自学教程：C++ EVP_CIPHER_CTX_new函数代码示例

int ssl3_change_cipher_state(SSL *s, int which){    unsigned char *p, *mac_secret;    unsigned char exp_key[EVP_MAX_KEY_LENGTH];    unsigned char exp_iv[EVP_MAX_IV_LENGTH];    unsigned char *ms, *key, *iv;    EVP_CIPHER_CTX *dd;    const EVP_CIPHER *c;#ifndef OPENSSL_NO_COMP    COMP_METHOD *comp;#endif    const EVP_MD *m;    int mdi;    size_t n, i, j, k, cl;    int reuse_dd = 0;    c = s->s3->tmp.new_sym_enc;    m = s->s3->tmp.new_hash;    /* m == NULL will lead to a crash later */    if (!ossl_assert(m != NULL)) {        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_CHANGE_CIPHER_STATE,                 ERR_R_INTERNAL_ERROR);        goto err;    }#ifndef OPENSSL_NO_COMP    if (s->s3->tmp.new_compression == NULL)        comp = NULL;    else        comp = s->s3->tmp.new_compression->method;#endif    if (which & SSL3_CC_READ) {        if (s->enc_read_ctx != NULL) {            reuse_dd = 1;        } else if ((s->enc_read_ctx = EVP_CIPHER_CTX_new()) == NULL) {            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_CHANGE_CIPHER_STATE,                     ERR_R_MALLOC_FAILURE);            goto err;        } else {            /*             * make sure it's initialised in case we exit later with an error             */            EVP_CIPHER_CTX_reset(s->enc_read_ctx);        }        dd = s->enc_read_ctx;        if (ssl_replace_hash(&s->read_hash, m) == NULL) {            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_CHANGE_CIPHER_STATE,                     ERR_R_INTERNAL_ERROR);            goto err;        }#ifndef OPENSSL_NO_COMP        /* COMPRESS */        COMP_CTX_free(s->expand);        s->expand = NULL;        if (comp != NULL) {            s->expand = COMP_CTX_new(comp);            if (s->expand == NULL) {                SSLfatal(s, SSL_AD_INTERNAL_ERROR,                         SSL_F_SSL3_CHANGE_CIPHER_STATE,                         SSL_R_COMPRESSION_LIBRARY_ERROR);                goto err;            }        }#endif        RECORD_LAYER_reset_read_sequence(&s->rlayer);        mac_secret = &(s->s3->read_mac_secret[0]);    } else {        if (s->enc_write_ctx != NULL) {            reuse_dd = 1;        } else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL) {            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_CHANGE_CIPHER_STATE,                     ERR_R_MALLOC_FAILURE);            goto err;        } else {            /*             * make sure it's initialised in case we exit later with an error             */            EVP_CIPHER_CTX_reset(s->enc_write_ctx);        }        dd = s->enc_write_ctx;        if (ssl_replace_hash(&s->write_hash, m) == NULL) {            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_CHANGE_CIPHER_STATE,                     ERR_R_MALLOC_FAILURE);            goto err;        }#ifndef OPENSSL_NO_COMP        /* COMPRESS */        COMP_CTX_free(s->compress);        s->compress = NULL;        if (comp != NULL) {            s->compress = COMP_CTX_new(comp);            if (s->compress == NULL) {                SSLfatal(s, SSL_AD_INTERNAL_ERROR,                         SSL_F_SSL3_CHANGE_CIPHER_STATE,                         SSL_R_COMPRESSION_LIBRARY_ERROR);                goto err;            }        }#endif//.........这里部分代码省略.........

//.........这里部分代码省略.........			{			COMP_CTX_free(s->expand);			s->expand=NULL;			}		if (comp != NULL)			{			s->expand=COMP_CTX_new(comp->method);			if (s->expand == NULL)				{				SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);				goto err2;				}			if (s->s3->rrec.comp == NULL)				s->s3->rrec.comp=(unsigned char *)					OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);			if (s->s3->rrec.comp == NULL)				goto err;			}#endif		/* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */ 		if (s->version != DTLS1_VERSION)			memset(&(s->s3->read_sequence[0]),0,8);		mac_secret= &(s->s3->read_mac_secret[0]);		mac_secret_size=&(s->s3->read_mac_secret_size);		}	else		{		if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)			s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM;			else			s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM;		if (s->enc_write_ctx != NULL && !SSL_IS_DTLS(s))			reuse_dd = 1;		else if ((s->enc_write_ctx=EVP_CIPHER_CTX_new()) == NULL)			goto err;		dd= s->enc_write_ctx;		if (SSL_IS_DTLS(s))			{			mac_ctx = EVP_MD_CTX_create();			if (!mac_ctx)				goto err;			s->write_hash = mac_ctx;			}		else			mac_ctx = ssl_replace_hash(&s->write_hash,NULL);#ifndef OPENSSL_NO_COMP		if (s->compress != NULL)			{			COMP_CTX_free(s->compress);			s->compress=NULL;			}		if (comp != NULL)			{			s->compress=COMP_CTX_new(comp->method);			if (s->compress == NULL)				{				SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);				goto err2;				}			}#endif		/* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */ 		if (s->version != DTLS1_VERSION)			memset(&(s->s3->write_sequence[0]),0,8);		mac_secret= &(s->s3->write_mac_secret[0]);		mac_secret_size = &(s->s3->write_mac_secret_size);

/** * testing function */int crypto_aes_test(void){	/* "opaque" encryption, decryption ctx structures	 * that libcrypto uses to record status of enc/dec operations */	EVP_CIPHER_CTX *en = NULL;	EVP_CIPHER_CTX *de = NULL;	/* The salt paramter is used as a salt in the derivation:	 * it should point to an 8 byte buffer or NULL if no salt is used. */	unsigned char salt[] = {1,2,3,4,5,6,7,8};	unsigned char *key_data;	int key_data_len, i;	char *input[] = {"Kamailio - The Open Source SIP Server",		"Thank you for flying Kamailio!",		"100 Trying/nYour call is important to us",		NULL	};	en = EVP_CIPHER_CTX_new();	if(en==NULL) {		LM_ERR("cannot get new cipher context/n");		return -1;	}	de = EVP_CIPHER_CTX_new();	if(de==NULL) {		EVP_CIPHER_CTX_free(en);		LM_ERR("cannot get new cipher context/n");		return -1;	}	/* the key_data for testing */	key_data = (unsigned char *)"kamailio-sip-server";	key_data_len = strlen((const char *)key_data);	/* gen key and iv. init the cipher ctx object */	if (crypto_aes_init(key_data, key_data_len, salt, en, de)) {		LM_ERR("couldn't initialize AES cipher/n");		return -1;	}	/* encrypt and decrypt each input string and compare with the original */	for (i = 0; input[i]; i++) {		char *plaintext;		unsigned char *ciphertext;		int olen, len;		/* The enc/dec functions deal with binary data and not C strings.		 * strlen() will return length of the string without counting the '/0'		 * string marker. We always pass in the marker byte to the		 * encrypt/decrypt functions so that after decryption we end up with		 * a legal C string */		olen = len = strlen(input[i])+1;		ciphertext = crypto_aes_encrypt(en, (unsigned char *)input[i], &len);		plaintext = (char *)crypto_aes_decrypt(de, ciphertext, &len);		if (strncmp(plaintext, input[i], olen))			LM_ERR("FAIL: enc/dec failed for /"%s/"/n", input[i]);		else			LM_NOTICE("OK: enc/dec ok for /"%s/"/n", plaintext);		free(ciphertext);		free(plaintext);	}	EVP_CIPHER_CTX_cleanup(de);	EVP_CIPHER_CTX_free(de);	EVP_CIPHER_CTX_cleanup(en);	EVP_CIPHER_CTX_free(en);	return 0;}

void init_encryption(struct encryption_ctx *ctx) {    ctx->status = STATUS_EMPTY;    ctx->ctx = EVP_CIPHER_CTX_new();    ctx->cipher = cipher;}

int ssl3_change_cipher_state(SSL *s, int which){    unsigned char *p, *mac_secret;    unsigned char exp_key[EVP_MAX_KEY_LENGTH];    unsigned char exp_iv[EVP_MAX_IV_LENGTH];    unsigned char *ms, *key, *iv;    EVP_CIPHER_CTX *dd;    const EVP_CIPHER *c;#ifndef OPENSSL_NO_COMP    COMP_METHOD *comp;#endif    const EVP_MD *m;    int n, i, j, k, cl;    int reuse_dd = 0;    c = s->s3->tmp.new_sym_enc;    m = s->s3->tmp.new_hash;    /* m == NULL will lead to a crash later */    OPENSSL_assert(m);#ifndef OPENSSL_NO_COMP    if (s->s3->tmp.new_compression == NULL)        comp = NULL;    else        comp = s->s3->tmp.new_compression->method;#endif    if (which & SSL3_CC_READ) {        if (s->enc_read_ctx != NULL)            reuse_dd = 1;        else if ((s->enc_read_ctx = EVP_CIPHER_CTX_new()) == NULL)            goto err;        else            /*             * make sure it's intialized in case we exit later with an error             */            EVP_CIPHER_CTX_reset(s->enc_read_ctx);        dd = s->enc_read_ctx;        if (ssl_replace_hash(&s->read_hash, m) == NULL) {                SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);                goto err2;        }#ifndef OPENSSL_NO_COMP        /* COMPRESS */        COMP_CTX_free(s->expand);        s->expand = NULL;        if (comp != NULL) {            s->expand = COMP_CTX_new(comp);            if (s->expand == NULL) {                SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,                       SSL_R_COMPRESSION_LIBRARY_ERROR);                goto err2;            }            if (!RECORD_LAYER_setup_comp_buffer(&s->rlayer))                goto err;        }#endif        RECORD_LAYER_reset_read_sequence(&s->rlayer);        mac_secret = &(s->s3->read_mac_secret[0]);    } else {        if (s->enc_write_ctx != NULL)            reuse_dd = 1;        else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL)            goto err;        else            /*             * make sure it's intialized in case we exit later with an error             */            EVP_CIPHER_CTX_reset(s->enc_write_ctx);        dd = s->enc_write_ctx;        if (ssl_replace_hash(&s->write_hash, m) == NULL) {                SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);                goto err2;        }#ifndef OPENSSL_NO_COMP        /* COMPRESS */        COMP_CTX_free(s->compress);        s->compress = NULL;        if (comp != NULL) {            s->compress = COMP_CTX_new(comp);            if (s->compress == NULL) {                SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,                       SSL_R_COMPRESSION_LIBRARY_ERROR);                goto err2;            }        }#endif        RECORD_LAYER_reset_write_sequence(&s->rlayer);        mac_secret = &(s->s3->write_mac_secret[0]);    }    if (reuse_dd)        EVP_CIPHER_CTX_reset(dd);    p = s->s3->tmp.key_block;    i = EVP_MD_size(m);    if (i < 0)        goto err2;    cl = EVP_CIPHER_key_length(c);    j = cl;//.........这里部分代码省略.........

static bool _cjose_jwe_encrypt_dat_a256gcm(        cjose_jwe_t *jwe,         const uint8_t *plaintext,        size_t plaintext_len,        cjose_err *err){    EVP_CIPHER_CTX *ctx = NULL;    if (NULL == plaintext)    {        CJOSE_ERROR(err, CJOSE_ERR_INVALID_ARG);        goto _cjose_jwe_encrypt_dat_fail;            }    // get A256GCM cipher    const EVP_CIPHER *cipher = EVP_aes_256_gcm();    if (NULL == cipher)    {        CJOSE_ERROR(err, CJOSE_ERR_CRYPTO);        goto _cjose_jwe_encrypt_dat_fail;    }    // instantiate and initialize a new openssl cipher context    ctx = EVP_CIPHER_CTX_new();    if (NULL == ctx)    {        CJOSE_ERROR(err, CJOSE_ERR_CRYPTO);        goto _cjose_jwe_encrypt_dat_fail;    }    EVP_CIPHER_CTX_init(ctx);    // initialize context for encryption using A256GCM cipher and CEK and IV    if (EVP_EncryptInit_ex(ctx, cipher, NULL, jwe->cek, jwe->part[2].raw) != 1)    {        CJOSE_ERROR(err, CJOSE_ERR_CRYPTO);        goto _cjose_jwe_encrypt_dat_fail;    }    // we need the header in base64url encoding as input for encryption    if ((NULL == jwe->part[0].b64u) && (!cjose_base64url_encode(        (const uint8_t *)jwe->part[0].raw, jwe->part[0].raw_len,         &jwe->part[0].b64u, &jwe->part[0].b64u_len, err)))    {        goto _cjose_jwe_encrypt_dat_fail;    }        // set GCM mode AAD data (hdr_b64u) by setting "out" to NULL    int bytes_encrypted = 0;    if (EVP_EncryptUpdate(ctx,                 NULL, &bytes_encrypted,                 (unsigned char *)jwe->part[0].b64u,                 jwe->part[0].b64u_len) != 1 ||                bytes_encrypted != jwe->part[0].b64u_len)    {        CJOSE_ERROR(err, CJOSE_ERR_CRYPTO);        goto _cjose_jwe_encrypt_dat_fail;    }    // allocate buffer for the ciphertext    cjose_get_dealloc()(jwe->part[3].raw);    jwe->part[3].raw_len = plaintext_len;    if (!_cjose_jwe_malloc(jwe->part[3].raw_len, false, &jwe->part[3].raw, err))    {        goto _cjose_jwe_encrypt_dat_fail;            }    // encrypt entire plaintext to ciphertext buffer    if (EVP_EncryptUpdate(ctx,             jwe->part[3].raw, &bytes_encrypted,             plaintext, plaintext_len) != 1)    {        CJOSE_ERROR(err, CJOSE_ERR_CRYPTO);        goto _cjose_jwe_encrypt_dat_fail;    }    jwe->part[3].raw_len = bytes_encrypted;    // finalize the encryption and set the ciphertext length to correct value    if (EVP_EncryptFinal_ex(ctx, NULL, &bytes_encrypted) != 1)    {        CJOSE_ERROR(err, CJOSE_ERR_CRYPTO);        goto _cjose_jwe_encrypt_dat_fail;    }    // allocate buffer for the authentication tag    cjose_get_dealloc()(jwe->part[4].raw);    jwe->part[4].raw_len = 16;    if (!_cjose_jwe_malloc(jwe->part[4].raw_len, false, &jwe->part[4].raw, err))    {        goto _cjose_jwe_encrypt_dat_fail;            }    // get the GCM-mode authentication tag    if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG,             jwe->part[4].raw_len, jwe->part[4].raw) != 1)    {        CJOSE_ERROR(err, CJOSE_ERR_CRYPTO);        goto _cjose_jwe_encrypt_dat_fail;    }    EVP_CIPHER_CTX_free(ctx);//.........这里部分代码省略.........

static EVP_PKEY *do_PVK_body(const unsigned char **in,                             unsigned int saltlen, unsigned int keylen,                             pem_password_cb *cb, void *u){    EVP_PKEY *ret = NULL;    const unsigned char *p = *in;    unsigned int magic;    unsigned char *enctmp = NULL, *q;    EVP_CIPHER_CTX *cctx = EVP_CIPHER_CTX_new();    if (saltlen) {        char psbuf[PEM_BUFSIZE];        unsigned char keybuf[20];        int enctmplen, inlen;        if (cb)            inlen = cb(psbuf, PEM_BUFSIZE, 0, u);        else            inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);        if (inlen <= 0) {            PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_PASSWORD_READ);            goto err;        }        enctmp = OPENSSL_malloc(keylen + 8);        if (enctmp == NULL) {            PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE);            goto err;        }        if (!derive_pvk_key(keybuf, p, saltlen,                            (unsigned char *)psbuf, inlen))            goto err;        p += saltlen;        /* Copy BLOBHEADER across, decrypt rest */        memcpy(enctmp, p, 8);        p += 8;        if (keylen < 8) {            PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT);            goto err;        }        inlen = keylen - 8;        q = enctmp + 8;        if (!EVP_DecryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, NULL))            goto err;        if (!EVP_DecryptUpdate(cctx, q, &enctmplen, p, inlen))            goto err;        if (!EVP_DecryptFinal_ex(cctx, q + enctmplen, &enctmplen))            goto err;        magic = read_ledword((const unsigned char **)&q);        if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {            q = enctmp + 8;            memset(keybuf + 5, 0, 11);            if (!EVP_DecryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, NULL))                goto err;            OPENSSL_cleanse(keybuf, 20);            if (!EVP_DecryptUpdate(cctx, q, &enctmplen, p, inlen))                goto err;            if (!EVP_DecryptFinal_ex(cctx, q + enctmplen, &enctmplen))                goto err;            magic = read_ledword((const unsigned char **)&q);            if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {                PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT);                goto err;            }        } else            OPENSSL_cleanse(keybuf, 20);        p = enctmp;    }    ret = b2i_PrivateKey(&p, keylen); err:    EVP_CIPHER_CTX_free(cctx);    OPENSSL_free(enctmp);    return ret;}

bool Wallet::readSecurityImage(const QString& inputFilePath, unsigned char** outputBufferPtr, int* outputBufferSize) {    unsigned char ivec[16];    unsigned char ckey[32];    initializeAESKeys(ivec, ckey, _salt);    // read encrypted file    QFile inputFile(inputFilePath);    if (!inputFile.exists()) {        qCDebug(commerce) << "cannot decrypt file" << inputFilePath << "it doesn't exist";        return false;    }    inputFile.open(QIODevice::ReadOnly | QIODevice::Text);    bool foundHeader = false;    bool foundFooter = false;    QByteArray base64EncryptedBuffer;    while (!inputFile.atEnd()) {        QString line(inputFile.readLine());        if (!foundHeader) {            foundHeader = (line == IMAGE_HEADER);        } else {            foundFooter = (line == IMAGE_FOOTER);            if (!foundFooter) {                base64EncryptedBuffer.append(line);            }        }    }    inputFile.close();    if (! (foundHeader && foundFooter)) {        qCDebug(commerce) << "couldn't parse" << inputFilePath << foundHeader << foundFooter;        return false;    }    // convert to bytes    auto encryptedBuffer = QByteArray::fromBase64(base64EncryptedBuffer);    // setup decrypted buffer    unsigned char* outputBuffer = new unsigned char[encryptedBuffer.size()];    int tempSize;    // TODO: add error handling    EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new();    if (!EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, ckey, ivec)) {        qCDebug(commerce) << "decrypt init failure";        delete[] outputBuffer;        return false;    }    if (!EVP_DecryptUpdate(ctx, outputBuffer, &tempSize, (unsigned char*)encryptedBuffer.data(), encryptedBuffer.size())) {        qCDebug(commerce) << "decrypt update failure";        delete[] outputBuffer;        return false;    }    *outputBufferSize = tempSize;    if (!EVP_DecryptFinal_ex(ctx, outputBuffer + tempSize, &tempSize)) {        qCDebug(commerce) << "decrypt final failure";        delete[] outputBuffer;        return false;    }    EVP_CIPHER_CTX_free(ctx);    *outputBufferSize += tempSize;    *outputBufferPtr = outputBuffer;    qCDebug(commerce) << "decrypted buffer size" << *outputBufferSize;    return true;}

//.........这里部分代码省略.........	file_size = ftell(fp);	ciphertext_len = file_size;	if (file_size < 0 || file_size != (long)ciphertext_len) {		fprintf(stderr, "file too large/n");		return 1;	}	if (fseek(fp, 0L, SEEK_SET)) {		fprintf(stderr, "fseek failed/n");		return 1;	}	ciphertext = malloc(file_size);	plaintext = malloc(file_size);	if (!ciphertext || !plaintext) {		fprintf(stderr, "malloc failed/n");		return 1;	}	if (fread(ciphertext, 1, file_size, fp) != file_size) {		fprintf(stderr, "read error/n");		return 1;	}	if (fclose(fp)) {		fprintf(stderr, "close error/n");		return 1;	}	/* Verify file size */	if (file_size < IV_LEN + HMAC_LEN) {		fprintf(stderr, "ciphertext file is impossibly small/n");		return 1;	}	/* Verify HMAC */	{		unsigned int md_len = HMAC_LEN;		HMAC(EVP_sha256(), hmac_key, HMAC_KEY_LEN, ciphertext, ciphertext_len - HMAC_LEN, md, &md_len);		if (memcmp(md, ciphertext + ciphertext_len - HMAC_LEN, HMAC_LEN) || md_len != HMAC_LEN) {			fprintf(stderr, "HMAC FAILED/n");			return 1;		}	}	/* Get cipher type */	if (!strcmp(argv[1], "PBKDF2-SHA1-AES256-HMAC-SHA256")) {		cipher_type = EVP_aes_256_cbc();	} else {		fprintf(stderr, "cipher type '%s' not found/n", argv[1]);		return 1;	}	/* Decrypt */	if (!(ctx = EVP_CIPHER_CTX_new())) {		fprintf(stderr, "EVP_CIPHER_CTX_new failed/n");		return 1;	}	if (EVP_DecryptInit_ex(ctx, cipher_type, NULL, cipher_key, ciphertext) != 1) {		fprintf(stderr, "EVP_DecryptInit_ex failed/n");		return 1;	}	if (EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext + IV_LEN, ciphertext_len - IV_LEN - HMAC_LEN) != 1) {		fprintf(stderr, "EVP_DecryptUpdate failed/n");		return 1;	}	plaintext_len = len;	if (EVP_DecryptFinal_ex(ctx, plaintext + len, &len) != 1) {		fprintf(stderr, "EVP_DecryptFinal_ex failed/n");		return 1;	}	plaintext_len += len;	/* Write plaintext */	if (argc >= 6) {		/* to file */		fp = fopen(argv[5], "w");		if (!fp) {			fprintf(stderr, "cannot open output plaintext file %s/n", argv[4]);			return 1;		}		if (fwrite(plaintext, 1, plaintext_len, fp) != plaintext_len) {			fprintf(stderr, "write error/n");			return 1;		}		if (fclose(fp)) {			fprintf(stderr, "close error/n");			return 1;		}	} else {		/* to stdout */		if (fwrite(plaintext, 1, plaintext_len, stdout) != plaintext_len) {			fprintf(stderr, "write error/n");			return 1;		}	}	EVP_CIPHER_CTX_free(ctx);	free(ciphertext);	free(plaintext);	return 0;}

static LUA_FUNCTION(openssl_evp_encrypt){  const EVP_CIPHER* cipher = NULL;  if (lua_istable(L, 1))  {    if (lua_getmetatable(L, 1) && lua_equal(L, 1, -1))    {      lua_pop(L, 1);      lua_remove(L, 1);    }    else      luaL_error(L, "call function with invalid state");  }  cipher = get_cipher(L, 1, NULL);  if (cipher)  {    size_t input_len = 0;    const char *input = luaL_checklstring(L, 2, &input_len);    size_t key_len = 0;    const char *key = luaL_optlstring(L, 3, NULL, &key_len); /* can be NULL */    size_t iv_len = 0;    const char *iv = luaL_optlstring(L, 4, NULL, &iv_len);   /* can be NULL */    int pad = lua_isnoneornil(L, 5) ? 1 : lua_toboolean(L, 5);    ENGINE *e = lua_isnoneornil(L, 6) ? NULL : CHECK_OBJECT(6, ENGINE, "openssl.engine");    EVP_CIPHER_CTX *c = EVP_CIPHER_CTX_new();    int output_len = 0;    int len = 0;    char *buffer = NULL;    char evp_key[EVP_MAX_KEY_LENGTH] = {0};    char evp_iv[EVP_MAX_IV_LENGTH] = {0};    int ret = 0;    if (key)    {      key_len = EVP_MAX_KEY_LENGTH > key_len ? key_len : EVP_MAX_KEY_LENGTH;      memcpy(evp_key, key, key_len);    }    if (iv_len > 0 && iv)    {      iv_len = EVP_MAX_IV_LENGTH > iv_len ? iv_len : EVP_MAX_IV_LENGTH;      memcpy(evp_iv, iv, iv_len);    }    EVP_CIPHER_CTX_init(c);    ret = EVP_EncryptInit_ex(c, cipher, e, (const byte*)evp_key, iv_len > 0 ? (const byte*)evp_iv : NULL);    if (ret == 1)    {      ret = EVP_CIPHER_CTX_set_padding(c, pad);      if (ret == 1)      {        buffer = OPENSSL_malloc(input_len + EVP_CIPHER_CTX_block_size(c));        ret = EVP_EncryptUpdate(c, (byte*) buffer, &len, (const byte*)input, input_len);        if ( ret == 1 )        {          output_len += len;          ret = EVP_EncryptFinal(c, (byte*)buffer + len, &len);          if (ret == 1)          {            output_len += len;            lua_pushlstring(L,  buffer, output_len);          }        }        OPENSSL_free(buffer);      }    }    EVP_CIPHER_CTX_cleanup(c);    EVP_CIPHER_CTX_free(c);    return (ret == 1) ? ret : openssl_pushresult(L, ret);  }  else    luaL_error(L, "argument #1 is not a valid cipher algorithm or openssl.evp_cipher object");  return 0;}

ARC4::ARC4(uint32 len) : m_ctx(EVP_CIPHER_CTX_new()){    EVP_CIPHER_CTX_init(m_ctx);    EVP_EncryptInit_ex(m_ctx, EVP_rc4(), nullptr, nullptr, nullptr);    EVP_CIPHER_CTX_set_key_length(m_ctx, len);}

static boolalg_wrap_unw(const jose_hook_alg_t *alg, jose_cfg_t *cfg, const json_t *jwe,             const json_t *rcp, const json_t *jwk, json_t *cek){    const EVP_CIPHER *cph = NULL;    EVP_CIPHER_CTX *ecc = NULL;    bool ret = false;    size_t ctl = 0;    size_t ptl = 0;    int len = 0;    switch (str2enum(alg->name, NAMES, NULL)) {    case 0: cph = EVP_aes_128_wrap(); break;    case 1: cph = EVP_aes_192_wrap(); break;    case 2: cph = EVP_aes_256_wrap(); break;    default: return NULL;    }    uint8_t ky[EVP_CIPHER_key_length(cph)];    uint8_t iv[EVP_CIPHER_iv_length(cph)];    uint8_t ct[KEYMAX + EVP_CIPHER_block_size(cph) * 2];    uint8_t pt[sizeof(ct)];    memset(iv, 0xA6, sizeof(iv));    if (jose_b64_dec(json_object_get(jwk, "k"), NULL, 0) != sizeof(ky))        goto egress;    if (jose_b64_dec(json_object_get(jwk, "k"), ky, sizeof(ky)) != sizeof(ky))        goto egress;    ctl = jose_b64_dec(json_object_get(rcp, "encrypted_key"), NULL, 0);    if (ctl > sizeof(ct))        goto egress;    if (jose_b64_dec(json_object_get(rcp, "encrypted_key"), ct, ctl) != ctl)        goto egress;    ecc = EVP_CIPHER_CTX_new();    if (!ecc)        goto egress;    EVP_CIPHER_CTX_set_flags(ecc, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);    if (EVP_DecryptInit_ex(ecc, cph, NULL, ky, iv) <= 0)        goto egress;    if (EVP_DecryptUpdate(ecc, pt, &len, ct, ctl) <= 0)        goto egress;    ptl = len;    if (EVP_DecryptFinal(ecc, &pt[len], &len) <= 0)        goto egress;    ptl += len;    ret = json_object_set_new(cek, "k", jose_b64_enc(pt, ptl)) == 0;egress:    OPENSSL_cleanse(ky, sizeof(ky));    OPENSSL_cleanse(pt, sizeof(pt));    EVP_CIPHER_CTX_free(ecc);    return ret;}

static void evp_cipher_init(struct ssh_cipher_struct *cipher) {    if (cipher->ctx == NULL) {        cipher->ctx = EVP_CIPHER_CTX_new();    }    switch(cipher->ciphertype){    case SSH_AES128_CBC:        cipher->cipher = EVP_aes_128_cbc();        break;    case SSH_AES192_CBC:        cipher->cipher = EVP_aes_192_cbc();        break;    case SSH_AES256_CBC:        cipher->cipher = EVP_aes_256_cbc();        break;#ifdef HAVE_OPENSSL_EVP_AES_CTR    case SSH_AES128_CTR:        cipher->cipher = EVP_aes_128_ctr();        break;    case SSH_AES192_CTR:        cipher->cipher = EVP_aes_192_ctr();        break;    case SSH_AES256_CTR:        cipher->cipher = EVP_aes_256_ctr();        break;#else    case SSH_AES128_CTR:    case SSH_AES192_CTR:    case SSH_AES256_CTR:        SSH_LOG(SSH_LOG_WARNING, "This cipher is not available in evp_cipher_init");        break;#endif#ifdef HAVE_OPENSSL_EVP_AES_GCM    case SSH_AEAD_AES128_GCM:        cipher->cipher = EVP_aes_128_gcm();        break;    case SSH_AEAD_AES256_GCM:        cipher->cipher = EVP_aes_256_gcm();        break;#else    case SSH_AEAD_AES128_GCM:    case SSH_AEAD_AES256_GCM:        SSH_LOG(SSH_LOG_WARNING, "This cipher is not available in evp_cipher_init");        break;#endif /* HAVE_OPENSSL_EVP_AES_GCM */    case SSH_3DES_CBC:        cipher->cipher = EVP_des_ede3_cbc();        break;#ifdef WITH_BLOWFISH_CIPHER    case SSH_BLOWFISH_CBC:        cipher->cipher = EVP_bf_cbc();        break;        /* ciphers not using EVP */#endif    case SSH_AEAD_CHACHA20_POLY1305:        SSH_LOG(SSH_LOG_WARNING, "The ChaCha cipher cannot be handled here");        break;    case SSH_NO_CIPHER:        SSH_LOG(SSH_LOG_WARNING, "No valid ciphertype found");        break;    }}

int tls13_change_cipher_state(SSL *s, int which){    static const unsigned char client_handshake_traffic[] =        "client handshake traffic secret";    static const unsigned char client_application_traffic[] =        "client application traffic secret";    static const unsigned char server_handshake_traffic[] =        "server handshake traffic secret";    static const unsigned char server_application_traffic[] =        "server application traffic secret";    unsigned char key[EVP_MAX_KEY_LENGTH];    unsigned char iv[EVP_MAX_IV_LENGTH];    unsigned char secret[EVP_MAX_MD_SIZE];    unsigned char *insecret;    unsigned char *finsecret = NULL;    EVP_CIPHER_CTX *ciph_ctx;    const EVP_CIPHER *ciph = s->s3->tmp.new_sym_enc;    size_t ivlen, keylen, finsecretlen = 0;    const unsigned char *label;    size_t labellen;    int ret = 0;    if (which & SSL3_CC_READ) {        if (s->enc_read_ctx != NULL) {            EVP_CIPHER_CTX_reset(s->enc_read_ctx);        } else {            s->enc_read_ctx = EVP_CIPHER_CTX_new();            if (s->enc_read_ctx == NULL) {                SSLerr(SSL_F_TLS13_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);                goto err;            }        }        ciph_ctx = s->enc_read_ctx;        RECORD_LAYER_reset_read_sequence(&s->rlayer);    } else {        if (s->enc_write_ctx != NULL) {            EVP_CIPHER_CTX_reset(s->enc_write_ctx);        } else {            s->enc_write_ctx = EVP_CIPHER_CTX_new();            if (s->enc_write_ctx == NULL) {                SSLerr(SSL_F_TLS13_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);                goto err;            }        }        ciph_ctx = s->enc_write_ctx;        RECORD_LAYER_reset_write_sequence(&s->rlayer);    }    if (((which & SSL3_CC_CLIENT) && (which & SSL3_CC_WRITE))            || ((which & SSL3_CC_SERVER) && (which & SSL3_CC_READ))) {        if (which & SSL3_CC_HANDSHAKE) {            insecret = s->handshake_secret;            finsecret = s->client_finished_secret;            finsecretlen = sizeof(s->client_finished_secret);            label = client_handshake_traffic;            labellen = sizeof(client_handshake_traffic) - 1;        } else {            insecret = s->session->master_key;            label = client_application_traffic;            labellen = sizeof(client_application_traffic) - 1;        }    } else {        if (which & SSL3_CC_HANDSHAKE) {            insecret = s->handshake_secret;            finsecret = s->server_finished_secret;            finsecretlen = sizeof(s->server_finished_secret);            label = server_handshake_traffic;            labellen = sizeof(server_handshake_traffic) - 1;        } else {            insecret = s->session->master_key;            label = server_application_traffic;            labellen = sizeof(server_application_traffic) - 1;        }    }    if (!tls13_derive_secret(s, insecret, label, labellen, secret)) {        SSLerr(SSL_F_TLS13_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);        goto err;    }    /* TODO(size_t): convert me */    keylen = EVP_CIPHER_key_length(ciph);    if (EVP_CIPHER_mode(ciph) == EVP_CIPH_GCM_MODE)        ivlen = EVP_GCM_TLS_FIXED_IV_LEN;    else if (EVP_CIPHER_mode(ciph) == EVP_CIPH_CCM_MODE)        ivlen = EVP_CCM_TLS_FIXED_IV_LEN;    else        ivlen = EVP_CIPHER_iv_length(ciph);    if (!tls13_derive_key(s, secret, key, keylen)            || !tls13_derive_iv(s, secret, iv, ivlen)            || (finsecret != NULL && !tls13_derive_finishedkey(s, secret,                                                               finsecret,                                                               finsecretlen))) {        SSLerr(SSL_F_TLS13_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);        goto err;    }//.........这里部分代码省略.........

int Encrypt(char **cipher, const char *plain, int plen, unsigned char *aesKey, unsigned char *aesIV){	EVP_CIPHER_CTX *ctx;	unsigned char *cipher_tmp = { 0 };	int len = 0, cipherTextLen = 0;	if (!(ctx = EVP_CIPHER_CTX_new())) {		return 0;	}	if (1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, aesKey, aesIV)) {		if (ctx) EVP_CIPHER_CTX_free(ctx);		return 0;	}	cipher_tmp = (unsigned char *)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, plen + 16);	if (cipher_tmp == NULL) {		if (ctx) EVP_CIPHER_CTX_free(ctx);		return 0;	}	if (1 != EVP_EncryptUpdate(ctx, cipher_tmp, &len, plain, plen - 1)) {		if (ctx) EVP_CIPHER_CTX_free(ctx);		if (cipher_tmp) {			HeapFree(GetProcessHeap(), 0, cipher_tmp);			cipher_tmp = NULL;		}		return 0;	}	cipherTextLen = len;	if (1 != EVP_EncryptFinal_ex(ctx, cipher_tmp + len, &len)) {		if (ctx) EVP_CIPHER_CTX_free(ctx);		if (cipher_tmp) {			HeapFree(GetProcessHeap(), 0, cipher_tmp);			cipher_tmp = NULL;		}		return 0;	}	cipherTextLen += len;	if (ctx) EVP_CIPHER_CTX_free(ctx);	if (cipherTextLen <= 0) {		if (cipher_tmp) {			HeapFree(GetProcessHeap(), 0, cipher_tmp);			cipher_tmp = NULL;		}		return 0;	}	cipher_tmp[cipherTextLen] = '/0';	if ((cipherTextLen = Base64Encode(cipher, cipher_tmp, cipherTextLen + 1)) <= 0){		if (cipher_tmp) {			HeapFree(GetProcessHeap(), 0, cipher_tmp);			cipher_tmp = NULL;		}		return 0;	}	if (cipher_tmp) {		HeapFree(GetProcessHeap(), 0, cipher_tmp);		cipher_tmp = NULL;	}	return cipherTextLen;}

/** Decrypt an AES-128-CBC encrypted attribute * * @param[in] ctx		to allocate decr buffer in. * @param[out] out		where to write pointer to decr buffer. * @param[in] data		to decrypt. * @param[in] attr_len		length of encrypted data. * @param[in] data_len		length of data remaining in the packet. * @param[in] decoder_ctx	containing keys, and the IV (if we already found it). * @return *	- Number of decr bytes decrypted on success. *	- < 0 on failure. */static ssize_t sim_value_decrypt(TALLOC_CTX *ctx, uint8_t **out,				 uint8_t const *data, size_t const attr_len, size_t const data_len,				 void *decoder_ctx){	fr_sim_decode_ctx_t	*packet_ctx = decoder_ctx;	EVP_CIPHER_CTX		*evp_ctx;	EVP_CIPHER const	*evp_cipher = EVP_aes_128_cbc();	size_t			block_size = EVP_CIPHER_block_size(evp_cipher);	size_t			len = 0, decr_len = 0;	uint8_t			*decr = NULL;	if (!fr_cond_assert(attr_len <= data_len)) return -1;	FR_PROTO_HEX_DUMP(data, attr_len, "ciphertext");	/*	 *	Encrypted values must be a multiple of 16.	 *	 *	There's a padding attribute to ensure they	 *	always can be...	 */	if (attr_len % block_size) {		fr_strerror_printf("%s: Encrypted attribute is not a multiple of cipher's block size (%zu)",				   __FUNCTION__, block_size);		return -1;	}	/*	 *	Ugh, now we have to go hunting for it....	 */	if (!packet_ctx->have_iv) {		uint8_t const	*p = data + attr_len;	/* Skip to the end of packet_ctx attribute */		uint8_t const	*end = data + data_len;		while ((size_t)(end - p) >= sizeof(uint32_t)) {			uint8_t	 sim_at = p[0];			size_t	 sim_at_len = p[1] * sizeof(uint32_t);			if (sim_at_len == 0) {				fr_strerror_printf("%s: Failed IV search.  AT Length field is zero", __FUNCTION__);				return -1;			}			if ((p + sim_at_len) > end) {				fr_strerror_printf("%s: Invalid IV length, longer than remaining data", __FUNCTION__);				return -1;			}			if (sim_at == FR_SIM_IV) {				if (sim_iv_extract(&(packet_ctx->iv[0]), p + 2, sim_at_len - 2) < 0) return -1;				packet_ctx->have_iv = true;				break;			}			p += sim_at_len;		}		if (!packet_ctx->have_iv) {			fr_strerror_printf("%s: No IV present in packet, can't decrypt data", __FUNCTION__);			return -1;		}	}	evp_ctx = EVP_CIPHER_CTX_new();	if (!evp_ctx) {		tls_strerror_printf("%s: Failed initialising EVP ctx", __FUNCTION__);		return -1;	}	if (!EVP_DecryptInit_ex(evp_ctx, evp_cipher, NULL, packet_ctx->keys->k_encr, packet_ctx->iv)) {		tls_strerror_printf("%s: Failed setting decryption parameters", __FUNCTION__);	error:		talloc_free(decr);		EVP_CIPHER_CTX_free(evp_ctx);		return -1;	}	MEM(decr = talloc_zero_array(ctx, uint8_t, attr_len));	/*	 *	By default OpenSSL expects 16 bytes of cleartext	 *	to produce 32 bytes of ciphertext, due to padding	 *	being added if the decr is a multiple of 16.	 *	 *	There's no way for OpenSSL to determine if a	 *	16 byte ciphertext was padded or not, so we need to	 *	inform OpenSSL explicitly that there's no padding.	 */	EVP_CIPHER_CTX_set_padding(evp_ctx, 0);//.........这里部分代码省略.........

int Decrypt(char **plain, const char *cipher, int clen, unsigned char *aesKey, unsigned char *aesIV){	EVP_CIPHER_CTX *ctx;	int len = 0, b64DecodedLen = 0, plainTextLen = 0, retValue = 0;	unsigned char *plain_tmp = { 0 };	b64DecodedLen = Base64Decode(&plain_tmp, cipher);	if (b64DecodedLen == 0) return 0;	if (!(ctx = EVP_CIPHER_CTX_new())) {		if (plain_tmp) {			HeapFree(GetProcessHeap(), 0, plain_tmp);			plain_tmp = NULL;		}		return 0;	}	if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, aesKey, aesIV)){		if (ctx) EVP_CIPHER_CTX_free(ctx);		if (plain_tmp) {			HeapFree(GetProcessHeap(), 0, plain_tmp);			plain_tmp = NULL;		}		return 0;	}	*plain = (char*)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, b64DecodedLen);	if (*plain == NULL) return 0;	if (1 != EVP_DecryptUpdate(ctx, *plain, &len, plain_tmp, b64DecodedLen - 1)){		if (ctx) EVP_CIPHER_CTX_free(ctx);		if (plain_tmp) {			HeapFree(GetProcessHeap(), 0, plain_tmp);			plain_tmp = NULL;		}		if (plain) {			HeapFree(GetProcessHeap(), 0, plain);			plain = NULL;		}		return 0;	}	if (plain_tmp) {		HeapFree(GetProcessHeap(), 0, plain_tmp);		plain_tmp = NULL;	}	plainTextLen = len;	if (1 != EVP_DecryptFinal_ex(ctx, *plain + len, &len)){		if (ctx) EVP_CIPHER_CTX_free(ctx);		if (plain) {			HeapFree(GetProcessHeap(), 0, plain);			plain = NULL;		}		return 0;	}	plainTextLen += len;	retValue = plainTextLen;	*(*plain + plainTextLen) = '/0';	if (ctx) EVP_CIPHER_CTX_free(ctx);	return retValue;}

    jdoubleArray Java_de_blinkt_openvpn_core_NativeUtils_getOpenSSLSpeed(JNIEnv* env, jclass thiz, jstring algorithm, jint testnumber){    static const unsigned char key16[16] = {        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,        0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12    };    const EVP_CIPHER *evp_cipher = NULL;    const char* alg = (*env)->GetStringUTFChars( env, algorithm , NULL ) ;    evp_cipher = EVP_get_cipherbyname(alg);    if (evp_cipher == NULL)        evp_md = EVP_get_digestbyname(alg);    if (evp_cipher == NULL && evp_md == NULL) {        //        BIO_printf(bio_err, "%s: %s is an unknown cipher or digest/n", prog, opt_arg());        //jniThrowException(env, "java/security/NoSuchAlgorithmException", "Algorithm not found");        return NULL;    }    const char* name;    loopargs_t *loopargs = NULL;    int loopargs_len = 1;    int async_jobs=0;    loopargs = malloc(loopargs_len * sizeof(loopargs_t));    memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));    jdoubleArray ret = (*env)->NewDoubleArray(env, 3);    if (testnum < 0 || testnum >= SIZE_NUM)        return NULL;    testnum = testnumber;    for (int i = 0; i < loopargs_len; i++) {        int misalign=0;        loopargs[i].buf_malloc = malloc((int)BUFSIZE + MAX_MISALIGNMENT + 1);        loopargs[i].buf2_malloc = malloc((int)BUFSIZE + MAX_MISALIGNMENT + 1);        /* Align the start of buffers on a 64 byte boundary */        loopargs[i].buf = loopargs[i].buf_malloc + misalign;        loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;    }    int count;    float d;    if (evp_cipher) {        name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));        /*         * -O3 -fschedule-insns messes up an optimization here!         * names[D_EVP] somehow becomes NULL         */        for (int k = 0; k < loopargs_len; k++) {            loopargs[k].ctx = EVP_CIPHER_CTX_new();            if (decrypt)                EVP_DecryptInit_ex(loopargs[k].ctx, evp_cipher, NULL, key16, iv);            else                EVP_EncryptInit_ex(loopargs[k].ctx, evp_cipher, NULL, key16, iv);            EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);        }        Time_F(START);        pthread_t timer_thread;        if (pthread_create(&timer_thread, NULL, stop_run, NULL))            return NULL;        count = run_benchmark(async_jobs, EVP_Update_loop, loopargs);        d = Time_F(STOP);        for (int k = 0; k < loopargs_len; k++) {            EVP_CIPHER_CTX_free(loopargs[k].ctx);        }    }    if (evp_md) {        name = OBJ_nid2ln(EVP_MD_type(evp_md));        //            print_message(names[D_EVP], save_count, lengths[testnum]);        pthread_t timer_thread;        if (pthread_create(&timer_thread, NULL, stop_run, NULL))            return NULL;        Time_F(START);        count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);        d = Time_F(STOP);    }    // Save results in hacky way    double results[] = {(double) lengths[testnum], (double) count, d};    (*env)->SetDoubleArrayRegion(env, ret, 0, 3, results);    //        print_result(D_EVP, testnum, count, d);    return ret;//.........这里部分代码省略.........

static bool _cjose_jwe_decrypt_dat_a256gcm(        cjose_jwe_t *jwe,         cjose_err *err){    EVP_CIPHER_CTX *ctx = NULL;    // get A256GCM cipher    const EVP_CIPHER *cipher = EVP_aes_256_gcm();    if (NULL == cipher)    {        CJOSE_ERROR(err, CJOSE_ERR_CRYPTO);        goto _cjose_jwe_decrypt_dat_a256gcm_fail;    }    // instantiate and initialize a new openssl cipher context    ctx = EVP_CIPHER_CTX_new();    if (NULL == ctx)    {        CJOSE_ERROR(err, CJOSE_ERR_CRYPTO);        goto _cjose_jwe_decrypt_dat_a256gcm_fail;    }    EVP_CIPHER_CTX_init(ctx);    // initialize context for decryption using A256GCM cipher and CEK and IV    if (EVP_DecryptInit_ex(ctx, cipher, NULL, jwe->cek, jwe->part[2].raw) != 1)    {        CJOSE_ERROR(err, CJOSE_ERR_CRYPTO);        goto _cjose_jwe_decrypt_dat_a256gcm_fail;    }    // set the expected GCM-mode authentication tag    if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG,             jwe->part[4].raw_len, jwe->part[4].raw) != 1)    {        CJOSE_ERROR(err, CJOSE_ERR_CRYPTO);        goto _cjose_jwe_decrypt_dat_a256gcm_fail;    }    // set GCM mode AAD data (hdr_b64u) by setting "out" to NULL    int bytes_decrypted = 0;    if (EVP_DecryptUpdate(ctx,                 NULL, &bytes_decrypted,                 (unsigned char *)jwe->part[0].b64u,                 jwe->part[0].b64u_len) != 1 ||                bytes_decrypted != jwe->part[0].b64u_len)    {        CJOSE_ERROR(err, CJOSE_ERR_CRYPTO);        goto _cjose_jwe_decrypt_dat_a256gcm_fail;    }    // allocate buffer for the plaintext    cjose_get_dealloc()(jwe->dat);    jwe->dat_len = jwe->part[3].raw_len;    if (!_cjose_jwe_malloc(jwe->dat_len, false, &jwe->dat, err))    {        goto _cjose_jwe_decrypt_dat_a256gcm_fail;    }    // decrypt ciphertext to plaintext buffer    if (EVP_DecryptUpdate(ctx,             jwe->dat, &bytes_decrypted,             jwe->part[3].raw, jwe->part[3].raw_len) != 1)    {        CJOSE_ERROR(err, CJOSE_ERR_CRYPTO);        goto _cjose_jwe_decrypt_dat_a256gcm_fail;    }    jwe->dat_len = bytes_decrypted;    // finalize the encryption    if (EVP_DecryptFinal_ex(ctx, NULL, &bytes_decrypted) != 1)    {        CJOSE_ERROR(err, CJOSE_ERR_CRYPTO);        goto _cjose_jwe_decrypt_dat_a256gcm_fail;    }    EVP_CIPHER_CTX_free(ctx);    return true;    _cjose_jwe_decrypt_dat_a256gcm_fail:    if (NULL != ctx)    {        EVP_CIPHER_CTX_free(ctx);    }    return false;}

int main(void) {	EVP_CIPHER_CTX *ctx = NULL;	unsigned char key[16];	unsigned char iv[12];	unsigned char tag[16];	unsigned char data[128];	unsigned char ori_msg[128];	unsigned char enc_msg[128+16];	unsigned char dec_msg[128];	int r, len, enc_msg_len, dec_msg_len;	const EVP_CIPHER* cipher = NULL;	ERR_load_CRYPTO_strings();	OPENSSL_add_all_algorithms_noconf();	r = RAND_bytes(key, sizeof(key));	assert(r == 1);	r = RAND_bytes(iv, sizeof(iv));	assert(r == 1);	r = RAND_pseudo_bytes(data, sizeof(data));	assert(r == 1);	r = RAND_pseudo_bytes(ori_msg, sizeof(ori_msg));	assert(r == 1);	r = RAND_pseudo_bytes(enc_msg, sizeof(enc_msg));	assert(r == 1);	cipher = EVP_aes_128_gcm();	ctx = EVP_CIPHER_CTX_new();	assert(ctx);	EVP_CIPHER_CTX_init(ctx);	len = EVP_CIPHER_key_length(cipher);	assert(len == sizeof(key));	len = EVP_CIPHER_iv_length(cipher);	assert(len == sizeof(iv));	r = EVP_EncryptInit_ex(ctx, cipher, NULL, key, iv);	assert(r == 1);	r = EVP_EncryptUpdate(ctx, NULL, &enc_msg_len, data, sizeof(data));	assert(r == 1);	r = EVP_EncryptUpdate(ctx, enc_msg, &enc_msg_len, ori_msg, sizeof(ori_msg));	assert(r == 1);	assert(enc_msg_len == sizeof(ori_msg));	r = EVP_EncryptFinal_ex(ctx, enc_msg + enc_msg_len, &len);	assert(r == 1);	assert(len == 0);	r = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, sizeof(tag), tag);	assert(r == 1);	r = EVP_DecryptInit_ex(ctx, cipher, NULL, key, iv);	assert(r == 1);	r = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof(tag), tag);	assert(r == 1);	r = EVP_DecryptUpdate(ctx, NULL, &dec_msg_len, data, sizeof(data));	assert(r == 1);	r = EVP_DecryptUpdate(ctx, dec_msg, &dec_msg_len, enc_msg, enc_msg_len);	assert(r == 1);	assert(dec_msg_len == enc_msg_len);	r = EVP_DecryptFinal_ex(ctx, dec_msg + dec_msg_len, &len);	assert(r == 1);	assert(len == 0);	assert(memcmp(ori_msg, dec_msg, dec_msg_len) == 0);	EVP_CIPHER_CTX_free(ctx);	puts("OK!");	return 0;}

static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,                   pem_password_cb *cb, void *u){    int outlen = 24, pklen;    unsigned char *p, *salt = NULL;    EVP_CIPHER_CTX *cctx = EVP_CIPHER_CTX_new();    if (enclevel)        outlen += PVK_SALTLEN;    pklen = do_i2b(NULL, pk, 0);    if (pklen < 0)        return -1;    outlen += pklen;    if (!out)        return outlen;    if (*out)        p = *out;    else {        p = OPENSSL_malloc(outlen);        if (p == NULL) {            PEMerr(PEM_F_I2B_PVK, ERR_R_MALLOC_FAILURE);            return -1;        }        *out = p;    }    write_ledword(&p, MS_PVKMAGIC);    write_ledword(&p, 0);    if (EVP_PKEY_id(pk) == EVP_PKEY_DSA)        write_ledword(&p, MS_KEYTYPE_SIGN);    else        write_ledword(&p, MS_KEYTYPE_KEYX);    write_ledword(&p, enclevel ? 1 : 0);    write_ledword(&p, enclevel ? PVK_SALTLEN : 0);    write_ledword(&p, pklen);    if (enclevel) {        if (RAND_bytes(p, PVK_SALTLEN) <= 0)            goto error;        salt = p;        p += PVK_SALTLEN;    }    do_i2b(&p, pk, 0);    if (enclevel == 0)        return outlen;    else {        char psbuf[PEM_BUFSIZE];        unsigned char keybuf[20];        int enctmplen, inlen;        if (cb)            inlen = cb(psbuf, PEM_BUFSIZE, 1, u);        else            inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 1, u);        if (inlen <= 0) {            PEMerr(PEM_F_I2B_PVK, PEM_R_BAD_PASSWORD_READ);            goto error;        }        if (!derive_pvk_key(keybuf, salt, PVK_SALTLEN,                            (unsigned char *)psbuf, inlen))            goto error;        if (enclevel == 1)            memset(keybuf + 5, 0, 11);        p = salt + PVK_SALTLEN + 8;        if (!EVP_EncryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, NULL))            goto error;        OPENSSL_cleanse(keybuf, 20);        if (!EVP_DecryptUpdate(cctx, p, &enctmplen, p, pklen - 8))            goto error;        if (!EVP_DecryptFinal_ex(cctx, p + enctmplen, &enctmplen))            goto error;    }    EVP_CIPHER_CTX_free(cctx);    return outlen; error:    EVP_CIPHER_CTX_free(cctx);    return -1;}

X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher,                                  const unsigned char *salt, int saltlen,                                  unsigned char *aiv, uint64_t N, uint64_t r,                                  uint64_t p){    X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;    int alg_nid;    size_t keylen = 0;    EVP_CIPHER_CTX *ctx = NULL;    unsigned char iv[EVP_MAX_IV_LENGTH];    PBE2PARAM *pbe2 = NULL;    ASN1_OBJECT *obj;    if (!cipher) {        ASN1err(ASN1_F_PKCS5_PBE2_SET_SCRYPT, ERR_R_PASSED_NULL_PARAMETER);        goto err;    }    if (EVP_PBE_scrypt(NULL, 0, NULL, 0, N, r, p, 0, NULL, 0) == 0) {        ASN1err(ASN1_F_PKCS5_PBE2_SET_SCRYPT,                ASN1_R_INVALID_SCRYPT_PARAMETERS);        goto err;    }    alg_nid = EVP_CIPHER_type(cipher);    if (alg_nid == NID_undef) {        ASN1err(ASN1_F_PKCS5_PBE2_SET_SCRYPT,                ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);        goto err;    }    obj = OBJ_nid2obj(alg_nid);    pbe2 = PBE2PARAM_new();    if (pbe2 == NULL)        goto merr;    /* Setup the AlgorithmIdentifier for the encryption scheme */    scheme = pbe2->encryption;    scheme->algorithm = obj;    scheme->parameter = ASN1_TYPE_new();    if (scheme->parameter == NULL)        goto merr;    /* Create random IV */    if (EVP_CIPHER_iv_length(cipher)) {        if (aiv)            memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));        else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)            goto err;    }    ctx = EVP_CIPHER_CTX_new();    if (ctx == NULL)        goto merr;    /* Dummy cipherinit to just setup the IV */    if (EVP_CipherInit_ex(ctx, cipher, NULL, NULL, iv, 0) == 0)        goto err;    if (EVP_CIPHER_param_to_asn1(ctx, scheme->parameter) < 0) {        ASN1err(ASN1_F_PKCS5_PBE2_SET_SCRYPT,                ASN1_R_ERROR_SETTING_CIPHER_PARAMS);        goto err;    }    EVP_CIPHER_CTX_free(ctx);    ctx = NULL;    /* If its RC2 then we'd better setup the key length */    if (alg_nid == NID_rc2_cbc)        keylen = EVP_CIPHER_key_length(cipher);    /* Setup keyfunc */    X509_ALGOR_free(pbe2->keyfunc);    pbe2->keyfunc = pkcs5_scrypt_set(salt, saltlen, keylen, N, r, p);    if (pbe2->keyfunc == NULL)        goto merr;    /* Now set up top level AlgorithmIdentifier */    ret = X509_ALGOR_new();    if (ret == NULL)        goto merr;    ret->algorithm = OBJ_nid2obj(NID_pbes2);    /* Encode PBE2PARAM into parameter */    if (ASN1_TYPE_pack_sequence(ASN1_ITEM_rptr(PBE2PARAM), pbe2,                                &ret->parameter) == NULL)        goto merr;    PBE2PARAM_free(pbe2);    pbe2 = NULL;    return ret; merr://.........这里部分代码省略.........

static int test_tls13_encryption(void){    SSL_CTX *ctx = NULL;    SSL *s = NULL;    SSL3_RECORD rec;    unsigned char *key = NULL, *iv = NULL, *seq = NULL;    const EVP_CIPHER *ciph = EVP_aes_128_gcm();    int ret = 0;    size_t ivlen, ctr;    /*     * Encrypted TLSv1.3 records always have an outer content type of     * application data, and a record version of TLSv1.2.     */    rec.data = NULL;    rec.type = SSL3_RT_APPLICATION_DATA;    rec.rec_version = TLS1_2_VERSION;    ctx = SSL_CTX_new(TLS_method());    if (!TEST_ptr(ctx)) {        TEST_info("Failed creating SSL_CTX");        goto err;    }    s = SSL_new(ctx);    if (!TEST_ptr(s)) {        TEST_info("Failed creating SSL");        goto err;    }    s->enc_read_ctx = EVP_CIPHER_CTX_new();    if (!TEST_ptr(s->enc_read_ctx))        goto err;    s->enc_write_ctx = EVP_CIPHER_CTX_new();    if (!TEST_ptr(s->enc_write_ctx))        goto err;    s->s3->tmp.new_cipher = SSL_CIPHER_find(s, TLS13_AES_128_GCM_SHA256_BYTES);    if (!TEST_ptr(s->s3->tmp.new_cipher)) {        TEST_info("Failed to find cipher");        goto err;    }    for (ctr = 0; ctr < OSSL_NELEM(refdata); ctr++) {        /* Load the record */        ivlen = EVP_CIPHER_iv_length(ciph);        if (!load_record(&rec, &refdata[ctr], &key, s->read_iv, ivlen,                         RECORD_LAYER_get_read_sequence(&s->rlayer))) {            TEST_error("Failed loading key into EVP_CIPHER_CTX");            goto err;        }        /* Set up the read/write sequences */        memcpy(RECORD_LAYER_get_write_sequence(&s->rlayer),               RECORD_LAYER_get_read_sequence(&s->rlayer), SEQ_NUM_SIZE);        memcpy(s->write_iv, s->read_iv, ivlen);        /* Load the key into the EVP_CIPHER_CTXs */        if (EVP_CipherInit_ex(s->enc_write_ctx, ciph, NULL, key, NULL, 1) <= 0                || EVP_CipherInit_ex(s->enc_read_ctx, ciph, NULL, key, NULL, 0)                   <= 0) {            TEST_error("Failed loading key into EVP_CIPHER_CTX/n");            goto err;        }        /* Encrypt it */        if (!TEST_size_t_eq(tls13_enc(s, &rec, 1, 1), 1)) {            TEST_info("Failed to encrypt record %zu", ctr);            goto err;        }        if (!TEST_true(test_record(&rec, &refdata[ctr], 1))) {            TEST_info("Record %zu encryption test failed", ctr);            goto err;        }        /* Decrypt it */        if (!TEST_int_eq(tls13_enc(s, &rec, 1, 0), 1)) {            TEST_info("Failed to decrypt record %zu", ctr);            goto err;        }        if (!TEST_true(test_record(&rec, &refdata[ctr], 0))) {            TEST_info("Record %zu decryption test failed", ctr);            goto err;        }        OPENSSL_free(rec.data);        OPENSSL_free(key);        OPENSSL_free(iv);        OPENSSL_free(seq);        rec.data = NULL;        key = NULL;        iv = NULL;        seq = NULL;    }    TEST_note("PASS: %zu records tested", ctr);    ret = 1; err://.........这里部分代码省略.........

int decodeFile(const char* filenameOut, const char* filenameIn) {	int ret = 0;	int filenameSizeIn = strlen(filenameIn)*sizeof(char)+1;	int filenameSizeOut = strlen(filenameOut)*sizeof(char)+1;	char encFilename[filenameSizeIn];	char decFilename[filenameSizeOut];	strncpy(encFilename, filenameIn, filenameSizeIn);	encFilename[filenameSizeIn-1]=0;	strncpy(decFilename, filenameOut, filenameSizeOut);	decFilename[filenameSizeOut-1]=0;	    	EVP_CIPHER_CTX *d_ctx = EVP_CIPHER_CTX_new();//    	unsigned char * key = new unsigned char[KEYSIZE];//    	loadKey("key", key, KEYSIZE);//    	unsigned char key[] = "01234567890123450123456789012345"; // 256-bit//    	unsigned char iv[] = "01234567890123456";     	FILE *enc_file, *dec_file;	printf("dec filename: %s/n", decFilename);    	enc_file = fopen ( encFilename, "rb" );    	dec_file = fopen ( decFilename, "wb" );    	unsigned char *encData, *decData;    	int decData_len = 0;    	int len = 0;    	int bytesread = 0;    	/**     	* DECRYPT     	*/    	//if (!( EVP_DecryptInit_ex(d_ctx, EVP_aes_256_cbc(), NULL, key, iv) )) {    	if (!( EVP_DecryptInit_ex(d_ctx, EVP_aes_256_cbc(), NULL, cKeyBuffer, iv) )) {    		ret = -1;			printf("ERROR: EVP_DECRYPTINIT_EX/n");    	}    	// go through file, and decrypt    	if ( enc_file != NULL ) {    		encData = new unsigned char[aes_blocksize];    		decData = new unsigned char[aes_blocksize+EVP_CIPHER_CTX_block_size(d_ctx)]; // potential for output to be 16 bytes longer than original		printf( "Decoding file: %s/n", decFilename);					bytesread = fread(encData, 1, aes_blocksize, enc_file);		// read bytes from file, then send to cipher		while ( bytesread ) {			if (!(EVP_DecryptUpdate(d_ctx, decData, &len, encData, bytesread ))) {				ret = -1;				printf( "ERROR: EVP_DECRYPTUPDATE/n");			}			decData_len = len;			fwrite(decData, 1, decData_len, dec_file );			// read more bytes			bytesread = fread(encData, 1, aes_blocksize, enc_file);		}		// last step of decryption		if (!(EVP_DecryptFinal_ex(d_ctx, decData, &len))) {			ret = -1;			printf( "ERROR: EVP_DECRYPTFINAL_EX/n");		}		decData_len = len;		fwrite(decData, 1, decData_len, dec_file );		// free cipher		EVP_CIPHER_CTX_free(d_ctx);		// close files		printf( "/t>>/n");		fclose(enc_file);    		fclose(dec_file);	} else {		printf( "Unable to open files for encoding/n");		ret = -1;		return ret;	}	return ret;}

intcipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher,    const u_char *key, u_int keylen, const u_char *iv, u_int ivlen,    int do_encrypt){	struct sshcipher_ctx *cc = NULL;	int ret = SSH_ERR_INTERNAL_ERROR;#ifdef WITH_OPENSSL	const EVP_CIPHER *type;	int klen;	u_char *junk, *discard;#endif	*ccp = NULL;	if ((cc = calloc(sizeof(*cc), 1)) == NULL)		return SSH_ERR_ALLOC_FAIL;	if (cipher->number == SSH_CIPHER_DES) {		if (keylen > 8)			keylen = 8;	}	cc->plaintext = (cipher->number == SSH_CIPHER_NONE);	cc->encrypt = do_encrypt;	if (keylen < cipher->key_len ||	    (iv != NULL && ivlen < cipher_ivlen(cipher))) {		ret = SSH_ERR_INVALID_ARGUMENT;		goto out;	}	cc->cipher = cipher;	if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) {		ret = chachapoly_init(&cc->cp_ctx, key, keylen);		goto out;	}#ifndef WITH_OPENSSL	if ((cc->cipher->flags & CFLAG_AESCTR) != 0) {		aesctr_keysetup(&cc->ac_ctx, key, 8 * keylen, 8 * ivlen);		aesctr_ivsetup(&cc->ac_ctx, iv);		ret = 0;		goto out;	}	if ((cc->cipher->flags & CFLAG_NONE) != 0) {		ret = 0;		goto out;	}	ret = SSH_ERR_INVALID_ARGUMENT;	goto out;#else /* WITH_OPENSSL */	type = (*cipher->evptype)();	if ((cc->evp = EVP_CIPHER_CTX_new()) == NULL) {		ret = SSH_ERR_ALLOC_FAIL;		goto out;	}	if (EVP_CipherInit(cc->evp, type, NULL, (const u_char *)iv,	    (do_encrypt == CIPHER_ENCRYPT)) == 0) {		ret = SSH_ERR_LIBCRYPTO_ERROR;		goto out;	}	if (cipher_authlen(cipher) &&	    !EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_SET_IV_FIXED,	    -1, __UNCONST(iv))) {		ret = SSH_ERR_LIBCRYPTO_ERROR;		goto out;	}	klen = EVP_CIPHER_CTX_key_length(cc->evp);	if (klen > 0 && keylen != (u_int)klen) {		if (EVP_CIPHER_CTX_set_key_length(cc->evp, keylen) == 0) {			ret = SSH_ERR_LIBCRYPTO_ERROR;			goto out;		}	}	if (EVP_CipherInit(cc->evp, NULL, __UNCONST(key), NULL, -1) == 0) {		ret = SSH_ERR_LIBCRYPTO_ERROR;		goto out;	}	if (cipher->discard_len > 0) {		if ((junk = malloc(cipher->discard_len)) == NULL ||		    (discard = malloc(cipher->discard_len)) == NULL) {			free(junk);			ret = SSH_ERR_ALLOC_FAIL;			goto out;		}		ret = EVP_Cipher(cc->evp, discard, junk, cipher->discard_len);		explicit_bzero(discard, cipher->discard_len);		free(junk);		free(discard);		if (ret != 1) {			ret = SSH_ERR_LIBCRYPTO_ERROR;			goto out;		}	}	ret = 0;#endif /* WITH_OPENSSL */ out:	if (ret == 0) {		/* success */		*ccp = cc;//.........这里部分代码省略.........

int encodeFile(const char* filenameOut, const char* filenameIn) {	int ret = 0;	int filenameInSize = strlen(filenameIn)*sizeof(char)+1;	int filenameOutSize = strlen(filenameOut)*sizeof(char)+1;	char filename[filenameInSize];	char encFilename[filenameOutSize];	// create key, if it's uninitialized	int seedbytes = 1024;		memset(cKeyBuffer, 0, KEYSIZE );		if (!opensslIsSeeded) {			if (!RAND_load_file("/dev/urandom", seedbytes)) {				//__android_log_print(ANDROID_LOG_ERROR, TAG, "Failed to seed OpenSSL RNG");				return -1;			}			opensslIsSeeded = 1;		}		if (!RAND_bytes((unsigned char *)cKeyBuffer, KEYSIZE )) {			//__android_log_print(ANDROID_LOG_ERROR, TAG, "Faled to create OpenSSSL random integers: %ul", ERR_get_error);		}	strncpy(encFilename, filenameOut, filenameOutSize);	encFilename[filenameOutSize-1]=0;	strncpy(filename, filenameIn, filenameInSize);	filename[filenameInSize-1]=0;    	EVP_CIPHER_CTX *e_ctx = EVP_CIPHER_CTX_new();//    	unsigned char * key = new unsigned char[KEYSIZE];//    	loadKey("key", key, KEYSIZE);//    	unsigned char key[] = "01234567890123450123456789012345"; // 256-bit     	FILE *orig_file, *enc_file;	printf ("filename: %s/n" ,filename );	printf ("enc filename: %s/n" ,encFilename );    	orig_file = fopen( filename, "rb" );    	enc_file = fopen ( encFilename, "wb" );    	unsigned char *encData, *origData;    	int encData_len = 0;    	int len = 0;    	int bytesread = 0;    	/**     	* ENCRYPT     	*/	//if (!(EVP_EncryptInit_ex(e_ctx, EVP_aes_256_cbc(), NULL, key, iv ))) {    if (!(EVP_EncryptInit_ex(e_ctx, EVP_aes_256_cbc(), NULL, cKeyBuffer, iv ))) {		ret = -1;		printf( "ERROR: EVP_ENCRYPTINIT_EX/n");	}	    	// go through file, and encrypt    	if ( orig_file != NULL ) {    		origData = new unsigned char[aes_blocksize];    		encData = new unsigned char[aes_blocksize+EVP_CIPHER_CTX_block_size(e_ctx)]; // potential for encryption to be 16 bytes longer than original		printf( "Encoding file: %s/n", filename);		bytesread = fread(origData, 1, aes_blocksize, orig_file);		// read bytes from file, then send to cipher		while ( bytesread ) {			if (!(EVP_EncryptUpdate(e_ctx, encData, &len, origData, bytesread))) {				ret = -1;				printf( "ERROR: EVP_ENCRYPTUPDATE/n");			}			encData_len = len;			fwrite(encData, 1, encData_len, enc_file );			// read more bytes			bytesread = fread(origData, 1, aes_blocksize, orig_file);		}		// last step encryption		if (!(EVP_EncryptFinal_ex(e_ctx, encData, &len))) {			ret = -1;			printf( "ERROR: EVP_ENCRYPTFINAL_EX/n");		}		encData_len = len;		fwrite(encData, 1, encData_len, enc_file );		// free cipher		EVP_CIPHER_CTX_free(e_ctx);		// 	close files		printf( "/t>>/n");		fclose(orig_file);		fclose(enc_file);	} else {		printf( "Unable to open files for encoding/n");		ret = -1;//.........这里部分代码省略.........

static int w_crypto_aes_encrypt(sip_msg_t* msg, char* inb, char* keyb, char* outb){	str ins;	str keys;	pv_spec_t *dst;	pv_value_t val;	EVP_CIPHER_CTX *en = NULL;	str etext;	if (fixup_get_svalue(msg, (gparam_t*)inb, &ins) != 0) {		LM_ERR("cannot get input value/n");		return -1;	}	if (fixup_get_svalue(msg, (gparam_t*)keyb, &keys) != 0) {		LM_ERR("cannot get key value/n");		return -1;	}	en = EVP_CIPHER_CTX_new();	if(en==NULL) {		LM_ERR("cannot get new cipher context/n");		return -1;	}	dst = (pv_spec_t*)outb;	/* gen key and iv. init the cipher ctx object */	if (crypto_aes_init((unsigned char *)keys.s, keys.len,				(unsigned char*)((_crypto_salt_param)?_crypto_salt:0), en, NULL)) {		EVP_CIPHER_CTX_free(en);		LM_ERR("couldn't initialize AES cipher/n");		return -1;	}	etext.len = ins.len;	etext.s = (char *)crypto_aes_encrypt(en, (unsigned char *)ins.s, &etext.len);	if(etext.s==NULL) {		EVP_CIPHER_CTX_free(en);		LM_ERR("AES encryption failed/n");		return -1;	}	memset(&val, 0, sizeof(pv_value_t));	val.rs.s = pv_get_buffer();	val.rs.len = base64_enc((unsigned char *)etext.s, etext.len,					(unsigned char *)val.rs.s, pv_get_buffer_size()-1);	if (val.rs.len < 0) {		EVP_CIPHER_CTX_free(en);		LM_ERR("base64 output of encrypted value is too large (need %d)/n",				-val.rs.len);		goto error;	}	LM_DBG("base64 encrypted result: [%.*s]/n", val.rs.len, val.rs.s);	val.flags = PV_VAL_STR;	dst->setf(msg, &dst->pvp, (int)EQ_T, &val);	free(etext.s);	EVP_CIPHER_CTX_cleanup(en);	EVP_CIPHER_CTX_free(en);	return 1;error:	free(etext.s);	EVP_CIPHER_CTX_cleanup(en);	EVP_CIPHER_CTX_free(en);	return -1;}

void CC_AES(const EVP_CIPHER *cipher,						C_BLOB &Param1,						C_BLOB &Param2,						C_LONGINT &Param3,						C_LONGINT &Param5,						C_LONGINT &Param6,						C_BLOB &Param7,						C_BLOB &Param8,						C_TEXT &returnValue){	EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();		unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];		const unsigned char *source = (const unsigned char *)Param1.getBytesPtr();	int source_len = Param1.getBytesLength();	int crypted_len, tail_len;		bool key_and_iv_is_valid = false;		if(  !Param2.getBytesLength()		 && Param7.getBytesLength()		 && Param8.getBytesLength()		 && Param7.getBytesLength() <= EVP_MAX_KEY_LENGTH		 && Param8.getBytesLength() <= EVP_MAX_IV_LENGTH)	{		memset(key, 0, EVP_MAX_KEY_LENGTH);		memset( iv, 0, EVP_MAX_IV_LENGTH );		memcpy(key, Param7.getBytesPtr(), Param7.getBytesLength());		memcpy( iv, Param8.getBytesPtr(), Param8.getBytesLength());		key_and_iv_is_valid = true;	}else	{		// passphrase -> key, iv		key_and_iv_is_valid = (EVP_BytesToKey(cipher, EVP_md5(), NULL,																					Param2.getBytesPtr(), Param2.getBytesLength(),																					2048, key, iv) > 0);	}		if (key_and_iv_is_valid) {		if(EVP_CipherInit(ctx, cipher, key, iv, 0 == Param3.getIntValue()))		{			if(Param6.getIntValue())			{				EVP_CIPHER_CTX_set_padding(ctx, 0);			}			size_t buf_size = source_len + EVP_MAX_BLOCK_LENGTH;			unsigned char *buf = (unsigned char *)calloc(buf_size, sizeof(unsigned char));			if(EVP_CipherUpdate(ctx, buf, &crypted_len, source, source_len))			{				if(EVP_CipherFinal(ctx, (buf + crypted_len), &tail_len))				{					crypted_len += tail_len;					C_BLOB temp;					temp.setBytes((const uint8_t *)buf, crypted_len);										switch (Param5.getIntValue())					{						case 1:							temp.toB64Text(&returnValue);							break;						case 2:							temp.toB64Text(&returnValue, true);							break;						default:							temp.toHexText(&returnValue);							break;					}				}			}			free(buf);		}		EVP_CIPHER_CTX_free(ctx);	}}

void * decryption_func(void *arg){  struct decryption_func_locals *dfargs;  unsigned char *pwd, *key, *iv, *out;  unsigned int pwd_len, len, out_len1, out_len2;  int ret, found;  EVP_CIPHER_CTX *ctx;  dfargs = (struct decryption_func_locals *) arg;  key = (unsigned char *) malloc(EVP_CIPHER_key_length(cipher));  iv = (unsigned char *) malloc(EVP_CIPHER_iv_length(cipher));  out = (unsigned char *) malloc(data_len + EVP_CIPHER_block_size(cipher));  ctx = EVP_CIPHER_CTX_new();  if((key == NULL) || (iv == NULL) || (out == NULL) || (ctx == NULL))  {    fprintf(stderr, "Error: memory allocation failed./n/n");    exit(EXIT_FAILURE);  }  do  {    if(dictionary == NULL)    {      if(binary)        ret = generate_next_binary_password(&pwd, &pwd_len);      else        ret = generate_next_password(&pwd, &pwd_len);              }    else      ret = read_dictionary_line(&pwd, &pwd_len);    if(ret == 0)      break;    /* Decrypt data with password */    if(no_salt)      EVP_BytesToKey(cipher, digest, NULL, pwd, pwd_len, 1, key, iv);    else      EVP_BytesToKey(cipher, digest, salt, pwd, pwd_len, 1, key, iv);    EVP_DecryptInit(ctx, cipher, key, iv);    EVP_DecryptUpdate(ctx, out, &out_len1, data, data_len);    ret = EVP_DecryptFinal(ctx, out + out_len1, &out_len2);    if(no_error || (ret == 1))    {      if(magic == NULL)        found = valid_data(out, out_len1 + out_len2);      else        found = !strncmp(out, magic, strlen(magic));    }    else      found = 0;    if(found)    {      /* We have a positive result */      handle_signal(SIGUSR1); /* Print some stats */      pthread_mutex_lock(&found_password_lock);      found_password++;      printf("Password candidate: %s/n", pwd);      if(only_one_password)        stop = 1;      pthread_mutex_unlock(&found_password_lock);    }    dfargs->counter++;    EVP_CIPHER_CTX_cleanup(ctx);    if(limit > 0)    {      pthread_mutex_lock(&found_password_lock);      count_limit++;      if(count_limit >= limit)      {        fprintf(stderr, "Maximum number of passphrases tested, aborting./n");        stop = 1;      }      pthread_mutex_unlock(&found_password_lock);    }    free(pwd);  }  while(stop == 0);  EVP_CIPHER_CTX_free(ctx);  free(out);  free(iv);  free(key);  pthread_exit(NULL);}