自学教程：C++ EVP_des_cbc函数代码示例

void PKCS5_PBE_add(void){#ifndef OPENSSL_NO_DES#  ifndef OPENSSL_NO_MD5EVP_PBE_alg_add(NID_pbeWithMD5AndDES_CBC, EVP_des_cbc(), EVP_md5(),							 PKCS5_PBE_keyivgen);#  endif#  ifndef OPENSSL_NO_MD2EVP_PBE_alg_add(NID_pbeWithMD2AndDES_CBC, EVP_des_cbc(), EVP_md2(),							 PKCS5_PBE_keyivgen);#  endif#  ifndef OPENSSL_NO_SHAEVP_PBE_alg_add(NID_pbeWithSHA1AndDES_CBC, EVP_des_cbc(), EVP_sha1(),							 PKCS5_PBE_keyivgen);#  endif#endif#ifndef OPENSSL_NO_RC2#  ifndef OPENSSL_NO_MD5EVP_PBE_alg_add(NID_pbeWithMD5AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md5(),							 PKCS5_PBE_keyivgen);#  endif#  ifndef OPENSSL_NO_MD2EVP_PBE_alg_add(NID_pbeWithMD2AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md2(),							 PKCS5_PBE_keyivgen);#  endif#  ifndef OPENSSL_NO_SHAEVP_PBE_alg_add(NID_pbeWithSHA1AndRC2_CBC, EVP_rc2_64_cbc(), EVP_sha1(),							 PKCS5_PBE_keyivgen);#  endif#endif#ifndef OPENSSL_NO_HMACEVP_PBE_alg_add(NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen);#endif}

EXPORT_C int SSL_library_init(void)	{//#ifdef EMULATOR	//	InitSSLWsdVar();	//#endif	#ifndef OPENSSL_NO_DES	EVP_add_cipher(EVP_des_cbc());	EVP_add_cipher(EVP_des_ede3_cbc());#endif#ifndef OPENSSL_NO_IDEA	EVP_add_cipher(EVP_idea_cbc());#endif#ifndef OPENSSL_NO_RC4	EVP_add_cipher(EVP_rc4());#endif  #ifndef OPENSSL_NO_RC2	EVP_add_cipher(EVP_rc2_cbc());#endif#ifndef OPENSSL_NO_AES	EVP_add_cipher(EVP_aes_128_cbc());	EVP_add_cipher(EVP_aes_192_cbc());	EVP_add_cipher(EVP_aes_256_cbc());#endif#ifndef OPENSSL_NO_MD2	EVP_add_digest(EVP_md2());#endif#ifndef OPENSSL_NO_MD5	EVP_add_digest(EVP_md5());	EVP_add_digest_alias(SN_md5,"ssl2-md5");	EVP_add_digest_alias(SN_md5,"ssl3-md5");#endif#ifndef OPENSSL_NO_SHA	EVP_add_digest(EVP_sha1()); /* RSA with sha1 */	EVP_add_digest_alias(SN_sha1,"ssl3-sha1");	EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);#endif#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)	EVP_add_digest(EVP_dss1()); /* DSA with sha1 */	EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);	EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");	EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");#endif#ifndef OPENSSL_NO_ECDSA	EVP_add_digest(EVP_ecdsa());#endif	/* If you want support for phased out ciphers, add the following */#if 0	EVP_add_digest(EVP_sha());	EVP_add_digest(EVP_dss());#endif#ifndef OPENSSL_NO_COMP	/* This will initialise the built-in compression algorithms.	   The value returned is a STACK_OF(SSL_COMP), but that can	   be discarded safely */	(void)SSL_COMP_get_compression_methods();#endif	/* initialize cipher/digest methods table */	ssl_load_ciphers();	return(1);	}

static int32_tsnmp_pdu_cipher_init(const struct snmp_pdu *pdu, int32_t len,    const EVP_CIPHER **ctype, uint8_t *piv){	int i;	uint32_t netint;	if (pdu->user.priv_proto == SNMP_PRIV_DES) {		if (len  % 8 != 0)			return (-1);		*ctype = EVP_des_cbc();		memcpy(piv, pdu->msg_salt, sizeof(pdu->msg_salt));		for (i = 0; i < 8; i++)			piv[i] = piv[i] ^ pdu->user.priv_key[8 + i];	} else if (pdu->user.priv_proto == SNMP_PRIV_AES) {		*ctype = EVP_aes_128_cfb128();		netint = htonl(pdu->engine.engine_boots);		memcpy(piv, &netint, sizeof(netint));		piv += sizeof(netint);		netint = htonl(pdu->engine.engine_time);		memcpy(piv, &netint, sizeof(netint));		piv += sizeof(netint);		memcpy(piv, pdu->msg_salt, sizeof(pdu->msg_salt));	} else if (pdu->user.priv_proto == SNMP_PRIV_NOPRIV)		return (0);	else {		snmp_error("unknown privacy option - %d", pdu->user.priv_proto);		return (-1);	}	return (1);}

const EVP_CIPHER* get_cipher_type(const enum cipher cipher, const enum cipher_mode mode) {    switch (mode) {        case MODE_ECB:            switch (cipher) {                case CIPHER_DES:                    return EVP_des_ecb();                case CIPHER_AES_128:                    return EVP_aes_128_ecb();                case CIPHER_AES_192:                    return EVP_aes_192_ecb();                case CIPHER_AES_256:                    return EVP_aes_256_ecb();            }        case MODE_CBC:            switch (cipher) {                case CIPHER_DES:                    return EVP_des_cbc();                case CIPHER_AES_128:                    return EVP_aes_128_cbc();                case CIPHER_AES_192:                    return EVP_aes_192_cbc();                case CIPHER_AES_256:                    return EVP_aes_256_cbc();            }        case MODE_OFB:            switch (cipher) {                case CIPHER_DES:                    return EVP_des_ofb();                case CIPHER_AES_128:                    return EVP_aes_128_ofb();                case CIPHER_AES_192:                    return EVP_aes_192_ofb();                case CIPHER_AES_256:                    return EVP_aes_256_ofb();            }        case MODE_CFB:            switch (cipher) {                case CIPHER_DES:                    return EVP_des_cfb();                case CIPHER_AES_128:                    return EVP_aes_128_cfb();                case CIPHER_AES_192:                    return EVP_aes_192_cfb();                case CIPHER_AES_256:                    return EVP_aes_256_cfb();            }    }    abort();}

void openssl_evp_rsacripher(){	RSA *rkey;	BIGNUM *bne;	EVP_PKEY *pubkey[2];	const EVP_CIPHER *type;	EVP_CIPHER_CTX ctx1, ctx2;	int i, ekl[2], total = 0, len1 = 0, len2 = 0;	const unsigned char ins[COMM_LEN] = "openssl evp";	unsigned char outs[LINE_LEN], iv[8], *ek[2], de[LINE_LEN];	bne = BN_new();	BN_set_word(bne, RSA_3);	rkey = RSA_new();	RSA_generate_key_ex(rkey, MAX1_LEN, bne, NULL);	pubkey[0] = EVP_PKEY_new();	EVP_PKEY_assign_RSA(pubkey[0], rkey);	type = EVP_des_cbc();	ek[0] = malloc(LINE_LEN);	ek[1] = malloc(LINE_LEN);	EVP_CIPHER_CTX_init(&ctx1);	EVP_SealInit(&ctx1, type, ek, ekl, iv, pubkey, 1);	EVP_SealUpdate(&ctx1, outs, &total, ins, 11);	EVP_SealFinal(&ctx1, outs + total, &len1);	total += len1;	printf("/nEVP_RSASEAL(%s) = ", ins);	for (i = 0; i < total; i++)		printf("0x%.02x ", outs[i]);	EVP_CIPHER_CTX_cleanup(&ctx1);		memset(de, 0, LINE_LEN);	EVP_CIPHER_CTX_init(&ctx2);	EVP_OpenInit(&ctx2, EVP_des_cbc(), ek[0], ekl[0], iv, pubkey[0]);	EVP_OpenUpdate(&ctx2, de, &len2, outs, total);	EVP_OpenFinal(&ctx2, de + len2, &len1);	len2 += len1;	printf("= %s/n", de);	EVP_CIPHER_CTX_cleanup(&ctx2);	free(ek[0]);	free(ek[1]);	EVP_PKEY_free(pubkey[0]);	BN_free(bne);}

intSSL_library_init(void){#ifndef OPENSSL_NO_DES	EVP_add_cipher(EVP_des_cbc());	EVP_add_cipher(EVP_des_ede3_cbc());#endif#ifndef OPENSSL_NO_IDEA	EVP_add_cipher(EVP_idea_cbc());#endif#ifndef OPENSSL_NO_RC4	EVP_add_cipher(EVP_rc4());#if !defined(OPENSSL_NO_MD5) && (defined(__x86_64) || defined(__x86_64__))	EVP_add_cipher(EVP_rc4_hmac_md5());#endif#endif  #ifndef OPENSSL_NO_RC2	EVP_add_cipher(EVP_rc2_cbc());	/* Not actually used for SSL/TLS but this makes PKCS#12 work	 * if an application only calls SSL_library_init().	 */	EVP_add_cipher(EVP_rc2_40_cbc());#endif	EVP_add_cipher(EVP_aes_128_cbc());	EVP_add_cipher(EVP_aes_192_cbc());	EVP_add_cipher(EVP_aes_256_cbc());	EVP_add_cipher(EVP_aes_128_gcm());	EVP_add_cipher(EVP_aes_256_gcm());	EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());	EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());#ifndef OPENSSL_NO_CAMELLIA	EVP_add_cipher(EVP_camellia_128_cbc());	EVP_add_cipher(EVP_camellia_256_cbc());#endif	EVP_add_digest(EVP_md5());	EVP_add_digest_alias(SN_md5, "ssl2-md5");	EVP_add_digest_alias(SN_md5, "ssl3-md5");	EVP_add_digest(EVP_sha1()); /* RSA with sha1 */	EVP_add_digest_alias(SN_sha1, "ssl3-sha1");	EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);	EVP_add_digest(EVP_sha224());	EVP_add_digest(EVP_sha256());	EVP_add_digest(EVP_sha384());	EVP_add_digest(EVP_sha512());	EVP_add_digest(EVP_dss1()); /* DSA with sha1 */	EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);	EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");	EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");	EVP_add_digest(EVP_ecdsa());	/* initialize cipher/digest methods table */	ssl_load_ciphers();	return (1);}

static const EVP_CIPHER* cipher_by_name(const char *name) {  if (strcmp(name, "DES-CBC") == 0) {    return EVP_des_cbc();  } else if (strcmp(name, "AES-128-CBC") == 0) {    return EVP_aes_128_cbc();  } else if (strcmp(name,  "AES-256-CBC") == 0) {    return EVP_aes_256_cbc();  } else {    return NULL;  }}

static krb5_error_codek5_des_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,               size_t num_data){    int ret, olen = MIT_DES_BLOCK_LENGTH;    unsigned char iblock[MIT_DES_BLOCK_LENGTH], oblock[MIT_DES_BLOCK_LENGTH];    struct iov_block_state input_pos, output_pos;    EVP_CIPHER_CTX ciph_ctx;    krb5_boolean empty;    IOV_BLOCK_STATE_INIT(&input_pos);    IOV_BLOCK_STATE_INIT(&output_pos);    ret = validate(key, ivec, data, num_data, &empty);    if (ret != 0 || empty)        return ret;    EVP_CIPHER_CTX_init(&ciph_ctx);    ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL,                             key->keyblock.contents, (ivec && ivec->data) ? (unsigned char*)ivec->data : NULL);    if (!ret)        return KRB5_CRYPTO_INTERNAL;    EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);    for (;;) {        if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data,                                     num_data, &input_pos))            break;        ret = EVP_EncryptUpdate(&ciph_ctx, oblock, &olen,                                (unsigned char *)iblock, MIT_DES_BLOCK_LENGTH);        if (!ret)            break;        krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH,                                &output_pos);    }    if (ivec != NULL)        memcpy(ivec->data, oblock, MIT_DES_BLOCK_LENGTH);    EVP_CIPHER_CTX_cleanup(&ciph_ctx);    zap(iblock, sizeof(iblock));    zap(oblock, sizeof(oblock));    if (ret != 1)        return KRB5_CRYPTO_INTERNAL;    return 0;}

int main(void) {   unsigned char ot[1024];  // open text  unsigned char st[1024];  // sifrovany text  unsigned char key[EVP_MAX_KEY_LENGTH] = "Super tajny klic";  // klic pro sifrovani  unsigned char iv[EVP_MAX_IV_LENGTH] = "vector unknown";  // inicializacni vektor  const char * filename = "Mad_scientist_cbc.bmp";  const char * outfilename = "Mad_scientist_cbc_dec.bmp";  int otLength = 0;  int stLength = 0;  int tmpLength = 0;  int readlen = 0;  char header[14];  unsigned int offset = 0;   EVP_CIPHER_CTX ctx; // struktura pro kontext 	FILE * fin = fopen(filename,"rb");	FILE * fout = fopen(outfilename,"w+b");	if(!fin){		printf("File not found");	}	fread(header,1,14,fin);	fwrite(header,1,14,fout);	offset = (unsigned int)*(&header[10]);	offset -= 14;	while(offset > 1024){		fread(ot,1,1024,fin);		fwrite(ot,1,1024,fout);		offset -= 1024;	}	fread(ot,1,offset,fin);	fwrite(ot,1,offset,fout);	 EVP_DecryptInit(&ctx, EVP_des_cbc(), key, iv);  // nastaveni kontextu pro sifrovani  do{	  readlen = fread(ot,1,1024,fin);	  EVP_DecryptUpdate(&ctx,  st, &stLength, ot, readlen);  // sifrovani ot	  fwrite(st,1,stLength,fout);  }while(readlen == 1024);    EVP_DecryptFinal(&ctx, &st[stLength], &tmpLength);  // ziskani sifrovaneho textu z kontextu  fwrite(&st[stLength],1,tmpLength,fout);  stLength += tmpLength;  fclose(fin);  fclose(fout);  exit(0); }

void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,                                               const char *name,                                               const char *unused, void *arg),                              void *arg) {  callback(EVP_aes_128_cbc(), "AES-128-CBC", NULL, arg);  callback(EVP_aes_128_ctr(), "AES-128-CTR", NULL, arg);  callback(EVP_aes_128_ecb(), "AES-128-ECB", NULL, arg);  callback(EVP_aes_128_ofb(), "AES-128-OFB", NULL, arg);  callback(EVP_aes_256_cbc(), "AES-256-CBC", NULL, arg);  callback(EVP_aes_256_ctr(), "AES-256-CTR", NULL, arg);  callback(EVP_aes_256_ecb(), "AES-256-ECB", NULL, arg);  callback(EVP_aes_256_ofb(), "AES-256-OFB", NULL, arg);  callback(EVP_aes_256_xts(), "AES-256-XTS", NULL, arg);  callback(EVP_des_cbc(), "DES-CBC", NULL, arg);  callback(EVP_des_ecb(), "DES-ECB", NULL, arg);  callback(EVP_des_ede(), "DES-EDE", NULL, arg);  callback(EVP_des_ede_cbc(), "DES-EDE-CBC", NULL, arg);  callback(EVP_des_ede3_cbc(), "DES-EDE3-CBC", NULL, arg);  callback(EVP_rc2_cbc(), "RC2-CBC", NULL, arg);  callback(EVP_rc4(), "RC4", NULL, arg);  // OpenSSL returns everything twice, the second time in lower case.  callback(EVP_aes_128_cbc(), "aes-128-cbc", NULL, arg);  callback(EVP_aes_128_ctr(), "aes-128-ctr", NULL, arg);  callback(EVP_aes_128_ecb(), "aes-128-ecb", NULL, arg);  callback(EVP_aes_128_ofb(), "aes-128-ofb", NULL, arg);  callback(EVP_aes_256_cbc(), "aes-256-cbc", NULL, arg);  callback(EVP_aes_256_ctr(), "aes-256-ctr", NULL, arg);  callback(EVP_aes_256_ecb(), "aes-256-ecb", NULL, arg);  callback(EVP_aes_256_ofb(), "aes-256-ofb", NULL, arg);  callback(EVP_aes_256_xts(), "aes-256-xts", NULL, arg);  callback(EVP_des_cbc(), "des-cbc", NULL, arg);  callback(EVP_des_ecb(), "des-ecb", NULL, arg);  callback(EVP_des_ede(), "des-ede", NULL, arg);  callback(EVP_des_ede_cbc(), "des-ede-cbc", NULL, arg);  callback(EVP_des_ede3_cbc(), "des-ede3-cbc", NULL, arg);  callback(EVP_rc2_cbc(), "rc2-cbc", NULL, arg);  callback(EVP_rc4(), "rc4", NULL, arg);}

const EVP_CIPHER * DesEncriptionStrategy::getType(EncriptionBlockType mode){	const EVP_CIPHER * type;	switch(mode){		case CBC:			type = EVP_des_cbc(); break;		case OFB:			type = EVP_des_ofb(); break;		case CFB:			type = EVP_des_cfb8(); break;		case ECB:			type = EVP_des_ecb(); break;	}	return type;}

static intssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv,    int enc){	struct ssh1_3des_ctx *c;	u_char *k1, *k2, *k3;	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) {		if ((c = calloc(1, sizeof(*c))) == NULL)			return 0;		EVP_CIPHER_CTX_set_app_data(ctx, c);	}	if (key == NULL)		return 1;	if (enc == -1)		enc = ctx->encrypt;	k1 = k2 = k3 = __UNCONST(key);	k2 += 8;	if (EVP_CIPHER_CTX_key_length(ctx) >= 16+8) {		if (enc)			k3 += 16;		else			k1 += 16;	}	EVP_CIPHER_CTX_init(&c->k1);	EVP_CIPHER_CTX_init(&c->k2);	EVP_CIPHER_CTX_init(&c->k3);	if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 ||	    EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 ||	    EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) {		explicit_bzero(c, sizeof(*c));		free(c);		EVP_CIPHER_CTX_set_app_data(ctx, NULL);		return 0;	}	return 1;}

static intssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv,    int enc){	struct ssh1_3des_ctx *c;	u_char *k1, *k2, *k3;	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) {		c = xmalloc(sizeof(*c));		EVP_CIPHER_CTX_set_app_data(ctx, c);	}	if (key == NULL)		return (1);	if (enc == -1)		enc = ctx->encrypt;	k1 = k2 = k3 = (u_char *) key;	k2 += 8;	if (EVP_CIPHER_CTX_key_length(ctx) >= 16+8) {		if (enc)			k3 += 16;		else			k1 += 16;	}	EVP_CIPHER_CTX_init(&c->k1);	EVP_CIPHER_CTX_init(&c->k2);	EVP_CIPHER_CTX_init(&c->k3);	if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 ||	    EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 ||	    EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) {		memset(c, 0, sizeof(*c));		xfree(c);		EVP_CIPHER_CTX_set_app_data(ctx, NULL);		return (0);	}	return (1);}

int SSL_library_init(void)	{#ifndef NO_DES	EVP_add_cipher(EVP_des_cbc());	EVP_add_cipher(EVP_des_ede3_cbc());#endif#ifndef NO_IDEA	EVP_add_cipher(EVP_idea_cbc());#endif#ifndef NO_RC4	EVP_add_cipher(EVP_rc4());#endif  #ifndef NO_RC2	EVP_add_cipher(EVP_rc2_cbc());#endif  #ifndef NO_MD2	EVP_add_digest(EVP_md2());#endif#ifndef NO_MD5	EVP_add_digest(EVP_md5());	EVP_add_digest_alias(SN_md5,"ssl2-md5");	EVP_add_digest_alias(SN_md5,"ssl3-md5");#endif#ifndef NO_SHA	EVP_add_digest(EVP_sha1()); /* RSA with sha1 */	EVP_add_digest_alias(SN_sha1,"ssl3-sha1");	EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);#endif#if !defined(NO_SHA) && !defined(NO_DSA)	EVP_add_digest(EVP_dss1()); /* DSA with sha1 */	EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);	EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");	EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");#endif	/* If you want support for phased out ciphers, add the following */#if 0	EVP_add_digest(EVP_sha());	EVP_add_digest(EVP_dss());#endif	return(1);	}

const EVP_CIPHER *EVP_get_cipherbynid(int nid) {  switch (nid) {    case NID_rc2_cbc:      return EVP_rc2_cbc();    case NID_rc2_40_cbc:      return EVP_rc2_40_cbc();    case NID_des_ede3_cbc:      return EVP_des_ede3_cbc();    case NID_des_ede_cbc:      return EVP_des_cbc();    case NID_aes_128_cbc:      return EVP_aes_128_cbc();    case NID_aes_192_cbc:      return EVP_aes_192_cbc();    case NID_aes_256_cbc:      return EVP_aes_256_cbc();    default:      return NULL;  }}

/*	Given KRB5 enctype (basically DES or 3DES),**	return closest match openssl EVP_ encryption algorithm.**	Return NULL for unknown or problematic (krb5_dk_encrypt) enctypes.**	Assume ENCTYPE_*_RAW (krb5_raw_encrypt) are OK.*/const EVP_CIPHER *kssl_map_enc(krb5_enctype enctype){	switch (enctype) {	case ENCTYPE_DES_HMAC_SHA1: /*    EVP_des_cbc(); */	case ENCTYPE_DES_CBC_CRC:	case ENCTYPE_DES_CBC_MD4:	case ENCTYPE_DES_CBC_MD5:	case ENCTYPE_DES_CBC_RAW:		return EVP_des_cbc();		break;	case ENCTYPE_DES3_CBC_SHA1: /*    EVP_des_ede3_cbc(); */	case ENCTYPE_DES3_CBC_SHA:	case ENCTYPE_DES3_CBC_RAW:		return EVP_des_ede3_cbc();		break;	default:		return NULL;		break;	}}

const EVP_CIPHER *EVP_get_cipherbyname(const char *name) {  if (OPENSSL_strcasecmp(name, "rc4") == 0) {    return EVP_rc4();  } else if (OPENSSL_strcasecmp(name, "des-cbc") == 0) {    return EVP_des_cbc();  } else if (OPENSSL_strcasecmp(name, "des-ede3-cbc") == 0 ||             OPENSSL_strcasecmp(name, "3des") == 0) {    return EVP_des_ede3_cbc();  } else if (OPENSSL_strcasecmp(name, "aes-128-cbc") == 0) {    return EVP_aes_128_cbc();  } else if (OPENSSL_strcasecmp(name, "aes-256-cbc") == 0) {    return EVP_aes_256_cbc();  } else if (OPENSSL_strcasecmp(name, "aes-128-ctr") == 0) {    return EVP_aes_128_ctr();  } else if (OPENSSL_strcasecmp(name, "aes-256-ctr") == 0) {    return EVP_aes_256_ctr();  } else if (OPENSSL_strcasecmp(name, "aes-128-ecb") == 0) {    return EVP_aes_128_ecb();  } else if (OPENSSL_strcasecmp(name, "aes-256-ecb") == 0) {    return EVP_aes_256_ecb();  }  return NULL;}

static OM_uint32verify_mic_des           (OM_uint32 * minor_status,            const gsskrb5_ctx context_handle,	    krb5_context context,            const gss_buffer_t message_buffer,            const gss_buffer_t token_buffer,            gss_qop_t * qop_state,	    krb5_keyblock *key,	    char *type	    ){  u_char *p;  EVP_MD_CTX *md5;  u_char hash[16], *seq;  DES_key_schedule schedule;  EVP_CIPHER_CTX des_ctx;  DES_cblock zero;  DES_cblock deskey;  uint32_t seq_number;  OM_uint32 ret;  int cmp;  p = token_buffer->value;  ret = _gsskrb5_verify_header (&p,				   token_buffer->length,				   type,				   GSS_KRB5_MECHANISM);  if (ret)      return ret;  if (memcmp(p, "/x00/x00", 2) != 0)      return GSS_S_BAD_SIG;  p += 2;  if (memcmp (p, "/xff/xff/xff/xff", 4) != 0)    return GSS_S_BAD_MIC;  p += 4;  p += 16;  /* verify checksum */  md5 = EVP_MD_CTX_create();  EVP_DigestInit_ex(md5, EVP_md5(), NULL);  EVP_DigestUpdate(md5, p - 24, 8);  EVP_DigestUpdate(md5, message_buffer->value, message_buffer->length);  EVP_DigestFinal_ex(md5, hash, NULL);  EVP_MD_CTX_destroy(md5);  memset (&zero, 0, sizeof(zero));  memcpy (&deskey, key->keyvalue.data, sizeof(deskey));  DES_set_key_unchecked (&deskey, &schedule);  DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash),		 &schedule, &zero);  if (ct_memcmp (p - 8, hash, 8) != 0) {    memset (deskey, 0, sizeof(deskey));    memset (&schedule, 0, sizeof(schedule));    return GSS_S_BAD_MIC;  }  /* verify sequence number */  HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex);  p -= 16;  EVP_CIPHER_CTX_init(&des_ctx);  EVP_CipherInit_ex(&des_ctx, EVP_des_cbc(), NULL, key->keyvalue.data, hash, 0);  EVP_Cipher(&des_ctx, p, p, 8);  EVP_CIPHER_CTX_cleanup(&des_ctx);  memset (deskey, 0, sizeof(deskey));  memset (&schedule, 0, sizeof(schedule));  seq = p;  _gsskrb5_decode_om_uint32(seq, &seq_number);  if (context_handle->more_flags & LOCAL)      cmp = ct_memcmp(&seq[4], "/xff/xff/xff/xff", 4);  else      cmp = ct_memcmp(&seq[4], "/x00/x00/x00/x00", 4);  if (cmp != 0) {    HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);    return GSS_S_BAD_MIC;  }  ret = _gssapi_msg_order_check(context_handle->order, seq_number);  if (ret) {      HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);      return ret;  }  HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);  return GSS_S_COMPLETE;}

int MAIN(int argc, char **argv){    ENGINE *e = NULL;    char *infile=NULL, *outfile=NULL, *keyname = NULL;	    char *certfile=NULL;    BIO *in=NULL, *out = NULL;    char **args;    char *name = NULL;    char *csp_name = NULL;    PKCS12 *p12 = NULL;    char pass[50], macpass[50];    int export_cert = 0;    int options = 0;    int chain = 0;    int badarg = 0;    int iter = PKCS12_DEFAULT_ITER;    int maciter = PKCS12_DEFAULT_ITER;    int twopass = 0;    int keytype = 0;    int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;    int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;    int ret = 1;    int macver = 1;    int noprompt = 0;    STACK *canames = NULL;    char *cpass = NULL, *mpass = NULL;    char *passargin = NULL, *passargout = NULL, *passarg = NULL;    char *passin = NULL, *passout = NULL;    char *inrand = NULL;    char *CApath = NULL, *CAfile = NULL;    char *engine=NULL;    apps_startup();    enc = EVP_des_ede3_cbc();    if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);	if (!load_config(bio_err, NULL))		goto end;    args = argv + 1;    while (*args) {	if (*args[0] == '-') {		if (!strcmp (*args, "-nokeys")) options |= NOKEYS;		else if (!strcmp (*args, "-keyex")) keytype = KEY_EX;		else if (!strcmp (*args, "-keysig")) keytype = KEY_SIG;		else if (!strcmp (*args, "-nocerts")) options |= NOCERTS;		else if (!strcmp (*args, "-clcerts")) options |= CLCERTS;		else if (!strcmp (*args, "-cacerts")) options |= CACERTS;		else if (!strcmp (*args, "-noout")) options |= (NOKEYS|NOCERTS);		else if (!strcmp (*args, "-info")) options |= INFO;		else if (!strcmp (*args, "-chain")) chain = 1;		else if (!strcmp (*args, "-twopass")) twopass = 1;		else if (!strcmp (*args, "-nomacver")) macver = 0;		else if (!strcmp (*args, "-descert"))    			cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;		else if (!strcmp (*args, "-export")) export_cert = 1;		else if (!strcmp (*args, "-des")) enc=EVP_des_cbc();#ifndef OPENSSL_NO_IDEA		else if (!strcmp (*args, "-idea")) enc=EVP_idea_cbc();#endif		else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc();#ifndef OPENSSL_NO_AES		else if (!strcmp(*args,"-aes128")) enc=EVP_aes_128_cbc();		else if (!strcmp(*args,"-aes192")) enc=EVP_aes_192_cbc();		else if (!strcmp(*args,"-aes256")) enc=EVP_aes_256_cbc();#endif		else if (!strcmp (*args, "-noiter")) iter = 1;		else if (!strcmp (*args, "-maciter"))					 maciter = PKCS12_DEFAULT_ITER;		else if (!strcmp (*args, "-nomaciter"))					 maciter = 1;		else if (!strcmp (*args, "-nodes")) enc=NULL;		else if (!strcmp (*args, "-certpbe")) {			if (args[1]) {				args++;				cert_pbe=OBJ_txt2nid(*args);				if(cert_pbe == NID_undef) {					BIO_printf(bio_err,						 "Unknown PBE algorithm %s/n", *args);					badarg = 1;				}			} else badarg = 1;		} else if (!strcmp (*args, "-keypbe")) {			if (args[1]) {				args++;				key_pbe=OBJ_txt2nid(*args);				if(key_pbe == NID_undef) {					BIO_printf(bio_err,						 "Unknown PBE algorithm %s/n", *args);					badarg = 1;				}			} else badarg = 1;		} else if (!strcmp (*args, "-rand")) {		    if (args[1]) {			args++;				inrand = *args;		    } else badarg = 1;//.........这里部分代码省略.........

int MAIN(int argc, char **argv)	{	ENGINE *e = NULL;	int operation = 0;	int ret = 0;	char **args;	const char *inmode = "r", *outmode = "w";	char *infile = NULL, *outfile = NULL;	char *signerfile = NULL, *recipfile = NULL;	char *certfile = NULL, *keyfile = NULL, *contfile=NULL;	const EVP_CIPHER *cipher = NULL;	PKCS7 *p7 = NULL;	X509_STORE *store = NULL;	X509 *cert = NULL, *recip = NULL, *signer = NULL;	EVP_PKEY *key = NULL;	STACK_OF(X509) *encerts = NULL, *other = NULL;	BIO *in = NULL, *out = NULL, *indata = NULL;	int badarg = 0;	int flags = PKCS7_DETACHED;	char *to = NULL, *from = NULL, *subject = NULL;	char *CAfile = NULL, *CApath = NULL;	char *passargin = NULL, *passin = NULL;	char *inrand = NULL;	int need_rand = 0;	int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;        int keyform = FORMAT_PEM;#ifndef OPENSSL_NO_ENGINE	char *engine=NULL;#endif	X509_VERIFY_PARAM *vpm = NULL;	args = argv + 1;	ret = 1;	apps_startup();	if (bio_err == NULL)		{		if ((bio_err = BIO_new(BIO_s_file())) != NULL)			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);		}	if (!load_config(bio_err, NULL))		goto end;	while (!badarg && *args && *args[0] == '-')		{		if (!strcmp (*args, "-encrypt"))			operation = SMIME_ENCRYPT;		else if (!strcmp (*args, "-decrypt"))			operation = SMIME_DECRYPT;		else if (!strcmp (*args, "-sign"))			operation = SMIME_SIGN;		else if (!strcmp (*args, "-verify"))			operation = SMIME_VERIFY;		else if (!strcmp (*args, "-pk7out"))			operation = SMIME_PK7OUT;#ifndef OPENSSL_NO_DES		else if (!strcmp (*args, "-des3")) 				cipher = EVP_des_ede3_cbc();		else if (!strcmp (*args, "-des")) 				cipher = EVP_des_cbc();#endif#ifndef OPENSSL_NO_SEED		else if (!strcmp (*args, "-seed")) 				cipher = EVP_seed_cbc();#endif#ifndef OPENSSL_NO_RC2		else if (!strcmp (*args, "-rc2-40")) 				cipher = EVP_rc2_40_cbc();		else if (!strcmp (*args, "-rc2-128")) 				cipher = EVP_rc2_cbc();		else if (!strcmp (*args, "-rc2-64")) 				cipher = EVP_rc2_64_cbc();#endif#ifndef OPENSSL_NO_AES		else if (!strcmp(*args,"-aes128"))				cipher = EVP_aes_128_cbc();		else if (!strcmp(*args,"-aes192"))				cipher = EVP_aes_192_cbc();		else if (!strcmp(*args,"-aes256"))				cipher = EVP_aes_256_cbc();#endif#ifndef OPENSSL_NO_CAMELLIA		else if (!strcmp(*args,"-camellia128"))				cipher = EVP_camellia_128_cbc();		else if (!strcmp(*args,"-camellia192"))				cipher = EVP_camellia_192_cbc();		else if (!strcmp(*args,"-camellia256"))				cipher = EVP_camellia_256_cbc();#endif		else if (!strcmp (*args, "-text")) 				flags |= PKCS7_TEXT;		else if (!strcmp (*args, "-nointern")) 				flags |= PKCS7_NOINTERN;		else if (!strcmp (*args, "-noverify")) 				flags |= PKCS7_NOVERIFY;		else if (!strcmp (*args, "-nochain")) 				flags |= PKCS7_NOCHAIN;//.........这里部分代码省略.........

void OpenSSL_add_all_ciphers(void){#ifndef OPENSSL_NO_DES    EVP_add_cipher(EVP_des_cfb());    EVP_add_cipher(EVP_des_cfb1());    EVP_add_cipher(EVP_des_cfb8());    EVP_add_cipher(EVP_des_ede_cfb());    EVP_add_cipher(EVP_des_ede3_cfb());    EVP_add_cipher(EVP_des_ede3_cfb1());    EVP_add_cipher(EVP_des_ede3_cfb8());    EVP_add_cipher(EVP_des_ofb());    EVP_add_cipher(EVP_des_ede_ofb());    EVP_add_cipher(EVP_des_ede3_ofb());    EVP_add_cipher(EVP_desx_cbc());    EVP_add_cipher_alias(SN_desx_cbc, "DESX");    EVP_add_cipher_alias(SN_desx_cbc, "desx");    EVP_add_cipher(EVP_des_cbc());    EVP_add_cipher_alias(SN_des_cbc, "DES");    EVP_add_cipher_alias(SN_des_cbc, "des");    EVP_add_cipher(EVP_des_ede_cbc());    EVP_add_cipher(EVP_des_ede3_cbc());    EVP_add_cipher_alias(SN_des_ede3_cbc, "DES3");    EVP_add_cipher_alias(SN_des_ede3_cbc, "des3");    EVP_add_cipher(EVP_des_ecb());    EVP_add_cipher(EVP_des_ede());    EVP_add_cipher(EVP_des_ede3());    EVP_add_cipher(EVP_des_ede3_wrap());#endif#ifndef OPENSSL_NO_RC4    EVP_add_cipher(EVP_rc4());    EVP_add_cipher(EVP_rc4_40());# ifndef OPENSSL_NO_MD5    EVP_add_cipher(EVP_rc4_hmac_md5());# endif#endif#ifndef OPENSSL_NO_IDEA    EVP_add_cipher(EVP_idea_ecb());    EVP_add_cipher(EVP_idea_cfb());    EVP_add_cipher(EVP_idea_ofb());    EVP_add_cipher(EVP_idea_cbc());    EVP_add_cipher_alias(SN_idea_cbc, "IDEA");    EVP_add_cipher_alias(SN_idea_cbc, "idea");#endif#ifndef OPENSSL_NO_SEED    EVP_add_cipher(EVP_seed_ecb());    EVP_add_cipher(EVP_seed_cfb());    EVP_add_cipher(EVP_seed_ofb());    EVP_add_cipher(EVP_seed_cbc());    EVP_add_cipher_alias(SN_seed_cbc, "SEED");    EVP_add_cipher_alias(SN_seed_cbc, "seed");#endif#ifndef OPENSSL_NO_RC2    EVP_add_cipher(EVP_rc2_ecb());    EVP_add_cipher(EVP_rc2_cfb());    EVP_add_cipher(EVP_rc2_ofb());    EVP_add_cipher(EVP_rc2_cbc());    EVP_add_cipher(EVP_rc2_40_cbc());    EVP_add_cipher(EVP_rc2_64_cbc());    EVP_add_cipher_alias(SN_rc2_cbc, "RC2");    EVP_add_cipher_alias(SN_rc2_cbc, "rc2");#endif#ifndef OPENSSL_NO_BF    EVP_add_cipher(EVP_bf_ecb());    EVP_add_cipher(EVP_bf_cfb());    EVP_add_cipher(EVP_bf_ofb());    EVP_add_cipher(EVP_bf_cbc());    EVP_add_cipher_alias(SN_bf_cbc, "BF");    EVP_add_cipher_alias(SN_bf_cbc, "bf");    EVP_add_cipher_alias(SN_bf_cbc, "blowfish");#endif#ifndef OPENSSL_NO_CAST    EVP_add_cipher(EVP_cast5_ecb());    EVP_add_cipher(EVP_cast5_cfb());    EVP_add_cipher(EVP_cast5_ofb());    EVP_add_cipher(EVP_cast5_cbc());    EVP_add_cipher_alias(SN_cast5_cbc, "CAST");    EVP_add_cipher_alias(SN_cast5_cbc, "cast");    EVP_add_cipher_alias(SN_cast5_cbc, "CAST-cbc");    EVP_add_cipher_alias(SN_cast5_cbc, "cast-cbc");#endif#ifndef OPENSSL_NO_RC5    EVP_add_cipher(EVP_rc5_32_12_16_ecb());    EVP_add_cipher(EVP_rc5_32_12_16_cfb());    EVP_add_cipher(EVP_rc5_32_12_16_ofb());    EVP_add_cipher(EVP_rc5_32_12_16_cbc());    EVP_add_cipher_alias(SN_rc5_cbc, "rc5");    EVP_add_cipher_alias(SN_rc5_cbc, "RC5");#endif//.........这里部分代码省略.........

int MAIN(int argc, char **argv)	{	BN_GENCB cb;#ifndef OPENSSL_NO_ENGINE	ENGINE *e = NULL;#endif	int ret=1;	int i,num=DEFBITS;	long l;	const EVP_CIPHER *enc=NULL;	unsigned long f4=RSA_F4;	char *outfile=NULL;	char *passargout = NULL, *passout = NULL;#ifndef OPENSSL_NO_ENGINE	char *engine=NULL;#endif	char *inrand=NULL;	BIO *out=NULL;	BIGNUM *bn = BN_new();	RSA *rsa = NULL;	if(!bn) goto err;	apps_startup();	BN_GENCB_set(&cb, genrsa_cb, bio_err);	if (bio_err == NULL)		if ((bio_err=BIO_new(BIO_s_file())) != NULL)			BIO_set_fp(bio_err,OPENSSL_TYPE__FILE_STDERR,BIO_NOCLOSE|BIO_FP_TEXT);	if (!load_config(bio_err, NULL))		goto err;	if ((out=BIO_new(BIO_s_file())) == NULL)		{		BIO_printf(bio_err,"unable to create BIO for output/n");		goto err;		}	argv++;	argc--;	for (;;)		{		if (argc <= 0) break;		if (TINYCLR_SSL_STRCMP(*argv,"-out") == 0)			{			if (--argc < 1) goto bad;			outfile= *(++argv);			}		else if (TINYCLR_SSL_STRCMP(*argv,"-3") == 0)			f4=3;		else if (TINYCLR_SSL_STRCMP(*argv,"-F4") == 0 || TINYCLR_SSL_STRCMP(*argv,"-f4") == 0)			f4=RSA_F4;#ifndef OPENSSL_NO_ENGINE		else if (TINYCLR_SSL_STRCMP(*argv,"-engine") == 0)			{			if (--argc < 1) goto bad;			engine= *(++argv);			}#endif		else if (TINYCLR_SSL_STRCMP(*argv,"-rand") == 0)			{			if (--argc < 1) goto bad;			inrand= *(++argv);			}#ifndef OPENSSL_NO_DES		else if (TINYCLR_SSL_STRCMP(*argv,"-des") == 0)			enc=EVP_des_cbc();		else if (TINYCLR_SSL_STRCMP(*argv,"-des3") == 0)			enc=EVP_des_ede3_cbc();#endif#ifndef OPENSSL_NO_IDEA		else if (TINYCLR_SSL_STRCMP(*argv,"-idea") == 0)			enc=EVP_idea_cbc();#endif#ifndef OPENSSL_NO_SEED		else if (TINYCLR_SSL_STRCMP(*argv,"-seed") == 0)			enc=EVP_seed_cbc();#endif#ifndef OPENSSL_NO_AES		else if (TINYCLR_SSL_STRCMP(*argv,"-aes128") == 0)			enc=EVP_aes_128_cbc();		else if (TINYCLR_SSL_STRCMP(*argv,"-aes192") == 0)			enc=EVP_aes_192_cbc();		else if (TINYCLR_SSL_STRCMP(*argv,"-aes256") == 0)			enc=EVP_aes_256_cbc();#endif#ifndef OPENSSL_NO_CAMELLIA		else if (TINYCLR_SSL_STRCMP(*argv,"-camellia128") == 0)			enc=EVP_camellia_128_cbc();		else if (TINYCLR_SSL_STRCMP(*argv,"-camellia192") == 0)			enc=EVP_camellia_192_cbc();		else if (TINYCLR_SSL_STRCMP(*argv,"-camellia256") == 0)			enc=EVP_camellia_256_cbc();#endif		else if (TINYCLR_SSL_STRCMP(*argv,"-passout") == 0)			{			if (--argc < 1) goto bad;			passargout= *(++argv);			}		else//.........这里部分代码省略.........

void openssl_add_all_ciphers_int(void){#ifndef OPENSSL_NO_DES    EVP_add_cipher(EVP_des_cfb());    EVP_add_cipher(EVP_des_cfb1());    EVP_add_cipher(EVP_des_cfb8());    EVP_add_cipher(EVP_des_ede_cfb());    EVP_add_cipher(EVP_des_ede3_cfb());    EVP_add_cipher(EVP_des_ede3_cfb1());    EVP_add_cipher(EVP_des_ede3_cfb8());    EVP_add_cipher(EVP_des_ofb());    EVP_add_cipher(EVP_des_ede_ofb());    EVP_add_cipher(EVP_des_ede3_ofb());    EVP_add_cipher(EVP_desx_cbc());    EVP_add_cipher_alias(SN_desx_cbc, "DESX");    EVP_add_cipher_alias(SN_desx_cbc, "desx");    EVP_add_cipher(EVP_des_cbc());    EVP_add_cipher_alias(SN_des_cbc, "DES");    EVP_add_cipher_alias(SN_des_cbc, "des");    EVP_add_cipher(EVP_des_ede_cbc());    EVP_add_cipher(EVP_des_ede3_cbc());    EVP_add_cipher_alias(SN_des_ede3_cbc, "DES3");    EVP_add_cipher_alias(SN_des_ede3_cbc, "des3");    EVP_add_cipher(EVP_des_ecb());    EVP_add_cipher(EVP_des_ede());    EVP_add_cipher_alias(SN_des_ede_ecb, "DES-EDE-ECB");    EVP_add_cipher_alias(SN_des_ede_ecb, "des-ede-ecb");    EVP_add_cipher(EVP_des_ede3());    EVP_add_cipher_alias(SN_des_ede3_ecb, "DES-EDE3-ECB");    EVP_add_cipher_alias(SN_des_ede3_ecb, "des-ede3-ecb");    EVP_add_cipher(EVP_des_ede3_wrap());    EVP_add_cipher_alias(SN_id_smime_alg_CMS3DESwrap, "des3-wrap");#endif#ifndef OPENSSL_NO_RC4    EVP_add_cipher(EVP_rc4());    EVP_add_cipher(EVP_rc4_40());# ifndef OPENSSL_NO_MD5    EVP_add_cipher(EVP_rc4_hmac_md5());# endif#endif#ifndef OPENSSL_NO_IDEA    EVP_add_cipher(EVP_idea_ecb());    EVP_add_cipher(EVP_idea_cfb());    EVP_add_cipher(EVP_idea_ofb());    EVP_add_cipher(EVP_idea_cbc());    EVP_add_cipher_alias(SN_idea_cbc, "IDEA");    EVP_add_cipher_alias(SN_idea_cbc, "idea");#endif#ifndef OPENSSL_NO_SEED    EVP_add_cipher(EVP_seed_ecb());    EVP_add_cipher(EVP_seed_cfb());    EVP_add_cipher(EVP_seed_ofb());    EVP_add_cipher(EVP_seed_cbc());    EVP_add_cipher_alias(SN_seed_cbc, "SEED");    EVP_add_cipher_alias(SN_seed_cbc, "seed");#endif#ifndef OPENSSL_NO_SM4    EVP_add_cipher(EVP_sm4_ecb());    EVP_add_cipher(EVP_sm4_cbc());    EVP_add_cipher(EVP_sm4_cfb());    EVP_add_cipher(EVP_sm4_ofb());    EVP_add_cipher(EVP_sm4_ctr());    EVP_add_cipher_alias(SN_sm4_cbc, "SM4");    EVP_add_cipher_alias(SN_sm4_cbc, "sm4");#endif#ifndef OPENSSL_NO_RC2    EVP_add_cipher(EVP_rc2_ecb());    EVP_add_cipher(EVP_rc2_cfb());    EVP_add_cipher(EVP_rc2_ofb());    EVP_add_cipher(EVP_rc2_cbc());    EVP_add_cipher(EVP_rc2_40_cbc());    EVP_add_cipher(EVP_rc2_64_cbc());    EVP_add_cipher_alias(SN_rc2_cbc, "RC2");    EVP_add_cipher_alias(SN_rc2_cbc, "rc2");    EVP_add_cipher_alias(SN_rc2_cbc, "rc2-128");    EVP_add_cipher_alias(SN_rc2_64_cbc, "rc2-64");    EVP_add_cipher_alias(SN_rc2_40_cbc, "rc2-40");#endif#ifndef OPENSSL_NO_BF    EVP_add_cipher(EVP_bf_ecb());    EVP_add_cipher(EVP_bf_cfb());    EVP_add_cipher(EVP_bf_ofb());    EVP_add_cipher(EVP_bf_cbc());    EVP_add_cipher_alias(SN_bf_cbc, "BF");    EVP_add_cipher_alias(SN_bf_cbc, "bf");    EVP_add_cipher_alias(SN_bf_cbc, "blowfish");#endif#ifndef OPENSSL_NO_CAST//.........这里部分代码省略.........

//.........这里部分代码省略.........            operation = SMIME_RESIGN;        else if (!strcmp(*args, "-verify"))            operation = SMIME_VERIFY;        else if (!strcmp(*args, "-verify_retcode"))            verify_retcode = 1;        else if (!strcmp(*args, "-verify_receipt")) {            operation = SMIME_VERIFY_RECEIPT;            if (!args[1])                goto argerr;            args++;            rctfile = *args;        } else if (!strcmp(*args, "-cmsout"))            operation = SMIME_CMSOUT;        else if (!strcmp(*args, "-data_out"))            operation = SMIME_DATAOUT;        else if (!strcmp(*args, "-data_create"))            operation = SMIME_DATA_CREATE;        else if (!strcmp(*args, "-digest_verify"))            operation = SMIME_DIGEST_VERIFY;        else if (!strcmp(*args, "-digest_create"))            operation = SMIME_DIGEST_CREATE;        else if (!strcmp(*args, "-compress"))            operation = SMIME_COMPRESS;        else if (!strcmp(*args, "-uncompress"))            operation = SMIME_UNCOMPRESS;        else if (!strcmp(*args, "-EncryptedData_decrypt"))            operation = SMIME_ENCRYPTED_DECRYPT;        else if (!strcmp(*args, "-EncryptedData_encrypt"))            operation = SMIME_ENCRYPTED_ENCRYPT;# ifndef OPENSSL_NO_DES        else if (!strcmp(*args, "-des3"))            cipher = EVP_des_ede3_cbc();        else if (!strcmp(*args, "-des"))            cipher = EVP_des_cbc();        else if (!strcmp(*args, "-des3-wrap"))            wrap_cipher = EVP_des_ede3_wrap();# endif# ifndef OPENSSL_NO_SEED        else if (!strcmp(*args, "-seed"))            cipher = EVP_seed_cbc();# endif# ifndef OPENSSL_NO_RC2        else if (!strcmp(*args, "-rc2-40"))            cipher = EVP_rc2_40_cbc();        else if (!strcmp(*args, "-rc2-128"))            cipher = EVP_rc2_cbc();        else if (!strcmp(*args, "-rc2-64"))            cipher = EVP_rc2_64_cbc();# endif# ifndef OPENSSL_NO_AES        else if (!strcmp(*args, "-aes128"))            cipher = EVP_aes_128_cbc();        else if (!strcmp(*args, "-aes192"))            cipher = EVP_aes_192_cbc();        else if (!strcmp(*args, "-aes256"))            cipher = EVP_aes_256_cbc();        else if (!strcmp(*args, "-aes128-wrap"))            wrap_cipher = EVP_aes_128_wrap();        else if (!strcmp(*args, "-aes192-wrap"))            wrap_cipher = EVP_aes_192_wrap();        else if (!strcmp(*args, "-aes256-wrap"))            wrap_cipher = EVP_aes_256_wrap();# endif# ifndef OPENSSL_NO_CAMELLIA        else if (!strcmp(*args, "-camellia128"))            cipher = EVP_camellia_128_cbc();

int SSL_library_init(void){#ifndef OPENSSL_NO_DES    EVP_add_cipher(EVP_des_cbc());    EVP_add_cipher(EVP_des_ede3_cbc());#endif#ifndef OPENSSL_NO_IDEA    EVP_add_cipher(EVP_idea_cbc());#endif#ifndef OPENSSL_NO_RC4    EVP_add_cipher(EVP_rc4());# if !defined(OPENSSL_NO_MD5) && (defined(__x86_64) || defined(__x86_64__))    EVP_add_cipher(EVP_rc4_hmac_md5());# endif#endif#ifndef OPENSSL_NO_RC2    EVP_add_cipher(EVP_rc2_cbc());    /*     * Not actually used for SSL/TLS but this makes PKCS#12 work if an     * application only calls SSL_library_init().     */    EVP_add_cipher(EVP_rc2_40_cbc());#endif#ifndef OPENSSL_NO_AES    EVP_add_cipher(EVP_aes_128_cbc());    EVP_add_cipher(EVP_aes_192_cbc());    EVP_add_cipher(EVP_aes_256_cbc());    EVP_add_cipher(EVP_aes_128_gcm());    EVP_add_cipher(EVP_aes_256_gcm());# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());# endif# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());# endif#endif#ifndef OPENSSL_NO_CAMELLIA    EVP_add_cipher(EVP_camellia_128_cbc());    EVP_add_cipher(EVP_camellia_256_cbc());#endif#ifndef OPENSSL_NO_SEED    EVP_add_cipher(EVP_seed_cbc());#endif#ifndef OPENSSL_NO_MD5    EVP_add_digest(EVP_md5());    EVP_add_digest_alias(SN_md5, "ssl2-md5");    EVP_add_digest_alias(SN_md5, "ssl3-md5");#endif#ifndef OPENSSL_NO_SHA    EVP_add_digest(EVP_sha1()); /* RSA with sha1 */    EVP_add_digest_alias(SN_sha1, "ssl3-sha1");    EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);#endif#ifndef OPENSSL_NO_SHA256    EVP_add_digest(EVP_sha224());    EVP_add_digest(EVP_sha256());#endif#ifndef OPENSSL_NO_SHA512    EVP_add_digest(EVP_sha384());    EVP_add_digest(EVP_sha512());#endif#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)    EVP_add_digest(EVP_dss1()); /* DSA with sha1 */    EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);    EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");    EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");#endif#ifndef OPENSSL_NO_ECDSA    EVP_add_digest(EVP_ecdsa());#endif#ifndef NO_GMSSL    EVP_add_cipher(EVP_sms4_cbc());    EVP_add_digest(EVP_sm3());#endif    /* If you want support for phased out ciphers, add the following */#if 0    EVP_add_digest(EVP_sha());    EVP_add_digest(EVP_dss());#endif#ifndef OPENSSL_NO_COMP    /*     * This will initialise the built-in compression algorithms. The value     * returned is a STACK_OF(SSL_COMP), but that can be discarded safely     */    (void)SSL_COMP_get_compression_methods();#endif    /* initialize cipher/digest methods table */    ssl_load_ciphers();    return (1);}

void OpenSSL_add_all_ciphers(void)	{#ifndef OPENSSL_NO_DES	EVP_add_cipher(EVP_des_cfb());	EVP_add_cipher(EVP_des_cfb1());	EVP_add_cipher(EVP_des_cfb8());	EVP_add_cipher(EVP_des_ede_cfb());	EVP_add_cipher(EVP_des_ede3_cfb());	EVP_add_cipher(EVP_des_ofb());	EVP_add_cipher(EVP_des_ede_ofb());	EVP_add_cipher(EVP_des_ede3_ofb());	EVP_add_cipher(EVP_desx_cbc());	EVP_add_cipher_alias(SN_desx_cbc,"DESX");	EVP_add_cipher_alias(SN_desx_cbc,"desx");	EVP_add_cipher(EVP_des_cbc());	EVP_add_cipher_alias(SN_des_cbc,"DES");	EVP_add_cipher_alias(SN_des_cbc,"des");	EVP_add_cipher(EVP_des_ede_cbc());	EVP_add_cipher(EVP_des_ede3_cbc());	EVP_add_cipher_alias(SN_des_ede3_cbc,"DES3");	EVP_add_cipher_alias(SN_des_ede3_cbc,"des3");	EVP_add_cipher(EVP_des_ecb());	EVP_add_cipher(EVP_des_ede());	EVP_add_cipher(EVP_des_ede3());#endif#ifndef OPENSSL_NO_RC4	EVP_add_cipher(EVP_rc4());	EVP_add_cipher(EVP_rc4_40());#endif#ifndef OPENSSL_NO_IDEA	EVP_add_cipher(EVP_idea_ecb());	EVP_add_cipher(EVP_idea_cfb());	EVP_add_cipher(EVP_idea_ofb());	EVP_add_cipher(EVP_idea_cbc());	EVP_add_cipher_alias(SN_idea_cbc,"IDEA");	EVP_add_cipher_alias(SN_idea_cbc,"idea");#endif#ifndef OPENSSL_NO_RC2	EVP_add_cipher(EVP_rc2_ecb());	EVP_add_cipher(EVP_rc2_cfb());	EVP_add_cipher(EVP_rc2_ofb());	EVP_add_cipher(EVP_rc2_cbc());	EVP_add_cipher(EVP_rc2_40_cbc());	EVP_add_cipher(EVP_rc2_64_cbc());	EVP_add_cipher_alias(SN_rc2_cbc,"RC2");	EVP_add_cipher_alias(SN_rc2_cbc,"rc2");#endif#ifndef OPENSSL_NO_BF	EVP_add_cipher(EVP_bf_ecb());	EVP_add_cipher(EVP_bf_cfb());	EVP_add_cipher(EVP_bf_ofb());	EVP_add_cipher(EVP_bf_cbc());	EVP_add_cipher_alias(SN_bf_cbc,"BF");	EVP_add_cipher_alias(SN_bf_cbc,"bf");	EVP_add_cipher_alias(SN_bf_cbc,"blowfish");#endif#ifndef OPENSSL_NO_CAST	EVP_add_cipher(EVP_cast5_ecb());	EVP_add_cipher(EVP_cast5_cfb());	EVP_add_cipher(EVP_cast5_ofb());	EVP_add_cipher(EVP_cast5_cbc());	EVP_add_cipher_alias(SN_cast5_cbc,"CAST");	EVP_add_cipher_alias(SN_cast5_cbc,"cast");	EVP_add_cipher_alias(SN_cast5_cbc,"CAST-cbc");	EVP_add_cipher_alias(SN_cast5_cbc,"cast-cbc");#endif#ifndef OPENSSL_NO_RC5	EVP_add_cipher(EVP_rc5_32_12_16_ecb());	EVP_add_cipher(EVP_rc5_32_12_16_cfb());	EVP_add_cipher(EVP_rc5_32_12_16_ofb());	EVP_add_cipher(EVP_rc5_32_12_16_cbc());	EVP_add_cipher_alias(SN_rc5_cbc,"rc5");	EVP_add_cipher_alias(SN_rc5_cbc,"RC5");#endif#ifndef OPENSSL_NO_AES	EVP_add_cipher(EVP_aes_128_ecb());	EVP_add_cipher(EVP_aes_128_cbc());	EVP_add_cipher(EVP_aes_128_cfb());	EVP_add_cipher(EVP_aes_128_cfb1());	EVP_add_cipher(EVP_aes_128_cfb8());	EVP_add_cipher(EVP_aes_128_ofb());#if 0	EVP_add_cipher(EVP_aes_128_ctr());#endif	EVP_add_cipher_alias(SN_aes_128_cbc,"AES128");	EVP_add_cipher_alias(SN_aes_128_cbc,"aes128");	EVP_add_cipher(EVP_aes_192_ecb());	EVP_add_cipher(EVP_aes_192_cbc());//.........这里部分代码省略.........

static int entersafe_mac_apdu(sc_card_t *card, sc_apdu_t *apdu,							  u8 * key,size_t keylen,							  u8 * buff,size_t buffsize){	 int r;	 u8 iv[8];	 u8 *tmp=0,*tmp_rounded=NULL;	 size_t tmpsize=0,tmpsize_rounded=0;	 int outl=0;	 EVP_CIPHER_CTX ctx;	SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);	 assert(card);	 assert(apdu);	 assert(key);	 assert(buff);	 if(apdu->cse != SC_APDU_CASE_3_SHORT)		  return SC_ERROR_INTERNAL;	 if(keylen!=8 && keylen!=16)		  return SC_ERROR_INTERNAL;	 r=entersafe_gen_random(card,iv,sizeof(iv));	 SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL,r,"entersafe gen random failed");	 /* encode the APDU in the buffer */	 if ((r=sc_apdu_get_octets(card->ctx, apdu, &tmp, &tmpsize,SC_PROTO_RAW)) != SC_SUCCESS)		  goto out;	 /* round to 8 */	 tmpsize_rounded=(tmpsize/8+1)*8;	 tmp_rounded = malloc(tmpsize_rounded);	 if (tmp_rounded == NULL)	 {		  r =  SC_ERROR_OUT_OF_MEMORY;		  goto out;	 }	 	 /*build content and padded buffer by 0x80 0x00 0x00..... */	 memset(tmp_rounded,0,tmpsize_rounded);	 memcpy(tmp_rounded,tmp,tmpsize);	 tmp_rounded[4]+=4;	 tmp_rounded[tmpsize]=0x80;	 /* block_size-1 blocks*/	 EVP_CIPHER_CTX_init(&ctx);	 EVP_CIPHER_CTX_set_padding(&ctx,0);	 EVP_EncryptInit_ex(&ctx, EVP_des_cbc(), NULL, key, iv);	 if(tmpsize_rounded>8){		  if(!EVP_EncryptUpdate(&ctx,tmp_rounded,&outl,tmp_rounded,tmpsize_rounded-8)){			   r = SC_ERROR_INTERNAL;			   goto out;			   		  }	 }	 /* last block */	 if(keylen==8)	 {		  if(!EVP_EncryptUpdate(&ctx,tmp_rounded+outl,&outl,tmp_rounded+outl,8)){			   r = SC_ERROR_INTERNAL;			   goto out;			   		  }	 }	 else	 {		  EVP_EncryptInit_ex(&ctx, EVP_des_ede_cbc(), NULL, key,tmp_rounded+outl-8);		  if(!EVP_EncryptUpdate(&ctx,tmp_rounded+outl,&outl,tmp_rounded+outl,8)){			   r = SC_ERROR_INTERNAL;			   goto out;			   		  }	 }	 if (!EVP_CIPHER_CTX_cleanup(&ctx)){		  r = SC_ERROR_INTERNAL;		  goto out;			   	 }	 memcpy(buff,apdu->data,apdu->lc);	 /* use first 4 bytes of last block as mac value*/	 memcpy(buff+apdu->lc,tmp_rounded+tmpsize_rounded-8,4);	 apdu->data=buff;	 apdu->lc+=4;	 apdu->datalen=apdu->lc;out:	 if(tmp)		  free(tmp);	 if(tmp_rounded)		  free(tmp_rounded);	 SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, r);}

int MAIN(int argc, char **argv)	{#ifndef OPENSSL_NO_ENGINE	ENGINE *e = NULL;#endif	DSA *dsa=NULL;	int ret=1;	char *outfile=NULL;	char *inrand=NULL,*dsaparams=NULL;	char *passargout = NULL, *passout = NULL;	BIO *out=NULL,*in=NULL;	const EVP_CIPHER *enc=NULL;#ifndef OPENSSL_NO_ENGINE	char *engine=NULL;#endif	apps_startup();	if (bio_err == NULL)		if ((bio_err=BIO_new(BIO_s_file())) != NULL)			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);	if (!load_config(bio_err, NULL))		goto end;	argv++;	argc--;	for (;;)		{		if (argc <= 0) break;		if (strcmp(*argv,"-out") == 0)			{			if (--argc < 1) goto bad;			outfile= *(++argv);			}		else if (strcmp(*argv,"-passout") == 0)			{			if (--argc < 1) goto bad;			passargout= *(++argv);			}#ifndef OPENSSL_NO_ENGINE		else if (strcmp(*argv,"-engine") == 0)			{			if (--argc < 1) goto bad;			engine= *(++argv);			}#endif		else if (strcmp(*argv,"-rand") == 0)			{			if (--argc < 1) goto bad;			inrand= *(++argv);			}		else if (strcmp(*argv,"-") == 0)			goto bad;#ifndef OPENSSL_NO_DES		else if (strcmp(*argv,"-des") == 0)			enc=EVP_des_cbc();		else if (strcmp(*argv,"-des3") == 0)			enc=EVP_des_ede3_cbc();#endif#ifndef OPENSSL_NO_IDEA		else if (strcmp(*argv,"-idea") == 0)			enc=EVP_idea_cbc();#endif#ifndef OPENSSL_NO_SEED		else if (strcmp(*argv,"-seed") == 0)			enc=EVP_seed_cbc();#endif#ifndef OPENSSL_NO_AES		else if (strcmp(*argv,"-aes128") == 0)			enc=EVP_aes_128_cbc();		else if (strcmp(*argv,"-aes192") == 0)			enc=EVP_aes_192_cbc();		else if (strcmp(*argv,"-aes256") == 0)			enc=EVP_aes_256_cbc();#endif#ifndef OPENSSL_NO_CAMELLIA		else if (strcmp(*argv,"-camellia128") == 0)			enc=EVP_camellia_128_cbc();		else if (strcmp(*argv,"-camellia192") == 0)			enc=EVP_camellia_192_cbc();		else if (strcmp(*argv,"-camellia256") == 0)			enc=EVP_camellia_256_cbc();#endif		else if (**argv != '-' && dsaparams == NULL)			{			dsaparams = *argv;			}		else			goto bad;		argv++;		argc--;		}	if (dsaparams == NULL)		{bad:		BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file/n");		BIO_printf(bio_err," -out file - output the key to 'file'/n");#ifndef OPENSSL_NO_DES//.........这里部分代码省略.........

intpkcs12_main(int argc, char **argv){	ENGINE *e = NULL;	char *infile = NULL, *outfile = NULL, *keyname = NULL;	char *certfile = NULL;	BIO *in = NULL, *out = NULL;	char **args;	char *name = NULL;	char *csp_name = NULL;	int add_lmk = 0;	PKCS12 *p12 = NULL;	char pass[50], macpass[50];	int export_cert = 0;	int options = 0;	int chain = 0;	int badarg = 0;	int iter = PKCS12_DEFAULT_ITER;	int maciter = PKCS12_DEFAULT_ITER;	int twopass = 0;	int keytype = 0;	int cert_pbe;	int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;	int ret = 1;	int macver = 1;	int noprompt = 0;	STACK_OF(OPENSSL_STRING) * canames = NULL;	char *cpass = NULL, *mpass = NULL;	char *passargin = NULL, *passargout = NULL, *passarg = NULL;	char *passin = NULL, *passout = NULL;	char *inrand = NULL;	char *macalg = NULL;	char *CApath = NULL, *CAfile = NULL;#ifndef OPENSSL_NO_ENGINE	char *engine = NULL;#endif	signal(SIGPIPE, SIG_IGN);	cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;	enc = EVP_des_ede3_cbc();	if (bio_err == NULL)		bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);	if (!load_config(bio_err, NULL))		goto end;	args = argv + 1;	while (*args) {		if (*args[0] == '-') {			if (!strcmp(*args, "-nokeys"))				options |= NOKEYS;			else if (!strcmp(*args, "-keyex"))				keytype = KEY_EX;			else if (!strcmp(*args, "-keysig"))				keytype = KEY_SIG;			else if (!strcmp(*args, "-nocerts"))				options |= NOCERTS;			else if (!strcmp(*args, "-clcerts"))				options |= CLCERTS;			else if (!strcmp(*args, "-cacerts"))				options |= CACERTS;			else if (!strcmp(*args, "-noout"))				options |= (NOKEYS | NOCERTS);			else if (!strcmp(*args, "-info"))				options |= INFO;			else if (!strcmp(*args, "-chain"))				chain = 1;			else if (!strcmp(*args, "-twopass"))				twopass = 1;			else if (!strcmp(*args, "-nomacver"))				macver = 0;			else if (!strcmp(*args, "-descert"))				cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;			else if (!strcmp(*args, "-export"))				export_cert = 1;			else if (!strcmp(*args, "-des"))				enc = EVP_des_cbc();			else if (!strcmp(*args, "-des3"))				enc = EVP_des_ede3_cbc();#ifndef OPENSSL_NO_IDEA			else if (!strcmp(*args, "-idea"))				enc = EVP_idea_cbc();#endif#ifndef OPENSSL_NO_SEED			else if (!strcmp(*args, "-seed"))				enc = EVP_seed_cbc();#endif#ifndef OPENSSL_NO_AES			else if (!strcmp(*args, "-aes128"))				enc = EVP_aes_128_cbc();			else if (!strcmp(*args, "-aes192"))				enc = EVP_aes_192_cbc();			else if (!strcmp(*args, "-aes256"))				enc = EVP_aes_256_cbc();#endif#ifndef OPENSSL_NO_CAMELLIA//.........这里部分代码省略.........