自学教程：C++ EVP_CIPHER_iv_length函数代码示例

int CipherKeyImpl::ivSize() const{	return EVP_CIPHER_iv_length(_pCipher);}

static int test_tls13_encryption(void){    SSL_CTX *ctx = NULL;    SSL *s = NULL;    SSL3_RECORD rec;    unsigned char *key = NULL, *iv = NULL, *seq = NULL;    const EVP_CIPHER *ciph = EVP_aes_128_gcm();    int ret = 0;    size_t ivlen, ctr;    /*     * Encrypted TLSv1.3 records always have an outer content type of     * application data, and a record version of TLSv1.2.     */    rec.data = NULL;    rec.type = SSL3_RT_APPLICATION_DATA;    rec.rec_version = TLS1_2_VERSION;    ctx = SSL_CTX_new(TLS_method());    if (!TEST_ptr(ctx)) {        TEST_info("Failed creating SSL_CTX");        goto err;    }    s = SSL_new(ctx);    if (!TEST_ptr(s)) {        TEST_info("Failed creating SSL");        goto err;    }    s->enc_read_ctx = EVP_CIPHER_CTX_new();    if (!TEST_ptr(s->enc_read_ctx))        goto err;    s->enc_write_ctx = EVP_CIPHER_CTX_new();    if (!TEST_ptr(s->enc_write_ctx))        goto err;    s->s3->tmp.new_cipher = SSL_CIPHER_find(s, TLS13_AES_128_GCM_SHA256_BYTES);    if (!TEST_ptr(s->s3->tmp.new_cipher)) {        TEST_info("Failed to find cipher");        goto err;    }    for (ctr = 0; ctr < OSSL_NELEM(refdata); ctr++) {        /* Load the record */        ivlen = EVP_CIPHER_iv_length(ciph);        if (!load_record(&rec, &refdata[ctr], &key, s->read_iv, ivlen,                         RECORD_LAYER_get_read_sequence(&s->rlayer))) {            TEST_error("Failed loading key into EVP_CIPHER_CTX");            goto err;        }        /* Set up the read/write sequences */        memcpy(RECORD_LAYER_get_write_sequence(&s->rlayer),               RECORD_LAYER_get_read_sequence(&s->rlayer), SEQ_NUM_SIZE);        memcpy(s->write_iv, s->read_iv, ivlen);        /* Load the key into the EVP_CIPHER_CTXs */        if (EVP_CipherInit_ex(s->enc_write_ctx, ciph, NULL, key, NULL, 1) <= 0                || EVP_CipherInit_ex(s->enc_read_ctx, ciph, NULL, key, NULL, 0)                   <= 0) {            TEST_error("Failed loading key into EVP_CIPHER_CTX/n");            goto err;        }        /* Encrypt it */        if (!TEST_size_t_eq(tls13_enc(s, &rec, 1, 1), 1)) {            TEST_info("Failed to encrypt record %zu", ctr);            goto err;        }        if (!TEST_true(test_record(&rec, &refdata[ctr], 1))) {            TEST_info("Record %zu encryption test failed", ctr);            goto err;        }        /* Decrypt it */        if (!TEST_int_eq(tls13_enc(s, &rec, 1, 0), 1)) {            TEST_info("Failed to decrypt record %zu", ctr);            goto err;        }        if (!TEST_true(test_record(&rec, &refdata[ctr], 0))) {            TEST_info("Record %zu decryption test failed", ctr);            goto err;        }        OPENSSL_free(rec.data);        OPENSSL_free(key);        OPENSSL_free(iv);        OPENSSL_free(seq);        rec.data = NULL;        key = NULL;        iv = NULL;        seq = NULL;    }    TEST_note("PASS: %zu records tested", ctr);    ret = 1; err://.........这里部分代码省略.........

//.........这里部分代码省略.........        }#endif        RECORD_LAYER_reset_read_sequence(&s->rlayer);        mac_secret = &(s->s3->read_mac_secret[0]);    } else {        if (s->enc_write_ctx != NULL)            reuse_dd = 1;        else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL)            goto err;        else            /*             * make sure it's intialized in case we exit later with an error             */            EVP_CIPHER_CTX_reset(s->enc_write_ctx);        dd = s->enc_write_ctx;        if (ssl_replace_hash(&s->write_hash, m) == NULL) {                SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);                goto err2;        }#ifndef OPENSSL_NO_COMP        /* COMPRESS */        COMP_CTX_free(s->compress);        s->compress = NULL;        if (comp != NULL) {            s->compress = COMP_CTX_new(comp);            if (s->compress == NULL) {                SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,                       SSL_R_COMPRESSION_LIBRARY_ERROR);                goto err2;            }        }#endif        RECORD_LAYER_reset_write_sequence(&s->rlayer);        mac_secret = &(s->s3->write_mac_secret[0]);    }    if (reuse_dd)        EVP_CIPHER_CTX_reset(dd);    p = s->s3->tmp.key_block;    i = EVP_MD_size(m);    if (i < 0)        goto err2;    cl = EVP_CIPHER_key_length(c);    j = cl;    k = EVP_CIPHER_iv_length(c);    if ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||        (which == SSL3_CHANGE_CIPHER_SERVER_READ)) {        ms = &(p[0]);        n = i + i;        key = &(p[n]);        n += j + j;        iv = &(p[n]);        n += k + k;    } else {        n = i;        ms = &(p[n]);        n += i + j;        key = &(p[n]);        n += j + k;        iv = &(p[n]);        n += k;    }    if (n > s->s3->tmp.key_block_length) {        SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);        goto err2;    }    memcpy(mac_secret, ms, i);    EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE));#ifdef OPENSSL_SSL_TRACE_CRYPTO    if (s->msg_callback) {        int wh = which & SSL3_CC_WRITE ?            TLS1_RT_CRYPTO_WRITE : TLS1_RT_CRYPTO_READ;        s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_MAC,                        mac_secret, EVP_MD_size(m), s, s->msg_callback_arg);        if (c->key_len)            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_KEY,                            key, c->key_len, s, s->msg_callback_arg);        if (k) {            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_IV,                            iv, k, s, s->msg_callback_arg);        }    }#endif    OPENSSL_cleanse(exp_key, sizeof(exp_key));    OPENSSL_cleanse(exp_iv, sizeof(exp_iv));    return (1); err:    SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE); err2:    OPENSSL_cleanse(exp_key, sizeof(exp_key));    OPENSSL_cleanse(exp_iv, sizeof(exp_iv));    return (0);}

int ssl3_change_cipher_state(SSL *s, int which)	{	unsigned char *p,*key_block,*mac_secret;	unsigned char exp_key[EVP_MAX_KEY_LENGTH];	unsigned char exp_iv[EVP_MAX_KEY_LENGTH];	unsigned char *ms,*key,*iv,*er1,*er2;	EVP_CIPHER_CTX *dd;	const EVP_CIPHER *c;	COMP_METHOD *comp;	const EVP_MD *m;	MD5_CTX md;	int exp,n,i,j,k,cl;	exp=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);	c=s->s3->tmp.new_sym_enc;	m=s->s3->tmp.new_hash;	if (s->s3->tmp.new_compression == NULL)		comp=NULL;	else		comp=s->s3->tmp.new_compression->method;	key_block=s->s3->tmp.key_block;	if (which & SSL3_CC_READ)		{		if ((s->enc_read_ctx == NULL) &&			((s->enc_read_ctx=(EVP_CIPHER_CTX *)			OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))			goto err;		dd= s->enc_read_ctx;		s->read_hash=m;		/* COMPRESS */		if (s->expand != NULL)			{			COMP_CTX_free(s->expand);			s->expand=NULL;			}		if (comp != NULL)			{			s->expand=COMP_CTX_new(comp);			if (s->expand == NULL)				{				SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);				goto err2;				}			if (s->s3->rrec.comp == NULL)				s->s3->rrec.comp=(unsigned char *)					OPENSSL_malloc(SSL3_RT_MAX_PLAIN_LENGTH);			if (s->s3->rrec.comp == NULL)				goto err;			}		memset(&(s->s3->read_sequence[0]),0,8);		mac_secret= &(s->s3->read_mac_secret[0]);		}	else		{		if ((s->enc_write_ctx == NULL) &&			((s->enc_write_ctx=(EVP_CIPHER_CTX *)			OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))			goto err;		dd= s->enc_write_ctx;		s->write_hash=m;		/* COMPRESS */		if (s->compress != NULL)			{			COMP_CTX_free(s->compress);			s->compress=NULL;			}		if (comp != NULL)			{			s->compress=COMP_CTX_new(comp);			if (s->compress == NULL)				{				SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);				goto err2;				}			}		memset(&(s->s3->write_sequence[0]),0,8);		mac_secret= &(s->s3->write_mac_secret[0]);		}	EVP_CIPHER_CTX_init(dd);	p=s->s3->tmp.key_block;	i=EVP_MD_size(m);	cl=EVP_CIPHER_key_length(c);	j=exp ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?		 cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;	/* Was j=(exp)?5:EVP_CIPHER_key_length(c); */	k=EVP_CIPHER_iv_length(c);	if (	(which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||		(which == SSL3_CHANGE_CIPHER_SERVER_READ))		{		ms=  &(p[ 0]); n=i+i;		key= &(p[ n]); n+=j+j;		iv=  &(p[ n]); n+=k+k;		er1= &(s->s3->client_random[0]);		er2= &(s->s3->server_random[0]);		}	else		{//.........这里部分代码省略.........

//.........这里部分代码省略.........					}				} else if(BIO_read(rbio,mbuf,sizeof mbuf) != sizeof mbuf					  || BIO_read(rbio,						      (unsigned char *)salt,				    sizeof salt) != sizeof salt) {					BIO_printf(bio_err,"error reading input file/n");					goto end;				} else if(memcmp(mbuf,magic,sizeof magic-1)) {				    BIO_printf(bio_err,"bad magic number/n");				    goto end;				}				sptr = salt;			}			EVP_BytesToKey(cipher,dgst,sptr,				(unsigned char *)str,				strlen(str),1,key,iv);			/* zero the complete buffer or the string			 * passed from the command line			 * bug picked up by			 * Larry J. Hughes Jr. <[email
C++ EVP_CIPHER_nid函数代码示例
C++ EVP_CIPHER_block_size函数代码示例