diff --git a/crypto-openssl-10.cpp b/crypto-openssl-10.cpp index f0f2c53..36b66b2 100644 --- a/crypto-openssl-10.cpp +++ b/crypto-openssl-10.cpp @@ -46,75 +46,85 @@ void init_crypto () { - ERR_load_crypto_strings(); + ERR_load_crypto_strings(); } struct Aes_ecb_encryptor::Aes_impl { - AES_KEY key; + EVP_CIPHER_CTX *ctx; }; Aes_ecb_encryptor::Aes_ecb_encryptor (const unsigned char* raw_key) : impl(new Aes_impl) { - if (AES_set_encrypt_key(raw_key, KEY_LEN * 8, &(impl->key)) != 0) { - throw Crypto_error("Aes_ctr_encryptor::Aes_ctr_encryptor", "AES_set_encrypt_key failed"); - } + impl->ctx = EVP_CIPHER_CTX_new(); + if (!EVP_EncryptInit_ex(impl->ctx, EVP_aes_256_ecb(), nullptr, raw_key, nullptr)) { + throw Crypto_error("Aes_ecb_encryptor::Aes_ecb_encryptor", "EVP_EncryptInit_ex failed"); + } } Aes_ecb_encryptor::~Aes_ecb_encryptor () { - // Note: Explicit destructor necessary because class contains an unique_ptr - // which contains an incomplete type when the unique_ptr is declared. + // Note: Explicit destructor necessary because class contains a unique_ptr + // which contains an incomplete type when the unique_ptr is declared. - explicit_memset(&impl->key, '\0', sizeof(impl->key)); + EVP_CIPHER_CTX_free(impl->ctx); } void Aes_ecb_encryptor::encrypt(const unsigned char* plain, unsigned char* cipher) { - AES_encrypt(plain, cipher, &(impl->key)); + int outlen; + if (!EVP_EncryptUpdate(impl->ctx, cipher, &outlen, plain, AES_BLOCK_SIZE) || outlen != AES_BLOCK_SIZE) { + throw Crypto_error("Aes_ecb_encryptor::encrypt", "EVP_EncryptUpdate failed"); + } } struct Hmac_sha1_state::Hmac_impl { - HMAC_CTX ctx; + EVP_MD_CTX *ctx; + EVP_PKEY *pkey; }; Hmac_sha1_state::Hmac_sha1_state (const unsigned char* key, size_t key_len) : impl(new Hmac_impl) { - HMAC_Init(&(impl->ctx), key, key_len, EVP_sha1()); + impl->ctx = EVP_MD_CTX_new(); + impl->pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, nullptr, key, key_len); + if (!impl->ctx || !impl->pkey || + !EVP_DigestSignInit(impl->ctx, nullptr, EVP_sha1(), nullptr, impl->pkey)) { + throw Crypto_error("Hmac_sha1_state::Hmac_sha1_state", "EVP_DigestSignInit failed"); + } } Hmac_sha1_state::~Hmac_sha1_state () { - // Note: Explicit destructor necessary because class contains an unique_ptr - // which contains an incomplete type when the unique_ptr is declared. + // Note: Explicit destructor necessary because class contains a unique_ptr + // which contains an incomplete type when the unique_ptr is declared. - HMAC_cleanup(&(impl->ctx)); + EVP_MD_CTX_free(impl->ctx); + EVP_PKEY_free(impl->pkey); } void Hmac_sha1_state::add (const unsigned char* buffer, size_t buffer_len) { - HMAC_Update(&(impl->ctx), buffer, buffer_len); + EVP_DigestSignUpdate(impl->ctx, buffer, buffer_len); } void Hmac_sha1_state::get (unsigned char* digest) { - unsigned int len; - HMAC_Final(&(impl->ctx), digest, &len); + size_t len; + EVP_DigestSignFinal(impl->ctx, digest, &len); } - void random_bytes (unsigned char* buffer, size_t len) { - if (RAND_bytes(buffer, len) != 1) { - std::ostringstream message; - while (unsigned long code = ERR_get_error()) { - char error_string[120]; - ERR_error_string_n(code, error_string, sizeof(error_string)); - message << "OpenSSL Error: " << error_string << "; "; - } - throw Crypto_error("random_bytes", message.str()); - } + if (RAND_bytes(buffer, len) != 1) { + std::ostringstream message; + while (unsigned long code = ERR_get_error()) { + char error_string[120]; + ERR_error_string_n(code, error_string, sizeof(error_string)); + message << "OpenSSL Error: " << error_string << "; "; + } + throw Crypto_error("random_bytes", message.str()); + } } #endif