
ERR_error_string(ERR_get_error(), NULL));
}
if (!EVP_DecryptInit(&in_state.crypt_state.ctx,
NULL,
in_state.crypt_state.key,
in_state.crypt_state.iv))
send_error("can't start decryption - DecryptInit (2) failed: %s!",
ERR_error_string(ERR_get_error(), NULL));
#else
send_error("can't start decryption - no OpenSSL support!");
#endif
}示例5: s2n_composite_cipher_aes_sha_initial_hmac
static int s2n_composite_cipher_aes_sha_initial_hmac(struct s2n_session_key *key, uint8_t *sequence_number, uint8_t content_type,
uint16_t protocol_version, uint16_t payload_and_eiv_len, int *extra)
{
uint8_t ctrl_buf[S2N_TLS12_AAD_LEN];
struct s2n_blob ctrl_blob = { .data = ctrl_buf, .size = S2N_TLS12_AAD_LEN };
struct s2n_stuffer ctrl_stuffer;
GUARD(s2n_stuffer_init(&ctrl_stuffer, &ctrl_blob));
GUARD(s2n_stuffer_write_bytes(&ctrl_stuffer, sequence_number, S2N_TLS_SEQUENCE_NUM_LEN));
GUARD(s2n_stuffer_write_uint8(&ctrl_stuffer, content_type));
GUARD(s2n_stuffer_write_uint8(&ctrl_stuffer, protocol_version / 10));
GUARD(s2n_stuffer_write_uint8(&ctrl_stuffer, protocol_version % 10));
GUARD(s2n_stuffer_write_uint16(&ctrl_stuffer, payload_and_eiv_len));
/* This will unnecessarily mangle the input buffer, which is fine since it's temporary
* Return value will be length of digest, padding, and padding length byte.
* See https://github.com/openssl/openssl/blob/master/crypto/evp/e_aes_cbc_hmac_sha1.c#L814
* and https://github.com/openssl/openssl/blob/4f0c475719defd7c051964ef9964cc6e5b3a63bf/ssl/record/ssl3_record.c#L743
*/
int ctrl_ret = EVP_CIPHER_CTX_ctrl(key->evp_cipher_ctx, EVP_CTRL_AEAD_TLS1_AAD, S2N_TLS12_AAD_LEN, ctrl_buf);
if (ctrl_ret < 0) {
S2N_ERROR(S2N_ERR_INITIAL_HMAC);
}
*extra = ctrl_ret;
return 0;
}示例6: sgx_aes_gcm128_enc_get_mac
sgx_status_t sgx_aes_gcm128_enc_get_mac(uint8_t *mac, sgx_aes_state_handle_t aes_gcm_state)
{
if ((mac == NULL) || (aes_gcm_state == NULL))
{
return SGX_ERROR_INVALID_PARAMETER;
}
sgx_status_t ret = SGX_ERROR_UNEXPECTED;
int tmp = 0;
EVP_CIPHER_CTX *pState = (EVP_CIPHER_CTX*)aes_gcm_state;
do {
// Finalise the encryption
//
if (1 != EVP_EncryptFinal_ex(pState, NULL, &tmp)) {
break;
}
// Get tag (MAC)
//
if (!EVP_CIPHER_CTX_ctrl(pState, EVP_CTRL_AEAD_GET_TAG, SGX_AESGCM_MAC_SIZE, mac)) {
break;
}
ret = SGX_SUCCESS;
} while (1);
//In case of error, clear output MAC buffer.
//
if (ret != SGX_SUCCESS) {
memset_s(mac, SGX_AESGCM_MAC_SIZE, 0, SGX_AESGCM_MAC_SIZE);
}
return ret;
}示例7: WithState
Encrypt::Encrypt(CryptoConfig config, Slice key, Slice iv, Slice entity):
WithState(State::INITIAL),
config_(config),
buffer_(VERSION_SIZE + config.ivLength + config.keyLength),
version_(buffer_(0, VERSION_SIZE)),
iv_(buffer_(VERSION_SIZE, VERSION_SIZE + config.ivLength)),
key_(buffer_(VERSION_SIZE + config.ivLength, VERSION_SIZE + config.ivLength + config.keyLength)),
entity_(entity.length()),
tag_(config_.tagLength) {
checkArgument(key.length() == config_.keyLength, "Invalid key");
checkArgument(iv.length() == config_.ivLength, "Invalid IV");
version_[FORMAT_BYTE] = FORMAT_VALUE;
version_[CONFIG_BYTE] = config_.id;
// copy the data to memory I own
iv.copyTo(iv_);
key.copyTo(key_);
entity.copyTo(entity_);
const EVP_CIPHER* cipher = config_.cipher;
ctx_ = EVP_CIPHER_CTX_new();
check(ctx_, "Encryption context creation failed");
int code = EVP_EncryptInit_ex(ctx_, cipher, NULL, NULL, NULL);
check(code == EVP_SUCCESS, "Encryption context creation failed (cipher)");
code = EVP_CIPHER_CTX_ctrl(ctx_, EVP_CTRL_GCM_SET_IVLEN, config_.ivLength, NULL);
check(code == EVP_SUCCESS, "Encryption context creation failed (IV length)");
code = EVP_EncryptInit_ex(ctx_, NULL, NULL, key_.offset(0), iv_.offset(0));
check(code == EVP_SUCCESS, "Encryption initialization failed");
}示例8: srtp_aes_gcm_openssl_set_aad
/*
* This function processes the AAD
*
* Parameters:
* c Crypto context
* aad Additional data to process for AEAD cipher suites
* aad_len length of aad buffer
*/
static srtp_err_status_t srtp_aes_gcm_openssl_set_aad(void *cv,
const uint8_t *aad,
uint32_t aad_len)
{
srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
int rv;
/*
* Set dummy tag, OpenSSL requires the Tag to be set before
* processing AAD
*/
/*
* OpenSSL never write to address pointed by the last parameter of
* EVP_CIPHER_CTX_ctrl while EVP_CTRL_GCM_SET_TAG (in reality,
* OpenSSL copy its content to the context), so we can make
* aad read-only in this function and all its wrappers.
*/
unsigned char dummy_tag[GCM_AUTH_TAG_LEN];
memset(dummy_tag, 0x0, GCM_AUTH_TAG_LEN);
EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_SET_TAG, c->tag_len, &dummy_tag);
rv = EVP_Cipher(c->ctx, NULL, aad, aad_len);
if (rv != aad_len) {
return (srtp_err_status_algo_fail);
} else {
return (srtp_err_status_ok);
}
}示例9: srtp_aes_gcm_openssl_decrypt
/*
* This function decrypts a buffer using AES GCM mode
*
* Parameters:
* c Crypto context
* buf data to encrypt
* enc_len length of encrypt buffer
*/
static srtp_err_status_t srtp_aes_gcm_openssl_decrypt(void *cv,
unsigned char *buf,
unsigned int *enc_len)
{
srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
if (c->dir != srtp_direction_encrypt && c->dir != srtp_direction_decrypt) {
return (srtp_err_status_bad_param);
}
/*
* Set the tag before decrypting
*/
EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_SET_TAG, c->tag_len,
buf + (*enc_len - c->tag_len));
EVP_Cipher(c->ctx, buf, buf, *enc_len - c->tag_len);
/*
* Check the tag
*/
if (EVP_Cipher(c->ctx, NULL, NULL, 0)) {
return (srtp_err_status_auth_fail);
}
/*
* Reduce the buffer size by the tag length since the tag
* is not part of the original payload
*/
*enc_len -= c->tag_len;
return (srtp_err_status_ok);
}示例10: pt
// ----------------------------------------------------------------------------
bool Crypto::decryptConnectionRequest(BareNetworkString& ns)
{
std::vector<uint8_t> pt(ns.m_buffer.size() - 4, 0);
if (EVP_DecryptInit_ex(m_decrypt, NULL, NULL, NULL, NULL) != 1)
return false;
int dlen;
if (!EVP_CIPHER_CTX_ctrl(m_decrypt, EVP_CTRL_GCM_SET_TAG, 4,
ns.m_buffer.data()))
return false;
if (EVP_DecryptUpdate(m_decrypt, pt.data(), &dlen, ns.m_buffer.data() + 4,
(int)(ns.m_buffer.size() - 4)) != 1)
return false;
if (EVP_DecryptFinal_ex(m_decrypt, unused_16_blocks.data(), &dlen) > 0)
{
assert(dlen == 0);
std::swap(ns.m_buffer, pt);
return true;
}
return false;
} // decryptConnectionRequest示例11: cipher_set_keyiv
int
cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv)
{
#ifdef WITH_OPENSSL
const struct sshcipher *c = cc->cipher;
int evplen = 0;
#endif
if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
return 0;
if ((cc->cipher->flags & CFLAG_NONE) != 0)
return 0;
#ifdef WITH_OPENSSL
evplen = EVP_CIPHER_CTX_iv_length(cc->evp);
if (evplen <= 0)
return SSH_ERR_LIBCRYPTO_ERROR;
if (cipher_authlen(c)) {
/* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */
if (!EVP_CIPHER_CTX_ctrl(cc->evp,
EVP_CTRL_GCM_SET_IV_FIXED, -1, __UNCONST(iv)))
return SSH_ERR_LIBCRYPTO_ERROR;
} else
memcpy(EVP_CIPHER_CTX_iv_noconst(cc->evp), iv, evplen);
#endif
return 0;
}示例12: rc2_get_asn1_type_and_iv
static int rc2_get_asn1_type_and_iv (EVP_CIPHER_CTX * c, ASN1_TYPE * type)
{
long num = 0;
int i = 0;
int key_bits;
unsigned int l;
unsigned char iv[EVP_MAX_IV_LENGTH];
if (type != NULL)
{
l = EVP_CIPHER_CTX_iv_length (c);
OPENSSL_assert (l <= sizeof (iv));
i = ASN1_TYPE_get_int_octetstring (type, &num, iv, l);
if (i != (int) l)
return (-1);
key_bits = rc2_magic_to_meth ((int) num);
if (!key_bits)
return (-1);
if (i > 0 && !EVP_CipherInit_ex (c, NULL, NULL, NULL, iv, -1))
return -1;
EVP_CIPHER_CTX_ctrl (c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
EVP_CIPHER_CTX_set_key_length (c, key_bits / 8);
}
return (i);
}示例13: decrypt_data
static int decrypt_data(char *in, int len, char *out) {
unsigned char outbuf[MAX_LEN];
unsigned char iv[IV_SIZE];
unsigned char tag[16];
char *step;
int tmplen=0, outlen=0;
memset(outbuf,0x00,MAX_LEN);
// header information
step=in+1;
memcpy(iv,step,IV_SIZE); // Extract the IV
step+=IV_SIZE;
memcpy(tag,step,16); // Extract the MAC
step+=16;
if (glob_key[0] == 0x00) // Generate key if its the first packet
gen_key();
EVP_CIPHER_CTX *ctx;
ctx = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX_init (ctx);
EVP_DecryptInit_ex (ctx, EVP_aes_256_gcm() , NULL, (const unsigned char *)glob_key, (const unsigned char *)iv);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, IV_SIZE, NULL);
if (!EVP_DecryptUpdate (ctx, outbuf, &outlen, (const unsigned char *)step, len)) {
fprintf(stderr, "[!] Error in EVP_DecryptUpdate()\n");
EVP_CIPHER_CTX_cleanup (ctx);
return 0;
}
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof(tag), tag);
if (!EVP_DecryptFinal_ex (ctx, outbuf + outlen, &tmplen)) {
fprintf(stderr, "[!] Error in EVP_DecryptFinal_ex(). Possible foul play involved.\n");
EVP_CIPHER_CTX_cleanup (ctx);
return 0;
}
EVP_CIPHER_CTX_cleanup (ctx);
memcpy(out,outbuf,outlen+tmplen);
return len;
}示例14: cipher_ctx_get_tag
int cipher_ctx_get_tag (EVP_CIPHER_CTX *ctx, uint8_t *tag_buf, int tag_size)
{
#ifdef HAVE_AEAD_CIPHER_MODES
return EVP_CIPHER_CTX_ctrl (ctx, EVP_CTRL_GCM_GET_TAG, tag_size, tag_buf);
#else
ASSERT (0);
#endif
}示例15: s2n_composite_cipher_aes_sha256_set_mac_write_key
static int s2n_composite_cipher_aes_sha256_set_mac_write_key(struct s2n_session_key *key, uint8_t *mac_key, uint32_t mac_size)
{
eq_check(mac_size, SHA256_DIGEST_LENGTH);
EVP_CIPHER_CTX_ctrl(key->evp_cipher_ctx, EVP_CTRL_AEAD_SET_MAC_KEY, mac_size, mac_key);
return 0;
}