1 (ˆÐÏÎÍÌl–Ðz¾”ªC]Šq@¹pM\êbÑ¿Ë ƒ}æÛÊÉÈ&-- Copyright (C) by Yichun Zhang (agentzh) --local asn1 = require "resty.asn1" local ffi = require "ffi" local ffi_new = ffi.new local ffi_gc = ffi.gc local ffi_str = ffi.string local ffi_copy = ffi.copy local C = ffi.C local setmetatable = setmetatable --local error = error local type = type local _M = { _VERSION = '0.16' } local mt = { __index = _M } local EVP_CTRL_AEAD_SET_IVLEN = 0x09 local EVP_CTRL_AEAD_GET_TAG = 0x10 local EVP_CTRL_AEAD_SET_TAG = 0x11 ffi.cdef[[ typedef struct engine_st ENGINE; typedef struct evp_cipher_st EVP_CIPHER; typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX; typedef struct env_md_ctx_st EVP_MD_CTX; typedef struct env_md_st EVP_MD; const EVP_MD *EVP_md5(void); const EVP_MD *EVP_sha(void); const EVP_MD *EVP_sha1(void); const EVP_MD *EVP_sha224(void); const EVP_MD *EVP_sha256(void); const EVP_MD *EVP_sha384(void); const EVP_MD *EVP_sha512(void); const EVP_CIPHER *EVP_aes_128_ecb(void); const EVP_CIPHER *EVP_aes_128_cbc(void); const EVP_CIPHER *EVP_aes_128_cfb1(void); const EVP_CIPHER *EVP_aes_128_cfb8(void); const EVP_CIPHER *EVP_aes_128_cfb128(void); const EVP_CIPHER *EVP_aes_128_ofb(void); const EVP_CIPHER *EVP_aes_128_ctr(void); const EVP_CIPHER *EVP_aes_192_ecb(void); const EVP_CIPHER *EVP_aes_192_cbc(void); const EVP_CIPHER *EVP_aes_192_cfb1(void); const EVP_CIPHER *EVP_aes_192_cfb8(void); const EVP_CIPHER *EVP_aes_192_cfb128(void); const EVP_CIPHER *EVP_aes_192_ofb(void); const EVP_CIPHER *EVP_aes_192_ctr(void); const EVP_CIPHER *EVP_aes_256_ecb(void); const EVP_CIPHER *EVP_aes_256_cbc(void); const EVP_CIPHER *EVP_aes_256_cfb1(void); const EVP_CIPHER *EVP_aes_256_cfb8(void); const EVP_CIPHER *EVP_aes_256_cfb128(void); const EVP_CIPHER *EVP_aes_256_ofb(void); const EVP_CIPHER *EVP_aes_128_gcm(void); const EVP_CIPHER *EVP_aes_192_gcm(void); const EVP_CIPHER *EVP_aes_256_gcm(void); EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(); void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a); int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx); int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int padding); int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, unsigned char *key, const unsigned char *iv); int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl); int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, unsigned char *key, const unsigned char *iv); int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl); int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md, const unsigned char *salt, const unsigned char *data, int datal, int count, unsigned char *key,unsigned char *iv); int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); ]] local hash hash = { md5 = C.EVP_md5(), sha1 = C.EVP_sha1(), sha224 = C.EVP_sha224(), sha256 = C.EVP_sha256(), sha384 = C.EVP_sha384(), sha512 = C.EVP_sha512() } _M.hash = hash local EVP_MAX_BLOCK_LENGTH = 32 local cipher cipher = function (size, _cipher) local _size = size or 128 local _cipher = _cipher or "cbc" local func = "EVP_aes_" .. _size .. "_" .. _cipher if C[func] then return { size=_size, cipher=_cipher, method=C[func]()} else return nil end end _M.cipher = cipher function _M.new(self, key, salt, _cipher, _hash, hash_rounds, iv_len, enable_padding) local encrypt_ctx = C.EVP_CIPHER_CTX_new() if encrypt_ctx == nil then return nil, "no memory" end ffi_gc(encrypt_ctx, C.EVP_CIPHER_CTX_free) local decrypt_ctx = C.EVP_CIPHER_CTX_new() if decrypt_ctx == nil then return nil, "no memory" end ffi_gc(decrypt_ctx, C.EVP_CIPHER_CTX_free) local _cipher = _cipher or cipher() local _hash = _hash