自学教程：C++ EVP_DecryptUpdate函数代码示例

/** Decrypt a buffer. * @param cipher cipher ID * @param enc encrypted buffer * @param enc_size number of bytes in @p enc * @param plain on return contains plain text data * @param plain_size size in bytes of @p plain * @return number of bytes that were in the encrypted buffer (this can be shorter if the data * did not exactly fit the AES block size. */size_tBufferDecryptor::decrypt(int cipher, const void *enc, size_t enc_size, void *plain, size_t plain_size){#ifdef HAVE_LIBCRYPTO  if (keys_.find(cipher) == keys_.end()) {    generate_key(cipher);  }  const EVP_CIPHER *evp_cipher = cipher_by_id(cipher);  const size_t iv_size = EVP_CIPHER_iv_length(evp_cipher);  const unsigned char *iv = (const unsigned char *)enc;  unsigned char *enc_m = (unsigned char *)enc + iv_size;  enc_size -= iv_size;  EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();  if ( ! EVP_DecryptInit(ctx, evp_cipher, (const unsigned char *)keys_[cipher].c_str(), iv))  {    EVP_CIPHER_CTX_free(ctx);    throw std::runtime_error("Could not initialize cipher context");  }  int outl = plain_size;  if ( ! EVP_DecryptUpdate(ctx,			   (unsigned char *)plain, &outl, enc_m, enc_size))  {    EVP_CIPHER_CTX_free(ctx);    throw std::runtime_error("DecryptUpdate failed");  }  int plen = 0;  if ( ! EVP_DecryptFinal(ctx, (unsigned char *)plain + outl, &plen) ) {    EVP_CIPHER_CTX_free(ctx);    throw std::runtime_error("DecryptFinal failed");  }  outl += plen;  EVP_CIPHER_CTX_free(ctx);  return outl;#else  throw std::runtime_error("Decryption support not available");#endif}

int spider_decrypt(void) {	unsigned char outbuf[LOG_MAX];	int olen,tlen,n;	char inbuff[LOG_MAX + EVP_MAX_BLOCK_LENGTH];	char baz[LOG_MAX + EVP_MAX_BLOCK_LENGTH];	EVP_CIPHER_CTX ctx;	int i;	// hmmm.  how are we going to chop this back into lines and populate	// the log array?	if (logfp) {		fclose(logfp);	}	logfp = fopen(LogPath, "rb");	if (logfp == NULL) {		fprintf(stderr, "logfp: %s/n", strerror(errno));		exit(1);	}	EVP_CIPHER_CTX_init(&ctx);	EVP_DecryptInit(&ctx, EVP_bf_cbc(), KEY, IV);	while ((n = fread(inbuff, 1, LOG_MAX + EVP_MAX_BLOCK_LENGTH, logfp)) > 0) {		if (EVP_DecryptUpdate(&ctx, outbuf, &olen, inbuff, n) != 1) {			return 0;		}		snprintf(baz, olen+1, "%s", outbuf);		bzero(&inbuff, LOG_MAX + EVP_MAX_BLOCK_LENGTH);	}	if ((i = EVP_DecryptFinal(&ctx, outbuf+olen, &tlen)) != 1) {		return 0;	}	bzero(baz, sizeof(baz));	snprintf(baz, tlen+1, "%s", outbuf+olen);	printf("%s", baz);	EVP_CIPHER_CTX_cleanup(&ctx);	return 1;}

static int EVP_Update_loop(void *args){    loopargs_t *tempargs = *(loopargs_t **)args;    unsigned char *buf = tempargs->buf;    EVP_CIPHER_CTX *ctx = tempargs->ctx;    int outl, count;    if (decrypt)        for (count = 0; COND(nb_iter); count++)            EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);    else        for (count = 0; COND(nb_iter); count++)            EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);    if (decrypt)        EVP_DecryptFinal_ex(ctx, buf, &outl);    else        EVP_EncryptFinal_ex(ctx, buf, &outl);    return count;}

int decrypt_file(const char *path, const char *fileName, unsigned char *key) {	int outlen, inlen;		FILE *file, *temp;	file = fopen(fileName,"r+b");	if(file == NULL) {		return -2;	}	char tempName[PATH_SIZE];	cnct(path,"TemP.TemP",tempName);	temp = fopen(tempName,"wb");	unsigned char iv[8] = "DAJ-7l2"; /* вектор инициализации */ 	unsigned char inbuf[BUF_SIZE], outbuf[BUF_SIZE]; 	EVP_CIPHER_CTX ctx;	const EVP_CIPHER * cipher;	EVP_CIPHER_CTX_init(&ctx);	cipher = EVP_bf_cbc();	EVP_DecryptInit(&ctx, cipher, key, iv);	while(1) {		inlen = fread(inbuf, 1, BUF_SIZE, file);		if(inlen <= 0) break;		if(!EVP_DecryptUpdate(&ctx, outbuf, &outlen, inbuf, inlen))			return 1;		fwrite(outbuf, 1, outlen, temp);	}	if(!EVP_DecryptFinal(&ctx, outbuf, &outlen)) 		return 1; 	fwrite(outbuf, 1, outlen, temp); 	EVP_CIPHER_CTX_cleanup(&ctx);	fclose(file);	fclose(temp);	remove(fileName);	rename(tempName,fileName);		return 0;}

int decrypt(const char *passphrase){    unsigned char key[EVP_MAX_KEY_LENGTH];    unsigned char iv[EVP_MAX_IV_LENGTH];    unsigned char salt[8] = {0};    unsigned char inbuf[256];    unsigned char outbuf[256 + EVP_MAX_BLOCK_LENGTH];    int nread, nwrite;    int outlen;    EVP_CIPHER_CTX ctx;    EVP_CIPHER_CTX_init(&ctx);    genKeyIV(0, passphrase, salt, key, iv);    EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key, iv);    for (;;) {        if ((nread = read(STDIN_FILENO, inbuf, 255)) < 0) {            perror("Fail to read");            return -1;        } else if (nread == 0)            break;        if (!EVP_DecryptUpdate(&ctx, outbuf, &outlen, inbuf, nread)) {            fprintf(stderr, "Fail to EncryptUpdate!/n");            EVP_CIPHER_CTX_cleanup(&ctx);            return -1;        }        if ((nwrite = write(STDOUT_FILENO, outbuf, outlen)) < 0) {            perror("Fail to write");            return -1;        }    }    if (!EVP_DecryptFinal_ex(&ctx, outbuf, &outlen)) {        EVP_CIPHER_CTX_cleanup(&ctx);        return -1;    }    if (write(STDOUT_FILENO, outbuf, outlen) < 0) {        perror("Fail to write");        return -1;    }    EVP_CIPHER_CTX_cleanup(&ctx);    return 0;}

int decrypt_str(unsigned char *buffer, const char *data, size_t dataLen, const char *key, size_t *outLen) {  EVP_CIPHER_CTX *ctx;  // TODO Bad  unsigned char iv[16] = {0};  int outlen1, outlen2;  if (!(ctx = EVP_CIPHER_CTX_new()))    return 0;  if (EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv) != 1)    return 2;  if (EVP_DecryptUpdate(ctx, buffer, &outlen1, data, dataLen) != 1)    return 3;  if (EVP_DecryptFinal_ex(ctx, buffer + outlen1, &outlen2) != 1)    return 4;  *outLen = outlen1 + outlen2;  return 1;}

int decrypt(unsigned char *ciphertext,        int ciphertext_len,        unsigned char *key,        unsigned char *iv, unsigned char *plaintext){    EVP_CIPHER_CTX *ctx;    int len;    int plaintext_len;    /* Create and initialise the context */    if (!(ctx = EVP_CIPHER_CTX_new()))    handleErrors();    /* Initialise the decryption operation. IMPORTANT - ensure you use a key     * and IV size appropriate for your cipher     * In this example we are using 256 bit AES (i.e. a 256 bit key). The     * IV size for *most* modes is the same as the block size. For AES this     * is 128 bits */    if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv))    handleErrors();    /* Provide the message to be decrypted, and obtain the plaintext output.     * EVP_DecryptUpdate can be called multiple times if necessary     */    if (1 !=EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext,ciphertext_len))    handleErrors();    plaintext_len = len;    /* Finalise the decryption. Further plaintext bytes may be written at     * this stage.     */    if (1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len))    handleErrors();    plaintext_len += len;    /* Clean up */    EVP_CIPHER_CTX_free(ctx);    return plaintext_len;}

intdecrypt (int infd, int outfd){	unsigned char outbuf[IP_SIZE];	int olen, tlen, n;	unsigned char inbuff[OP_SIZE];	EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();	//EVP_CIPHER_CTX_init (ctx);	EVP_DecryptInit (ctx, EVP_bf_cbc (), key, iv);	for (;;)	  {		  bzero (&inbuff, OP_SIZE);		  if ((n = read (infd, inbuff, OP_SIZE)) == -1)		    {			    perror ("read error");			    break;		    }		  else if (n == 0)			  break;		  bzero (&outbuf, IP_SIZE);		  if (EVP_DecryptUpdate (ctx, outbuf, &olen, inbuff, n) != 1)		    {			    printf ("error in decrypt update/n");			    return 0;		    }		  if (EVP_DecryptFinal (ctx, outbuf + olen, &tlen) != 1)		    {			    printf ("error in decrypt final/n");			    return 0;		    }		  olen += tlen;		  if ((n = write (outfd, outbuf, olen)) == -1)			  perror ("write error");	  }	//EVP_CIPHER_CTX_cleanup (ctx);	return 1;}

size32_t aesDecrypt(MemoryBuffer &out, size32_t inSz, const void *inBytes, size32_t keyLen, const char *key, const char *iv){    if (0 == inSz)        return 0;    OwnedEVPCipherCtx ctx(EVP_CIPHER_CTX_new());    if (!ctx)        throw makeEVPException(0, "Failed EVP_CIPHER_CTX_new");    const size32_t cipherBlockSz = 128;    // from man page - "should have sufficient room for (inl + cipher_block_size) bytes unless the cipher block size is 1 in which case inl bytes is sufficient"    size32_t outMaxSz = (cipherBlockSz==1) ? inSz : (inSz + cipherBlockSz/8);    size32_t startSz = out.length();    byte *outPtr = (byte *)out.reserveTruncate(outMaxSz);    /* Initialise the decryption operation. IMPORTANT - ensure you use a key     * and IV size appropriate for your cipher     * In this example we are using 256 bit AES (i.e. a 256 bit key). The     * IV size for *most* modes is the same as the block size. For AES this     * is 128 bits     * */    if (!iv) iv = staticAesIV;    if (1 != EVP_DecryptInit_ex(ctx, getAesCipher(keyLen), nullptr, (const unsigned char *)key, (const unsigned char *)iv))        throw makeEVPException(0, "Failed EVP_DecryptInit_ex");    /* Provide the message to be decrypted, and obtain the plaintext output.     * EVP_DecryptUpdate can be called multiple times if necessary     */    int outSz;    if (1 != EVP_DecryptUpdate(ctx, outPtr, &outSz, (const unsigned char *)inBytes, inSz))        throw makeEVPException(0, "Failed EVP_DecryptUpdate");    int plaintext_len = outSz;    /* Finalise the decryption. Further plaintext bytes may be written at     * this stage.     */    if (1 != EVP_DecryptFinal_ex(ctx, outPtr + outSz, &outSz))        throw makeEVPException(0, "Failed EVP_DecryptFinal_ex");    plaintext_len += outSz;    out.setLength(startSz+plaintext_len); // truncate length of 'out' to final size    return (size32_t)plaintext_len;}

//The partner decryption function to aboveunsigned char *blowfish_dec(unsigned char *key, unsigned char* data, int size){	unsigned char* out = malloc(size);	int outlen;	int tmplen;	unsigned char iv[] = {0}; //TODO maybe not this?	EVP_CIPHER_CTX ctx;	EVP_CIPHER_CTX_init(&ctx);	EVP_DecryptInit_ex(&ctx, EVP_bf_ecb(), NULL, key, iv);	EVP_CIPHER_CTX_set_padding(&ctx, 0);		EVP_DecryptUpdate(&ctx, out, &outlen, data, size);	if(!EVP_DecryptFinal_ex(&ctx, out + outlen, &tmplen)) {		ssl_error("Didn't do decrypt final");	}	outlen += tmplen;	EVP_CIPHER_CTX_cleanup(&ctx);	return out;}

    array::array* aes_decrypt(array::array* data, array::array* iv, array::array* key) {        byte* ivec = new byte[iv->length];        memcpy(ivec, iv->data, iv->length);        byte* outdata = new byte[data->length * 2];        int outLen1 = 0, outLen2 = 0;        EVP_CIPHER_CTX ctx;        EVP_DecryptInit(&ctx,EVP_aes_256_cbc(),key->data,ivec);        EVP_DecryptUpdate(&ctx,outdata, &outLen1, data->data, data->length);        EVP_DecryptFinal(&ctx,outdata + outLen1, &outLen2);        delete[] ivec;        array::array* lol = array::create(outLen1 + outLen2, outdata);        delete[] outdata;        return lol;    }

BOOL CryptUnprotectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags){	BYTE* pPlainText;	int cbOut, cbFinal;	WINPR_PROTECTED_MEMORY_BLOCK* pMemBlock;	if (dwFlags != CRYPTPROTECTMEMORY_SAME_PROCESS)		return FALSE;	if (!g_ProtectedMemoryBlocks)		return FALSE;	pMemBlock = (WINPR_PROTECTED_MEMORY_BLOCK*) ListDictionary_GetItemValue(g_ProtectedMemoryBlocks, pData);	if (!pMemBlock)		return FALSE;	/* AES Decryption */	cbOut = pMemBlock->cbData + AES_BLOCK_SIZE - 1;	pPlainText = (BYTE*) malloc(cbOut);	EVP_DecryptInit_ex(&(pMemBlock->dec), NULL, NULL, NULL, NULL);	EVP_DecryptUpdate(&(pMemBlock->dec), pPlainText, &cbOut, pMemBlock->pData, pMemBlock->cbData);	EVP_DecryptFinal_ex(&(pMemBlock->dec), pPlainText + cbOut, &cbFinal);	CopyMemory(pMemBlock->pData, pPlainText, pMemBlock->cbData);	SecureZeroMemory(pPlainText, pMemBlock->cbData);	free(pPlainText);	ListDictionary_Remove(g_ProtectedMemoryBlocks, pData);	/* AES Cleanup */	EVP_CIPHER_CTX_cleanup(&(pMemBlock->enc));	EVP_CIPHER_CTX_cleanup(&(pMemBlock->dec));	free(pMemBlock);	return TRUE;}

static char *	decipher_evp (const unsigned char *key, int keylen, const unsigned char *ciphertext, int cipherlen, const EVP_CIPHER *type, int *outlen, int ivsize){        unsigned char *outbuf;	unsigned char	*iv = NULL;	unsigned long errcode;	int	outlen2;        EVP_CIPHER_CTX a;        EVP_CIPHER_CTX_init(&a);	EVP_CIPHER_CTX_set_padding(&a, 0);	if (ivsize > 0)		iv = new_malloc(ivsize);	outbuf = new_malloc(cipherlen + 1024);	if (ivsize > 0)		memcpy(iv, ciphertext, ivsize);        EVP_DecryptInit_ex(&a, type, NULL, NULL, iv);	EVP_CIPHER_CTX_set_key_length(&a, keylen);	EVP_CIPHER_CTX_set_padding(&a, 0);        EVP_DecryptInit_ex(&a, NULL, NULL, key, NULL);        if (EVP_DecryptUpdate(&a, outbuf, outlen, ciphertext, cipherlen) != 1)		yell("EVP_DecryptUpdate died.");	if (EVP_DecryptFinal_ex(&a, outbuf + (*outlen), &outlen2) != 1)		yell("EVP_DecryptFinal_Ex died.");	*outlen += outlen2;        EVP_CIPHER_CTX_cleanup(&a);	ERR_load_crypto_strings();	while ((errcode = ERR_get_error()))	{	    char r[256];	    ERR_error_string_n(errcode, r, 256);	    yell("ERROR: %s", r);	}	if (ivsize > 0)		new_free(&iv);	return outbuf;}

int decrypt_sym(unsigned char *ciphertext, int ciphertext_len, unsigned char *key, unsigned char *iv, unsigned char *plaintext) {	EVP_CIPHER_CTX *ctx;	int len;	int plaintext_len;	if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors();	if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv)) handleErrors();	if(1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len)) handleErrors();	plaintext_len = len;	if(1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len)) handleErrors();	plaintext_len += len;	EVP_CIPHER_CTX_free(ctx);	return plaintext_len;}

/** * AES-ECB-PKCS5Padding解密 * * LUA示例: * local codec = require('codec') * local src = [[...]] --BASE64密文 * local key = [[...]] --16位数字串 * local bs = codec.base64_decode(src) * local dst = codec.aes_decrypt(bs, key) */static int codec_aes_decrypt(lua_State *L){    size_t len;    const char *src = luaL_checklstring(L, 1, &len);    char *key = luaL_checkstring(L, 2);    EVP_CIPHER_CTX ctx;    EVP_CIPHER_CTX_init(&ctx);    int ret = EVP_DecryptInit_ex(&ctx, EVP_aes_128_ecb(), NULL, (unsigned char *)key, NULL);    if(ret != 1)    {        EVP_CIPHER_CTX_cleanup(&ctx);        return luaL_error(L, "EVP decrypt init error");    }    int n, wn;    char dst[len];    memset(dst, 0, len);    ret = EVP_DecryptUpdate(&ctx, (unsigned char *)dst, &wn, (unsigned char *)src, len);    if(ret != 1)    {        EVP_CIPHER_CTX_cleanup(&ctx);        return luaL_error(L, "EVP decrypt update error");    }    n = wn;    ret = EVP_DecryptFinal_ex(&ctx, (unsigned char *)(dst + n), &wn);    if(ret != 1)    {        EVP_CIPHER_CTX_cleanup(&ctx);        return luaL_error(L, "EVP decrypt final error");    }    EVP_CIPHER_CTX_cleanup(&ctx);    n += wn;    lua_pushlstring(L, dst, n);    return 1;}

int symmetric_decrypt(char* ciphertext, char* plaintext,char* key,int enctextsize){ 	int nc; /* amount of bytes [de]crypted at each step */  	int nctot; /* total amount of encrypted bytes */  	int pt_len; /* plain text size */  	int ct_len; /* encrypted text size */  	int ct_ptr; /* first available entry in the buffer */  	int msg_len; /* message length */	int k_size; 	/* Context allocation */  	EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX *)malloc(sizeof(EVP_CIPHER_CTX));  	/* Context initialization */  	EVP_CIPHER_CTX_init(ctx); 	/* Context setup for encryption */  	EVP_DecryptInit(ctx, EVP_des_ecb(), NULL, NULL);	/* Decryption key setup */  	EVP_DecryptInit(ctx, NULL, key, NULL); 	/* Encryption */  	nc = 0;  	nctot = 0;  	ct_ptr = 0;   	EVP_DecryptUpdate(ctx, &plaintext[ct_ptr], &nc, ciphertext, enctextsize);      	ct_ptr += nc;  	nctot += nc;  		EVP_DecryptFinal(ctx, &plaintext[ct_ptr], &nc);  	nctot += nc;		return nctot;}

int aes_decrypt(EVP_CIPHER_CTX *d, int in,int out){	int inlen=0,flen=0,outlen=0;	char inbuf[SIZE+AES_BLOCK_SIZE];				/****** CHECK ???? ****/	char outbuf[SIZE+AES_BLOCK_SIZE];	if(!EVP_DecryptInit_ex(d, NULL, NULL, NULL, NULL)) 	{		perror("/n Eror in DECinit:");		return 1;	}    		while((inlen = read(in,inbuf,SIZE)) >0)	{		if(!EVP_DecryptUpdate(d,(unsigned char*)outbuf, &outlen,(unsigned char*)inbuf,inlen)) 		{			perror("/n Error,DECRYPT_UPDATE:");			return 1;		}		if((write(out,outbuf,outlen)) != outlen)		{			perror("/n ERROR,Writing dec bytes:");			return 1;		}			}        	if(!EVP_DecryptFinal_ex(d,(unsigned char*)outbuf,&flen)) 	{		perror("/n Error,DECRYPT_FINAL:");		return 1;	}	if((write(out,outbuf,flen)) != flen)	{		perror("/n ERROR,Writng FINAL dec bytes:");		return 1;	}        return 0;}

int Crypt::dec_data(uint8_t *cipher_text, int cipher_text_len, uint8_t *plain_text, uint64_t k_nas_enc) {	EVP_CIPHER_CTX *ctx;	int len;	int plain_text_len;	if (!(ctx = EVP_CIPHER_CTX_new())) {		handle_crypt_error();	}	if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv)) {		handle_crypt_error();	}	if (1 != EVP_DecryptUpdate(ctx, plain_text, &len, cipher_text, cipher_text_len)) {		handle_crypt_error();	}	plain_text_len = len;	if (1 != EVP_DecryptFinal_ex(ctx, plain_text + len, &len)) { 		handle_crypt_error(); 	}	plain_text_len += len;	EVP_CIPHER_CTX_free(ctx);	return plain_text_len;}

bool RarVolume::DecryptBuf(const uint8 in[16], uint8 out[16]){#ifdef HAVE_OPENSSL	uint8 outbuf[32];	int outlen = 0;	if (!EVP_DecryptUpdate((EVP_CIPHER_CTX*)m_context, outbuf, &outlen, in, 16)) return false;	memcpy(out, outbuf + outlen, 16);	debug("decrypted: %s", *Util::FormatBuffer((const char*)out, 16));	return true;#elif defined(HAVE_NETTLE)	aes_decrypt((aes_ctx*)m_context, 16, out, in);	for (int i = 0; i < 16; i++)	{		out[i] ^= m_decryptIV[i];	}	memcpy(m_decryptIV, in, 16);	debug("decrypted: %s", *Util::FormatBuffer((const char*)out, 16));	return true;#else	return false;#endif}

/*** 功能描述:3DES解密* @param pData：原始数据* @param ilen: 原始数据长度* @param ppDecryptData: 解密后数据* @return -1: 失败, 其他: 解密数据长度**/int TripleDESDecrypt(const char* pData, int ilen, char** ppDecryptData){    /*密钥*/    unsigned char key[24] = {43,14,54,109,109,8,84,87,116,30,19,68,35,51,83,72,16,2,83,48,117,85,9,80};    /*初始化向量*/    unsigned char iv[8] = {111,121,47,42,75,34,33,124};    EVP_CIPHER_CTX ctx;    EVP_CIPHER_CTX_init(&ctx);    int rc = EVP_EncryptInit_ex(&ctx,EVP_des_ede3_cbc(),NULL,key,iv);    if (rc != 1)    {        EVP_CIPHER_CTX_cleanup(&ctx);        return -1;    }    int outlen = ilen + 1;    *ppDecryptData = (char*)malloc(outlen);    memset(*ppDecryptData, 0 , outlen);    rc = EVP_DecryptUpdate(&ctx, (unsigned char*)(*ppDecryptData), &outlen, (unsigned char*)pData, ilen);    if(rc != 1)    {        EVP_CIPHER_CTX_cleanup(&ctx);        free(*ppDecryptData);        return -1;    }    int outlentmp = 0;    rc = EVP_DecryptFinal_ex(&ctx, (unsigned char*)(*ppDecryptData) + outlen,&outlentmp);    if(rc != 1)    {        EVP_CIPHER_CTX_cleanup(&ctx);        free(*ppDecryptData);        return -1;    }    outlen += outlentmp;    EVP_CIPHER_CTX_cleanup(&ctx);    return outlen;}

intdecrypt_data(const void *in, int inlen, void *out, int *outlen,             const void *iv, const void *key){    int len;    ERR_clear_error();    cryptutil_init();    /* In this we are using 256 bit AES (i.e. a 256 bit key). The     * IV size for *most* modes is the same as the block size. For AES this     * is 128 bits     */    if(EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key, iv) != 1) {        log_crypt_err("Not able to initialize decrypt context for AES-256");        return 0;    }    /* Provide the cypher text to be decrypted, and obtain the plaintext output */    if(EVP_DecryptUpdate(&ctx, out, &len, in, inlen) != 1) {        log_crypt_err("Not able to decrypt using AES-256");        return 0;    }    *outlen = len;    /* Finalise the encryption. Further ciphertext bytes may be written at     * this stage.     */    if(EVP_DecryptFinal_ex(&ctx, out + len, &len) != 1) {        log_crypt_err("Not able to finalize encryption using AES-256");        return 0;    }    *outlen += len;    return 1;}

/** * @brief AES256 data decryption * @see el_aes256_create_key() * @see el_aes256_encrypt_data() * @param key The key generated by el_aes256_create_key() * @param out Output buffer containing the decrypted data * @param in Input buffer containing the encrypted data * @param in_len The size of encrypted data buffer * @return The size of decrypted data buffer (output) or -1 on error */int el_aes256_decrypt_data(		const unsigned char *key,		unsigned char *out,		const unsigned char *in,		size_t in_len) {	EVP_CIPHER_CTX e_ctx;	unsigned char hmac[EVP_MAX_MD_SIZE];	unsigned int mdlen;	int mlen, flen;		const unsigned char *enctext = in + EVP_MAX_MD_SIZE + EVP_MAX_IV_LENGTH;	const unsigned char *iv = in + EVP_MAX_MD_SIZE;	if (!HMAC(EVP_sha256(), key, EVP_MAX_KEY_LENGTH, in + EVP_MAX_MD_SIZE, in_len - EVP_MAX_MD_SIZE, hmac, &mdlen))		return -1;	/* Switch to constant-time comparison function */	if (memcmp(in, hmac, mdlen))		return -2;	EVP_CIPHER_CTX_init(&e_ctx);	if (!EVP_DecryptInit_ex(&e_ctx, EVP_aes_256_cbc(), NULL, key, iv)) {		EVP_CIPHER_CTX_cleanup(&e_ctx);		return -3;	}	if (!EVP_DecryptUpdate(&e_ctx, out, &mlen, enctext, in_len - EVP_MAX_MD_SIZE - EVP_MAX_IV_LENGTH)) {		EVP_CIPHER_CTX_cleanup(&e_ctx);		return -4;	}	EVP_DecryptFinal_ex(&e_ctx, out + mlen, &flen);	EVP_CIPHER_CTX_cleanup(&e_ctx);	return mlen + flen;}

static size_t decrypt_buffer(const unsigned char *buffer, size_t in_len, unsigned const char key[KDF_HASH_LEN], unsigned char **out){	EVP_CIPHER_CTX ctx;	unsigned char *plaintext = NULL;	int out_len;	unsigned int hmac_len;	size_t len;	unsigned char hmac[SHA256_DIGEST_LENGTH];	EVP_CIPHER_CTX_init(&ctx);	if (in_len < (SHA256_DIGEST_LENGTH + AES_BLOCK_SIZE * 2))		goto error;	if (!HMAC(EVP_sha256(), key, KDF_HASH_LEN, (unsigned char *)(buffer + SHA256_DIGEST_LENGTH), in_len - SHA256_DIGEST_LENGTH, hmac, &hmac_len))		goto error;	if (CRYPTO_memcmp(hmac, buffer, SHA256_DIGEST_LENGTH))		goto error;	plaintext = xcalloc(in_len + AES_BLOCK_SIZE, 1);	if (!EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key, (unsigned char *)(buffer + SHA256_DIGEST_LENGTH)))		goto error;	if (!EVP_DecryptUpdate(&ctx, (unsigned char *)plaintext, &out_len, (unsigned char *)(buffer + SHA256_DIGEST_LENGTH + AES_BLOCK_SIZE), in_len - SHA256_DIGEST_LENGTH - AES_BLOCK_SIZE))		goto error;	len = out_len;	if (!EVP_DecryptFinal_ex(&ctx, (unsigned char *)(plaintext + out_len), &out_len))		goto error;	len += out_len;	EVP_CIPHER_CTX_cleanup(&ctx);	*out = plaintext;	return len;error:	EVP_CIPHER_CTX_cleanup(&ctx);	free(plaintext);	*out = NULL;	return 0;}

void decrypt(FILE *ifp, FILE *ofp, unsigned char ckey[]){	//Get file size	fseek(ifp, 0L, SEEK_END);	int fsize = ftell(ifp);	//set back to normal	fseek(ifp, 0L, SEEK_SET);	int outLen1 = 0; int outLen2 = 0;	unsigned char *indata = (unsigned char *)malloc(fsize);	unsigned char *outdata = (unsigned char *)malloc(fsize);	unsigned char ivec[] = "dontusethisinput";	//Read File	fread(indata, sizeof(char), fsize, ifp);//Read Entire File	//setup decryption	EVP_CIPHER_CTX ctx;	EVP_DecryptInit(&ctx, EVP_aes_128_cbc(), ckey, ivec);	EVP_DecryptUpdate(&ctx, outdata, &outLen1, indata, fsize);	EVP_DecryptFinal(&ctx, outdata + outLen1, &outLen2);	fwrite(outdata, sizeof(char), outLen1 + outLen2, ofp);}

int s3fs::Crypto::decrypt_block(const unsigned char encrypted[], int inlen, unsigned char outbuf[]){    int outlen;    int tmplen;    EVP_CIPHER_CTX_init(&ctx);    EVP_CIPHER_CTX_set_padding(&ctx, 1L);    EVP_DecryptInit_ex(&ctx, EVP_aes_256_ctr(), NULL, key, iv);    if(!EVP_DecryptUpdate(&ctx, outbuf, &outlen, encrypted, inlen))    {        cerr << "An error has occurred while decrypting the encrypted text." << endl;        EVP_CIPHER_CTX_cleanup(&ctx);    }    if(!EVP_DecryptFinal_ex(&ctx, outbuf + outlen, &tmplen))    {        cerr << "An error has occurred while decrypting the encrypted text." << endl;        EVP_CIPHER_CTX_cleanup(&ctx);    }    outlen += tmplen;    EVP_CIPHER_CTX_cleanup(&ctx);    return outlen;}

void decrypt(FILE *ifp, FILE *ofp, char ckey[], char ivec[]){    fseek(ifp, 0L, SEEK_END);    int fsize = ftell(ifp);    fseek(ifp, 0L, SEEK_SET);    int outLen1 = 0; int outLen2 = 0;    unsigned char *indata = malloc(fsize);    unsigned char *outdata = malloc(fsize);    fread(indata,sizeof(char),fsize, ifp);//Read Entire File    EVP_CIPHER_CTX ctx;    EVP_DecryptInit(&ctx,EVP_aes_128_cbc(),ckey,ivec);    EVP_DecryptUpdate(&ctx,outdata,&outLen1,indata,fsize);    EVP_DecryptFinal(&ctx,outdata + outLen1,&outLen2);    fwrite(outdata,sizeof(char),outLen1 + outLen2,ofp);}

bool OldDecrypt(const std::vector<unsigned char>& vchCiphertext, CKeyingMaterial& vchPlaintext, const unsigned char chKey[32], const unsigned char chIV[16]){    // plaintext will always be equal to or lesser than length of ciphertext    int nLen = vchCiphertext.size();    int nPLen = nLen, nFLen = 0;    vchPlaintext = CKeyingMaterial(nPLen);    bool fOk = true;    EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new();    assert(ctx);    if (fOk) fOk = EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, chKey, chIV) != 0;    if (fOk) fOk = EVP_DecryptUpdate(ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen) != 0;    if (fOk) fOk = EVP_DecryptFinal_ex(ctx, (&vchPlaintext[0]) + nPLen, &nFLen) != 0;    EVP_CIPHER_CTX_free(ctx);    if (!fOk) return false;    vchPlaintext.resize(nPLen + nFLen);    return true;}

CK_RV PKCS11_Encryption_OpenSSL::DecryptUpdate(Cryptoki_Session_Context* pSessionCtx, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen){    OPENSSL_HEADER();    OpenSSLEncryptData *pDec;        if(pSessionCtx == NULL || pSessionCtx->DecryptionCtx == NULL) return CKR_SESSION_CLOSED;    pDec = (OpenSSLEncryptData*)pSessionCtx->DecryptionCtx;    if(pDec->IsSymmetric)    {        int outLen = *pulPartLen;                OPENSSL_CHECKRESULT(EVP_DecryptUpdate((EVP_CIPHER_CTX*)pDec->Key->ctx, pPart, &outLen, pEncryptedPart, ulEncryptedPartLen));                *pulPartLen = outLen;    }    else    {        size_t outLen = *pulPartLen;                OPENSSL_CHECKRESULT(EVP_PKEY_decrypt((EVP_PKEY_CTX*)pDec->Key->ctx, pPart, &outLen, pEncryptedPart, ulEncryptedPartLen));        *pulPartLen = outLen;    }    OPENSSL_CLEANUP();    if(retVal != CKR_OK)    {        TINYCLR_SSL_FREE(pDec);        pSessionCtx->DecryptionCtx = NULL;    }    OPENSSL_RETURN();}    

void openssl_evp_symcrypt(){	EVP_CIPHER_CTX ctx;	int i, len1 = 0, len2 = 0, len3 = 0;	unsigned char outs[MAX1_LEN], des[MAX1_LEN];	unsigned char iv[EVP_MAX_KEY_LENGTH], key[EVP_MAX_KEY_LENGTH];	unsigned char msg[MAX1_LEN] = "openssl symmetric encrypt test";	for (i = 0; i < 24; i++)		key[i] = i;	for (i = 0; i < 8; i++)		iv[i] = i;	memset(des, 0, sizeof(des));	memset(outs, 0, sizeof(outs));	OpenSSL_add_all_algorithms();	EVP_CIPHER_CTX_init(&ctx);	EVP_EncryptInit(&ctx, EVP_des_ede3_cbc(), key, iv);	EVP_EncryptUpdate(&ctx, outs, &len1, msg, strlen((char *)msg));	EVP_EncryptFinal(&ctx, outs + len1, &len3);	len1 = len1 + len3;	printf("/nEVP_SYNEncry (%s) = ", msg);	for (i = 0; i < len1; i++)		printf("0x%.02x ", outs[i]);	EVP_CIPHER_CTX_cleanup(&ctx);		EVP_CIPHER_CTX_init(&ctx);	EVP_DecryptInit(&ctx, EVP_des_ede3_cbc(), key, iv);	EVP_DecryptUpdate(&ctx, des, &len2, outs, len1);	EVP_DecryptFinal(&ctx, des + len2, &len3);	len2 += len3;	printf("/nEVP_SYNDecry (");	for (i = 0; i < len1; i++)		printf("0x%.02x ", outs[i]);	printf(") = %s/n", des);	EVP_CIPHER_CTX_cleanup(&ctx);}

// ----------------------------------------------------------------------------NetworkString* Crypto::decryptRecieve(ENetPacket* p){    int clen = (int)(p->dataLength - 8);    auto ns = std::unique_ptr<NetworkString>(new NetworkString(p->data, clen));    std::array<uint8_t, 12> iv = {};    if (NetworkConfig::get()->isClient())        memcpy(iv.data() + 4, p->data, 4);    else        memcpy(iv.data(), p->data, 4);    uint8_t* packet_start = p->data + 8;    uint8_t* tag = p->data + 4;    if (EVP_DecryptInit_ex(m_decrypt, NULL, NULL, NULL, iv.data()) != 1)    {        throw std::runtime_error("Failed to set IV.");    }    if (!EVP_CIPHER_CTX_ctrl(m_decrypt, EVP_CTRL_GCM_SET_TAG, 4, tag))    {        throw std::runtime_error("Failed to set tag.");    }    int dlen;    if (EVP_DecryptUpdate(m_decrypt, ns->m_buffer.data(), &dlen,        packet_start, clen) != 1)    {        throw std::runtime_error("Failed to decrypt.");    }    if (EVP_DecryptFinal_ex(m_decrypt, unused_16_blocks.data(), &dlen) > 0)    {        assert(dlen == 0);        NetworkString* result = ns.get();        ns.release();        return result;    }    throw std::runtime_error("Failed to finalize decryption.");}   // decryptRecieve