5#include <openssl/evp.h>
6#include <openssl/aes.h>
7#include <openssl/ssl.h>
10#define KEY_SIZE_24B 24
11#define KEY_SIZE_32B 32
16 ctx = EVP_CIPHER_CTX_new();
17 EVP_CIPHER_CTX_init(ctx);
23 EVP_CIPHER_CTX_cleanup(ctx);
24 EVP_CIPHER_CTX_free(ctx);
27bool EvpAES::ecb_encrypt(
const QByteArray &in, QByteArray &out,
28 const QByteArray &key,
bool enc)
31 Q_ASSERT(key.size() == KEY_SIZE_16B
32 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
35 const EVP_CIPHER * cipher =
nullptr;
36 if (key.size() == KEY_SIZE_16B)
38 cipher = EVP_aes_128_ecb();
40 else if (key.size() == KEY_SIZE_24B)
42 cipher = EVP_aes_192_ecb();
46 cipher = EVP_aes_256_ecb();
50 return encrypt(in, out, key, QByteArray(), cipher, enc);
53bool EvpAES::cbc_encrypt(
const QByteArray &in, QByteArray &out,
54 const QByteArray &key,
const QByteArray &ivec,
bool enc)
57 Q_ASSERT(key.size() == KEY_SIZE_16B
58 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
59 Q_ASSERT(ivec.size() == KEY_SIZE_16B);
62 const EVP_CIPHER * cipher =
nullptr;
63 if (key.size() == KEY_SIZE_16B)
65 cipher = EVP_aes_128_cbc();
67 else if (key.size() == KEY_SIZE_24B)
69 cipher = EVP_aes_192_cbc();
73 cipher = EVP_aes_256_cbc();
77 return encrypt(in, out, key, ivec, cipher, enc);
80bool EvpAES::cfb1_encrypt(
const QByteArray &in, QByteArray &out,
81 const QByteArray &key,
const QByteArray &ivec,
bool enc)
84 Q_ASSERT(key.size() == KEY_SIZE_16B
85 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
86 Q_ASSERT(ivec.size() == KEY_SIZE_16B);
89 const EVP_CIPHER * cipher =
nullptr;
90 if (key.size() == KEY_SIZE_16B)
92 cipher = EVP_aes_128_cfb1();
94 else if (key.size() == KEY_SIZE_24B)
96 cipher = EVP_aes_192_cfb1();
100 cipher = EVP_aes_256_cfb1();
104 return encrypt(in, out, key, ivec, cipher, enc);
107bool EvpAES::cfb8_encrypt(
const QByteArray &in, QByteArray &out,
108 const QByteArray &key,
const QByteArray &ivec,
bool enc)
111 Q_ASSERT(key.size() == KEY_SIZE_16B
112 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
113 Q_ASSERT(ivec.size() == KEY_SIZE_16B);
116 const EVP_CIPHER * cipher =
nullptr;
117 if (key.size() == KEY_SIZE_16B)
119 cipher = EVP_aes_128_cfb8();
121 else if (key.size() == KEY_SIZE_24B)
123 cipher = EVP_aes_192_cfb8();
127 cipher = EVP_aes_256_cfb8();
131 return encrypt(in, out, key, ivec, cipher, enc);
134bool EvpAES::cfb128_encrypt(
const QByteArray &in, QByteArray &out,
135 const QByteArray &key,
const QByteArray &ivec,
bool enc)
138 Q_ASSERT(key.size() == KEY_SIZE_16B
139 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
140 Q_ASSERT(ivec.size() == KEY_SIZE_16B);
143 const EVP_CIPHER * cipher =
nullptr;
144 if (key.size() == KEY_SIZE_16B)
146 cipher = EVP_aes_128_cfb128();
148 else if (key.size() == KEY_SIZE_24B)
150 cipher = EVP_aes_192_cfb128();
154 cipher = EVP_aes_256_cfb128();
158 return encrypt(in, out, key, ivec, cipher, enc);
161bool EvpAES::ofb128_encrypt(
const QByteArray &in, QByteArray &out,
162 const QByteArray &key,
const QByteArray &ivec,
bool enc)
165 Q_ASSERT(key.size() == KEY_SIZE_16B
166 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
167 Q_ASSERT(ivec.size() == KEY_SIZE_16B);
170 const EVP_CIPHER * cipher =
nullptr;
171 if (key.size() == KEY_SIZE_16B)
173 cipher = EVP_aes_128_ofb();
175 else if (key.size() == KEY_SIZE_24B)
177 cipher = EVP_aes_192_ofb();
181 cipher = EVP_aes_256_ofb();
185 return encrypt(in, out, key, ivec, cipher, enc);
188bool EvpAES::ctr_encrypt(
const QByteArray &in, QByteArray &out,
189 const QByteArray &key,
const QByteArray &ivec,
bool enc)
192 Q_ASSERT(key.size() == KEY_SIZE_16B
193 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
194 Q_ASSERT(ivec.size() == KEY_SIZE_16B);
197 const EVP_CIPHER * cipher =
nullptr;
198 if (key.size() == KEY_SIZE_16B)
200 cipher = EVP_aes_128_ctr();
202 else if (key.size() == KEY_SIZE_24B)
204 cipher = EVP_aes_192_ctr();
208 cipher = EVP_aes_256_ctr();
212 return encrypt(in, out, key, ivec, cipher, enc);
215bool EvpAES::gcm_encrypt(
const QByteArray &in, QByteArray &out,
216 const QByteArray &key,
const QByteArray &ivec,
bool enc)
219 Q_ASSERT(key.size() == KEY_SIZE_16B
220 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
221 Q_ASSERT(ivec.size() == KEY_SIZE_16B);
224 const EVP_CIPHER * cipher =
nullptr;
225 if (key.size() == KEY_SIZE_16B)
227 cipher = EVP_aes_128_gcm();
229 else if (key.size() == KEY_SIZE_24B)
231 cipher = EVP_aes_192_gcm();
235 cipher = EVP_aes_256_gcm();
239 return encrypt(in, out, key, ivec, cipher, enc);
242bool EvpAES::xts_encrypt(
const QByteArray &in, QByteArray &out,
243 const QByteArray &key,
const QByteArray &ivec,
bool enc)
246 Q_ASSERT(key.size() == KEY_SIZE_16B || key.size() == KEY_SIZE_32B);
247 Q_ASSERT(ivec.size() == KEY_SIZE_16B);
250 const EVP_CIPHER * cipher =
nullptr;
251 if (key.size() == KEY_SIZE_16B)
253 cipher = EVP_aes_128_xts();
257 cipher = EVP_aes_256_xts();
261 return encrypt(in, out, key, ivec, cipher, enc);
264bool EvpAES::ocb_encrypt(
const QByteArray &in, QByteArray &out,
265 const QByteArray &key,
const QByteArray &ivec,
bool enc)
267#if OPENSSL_VERSION_NUMBER >= 0x3000000fL
268 #ifndef OPENSSL_NO_OCB
271 Q_ASSERT(key.size() == KEY_SIZE_16B
272 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
273 Q_ASSERT(ivec.size() == KEY_SIZE_16B);
276 const EVP_CIPHER * cipher =
nullptr;
277 if (key.size() == KEY_SIZE_16B)
279 cipher = EVP_aes_128_ocb();
281 else if (key.size() == KEY_SIZE_24B)
283 cipher = EVP_aes_192_ocb();
287 cipher = EVP_aes_256_ocb();
291 return encrypt(in, out, key, ivec, cipher, enc);
298bool EvpAES::encrypt(
const QByteArray &in, QByteArray &out,
299 const QByteArray &key,
const QByteArray &ivec,
300 const EVP_CIPHER *cipher,
bool enc)
305 int ret = EVP_EncryptInit_ex(ctx, cipher, NULL,
306 (
const unsigned char*)key.data(),
307 (
const unsigned char*)ivec.data());
315 out.resize(in.size() + AES_BLOCK_SIZE);
316 ret = EVP_EncryptUpdate(ctx, (
unsigned char*)out.data(), &mlen,
317 (
const unsigned char*)in.data(),
326 ret = EVP_EncryptFinal_ex(ctx, (
unsigned char *)out.data() + mlen, &flen);
331 out.resize(mlen + flen);
337 int ret = EVP_DecryptInit_ex(ctx, cipher, NULL,
338 (
const unsigned char*)key.data(),
339 (
const unsigned char*)ivec.data());
347 out.resize(in.size());
348 ret = EVP_DecryptUpdate(ctx, (
unsigned char*)out.data(), &mlen,
349 (
const unsigned char*)in.data(), in.size());
357 ret = EVP_DecryptFinal_ex(ctx, (
unsigned char *)out.data() + mlen, &flen);
362 out.resize(mlen + flen);
370#if OPENSSL_VERSION_NUMBER >= 0x3000000fL
371 SSL_CTX *ssl_ctx = SSL_CTX_new(TLS_client_method());
373 SSL_CTX_free(ssl_ctx);