+ int nid;
+ nid = EVP_CIPHER_nid(ctx);
+
+ switch (nid) {
+
+ case NID_rc2_cbc:
+ case NID_rc2_64_cbc:
+ case NID_rc2_40_cbc:
+
+ return NID_rc2_cbc;
+
+ case NID_rc4:
+ case NID_rc4_40:
+
+ return NID_rc4;
+
+ case NID_aes_128_cfb128:
+ case NID_aes_128_cfb8:
+ case NID_aes_128_cfb1:
+
+ return NID_aes_128_cfb128;
+
+ case NID_aes_192_cfb128:
+ case NID_aes_192_cfb8:
+ case NID_aes_192_cfb1:
+
+ return NID_aes_192_cfb128;
+
+ case NID_aes_256_cfb128:
+ case NID_aes_256_cfb8:
+ case NID_aes_256_cfb1:
+
+ return NID_aes_256_cfb128;
+
+ case NID_des_cfb64:
+ case NID_des_cfb8:
+ case NID_des_cfb1:
+
+ return NID_des_cfb64;
+
+ case NID_des_ede3_cfb64:
+ case NID_des_ede3_cfb8:
+ case NID_des_ede3_cfb1:
+
+ return NID_des_cfb64;
+
+ default:
+#ifdef FIPS_MODULE
+ return NID_undef;
+#else
+ {
+ /* Check it has an OID and it is valid */
+ ASN1_OBJECT *otmp = OBJ_nid2obj(nid);
+
+ if (OBJ_get0_data(otmp) == NULL)
+ nid = NID_undef;
+ ASN1_OBJECT_free(otmp);
+ return nid;
+ }
+#endif
+ }
+}
+
+int evp_cipher_cache_constants(EVP_CIPHER *cipher)
+{
+ int ok;
+ size_t ivlen = 0;
+ size_t blksz = 0;
+ size_t keylen = 0;
+ unsigned int mode = 0;
+ unsigned long flags = 0;
+ OSSL_PARAM params[6];
+
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, &blksz);
+ params[1] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &ivlen);
+ params[2] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &keylen);
+ params[3] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_MODE, &mode);
+ params[4] = OSSL_PARAM_construct_ulong(OSSL_CIPHER_PARAM_FLAGS, &flags);
+ params[5] = OSSL_PARAM_construct_end();
+ ok = evp_do_ciph_getparams(cipher, params);
+ if (ok) {
+ /* Provided implementations may have a custom cipher_cipher */
+ if (cipher->prov != NULL && cipher->ccipher != NULL)
+ flags |= EVP_CIPH_FLAG_CUSTOM_CIPHER;
+ cipher->block_size = blksz;
+ cipher->iv_len = ivlen;
+ cipher->key_len = keylen;
+ cipher->flags = flags | mode;
+ }
+ return ok;
+}
+
+int EVP_CIPHER_block_size(const EVP_CIPHER *cipher)
+{
+ return cipher->block_size;
+}
+
+int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
+{
+ return EVP_CIPHER_block_size(ctx->cipher);
+}
+
+int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e)
+{
+ return e->ctx_size;
+}
+
+int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, unsigned int inl)
+{
+ if (ctx->cipher->prov != NULL) {
+ /*
+ * If the provided implementation has a ccipher function, we use it,
+ * and translate its return value like this: 0 => -1, 1 => outlen
+ *
+ * Otherwise, we call the cupdate function if in != NULL, or cfinal
+ * if in == NULL. Regardless of which, we return what we got.
+ */
+ int ret = -1;
+ size_t outl = 0;
+ size_t blocksize = EVP_CIPHER_CTX_block_size(ctx);
+
+ if (ctx->cipher->ccipher != NULL)
+ ret = ctx->cipher->ccipher(ctx->provctx, out, &outl,
+ inl + (blocksize == 1 ? 0 : blocksize),
+ in, (size_t)inl)
+ ? (int)outl : -1;
+ else if (in != NULL)
+ ret = ctx->cipher->cupdate(ctx->provctx, out, &outl,
+ inl + (blocksize == 1 ? 0 : blocksize),
+ in, (size_t)inl);
+ else
+ ret = ctx->cipher->cfinal(ctx->provctx, out, &outl,
+ blocksize == 1 ? 0 : blocksize);
+
+ return ret;
+ }
+
+ return ctx->cipher->do_cipher(ctx, out, in, inl);
+}
+
+const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
+{
+ return ctx->cipher;
+}
+
+int EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx)
+{
+ return ctx->encrypt;
+}
+
+unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher)
+{
+ return cipher->flags;
+}
+
+void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
+{
+ return ctx->app_data;
+}
+
+void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
+{
+ ctx->app_data = data;
+}
+
+void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx)
+{
+ return ctx->cipher_data;
+}
+
+void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data)
+{
+ void *old_cipher_data;
+
+ old_cipher_data = ctx->cipher_data;
+ ctx->cipher_data = cipher_data;
+
+ return old_cipher_data;
+}
+
+int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
+{
+ return cipher->iv_len;
+}
+
+int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
+{
+ int rv, len = EVP_CIPHER_iv_length(ctx->cipher);
+ size_t v = len;
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &v);
+ rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+ if (rv == EVP_CTRL_RET_UNSUPPORTED)
+ goto legacy;
+ return rv != 0 ? (int)v : -1;
+ /* TODO (3.0) Remove legacy support */
+legacy:
+ if ((EVP_CIPHER_flags(ctx->cipher) & EVP_CIPH_CUSTOM_IV_LENGTH) != 0) {
+ rv = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN,
+ 0, &len);
+ return (rv == 1) ? len : -1;
+ }
+ return len;
+}
+
+int EVP_CIPHER_CTX_tag_length(const EVP_CIPHER_CTX *ctx)
+{
+ int ret;
+ size_t v = 0;
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, &v);
+ ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+ return ret == 1 ? (int)v : 0;
+}
+
+const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx)
+{
+ int ok;
+ const unsigned char *v = ctx->oiv;
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+ params[0] =
+ OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV,
+ (void **)&v, sizeof(ctx->oiv));
+ ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+
+ return ok != 0 ? v : NULL;
+}
+
+/*
+ * OSSL_PARAM_OCTET_PTR gets us the pointer to the running IV in the provider
+ */
+const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx)
+{
+ int ok;
+ const unsigned char *v = ctx->iv;
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+ params[0] =
+ OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV, (void **)&v,
+ sizeof(ctx->iv));
+ ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+
+ return ok != 0 ? v : NULL;
+}
+
+unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx)
+{
+ int ok;
+ unsigned char *v = ctx->iv;
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+ params[0] =
+ OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV, (void **)&v,
+ sizeof(ctx->iv));
+ ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+
+ return ok != 0 ? v : NULL;
+}
+
+unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx)
+{
+ return ctx->buf;
+}
+
+int EVP_CIPHER_CTX_num(const EVP_CIPHER_CTX *ctx)
+{
+ int ok;
+ unsigned int v = (unsigned int)ctx->num;
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+ params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &v);
+ ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+
+ return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
+}
+
+int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num)
+{
+ int ok;
+ unsigned int n = (unsigned int)num;
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+ params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &n);
+ ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
+
+ if (ok != 0)
+ ctx->num = (int)n;
+ return ok != 0;
+}
+
+int EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
+{
+ return cipher->key_len;
+}
+
+int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
+{
+ int ok;
+ size_t v = ctx->key_len;
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &v);
+ ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+
+ return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
+}
+
+int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
+{
+ return cipher->nid;
+}
+
+int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
+{
+ return ctx->cipher->nid;
+}
+
+int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name)
+{
+ if (cipher->prov != NULL)
+ return evp_is_a(cipher->prov, cipher->name_id, NULL, name);
+ return evp_is_a(NULL, 0, EVP_CIPHER_name(cipher), name);
+}
+
+int EVP_CIPHER_number(const EVP_CIPHER *cipher)
+{
+ return cipher->name_id;
+}
+
+const char *EVP_CIPHER_name(const EVP_CIPHER *cipher)
+{
+ if (cipher->prov != NULL)
+ return evp_first_name(cipher->prov, cipher->name_id);
+#ifndef FIPS_MODULE
+ return OBJ_nid2sn(EVP_CIPHER_nid(cipher));
+#else
+ return NULL;
+#endif
+}
+
+void EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
+ void (*fn)(const char *name, void *data),
+ void *data)
+{
+ if (cipher->prov != NULL)
+ evp_names_do_all(cipher->prov, cipher->name_id, fn, data);
+}
+
+const OSSL_PROVIDER *EVP_CIPHER_provider(const EVP_CIPHER *cipher)
+{
+ return cipher->prov;
+}
+
+int EVP_CIPHER_mode(const EVP_CIPHER *cipher)
+{
+ return EVP_CIPHER_flags(cipher) & EVP_CIPH_MODE;
+}
+
+int EVP_MD_is_a(const EVP_MD *md, const char *name)
+{
+ if (md->prov != NULL)
+ return evp_is_a(md->prov, md->name_id, NULL, name);
+ return evp_is_a(NULL, 0, EVP_MD_name(md), name);
+}
+
+int EVP_MD_number(const EVP_MD *md)
+{
+ return md->name_id;
+}
+
+const char *EVP_MD_name(const EVP_MD *md)
+{
+ if (md->prov != NULL)
+ return evp_first_name(md->prov, md->name_id);
+#ifndef FIPS_MODULE
+ return OBJ_nid2sn(EVP_MD_nid(md));
+#else
+ return NULL;
+#endif
+}
+
+void EVP_MD_names_do_all(const EVP_MD *md,
+ void (*fn)(const char *name, void *data),
+ void *data)
+{
+ if (md->prov != NULL)
+ evp_names_do_all(md->prov, md->name_id, fn, data);
+}
+
+const OSSL_PROVIDER *EVP_MD_provider(const EVP_MD *md)
+{
+ return md->prov;
+}
+
+int EVP_MD_block_size(const EVP_MD *md)
+{
+ int ok;
+ size_t v = md->block_size;
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+ if (md == NULL) {
+ EVPerr(EVP_F_EVP_MD_BLOCK_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
+ return -1;
+ }
+
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_BLOCK_SIZE, &v);
+ ok = evp_do_md_getparams(md, params);
+
+ return ok != 0 ? (int)v : -1;
+}
+
+int EVP_MD_type(const EVP_MD *md)
+{
+ return md->type;
+}
+
+int EVP_MD_pkey_type(const EVP_MD *md)
+{
+ return md->pkey_type;
+}
+
+int EVP_MD_size(const EVP_MD *md)
+{
+ int ok;
+ size_t v = md->md_size;
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+ if (md == NULL) {
+ EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
+ return -1;
+ }
+
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_SIZE, &v);
+ ok = evp_do_md_getparams(md, params);
+
+ return ok != 0 ? (int)v : -1;
+}
+
+unsigned long EVP_MD_flags(const EVP_MD *md)
+{
+ int ok;
+ unsigned long v = md->flags;
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+ params[0] = OSSL_PARAM_construct_ulong(OSSL_CIPHER_PARAM_FLAGS, &v);
+ ok = evp_do_md_getparams(md, params);
+
+ return ok != 0 ? v : 0;
+}