Cleanup ciphers and Add 3des ciphers.
[oweals/openssl.git] / crypto / evp / evp_enc.c
index e67e20c7bae69e50e279773d1e1ac8c91d706b01..5723fe888e95e1f2ce1c85a37db3688d898f771f 100644 (file)
@@ -217,6 +217,18 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
         case NID_camellia_256_ctr:
         case NID_camellia_192_ctr:
         case NID_camellia_128_ctr:
+        case NID_des_ede3_cbc:
+        case NID_des_ede3_ecb:
+        case NID_des_ede3_ofb64:
+        case NID_des_ede3_cfb64:
+        case NID_des_ede3_cfb8:
+        case NID_des_ede3_cfb1:
+        case NID_des_ede_cbc:
+        case NID_des_ede_ecb:
+        case NID_des_ede_ofb64:
+        case NID_des_ede_cfb64:
+        case NID_desx_cbc:
+        case NID_id_smime_alg_CMS3DESwrap:
             break;
         default:
             goto legacy;
@@ -1030,6 +1042,12 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
         params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_KEYLEN, &arg);
         break;
     case EVP_CTRL_RAND_KEY:      /* Used by DES */
+        set_params = 0;
+        params[0] =
+            OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY,
+                                              ptr, (size_t)arg);
+        break;
+
     case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: /* Used by DASYNC */
     case EVP_CTRL_INIT: /* TODO(3.0) Purely legacy, no provider counterpart */
     default:
@@ -1141,19 +1159,24 @@ const OSSL_PARAM *EVP_CIPHER_CTX_gettable_params(const EVP_CIPHER *cipher)
     return NULL;
 }
 
-#if !defined(FIPS_MODE)
-/* TODO(3.0): No support for RAND yet in the FIPS module */
 int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
 {
-    int kl;
     if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
         return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
-    kl = EVP_CIPHER_CTX_key_length(ctx);
-    if (kl <= 0 || RAND_priv_bytes(key, kl) <= 0)
-        return 0;
-    return 1;
+
+#ifdef FIPS_MODE
+    return 0;
+#else
+    {
+        int kl;
+
+        kl = EVP_CIPHER_CTX_key_length(ctx);
+        if (kl <= 0 || RAND_priv_bytes(key, kl) <= 0)
+            return 0;
+        return 1;
+    }
+#endif /* FIPS_MODE */
 }
-#endif
 
 int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
 {