Add CommonCrypto support, split out all hcrypto specific code to hcrypto module

lib/hcrypto/Makefile.am

@@ -25,6 +25,8 @@ hcryptoinclude_HEADERS =	\
 	ecdsa.h			\
 	engine.h		\
 	evp.h			\
+	evp-hcrypto.h		\
+	evp-cc.h		\
 	hmac.h			\
 	md2.h			\
 	md4.h			\
@@ -109,6 +111,7 @@ libhcrypto_la_SOURCES =	\
 	evp.h		\
 	evp-hcrypto.c	\
 	evp-aes-cts.c	\
+	evp-cc.c	\
 	engine.c	\
 	engine.h	\
 	hash.h		\

lib/hcrypto/evp-aes-cts.c

@@ -58,6 +58,7 @@ const EVP_CIPHER * _krb5_EVP_hcrypto_aes_256_cts(void);
 
 #else
 #include <evp.h>
+#include <evp-hcrypto.h>
 #include <aes.h>
 
 #define _hc_EVP_hcrypto_aes_128_cts hc_EVP_hcrypto_aes_128_cts

lib/hcrypto/evp-cc.c

@@ -0,0 +1,557 @@
+/*
+ * Copyright (c) 2008 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* CommonCrypto provider */
+
+#ifdef __APPLE__
+
+#include "config.h"
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+
+#include <CommonCrypto/CommonDigest.h>
+#include <CommonCrypto/CommonCryptor.h>
+
+#include <evp.h>
+#include <evp-cc.h>
+
+/*
+ *
+ */
+
+struct cc_key {
+    CCCryptorRef href;
+};
+
+static int
+cc_do_cipher(EVP_CIPHER_CTX *ctx,
+	     unsigned char *out,
+	     const unsigned char *in,
+	     unsigned int size)
+{
+    struct cc_key *cc = ctx->cipher_data;
+    CCCryptorStatus ret;
+    size_t moved;
+
+    memcpy(out, in, size);
+
+    ret = CCCryptorUpdate(cc->href, in, size, out, size, &moved);
+    if (ret)
+	return 0;
+
+    if (moved != size)
+	return 0;
+
+    return 1;
+}
+
+static int
+cc_cleanup(EVP_CIPHER_CTX *ctx)
+{
+    struct cc_key *cc = ctx->cipher_data;
+    if (cc->href)
+	CCCryptorRelease(cc->href);
+    return 1;
+}
+
+static int
+init_cc_key(int encp, CCAlgorithm alg, const void *key,
+	    size_t keylen, const void *iv, CCCryptorRef *ref)
+{
+    CCOperation op = encp ? kCCEncrypt : kCCDecrypt;
+    CCCryptorStatus ret;
+
+    ret = CCCryptorCreate(op, alg, 0, key, keylen, iv, ref);
+    if (ret)
+	return 0;
+    return 1;
+}
+
+static int
+cc_des_ede3_cbc_init(EVP_CIPHER_CTX *ctx,
+		     const unsigned char * key,
+		     const unsigned char * iv,
+		     int encp)
+{
+    struct cc_key *cc = ctx->cipher_data;
+    return init_cc_key(encp, kCCAlgorithm3DES, key, kCCKeySize3DES, iv, &cc->href);
+}
+
+/**
+ * The tripple DES cipher type (Apple CommonCrypto provider)
+ *
+ * @return the DES-EDE3-CBC EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_cc_des_ede3_cbc(void)
+{
+    static const EVP_CIPHER des_ede3_cbc = {
+	0,
+	8,
+	24,
+	8,
+	EVP_CIPH_CBC_MODE,
+	cc_des_ede3_cbc_init,
+	cc_do_cipher,
+	cc_cleanup,
+	sizeof(struct cc_key),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &des_ede3_cbc;
+}
+
+/*
+ *
+ */
+
+static int
+cc_des_cbc_init(EVP_CIPHER_CTX *ctx,
+		const unsigned char * key,
+		const unsigned char * iv,
+		int encp)
+{
+    struct cc_key *cc = ctx->cipher_data;
+    return init_cc_key(encp, kCCAlgorithmDES, key, kCCBlockSizeDES, iv, &cc->href);
+}
+
+/**
+ * The DES cipher type (Apple CommonCrypto provider)
+ *
+ * @return the DES-CBC EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_cc_des_cbc(void)
+{
+    static const EVP_CIPHER des_ede3_cbc = {
+	0,
+	kCCBlockSizeDES,
+	kCCBlockSizeDES,
+	kCCBlockSizeDES,
+	EVP_CIPH_CBC_MODE,
+	cc_des_cbc_init,
+	cc_do_cipher,
+	cc_cleanup,
+	sizeof(struct cc_key),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &des_ede3_cbc;
+}
+
+
+
+/*
+ *
+ */
+
+static int
+cc_aes_cbc_init(EVP_CIPHER_CTX *ctx,
+		const unsigned char * key,
+		const unsigned char * iv,
+		int encp)
+{
+    struct cc_key *cc = ctx->cipher_data;
+    return init_cc_key(encp, kCCAlgorithmAES128, key, ctx->cipher->key_len, iv, &cc->href);
+}
+
+/**
+ * The AES-128 cipher type (Apple CommonCrypto provider)
+ *
+ * @return the AES-128-CBC EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_cc_aes_128_cbc(void)
+{
+    static const EVP_CIPHER c = {
+	0,
+	kCCBlockSizeAES128,
+	kCCKeySizeAES128,
+	kCCBlockSizeAES128,
+	EVP_CIPH_CBC_MODE,
+	cc_aes_cbc_init,
+	cc_do_cipher,
+	cc_cleanup,
+	sizeof(struct cc_key),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &c;
+}
+
+/**
+ * The AES-192 cipher type (Apple CommonCrypto provider)
+ *
+ * @return the AES-192-CBC EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_cc_aes_192_cbc(void)
+{
+    static const EVP_CIPHER c = {
+	0,
+	kCCBlockSizeAES128,
+	kCCKeySizeAES192,
+	kCCBlockSizeAES128,
+	EVP_CIPH_CBC_MODE,
+	cc_aes_cbc_init,
+	cc_do_cipher,
+	cc_cleanup,
+	sizeof(struct cc_key),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &c;
+}
+
+/**
+ * The AES-256 cipher type (Apple CommonCrypto provider)
+ *
+ * @return the AES-256-CBC EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_cc_aes_256_cbc(void)
+{
+    static const EVP_CIPHER c = {
+	0,
+	kCCBlockSizeAES128,
+	kCCKeySizeAES256,
+	kCCBlockSizeAES128,
+	EVP_CIPH_CBC_MODE,
+	cc_aes_cbc_init,
+	cc_do_cipher,
+	cc_cleanup,
+	sizeof(struct cc_key),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &c;
+}
+
+/*
+ *
+ */
+
+static int
+cc_rc2_cbc_init(EVP_CIPHER_CTX *ctx,
+		const unsigned char * key,
+		const unsigned char * iv,
+		int encp)
+{
+    struct cc_key *cc = ctx->cipher_data;
+    return init_cc_key(encp, kCCAlgorithmRC2, key, ctx->cipher->key_len, iv, &cc->href);
+}
+
+/**
+ * The RC2 cipher type - common crypto
+ *
+ * @return the RC2 EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+
+const EVP_CIPHER *
+EVP_cc_rc2_cbc(void)
+{
+    static const EVP_CIPHER rc2_cbc = {
+	0,
+	kCCBlockSizeRC2,
+	16,
+	kCCBlockSizeRC2,
+	EVP_CIPH_CBC_MODE,
+	cc_rc2_cbc_init,
+	cc_do_cipher,
+	cc_cleanup,
+	sizeof(struct cc_key),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &rc2_cbc;
+}
+
+/**
+ * The RC2-40 cipher type - common crypto
+ *
+ * @return the RC2-40 EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+
+const EVP_CIPHER *
+EVP_cc_rc2_40_cbc(void)
+{
+    static const EVP_CIPHER rc2_40_cbc = {
+	0,
+	kCCBlockSizeRC2,
+	5,
+	kCCBlockSizeRC2,
+	EVP_CIPH_CBC_MODE,
+	cc_rc2_cbc_init,
+	cc_do_cipher,
+	cc_cleanup,
+	sizeof(struct cc_key),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &rc2_40_cbc;
+}
+
+
+/**
+ * The RC2-64 cipher type - common crypto
+ *
+ * @return the RC2-64 EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+
+const EVP_CIPHER *
+EVP_cc_rc2_64_cbc(void)
+{
+    static const EVP_CIPHER rc2_64_cbc = {
+	0,
+	kCCBlockSizeRC2,
+	8,
+	kCCBlockSizeRC2,
+	EVP_CIPH_CBC_MODE,
+	cc_rc2_cbc_init,
+	cc_do_cipher,
+	cc_cleanup,
+	sizeof(struct cc_key),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &rc2_64_cbc;
+}
+
+
+/**
+ * The RC4 cipher type (Apple CommonCrypto provider)
+ *
+ * @return the RC4 EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_cc_rc4(void)
+{
+    abort();
+}
+
+/**
+ * The CommonCrypto md2 provider
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_MD *
+EVP_cc_md2(void)
+{
+    static const struct hc_evp_md md2 = {
+	CC_MD2_DIGEST_LENGTH,
+	CC_MD2_BLOCK_BYTES,
+	sizeof(CC_MD2_CTX),
+	(hc_evp_md_init)CC_MD2_Init,
+	(hc_evp_md_update)CC_MD2_Update,
+	(hc_evp_md_final)CC_MD2_Final,
+	(hc_evp_md_cleanup)NULL
+    };
+    return &md2;
+}
+
+/**
+ * The CommonCrypto md4 provider
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_MD *
+EVP_cc_md4(void)
+{
+    static const struct hc_evp_md md4 = {
+	CC_MD4_DIGEST_LENGTH,
+	CC_MD4_BLOCK_BYTES,
+	sizeof(CC_MD4_CTX),
+	(hc_evp_md_init)CC_MD4_Init,
+	(hc_evp_md_update)CC_MD4_Update,
+	(hc_evp_md_final)CC_MD4_Final,
+	(hc_evp_md_cleanup)NULL
+    };
+    return &md4;
+}
+
+/**
+ * The CommonCrypto md5 provider
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_MD *
+EVP_cc_md5(void)
+{
+    static const struct hc_evp_md md5 = {
+	CC_MD5_DIGEST_LENGTH,
+	CC_MD5_BLOCK_BYTES,
+	sizeof(CC_MD5_CTX),
+	(hc_evp_md_init)CC_MD5_Init,
+	(hc_evp_md_update)CC_MD5_Update,
+	(hc_evp_md_final)CC_MD5_Final,
+	(hc_evp_md_cleanup)NULL
+    };
+    return &md5;
+}
+
+/**
+ * The CommonCrypto sha1 provider
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_MD *
+EVP_cc_sha1(void)
+{
+    static const struct hc_evp_md sha1 = {
+	CC_SHA1_DIGEST_LENGTH,
+	CC_SHA1_BLOCK_BYTES,
+	sizeof(CC_SHA1_CTX),
+	(hc_evp_md_init)CC_SHA1_Init,
+	(hc_evp_md_update)CC_SHA1_Update,
+	(hc_evp_md_final)CC_SHA1_Final,
+	(hc_evp_md_cleanup)NULL
+    };
+    return &sha1;
+}
+
+/**
+ * The CommonCrypto sha256 provider
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_MD *
+EVP_cc_sha256(void)
+{
+    static const struct hc_evp_md sha256 = {
+	CC_SHA256_DIGEST_LENGTH,
+	CC_SHA256_BLOCK_BYTES,
+	sizeof(CC_SHA256_CTX),
+	(hc_evp_md_init)CC_SHA256_Init,
+	(hc_evp_md_update)CC_SHA256_Update,
+	(hc_evp_md_final)CC_SHA256_Final,
+	(hc_evp_md_cleanup)NULL
+    };
+    return &sha256;
+}
+
+/**
+ * The Camellia-128 cipher type - CommonCrypto
+ *
+ * @return the Camellia-128 EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_cc_camellia_128_cbc(void)
+{
+    return NULL;
+}
+
+/**
+ * The Camellia-198 cipher type - CommonCrypto
+ *
+ * @return the Camellia-198 EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_cc_camellia_192_cbc(void)
+{
+    return NULL;
+}
+
+/**
+ * The Camellia-256 cipher type - CommonCrypto
+ *
+ * @return the Camellia-256 EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_cc_camellia_256_cbc(void)
+{
+    return NULL;
+}
+
+#endif /* __APPLE__ */
+

lib/hcrypto/evp-cc.h

@@ -0,0 +1,91 @@
+/*
+ * Copyright (c) 2009 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id$ */
+
+#ifndef HEIM_EVP_CC_H
+#define HEIM_EVP_CC_H 1
+
+/* symbol renaming */
+#define EVP_cc_md2 hc_EVP_cc_md2
+#define EVP_cc_md4 hc_EVP_cc_md4
+#define EVP_cc_md5 hc_EVP_cc_md5
+#define EVP_cc_sha1 hc_EVP_cc_sha1
+#define EVP_cc_sha256 hc_EVP__cc_sha256
+#define EVP_cc_des_cbc hc_EVP_cc_des_cbc
+#define EVP_cc_des_ede3_cbc hc_EVP_cc_des_ede3_cbc
+#define EVP_cc_aes_128_cbc hc_EVP_cc_aes_128_cbc
+#define EVP_cc_aes_192_cbc hc_EVP_cc_aes_192_cbc
+#define EVP_cc_aes_256_cbc hc_EVP_cc_aes_256_cbc
+#define EVP_cc_rc4 hc_EVP_cc_rc4
+#define EVP_cc_rc4_40 hc_EVP_cc_rc4_40
+#define EVP_cc_rc2_40_cbc hc_EVP_cc_rc2_40_cbc
+#define EVP_cc_rc2_64_cbc hc_EVP_cc_rc2_64_cbc
+#define EVP_cc_rc2_cbc hc_EVP_cc_rc2_cbc
+#define EVP_cc_camellia_128_cbc hc_EVP_cc_camellia_128_cbc
+#define EVP_cc_camellia_192_cbc hc_EVP_cc_camellia_192_cbc
+#define EVP_cc_camellia_256_cbc hc_EVP_cc_camellia_256_cbc
+
+/*
+ *
+ */
+
+HC_CPP_BEGIN
+
+const EVP_MD * EVP_cc_md2(void);
+const EVP_MD * EVP_cc_md4(void);
+const EVP_MD * EVP_cc_md5(void);
+const EVP_MD * EVP_cc_sha1(void);
+const EVP_MD * EVP_cc_sha256(void);
+
+const EVP_CIPHER * EVP_cc_rc2_cbc(void);
+const EVP_CIPHER * EVP_cc_rc2_40_cbc(void);
+const EVP_CIPHER * EVP_cc_rc2_64_cbc(void);
+
+const EVP_CIPHER * EVP_cc_rc4(void);
+const EVP_CIPHER * EVP_cc_rc4_40(void);
+
+const EVP_CIPHER * EVP_cc_des_cbc(void);
+const EVP_CIPHER * EVP_cc_des_ede3_cbc(void);
+
+const EVP_CIPHER * EVP_cc_aes_128_cbc(void);
+const EVP_CIPHER * EVP_cc_aes_192_cbc(void);
+const EVP_CIPHER * EVP_cc_aes_256_cbc(void);
+
+const EVP_CIPHER * EVP_cc_camellia_128_cbc(void);
+const EVP_CIPHER * EVP_cc_camellia_192_cbc(void);
+const EVP_CIPHER * EVP_cc_camellia_256_cbc(void);
+
+HC_CPP_END
+
+#endif /* HEIM_EVP_CC_H */

lib/hcrypto/evp-hcrypto.c

@@ -42,11 +42,22 @@
 #include <assert.h>
 
 #include <evp.h>
+#include <evp-hcrypto.h>
 
 #include <krb5-types.h>
 
+#include <des.h>
+#include "camellia.h"
 #include <aes.h>
 
+#include <rc2.h>
+#include <rc4.h>
+
+#include <sha.h>
+#include <md2.h>
+#include <md4.h>
+#include <md5.h>
+
 /*
  *
  */
@@ -170,3 +181,526 @@ EVP_hcrypto_aes_256_cbc(void)
     };
     return &aes_256_cbc;
 }
+
+/**
+ * The message digest SHA256 - hcrypto
+ *
+ * @return the message digest type.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_MD *
+EVP_hcrypto_sha256(void)
+{
+    static const struct hc_evp_md sha256 = {
+	32,
+	64,
+	sizeof(SHA256_CTX),
+	(hc_evp_md_init)SHA256_Init,
+	(hc_evp_md_update)SHA256_Update,
+	(hc_evp_md_final)SHA256_Final,
+	NULL
+    };
+    return &sha256;
+}
+
+/**
+ * The message digest SHA1 - hcrypto
+ *
+ * @return the message digest type.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_MD *
+EVP_hcrypto_sha1(void)
+{
+    static const struct hc_evp_md sha1 = {
+	20,
+	64,
+	sizeof(SHA_CTX),
+	(hc_evp_md_init)SHA1_Init,
+	(hc_evp_md_update)SHA1_Update,
+	(hc_evp_md_final)SHA1_Final,
+	NULL
+    };
+    return &sha1;
+}
+
+/**
+ * The message digest MD5 - hcrypto
+ *
+ * @return the message digest type.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_MD *
+EVP_hcrypto_md5(void)
+{
+    static const struct hc_evp_md md5 = {
+	16,
+	64,
+	sizeof(MD5_CTX),
+	(hc_evp_md_init)MD5_Init,
+	(hc_evp_md_update)MD5_Update,
+	(hc_evp_md_final)MD5_Final,
+	NULL
+    };
+    return &md5;
+}
+
+/**
+ * The message digest MD4 - hcrypto
+ *
+ * @return the message digest type.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_MD *
+EVP_hcrypto_md4(void)
+{
+    static const struct hc_evp_md md4 = {
+	16,
+	64,
+	sizeof(MD4_CTX),
+	(hc_evp_md_init)MD4_Init,
+	(hc_evp_md_update)MD4_Update,
+	(hc_evp_md_final)MD4_Final,
+	NULL
+    };
+    return &md4;
+}
+
+/**
+ * The message digest MD2 - hcrypto
+ *
+ * @return the message digest type.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_MD *
+EVP_hcrypto_md2(void)
+{
+    static const struct hc_evp_md md2 = {
+	16,
+	16,
+	sizeof(MD2_CTX),
+	(hc_evp_md_init)MD2_Init,
+	(hc_evp_md_update)MD2_Update,
+	(hc_evp_md_final)MD2_Final,
+	NULL
+    };
+    return &md2;
+}
+
+const EVP_CIPHER *
+EVP_hcrypto_rc4(void) 
+{
+    printf("evp rc4\n");
+    abort();
+    return NULL;
+}
+
+const EVP_CIPHER *
+EVP_hcrypto_rc4_40(void)
+{
+    printf("evp rc4_40\n");
+    abort();
+    return NULL;
+}
+
+/*
+ *
+ */
+
+static int
+des_cbc_init(EVP_CIPHER_CTX *ctx,
+	     const unsigned char * key,
+	     const unsigned char * iv,
+	     int encp)
+{
+    DES_key_schedule *k = ctx->cipher_data;
+    DES_cblock deskey;
+    memcpy(&deskey, key, sizeof(deskey));
+    DES_set_key_unchecked(&deskey, k);
+    return 1;
+}
+
+static int
+des_cbc_do_cipher(EVP_CIPHER_CTX *ctx,
+		  unsigned char *out,
+		  const unsigned char *in,
+		  unsigned int size)
+{
+    DES_key_schedule *k = ctx->cipher_data;
+    DES_cbc_encrypt(in, out, size,
+		    k, (DES_cblock *)ctx->iv, ctx->encrypt);
+    return 1;
+}
+
+static int
+des_cbc_cleanup(EVP_CIPHER_CTX *ctx)
+{
+    memset(ctx->cipher_data, 0, sizeof(struct DES_key_schedule));
+    return 1;
+}
+
+/**
+ * The DES cipher type
+ *
+ * @return the DES-CBC EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_hcrypto_des_cbc(void)
+{
+    static const EVP_CIPHER des_cbc = {
+	0,
+	8,
+	8,
+	8,
+	EVP_CIPH_CBC_MODE,
+	des_cbc_init,
+	des_cbc_do_cipher,
+	des_cbc_cleanup,
+	sizeof(DES_key_schedule),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &des_cbc;
+}
+
+/*
+ *
+ */
+
+struct des_ede3_cbc {
+    DES_key_schedule ks[3];
+};
+
+static int
+des_ede3_cbc_init(EVP_CIPHER_CTX *ctx,
+		  const unsigned char * key,
+		  const unsigned char * iv,
+		  int encp)
+{
+    struct des_ede3_cbc *k = ctx->cipher_data;
+    DES_cblock deskey;
+
+    memcpy(&deskey, key, sizeof(deskey));
+    DES_set_odd_parity(&deskey);
+    DES_set_key_unchecked(&deskey, &k->ks[0]);
+
+    memcpy(&deskey, key + 8, sizeof(deskey));
+    DES_set_odd_parity(&deskey);
+    DES_set_key_unchecked(&deskey, &k->ks[1]);
+
+    memcpy(&deskey, key + 16, sizeof(deskey));
+    DES_set_odd_parity(&deskey);
+    DES_set_key_unchecked(&deskey, &k->ks[2]);
+
+    return 1;
+}
+
+static int
+des_ede3_cbc_do_cipher(EVP_CIPHER_CTX *ctx,
+		       unsigned char *out,
+		       const unsigned char *in,
+		       unsigned int size)
+{
+    struct des_ede3_cbc *k = ctx->cipher_data;
+    DES_ede3_cbc_encrypt(in, out, size,
+			 &k->ks[0], &k->ks[1], &k->ks[2],
+			 (DES_cblock *)ctx->iv, ctx->encrypt);
+    return 1;
+}
+
+static int
+des_ede3_cbc_cleanup(EVP_CIPHER_CTX *ctx)
+{
+    memset(ctx->cipher_data, 0, sizeof(struct des_ede3_cbc));
+    return 1;
+}
+
+/**
+ * The tripple DES cipher type - hcrypto
+ *
+ * @return the DES-EDE3-CBC EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_hcrypto_des_ede3_cbc(void)
+{
+    static const EVP_CIPHER des_ede3_cbc = {
+	0,
+	8,
+	24,
+	8,
+	EVP_CIPH_CBC_MODE,
+	des_ede3_cbc_init,
+	des_ede3_cbc_do_cipher,
+	des_ede3_cbc_cleanup,
+	sizeof(struct des_ede3_cbc),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &des_ede3_cbc;
+}
+
+/*
+ *
+ */
+
+struct rc2_cbc {
+    unsigned int maximum_effective_key;
+    RC2_KEY key;
+};
+
+static int
+rc2_init(EVP_CIPHER_CTX *ctx,
+	 const unsigned char * key,
+	 const unsigned char * iv,
+	 int encp)
+{
+    struct rc2_cbc *k = ctx->cipher_data;
+    k->maximum_effective_key = EVP_CIPHER_CTX_key_length(ctx) * 8;
+    RC2_set_key(&k->key,
+		EVP_CIPHER_CTX_key_length(ctx),
+		key,
+		k->maximum_effective_key);
+    return 1;
+}
+
+static int
+rc2_do_cipher(EVP_CIPHER_CTX *ctx,
+	      unsigned char *out,
+	      const unsigned char *in,
+	      unsigned int size)
+{
+    struct rc2_cbc *k = ctx->cipher_data;
+    RC2_cbc_encrypt(in, out, size, &k->key, ctx->iv, ctx->encrypt);
+    return 1;
+}
+
+static int
+rc2_cleanup(EVP_CIPHER_CTX *ctx)
+{
+    memset(ctx->cipher_data, 0, sizeof(struct rc2_cbc));
+    return 1;
+}
+
+/**
+ * The RC2 cipher type - hcrypto
+ *
+ * @return the RC2 EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_hcrypto_rc2_cbc(void)
+{
+    static const EVP_CIPHER rc2_cbc = {
+	0,
+	RC2_BLOCK_SIZE,
+	RC2_KEY_LENGTH,
+	RC2_BLOCK_SIZE,
+	EVP_CIPH_CBC_MODE,
+	rc2_init,
+	rc2_do_cipher,
+	rc2_cleanup,
+	sizeof(struct rc2_cbc),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &rc2_cbc;
+}
+
+/**
+ * The RC2-40 cipher type
+ *
+ * @return the RC2-40 EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_hcrypto_rc2_40_cbc(void)
+{
+    static const EVP_CIPHER rc2_40_cbc = {
+	0,
+	RC2_BLOCK_SIZE,
+	5,
+	RC2_BLOCK_SIZE,
+	EVP_CIPH_CBC_MODE,
+	rc2_init,
+	rc2_do_cipher,
+	rc2_cleanup,
+	sizeof(struct rc2_cbc),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &rc2_40_cbc;
+}
+
+/**
+ * The RC2-64 cipher type
+ *
+ * @return the RC2-64 EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_hcrypto_rc2_64_cbc(void)
+{
+    static const EVP_CIPHER rc2_64_cbc = {
+	0,
+	RC2_BLOCK_SIZE,
+	8,
+	RC2_BLOCK_SIZE,
+	EVP_CIPH_CBC_MODE,
+	rc2_init,
+	rc2_do_cipher,
+	rc2_cleanup,
+	sizeof(struct rc2_cbc),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &rc2_64_cbc;
+}
+
+static int
+camellia_init(EVP_CIPHER_CTX *ctx,
+	 const unsigned char * key,
+	 const unsigned char * iv,
+	 int encp)
+{
+    CAMELLIA_KEY *k = ctx->cipher_data;
+    k->bits = ctx->cipher->key_len * 8;
+    CAMELLIA_set_key(key, ctx->cipher->key_len * 8, k);
+    return 1;
+}
+
+static int
+camellia_do_cipher(EVP_CIPHER_CTX *ctx,
+	      unsigned char *out,
+	      const unsigned char *in,
+	      unsigned int size)
+{
+    CAMELLIA_KEY *k = ctx->cipher_data;
+    CAMELLIA_cbc_encrypt(in, out, size, k, ctx->iv, ctx->encrypt);
+    return 1;
+}
+
+static int
+camellia_cleanup(EVP_CIPHER_CTX *ctx)
+{
+    memset(ctx->cipher_data, 0, sizeof(CAMELLIA_KEY));
+    return 1;
+}
+
+/**
+ * The Camellia-128 cipher type - hcrypto
+ *
+ * @return the Camellia-128 EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_hcrypto_camellia_128_cbc(void)
+{
+    static const EVP_CIPHER cipher = {
+	0,
+	16,
+	16,
+	16,
+	EVP_CIPH_CBC_MODE,
+	camellia_init,
+	camellia_do_cipher,
+	camellia_cleanup,
+	sizeof(CAMELLIA_KEY),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &cipher;
+}
+
+/**
+ * The Camellia-198 cipher type - hcrypto
+ *
+ * @return the Camellia-198 EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_hcrypto_camellia_192_cbc(void)
+{
+    static const EVP_CIPHER cipher = {
+	0,
+	16,
+	24,
+	16,
+	EVP_CIPH_CBC_MODE,
+	camellia_init,
+	camellia_do_cipher,
+	camellia_cleanup,
+	sizeof(CAMELLIA_KEY),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &cipher;
+}
+
+/**
+ * The Camellia-256 cipher type - hcrypto
+ *
+ * @return the Camellia-256 EVP_CIPHER pointer.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_CIPHER *
+EVP_hcrypto_camellia_256_cbc(void)
+{
+    static const EVP_CIPHER cipher = {
+	0,
+	16,
+	32,
+	16,
+	EVP_CIPH_CBC_MODE,
+	camellia_init,
+	camellia_do_cipher,
+	camellia_cleanup,
+	sizeof(CAMELLIA_KEY),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &cipher;
+}

lib/hcrypto/evp-hcrypto.h

@@ -0,0 +1,99 @@
+/*
+ * Copyright (c) 2009 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id$ */
+
+#ifndef HEIM_EVP_HCRYPTO_H
+#define HEIM_EVP_HCRYPTO_H 1
+
+/* symbol renaming */
+#define EVP_hcrypto_md2 hc_EVP_hcrypto_md2
+#define EVP_hcrypto_md4 hc_EVP_hcrypto_md4
+#define EVP_hcrypto_md5 hc_EVP_hcrypto_md5
+#define EVP_hcrypto_sha1 hc_EVP_hcrypto_sha1
+#define EVP_hcrypto_sha256 hc_EVP_hcrypto_sha256
+#define EVP_hcrypto_des_cbc hc_EVP_hcrypto_des_cbc
+#define EVP_hcrypto_des_ede3_cbc hc_EVP_hcrypto_des_ede3_cbc
+#define EVP_hcrypto_aes_128_cbc hc_EVP_hcrypto_aes_128_cbc
+#define EVP_hcrypto_aes_192_cbc hc_EVP_hcrypto_aes_192_cbc
+#define EVP_hcrypto_aes_256_cbc hc_EVP_hcrypto_aes_256_cbc
+#define EVP_hcrypto_aes_128_cts hc_EVP_hcrypto_aes_128_cts
+#define EVP_hcrypto_aes_192_cts hc_EVP_hcrypto_aes_192_cts
+#define EVP_hcrypto_aes_256_cts hc_EVP_hcrypto_aes_256_cts
+#define EVP_hcrypto_rc4 hc_EVP_hcrypto_rc4
+#define EVP_hcrypto_rc4_40 hc_EVP_hcrypto_rc4_40
+#define EVP_hcrypto_rc2_40_cbc hc_EVP_hcrypto_rc2_40_cbc
+#define EVP_hcrypto_rc2_64_cbc hc_EVP_hcrypto_rc2_64_cbc
+#define EVP_hcrypto_rc2_cbc hc_EVP_hcrypto_rc2_cbc
+#define EVP_hcrypto_camellia_128_cbc hc_EVP_hcrypto_camellia_128_cbc
+#define EVP_hcrypto_camellia_192_cbc hc_EVP_hcrypto_camellia_192_cbc
+#define EVP_hcrypto_camellia_256_cbc hc_EVP_hcrypto_camellia_256_cbc
+
+/*
+ *
+ */
+
+HC_CPP_BEGIN
+
+const EVP_MD * EVP_hcrypto_md2(void);
+const EVP_MD * EVP_hcrypto_md4(void);
+const EVP_MD * EVP_hcrypto_md5(void);
+const EVP_MD * EVP_hcrypto_sha1(void);
+const EVP_MD * EVP_hcrypto_sha256(void);
+
+const EVP_CIPHER * EVP_hcrypto_rc4(void);
+const EVP_CIPHER * EVP_hcrypto_rc4_40(void);
+
+const EVP_CIPHER * EVP_hcrypto_rc2_cbc(void);
+const EVP_CIPHER * EVP_hcrypto_rc2_40_cbc(void);
+const EVP_CIPHER * EVP_hcrypto_rc2_64_cbc(void);
+
+const EVP_CIPHER * EVP_hcrypto_des_cbc(void);
+const EVP_CIPHER * EVP_hcrypto_des_ede3_cbc(void);
+
+const EVP_CIPHER * EVP_hcrypto_aes_128_cbc(void);
+const EVP_CIPHER * EVP_hcrypto_aes_192_cbc(void);
+const EVP_CIPHER * EVP_hcrypto_aes_256_cbc(void);
+
+const EVP_CIPHER * EVP_hcrypto_aes_128_cts(void);
+const EVP_CIPHER * EVP_hcrypto_aes_192_cts(void);
+const EVP_CIPHER * EVP_hcrypto_aes_256_cts(void);
+
+const EVP_CIPHER * EVP_hcrypto_camellia_128_cbc(void);
+const EVP_CIPHER * EVP_hcrypto_camellia_192_cbc(void);
+const EVP_CIPHER * EVP_hcrypto_camellia_256_cbc(void);
+
+
+HC_CPP_END
+
+#endif /* HEIM_EVP_HCRYPTO_H */

lib/hcrypto/evp.c

@@ -45,17 +45,19 @@
 #include <assert.h>
 
 #include <evp.h>
+#include <evp-hcrypto.h>
+#include <evp-cc.h>
 
 #include <krb5-types.h>
 
-#include "camellia.h"
+#ifndef DEF_PROVIDER
-#include <des.h>
+#define DEF_PROVIDER hcrypto
-#include <sha.h>
+#endif
-#include <rc2.h>
+
-#include <rc4.h>
+#define HC_CONCAT4(x,y,z,aa)	x ## y ## z ## aa
-#include <md2.h>
+
-#include <md4.h>
+
-#include <md5.h>
+#define EVP_DEF_OP(_prov,_op) HC_CONCAT4(EVP_,_prov,_,_op)()
 
 /**
  * @page page_evp EVP - generic crypto interface
@@ -138,8 +140,8 @@ EVP_MD_CTX_create(void)
  * @ingroup hcrypto_evp
  */
 
-void HC_DEPRECATED
+void
-EVP_MD_CTX_init(EVP_MD_CTX *ctx)
+EVP_MD_CTX_init(EVP_MD_CTX *ctx) HC_DEPRECATED
 {
     memset(ctx, 0, sizeof(*ctx));
 }
@@ -169,8 +171,8 @@ EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
  * @ingroup hcrypto_evp
  */
 
-int HC_DEPRECATED
+int
-EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
+EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) HC_DEPRECATED
 {
     if (ctx->md && ctx->md->cleanup)
 	(ctx->md->cleanup)(ctx);
@@ -351,28 +353,9 @@ EVP_Digest(const void *data, size_t dsize, void *hash, unsigned int *hsize,
 const EVP_MD *
 EVP_sha256(void)
 {
-    static const struct hc_evp_md sha256 = {
+    return EVP_DEF_OP(DEF_PROVIDER, sha256);
-	32,
-	64,
-	sizeof(SHA256_CTX),
-	(hc_evp_md_init)SHA256_Init,
-	(hc_evp_md_update)SHA256_Update,
-	(hc_evp_md_final)SHA256_Final,
-	NULL
-    };
-    return &sha256;
 }
 
-static const struct hc_evp_md sha1 = {
-    20,
-    64,
-    sizeof(SHA_CTX),
-    (hc_evp_md_init)SHA1_Init,
-    (hc_evp_md_update)SHA1_Update,
-    (hc_evp_md_final)SHA1_Final,
-    NULL
-};
-
 /**
  * The message digest SHA1
  *
@@ -384,7 +367,7 @@ static const struct hc_evp_md sha1 = {
 const EVP_MD *
 EVP_sha1(void)
 {
-    return &sha1;
+    return EVP_DEF_OP(DEF_PROVIDER, sha1);
 }
 
 /**
@@ -396,9 +379,10 @@ EVP_sha1(void)
  */
 
 const EVP_MD *
-EVP_sha(void)
+EVP_sha(void) HC_DEPRECATED
+    
 {
-    return &sha1;
+    return EVP_sha1();
 }
 
 /**
@@ -410,18 +394,9 @@ EVP_sha(void)
  */
 
 const EVP_MD *
-EVP_md5(void)
+EVP_md5(void) HC_DEPRECATED_CRYPTO
 {
-    static const struct hc_evp_md md5 = {
+    return EVP_DEF_OP(DEF_PROVIDER, md5);
-	16,
-	64,
-	sizeof(MD5_CTX),
-	(hc_evp_md_init)MD5_Init,
-	(hc_evp_md_update)MD5_Update,
-	(hc_evp_md_final)MD5_Final,
-	NULL
-    };
-    return &md5;
 }
 
 /**
@@ -433,18 +408,9 @@ EVP_md5(void)
  */
 
 const EVP_MD *
-EVP_md4(void)
+EVP_md4(void) HC_DEPRECATED_CRYPTO
 {
-    static const struct hc_evp_md md4 = {
+    return EVP_DEF_OP(DEF_PROVIDER, md4);
-	16,
-	64,
-	sizeof(MD4_CTX),
-	(hc_evp_md_init)MD4_Init,
-	(hc_evp_md_update)MD4_Update,
-	(hc_evp_md_final)MD4_Final,
-	NULL
-    };
-    return &md4;
 }
 
 /**
@@ -456,18 +422,9 @@ EVP_md4(void)
  */
 
 const EVP_MD *
-EVP_md2(void)
+EVP_md2(void) HC_DEPRECATED_CRYPTO
 {
-    static const struct hc_evp_md md2 = {
+    return EVP_DEF_OP(DEF_PROVIDER, md2);
-	16,
-	16,
-	sizeof(MD2_CTX),
-	(hc_evp_md_init)MD2_Init,
-	(hc_evp_md_update)MD2_Update,
-	(hc_evp_md_final)MD2_Final,
-	NULL
-    };
-    return &md2;
 }
 
 /*
@@ -1005,48 +962,6 @@ EVP_enc_null(void)
     return &enc_null;
 }
 
-/*
- *
- */
-
-struct rc2_cbc {
-    unsigned int maximum_effective_key;
-    RC2_KEY key;
-};
-
-static int
-rc2_init(EVP_CIPHER_CTX *ctx,
-	 const unsigned char * key,
-	 const unsigned char * iv,
-	 int encp)
-{
-    struct rc2_cbc *k = ctx->cipher_data;
-    k->maximum_effective_key = EVP_CIPHER_CTX_key_length(ctx) * 8;
-    RC2_set_key(&k->key,
-		EVP_CIPHER_CTX_key_length(ctx),
-		key,
-		k->maximum_effective_key);
-    return 1;
-}
-
-static int
-rc2_do_cipher(EVP_CIPHER_CTX *ctx,
-	      unsigned char *out,
-	      const unsigned char *in,
-	      unsigned int size)
-{
-    struct rc2_cbc *k = ctx->cipher_data;
-    RC2_cbc_encrypt(in, out, size, &k->key, ctx->iv, ctx->encrypt);
-    return 1;
-}
-
-static int
-rc2_cleanup(EVP_CIPHER_CTX *ctx)
-{
-    memset(ctx->cipher_data, 0, sizeof(struct rc2_cbc));
-    return 1;
-}
-
 /**
  * The RC2 cipher type
  *
@@ -1058,28 +973,13 @@ rc2_cleanup(EVP_CIPHER_CTX *ctx)
 const EVP_CIPHER *
 EVP_rc2_cbc(void)
 {
-    static const EVP_CIPHER rc2_cbc = {
+    return EVP_DEF_OP(DEF_PROVIDER, rc2_cbc);
-	0,
-	RC2_BLOCK_SIZE,
-	RC2_KEY_LENGTH,
-	RC2_BLOCK_SIZE,
-	EVP_CIPH_CBC_MODE,
-	rc2_init,
-	rc2_do_cipher,
-	rc2_cleanup,
-	sizeof(struct rc2_cbc),
-	NULL,
-	NULL,
-	NULL,
-	NULL
-    };
-    return &rc2_cbc;
 }
 
 /**
- * The RC2-40 cipher type
+ * The RC2 cipher type
  *
- * @return the RC2-40 EVP_CIPHER pointer.
+ * @return the RC2 EVP_CIPHER pointer.
  *
  * @ingroup hcrypto_evp
  */
@@ -1087,28 +987,13 @@ EVP_rc2_cbc(void)
 const EVP_CIPHER *
 EVP_rc2_40_cbc(void)
 {
-    static const EVP_CIPHER rc2_40_cbc = {
+    return EVP_DEF_OP(DEF_PROVIDER, rc2_40_cbc);
-	0,
-	RC2_BLOCK_SIZE,
-	5,
-	RC2_BLOCK_SIZE,
-	EVP_CIPH_CBC_MODE,
-	rc2_init,
-	rc2_do_cipher,
-	rc2_cleanup,
-	sizeof(struct rc2_cbc),
-	NULL,
-	NULL,
-	NULL,
-	NULL
-    };
-    return &rc2_40_cbc;
 }
 
 /**
- * The RC2-64 cipher type
+ * The RC2 cipher type
  *
- * @return the RC2-64 EVP_CIPHER pointer.
+ * @return the RC2 EVP_CIPHER pointer.
  *
  * @ingroup hcrypto_evp
  */
@@ -1116,22 +1001,7 @@ EVP_rc2_40_cbc(void)
 const EVP_CIPHER *
 EVP_rc2_64_cbc(void)
 {
-    static const EVP_CIPHER rc2_64_cbc = {
+    return EVP_DEF_OP(DEF_PROVIDER, rc2_64_cbc);
-	0,
-	RC2_BLOCK_SIZE,
-	8,
-	RC2_BLOCK_SIZE,
-	EVP_CIPH_CBC_MODE,
-	rc2_init,
-	rc2_do_cipher,
-	rc2_cleanup,
-	sizeof(struct rc2_cbc),
-	NULL,
-	NULL,
-	NULL,
-	NULL
-    };
-    return &rc2_64_cbc;
 }
 
 /**
@@ -1145,9 +1015,7 @@ EVP_rc2_64_cbc(void)
 const EVP_CIPHER *
 EVP_rc4(void)
 {
-    printf("evp rc4\n");
+    return EVP_DEF_OP(DEF_PROVIDER, rc4);
-    abort();
-    return NULL;
 }
 
 /**
@@ -1161,45 +1029,7 @@ EVP_rc4(void)
 const EVP_CIPHER *
 EVP_rc4_40(void)
 {
-    printf("evp rc4_40\n");
+    return EVP_DEF_OP(DEF_PROVIDER, rc4_40);
-    abort();
-    return NULL;
-}
-
-/*
- *
- */
-
-static int
-des_cbc_init(EVP_CIPHER_CTX *ctx,
-	     const unsigned char * key,
-	     const unsigned char * iv,
-	     int encp)
-{
-    DES_key_schedule *k = ctx->cipher_data;
-    DES_cblock deskey;
-    memcpy(&deskey, key, sizeof(deskey));
-    DES_set_key_unchecked(&deskey, k);
-    return 1;
-}
-
-static int
-des_cbc_do_cipher(EVP_CIPHER_CTX *ctx,
-		  unsigned char *out,
-		  const unsigned char *in,
-		  unsigned int size)
-{
-    DES_key_schedule *k = ctx->cipher_data;
-    DES_cbc_encrypt(in, out, size,
-		    k, (DES_cblock *)ctx->iv, ctx->encrypt);
-    return 1;
-}
-
-static int
-des_cbc_cleanup(EVP_CIPHER_CTX *ctx)
-{
-    memset(ctx->cipher_data, 0, sizeof(struct DES_key_schedule));
-    return 1;
 }
 
 /**
@@ -1213,74 +1043,7 @@ des_cbc_cleanup(EVP_CIPHER_CTX *ctx)
 const EVP_CIPHER *
 EVP_des_cbc(void)
 {
-    static const EVP_CIPHER des_ede3_cbc = {
+    return EVP_DEF_OP(DEF_PROVIDER, des_cbc);
-	0,
-	8,
-	8,
-	8,
-	EVP_CIPH_CBC_MODE,
-	des_cbc_init,
-	des_cbc_do_cipher,
-	des_cbc_cleanup,
-	sizeof(DES_key_schedule),
-	NULL,
-	NULL,
-	NULL,
-	NULL
-    };
-    return &des_ede3_cbc;
-}
-
-/*
- *
- */
-
-struct des_ede3_cbc {
-    DES_key_schedule ks[3];
-};
-
-static int
-des_ede3_cbc_init(EVP_CIPHER_CTX *ctx,
-		  const unsigned char * key,
-		  const unsigned char * iv,
-		  int encp)
-{
-    struct des_ede3_cbc *k = ctx->cipher_data;
-    DES_cblock deskey;
-
-    memcpy(&deskey, key, sizeof(deskey));
-    DES_set_odd_parity(&deskey);
-    DES_set_key_unchecked(&deskey, &k->ks[0]);
-
-    memcpy(&deskey, key + 8, sizeof(deskey));
-    DES_set_odd_parity(&deskey);
-    DES_set_key_unchecked(&deskey, &k->ks[1]);
-
-    memcpy(&deskey, key + 16, sizeof(deskey));
-    DES_set_odd_parity(&deskey);
-    DES_set_key_unchecked(&deskey, &k->ks[2]);
-
-    return 1;
-}
-
-static int
-des_ede3_cbc_do_cipher(EVP_CIPHER_CTX *ctx,
-		       unsigned char *out,
-		       const unsigned char *in,
-		       unsigned int size)
-{
-    struct des_ede3_cbc *k = ctx->cipher_data;
-    DES_ede3_cbc_encrypt(in, out, size,
-			 &k->ks[0], &k->ks[1], &k->ks[2],
-			 (DES_cblock *)ctx->iv, ctx->encrypt);
-    return 1;
-}
-
-static int
-des_ede3_cbc_cleanup(EVP_CIPHER_CTX *ctx)
-{
-    memset(ctx->cipher_data, 0, sizeof(struct des_ede3_cbc));
-    return 1;
 }
 
 /**
@@ -1294,22 +1057,7 @@ des_ede3_cbc_cleanup(EVP_CIPHER_CTX *ctx)
 const EVP_CIPHER *
 EVP_des_ede3_cbc(void)
 {
-    static const EVP_CIPHER des_ede3_cbc = {
+    return EVP_DEF_OP(DEF_PROVIDER, des_ede3_cbc);
-	0,
-	8,
-	24,
-	8,
-	EVP_CIPH_CBC_MODE,
-	des_ede3_cbc_init,
-	des_ede3_cbc_do_cipher,
-	des_ede3_cbc_cleanup,
-	sizeof(struct des_ede3_cbc),
-	NULL,
-	NULL,
-	NULL,
-	NULL
-    };
-    return &des_ede3_cbc;
 }
 
 /**
@@ -1323,7 +1071,7 @@ EVP_des_ede3_cbc(void)
 const EVP_CIPHER *
 EVP_aes_128_cbc(void)
 {
-    return EVP_hcrypto_aes_128_cbc();
+    return EVP_DEF_OP(DEF_PROVIDER, aes_128_cbc);
 }
 
 /**
@@ -1337,7 +1085,7 @@ EVP_aes_128_cbc(void)
 const EVP_CIPHER *
 EVP_aes_192_cbc(void)
 {
-    return EVP_hcrypto_aes_192_cbc();
+    return EVP_DEF_OP(DEF_PROVIDER, aes_192_cbc);
 }
 
 /**
@@ -1351,37 +1099,7 @@ EVP_aes_192_cbc(void)
 const EVP_CIPHER *
 EVP_aes_256_cbc(void)
 {
-    return EVP_hcrypto_aes_256_cbc();
+    return EVP_DEF_OP(DEF_PROVIDER, aes_256_cbc);
-}
-
-static int
-camellia_init(EVP_CIPHER_CTX *ctx,
-	 const unsigned char * key,
-	 const unsigned char * iv,
-	 int encp)
-{
-    CAMELLIA_KEY *k = ctx->cipher_data;
-    k->bits = ctx->cipher->key_len * 8;
-    CAMELLIA_set_key(key, ctx->cipher->key_len * 8, k);
-    return 1;
-}
-
-static int
-camellia_do_cipher(EVP_CIPHER_CTX *ctx,
-	      unsigned char *out,
-	      const unsigned char *in,
-	      unsigned int size)
-{
-    CAMELLIA_KEY *k = ctx->cipher_data;
-    CAMELLIA_cbc_encrypt(in, out, size, k, ctx->iv, ctx->encrypt);
-    return 1;
-}
-
-static int
-camellia_cleanup(EVP_CIPHER_CTX *ctx)
-{
-    memset(ctx->cipher_data, 0, sizeof(CAMELLIA_KEY));
-    return 1;
 }
 
 /**
@@ -1395,22 +1113,7 @@ camellia_cleanup(EVP_CIPHER_CTX *ctx)
 const EVP_CIPHER *
 EVP_camellia_128_cbc(void)
 {
-    static const EVP_CIPHER cipher = {
+    return EVP_DEF_OP(DEF_PROVIDER, camellia_128_cbc);
-	0,
-	16,
-	16,
-	16,
-	EVP_CIPH_CBC_MODE,
-	camellia_init,
-	camellia_do_cipher,
-	camellia_cleanup,
-	sizeof(CAMELLIA_KEY),
-	NULL,
-	NULL,
-	NULL,
-	NULL
-    };
-    return &cipher;
 }
 
 /**
@@ -1424,22 +1127,7 @@ EVP_camellia_128_cbc(void)
 const EVP_CIPHER *
 EVP_camellia_192_cbc(void)
 {
-    static const EVP_CIPHER cipher = {
+    return EVP_DEF_OP(DEF_PROVIDER, camellia_192_cbc);
-	0,
-	16,
-	24,
-	16,
-	EVP_CIPH_CBC_MODE,
-	camellia_init,
-	camellia_do_cipher,
-	camellia_cleanup,
-	sizeof(CAMELLIA_KEY),
-	NULL,
-	NULL,
-	NULL,
-	NULL
-    };
-    return &cipher;
 }
 
 /**
@@ -1453,22 +1141,7 @@ EVP_camellia_192_cbc(void)
 const EVP_CIPHER *
 EVP_camellia_256_cbc(void)
 {
-    static const EVP_CIPHER cipher = {
+    return EVP_DEF_OP(DEF_PROVIDER, camellia_256_cbc);
-	0,
-	16,
-	32,
-	16,
-	EVP_CIPH_CBC_MODE,
-	camellia_init,
-	camellia_do_cipher,
-	camellia_cleanup,
-	sizeof(CAMELLIA_KEY),
-	NULL,
-	NULL,
-	NULL,
-	NULL
-    };
-    return &cipher;
 }
 
 /*

lib/hcrypto/evp.h

@@ -74,12 +74,7 @@
 #define EVP_aes_128_cbc hc_EVP_aes_128_cbc
 #define EVP_aes_192_cbc hc_EVP_aes_192_cbc
 #define EVP_aes_256_cbc hc_EVP_aes_256_cbc
-#define EVP_hcrypto_aes_128_cbc hc_EVP_hcrypto_aes_128_cbc
+
-#define EVP_hcrypto_aes_192_cbc hc_EVP_hcrypto_aes_192_cbc
-#define EVP_hcrypto_aes_256_cbc hc_EVP_hcrypto_aes_256_cbc
-#define EVP_hcrypto_aes_128_cts hc_EVP_hcrypto_aes_128_cts
-#define EVP_hcrypto_aes_192_cts hc_EVP_hcrypto_aes_192_cts
-#define EVP_hcrypto_aes_256_cts hc_EVP_hcrypto_aes_256_cts
 #define EVP_des_cbc hc_EVP_des_cbc
 #define EVP_des_ede3_cbc hc_EVP_des_ede3_cbc
 #define EVP_enc_null hc_EVP_enc_null
@@ -203,11 +198,16 @@ struct hc_evp_md {
 #define HC_DEPRECATED_CRYPTO HC_DEPRECATED
 #endif
 
-
+#ifdef __cplusplus
-#ifdef  __cplusplus
+#define HC_CPP_BEGIN extern "C" {
-extern "C" {
+#define HC_CPP_END }
+#else
+#define HC_CPP_BEGIN
+#define HC_CPP_END
 #endif
 
+HC_CPP_BEGIN
+
 /*
  * Avaible crypto algs
  */
@@ -216,19 +216,13 @@ const EVP_MD *EVP_md_null(void);
 const EVP_MD *EVP_md2(void) HC_DEPRECATED_CRYPTO;
 const EVP_MD *EVP_md4(void) HC_DEPRECATED_CRYPTO;
 const EVP_MD *EVP_md5(void) HC_DEPRECATED_CRYPTO;
-const EVP_MD *EVP_sha(void);
+const EVP_MD *EVP_sha(void) HC_DEPRECATED;
 const EVP_MD *EVP_sha1(void);
 const EVP_MD *EVP_sha256(void);
 
 const EVP_CIPHER * EVP_aes_128_cbc(void);
 const EVP_CIPHER * EVP_aes_192_cbc(void);
 const EVP_CIPHER * EVP_aes_256_cbc(void);
-const EVP_CIPHER * EVP_hcrypto_aes_128_cbc(void);
-const EVP_CIPHER * EVP_hcrypto_aes_192_cbc(void);
-const EVP_CIPHER * EVP_hcrypto_aes_256_cbc(void);
-const EVP_CIPHER * EVP_hcrypto_aes_128_cts(void);
-const EVP_CIPHER * EVP_hcrypto_aes_192_cts(void);
-const EVP_CIPHER * EVP_hcrypto_aes_256_cts(void);
 const EVP_CIPHER * EVP_des_cbc(void) HC_DEPRECATED_CRYPTO;
 const EVP_CIPHER * EVP_des_ede3_cbc(void);
 const EVP_CIPHER * EVP_enc_null(void);
@@ -241,10 +235,6 @@ const EVP_CIPHER * EVP_camellia_128_cbc(void);
 const EVP_CIPHER * EVP_camellia_192_cbc(void);
 const EVP_CIPHER * EVP_camellia_256_cbc(void);
 
-/*
- *
- */
-
 size_t	EVP_MD_size(const EVP_MD *);
 size_t	EVP_MD_block_size(const EVP_MD *);
 
@@ -318,8 +308,6 @@ void	OpenSSL_add_all_algorithms(void);
 void	OpenSSL_add_all_algorithms_conf(void);
 void	OpenSSL_add_all_algorithms_noconf(void);
 
-#ifdef  __cplusplus
+HC_CPP_END
-}
-#endif
 
 #endif /* HEIM_EVP_H */

lib/hcrypto/test_cipher.c

@@ -44,6 +44,8 @@
 #include <roken.h>
 
 #include <evp.h>
+#include <evp-hcrypto.h>
+#include <evp-cc.h>
 #include <hex.h>
 #include <err.h>
 
@@ -359,6 +361,11 @@ test_cipher(int i, const EVP_CIPHER *c, struct tests *t)
     EVP_CIPHER_CTX dctx;
     void *d;
 
+    if (c == NULL) {
+	printf("%s not supported\n", t->name);
+	return 0;
+    }
+
     EVP_CIPHER_CTX_init(&ectx);
     EVP_CIPHER_CTX_init(&dctx);
 
@@ -445,6 +452,10 @@ main(int argc, char **argv)
 	ret += test_cipher(i, EVP_hcrypto_aes_256_cts(), &aes_256_cts_tests[i]);
     for (i = 0; i < sizeof(aes_tests)/sizeof(aes_tests[0]); i++)
 	ret += test_cipher(i, EVP_aes_256_cbc(), &aes_tests[i]);
+#ifdef __APPLE__
+    for (i = 0; i < sizeof(aes_tests)/sizeof(aes_tests[0]); i++)
+	ret += test_cipher(i, EVP_cc_aes_256_cbc(), &aes_tests[i]);
+#endif
     for (i = 0; i < sizeof(rc2_40_tests)/sizeof(rc2_40_tests[0]); i++)
 	ret += test_cipher(i, EVP_rc2_40_cbc(), &rc2_40_tests[i]);
     for (i = 0; i < sizeof(des_ede3_tests)/sizeof(des_ede3_tests[0]); i++)

lib/hcrypto/version-script.map

@@ -141,12 +141,6 @@ HEIMDAL_CRYPTO_1.0 {
 		hc_EVP_aes_128_cbc;
 		hc_EVP_aes_192_cbc;
 		hc_EVP_aes_256_cbc;
-		hc_EVP_hcrypto_aes_128_cbc;
-		hc_EVP_hcrypto_aes_192_cbc;
-		hc_EVP_hcrypto_aes_256_cbc;
-		hc_EVP_hcrypto_aes_cts_128_cbc;
-		hc_EVP_hcrypto_aes_cts_192_cbc;
-		hc_EVP_hcrypto_aes_cts_256_cbc;
 		hc_EVP_des_cbc;
 		hc_EVP_des_ede3_cbc;
 		hc_EVP_camellia_128_cbc;
@@ -166,6 +160,33 @@ HEIMDAL_CRYPTO_1.0 {
 		hc_EVP_sha;
 		hc_EVP_sha1;
 		hc_EVP_sha256;
+
+		hc_EVP_cc_md2;
+		hc_EVP_cc_md4;
+		hc_EVP_cc_md5;
+		hc_EVP_cc_sha1;
+		hc_EVP_cc_sha256;
+		hc_EVP_cc_des_ede3_cbc;
+		hc_EVP_cc_aes_128_cbc;
+		hc_EVP_cc_aes_192_cbc;
+		hc_EVP_cc_aes_256_cbc;
+
+		hc_EVP_hcrypto_md2;
+		hc_EVP_hcrypto_md4;
+		hc_EVP_hcrypto_md5;
+		hc_EVP_hcrypto_sha1;
+		hc_EVP_hcrypto_sha256;
+		hc_EVP_hcrypto_des_ede3_cbc;
+		hc_EVP_hcrypto_aes_128_cbc;
+		hc_EVP_hcrypto_aes_192_cbc;
+		hc_EVP_hcrypto_aes_256_cbc;
+		hc_EVP_hcrypto_rc4;
+		hc_EVP_hcrypto_rc4_40;
+
+		hc_EVP_hcrypto_aes_cts_128_cbc;
+		hc_EVP_hcrypto_aes_cts_192_cbc;
+		hc_EVP_hcrypto_aes_cts_256_cbc;
+
 		hc_HMAC;
 		hc_HMAC_CTX_cleanup;
 		hc_HMAC_CTX_init;