/* * %CopyrightBegin% * * Copyright Ericsson AB 2010-2018. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * * %CopyrightEnd% */ #include "block.h" #include "aes.h" #include "cipher.h" ERL_NIF_TERM block_crypt_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) {/* (Type, Key, Ivec, Text, IsEncrypt) or (Type, Key, Text, IsEncrypt) */ struct cipher_type_t *cipherp = NULL; const EVP_CIPHER *cipher; ErlNifBinary key, ivec, text; EVP_CIPHER_CTX *ctx = NULL; ERL_NIF_TERM ret; unsigned char *out; int ivec_size, out_size = 0; int cipher_len; if (argc != 4 && argc != 5) goto bad_arg; if (!enif_inspect_iolist_as_binary(env, argv[1], &key)) goto bad_arg; if (key.size > INT_MAX) goto bad_arg; if ((cipherp = get_cipher_type(argv[0], key.size)) == NULL) goto bad_arg; if (!enif_inspect_iolist_as_binary(env, argv[argc - 2], &text)) goto bad_arg; if (text.size > INT_MAX) goto bad_arg; if ((cipher = cipherp->cipher.p) == NULL) return enif_raise_exception(env, atom_notsup); if (argv[0] == atom_aes_cfb8 && (key.size == 24 || key.size == 32)) { /* Why do EVP_CIPHER_CTX_set_key_length() fail on these key sizes? * Fall back on low level API */ return aes_cfb_8_crypt(env, argc-1, argv+1); } else if (argv[0] == atom_aes_cfb128 && (key.size == 24 || key.size == 32)) { /* Why do EVP_CIPHER_CTX_set_key_length() fail on these key sizes? * Fall back on low level API */ return aes_cfb_128_crypt_nif(env, argc-1, argv+1); } ivec_size = EVP_CIPHER_iv_length(cipher); #ifdef HAVE_ECB_IVEC_BUG if (argv[0] == atom_aes_ecb || argv[0] == atom_blowfish_ecb || argv[0] == atom_des_ecb) ivec_size = 0; /* 0.9.8l returns faulty ivec_size */ #endif if (ivec_size < 0) goto bad_arg; if ((cipher_len = EVP_CIPHER_block_size(cipher)) < 0) goto bad_arg; if (text.size % (size_t)cipher_len != 0) goto bad_arg; if (ivec_size == 0) { if (argc != 4) goto bad_arg; } else { if (argc != 5) goto bad_arg; if (!enif_inspect_iolist_as_binary(env, argv[2], &ivec)) goto bad_arg; if (ivec.size != (size_t)ivec_size) goto bad_arg; } if ((out = enif_make_new_binary(env, text.size, &ret)) == NULL) goto err; if ((ctx = EVP_CIPHER_CTX_new()) == NULL) goto err; if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, (argv[argc - 1] == atom_true))) goto err; if (!EVP_CIPHER_CTX_set_key_length(ctx, (int)key.size)) goto err; if (EVP_CIPHER_type(cipher) == NID_rc2_cbc) { if (key.size > INT_MAX / 8) goto err; if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC2_KEY_BITS, (int)key.size * 8, NULL)) goto err; } if (!EVP_CipherInit_ex(ctx, NULL, NULL, key.data, ivec_size ? ivec.data : NULL, -1)) goto err; if (!EVP_CIPHER_CTX_set_padding(ctx, 0)) goto err; /* OpenSSL 0.9.8h asserts text.size > 0 */ if (text.size > 0) { if (!EVP_CipherUpdate(ctx, out, &out_size, text.data, (int)text.size)) goto err; if (ASSERT(out_size == text.size), 0) goto err; if (!EVP_CipherFinal_ex(ctx, out + out_size, &out_size)) goto err; } ASSERT(out_size == 0); CONSUME_REDS(env, text); goto done; bad_arg: ret = enif_make_badarg(env); goto done; err: ret = enif_raise_exception(env, atom_notsup); done: if (ctx) EVP_CIPHER_CTX_free(ctx); return ret; }