Readd EVP_CIPHER_CTX_set_key_length.
This only applies to RC4, but it is still used by some Android code.
Change-Id: I4cf86269ffb7a230576da1bb2bfef7e1d4f234d6
Reviewed-on: https://boringssl-review.googlesource.com/1621
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/cipher/cipher.c b/crypto/cipher/cipher.c
index c6572b8..cdb8f43 100644
--- a/crypto/cipher/cipher.c
+++ b/crypto/cipher/cipher.c
@@ -573,6 +573,21 @@
return 1;
}
+int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, unsigned key_len) {
+ if (c->key_len == key_len) {
+ return 1;
+ }
+
+ if (key_len == 0 || !(c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) {
+ OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_set_key_length,
+ CIPHER_R_INVALID_KEY_LENGTH);
+ return 0;
+ }
+
+ c->key_len = key_len;
+ return 1;
+}
+
int EVP_CIPHER_nid(const EVP_CIPHER *cipher) { return cipher->nid; }
const char *EVP_CIPHER_name(const EVP_CIPHER *cipher) {
diff --git a/crypto/cipher/cipher_error.c b/crypto/cipher/cipher_error.c
index ed72436..5e1afe6 100644
--- a/crypto/cipher/cipher_error.c
+++ b/crypto/cipher/cipher_error.c
@@ -22,6 +22,7 @@
{ERR_PACK(ERR_LIB_CIPHER, CIPHER_F_EVP_AEAD_CTX_seal, 0), "EVP_AEAD_CTX_seal"},
{ERR_PACK(ERR_LIB_CIPHER, CIPHER_F_EVP_CIPHER_CTX_copy, 0), "EVP_CIPHER_CTX_copy"},
{ERR_PACK(ERR_LIB_CIPHER, CIPHER_F_EVP_CIPHER_CTX_ctrl, 0), "EVP_CIPHER_CTX_ctrl"},
+ {ERR_PACK(ERR_LIB_CIPHER, CIPHER_F_EVP_CIPHER_CTX_set_key_length, 0), "EVP_CIPHER_CTX_set_key_length"},
{ERR_PACK(ERR_LIB_CIPHER, CIPHER_F_EVP_CipherInit_ex, 0), "EVP_CipherInit_ex"},
{ERR_PACK(ERR_LIB_CIPHER, CIPHER_F_EVP_DecryptFinal_ex, 0), "EVP_DecryptFinal_ex"},
{ERR_PACK(ERR_LIB_CIPHER, CIPHER_F_EVP_EncryptFinal_ex, 0), "EVP_EncryptFinal_ex"},
@@ -50,6 +51,7 @@
{ERR_PACK(ERR_LIB_CIPHER, 0, CIPHER_R_INPUT_NOT_INITIALIZED), "INPUT_NOT_INITIALIZED"},
{ERR_PACK(ERR_LIB_CIPHER, 0, CIPHER_R_INVALID_AD), "INVALID_AD"},
{ERR_PACK(ERR_LIB_CIPHER, 0, CIPHER_R_INVALID_AD_SIZE), "INVALID_AD_SIZE"},
+ {ERR_PACK(ERR_LIB_CIPHER, 0, CIPHER_R_INVALID_KEY_LENGTH), "INVALID_KEY_LENGTH"},
{ERR_PACK(ERR_LIB_CIPHER, 0, CIPHER_R_IV_TOO_LARGE), "IV_TOO_LARGE"},
{ERR_PACK(ERR_LIB_CIPHER, 0, CIPHER_R_NO_CIPHER_SET), "NO_CIPHER_SET"},
{ERR_PACK(ERR_LIB_CIPHER, 0, CIPHER_R_OUTPUT_ALIASES_INPUT), "OUTPUT_ALIASES_INPUT"},
diff --git a/include/openssl/cipher.h b/include/openssl/cipher.h
index 3a3a856..4eae33b 100644
--- a/include/openssl/cipher.h
+++ b/include/openssl/cipher.h
@@ -261,6 +261,11 @@
* to disable. */
OPENSSL_EXPORT int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad);
+/* EVP_CIPHER_CTX_set_key_length sets the key length for |ctx|. This is only
+ * valid for ciphers that can take a variable length key. It returns one on
+ * success and zero on error. */
+OPENSSL_EXPORT int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *ctx, unsigned key_len);
+
/* Cipher accessors. */
@@ -467,6 +472,7 @@
#define CIPHER_F_aead_aes_key_wrap_seal 119
#define CIPHER_F_aead_aes_key_wrap_init 120
#define CIPHER_F_aead_aes_key_wrap_open 121
+#define CIPHER_F_EVP_CIPHER_CTX_set_key_length 122
#define CIPHER_R_WRAP_MODE_NOT_ALLOWED 100
#define CIPHER_R_AES_KEY_SETUP_FAILED 101
#define CIPHER_R_INPUT_NOT_INITIALIZED 102
@@ -490,5 +496,6 @@
#define CIPHER_R_UNSUPPORTED_INPUT_SIZE 120
#define CIPHER_R_UNSUPPORTED_AD_SIZE 121
#define CIPHER_R_UNSUPPORTED_NONCE_SIZE 122
+#define CIPHER_R_INVALID_KEY_LENGTH 123
#endif /* OPENSSL_HEADER_CIPHER_H */
