1/*
2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <stdio.h>
11#include "internal/cryptlib.h"
12#include <openssl/rand.h>
13#include <openssl/rsa.h>
14#include <openssl/evp.h>
15#include <openssl/objects.h>
16#include <openssl/x509.h>
17
18int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
19 unsigned char **ek, int *ekl, unsigned char *iv,
20 EVP_PKEY **pubk, int npubk)
21{
22 unsigned char key[EVP_MAX_KEY_LENGTH];
23 int i;
24 int rv = 0;
25
26 if (type) {
27 EVP_CIPHER_CTX_reset(ctx);
28 if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL))
29 return 0;
30 }
31 if ((npubk <= 0) || !pubk)
32 return 1;
33 if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
34 return 0;
35
36 if (EVP_CIPHER_CTX_iv_length(ctx)
37 && RAND_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx)) <= 0)
38 goto err;
39
40 if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
41 goto err;
42
43 for (i = 0; i < npubk; i++) {
44 ekl[i] =
45 EVP_PKEY_encrypt_old(ek[i], key, EVP_CIPHER_CTX_key_length(ctx),
46 pubk[i]);
47 if (ekl[i] <= 0) {
48 rv = -1;
49 goto err;
50 }
51 }
52 rv = npubk;
53err:
54 OPENSSL_cleanse(key, sizeof(key));
55 return rv;
56}
57
58int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
59{
60 int i;
61 i = EVP_EncryptFinal_ex(ctx, out, outl);
62 if (i)
63 i = EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, NULL);
64 return i;
65}
66