自学教程：C++ EVPerr函数代码示例

static int do_evp_enc_engine(EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pcipher, ENGINE *impl)	{	if(impl)		{		if (!ENGINE_init(impl))			{			EVPerr(EVP_F_DO_EVP_ENC_ENGINE, EVP_R_INITIALIZATION_ERROR);			return 0;			}		}	else		/* Ask if an ENGINE is reserved for this job */		impl = ENGINE_get_cipher_engine((*pcipher)->nid);	if(impl)		{		/* There's an ENGINE for this job ... (apparently) */		const EVP_CIPHER *c = ENGINE_get_cipher(impl, (*pcipher)->nid);		if(!c)			{			/* One positive side-effect of US's export			 * control history, is that we should at least			 * be able to avoid using US mispellings of			 * "initialisation"? */			EVPerr(EVP_F_DO_EVP_ENC_ENGINE, EVP_R_INITIALIZATION_ERROR);			return 0;			}		/* We'll use the ENGINE's private cipher definition */		*pcipher = c;		/* Store the ENGINE functional reference so we know		 * 'cipher' came from an ENGINE and we need to release		 * it when done. */		ctx->engine = impl;		}	else		ctx->engine = NULL;	return 1;	}

EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8){    EVP_PKEY *pkey = NULL;    const ASN1_OBJECT *algoid;    char obj_tmp[80];    if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8))        return NULL;    if ((pkey = EVP_PKEY_new()) == NULL) {        EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE);        return NULL;    }    if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) {        EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);        i2t_ASN1_OBJECT(obj_tmp, 80, algoid);        ERR_add_error_data(2, "TYPE=", obj_tmp);        goto error;    }    if (pkey->ameth->priv_decode) {        if (!pkey->ameth->priv_decode(pkey, p8)) {            EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_PRIVATE_KEY_DECODE_ERROR);            goto error;        }    } else {        EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED);        goto error;    }    return pkey; error:    EVP_PKEY_free(pkey);    return NULL;}

int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,	     unsigned int siglen, EVP_PKEY *pkey)	{	unsigned char m[EVP_MAX_MD_SIZE];	unsigned int m_len;	int i,ok=0,v;	MS_STATIC EVP_MD_CTX tmp_ctx;	for (i=0; i<4; i++)		{		v=ctx->digest->required_pkey_type[i];		if (v == 0) break;		if (pkey->type == v)			{			ok=1;			break;			}		}	if (!ok)		{		EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);		return(-1);		}	EVP_MD_CTX_init(&tmp_ctx);	EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);     	EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);	EVP_MD_CTX_cleanup(&tmp_ctx);        if (ctx->digest->verify == NULL)                {		EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);		return(0);		}	return(ctx->digest->verify(ctx->digest->type,m,m_len,		sigbuf,siglen,pkey->pkey.ptr));	}

/* The subkey for Camellia is generated. */ static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,	const unsigned char *iv, int enc)	{	int ret;	ret=Camellia_set_key(key, ctx->key_len * 8, ctx->cipher_data);	if(ret < 0)		{		EVPerr(EVP_F_CAMELLIA_INIT_KEY,EVP_R_CAMELLIA_KEY_SETUP_FAILED);		return 0;		}	return 1;	}

static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,                          const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey,                          int ver){    if (ctx->pctx == NULL)        ctx->pctx = EVP_PKEY_CTX_new(pkey, e);    if (ctx->pctx == NULL)        return 0;    if (!(ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)) {        if (type == NULL) {            int def_nid;            if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)                type = EVP_get_digestbynid(def_nid);        }        if (type == NULL) {            EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);            return 0;        }    }    if (ver) {        if (ctx->pctx->pmeth->verifyctx_init) {            if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx) <= 0)                return 0;            ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;        } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)            return 0;    } else {        if (ctx->pctx->pmeth->signctx_init) {            if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0) {                return 0;            }            ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;        } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)            return 0;    }    if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)        return 0;    if (pctx)        *pctx = ctx->pctx;    if (ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)        return 1;    if (!EVP_DigestInit_ex(ctx, type, e))        return 0;    return 1;}

int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx){    int ret;    if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {        EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT,               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);        return -2;    }    ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;    if (!ctx->pmeth->verify_recover_init)        return 1;    ret = ctx->pmeth->verify_recover_init(ctx);    if (ret <= 0)        ctx->operation = EVP_PKEY_OP_UNDEFINED;    return ret;}

int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx){    int ret;    if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {        EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT,               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);        return -2;    }    ctx->operation = EVP_PKEY_OP_DECRYPT;    if (!ctx->pmeth->decrypt_init)        return 1;    ret = ctx->pmeth->decrypt_init(ctx);    if (ret <= 0)        ctx->operation = EVP_PKEY_OP_UNDEFINED;    return ret;}

int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx){    int ret;    if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {        EVPerr(EVP_F_EVP_PKEY_SIGN_INIT,               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);        return -2;    }    ctx->operation = EVP_PKEY_OP_SIGN;    if (!ctx->pmeth->sign_init)        return 1;    ret = ctx->pmeth->sign_init(ctx);    if (ret <= 0)        ctx->operation = EVP_PKEY_OP_UNDEFINED;    return ret;}

int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,	     EVP_PBE_KEYGEN *keygen){	EVP_PBE_CTL *pbe_tmp;	if (!pbe_algs) pbe_algs = sk_new(pbe_cmp);	if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL)))) {		EVPerr(EVP_F_EVP_PBE_ALG_ADD,ERR_R_MALLOC_FAILURE);		return 0;	}	pbe_tmp->pbe_nid = nid;	pbe_tmp->cipher = cipher;	pbe_tmp->md = md;	pbe_tmp->keygen = keygen;	sk_push (pbe_algs, (char *)pbe_tmp);	return 1;}

int EVP_PKEY_encrypt_old (unsigned char *ek, const unsigned char *key, int key_len, EVP_PKEY * pubk){    int ret = 0;#ifndef OPENSSL_NO_RSA    if (pubk->type != EVP_PKEY_RSA)    {#endif        EVPerr (EVP_F_EVP_PKEY_ENCRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);#ifndef OPENSSL_NO_RSA        goto err;    }    ret = RSA_public_encrypt (key_len, key, ek, pubk->pkey.rsa, RSA_PKCS1_PADDING);  err:#endif    return (ret);}

EVP_PKEY *EVP_PKEY_new(void)	{	EVP_PKEY *ret;	ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY));	if (ret == NULL)		{		EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE);		return(NULL);		}	ret->type=EVP_PKEY_NONE;	ret->references=1;	ret->pkey.ptr=NULL;	ret->attributes=NULL;	ret->save_parameters=1;	return(ret);	}

int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) {    EVP_MD_CTX_init(ctx);    if (ctx->digest != type) {        if (ctx->digest && ctx->digest->ctx_size)            free(ctx->md_data);        ctx->digest=type;        if (type->ctx_size) {            ctx->md_data = malloc(type->ctx_size);            if (!ctx->md_data) {                EVPerr(EVP_F_EVP_DIGESTINIT_EX, ERR_R_MALLOC_FAILURE);                return 0;            }        }    }    return ctx->digest->init(ctx);}

int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,                  unsigned int *siglen, EVP_PKEY *pkey){    unsigned char m[EVP_MAX_MD_SIZE];    unsigned int m_len = 0;    int i = 0;    size_t sltmp;    EVP_PKEY_CTX *pkctx = NULL;    *siglen = 0;    if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_FINALISE)) {        if (!EVP_DigestFinal_ex(ctx, m, &m_len))            goto err;    } else {        int rv = 0;        EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new();        if (tmp_ctx == NULL) {            EVPerr(EVP_F_EVP_SIGNFINAL, ERR_R_MALLOC_FAILURE);            return 0;        }        rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx);        if (rv)            rv = EVP_DigestFinal_ex(tmp_ctx, m, &m_len);        EVP_MD_CTX_free(tmp_ctx);        if (!rv)            return 0;    }    sltmp = (size_t)EVP_PKEY_size(pkey);    i = 0;    pkctx = EVP_PKEY_CTX_new(pkey, NULL);    if (pkctx == NULL)        goto err;    if (EVP_PKEY_sign_init(pkctx) <= 0)        goto err;    if (EVP_PKEY_CTX_set_signature_md(pkctx, EVP_MD_CTX_md(ctx)) <= 0)        goto err;    if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)        goto err;    *siglen = sltmp;    i = 1; err:    EVP_PKEY_CTX_free(pkctx);    return i;}

static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)	{	const EVP_PKEY_ASN1_METHOD *ameth;	ENGINE *e = NULL;	if (pkey)		{		if (pkey->pkey.ptr)			EVP_PKEY_free_it(pkey);		/* If key type matches and a method exists then this		 * lookup has succeeded once so just indicate success.		 */		if ((type == pkey->save_type) && pkey->ameth)			return 1;#ifndef OPENSSL_NO_ENGINE		/* If we have an ENGINE release it */		if (pkey->engine)			{			ENGINE_finish(pkey->engine);			pkey->engine = NULL;			}#endif		}	if (str)		ameth = EVP_PKEY_asn1_find_str(&e, str, len);	else		ameth = EVP_PKEY_asn1_find(&e, type);#ifndef OPENSSL_NO_ENGINE	if (!pkey && e)		ENGINE_finish(e);#endif	if (!ameth)		{		EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);		return 0;		}	if (pkey)		{		pkey->ameth = ameth;		pkey->engine = e;		pkey->type = pkey->ameth->pkey_id;		pkey->save_type=type;		}	return 1;	}

PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken){    switch (broken) {    case PKCS8_OK:        p8->broken = PKCS8_OK;        return p8;    case PKCS8_NO_OCTET:        p8->broken = PKCS8_NO_OCTET;        p8->pkey->type = V_ASN1_SEQUENCE;        return p8;    default:        EVPerr(EVP_F_PKCS8_SET_BROKEN, EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);        return NULL;    }}

/* The subkey for ARIA is generated. */static int aria_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,                            const unsigned char *iv, int enc){    int ret;    int mode = EVP_CIPHER_CTX_mode(ctx);    if (enc || (mode != EVP_CIPH_ECB_MODE && mode != EVP_CIPH_CBC_MODE))        ret = aria_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8,                                        EVP_CIPHER_CTX_get_cipher_data(ctx));    else        ret = aria_set_decrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8,                                        EVP_CIPHER_CTX_get_cipher_data(ctx));    if (ret < 0) {        EVPerr(EVP_F_ARIA_INIT_KEY,EVP_R_ARIA_KEY_SETUP_FAILED);        return 0;    }    return 1;}

int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type){    if (pkey->type == type) {        return 1; /* it already is that type */    }    /*     * The application is requesting to alias this to a different pkey type,     * but not one that resolves to the base type.     */    if (EVP_PKEY_type(type) != EVP_PKEY_base_id(pkey)) {        EVPerr(EVP_F_EVP_PKEY_SET_ALIAS_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);        return 0;    }    pkey->type = type;    return 1;}

int EVP_PKEY_decrypt(unsigned char *key, unsigned char *ek, int ekl,	     EVP_PKEY *priv)	{	int ret= -1;	#ifndef NO_RSA	if (priv->type != EVP_PKEY_RSA)		{#endif		EVPerr(EVP_F_EVP_PKEY_DECRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);#ifndef NO_RSA		goto err;                }	ret=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING);err:#endif	return(ret);	}

int EVP_PBE_scrypt(const char *pass, size_t passlen,                   const unsigned char *salt, size_t saltlen,                   uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem,                   unsigned char *key, size_t keylen){    const char *empty = "";    int rv = 1;    EVP_KDF_CTX *kctx;    if (r > UINT32_MAX || p > UINT32_MAX) {        EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PARAMETER_TOO_LARGE);        return 0;    }    /* Maintain existing behaviour. */    if (pass == NULL) {        pass = empty;        passlen = 0;    }    if (salt == NULL) {        salt = (const unsigned char *)empty;        saltlen = 0;    }    if (maxmem == 0)        maxmem = SCRYPT_MAX_MEM;    kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT);    if (kctx == NULL)        return 0;    if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, pass, (size_t)passlen) != 1            || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT,                            salt, (size_t)saltlen) != 1            || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N, N) != 1            || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R, (uint32_t)r) != 1            || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P, (uint32_t)p) != 1            || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, maxmem) != 1            || EVP_KDF_derive(kctx, key, keylen) != 1)        rv = 0;    EVP_KDF_CTX_free(kctx);    return rv;}

int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,                         int md_nid, EVP_PBE_KEYGEN *keygen){    EVP_PBE_CTL *pbe_tmp;    if (!pbe_algs)        pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);    if (!(pbe_tmp = (EVP_PBE_CTL *)OPENSSL_malloc(sizeof(EVP_PBE_CTL)))) {        EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);        return 0;    }    pbe_tmp->pbe_type = pbe_type;    pbe_tmp->pbe_nid = pbe_nid;    pbe_tmp->cipher_nid = cipher_nid;    pbe_tmp->md_nid = md_nid;    pbe_tmp->keygen = keygen;    sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp);    return 1;}

EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)	{	EVP_PKEY_CTX *rctx;	if (!pctx->pmeth || !pctx->pmeth->copy)		return NULL;#ifndef OPENSSL_NO_ENGINE	/* Make sure it's safe to copy a pkey context using an ENGINE */	if (pctx->engine && !ENGINE_init(pctx->engine))		{		EVPerr(EVP_F_EVP_PKEY_CTX_DUP,ERR_R_ENGINE_LIB);		return 0;		}#endif	rctx = (EVP_PKEY_CTX *)OPENSSL_malloc(sizeof(EVP_PKEY_CTX));	if (!rctx)		return NULL;	rctx->pmeth = pctx->pmeth;#ifndef OPENSSL_NO_ENGINE	rctx->engine = pctx->engine;#endif	if (pctx->pkey)		CRYPTO_add(&pctx->pkey->references,1,CRYPTO_LOCK_EVP_PKEY);	rctx->pkey = pctx->pkey;	if (pctx->peerkey)		CRYPTO_add(&pctx->peerkey->references,1,CRYPTO_LOCK_EVP_PKEY);	rctx->peerkey = pctx->peerkey;	rctx->data = NULL;	rctx->app_data = NULL;	rctx->operation = pctx->operation;	if (pctx->pmeth->copy(rctx, pctx) > 0)		return rctx;	EVP_PKEY_CTX_free(rctx);	return NULL;	}

static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,		   const unsigned char *iv, int enc)	{	int ret;	if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE	    || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE	    || enc) 		ret=AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);	else		ret=AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);	if(ret < 0)		{		EVPerr(EVP_F_AES_INIT_KEY,EVP_R_AES_KEY_SETUP_FAILED);		return 0;		}	return 1;	}

int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,                         EVP_PKEY *priv){    int ret = -1;#ifndef OPENSSL_NO_RSA    if (EVP_PKEY_id(priv) != EVP_PKEY_RSA) {#endif        EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);#ifndef OPENSSL_NO_RSA        goto err;    }    ret =        RSA_private_decrypt(ekl, ek, key, EVP_PKEY_get0_RSA(priv),                            RSA_PKCS1_PADDING); err:#endif    return ret;}

static int ok_new(BIO *bi){    BIO_OK_CTX *ctx;    if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) {        EVPerr(EVP_F_OK_NEW, ERR_R_MALLOC_FAILURE);        return 0;    }    ctx->cont = 1;    ctx->sigio = 1;    ctx->md = EVP_MD_CTX_new();    if (ctx->md == NULL) {        OPENSSL_free(ctx);        return 0;    }    BIO_set_init(bi, 0);    BIO_set_data(bi, ctx);    return 1;}

static int aria_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,                                 const unsigned char *iv, int enc){    int ret;    EVP_ARIA_GCM_CTX *gctx = EVP_C_DATA(EVP_ARIA_GCM_CTX,ctx);    if (!iv && !key)        return 1;    if (key) {        ret = aria_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8,                                   &gctx->ks.ks);        CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,                           (block128_f) aria_encrypt);        if (ret < 0) {            EVPerr(EVP_F_ARIA_GCM_INIT_KEY,EVP_R_ARIA_KEY_SETUP_FAILED);            return 0;        }        /*         * If we have an iv can set it directly, otherwise use saved IV.         */        if (iv == NULL && gctx->iv_set)            iv = gctx->iv;        if (iv) {            CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);            gctx->iv_set = 1;        }        gctx->key_set = 1;    } else {        /* If key set use IV, otherwise copy */        if (gctx->key_set)            CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);        else            memcpy(gctx->iv, iv, gctx->ivlen);        gctx->iv_set = 1;        gctx->iv_gen = 0;    }    return 1;}

int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,                    unsigned int siglen, EVP_PKEY *pkey){    unsigned char m[EVP_MAX_MD_SIZE];    unsigned int m_len = 0;    int i = 0;    EVP_PKEY_CTX *pkctx = NULL;    if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_FINALISE)) {        if (!EVP_DigestFinal_ex(ctx, m, &m_len))            goto err;    } else {        int rv = 0;        EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new();        if (tmp_ctx == NULL) {            EVPerr(EVP_F_EVP_VERIFYFINAL, ERR_R_MALLOC_FAILURE);            return 0;        }        rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx);        if (rv)            rv = EVP_DigestFinal_ex(tmp_ctx, m, &m_len);        EVP_MD_CTX_free(tmp_ctx);        if (!rv)            return 0;    }    i = -1;    pkctx = EVP_PKEY_CTX_new(pkey, NULL);    if (pkctx == NULL)        goto err;    if (EVP_PKEY_verify_init(pkctx) <= 0)        goto err;    if (EVP_PKEY_CTX_set_signature_md(pkctx, EVP_MD_CTX_md(ctx)) <= 0)        goto err;    i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len); err:    EVP_PKEY_CTX_free(pkctx);    return i;}

static int aes_xts_cipher (EVP_CIPHER_CTX * ctx, unsigned char *out, const unsigned char *in, size_t len){    EVP_AES_XTS_CTX *xctx = ctx->cipher_data;    if (!xctx->xts.key1 || !xctx->xts.key2)        return 0;    if (!out || !in || len < AES_BLOCK_SIZE)        return 0;#ifdef OPENSSL_FIPS    /* Requirement of SP800-38E */    if (FIPS_module_mode () && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) && (len > (1UL << 20) * 16))    {        EVPerr (EVP_F_AES_XTS_CIPHER, EVP_R_TOO_LARGE);        return 0;    }#endif    if (xctx->stream)        (*xctx->stream) (in, out, len, xctx->xts.key1, xctx->xts.key2, ctx->iv);    else if (CRYPTO_xts128_encrypt (&xctx->xts, ctx->iv, in, out, len, ctx->encrypt))        return 0;    return 1;}

int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth){    EVP_PKEY_ASN1_METHOD tmp = { 0, };    if (app_methods == NULL) {        app_methods = sk_EVP_PKEY_ASN1_METHOD_new(ameth_cmp);        if (app_methods == NULL)            return 0;    }    tmp.pkey_id = ameth->pkey_id;    if (sk_EVP_PKEY_ASN1_METHOD_find(app_methods, &tmp) >= 0) {        EVPerr(EVP_F_EVP_PKEY_ASN1_ADD0,               EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED);        return 0;    }    if (!sk_EVP_PKEY_ASN1_METHOD_push(app_methods, ameth))        return 0;    sk_EVP_PKEY_ASN1_METHOD_sort(app_methods);    return 1;}

int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen,		ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de){	PBEPARAM *pbe;	int saltlen, iter, ret;	unsigned char *salt, *pbuf;	unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];	/* Extract useful info from parameter */	pbuf = param->value.sequence->data;	if (!param || (param->type != V_ASN1_SEQUENCE) ||	   !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) {		EVPerr(PKCS12_F_PKCS12_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);		return 0;	}	if (!pbe->iter) iter = 1;	else iter = ASN1_INTEGER_get (pbe->iter);	salt = pbe->salt->data;	saltlen = pbe->salt->length;	if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_KEY_ID,			     iter, EVP_CIPHER_key_length(cipher), key, md)) {		PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_KEY_GEN_ERROR);		PBEPARAM_free(pbe);		return 0;	}	if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_IV_ID,				iter, EVP_CIPHER_iv_length(cipher), iv, md)) {		PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_IV_GEN_ERROR);		PBEPARAM_free(pbe);		return 0;	}	PBEPARAM_free(pbe);	ret = EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de);	OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);	OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);	return ret;}

static intaead_aes_gcm_seal(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len,    size_t max_out_len, const unsigned char *nonce, size_t nonce_len,    const unsigned char *in, size_t in_len, const unsigned char *ad,    size_t ad_len){	const struct aead_aes_gcm_ctx *gcm_ctx = ctx->aead_state;	GCM128_CONTEXT gcm;	size_t bulk = 0;	if (max_out_len < in_len + gcm_ctx->tag_len) {		EVPerr(EVP_F_AEAD_AES_GCM_SEAL, EVP_R_BUFFER_TOO_SMALL);		return 0;	}	memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));	CRYPTO_gcm128_setiv(&gcm, nonce, nonce_len);	if (ad_len > 0 && CRYPTO_gcm128_aad(&gcm, ad, ad_len))		return 0;	if (gcm_ctx->ctr) {		if (CRYPTO_gcm128_encrypt_ctr32(&gcm, in + bulk, out + bulk,		    in_len - bulk, gcm_ctx->ctr))			return 0;	} else {		if (CRYPTO_gcm128_encrypt(&gcm, in + bulk, out + bulk,		    in_len - bulk))			return 0;	}	CRYPTO_gcm128_tag(&gcm, out + in_len, gcm_ctx->tag_len);	*out_len = in_len + gcm_ctx->tag_len;	return 1;}