自学教程：C++ EVP_rc4函数代码示例

/****************************************************************************** Two way hashing: AES, DES, BlowFish, RC4 ******************************************************************************/void Encryption::EncryptionInit() {    unsigned char key[EVP_MAX_KEY_LENGTH];    unsigned char iv[EVP_MAX_IV_LENGTH] = "Ben";    EVP_CIPHER_CTX_init(&ectx);    EVP_CIPHER_CTX_init(&dctx);    /* 8 bytes to salt the key_data during key generation. This is an example of     compiled in salt. We just read the bit pattern created by these two 4 byte     integers on the stack as 64 bits of contigous salt material -     ofcourse this only works if sizeof(int) >= 4 */    unsigned int salt[] = { 12345, 54321 };    int i, nrounds = 5;    switch (EncryptionType) {    case 0:        //No Encryption Mode        break;    case 1:        i = EVP_BytesToKey(EVP_aes_128_cfb(), EVP_sha1(),                           (unsigned char *) &salt, (unsigned char *) Password, strlen(                               Password), nrounds, key, iv);        EVP_EncryptInit_ex(&ectx, EVP_aes_128_cfb(), NULL,                           (unsigned char*) key, (unsigned char*) &iv);        EVP_DecryptInit_ex(&dctx, EVP_aes_128_cfb(), NULL,                           (unsigned char*) key, (unsigned char*) &iv);        break;    case 2:        i = EVP_BytesToKey(EVP_des_ede_cfb(), EVP_sha1(),                           (unsigned char *) &salt, (unsigned char *) Password, strlen(                               Password), nrounds, key, iv);        EVP_EncryptInit_ex(&ectx, EVP_des_ede_cfb(), NULL,                           (unsigned char*) key, (unsigned char*) &iv);        EVP_DecryptInit_ex(&dctx, EVP_des_ede_cfb(), NULL,                           (unsigned char*) key, (unsigned char*) &iv);        break;    case 3:        i = EVP_BytesToKey(EVP_rc4(), EVP_sha1(), (unsigned char *) &salt,                           (unsigned char *) Password, strlen(Password), nrounds, key, iv);        EVP_EncryptInit_ex(&ectx, EVP_rc4(), NULL, (unsigned char*) key,                           (unsigned char*) &iv);        EVP_DecryptInit_ex(&dctx, EVP_rc4(), NULL, (unsigned char*) key,                           (unsigned char*) &iv);        break;    case 4:        i = EVP_BytesToKey(EVP_bf_cfb(), EVP_sha1(), (unsigned char *) &salt,                           (unsigned char *) Password, strlen(Password), nrounds, key, iv);        EVP_EncryptInit_ex(&ectx, EVP_bf_cfb(), NULL, (unsigned char*) key,                           (unsigned char*) &iv);        EVP_DecryptInit_ex(&dctx, EVP_bf_cfb(), NULL, (unsigned char*) key,                           (unsigned char*) &iv);        break;    }    return;}

void enc_ctx_init(EVP_CIPHER_CTX *ctx, const char *pass, int enc) {    unsigned char key[EVP_MAX_KEY_LENGTH];    unsigned char iv[EVP_MAX_IV_LENGTH];    int key_len = EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, (unsigned char*) pass,             strlen(pass), 1, key, iv);    EVP_CIPHER_CTX_init(ctx);    EVP_CipherInit_ex(ctx, EVP_rc4(), NULL, NULL, NULL, enc);    if (!EVP_CIPHER_CTX_set_key_length(ctx, key_len)) {        LOGE("Invalid key length: %d", key_len);        EVP_CIPHER_CTX_cleanup(ctx);        exit(EXIT_FAILURE);    }    EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc);}

SARC4::SARC4(uint8* seed, uint8 len){    EVP_CIPHER_CTX_init(&m_ctx);    EVP_EncryptInit_ex(&m_ctx, EVP_rc4(), nullptr, nullptr, nullptr);    EVP_CIPHER_CTX_set_key_length(&m_ctx, len);    EVP_EncryptInit_ex(&m_ctx, nullptr, nullptr, seed, nullptr);}

ARC4::ARC4(uint8 *seed, uint8 len) : m_ctx(){    m_ctx = EVP_CIPHER_CTX_new();    EVP_EncryptInit_ex(m_ctx, EVP_rc4(), NULL, NULL, NULL);    EVP_CIPHER_CTX_set_key_length(m_ctx, len);    EVP_EncryptInit_ex(m_ctx, NULL, NULL, seed, NULL);}

EXPORT_C int SSL_library_init(void)	{//#ifdef EMULATOR	//	InitSSLWsdVar();	//#endif	#ifndef OPENSSL_NO_DES	EVP_add_cipher(EVP_des_cbc());	EVP_add_cipher(EVP_des_ede3_cbc());#endif#ifndef OPENSSL_NO_IDEA	EVP_add_cipher(EVP_idea_cbc());#endif#ifndef OPENSSL_NO_RC4	EVP_add_cipher(EVP_rc4());#endif  #ifndef OPENSSL_NO_RC2	EVP_add_cipher(EVP_rc2_cbc());#endif#ifndef OPENSSL_NO_AES	EVP_add_cipher(EVP_aes_128_cbc());	EVP_add_cipher(EVP_aes_192_cbc());	EVP_add_cipher(EVP_aes_256_cbc());#endif#ifndef OPENSSL_NO_MD2	EVP_add_digest(EVP_md2());#endif#ifndef OPENSSL_NO_MD5	EVP_add_digest(EVP_md5());	EVP_add_digest_alias(SN_md5,"ssl2-md5");	EVP_add_digest_alias(SN_md5,"ssl3-md5");#endif#ifndef OPENSSL_NO_SHA	EVP_add_digest(EVP_sha1()); /* RSA with sha1 */	EVP_add_digest_alias(SN_sha1,"ssl3-sha1");	EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);#endif#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)	EVP_add_digest(EVP_dss1()); /* DSA with sha1 */	EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);	EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");	EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");#endif#ifndef OPENSSL_NO_ECDSA	EVP_add_digest(EVP_ecdsa());#endif	/* If you want support for phased out ciphers, add the following */#if 0	EVP_add_digest(EVP_sha());	EVP_add_digest(EVP_dss());#endif#ifndef OPENSSL_NO_COMP	/* This will initialise the built-in compression algorithms.	   The value returned is a STACK_OF(SSL_COMP), but that can	   be discarded safely */	(void)SSL_COMP_get_compression_methods();#endif	/* initialize cipher/digest methods table */	ssl_load_ciphers();	return(1);	}

int encrypt(unsigned char * plaintext, int plaintext_len, unsigned char * key, unsigned char * iv, unsigned char * ciphertext) {	EVP_CIPHER_CTX *ctx;	int len;	int ciphertext_len;	// init context	if(!(ctx = EVP_CIPHER_CTX_new())){       		 handle_errors();	}	// init encryption operation	if(1 != EVP_EncryptInit_ex(ctx, EVP_rc4(), NULL, key, iv)){		handle_errors();	}	// obtain encrypted output	if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len)){		handle_errors();		ciphertext_len = len; 	}	ciphertext_len=len;	// finalize 	if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len)){		handle_errors();		ciphertext_len += len;	}	ciphertext_len += len;	EVP_CIPHER_CTX_free(ctx);	return ciphertext_len;}

ARC4::ARC4(uint8* seed, uint32 len) : m_ctx(EVP_CIPHER_CTX_new()){    EVP_CIPHER_CTX_init(m_ctx);    EVP_EncryptInit_ex(m_ctx, EVP_rc4(), nullptr, nullptr, nullptr);    EVP_CIPHER_CTX_set_key_length(m_ctx, len);    EVP_EncryptInit_ex(m_ctx, nullptr, nullptr, seed, nullptr);}

ARC4::ARC4(uint8 *seed, uint8 len){    EVP_CIPHER_CTX_init(&m_ctx);    EVP_EncryptInit_ex(&m_ctx, EVP_rc4(), NULL, NULL, NULL);    EVP_CIPHER_CTX_set_key_length(&m_ctx, len);    EVP_EncryptInit_ex(&m_ctx, NULL, NULL, seed, NULL);}

static int aead_rc4_sha1_tls_get_rc4_state(const EVP_AEAD_CTX *ctx,                                           const RC4_KEY **out_key) {  const AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX*) ctx->aead_state;  if (EVP_CIPHER_CTX_cipher(&tls_ctx->cipher_ctx) != EVP_rc4()) {    return 0;  }  *out_key = (const RC4_KEY*) tls_ctx->cipher_ctx.cipher_data;  return 1;}

intSSL_library_init(void){#ifndef OPENSSL_NO_DES	EVP_add_cipher(EVP_des_cbc());	EVP_add_cipher(EVP_des_ede3_cbc());#endif#ifndef OPENSSL_NO_IDEA	EVP_add_cipher(EVP_idea_cbc());#endif#ifndef OPENSSL_NO_RC4	EVP_add_cipher(EVP_rc4());#if !defined(OPENSSL_NO_MD5) && (defined(__x86_64) || defined(__x86_64__))	EVP_add_cipher(EVP_rc4_hmac_md5());#endif#endif  #ifndef OPENSSL_NO_RC2	EVP_add_cipher(EVP_rc2_cbc());	/* Not actually used for SSL/TLS but this makes PKCS#12 work	 * if an application only calls SSL_library_init().	 */	EVP_add_cipher(EVP_rc2_40_cbc());#endif	EVP_add_cipher(EVP_aes_128_cbc());	EVP_add_cipher(EVP_aes_192_cbc());	EVP_add_cipher(EVP_aes_256_cbc());	EVP_add_cipher(EVP_aes_128_gcm());	EVP_add_cipher(EVP_aes_256_gcm());	EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());	EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());#ifndef OPENSSL_NO_CAMELLIA	EVP_add_cipher(EVP_camellia_128_cbc());	EVP_add_cipher(EVP_camellia_256_cbc());#endif	EVP_add_digest(EVP_md5());	EVP_add_digest_alias(SN_md5, "ssl2-md5");	EVP_add_digest_alias(SN_md5, "ssl3-md5");	EVP_add_digest(EVP_sha1()); /* RSA with sha1 */	EVP_add_digest_alias(SN_sha1, "ssl3-sha1");	EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);	EVP_add_digest(EVP_sha224());	EVP_add_digest(EVP_sha256());	EVP_add_digest(EVP_sha384());	EVP_add_digest(EVP_sha512());	EVP_add_digest(EVP_dss1()); /* DSA with sha1 */	EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);	EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");	EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");	EVP_add_digest(EVP_ecdsa());	/* initialize cipher/digest methods table */	ssl_load_ciphers();	return (1);}

void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,                                               const char *name,                                               const char *unused, void *arg),                              void *arg) {  callback(EVP_aes_128_cbc(), "AES-128-CBC", NULL, arg);  callback(EVP_aes_128_ctr(), "AES-128-CTR", NULL, arg);  callback(EVP_aes_128_ecb(), "AES-128-ECB", NULL, arg);  callback(EVP_aes_128_ofb(), "AES-128-OFB", NULL, arg);  callback(EVP_aes_256_cbc(), "AES-256-CBC", NULL, arg);  callback(EVP_aes_256_ctr(), "AES-256-CTR", NULL, arg);  callback(EVP_aes_256_ecb(), "AES-256-ECB", NULL, arg);  callback(EVP_aes_256_ofb(), "AES-256-OFB", NULL, arg);  callback(EVP_aes_256_xts(), "AES-256-XTS", NULL, arg);  callback(EVP_des_cbc(), "DES-CBC", NULL, arg);  callback(EVP_des_ecb(), "DES-ECB", NULL, arg);  callback(EVP_des_ede(), "DES-EDE", NULL, arg);  callback(EVP_des_ede_cbc(), "DES-EDE-CBC", NULL, arg);  callback(EVP_des_ede3_cbc(), "DES-EDE3-CBC", NULL, arg);  callback(EVP_rc2_cbc(), "RC2-CBC", NULL, arg);  callback(EVP_rc4(), "RC4", NULL, arg);  // OpenSSL returns everything twice, the second time in lower case.  callback(EVP_aes_128_cbc(), "aes-128-cbc", NULL, arg);  callback(EVP_aes_128_ctr(), "aes-128-ctr", NULL, arg);  callback(EVP_aes_128_ecb(), "aes-128-ecb", NULL, arg);  callback(EVP_aes_128_ofb(), "aes-128-ofb", NULL, arg);  callback(EVP_aes_256_cbc(), "aes-256-cbc", NULL, arg);  callback(EVP_aes_256_ctr(), "aes-256-ctr", NULL, arg);  callback(EVP_aes_256_ecb(), "aes-256-ecb", NULL, arg);  callback(EVP_aes_256_ofb(), "aes-256-ofb", NULL, arg);  callback(EVP_aes_256_xts(), "aes-256-xts", NULL, arg);  callback(EVP_des_cbc(), "des-cbc", NULL, arg);  callback(EVP_des_ecb(), "des-ecb", NULL, arg);  callback(EVP_des_ede(), "des-ede", NULL, arg);  callback(EVP_des_ede_cbc(), "des-ede-cbc", NULL, arg);  callback(EVP_des_ede3_cbc(), "des-ede3-cbc", NULL, arg);  callback(EVP_rc2_cbc(), "rc2-cbc", NULL, arg);  callback(EVP_rc4(), "rc4", NULL, arg);}

/* {{{ proto opendata openssl_open(string data, string ekey, mixed privkey, [, cipher enc|string md_alg=RC4])   Opens data */LUA_API LUA_FUNCTION(openssl_open){    size_t data_len, ekey_len;    const char * data = luaL_checklstring(L, 1, &data_len);    const char * ekey = luaL_checklstring(L, 2, &ekey_len);    EVP_PKEY *pkey =  CHECK_OBJECT(3,EVP_PKEY, "openssl.evp_pkey");    int top = lua_gettop(L);    int len1, len2 = 0;    unsigned char *buf;    EVP_CIPHER_CTX ctx;    const EVP_CIPHER *cipher = NULL;    if(top>3) {        if(lua_isstring(L,4))            cipher = EVP_get_cipherbyname(lua_tostring(L,4));        else if(lua_isuserdata(L,4))            cipher = CHECK_OBJECT(4,EVP_CIPHER,"openssl.evp_cipher");        else            luaL_error(L, "#4 argument must be nil, string, or openssl.evp_cipher object");    }    if(!cipher)        cipher = EVP_rc4();    len1 = data_len + 1;    buf = malloc(len1);    if (EVP_OpenInit(&ctx, cipher, (unsigned char *)ekey, ekey_len, NULL, pkey) && EVP_OpenUpdate(&ctx, buf, &len1, (unsigned char *)data, data_len))    {        len2 = data_len - len1;        if (!EVP_OpenFinal(&ctx, buf + len1, &len2) || (len1 + len2 == 0))        {            luaL_error(L,"EVP_OpenFinal() failed.");            free(buf);            return 0;        }    }    else    {        luaL_error(L,"EVP_OpenInit() failed.");        free(buf);        return 0;    }    buf[len1 + len2] = '/0';    lua_pushlstring(L, (const char*)buf, len1 + len2);    free(buf);    return 1;}

int SSL_library_init(void)	{#ifndef NO_DES	EVP_add_cipher(EVP_des_cbc());	EVP_add_cipher(EVP_des_ede3_cbc());#endif#ifndef NO_IDEA	EVP_add_cipher(EVP_idea_cbc());#endif#ifndef NO_RC4	EVP_add_cipher(EVP_rc4());#endif  #ifndef NO_RC2	EVP_add_cipher(EVP_rc2_cbc());#endif  #ifndef NO_MD2	EVP_add_digest(EVP_md2());#endif#ifndef NO_MD5	EVP_add_digest(EVP_md5());	EVP_add_digest_alias(SN_md5,"ssl2-md5");	EVP_add_digest_alias(SN_md5,"ssl3-md5");#endif#ifndef NO_SHA	EVP_add_digest(EVP_sha1()); /* RSA with sha1 */	EVP_add_digest_alias(SN_sha1,"ssl3-sha1");	EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);#endif#if !defined(NO_SHA) && !defined(NO_DSA)	EVP_add_digest(EVP_dss1()); /* DSA with sha1 */	EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);	EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");	EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");#endif	/* If you want support for phased out ciphers, add the following */#if 0	EVP_add_digest(EVP_sha());	EVP_add_digest(EVP_dss());#endif	return(1);	}

void PKCS12_PBE_add(void){#ifndef OPENSSL_NO_RC4EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC4, EVP_rc4(), EVP_sha1(),							 PKCS12_PBE_keyivgen);EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC4, EVP_rc4_40(), EVP_sha1(),							 PKCS12_PBE_keyivgen);#endif#ifndef OPENSSL_NO_DESEVP_PBE_alg_add(NID_pbe_WithSHA1And3_Key_TripleDES_CBC,		 	EVP_des_ede3_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen);EVP_PBE_alg_add(NID_pbe_WithSHA1And2_Key_TripleDES_CBC, 			EVP_des_ede_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen);#endif#ifndef OPENSSL_NO_RC2EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC2_CBC, EVP_rc2_cbc(),					EVP_sha1(), PKCS12_PBE_keyivgen);EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc(),					EVP_sha1(), PKCS12_PBE_keyivgen);#endif}

const EVP_CIPHER *EVP_get_cipherbyname(const char *name) {  if (OPENSSL_strcasecmp(name, "rc4") == 0) {    return EVP_rc4();  } else if (OPENSSL_strcasecmp(name, "des-cbc") == 0) {    return EVP_des_cbc();  } else if (OPENSSL_strcasecmp(name, "des-ede3-cbc") == 0 ||             OPENSSL_strcasecmp(name, "3des") == 0) {    return EVP_des_ede3_cbc();  } else if (OPENSSL_strcasecmp(name, "aes-128-cbc") == 0) {    return EVP_aes_128_cbc();  } else if (OPENSSL_strcasecmp(name, "aes-256-cbc") == 0) {    return EVP_aes_256_cbc();  } else if (OPENSSL_strcasecmp(name, "aes-128-ctr") == 0) {    return EVP_aes_128_ctr();  } else if (OPENSSL_strcasecmp(name, "aes-256-ctr") == 0) {    return EVP_aes_256_ctr();  } else if (OPENSSL_strcasecmp(name, "aes-128-ecb") == 0) {    return EVP_aes_128_ecb();  } else if (OPENSSL_strcasecmp(name, "aes-256-ecb") == 0) {    return EVP_aes_256_ecb();  }  return NULL;}

//.........这里部分代码省略.........    }    *p++ = 0xff; /* Filler */    *p++ = 0xff;    p = NULL;    HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex);    krb5_auth_con_getlocalseqnumber (context,				     context_handle->auth_context,				     &seq_number);    _gss_mg_encode_be_uint32(seq_number, p0 + 8);    krb5_auth_con_setlocalseqnumber (context,				     context_handle->auth_context,				     ++seq_number);    HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);    memset (p0 + 8 + 4,	    (context_handle->more_flags & LOCAL) ? 0 : 0xff,	    4);    krb5_generate_random_block(p0 + 24, 8); /* fill in Confounder */    /* p points to data */    p = p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE;    memcpy(p, input_message_buffer->value, input_message_buffer->length);    if (!IS_DCE_STYLE(context_handle))	p[input_message_buffer->length] = 1; /* padding */    ret = arcfour_mic_cksum(context,			    key, KRB5_KU_USAGE_SEAL,			    p0 + 16, 8, /* SGN_CKSUM */			    p0, 8, /* TOK_ID, SGN_ALG, SEAL_ALG, Filler */			    p0 + 24, 8, /* Confounder */			    p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE,			    datalen);    if (ret) {	*minor_status = ret;	_gsskrb5_release_buffer(minor_status, output_message_buffer);	return GSS_S_FAILURE;    }    {	int i;	Klocal.keytype = key->keytype;	Klocal.keyvalue.data = Klocaldata;	Klocal.keyvalue.length = sizeof(Klocaldata);	for (i = 0; i < 16; i++)	    Klocaldata[i] = ((u_char *)key->keyvalue.data)[i] ^ 0xF0;    }    ret = arcfour_mic_key(context, &Klocal,			  p0 + 8, 4, /* SND_SEQ */			  k6_data, sizeof(k6_data));    memset(Klocaldata, 0, sizeof(Klocaldata));    if (ret) {	_gsskrb5_release_buffer(minor_status, output_message_buffer);	*minor_status = ret;	return GSS_S_FAILURE;    }    if(conf_req_flag) {	EVP_CIPHER_CTX rc4_key;	EVP_CIPHER_CTX_init(&rc4_key);	EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1);	EVP_Cipher(&rc4_key, p0 + 24, p0 + 24, 8 + datalen);	EVP_CIPHER_CTX_cleanup(&rc4_key);    }    memset(k6_data, 0, sizeof(k6_data));    ret = arcfour_mic_key(context, key,			  p0 + 16, 8, /* SGN_CKSUM */			  k6_data, sizeof(k6_data));    if (ret) {	_gsskrb5_release_buffer(minor_status, output_message_buffer);	*minor_status = ret;	return GSS_S_FAILURE;    }    {	EVP_CIPHER_CTX rc4_key;	EVP_CIPHER_CTX_init(&rc4_key);	EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1);	EVP_Cipher(&rc4_key, p0 + 8, p0 + 8 /* SND_SEQ */, 8);	EVP_CIPHER_CTX_cleanup(&rc4_key);	memset(k6_data, 0, sizeof(k6_data));    }    if (conf_state)	*conf_state = conf_req_flag;    *minor_status = 0;    return GSS_S_COMPLETE;}

void OpenSSL_add_all_ciphers(void)	{#ifndef OPENSSL_NO_DES	EVP_add_cipher(EVP_des_cfb());	EVP_add_cipher(EVP_des_cfb1());	EVP_add_cipher(EVP_des_cfb8());	EVP_add_cipher(EVP_des_ede_cfb());	EVP_add_cipher(EVP_des_ede3_cfb());	EVP_add_cipher(EVP_des_ofb());	EVP_add_cipher(EVP_des_ede_ofb());	EVP_add_cipher(EVP_des_ede3_ofb());	EVP_add_cipher(EVP_desx_cbc());	EVP_add_cipher_alias(SN_desx_cbc,"DESX");	EVP_add_cipher_alias(SN_desx_cbc,"desx");	EVP_add_cipher(EVP_des_cbc());	EVP_add_cipher_alias(SN_des_cbc,"DES");	EVP_add_cipher_alias(SN_des_cbc,"des");	EVP_add_cipher(EVP_des_ede_cbc());	EVP_add_cipher(EVP_des_ede3_cbc());	EVP_add_cipher_alias(SN_des_ede3_cbc,"DES3");	EVP_add_cipher_alias(SN_des_ede3_cbc,"des3");	EVP_add_cipher(EVP_des_ecb());	EVP_add_cipher(EVP_des_ede());	EVP_add_cipher(EVP_des_ede3());#endif#ifndef OPENSSL_NO_RC4	EVP_add_cipher(EVP_rc4());	EVP_add_cipher(EVP_rc4_40());#endif#ifndef OPENSSL_NO_IDEA	EVP_add_cipher(EVP_idea_ecb());	EVP_add_cipher(EVP_idea_cfb());	EVP_add_cipher(EVP_idea_ofb());	EVP_add_cipher(EVP_idea_cbc());	EVP_add_cipher_alias(SN_idea_cbc,"IDEA");	EVP_add_cipher_alias(SN_idea_cbc,"idea");#endif#ifndef OPENSSL_NO_RC2	EVP_add_cipher(EVP_rc2_ecb());	EVP_add_cipher(EVP_rc2_cfb());	EVP_add_cipher(EVP_rc2_ofb());	EVP_add_cipher(EVP_rc2_cbc());	EVP_add_cipher(EVP_rc2_40_cbc());	EVP_add_cipher(EVP_rc2_64_cbc());	EVP_add_cipher_alias(SN_rc2_cbc,"RC2");	EVP_add_cipher_alias(SN_rc2_cbc,"rc2");#endif#ifndef OPENSSL_NO_BF	EVP_add_cipher(EVP_bf_ecb());	EVP_add_cipher(EVP_bf_cfb());	EVP_add_cipher(EVP_bf_ofb());	EVP_add_cipher(EVP_bf_cbc());	EVP_add_cipher_alias(SN_bf_cbc,"BF");	EVP_add_cipher_alias(SN_bf_cbc,"bf");	EVP_add_cipher_alias(SN_bf_cbc,"blowfish");#endif#ifndef OPENSSL_NO_CAST	EVP_add_cipher(EVP_cast5_ecb());	EVP_add_cipher(EVP_cast5_cfb());	EVP_add_cipher(EVP_cast5_ofb());	EVP_add_cipher(EVP_cast5_cbc());	EVP_add_cipher_alias(SN_cast5_cbc,"CAST");	EVP_add_cipher_alias(SN_cast5_cbc,"cast");	EVP_add_cipher_alias(SN_cast5_cbc,"CAST-cbc");	EVP_add_cipher_alias(SN_cast5_cbc,"cast-cbc");#endif#ifndef OPENSSL_NO_RC5	EVP_add_cipher(EVP_rc5_32_12_16_ecb());	EVP_add_cipher(EVP_rc5_32_12_16_cfb());	EVP_add_cipher(EVP_rc5_32_12_16_ofb());	EVP_add_cipher(EVP_rc5_32_12_16_cbc());	EVP_add_cipher_alias(SN_rc5_cbc,"rc5");	EVP_add_cipher_alias(SN_rc5_cbc,"RC5");#endif#ifndef OPENSSL_NO_AES	EVP_add_cipher(EVP_aes_128_ecb());	EVP_add_cipher(EVP_aes_128_cbc());	EVP_add_cipher(EVP_aes_128_cfb());	EVP_add_cipher(EVP_aes_128_cfb1());	EVP_add_cipher(EVP_aes_128_cfb8());	EVP_add_cipher(EVP_aes_128_ofb());#if 0	EVP_add_cipher(EVP_aes_128_ctr());#endif	EVP_add_cipher_alias(SN_aes_128_cbc,"AES128");	EVP_add_cipher_alias(SN_aes_128_cbc,"aes128");	EVP_add_cipher(EVP_aes_192_ecb());	EVP_add_cipher(EVP_aes_192_cbc());//.........这里部分代码省略.........

void openssl_add_all_ciphers_int(void){#ifndef OPENSSL_NO_DES    EVP_add_cipher(EVP_des_cfb());    EVP_add_cipher(EVP_des_cfb1());    EVP_add_cipher(EVP_des_cfb8());    EVP_add_cipher(EVP_des_ede_cfb());    EVP_add_cipher(EVP_des_ede3_cfb());    EVP_add_cipher(EVP_des_ede3_cfb1());    EVP_add_cipher(EVP_des_ede3_cfb8());    EVP_add_cipher(EVP_des_ofb());    EVP_add_cipher(EVP_des_ede_ofb());    EVP_add_cipher(EVP_des_ede3_ofb());    EVP_add_cipher(EVP_desx_cbc());    EVP_add_cipher_alias(SN_desx_cbc, "DESX");    EVP_add_cipher_alias(SN_desx_cbc, "desx");    EVP_add_cipher(EVP_des_cbc());    EVP_add_cipher_alias(SN_des_cbc, "DES");    EVP_add_cipher_alias(SN_des_cbc, "des");    EVP_add_cipher(EVP_des_ede_cbc());    EVP_add_cipher(EVP_des_ede3_cbc());    EVP_add_cipher_alias(SN_des_ede3_cbc, "DES3");    EVP_add_cipher_alias(SN_des_ede3_cbc, "des3");    EVP_add_cipher(EVP_des_ecb());    EVP_add_cipher(EVP_des_ede());    EVP_add_cipher_alias(SN_des_ede_ecb, "DES-EDE-ECB");    EVP_add_cipher_alias(SN_des_ede_ecb, "des-ede-ecb");    EVP_add_cipher(EVP_des_ede3());    EVP_add_cipher_alias(SN_des_ede3_ecb, "DES-EDE3-ECB");    EVP_add_cipher_alias(SN_des_ede3_ecb, "des-ede3-ecb");    EVP_add_cipher(EVP_des_ede3_wrap());    EVP_add_cipher_alias(SN_id_smime_alg_CMS3DESwrap, "des3-wrap");#endif#ifndef OPENSSL_NO_RC4    EVP_add_cipher(EVP_rc4());    EVP_add_cipher(EVP_rc4_40());# ifndef OPENSSL_NO_MD5    EVP_add_cipher(EVP_rc4_hmac_md5());# endif#endif#ifndef OPENSSL_NO_IDEA    EVP_add_cipher(EVP_idea_ecb());    EVP_add_cipher(EVP_idea_cfb());    EVP_add_cipher(EVP_idea_ofb());    EVP_add_cipher(EVP_idea_cbc());    EVP_add_cipher_alias(SN_idea_cbc, "IDEA");    EVP_add_cipher_alias(SN_idea_cbc, "idea");#endif#ifndef OPENSSL_NO_SEED    EVP_add_cipher(EVP_seed_ecb());    EVP_add_cipher(EVP_seed_cfb());    EVP_add_cipher(EVP_seed_ofb());    EVP_add_cipher(EVP_seed_cbc());    EVP_add_cipher_alias(SN_seed_cbc, "SEED");    EVP_add_cipher_alias(SN_seed_cbc, "seed");#endif#ifndef OPENSSL_NO_SM4    EVP_add_cipher(EVP_sm4_ecb());    EVP_add_cipher(EVP_sm4_cbc());    EVP_add_cipher(EVP_sm4_cfb());    EVP_add_cipher(EVP_sm4_ofb());    EVP_add_cipher(EVP_sm4_ctr());    EVP_add_cipher_alias(SN_sm4_cbc, "SM4");    EVP_add_cipher_alias(SN_sm4_cbc, "sm4");#endif#ifndef OPENSSL_NO_RC2    EVP_add_cipher(EVP_rc2_ecb());    EVP_add_cipher(EVP_rc2_cfb());    EVP_add_cipher(EVP_rc2_ofb());    EVP_add_cipher(EVP_rc2_cbc());    EVP_add_cipher(EVP_rc2_40_cbc());    EVP_add_cipher(EVP_rc2_64_cbc());    EVP_add_cipher_alias(SN_rc2_cbc, "RC2");    EVP_add_cipher_alias(SN_rc2_cbc, "rc2");    EVP_add_cipher_alias(SN_rc2_cbc, "rc2-128");    EVP_add_cipher_alias(SN_rc2_64_cbc, "rc2-64");    EVP_add_cipher_alias(SN_rc2_40_cbc, "rc2-40");#endif#ifndef OPENSSL_NO_BF    EVP_add_cipher(EVP_bf_ecb());    EVP_add_cipher(EVP_bf_cfb());    EVP_add_cipher(EVP_bf_ofb());    EVP_add_cipher(EVP_bf_cbc());    EVP_add_cipher_alias(SN_bf_cbc, "BF");    EVP_add_cipher_alias(SN_bf_cbc, "bf");    EVP_add_cipher_alias(SN_bf_cbc, "blowfish");#endif#ifndef OPENSSL_NO_CAST//.........这里部分代码省略.........

static EVP_PKEY *do_PVK_body(const unsigned char **in, unsigned int saltlen,    unsigned int keylen, pem_password_cb *cb, void *u){	EVP_PKEY *ret = NULL;	const unsigned char *p = *in;	unsigned int magic;	unsigned char *enctmp = NULL, *q;	EVP_CIPHER_CTX cctx;	EVP_CIPHER_CTX_init(&cctx);	if (saltlen) {		char psbuf[PEM_BUFSIZE];		unsigned char keybuf[20];		int enctmplen, inlen;		if (cb)			inlen = cb(psbuf, PEM_BUFSIZE, 0, u);		else			inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);		if (inlen <= 0) {			PEMerror(PEM_R_BAD_PASSWORD_READ);			goto err;		}		enctmp = malloc(keylen + 8);		if (!enctmp) {			PEMerror(ERR_R_MALLOC_FAILURE);			goto err;		}		if (!derive_pvk_key(keybuf, p, saltlen, (unsigned char *)psbuf,		    inlen)) {			goto err;		}		p += saltlen;		/* Copy BLOBHEADER across, decrypt rest */		memcpy(enctmp, p, 8);		p += 8;		if (keylen < 8) {			PEMerror(PEM_R_PVK_TOO_SHORT);			goto err;		}		inlen = keylen - 8;		q = enctmp + 8;		if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))			goto err;		if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))			goto err;		if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen))			goto err;		magic = read_ledword((const unsigned char **)&q);		if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {			q = enctmp + 8;			memset(keybuf + 5, 0, 11);			if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf,			    NULL))				goto err;			explicit_bzero(keybuf, 20);			if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))				goto err;			if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen,			    &enctmplen))				goto err;			magic = read_ledword((const unsigned char **)&q);			if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {				PEMerror(PEM_R_BAD_DECRYPT);				goto err;			}		} else			explicit_bzero(keybuf, 20);		p = enctmp;	}	ret = b2i_PrivateKey(&p, keylen);err:	EVP_CIPHER_CTX_cleanup(&cctx);	if (enctmp && saltlen)		free(enctmp);	return ret;}

static inti2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel, pem_password_cb *cb,    void *u){	int outlen = 24, pklen;	unsigned char *p, *salt = NULL;	EVP_CIPHER_CTX cctx;	EVP_CIPHER_CTX_init(&cctx);	if (enclevel)		outlen += PVK_SALTLEN;	pklen = do_i2b(NULL, pk, 0);	if (pklen < 0)		return -1;	outlen += pklen;	p = malloc(outlen);	if (!p) {		PEMerror(ERR_R_MALLOC_FAILURE);		return -1;	}	write_ledword(&p, MS_PVKMAGIC);	write_ledword(&p, 0);	if (pk->type == EVP_PKEY_DSA)		write_ledword(&p, MS_KEYTYPE_SIGN);	else		write_ledword(&p, MS_KEYTYPE_KEYX);	write_ledword(&p, enclevel ? 1 : 0);	write_ledword(&p, enclevel ? PVK_SALTLEN : 0);	write_ledword(&p, pklen);	if (enclevel) {		arc4random_buf(p, PVK_SALTLEN);		salt = p;		p += PVK_SALTLEN;	}	do_i2b(&p, pk, 0);	if (enclevel == 0) {		*out = p;		return outlen;	} else {		char psbuf[PEM_BUFSIZE];		unsigned char keybuf[20];		int enctmplen, inlen;		if (cb)			inlen = cb(psbuf, PEM_BUFSIZE, 1, u);		else			inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 1, u);		if (inlen <= 0) {			PEMerror(PEM_R_BAD_PASSWORD_READ);			goto error;		}		if (!derive_pvk_key(keybuf, salt, PVK_SALTLEN,		    (unsigned char *)psbuf, inlen))			goto error;		if (enclevel == 1)			memset(keybuf + 5, 0, 11);		p = salt + PVK_SALTLEN + 8;		if (!EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))			goto error;		explicit_bzero(keybuf, 20);		if (!EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8))			goto error;		if (!EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen))			goto error;	}	EVP_CIPHER_CTX_cleanup(&cctx);	*out = p;	return outlen;error:	EVP_CIPHER_CTX_cleanup(&cctx);	free(p);	return -1;}

static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,                   pem_password_cb *cb, void *u){    int outlen = 24, pklen;    unsigned char *p, *salt = NULL;    EVP_CIPHER_CTX *cctx = EVP_CIPHER_CTX_new();    if (enclevel)        outlen += PVK_SALTLEN;    pklen = do_i2b(NULL, pk, 0);    if (pklen < 0)        return -1;    outlen += pklen;    if (!out)        return outlen;    if (*out)        p = *out;    else {        p = OPENSSL_malloc(outlen);        if (p == NULL) {            PEMerr(PEM_F_I2B_PVK, ERR_R_MALLOC_FAILURE);            return -1;        }        *out = p;    }    write_ledword(&p, MS_PVKMAGIC);    write_ledword(&p, 0);    if (EVP_PKEY_id(pk) == EVP_PKEY_DSA)        write_ledword(&p, MS_KEYTYPE_SIGN);    else        write_ledword(&p, MS_KEYTYPE_KEYX);    write_ledword(&p, enclevel ? 1 : 0);    write_ledword(&p, enclevel ? PVK_SALTLEN : 0);    write_ledword(&p, pklen);    if (enclevel) {        if (RAND_bytes(p, PVK_SALTLEN) <= 0)            goto error;        salt = p;        p += PVK_SALTLEN;    }    do_i2b(&p, pk, 0);    if (enclevel == 0)        return outlen;    else {        char psbuf[PEM_BUFSIZE];        unsigned char keybuf[20];        int enctmplen, inlen;        if (cb)            inlen = cb(psbuf, PEM_BUFSIZE, 1, u);        else            inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 1, u);        if (inlen <= 0) {            PEMerr(PEM_F_I2B_PVK, PEM_R_BAD_PASSWORD_READ);            goto error;        }        if (!derive_pvk_key(keybuf, salt, PVK_SALTLEN,                            (unsigned char *)psbuf, inlen))            goto error;        if (enclevel == 1)            memset(keybuf + 5, 0, 11);        p = salt + PVK_SALTLEN + 8;        if (!EVP_EncryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, NULL))            goto error;        OPENSSL_cleanse(keybuf, 20);        if (!EVP_DecryptUpdate(cctx, p, &enctmplen, p, pklen - 8))            goto error;        if (!EVP_DecryptFinal_ex(cctx, p + enctmplen, &enctmplen))            goto error;    }    EVP_CIPHER_CTX_free(cctx);    return outlen; error:    EVP_CIPHER_CTX_free(cctx);    return -1;}

static EVP_PKEY *do_PVK_body(const unsigned char **in,		unsigned int saltlen, unsigned int keylen,		pem_password_cb *cb, void *u)	{	EVP_PKEY *ret = NULL;	const unsigned char *p = *in;	unsigned int magic;	unsigned char *enctmp = NULL, *q;	if (saltlen)		{		char psbuf[PEM_BUFSIZE];		unsigned char keybuf[20];		EVP_CIPHER_CTX cctx;		int enctmplen, inlen;		if (cb)			inlen=cb(psbuf,PEM_BUFSIZE,0,u);		else			inlen=PEM_def_callback(psbuf,PEM_BUFSIZE,0,u);		if (inlen <= 0)			{			PEMerr(PEM_F_DO_PVK_BODY,PEM_R_BAD_PASSWORD_READ);			return NULL;			}		enctmp = (unsigned char*)OPENSSL_malloc(keylen + 8);		if (!enctmp)			{			PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE);			return NULL;			}		if (!derive_pvk_key(keybuf, p, saltlen,			    (unsigned char *)psbuf, inlen))			return NULL;		p += saltlen;		/* Copy BLOBHEADER across, decrypt rest */		TINYCLR_SSL_MEMCPY(enctmp, p, 8);		p += 8;		inlen = keylen - 8;		q = enctmp + 8;		EVP_CIPHER_CTX_init(&cctx);		EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL);		EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen);		EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen);		magic = read_ledword((const unsigned char **)&q);		if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC)			{			q = enctmp + 8;			TINYCLR_SSL_MEMSET(keybuf + 5, 0, 11);			EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf,								NULL);			OPENSSL_cleanse(keybuf, 20);			EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen);			EVP_DecryptFinal_ex(&cctx, q + enctmplen,								&enctmplen);			magic = read_ledword((const unsigned char **)&q);			if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC)				{				EVP_CIPHER_CTX_cleanup(&cctx);				PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT);				goto err;				}			}		else			OPENSSL_cleanse(keybuf, 20);		EVP_CIPHER_CTX_cleanup(&cctx);		p = enctmp;		}	ret = b2i_PrivateKey(&p, keylen);	err:	if (enctmp && saltlen)		OPENSSL_free(enctmp);	return ret;	}

int SSL_library_init(void){#ifndef OPENSSL_NO_DES    EVP_add_cipher(EVP_des_cbc());    EVP_add_cipher(EVP_des_ede3_cbc());#endif#ifndef OPENSSL_NO_IDEA    EVP_add_cipher(EVP_idea_cbc());#endif#ifndef OPENSSL_NO_RC4    EVP_add_cipher(EVP_rc4());# if !defined(OPENSSL_NO_MD5) && (defined(__x86_64) || defined(__x86_64__))    EVP_add_cipher(EVP_rc4_hmac_md5());# endif#endif#ifndef OPENSSL_NO_RC2    EVP_add_cipher(EVP_rc2_cbc());    /*     * Not actually used for SSL/TLS but this makes PKCS#12 work if an     * application only calls SSL_library_init().     */    EVP_add_cipher(EVP_rc2_40_cbc());#endif#ifndef OPENSSL_NO_AES    EVP_add_cipher(EVP_aes_128_cbc());    EVP_add_cipher(EVP_aes_192_cbc());    EVP_add_cipher(EVP_aes_256_cbc());    EVP_add_cipher(EVP_aes_128_gcm());    EVP_add_cipher(EVP_aes_256_gcm());# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());# endif# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());# endif#endif#ifndef OPENSSL_NO_CAMELLIA    EVP_add_cipher(EVP_camellia_128_cbc());    EVP_add_cipher(EVP_camellia_256_cbc());#endif#ifndef OPENSSL_NO_SEED    EVP_add_cipher(EVP_seed_cbc());#endif#ifndef OPENSSL_NO_MD5    EVP_add_digest(EVP_md5());    EVP_add_digest_alias(SN_md5, "ssl2-md5");    EVP_add_digest_alias(SN_md5, "ssl3-md5");#endif#ifndef OPENSSL_NO_SHA    EVP_add_digest(EVP_sha1()); /* RSA with sha1 */    EVP_add_digest_alias(SN_sha1, "ssl3-sha1");    EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);#endif#ifndef OPENSSL_NO_SHA256    EVP_add_digest(EVP_sha224());    EVP_add_digest(EVP_sha256());#endif#ifndef OPENSSL_NO_SHA512    EVP_add_digest(EVP_sha384());    EVP_add_digest(EVP_sha512());#endif#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)    EVP_add_digest(EVP_dss1()); /* DSA with sha1 */    EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);    EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");    EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");#endif#ifndef OPENSSL_NO_ECDSA    EVP_add_digest(EVP_ecdsa());#endif#ifndef NO_GMSSL    EVP_add_cipher(EVP_sms4_cbc());    EVP_add_digest(EVP_sm3());#endif    /* If you want support for phased out ciphers, add the following */#if 0    EVP_add_digest(EVP_sha());    EVP_add_digest(EVP_dss());#endif#ifndef OPENSSL_NO_COMP    /*     * This will initialise the built-in compression algorithms. The value     * returned is a STACK_OF(SSL_COMP), but that can be discarded safely     */    (void)SSL_COMP_get_compression_methods();#endif    /* initialize cipher/digest methods table */    ssl_load_ciphers();    return (1);}

static int aead_rc4_sha1_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key,                                  size_t key_len, size_t tag_len,                                  enum evp_aead_direction_t dir) {  return aead_tls_init(ctx, key, key_len, tag_len, dir, EVP_rc4(), EVP_sha1(),                       0);}

SARC4::SARC4(uint8 len) : m_ctx(){    EVP_CIPHER_CTX_init(&m_ctx);    EVP_EncryptInit_ex(&m_ctx, EVP_rc4(), NULL, NULL, NULL);    EVP_CIPHER_CTX_set_key_length(&m_ctx, len);}

void OpenSSL_add_all_ciphers(void){#ifndef OPENSSL_NO_DES    EVP_add_cipher(EVP_des_cfb());    EVP_add_cipher(EVP_des_cfb1());    EVP_add_cipher(EVP_des_cfb8());    EVP_add_cipher(EVP_des_ede_cfb());    EVP_add_cipher(EVP_des_ede3_cfb());    EVP_add_cipher(EVP_des_ede3_cfb1());    EVP_add_cipher(EVP_des_ede3_cfb8());    EVP_add_cipher(EVP_des_ofb());    EVP_add_cipher(EVP_des_ede_ofb());    EVP_add_cipher(EVP_des_ede3_ofb());    EVP_add_cipher(EVP_desx_cbc());    EVP_add_cipher_alias(SN_desx_cbc, "DESX");    EVP_add_cipher_alias(SN_desx_cbc, "desx");    EVP_add_cipher(EVP_des_cbc());    EVP_add_cipher_alias(SN_des_cbc, "DES");    EVP_add_cipher_alias(SN_des_cbc, "des");    EVP_add_cipher(EVP_des_ede_cbc());    EVP_add_cipher(EVP_des_ede3_cbc());    EVP_add_cipher_alias(SN_des_ede3_cbc, "DES3");    EVP_add_cipher_alias(SN_des_ede3_cbc, "des3");    EVP_add_cipher(EVP_des_ecb());    EVP_add_cipher(EVP_des_ede());    EVP_add_cipher(EVP_des_ede3());    EVP_add_cipher(EVP_des_ede3_wrap());#endif#ifndef OPENSSL_NO_RC4    EVP_add_cipher(EVP_rc4());    EVP_add_cipher(EVP_rc4_40());# ifndef OPENSSL_NO_MD5    EVP_add_cipher(EVP_rc4_hmac_md5());# endif#endif#ifndef OPENSSL_NO_IDEA    EVP_add_cipher(EVP_idea_ecb());    EVP_add_cipher(EVP_idea_cfb());    EVP_add_cipher(EVP_idea_ofb());    EVP_add_cipher(EVP_idea_cbc());    EVP_add_cipher_alias(SN_idea_cbc, "IDEA");    EVP_add_cipher_alias(SN_idea_cbc, "idea");#endif#ifndef OPENSSL_NO_SEED    EVP_add_cipher(EVP_seed_ecb());    EVP_add_cipher(EVP_seed_cfb());    EVP_add_cipher(EVP_seed_ofb());    EVP_add_cipher(EVP_seed_cbc());    EVP_add_cipher_alias(SN_seed_cbc, "SEED");    EVP_add_cipher_alias(SN_seed_cbc, "seed");#endif#ifndef OPENSSL_NO_RC2    EVP_add_cipher(EVP_rc2_ecb());    EVP_add_cipher(EVP_rc2_cfb());    EVP_add_cipher(EVP_rc2_ofb());    EVP_add_cipher(EVP_rc2_cbc());    EVP_add_cipher(EVP_rc2_40_cbc());    EVP_add_cipher(EVP_rc2_64_cbc());    EVP_add_cipher_alias(SN_rc2_cbc, "RC2");    EVP_add_cipher_alias(SN_rc2_cbc, "rc2");#endif#ifndef OPENSSL_NO_BF    EVP_add_cipher(EVP_bf_ecb());    EVP_add_cipher(EVP_bf_cfb());    EVP_add_cipher(EVP_bf_ofb());    EVP_add_cipher(EVP_bf_cbc());    EVP_add_cipher_alias(SN_bf_cbc, "BF");    EVP_add_cipher_alias(SN_bf_cbc, "bf");    EVP_add_cipher_alias(SN_bf_cbc, "blowfish");#endif#ifndef OPENSSL_NO_CAST    EVP_add_cipher(EVP_cast5_ecb());    EVP_add_cipher(EVP_cast5_cfb());    EVP_add_cipher(EVP_cast5_ofb());    EVP_add_cipher(EVP_cast5_cbc());    EVP_add_cipher_alias(SN_cast5_cbc, "CAST");    EVP_add_cipher_alias(SN_cast5_cbc, "cast");    EVP_add_cipher_alias(SN_cast5_cbc, "CAST-cbc");    EVP_add_cipher_alias(SN_cast5_cbc, "cast-cbc");#endif#ifndef OPENSSL_NO_RC5    EVP_add_cipher(EVP_rc5_32_12_16_ecb());    EVP_add_cipher(EVP_rc5_32_12_16_cfb());    EVP_add_cipher(EVP_rc5_32_12_16_ofb());    EVP_add_cipher(EVP_rc5_32_12_16_cbc());    EVP_add_cipher_alias(SN_rc5_cbc, "rc5");    EVP_add_cipher_alias(SN_rc5_cbc, "RC5");#endif//.........这里部分代码省略.........

OM_uint32_gssapi_get_mic_arcfour(OM_uint32 * minor_status,			const gsskrb5_ctx context_handle,			krb5_context context,			gss_qop_t qop_req,			const gss_buffer_t message_buffer,			gss_buffer_t message_token,			krb5_keyblock *key){    krb5_error_code ret;    int32_t seq_number;    size_t len, total_len;    u_char k6_data[16], *p0, *p;    EVP_CIPHER_CTX rc4_key;    _gsskrb5_encap_length (22, &len, &total_len, GSS_KRB5_MECHANISM);    message_token->length = total_len;    message_token->value  = malloc (total_len);    if (message_token->value == NULL) {	*minor_status = ENOMEM;	return GSS_S_FAILURE;    }    p0 = _gssapi_make_mech_header(message_token->value,				  len,				  GSS_KRB5_MECHANISM);    p = p0;    *p++ = 0x01; /* TOK_ID */    *p++ = 0x01;    *p++ = 0x11; /* SGN_ALG */    *p++ = 0x00;    *p++ = 0xff; /* Filler */    *p++ = 0xff;    *p++ = 0xff;    *p++ = 0xff;    p = NULL;    ret = arcfour_mic_cksum(context,			    key, KRB5_KU_USAGE_SIGN,			    p0 + 16, 8,  /* SGN_CKSUM */			    p0, 8, /* TOK_ID, SGN_ALG, Filer */			    message_buffer->value, message_buffer->length,			    NULL, 0);    if (ret) {	_gsskrb5_release_buffer(minor_status, message_token);	*minor_status = ret;	return GSS_S_FAILURE;    }    ret = arcfour_mic_key(context, key,			  p0 + 16, 8, /* SGN_CKSUM */			  k6_data, sizeof(k6_data));    if (ret) {	_gsskrb5_release_buffer(minor_status, message_token);	*minor_status = ret;	return GSS_S_FAILURE;    }    HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex);    krb5_auth_con_getlocalseqnumber (context,				     context_handle->auth_context,				     &seq_number);    p = p0 + 8; /* SND_SEQ */    _gss_mg_encode_be_uint32(seq_number, p);    krb5_auth_con_setlocalseqnumber (context,				     context_handle->auth_context,				     ++seq_number);    HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);    memset (p + 4, (context_handle->more_flags & LOCAL) ? 0 : 0xff, 4);    EVP_CIPHER_CTX_init(&rc4_key);    EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1);    EVP_Cipher(&rc4_key, p, p, 8);    EVP_CIPHER_CTX_cleanup(&rc4_key);    memset(k6_data, 0, sizeof(k6_data));    *minor_status = 0;    return GSS_S_COMPLETE;}

OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status,				 const gsskrb5_ctx context_handle,				 krb5_context context,				 const gss_buffer_t input_message_buffer,				 gss_buffer_t output_message_buffer,				 int *conf_state,				 gss_qop_t *qop_state,				 krb5_keyblock *key){    u_char Klocaldata[16];    krb5_keyblock Klocal;    krb5_error_code ret;    uint32_t seq_number;    size_t datalen;    OM_uint32 omret;    u_char k6_data[16], SND_SEQ[8], Confounder[8];    u_char cksum_data[8];    u_char *p, *p0;    int cmp;    int conf_flag;    size_t padlen = 0, len;    if (conf_state)	*conf_state = 0;    if (qop_state)	*qop_state = 0;    p0 = input_message_buffer->value;    if (IS_DCE_STYLE(context_handle)) {	len = GSS_ARCFOUR_WRAP_TOKEN_SIZE +	    GSS_ARCFOUR_WRAP_TOKEN_DCE_DER_HEADER_SIZE;	if (input_message_buffer->length < len)	    return GSS_S_BAD_MECH;    } else {	len = input_message_buffer->length;    }    omret = _gssapi_verify_mech_header(&p0,				       len,				       GSS_KRB5_MECHANISM);    if (omret)	return omret;    /* length of mech header */    len = (p0 - (u_char *)input_message_buffer->value) +	GSS_ARCFOUR_WRAP_TOKEN_SIZE;    if (len > input_message_buffer->length)	return GSS_S_BAD_MECH;    /* length of data */    datalen = input_message_buffer->length - len;    p = p0;    if (memcmp(p, "/x02/x01", 2) != 0)	return GSS_S_BAD_SIG;    p += 2;    if (memcmp(p, "/x11/x00", 2) != 0) /* SGN_ALG = HMAC MD5 ARCFOUR */	return GSS_S_BAD_SIG;    p += 2;    if (memcmp (p, "/x10/x00", 2) == 0)	conf_flag = 1;    else if (memcmp (p, "/xff/xff", 2) == 0)	conf_flag = 0;    else	return GSS_S_BAD_SIG;    p += 2;    if (memcmp (p, "/xff/xff", 2) != 0)	return GSS_S_BAD_MIC;    p = NULL;    ret = arcfour_mic_key(context, key,			  p0 + 16, 8, /* SGN_CKSUM */			  k6_data, sizeof(k6_data));    if (ret) {	*minor_status = ret;	return GSS_S_FAILURE;    }    {	EVP_CIPHER_CTX rc4_key;	EVP_CIPHER_CTX_init(&rc4_key);	EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1);	EVP_Cipher(&rc4_key, SND_SEQ, p0 + 8, 8);	EVP_CIPHER_CTX_cleanup(&rc4_key);	memset(k6_data, 0, sizeof(k6_data));    }    _gss_mg_decode_be_uint32(SND_SEQ, &seq_number);    if (context_handle->more_flags & LOCAL)	cmp = memcmp(&SND_SEQ[4], "/xff/xff/xff/xff", 4);    else	cmp = memcmp(&SND_SEQ[4], "/x00/x00/x00/x00", 4);//.........这里部分代码省略.........

OM_uint32_gssapi_verify_mic_arcfour(OM_uint32 * minor_status,			   const gsskrb5_ctx context_handle,			   krb5_context context,			   const gss_buffer_t message_buffer,			   const gss_buffer_t token_buffer,			   gss_qop_t * qop_state,			   krb5_keyblock *key,			   const char *type){    krb5_error_code ret;    uint32_t seq_number;    OM_uint32 omret;    u_char SND_SEQ[8], cksum_data[8], *p;    char k6_data[16];    int cmp;    if (qop_state)	*qop_state = 0;    p = token_buffer->value;    omret = _gsskrb5_verify_header (&p,				       token_buffer->length,				       type,				       GSS_KRB5_MECHANISM);    if (omret)	return omret;    if (memcmp(p, "/x11/x00", 2) != 0) /* SGN_ALG = HMAC MD5 ARCFOUR */	return GSS_S_BAD_SIG;    p += 2;    if (memcmp (p, "/xff/xff/xff/xff", 4) != 0)	return GSS_S_BAD_MIC;    p += 4;    ret = arcfour_mic_cksum(context,			    key, KRB5_KU_USAGE_SIGN,			    cksum_data, sizeof(cksum_data),			    p - 8, 8,			    message_buffer->value, message_buffer->length,			    NULL, 0);    if (ret) {	*minor_status = ret;	return GSS_S_FAILURE;    }    ret = arcfour_mic_key(context, key,			  cksum_data, sizeof(cksum_data),			  k6_data, sizeof(k6_data));    if (ret) {	*minor_status = ret;	return GSS_S_FAILURE;    }    cmp = ct_memcmp(cksum_data, p + 8, 8);    if (cmp) {	*minor_status = 0;	return GSS_S_BAD_MIC;    }    {	EVP_CIPHER_CTX rc4_key;	EVP_CIPHER_CTX_init(&rc4_key);	EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, (void *)k6_data, NULL, 0);	EVP_Cipher(&rc4_key, SND_SEQ, p, 8);	EVP_CIPHER_CTX_cleanup(&rc4_key);	memset(k6_data, 0, sizeof(k6_data));    }    _gss_mg_decode_be_uint32(SND_SEQ, &seq_number);    if (context_handle->more_flags & LOCAL)	cmp = memcmp(&SND_SEQ[4], "/xff/xff/xff/xff", 4);    else	cmp = memcmp(&SND_SEQ[4], "/x00/x00/x00/x00", 4);    memset(SND_SEQ, 0, sizeof(SND_SEQ));    if (cmp != 0) {	*minor_status = 0;	return GSS_S_BAD_MIC;    }    HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex);    omret = _gssapi_msg_order_check(context_handle->gk5c.order, seq_number);    HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);    if (omret)	return omret;    *minor_status = 0;    return GSS_S_COMPLETE;}