自学教程：C++ EVP_CIPHER_CTX_set_padding函数代码示例

//The partner decryption function to aboveunsigned char *blowfish_dec(unsigned char *key, unsigned char* data, int size){	unsigned char* out = malloc(size);	int outlen;	int tmplen;	unsigned char iv[] = {0}; //TODO maybe not this?	EVP_CIPHER_CTX ctx;	EVP_CIPHER_CTX_init(&ctx);	EVP_DecryptInit_ex(&ctx, EVP_bf_ecb(), NULL, key, iv);	EVP_CIPHER_CTX_set_padding(&ctx, 0);		EVP_DecryptUpdate(&ctx, out, &outlen, data, size);	if(!EVP_DecryptFinal_ex(&ctx, out + outlen, &tmplen)) {		ssl_error("Didn't do decrypt final");	}	outlen += tmplen;	EVP_CIPHER_CTX_cleanup(&ctx);	return out;}

static LUA_FUNCTION(openssl_cipher_encrypt_new){  const EVP_CIPHER* cipher  = get_cipher(L, 1, NULL);  if (cipher)  {    size_t key_len = 0;    const char *key = luaL_optlstring(L, 2, NULL, &key_len); /* can be NULL */    size_t iv_len = 0;    const char *iv = luaL_optlstring(L, 3, NULL, &iv_len); /* can be NULL */    int pad = lua_isnoneornil(L, 4) ? 1 : lua_toboolean(L, 4);    ENGINE *e = lua_isnoneornil(L, 5) ? NULL : CHECK_OBJECT(5, ENGINE, "openssl.engine");    EVP_CIPHER_CTX *c = NULL;    char evp_key[EVP_MAX_KEY_LENGTH] = {0};    char evp_iv[EVP_MAX_IV_LENGTH] = {0};    if (key)    {      key_len = EVP_MAX_KEY_LENGTH > key_len ? key_len : EVP_MAX_KEY_LENGTH;      memcpy(evp_key, key, key_len);    }    if (iv_len > 0 && iv)    {      iv_len = EVP_MAX_IV_LENGTH > iv_len ? iv_len : EVP_MAX_IV_LENGTH;      memcpy(evp_iv, iv, iv_len);    }    c = EVP_CIPHER_CTX_new();    EVP_CIPHER_CTX_init(c);    if (!EVP_EncryptInit_ex(c, cipher, e, key ? (const byte*)evp_key : NULL, iv_len > 0 ? (const byte*)evp_iv : NULL))    {      EVP_CIPHER_CTX_set_padding(c, pad);      luaL_error(L, "EVP_CipherInit_ex failed, please check openssl error");    }    PUSH_OBJECT(c, "openssl.evp_cipher_ctx");    lua_pushinteger(L, DO_ENCRYPT);    lua_rawsetp(L, LUA_REGISTRYINDEX, c);  }  else    luaL_error(L, "argument #1 is not a valid cipher algorithm or openssl.evp_cipher object");  return 1;}

static int sqlcipher_openssl_cipher(void *ctx, int mode, unsigned char *key, int key_sz, unsigned char *iv, unsigned char *in, int in_sz, unsigned char *out) {  int tmp_csz, csz, rc = SQLITE_OK;  EVP_CIPHER_CTX* ectx = EVP_CIPHER_CTX_new();  if(ectx == NULL) goto error;  if(!EVP_CipherInit_ex(ectx, ((openssl_ctx *)ctx)->evp_cipher, NULL, NULL, NULL, mode)) goto error;   if(!EVP_CIPHER_CTX_set_padding(ectx, 0)) goto error; /* no padding */  if(!EVP_CipherInit_ex(ectx, NULL, NULL, key, iv, mode)) goto error;  if(!EVP_CipherUpdate(ectx, out, &tmp_csz, in, in_sz)) goto error;  csz = tmp_csz;    out += tmp_csz;  if(!EVP_CipherFinal_ex(ectx, out, &tmp_csz)) goto error;  csz += tmp_csz;  assert(in_sz == csz);  goto cleanup;error:  rc = SQLITE_ERROR;cleanup:  if(ectx) EVP_CIPHER_CTX_free(ectx);  return rc; }

int32_t psAesInitCBC(psAesCbc_t *ctx,    const unsigned char IV[AES_IVLEN],    const unsigned char key[AES_MAXKEYLEN], uint8_t keylen,    uint32_t flags){    OpenSSL_add_all_algorithms();    EVP_CIPHER_CTX_init(ctx);    if (EVP_CipherInit_ex(ctx, EVP_aes_cbc(keylen), NULL, key, IV,            flags & PS_AES_ENCRYPT ? 1 : 0))    {        /* Turn off padding so all the encrypted/decrypted data will be            returned in the single call to Update.  This will require that            all the incoming data be an exact block multiple (which is true            for TLS usage where all padding is accounted for) */        EVP_CIPHER_CTX_set_padding(ctx, 0);        return PS_SUCCESS;    }    EVP_CIPHER_CTX_cleanup(ctx);    psAssert(0);    return PS_FAIL;}

static int init_encryptor_decryptor(int (*init_fun)(EVP_CIPHER_CTX*, const EVP_CIPHER*, ENGINE*, const unsigned char*, const unsigned char*),                                    lua_State *L, EVP_CIPHER_CTX *c, const EVP_CIPHER* cipher, const char* key, size_t key_len,                                    const char* iv, size_t iv_len, int pad, int* size_to_return){  unsigned char the_key[EVP_MAX_KEY_LENGTH] = {0};  unsigned char the_iv[EVP_MAX_IV_LENGTH] = {0};  EVP_CIPHER_CTX_init(c);  TRY_CTX(init_fun(c, cipher, NULL, NULL, NULL))  if (!pad)    TRY_CTX(EVP_CIPHER_CTX_set_padding(c, 0))  if (iv)    memcpy(the_iv, iv, iv_len);  memcpy(the_key, key, key_len);  TRY_CTX(init_fun(c, NULL, NULL, the_key, the_iv))  return 1;}

static intaes_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,	     const unsigned char *iv, int enc) /* init key */{    aes_ctr_ctx *c = malloc(sizeof(*c));    const EVP_CIPHER *aes_cipher;    (void) enc;    if (c == NULL)	return 0;    switch (ctx->key_len) {        case 16:            aes_cipher = EVP_aes_128_ecb();            break;        case 24:            aes_cipher = EVP_aes_192_ecb();            break;        case 32:            aes_cipher = EVP_aes_256_ecb();            break;        default:            return 0;    }    c->aes_ctx = malloc(sizeof(EVP_CIPHER_CTX));    if (c->aes_ctx == NULL)	return 0;    if (EVP_EncryptInit(c->aes_ctx, aes_cipher, key, NULL) != 1) {        return 0;    }    EVP_CIPHER_CTX_set_padding(c->aes_ctx, 0);    memcpy(c->ctr, iv, AES_BLOCK_SIZE);    EVP_CIPHER_CTX_set_app_data(ctx, c);    return 1;}

static int aead_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len,                         size_t tag_len, enum evp_aead_direction_t dir,                         const EVP_CIPHER *cipher, const EVP_MD *md,                         char implicit_iv) {  if (tag_len != EVP_AEAD_DEFAULT_TAG_LENGTH &&      tag_len != EVP_MD_size(md)) {    OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_TAG_SIZE);    return 0;  }  if (key_len != EVP_AEAD_key_length(ctx->aead)) {    OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH);    return 0;  }  size_t mac_key_len = EVP_MD_size(md);  size_t enc_key_len = EVP_CIPHER_key_length(cipher);  assert(mac_key_len + enc_key_len +         (implicit_iv ? EVP_CIPHER_iv_length(cipher) : 0) == key_len);  AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX *)&ctx->state;  EVP_CIPHER_CTX_init(&tls_ctx->cipher_ctx);  HMAC_CTX_init(&tls_ctx->hmac_ctx);  assert(mac_key_len <= EVP_MAX_MD_SIZE);  OPENSSL_memcpy(tls_ctx->mac_key, key, mac_key_len);  tls_ctx->mac_key_len = (uint8_t)mac_key_len;  tls_ctx->implicit_iv = implicit_iv;  if (!EVP_CipherInit_ex(&tls_ctx->cipher_ctx, cipher, NULL, &key[mac_key_len],                         implicit_iv ? &key[mac_key_len + enc_key_len] : NULL,                         dir == evp_aead_seal) ||      !HMAC_Init_ex(&tls_ctx->hmac_ctx, key, mac_key_len, md, NULL)) {    aead_tls_cleanup(ctx);    return 0;  }  EVP_CIPHER_CTX_set_padding(&tls_ctx->cipher_ctx, 0);  return 1;}

size_t ssl_des3_encrypt(const unsigned char *key, size_t key_len, const unsigned char *input, size_t input_len,                        const unsigned char *iv, unsigned char **res){    int output_length = 0;    EVP_CIPHER_CTX ctx;    *res = g_new0(unsigned char, 72);    /* Don't set key or IV because we will modify the parameters */    EVP_CIPHER_CTX_init(&ctx);    EVP_CipherInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, NULL, NULL, 1);    EVP_CIPHER_CTX_set_key_length(&ctx, key_len);    EVP_CIPHER_CTX_set_padding(&ctx, 0);    /* We finished modifying parameters so now we can set key and IV */    EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, 1);    EVP_CipherUpdate(&ctx, *res, &output_length, input, input_len);    EVP_CipherFinal_ex(&ctx, *res, &output_length);    EVP_CIPHER_CTX_cleanup(&ctx);    //EVP_cleanup();    return output_length;}

/* * ctx - codec context * pgno - page number in database * size - size in bytes of input and output buffers * mode - 1 to encrypt, 0 to decrypt * in - pointer to input bytes * out - pouter to output bytes */static int codec_cipher(codec_ctx *ctx, Pgno pgno, int mode, int size, void *in, void *out) {  EVP_CIPHER_CTX ectx;  void *iv;  int tmp_csz, csz;  /* when this is an encryption operation and rekey is not null, we will actually encrypt  ** data with the new rekey data */  void *key = ((mode == CIPHER_ENCRYPT && ctx->rekey != NULL) ? ctx->rekey : ctx->key);  /* just copy raw data from in to out whenever   ** 1. key is NULL; or   ** 2. this is a decrypt operation and rekey_plaintext is true  */   if(key == NULL || (mode==CIPHER_DECRYPT && ctx->rekey_plaintext)) {    memcpy(out, in, size);    return SQLITE_OK;  }   size = size - ctx->iv_sz; /* adjust size to useable size and memset reserve at end of page */  iv = out + size;  if(mode == CIPHER_ENCRYPT) {    RAND_pseudo_bytes(iv, ctx->iv_sz);  } else {    memcpy(iv, in+size, ctx->iv_sz);  }     EVP_CipherInit(&ectx, CIPHER, NULL, NULL, mode);  EVP_CIPHER_CTX_set_padding(&ectx, 0);  EVP_CipherInit(&ectx, NULL, key, iv, mode);  EVP_CipherUpdate(&ectx, out, &tmp_csz, in, size);  csz = tmp_csz;    out += tmp_csz;  EVP_CipherFinal(&ectx, out, &tmp_csz);  csz += tmp_csz;  EVP_CIPHER_CTX_cleanup(&ectx);  assert(size == csz);  return SQLITE_OK;}

int s3fs::Crypto::decrypt_block(const unsigned char encrypted[], int inlen, unsigned char outbuf[]){    int outlen;    int tmplen;    EVP_CIPHER_CTX_init(&ctx);    EVP_CIPHER_CTX_set_padding(&ctx, 1L);    EVP_DecryptInit_ex(&ctx, EVP_aes_256_ctr(), NULL, key, iv);    if(!EVP_DecryptUpdate(&ctx, outbuf, &outlen, encrypted, inlen))    {        cerr << "An error has occurred while decrypting the encrypted text." << endl;        EVP_CIPHER_CTX_cleanup(&ctx);    }    if(!EVP_DecryptFinal_ex(&ctx, outbuf + outlen, &tmplen))    {        cerr << "An error has occurred while decrypting the encrypted text." << endl;        EVP_CIPHER_CTX_cleanup(&ctx);    }    outlen += tmplen;    EVP_CIPHER_CTX_cleanup(&ctx);    return outlen;}

void cipher_context_init(cipher_ctx_t *evp, int method, int enc){    if (method <= TABLE || method >= CIPHER_NUM) {        LOGE("cipher_context_init(): Illegal method");        return;    }    const char *ciphername = supported_ciphers[method];    const cipher_kt_t *cipher = get_cipher_type(method);#if defined(USE_CRYPTO_OPENSSL)    if (cipher == NULL) {        LOGE("Cipher %s not found in OpenSSL library", ciphername);        FATAL("Cannot initialize cipher");    }    EVP_CIPHER_CTX_init(evp);    if (!EVP_CipherInit_ex(evp, cipher, NULL, NULL, NULL, enc)) {        LOGE("Cannot initialize cipher %s", ciphername);        exit(EXIT_FAILURE);    }    if (!EVP_CIPHER_CTX_set_key_length(evp, enc_key_len)) {        EVP_CIPHER_CTX_cleanup(evp);        LOGE("Invalid key length: %d", enc_key_len);        exit(EXIT_FAILURE);    }    if (method > RC4) {        EVP_CIPHER_CTX_set_padding(evp, 1);    }#elif defined(USE_CRYPTO_POLARSSL)    if (cipher == NULL) {        LOGE("Cipher %s not found in PolarSSL library", ciphername);        FATAL("Cannot initialize PolarSSL cipher");    }    if (cipher_init_ctx(evp, cipher) != 0) {        FATAL("Cannot initialize PolarSSL cipher context");    }#endif}

static bool aes_decrypt(void *dst, const void *src, size_t len,			const struct enckey *enckey, const struct iv *iv){	EVP_CIPHER_CTX evpctx;	int outlen;	/* Counter mode allows parallelism in future. */	if (EVP_DecryptInit(&evpctx, EVP_aes_128_ctr(),			    memcheck(enckey->k.u.u8, sizeof(enckey->k)),			    memcheck(iv->iv, sizeof(iv->iv))) != 1)		return false;	/* No padding, we're a multiple of 128 bits. */	if (EVP_CIPHER_CTX_set_padding(&evpctx, 0) != 1)		return false;	EVP_DecryptUpdate(&evpctx, dst, &outlen, memcheck(src, len), len);	assert(outlen == len);	/* Shouldn't happen (no padding) */	if (EVP_DecryptFinal(&evpctx, dst, &outlen) != 1)		return false;	assert(outlen == 0);	return true;}

	/*		@note don't use padding = true	*/	void setup(Mode mode, const std::string& key, const std::string& iv, bool padding = false)	{		const int keyLen = static_cast<int>(key.size());		const int expectedKeyLen = EVP_CIPHER_key_length(cipher_);		if (keyLen != expectedKeyLen) {			throw cybozu::Exception("crypto:Cipher:setup:keyLen") << keyLen << expectedKeyLen;		}		int ret = EVP_CipherInit_ex(&ctx_, cipher_, NULL, cybozu::cast<const uint8_t*>(key.c_str()), cybozu::cast<const uint8_t*>(iv.c_str()), mode == Encoding ? 1 : 0);		if (ret != 1) {			throw cybozu::Exception("crypto:Cipher:setup:EVP_CipherInit_ex") << ret;		}		ret = EVP_CIPHER_CTX_set_padding(&ctx_, padding ? 1 : 0);		if (ret != 1) {			throw cybozu::Exception("crypto:Cipher:setup:EVP_CIPHER_CTX_set_padding") << ret;		}/*		const int ivLen = static_cast<int>(iv.size());		const int expectedIvLen = EVP_CIPHER_CTX_iv_length(&ctx_);		if (ivLen != expectedIvLen) {			throw cybozu::Exception("crypto:Cipher:setup:ivLen") << ivLen << expectedIvLen;		}*/	}

/* * ctx - codec context * pgno - page number in database * size - size in bytes of input and output buffers * mode - 1 to encrypt, 0 to decrypt * in - pointer to input bytes * out - pouter to output bytes */static int codec_cipher(cipher_ctx *ctx, Pgno pgno, int mode, int size, unsigned char *in, unsigned char *out) {  EVP_CIPHER_CTX ectx;  unsigned char *iv;  int tmp_csz, csz;  CODEC_TRACE(("codec_cipher:entered pgno=%d, mode=%d, size=%d/n", pgno, mode, size));  /* just copy raw data from in to out when key size is 0   * i.e. during a rekey of a plaintext database */   if(ctx->key_sz == 0) {    memcpy(out, in, size);    return SQLITE_OK;  }   // FIXME - only run if using an IV  size = size - ctx->iv_sz; /* adjust size to useable size and memset reserve at end of page */  iv = out + size;  if(mode == CIPHER_ENCRYPT) {    RAND_pseudo_bytes(iv, ctx->iv_sz);  } else {    memcpy(iv, in+size, ctx->iv_sz);  }     EVP_CipherInit(&ectx, ctx->evp_cipher, NULL, NULL, mode);  EVP_CIPHER_CTX_set_padding(&ectx, 0);  EVP_CipherInit(&ectx, NULL, ctx->key, iv, mode);  EVP_CipherUpdate(&ectx, out, &tmp_csz, in, size);  csz = tmp_csz;    out += tmp_csz;  EVP_CipherFinal(&ectx, out, &tmp_csz);  csz += tmp_csz;  EVP_CIPHER_CTX_cleanup(&ectx);  assert(size == csz);  return SQLITE_OK;}

//.........这里部分代码省略.........			 * during EVP_BytesToKey. Hence the IV is undefined,			 * making correct decryption impossible. */			BIO_printf(bio_err, "iv undefined/n");			goto end;			}		if ((hkey != NULL) && !set_hex(hkey,key,sizeof key))			{			BIO_printf(bio_err,"invalid hex key value/n");			goto end;			}		if ((benc=BIO_new(BIO_f_cipher())) == NULL)			goto end;		/* Since we may be changing parameters work on the encryption		 * context rather than calling BIO_set_cipher().		 */		BIO_get_cipher_ctx(benc, &ctx);		if (non_fips_allow)			EVP_CIPHER_CTX_set_flags(ctx,				EVP_CIPH_FLAG_NON_FIPS_ALLOW);		if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc))			{			BIO_printf(bio_err, "Error setting cipher %s/n",				EVP_CIPHER_name(cipher));			ERR_print_errors(bio_err);			goto end;			}		if (nopad)			EVP_CIPHER_CTX_set_padding(ctx, 0);		if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc))			{			BIO_printf(bio_err, "Error setting cipher %s/n",				EVP_CIPHER_name(cipher));			ERR_print_errors(bio_err);			goto end;			}		if (debug)			{			BIO_set_callback(benc,BIO_debug_callback);			BIO_set_callback_arg(benc,(char *)bio_err);			}		if (printkey)			{			if (!nosalt)				{				printf("salt=");				for (i=0; i<(int)sizeof(salt); i++)					printf("%02X",salt[i]);				printf("/n");				}			if (cipher->key_len > 0)				{				printf("key=");				for (i=0; i<cipher->key_len; i++)					printf("%02X",key[i]);				printf("/n");				}			if (cipher->iv_len > 0)

void AESCryptoKey::TransformBlock(bool           encrypt,                                  const uint8_t *pbIn,                                  uint32_t       cbIn,                                  uint8_t       *pbOut,                                  uint32_t     & cbOut,                                  const uint8_t *pbIv,                                  uint32_t       cbIv){  if (pbIn == nullptr) {    throw exceptions::RMSCryptoNullPointerException("Null pointer pbIn exception");  }  if (pbOut == nullptr) {    throw exceptions::RMSCryptoNullPointerException("Null pointer pbOut exception");  }  if (((cbIv == 0) && (pbIv != nullptr)) || ((cbIv != 0) && (pbIv == nullptr))) {    pbIv = nullptr;    cbIv = 0;  }  int totalOut = static_cast<int>(cbOut);  EVP_CIPHER_CTX ctx;  EVP_CIPHER_CTX_init(&ctx);  const EVP_CIPHER *cipher = nullptr;  switch (m_algorithm) {  case api::CRYPTO_ALGORITHM_AES_ECB:    switch(m_key.size()) {    case 16:       cipher = EVP_aes_128_ecb();       break;    case 24:       cipher = EVP_aes_192_ecb();       break;    case 32:       cipher = EVP_aes_256_ecb();       break;    default:        throw exceptions::RMSCryptoInvalidArgumentException("Invalid key length");    }    break;  case api::CRYPTO_ALGORITHM_AES_CBC:  case api::CRYPTO_ALGORITHM_AES_CBC_PKCS7:      switch(m_key.size()) {      case 16:         cipher = EVP_aes_128_cbc();         break;      case 24:         cipher = EVP_aes_192_cbc();         break;      case 32:         cipher = EVP_aes_256_cbc();         break;      default:          throw exceptions::RMSCryptoInvalidArgumentException("Invalid key length");      }      break;    break;  default:    throw exceptions::RMSCryptoInvalidArgumentException("Unsupported algorithm");  }  // check lengths  if ((pbIv != nullptr) &&      (EVP_CIPHER_iv_length(cipher) != static_cast<int>(cbIv))) {    throw exceptions::RMSCryptoInvalidArgumentException(            "Invalid initial vector length");  }  if (EVP_CIPHER_key_length(cipher) != static_cast<int>(m_key.size())) {    throw exceptions::RMSCryptoInvalidArgumentException("Invalid key length");  }  EVP_CipherInit_ex(&ctx, cipher, NULL, m_key.data(), pbIv, encrypt ? 1 : 0);  if (m_algorithm == api::CRYPTO_ALGORITHM_AES_CBC_PKCS7) {    EVP_CIPHER_CTX_set_padding(&ctx, 1);  } else {    EVP_CIPHER_CTX_set_padding(&ctx, 0);  }  if (!EVP_CipherUpdate(&ctx, pbOut, &totalOut, pbIn, static_cast<int>(cbIn))) {    throw exceptions::RMSCryptoIOException(            exceptions::RMSCryptoException::UnknownError,            "Failed to transform data");  }  pbOut += totalOut;  // add padding if necessary  if (m_algorithm == api::CRYPTO_ALGORITHM_AES_CBC_PKCS7) {    int remain = cbOut - totalOut;    if (remain < EVP_CIPHER_block_size(cipher)) {      throw exceptions::RMSCryptoInsufficientBufferException(              "No enough buffer size");    }//.........这里部分代码省略.........

void mexserver() //gestisco i job{        long ret,quanti=0;    char key[32] ;    unsigned char * msg;    long numblocchi;    unsigned char **p;    unsigned char zero[16];    int index;    EVP_CIPHER_CTX* ctx;    unsigned char ** ciphertext;        unsigned char* L;    printf("mexdalserver/n");    //key=malloc(32);    ret = recv(sk, (void *)key, 32, 0);//key    if(ret==-1) {        printf("mexserver errore: errore in ricezione idjob dal server!/n");        exit(1);    }        printf("key : /n");        printf("key : %s/n",key);        printf("/n");    if(ret==0) { //server si e' disconnesso        printf("Il server ha chiuso la connessione!!/n");        exit(3);    }    ret = recv(sk, (void *)&index, sizeof(int), 0); //mi serve per il calcolo di p    if(ret==-1) {        printf("mexserver errore: errore in ricezione lunghezza dal server3!/n");        exit(1);    }    printf("ricevuto index: %d/n",index);    ret = recv(sk, (void *)&quanti, sizeof(long), 0); //ricevo lunghezza stringa    if(ret==-1) {        printf("mexserver errore: errore in ricezione lunghezza dal server1!/n");        exit(1);    }    printf("ricevuto quanti: %ld/n",quanti);    msg=malloc(quanti);    ret = recv(sk, (void *)msg, quanti, 0); //ricevo file da cifrare    if(ret==-1) {        printf("mexserver errore: errore in ricezione lunghezza dal server2!/n");        exit(1);    }    printf("ricevuto msg/n");    printf("/n MSG %s/n",msg);    numblocchi=quanti/16;    printf("stai elaborando %ld/n",numblocchi);    printf("blocchi /n");    //**************************    exit(1);//****************crush************************    //****************************    p=malloc(sizeof(unsigned char*)* numblocchi );#pragma omp parallel for    for (int z=1; z<numblocchi; z++) {        p[z]=malloc(16);        //l'ultimo carattere mi dice se completato..    }    ciphertext=malloc(sizeof(unsigned char*)*numblocchi);    ctx = (EVP_CIPHER_CTX*)malloc(sizeof(EVP_CIPHER_CTX));    EVP_CIPHER_CTX_init(ctx);    int outlen=0;    L=malloc(16);    /* Context setup for encryption */    EVP_EncryptInit(ctx, EVP_aes_256_ecb(), key, NULL);    EVP_CIPHER_CTX_set_padding(ctx, 0);    EVP_EncryptUpdate(ctx, L, &outlen, (unsigned char*)zero, 16);    if (!EVP_EncryptFinal(ctx, L+outlen, &outlen)) { // se == 0 -> errore     	printf("Errore in EVP_EncryptFinal/n");    	exit(-1);	}	EVP_CIPHER_CTX_cleanup(ctx);	EVP_CIPHER_CTX_free(ctx);    for (int i=0; i<16; i++)        printf(" %02X",  (unsigned char)L[i]);    printf("/n");    memset(zero, 0, 16);    zero[15]=1;    for (int i; i<16; i++)        L[i]|=zero[i];        //L trovata adessi IL;    calcolaLI(numblocchi, L, p,index);    char carry=0;    char ris;#pragma omp parallel for private(ctx, outlen)    for (int i=0;i<numblocchi ; i++) { //fa il cipher        for(int z=0;z <16;z++){            // msg[i*16+z]+=p[i][z];{            ris = msg[i*16+z]&127 || p[i][z]&127;            msg[i*16+z]+= p[i][z] + carry;            if (ris==1 && (msg[i*16+z]&127)==0)                carry=1;            else                carry=0;//.........这里部分代码省略.........

//.........这里部分代码省略.........		if (enc_config.hiv == NULL && enc_config.keystr == NULL &&		    EVP_CIPHER_iv_length(enc_config.cipher) != 0) {			/*			 * No IV was explicitly set and no IV was generated			 * during EVP_BytesToKey. Hence the IV is undefined,			 * making correct decryption impossible.			 */			BIO_printf(bio_err, "iv undefined/n");			goto end;		}		if (enc_config.hkey != NULL &&		    !set_hex(enc_config.hkey, key, sizeof key)) {			BIO_printf(bio_err, "invalid hex key value/n");			goto end;		}		if ((benc = BIO_new(BIO_f_cipher())) == NULL)			goto end;		/*		 * Since we may be changing parameters work on the encryption		 * context rather than calling BIO_set_cipher().		 */		BIO_get_cipher_ctx(benc, &ctx);		if (!EVP_CipherInit_ex(ctx, enc_config.cipher, NULL, NULL,		    NULL, enc_config.enc)) {			BIO_printf(bio_err, "Error setting cipher %s/n",			    EVP_CIPHER_name(enc_config.cipher));			ERR_print_errors(bio_err);			goto end;		}		if (enc_config.nopad)			EVP_CIPHER_CTX_set_padding(ctx, 0);		if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv,		    enc_config.enc)) {			BIO_printf(bio_err, "Error setting cipher %s/n",			    EVP_CIPHER_name(enc_config.cipher));			ERR_print_errors(bio_err);			goto end;		}		if (enc_config.debug) {			BIO_set_callback(benc, BIO_debug_callback);			BIO_set_callback_arg(benc, (char *) bio_err);		}		if (enc_config.printkey) {			if (!enc_config.nosalt) {				printf("salt=");				for (i = 0; i < (int) sizeof(salt); i++)					printf("%02X", salt[i]);				printf("/n");			}			if (enc_config.cipher->key_len > 0) {				printf("key=");				for (i = 0; i < enc_config.cipher->key_len; i++)					printf("%02X", key[i]);				printf("/n");			}			if (enc_config.cipher->iv_len > 0) {				printf("iv =");				for (i = 0; i < enc_config.cipher->iv_len; i++)					printf("%02X", iv[i]);				printf("/n");			}			if (enc_config.printkey == 2) {

void CC_AES(const EVP_CIPHER *cipher,						C_BLOB &Param1,						C_BLOB &Param2,						C_LONGINT &Param3,						C_LONGINT &Param5,						C_LONGINT &Param6,						C_BLOB &Param7,						C_BLOB &Param8,						C_TEXT &returnValue){	EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();		unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];		const unsigned char *source = (const unsigned char *)Param1.getBytesPtr();	int source_len = Param1.getBytesLength();	int crypted_len, tail_len;		bool key_and_iv_is_valid = false;		if(  !Param2.getBytesLength()		 && Param7.getBytesLength()		 && Param8.getBytesLength()		 && Param7.getBytesLength() <= EVP_MAX_KEY_LENGTH		 && Param8.getBytesLength() <= EVP_MAX_IV_LENGTH)	{		memset(key, 0, EVP_MAX_KEY_LENGTH);		memset( iv, 0, EVP_MAX_IV_LENGTH );		memcpy(key, Param7.getBytesPtr(), Param7.getBytesLength());		memcpy( iv, Param8.getBytesPtr(), Param8.getBytesLength());		key_and_iv_is_valid = true;	}else	{		// passphrase -> key, iv		key_and_iv_is_valid = (EVP_BytesToKey(cipher, EVP_md5(), NULL,																					Param2.getBytesPtr(), Param2.getBytesLength(),																					2048, key, iv) > 0);	}		if (key_and_iv_is_valid) {		if(EVP_CipherInit(ctx, cipher, key, iv, 0 == Param3.getIntValue()))		{			if(Param6.getIntValue())			{				EVP_CIPHER_CTX_set_padding(ctx, 0);			}			size_t buf_size = source_len + EVP_MAX_BLOCK_LENGTH;			unsigned char *buf = (unsigned char *)calloc(buf_size, sizeof(unsigned char));			if(EVP_CipherUpdate(ctx, buf, &crypted_len, source, source_len))			{				if(EVP_CipherFinal(ctx, (buf + crypted_len), &tail_len))				{					crypted_len += tail_len;					C_BLOB temp;					temp.setBytes((const uint8_t *)buf, crypted_len);										switch (Param5.getIntValue())					{						case 1:							temp.toB64Text(&returnValue);							break;						case 2:							temp.toB64Text(&returnValue, true);							break;						default:							temp.toHexText(&returnValue);							break;					}				}			}			free(buf);		}		EVP_CIPHER_CTX_free(ctx);	}}

/* * lanplus_decrypt_aes_cbc_128 * * Decrypt with the AES CBC 128 algorithm * * param iv is the 16 byte initialization vector * param key is the 16 byte key used by the AES algorithm * param input is the data to be decrypted * param input_length is the number of bytes to be decrypted.  This MUST *       be a multiple of the block size, 16. * param output is the decrypted output * param bytes_written is the number of bytes written.  This param is set *       to 0 on failure, or if 0 bytes were input. */voidlanplus_decrypt_aes_cbc_128(const uint8_t * iv,							const uint8_t * key,							const uint8_t * input,							uint32_t          input_length,							uint8_t       * output,							uint32_t        * bytes_written){	EVP_CIPHER_CTX ctx;	EVP_CIPHER_CTX_init(&ctx);	EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);	EVP_CIPHER_CTX_set_padding(&ctx, 0);	if (verbose >= 5)	{		printbuf(iv,  16, "decrypting with this IV");		printbuf(key, 16, "decrypting with this key");		printbuf(input, input_length, "decrypting this data");	}	*bytes_written = 0;	if (input_length == 0)		return;	/*	 * The default implementation adds a whole block of padding if the input	 * data is perfectly aligned.  We would like to keep that from happening.	 * We have made a point to have our input perfectly padded.	 */	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);	if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))	{		/* Error */		lprintf(LOG_DEBUG, "ERROR: decrypt update failed");		*bytes_written = 0;		return;	}	else	{		uint32_t tmplen;		if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))		{			char buffer[1000];			ERR_error_string(ERR_get_error(), buffer);			lprintf(LOG_DEBUG, "the ERR error %s", buffer);			lprintf(LOG_DEBUG, "ERROR: decrypt final failed");			*bytes_written = 0;			return; /* Error */		}		else		{			/* Success */			*bytes_written += tmplen;			EVP_CIPHER_CTX_cleanup(&ctx);		}	}	if (verbose >= 5)	{		lprintf(LOG_DEBUG, "Decrypted %d encrypted bytes", input_length);		printbuf(output, *bytes_written, "Decrypted this data");	}}

//.........这里部分代码省略.........		test1_exit(11);		}	    if(!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_TAG, tn, NULL))	        {		fprintf(stderr,"Tag length set failed/n");		ERR_print_errors_fp(stderr);		test1_exit(11);		}	    if(!EVP_EncryptInit_ex(&ctx,NULL,NULL,key,iv))	        {		fprintf(stderr,"Key/IV set failed/n");		ERR_print_errors_fp(stderr);		test1_exit(12);		}	    if (!EVP_EncryptUpdate(&ctx,NULL,&outl,NULL,pn))	        {		fprintf(stderr,"Plaintext length set failed/n");		ERR_print_errors_fp(stderr);		test1_exit(12);		}	    if (an && !EVP_EncryptUpdate(&ctx,NULL,&outl,aad,an))	        {		fprintf(stderr,"AAD set failed/n");		ERR_print_errors_fp(stderr);		test1_exit(13);		}	    }	else if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,iv))	    {	    fprintf(stderr,"EncryptInit failed/n");	    ERR_print_errors_fp(stderr);	    test1_exit(10);	    }	EVP_CIPHER_CTX_set_padding(&ctx,0);	if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn))	    {	    fprintf(stderr,"Encrypt failed/n");	    ERR_print_errors_fp(stderr);	    test1_exit(6);	    }	if(!EVP_EncryptFinal_ex(&ctx,out+outl,&outl2))	    {	    fprintf(stderr,"EncryptFinal failed/n");	    ERR_print_errors_fp(stderr);	    test1_exit(7);	    }	if(outl+outl2 != cn)	    {	    fprintf(stderr,"Ciphertext length mismatch got %d expected %d/n",		    outl+outl2,cn);	    test1_exit(8);	    }	if(memcmp(out,ciphertext,cn))	    {	    fprintf(stderr,"Ciphertext mismatch/n");	    hexdump(stderr,"Got",out,cn);	    hexdump(stderr,"Expected",ciphertext,cn);	    test1_exit(9);	    }	if (mode == EVP_CIPH_GCM_MODE || mode == EVP_CIPH_CCM_MODE)	    {	    unsigned char rtag[16];	    /* Note: EVP_CTRL_CCM_GET_TAG has same value as 

//.........这里部分代码省略.........                    break;                case 256:                    pCipher = EVP_aes_256_cbc();                    break;                default:                    OPENSSL_SET_AND_LEAVE(CKR_MECHANISM_INVALID);            }            if(pEncryptMech->mechanism == CKM_AES_CBC_PAD)            {                padding = 1;            }            break;        case CKM_AES_ECB:        case CKM_AES_ECB_PAD:            switch(pEnc->Key->size)            {                case 128:                    pCipher = EVP_aes_128_ecb();                    break;                case 192:                    pCipher = EVP_aes_192_ecb();                    break;                case 256:                    pCipher = EVP_aes_256_ecb();                    break;                default:                    OPENSSL_SET_AND_LEAVE(CKR_MECHANISM_INVALID);            }            if(pEncryptMech->mechanism == CKM_AES_ECB_PAD)            {                padding = 1;            }            break;        case CKM_DES3_CBC:            pCipher = EVP_des_ede3_cbc();            break;        case CKM_DES3_CBC_PAD:            pCipher = EVP_des_ede3_cbc();            padding = 1;            break;        case CKM_RSA_PKCS:            pEnc->IsSymmetric= FALSE;            padding = RSA_PKCS1_PADDING;            break;        default:            OPENSSL_SET_AND_LEAVE(CKR_MECHANISM_INVALID);    }    if(pEnc->IsSymmetric)    {        if(pEncryptMech->ulParameterLen > 0 && pEncryptMech->ulParameterLen > 0)        {            memcpy(pEnc->IV, pEncryptMech->pParameter, pEncryptMech->ulParameterLen);        }        pEnc->Key->ctx = &pEnc->SymmetricCtx;        if(isEncrypt)         {            OPENSSL_CHECKRESULT(EVP_EncryptInit(&pEnc->SymmetricCtx, pCipher, (const UINT8*)pEnc->Key->key, pEnc->IV));        }        else        {            OPENSSL_CHECKRESULT(EVP_DecryptInit(&pEnc->SymmetricCtx, pCipher, (const UINT8*)pEnc->Key->key, pEnc->IV));        }        OPENSSL_CHECKRESULT(EVP_CIPHER_CTX_set_padding(&pEnc->SymmetricCtx, padding));    }    else    {        pEnc->Key->ctx = EVP_PKEY_CTX_new((EVP_PKEY*)pEnc->Key->key, NULL);        if(isEncrypt)        {            OPENSSL_CHECKRESULT(EVP_PKEY_encrypt_init       ((EVP_PKEY_CTX*)pEnc->Key->ctx         ));            OPENSSL_CHECKRESULT(EVP_PKEY_CTX_set_rsa_padding((EVP_PKEY_CTX*)pEnc->Key->ctx, padding));        }        else        {            OPENSSL_CHECKRESULT(EVP_PKEY_decrypt_init       ((EVP_PKEY_CTX*)pEnc->Key->ctx         ));            OPENSSL_CHECKRESULT(EVP_PKEY_CTX_set_rsa_padding((EVP_PKEY_CTX*)pEnc->Key->ctx, padding));        }    }    if(isEncrypt) pSessionCtx->EncryptionCtx = pEnc;    else          pSessionCtx->DecryptionCtx = pEnc;    OPENSSL_CLEANUP();    if(retVal != CKR_OK && pEnc != NULL)    {        TINYCLR_SSL_FREE(pEnc);    }    OPENSSL_RETURN();    }

    jdoubleArray Java_de_blinkt_openvpn_core_NativeUtils_getOpenSSLSpeed(JNIEnv* env, jclass thiz, jstring algorithm, jint testnumber){    static const unsigned char key16[16] = {        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,        0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12    };    const EVP_CIPHER *evp_cipher = NULL;    const char* alg = (*env)->GetStringUTFChars( env, algorithm , NULL ) ;    evp_cipher = EVP_get_cipherbyname(alg);    if (evp_cipher == NULL)        evp_md = EVP_get_digestbyname(alg);    if (evp_cipher == NULL && evp_md == NULL) {        //        BIO_printf(bio_err, "%s: %s is an unknown cipher or digest/n", prog, opt_arg());        //jniThrowException(env, "java/security/NoSuchAlgorithmException", "Algorithm not found");        return NULL;    }    const char* name;    loopargs_t *loopargs = NULL;    int loopargs_len = 1;    int async_jobs=0;    loopargs = malloc(loopargs_len * sizeof(loopargs_t));    memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));    jdoubleArray ret = (*env)->NewDoubleArray(env, 3);    if (testnum < 0 || testnum >= SIZE_NUM)        return NULL;    testnum = testnumber;    for (int i = 0; i < loopargs_len; i++) {        int misalign=0;        loopargs[i].buf_malloc = malloc((int)BUFSIZE + MAX_MISALIGNMENT + 1);        loopargs[i].buf2_malloc = malloc((int)BUFSIZE + MAX_MISALIGNMENT + 1);        /* Align the start of buffers on a 64 byte boundary */        loopargs[i].buf = loopargs[i].buf_malloc + misalign;        loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;    }    int count;    float d;    if (evp_cipher) {        name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));        /*         * -O3 -fschedule-insns messes up an optimization here!         * names[D_EVP] somehow becomes NULL         */        for (int k = 0; k < loopargs_len; k++) {            loopargs[k].ctx = EVP_CIPHER_CTX_new();            if (decrypt)                EVP_DecryptInit_ex(loopargs[k].ctx, evp_cipher, NULL, key16, iv);            else                EVP_EncryptInit_ex(loopargs[k].ctx, evp_cipher, NULL, key16, iv);            EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);        }        Time_F(START);        pthread_t timer_thread;        if (pthread_create(&timer_thread, NULL, stop_run, NULL))            return NULL;        count = run_benchmark(async_jobs, EVP_Update_loop, loopargs);        d = Time_F(STOP);        for (int k = 0; k < loopargs_len; k++) {            EVP_CIPHER_CTX_free(loopargs[k].ctx);        }    }    if (evp_md) {        name = OBJ_nid2ln(EVP_MD_type(evp_md));        //            print_message(names[D_EVP], save_count, lengths[testnum]);        pthread_t timer_thread;        if (pthread_create(&timer_thread, NULL, stop_run, NULL))            return NULL;        Time_F(START);        count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);        d = Time_F(STOP);    }    // Save results in hacky way    double results[] = {(double) lengths[testnum], (double) count, d};    (*env)->SetDoubleArrayRegion(env, ret, 0, 3, results);    //        print_result(D_EVP, testnum, count, d);    return ret;//.........这里部分代码省略.........

boolcrypto_aes_decrypt(struct string *ciphertext, struct string *aes_key, struct string *aes_iv, struct string *decrypted){    bool retval = false;    EVP_CIPHER_CTX ctx;    int decryptspace;    int decryptdone;    EVP_CIPHER_CTX_init(&ctx);    if (!EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL,        (unsigned char *)string_get(aes_key),        (unsigned char *)string_get(aes_iv))) {        log_err("crypto_aes_decrypt: init failed/n");        ERR_print_errors_fp(stderr);        goto bail_out;    }    EVP_CIPHER_CTX_set_padding(&ctx, 1);        if (string_length(aes_key) != EVP_CIPHER_CTX_key_length(&ctx)) {        log_err("crypto_aes_decrypt: invalid key size (%" PRIuPTR " vs expected %d)/n",                string_length(aes_key), EVP_CIPHER_CTX_key_length(&ctx));        goto bail_out;    }    if (string_length(aes_iv) != EVP_CIPHER_CTX_iv_length(&ctx)) {        log_err("crypto_aes_decrypt: invalid iv size (%" PRIuPTR " vs expected %d)/n",                string_length(aes_iv), EVP_CIPHER_CTX_iv_length(&ctx));        goto bail_out;    }    decryptspace = string_length(ciphertext) + EVP_MAX_BLOCK_LENGTH;    string_free(decrypted); /* free previous buffer */    string_init(decrypted, decryptspace, 1024);    if (string_size(decrypted) < decryptspace) {        log_err("crypto_aes_decrypt: decrypt buffer malloc error/n");        goto bail_out;    }        if (EVP_DecryptUpdate(&ctx, (unsigned char*)string_get(decrypted),            &decryptdone, (unsigned char*)string_get(ciphertext),            string_length(ciphertext))) {        /* TODO: need cleaner way: */        decrypted->_u._s.length = decryptdone;    } else {        log_err("crypto_aes_decrypt: decrypt failed/n");        ERR_print_errors_fp(stderr);        goto bail_out;    }        if (EVP_DecryptFinal_ex(&ctx,            (unsigned char*)string_get(decrypted)+string_length(decrypted),            &decryptdone)) {        /* TODO: need cleaner way: */        decrypted->_u._s.length += decryptdone;    } else {        log_err("crypto_aes_decrypt: decrypt final failed/n");        ERR_print_errors_fp(stderr);        goto bail_out;    }    retval = true;bail_out:    EVP_CIPHER_CTX_cleanup(&ctx);    return retval;}

static int entersafe_mac_apdu(sc_card_t *card, sc_apdu_t *apdu,							  u8 * key,size_t keylen,							  u8 * buff,size_t buffsize){	 int r;	 u8 iv[8];	 u8 *tmp=0,*tmp_rounded=NULL;	 size_t tmpsize=0,tmpsize_rounded=0;	 int outl=0;	 EVP_CIPHER_CTX ctx;	SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);	 assert(card);	 assert(apdu);	 assert(key);	 assert(buff);	 if(apdu->cse != SC_APDU_CASE_3_SHORT)		  return SC_ERROR_INTERNAL;	 if(keylen!=8 && keylen!=16)		  return SC_ERROR_INTERNAL;	 r=entersafe_gen_random(card,iv,sizeof(iv));	 SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL,r,"entersafe gen random failed");	 /* encode the APDU in the buffer */	 if ((r=sc_apdu_get_octets(card->ctx, apdu, &tmp, &tmpsize,SC_PROTO_RAW)) != SC_SUCCESS)		  goto out;	 /* round to 8 */	 tmpsize_rounded=(tmpsize/8+1)*8;	 tmp_rounded = malloc(tmpsize_rounded);	 if (tmp_rounded == NULL)	 {		  r =  SC_ERROR_OUT_OF_MEMORY;		  goto out;	 }	 	 /*build content and padded buffer by 0x80 0x00 0x00..... */	 memset(tmp_rounded,0,tmpsize_rounded);	 memcpy(tmp_rounded,tmp,tmpsize);	 tmp_rounded[4]+=4;	 tmp_rounded[tmpsize]=0x80;	 /* block_size-1 blocks*/	 EVP_CIPHER_CTX_init(&ctx);	 EVP_CIPHER_CTX_set_padding(&ctx,0);	 EVP_EncryptInit_ex(&ctx, EVP_des_cbc(), NULL, key, iv);	 if(tmpsize_rounded>8){		  if(!EVP_EncryptUpdate(&ctx,tmp_rounded,&outl,tmp_rounded,tmpsize_rounded-8)){			   r = SC_ERROR_INTERNAL;			   goto out;			   		  }	 }	 /* last block */	 if(keylen==8)	 {		  if(!EVP_EncryptUpdate(&ctx,tmp_rounded+outl,&outl,tmp_rounded+outl,8)){			   r = SC_ERROR_INTERNAL;			   goto out;			   		  }	 }	 else	 {		  EVP_EncryptInit_ex(&ctx, EVP_des_ede_cbc(), NULL, key,tmp_rounded+outl-8);		  if(!EVP_EncryptUpdate(&ctx,tmp_rounded+outl,&outl,tmp_rounded+outl,8)){			   r = SC_ERROR_INTERNAL;			   goto out;			   		  }	 }	 if (!EVP_CIPHER_CTX_cleanup(&ctx)){		  r = SC_ERROR_INTERNAL;		  goto out;			   	 }	 memcpy(buff,apdu->data,apdu->lc);	 /* use first 4 bytes of last block as mac value*/	 memcpy(buff+apdu->lc,tmp_rounded+tmpsize_rounded-8,4);	 apdu->data=buff;	 apdu->lc+=4;	 apdu->datalen=apdu->lc;out:	 if(tmp)		  free(tmp);	 if(tmp_rounded)		  free(tmp_rounded);	 SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, r);}

/** * @brief Initialise a context for decrypting arbitrary data using the given key. * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If *       *ctx is not NULL, *ctx must point at a previously created structure. * @param ctx The block context returned, see note. * @param blockSize The block size of the cipher. * @param iv Optional initialisation vector. If the buffer pointed to is NULL, *           an IV will be created at random, in space allocated from the pool. *           If the buffer is not NULL, the IV in the buffer will be used. * @param key The key structure. * @param p The pool to use. * @return Returns APR_ENOIV if an initialisation vector is required but not specified. *         Returns APR_EINIT if the backend failed to initialise the context. Returns *         APR_ENOTIMPL if not implemented. */static apr_status_t crypto_block_decrypt_init(apr_crypto_block_t **ctx,        apr_size_t *blockSize, const unsigned char *iv,        const apr_crypto_key_t *key, apr_pool_t *p){    apr_crypto_config_t *config = key->f->config;    apr_crypto_block_t *block = *ctx;    if (!block) {        *ctx = block = apr_pcalloc(p, sizeof(apr_crypto_block_t));    }    if (!block) {        return APR_ENOMEM;    }    block->f = key->f;    block->pool = p;    block->provider = key->provider;    apr_pool_cleanup_register(p, block, crypto_block_cleanup_helper,            apr_pool_cleanup_null);    /* create a new context for encryption */    EVP_CIPHER_CTX_init(&block->cipherCtx);    block->initialised = 1;    /* generate an IV, if necessary */    if (key->ivSize) {        if (iv == NULL) {            return APR_ENOIV;        }    }    /* set up our encryption context */#if CRYPTO_OPENSSL_CONST_BUFFERS    if (!EVP_DecryptInit_ex(&block->cipherCtx, key->cipher, config->engine,            key->key, iv)) {#else        if (!EVP_DecryptInit_ex(&block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) iv)) {#endif        return APR_EINIT;    }    /* Clear up any read padding */    if (!EVP_CIPHER_CTX_set_padding(&block->cipherCtx, key->doPad)) {        return APR_EPADDING;    }    if (blockSize) {        *blockSize = EVP_CIPHER_block_size(key->cipher);    }    return APR_SUCCESS;}/** * @brief Decrypt data provided by in, write it to out. * @note The number of bytes written will be written to outlen. If *       out is NULL, outlen will contain the maximum size of the *       buffer needed to hold the data, including any data *       generated by apr_crypto_block_decrypt_finish below. If *out points *       to NULL, a buffer sufficiently large will be created from *       the pool provided. If *out points to a not-NULL value, this *       value will be used as a buffer instead. * @param out Address of a buffer to which data will be written, *        see note. * @param outlen Length of the output will be written here. * @param in Address of the buffer to read. * @param inlen Length of the buffer to read. * @param ctx The block context to use. * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if *         not implemented. */static apr_status_t crypto_block_decrypt(unsigned char **out,        apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,        apr_crypto_block_t *ctx){    int outl = *outlen;    unsigned char *buffer;    /* are we after the maximum size of the out buffer? */    if (!out) {        *outlen = inlen + EVP_MAX_BLOCK_LENGTH;        return APR_SUCCESS;    }    /* must we allocate the output buffer from a pool? *///.........这里部分代码省略.........

void cipher_context_init(cipher_ctx_t *ctx, int method, int enc){    if (method <= TABLE || method >= CIPHER_NUM) {        LOGE("cipher_context_init(): Illegal method");        return;    }    if (method >= SALSA20) {        enc_iv_len = supported_ciphers_iv_size[method];        return;    }    const char *ciphername = supported_ciphers[method];#if defined(USE_CRYPTO_APPLECC)    cipher_cc_t *cc = &ctx->cc;    cc->cryptor = NULL;    cc->cipher  = supported_ciphers_applecc[method];    if (cc->cipher == kCCAlgorithmInvalid) {        cc->valid = kCCContextInvalid;    } else {        cc->valid = kCCContextValid;        if (cc->cipher == kCCAlgorithmRC4) {            cc->mode    = kCCModeRC4;            cc->padding = ccNoPadding;        } else {            cc->mode    = kCCModeCFB;            cc->padding = ccPKCS7Padding;        }        return;    }#endif    cipher_evp_t *evp         = &ctx->evp;    const cipher_kt_t *cipher = get_cipher_type(method);#if defined(USE_CRYPTO_OPENSSL)    if (cipher == NULL) {        LOGE("Cipher %s not found in OpenSSL library", ciphername);        FATAL("Cannot initialize cipher");    }    EVP_CIPHER_CTX_init(evp);    if (!EVP_CipherInit_ex(evp, cipher, NULL, NULL, NULL, enc)) {        LOGE("Cannot initialize cipher %s", ciphername);        exit(EXIT_FAILURE);    }    if (!EVP_CIPHER_CTX_set_key_length(evp, enc_key_len)) {        EVP_CIPHER_CTX_cleanup(evp);        LOGE("Invalid key length: %d", enc_key_len);        exit(EXIT_FAILURE);    }    if (method > RC4_MD5) {        EVP_CIPHER_CTX_set_padding(evp, 1);    }#elif defined(USE_CRYPTO_POLARSSL)    if (cipher == NULL) {        LOGE("Cipher %s not found in PolarSSL library", ciphername);        FATAL("Cannot initialize PolarSSL cipher");    }    if (cipher_init_ctx(evp, cipher) != 0) {        FATAL("Cannot initialize PolarSSL cipher context");    }#elif defined(USE_CRYPTO_MBEDTLS)    // XXX: mbedtls_cipher_setup future change    // NOTE:  Currently also clears structure. In future versions you will be required to call    //        mbedtls_cipher_init() on the structure first.    //        void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );    if (cipher == NULL) {        LOGE("Cipher %s not found in mbed TLS library", ciphername);        FATAL("Cannot initialize mbed TLS cipher");    }    mbedtls_cipher_init(evp);    if (mbedtls_cipher_setup(evp, cipher) != 0) {        FATAL("Cannot initialize mbed TLS cipher context");    }#endif}

/**@fn int soap_mec_init(struct soap *soap, struct soap_mec_data *data, int alg, SOAP_MEC_KEY_TYPE *pkey, unsigned char *key, int *keylen)@brief Initialize mecevp engine state and create context forencryption/decryption algorithm using a private/public key or symmetric secretkey.@param soap context@param[in,out] data mecevp engine context@param[in] alg encryption/decryption algorithm@param[in] pkey public/private key or NULL@param[in,out] key secret key or encrypted ephemeral secret key set with envelope encryption, or NULL@param[in,out] keylen secret key length@return SOAP_OK or SOAP_SSL_ERROR*/intsoap_mec_init(struct soap *soap, struct soap_mec_data *data, int alg, SOAP_MEC_KEY_TYPE *pkey, unsigned char *key, int *keylen){ int ok = 1;  DBGLOG(TEST, SOAP_MESSAGE(fdebug, "soap_mec_init()/n"));  soap_ssl_init();  data->ctx = (EVP_CIPHER_CTX*)SOAP_MALLOC(soap, sizeof(EVP_CIPHER_CTX));  if (!data->ctx)    return soap->error = SOAP_EOM;  EVP_CIPHER_CTX_init(data->ctx);  data->alg = alg;  data->state = SOAP_MEC_STATE_NONE;  if (alg & SOAP_MEC_DES_CBC)    data->type = EVP_des_ede3_cbc(); /* triple DES CBC */  else if (alg & SOAP_MEC_AES128_CBC)    data->type = EVP_get_cipherbyname("AES128");  else if (alg & SOAP_MEC_AES192_CBC)    data->type = EVP_get_cipherbyname("AES192");  else if (alg & SOAP_MEC_AES256_CBC)    data->type = EVP_get_cipherbyname("AES256");  else if (alg & SOAP_MEC_AES512_CBC)    data->type = EVP_get_cipherbyname("AES512");  else    data->type = EVP_enc_null();  data->buf = NULL;  data->rest = NULL;  data->restlen = 0;  if (alg & SOAP_MEC_ENC)  { if (!data->type)      return soap_mec_check(soap, data, 0, "soap_mec_init() failed: cannot load cipher");    EVP_EncryptInit_ex(data->ctx, data->type, NULL, NULL, NULL);  }  if (alg & SOAP_MEC_OAEP)    EVP_CIPHER_CTX_set_padding(data->ctx, RSA_PKCS1_OAEP_PADDING);  else    EVP_CIPHER_CTX_set_padding(data->ctx, RSA_PKCS1_PADDING);  switch (alg & SOAP_MEC_MASK)  { case SOAP_MEC_ENV_ENC_AES128_CBC:    case SOAP_MEC_ENV_ENC_AES192_CBC:    case SOAP_MEC_ENV_ENC_AES256_CBC:    case SOAP_MEC_ENV_ENC_AES512_CBC:    case SOAP_MEC_ENV_ENC_DES_CBC:      ok = EVP_CIPHER_CTX_rand_key(data->ctx, data->ekey);      /* generate ephemeral secret key */#if (OPENSSL_VERSION_NUMBER >= 0x01000000L)      *keylen = EVP_PKEY_encrypt_old(key, data->ekey, EVP_CIPHER_CTX_key_length(data->ctx), pkey);#else      *keylen = EVP_PKEY_encrypt(key, data->ekey, EVP_CIPHER_CTX_key_length(data->ctx), pkey);#endif      key = data->ekey;      /* fall through to next arm */    case SOAP_MEC_ENC_DES_CBC:    case SOAP_MEC_ENC_AES128_CBC:    case SOAP_MEC_ENC_AES192_CBC:    case SOAP_MEC_ENC_AES256_CBC:    case SOAP_MEC_ENC_AES512_CBC:      data->bufidx = 0;      data->buflen = 1024; /* > iv in base64 must fit */      data->buf = (char*)SOAP_MALLOC(soap, data->buflen);      data->key = key;      break;    case SOAP_MEC_ENV_DEC_AES128_CBC:    case SOAP_MEC_ENV_DEC_AES192_CBC:    case SOAP_MEC_ENV_DEC_AES256_CBC:    case SOAP_MEC_ENV_DEC_AES512_CBC:    case SOAP_MEC_ENV_DEC_DES_CBC:    case SOAP_MEC_DEC_DES_CBC:    case SOAP_MEC_DEC_AES128_CBC:    case SOAP_MEC_DEC_AES192_CBC:    case SOAP_MEC_DEC_AES256_CBC:    case SOAP_MEC_DEC_AES512_CBC:      data->pkey = pkey;      data->key = key;      data->keylen = *keylen;      break;    default:      return soap_set_receiver_error(soap, "Unsupported encryption algorithm", NULL, SOAP_SSL_ERROR);  }  return soap_mec_check(soap, data, ok, "soap_mec_init() failed");}

static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,		  const unsigned char *iv,int in,		  const unsigned char *plaintext,int pn,		  const unsigned char *ciphertext,int cn,		  int encdec)    {    EVP_CIPHER_CTX ctx;    unsigned char out[4096];    int outl,outl2;    printf("Testing cipher %s%s/n",EVP_CIPHER_name(c),	   (encdec == 1 ? "(encrypt)" : (encdec == 0 ? "(decrypt)" : "(encrypt/decrypt)")));    hexdump(stdout,"Key",key,kn);    if(in)	hexdump(stdout,"IV",iv,in);    hexdump(stdout,"Plaintext",plaintext,pn);    hexdump(stdout,"Ciphertext",ciphertext,cn);        if(kn != c->key_len)	{	fprintf(stderr,"Key length doesn't match, got %d expected %d/n",kn,		c->key_len);	test1_exit(5);	}    EVP_CIPHER_CTX_init(&ctx);    if (encdec != 0)        {	if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,iv))	    {	    fprintf(stderr,"EncryptInit failed/n");	    ERR_print_errors_fp(stderr);	    test1_exit(10);	    }	EVP_CIPHER_CTX_set_padding(&ctx,0);	if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn))	    {	    fprintf(stderr,"Encrypt failed/n");	    ERR_print_errors_fp(stderr);	    test1_exit(6);	    }	if(!EVP_EncryptFinal_ex(&ctx,out+outl,&outl2))	    {	    fprintf(stderr,"EncryptFinal failed/n");	    ERR_print_errors_fp(stderr);	    test1_exit(7);	    }	if(outl+outl2 != cn)	    {	    fprintf(stderr,"Ciphertext length mismatch got %d expected %d/n",		    outl+outl2,cn);	    test1_exit(8);	    }	if(memcmp(out,ciphertext,cn))	    {	    fprintf(stderr,"Ciphertext mismatch/n");	    hexdump(stderr,"Got",out,cn);	    hexdump(stderr,"Expected",ciphertext,cn);	    test1_exit(9);	    }	}    if (encdec <= 0)        {	if(!EVP_DecryptInit_ex(&ctx,c,NULL,key,iv))	    {	    fprintf(stderr,"DecryptInit failed/n");	    ERR_print_errors_fp(stderr);	    test1_exit(11);	    }	EVP_CIPHER_CTX_set_padding(&ctx,0);	if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn))	    {	    fprintf(stderr,"Decrypt failed/n");	    ERR_print_errors_fp(stderr);	    test1_exit(6);	    }	if(!EVP_DecryptFinal_ex(&ctx,out+outl,&outl2))	    {	    fprintf(stderr,"DecryptFinal failed/n");	    ERR_print_errors_fp(stderr);	    test1_exit(7);	    }	if(outl+outl2 != cn)	    {	    fprintf(stderr,"Plaintext length mismatch got %d expected %d/n",		    outl+outl2,cn);	    test1_exit(8);	    }	if(memcmp(out,plaintext,cn))	    {	    fprintf(stderr,"Plaintext mismatch/n");	    hexdump(stderr,"Got",out,cn);	    hexdump(stderr,"Expected",plaintext,cn);	    test1_exit(9);//.........这里部分代码省略.........