1 /* $OpenBSD: evp_enc.c,v 1.31 2016/05/30 13:42:54 beck Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <stdio.h> 60 #include <stdlib.h> 61 #include <string.h> 62 63 #include <openssl/opensslconf.h> 64 65 #include <openssl/err.h> 66 #include <openssl/evp.h> 67 68 #ifndef OPENSSL_NO_ENGINE 69 #include <openssl/engine.h> 70 #endif 71 72 #include "evp_locl.h" 73 74 #define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl) 75 76 void 77 EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) 78 { 79 memset(ctx, 0, sizeof(EVP_CIPHER_CTX)); 80 } 81 82 EVP_CIPHER_CTX * 83 EVP_CIPHER_CTX_new(void) 84 { 85 return calloc(1, sizeof(EVP_CIPHER_CTX)); 86 } 87 88 int 89 EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, 90 const unsigned char *key, const unsigned char *iv, int enc) 91 { 92 if (cipher) 93 EVP_CIPHER_CTX_init(ctx); 94 return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc); 95 } 96 97 int 98 EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, 99 const unsigned char *key, const unsigned char *iv, int enc) 100 { 101 if (enc == -1) 102 enc = ctx->encrypt; 103 else { 104 if (enc) 105 enc = 1; 106 ctx->encrypt = enc; 107 } 108 #ifndef OPENSSL_NO_ENGINE 109 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts 110 * so this context may already have an ENGINE! Try to avoid releasing 111 * the previous handle, re-querying for an ENGINE, and having a 112 * reinitialisation, when it may all be unecessary. */ 113 if (ctx->engine && ctx->cipher && 114 (!cipher || (cipher && (cipher->nid == ctx->cipher->nid)))) 115 goto skip_to_init; 116 #endif 117 if (cipher) { 118 /* Ensure a context left lying around from last time is cleared 119 * (the previous check attempted to avoid this if the same 120 * ENGINE and EVP_CIPHER could be used). */ 121 if (ctx->cipher) { 122 unsigned long flags = ctx->flags; 123 EVP_CIPHER_CTX_cleanup(ctx); 124 /* Restore encrypt and flags */ 125 ctx->encrypt = enc; 126 ctx->flags = flags; 127 } 128 #ifndef OPENSSL_NO_ENGINE 129 if (impl) { 130 if (!ENGINE_init(impl)) { 131 EVPerr(EVP_F_EVP_CIPHERINIT_EX, 132 EVP_R_INITIALIZATION_ERROR); 133 return 0; 134 } 135 } else 136 /* Ask if an ENGINE is reserved for this job */ 137 impl = ENGINE_get_cipher_engine(cipher->nid); 138 if (impl) { 139 /* There's an ENGINE for this job ... (apparently) */ 140 const EVP_CIPHER *c = 141 ENGINE_get_cipher(impl, cipher->nid); 142 if (!c) { 143 EVPerr(EVP_F_EVP_CIPHERINIT_EX, 144 EVP_R_INITIALIZATION_ERROR); 145 return 0; 146 } 147 /* We'll use the ENGINE's private cipher definition */ 148 cipher = c; 149 /* Store the ENGINE functional reference so we know 150 * 'cipher' came from an ENGINE and we need to release 151 * it when done. */ 152 ctx->engine = impl; 153 } else 154 ctx->engine = NULL; 155 #endif 156 157 ctx->cipher = cipher; 158 if (ctx->cipher->ctx_size) { 159 ctx->cipher_data = malloc(ctx->cipher->ctx_size); 160 if (!ctx->cipher_data) { 161 EVPerr(EVP_F_EVP_CIPHERINIT_EX, 162 ERR_R_MALLOC_FAILURE); 163 return 0; 164 } 165 } else { 166 ctx->cipher_data = NULL; 167 } 168 ctx->key_len = cipher->key_len; 169 ctx->flags = 0; 170 if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) { 171 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { 172 EVPerr(EVP_F_EVP_CIPHERINIT_EX, 173 EVP_R_INITIALIZATION_ERROR); 174 return 0; 175 } 176 } 177 } else if (!ctx->cipher) { 178 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET); 179 return 0; 180 } 181 #ifndef OPENSSL_NO_ENGINE 182 skip_to_init: 183 #endif 184 /* we assume block size is a power of 2 in *cryptUpdate */ 185 if (ctx->cipher->block_size != 1 && 186 ctx->cipher->block_size != 8 && 187 ctx->cipher->block_size != 16) { 188 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_BAD_BLOCK_LENGTH); 189 return 0; 190 } 191 192 if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { 193 switch (EVP_CIPHER_CTX_mode(ctx)) { 194 195 case EVP_CIPH_STREAM_CIPHER: 196 case EVP_CIPH_ECB_MODE: 197 break; 198 199 case EVP_CIPH_CFB_MODE: 200 case EVP_CIPH_OFB_MODE: 201 202 ctx->num = 0; 203 /* fall-through */ 204 205 case EVP_CIPH_CBC_MODE: 206 207 if ((size_t)EVP_CIPHER_CTX_iv_length(ctx) > 208 sizeof(ctx->iv)) { 209 EVPerr(EVP_F_EVP_CIPHERINIT_EX, 210 EVP_R_IV_TOO_LARGE); 211 return 0; 212 } 213 if (iv) 214 memcpy(ctx->oiv, iv, 215 EVP_CIPHER_CTX_iv_length(ctx)); 216 memcpy(ctx->iv, ctx->oiv, 217 EVP_CIPHER_CTX_iv_length(ctx)); 218 break; 219 220 case EVP_CIPH_CTR_MODE: 221 ctx->num = 0; 222 /* Don't reuse IV for CTR mode */ 223 if (iv) 224 memcpy(ctx->iv, iv, 225 EVP_CIPHER_CTX_iv_length(ctx)); 226 break; 227 228 default: 229 return 0; 230 break; 231 } 232 } 233 234 if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { 235 if (!ctx->cipher->init(ctx, key, iv, enc)) 236 return 0; 237 } 238 ctx->buf_len = 0; 239 ctx->final_used = 0; 240 ctx->block_mask = ctx->cipher->block_size - 1; 241 return 1; 242 } 243 244 int 245 EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, 246 const unsigned char *in, int inl) 247 { 248 if (ctx->encrypt) 249 return EVP_EncryptUpdate(ctx, out, outl, in, inl); 250 else 251 return EVP_DecryptUpdate(ctx, out, outl, in, inl); 252 } 253 254 int 255 EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 256 { 257 if (ctx->encrypt) 258 return EVP_EncryptFinal_ex(ctx, out, outl); 259 else 260 return EVP_DecryptFinal_ex(ctx, out, outl); 261 } 262 263 int 264 EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 265 { 266 if (ctx->encrypt) 267 return EVP_EncryptFinal_ex(ctx, out, outl); 268 else 269 return EVP_DecryptFinal_ex(ctx, out, outl); 270 } 271 272 int 273 EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, 274 const unsigned char *key, const unsigned char *iv) 275 { 276 return EVP_CipherInit(ctx, cipher, key, iv, 1); 277 } 278 279 int 280 EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, 281 const unsigned char *key, const unsigned char *iv) 282 { 283 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1); 284 } 285 286 int 287 EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, 288 const unsigned char *key, const unsigned char *iv) 289 { 290 return EVP_CipherInit(ctx, cipher, key, iv, 0); 291 } 292 293 int 294 EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, 295 const unsigned char *key, const unsigned char *iv) 296 { 297 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0); 298 } 299 300 int 301 EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, 302 const unsigned char *in, int inl) 303 { 304 int i, j, bl; 305 306 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) { 307 i = M_do_cipher(ctx, out, in, inl); 308 if (i < 0) 309 return 0; 310 else 311 *outl = i; 312 return 1; 313 } 314 315 if (inl <= 0) { 316 *outl = 0; 317 return inl == 0; 318 } 319 320 if (ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) { 321 if (M_do_cipher(ctx, out, in, inl)) { 322 *outl = inl; 323 return 1; 324 } else { 325 *outl = 0; 326 return 0; 327 } 328 } 329 i = ctx->buf_len; 330 bl = ctx->cipher->block_size; 331 if ((size_t)bl > sizeof(ctx->buf)) { 332 EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH); 333 *outl = 0; 334 return 0; 335 } 336 if (i != 0) { 337 if (bl - i > inl) { 338 memcpy(&(ctx->buf[i]), in, inl); 339 ctx->buf_len += inl; 340 *outl = 0; 341 return 1; 342 } else { 343 j = bl - i; 344 memcpy(&(ctx->buf[i]), in, j); 345 if (!M_do_cipher(ctx, out, ctx->buf, bl)) 346 return 0; 347 inl -= j; 348 in += j; 349 out += bl; 350 *outl = bl; 351 } 352 } else 353 *outl = 0; 354 i = inl&(bl - 1); 355 inl -= i; 356 if (inl > 0) { 357 if (!M_do_cipher(ctx, out, in, inl)) 358 return 0; 359 *outl += inl; 360 } 361 362 if (i != 0) 363 memcpy(ctx->buf, &(in[inl]), i); 364 ctx->buf_len = i; 365 return 1; 366 } 367 368 int 369 EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 370 { 371 int ret; 372 373 ret = EVP_EncryptFinal_ex(ctx, out, outl); 374 return ret; 375 } 376 377 int 378 EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 379 { 380 int n, ret; 381 unsigned int i, b, bl; 382 383 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) { 384 ret = M_do_cipher(ctx, out, NULL, 0); 385 if (ret < 0) 386 return 0; 387 else 388 *outl = ret; 389 return 1; 390 } 391 392 b = ctx->cipher->block_size; 393 if (b > sizeof ctx->buf) { 394 EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_BAD_BLOCK_LENGTH); 395 return 0; 396 } 397 if (b == 1) { 398 *outl = 0; 399 return 1; 400 } 401 bl = ctx->buf_len; 402 if (ctx->flags & EVP_CIPH_NO_PADDING) { 403 if (bl) { 404 EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX, 405 EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); 406 return 0; 407 } 408 *outl = 0; 409 return 1; 410 } 411 412 n = b - bl; 413 for (i = bl; i < b; i++) 414 ctx->buf[i] = n; 415 ret = M_do_cipher(ctx, out, ctx->buf, b); 416 417 418 if (ret) 419 *outl = b; 420 421 return ret; 422 } 423 424 int 425 EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, 426 const unsigned char *in, int inl) 427 { 428 int fix_len; 429 unsigned int b; 430 431 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) { 432 fix_len = M_do_cipher(ctx, out, in, inl); 433 if (fix_len < 0) { 434 *outl = 0; 435 return 0; 436 } else 437 *outl = fix_len; 438 return 1; 439 } 440 441 if (inl <= 0) { 442 *outl = 0; 443 return inl == 0; 444 } 445 446 if (ctx->flags & EVP_CIPH_NO_PADDING) 447 return EVP_EncryptUpdate(ctx, out, outl, in, inl); 448 449 b = ctx->cipher->block_size; 450 if (b > sizeof ctx->final) { 451 EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH); 452 return 0; 453 } 454 455 if (ctx->final_used) { 456 memcpy(out, ctx->final, b); 457 out += b; 458 fix_len = 1; 459 } else 460 fix_len = 0; 461 462 463 if (!EVP_EncryptUpdate(ctx, out, outl, in, inl)) 464 return 0; 465 466 /* if we have 'decrypted' a multiple of block size, make sure 467 * we have a copy of this last block */ 468 if (b > 1 && !ctx->buf_len) { 469 *outl -= b; 470 ctx->final_used = 1; 471 memcpy(ctx->final, &out[*outl], b); 472 } else 473 ctx->final_used = 0; 474 475 if (fix_len) 476 *outl += b; 477 478 return 1; 479 } 480 481 int 482 EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 483 { 484 int ret; 485 486 ret = EVP_DecryptFinal_ex(ctx, out, outl); 487 return ret; 488 } 489 490 int 491 EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 492 { 493 int i, n; 494 unsigned int b; 495 *outl = 0; 496 497 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) { 498 i = M_do_cipher(ctx, out, NULL, 0); 499 if (i < 0) 500 return 0; 501 else 502 *outl = i; 503 return 1; 504 } 505 506 b = ctx->cipher->block_size; 507 if (ctx->flags & EVP_CIPH_NO_PADDING) { 508 if (ctx->buf_len) { 509 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, 510 EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); 511 return 0; 512 } 513 *outl = 0; 514 return 1; 515 } 516 if (b > 1) { 517 if (ctx->buf_len || !ctx->final_used) { 518 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, 519 EVP_R_WRONG_FINAL_BLOCK_LENGTH); 520 return (0); 521 } 522 if (b > sizeof ctx->final) { 523 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, 524 EVP_R_BAD_BLOCK_LENGTH); 525 return 0; 526 } 527 n = ctx->final[b - 1]; 528 if (n == 0 || n > (int)b) { 529 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT); 530 return (0); 531 } 532 for (i = 0; i < n; i++) { 533 if (ctx->final[--b] != n) { 534 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, 535 EVP_R_BAD_DECRYPT); 536 return (0); 537 } 538 } 539 n = ctx->cipher->block_size - n; 540 for (i = 0; i < n; i++) 541 out[i] = ctx->final[i]; 542 *outl = n; 543 } else 544 *outl = 0; 545 return (1); 546 } 547 548 void 549 EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) 550 { 551 if (ctx) { 552 EVP_CIPHER_CTX_cleanup(ctx); 553 free(ctx); 554 } 555 } 556 557 int 558 EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) 559 { 560 if (c->cipher != NULL) { 561 if (c->cipher->cleanup && !c->cipher->cleanup(c)) 562 return 0; 563 /* Cleanse cipher context data */ 564 if (c->cipher_data) 565 explicit_bzero(c->cipher_data, c->cipher->ctx_size); 566 } 567 free(c->cipher_data); 568 #ifndef OPENSSL_NO_ENGINE 569 if (c->engine) 570 /* The EVP_CIPHER we used belongs to an ENGINE, release the 571 * functional reference we held for this reason. */ 572 ENGINE_finish(c->engine); 573 #endif 574 explicit_bzero(c, sizeof(EVP_CIPHER_CTX)); 575 return 1; 576 } 577 578 int 579 EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) 580 { 581 if (c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH) 582 return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, 583 keylen, NULL); 584 if (c->key_len == keylen) 585 return 1; 586 if ((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) { 587 c->key_len = keylen; 588 return 1; 589 } 590 EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH, EVP_R_INVALID_KEY_LENGTH); 591 return 0; 592 } 593 594 int 595 EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad) 596 { 597 if (pad) 598 ctx->flags &= ~EVP_CIPH_NO_PADDING; 599 else 600 ctx->flags |= EVP_CIPH_NO_PADDING; 601 return 1; 602 } 603 604 int 605 EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) 606 { 607 int ret; 608 609 if (!ctx->cipher) { 610 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET); 611 return 0; 612 } 613 614 if (!ctx->cipher->ctrl) { 615 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED); 616 return 0; 617 } 618 619 ret = ctx->cipher->ctrl(ctx, type, arg, ptr); 620 if (ret == -1) { 621 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, 622 EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED); 623 return 0; 624 } 625 return ret; 626 } 627 628 int 629 EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) 630 { 631 if (ctx->cipher->flags & EVP_CIPH_RAND_KEY) 632 return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key); 633 arc4random_buf(key, ctx->key_len); 634 return 1; 635 } 636 637 int 638 EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) 639 { 640 if ((in == NULL) || (in->cipher == NULL)) { 641 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INPUT_NOT_INITIALIZED); 642 return 0; 643 } 644 #ifndef OPENSSL_NO_ENGINE 645 /* Make sure it's safe to copy a cipher context using an ENGINE */ 646 if (in->engine && !ENGINE_init(in->engine)) { 647 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_ENGINE_LIB); 648 return 0; 649 } 650 #endif 651 652 EVP_CIPHER_CTX_cleanup(out); 653 memcpy(out, in, sizeof *out); 654 655 if (in->cipher_data && in->cipher->ctx_size) { 656 out->cipher_data = malloc(in->cipher->ctx_size); 657 if (!out->cipher_data) { 658 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE); 659 return 0; 660 } 661 memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size); 662 } 663 664 if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY) 665 return in->cipher->ctrl((EVP_CIPHER_CTX *)in, 666 EVP_CTRL_COPY, 0, out); 667 return 1; 668 } 669