Rijdael CBC mode and partial undebugged SSL support.

This commit is contained in:
Ben Laurie 2001-02-06 14:09:13 +00:00
parent 171cc53a96
commit 259810e05b
15 changed files with 232 additions and 13 deletions

View file

@ -442,6 +442,9 @@ bad:
if (cipher != NULL)
{
/* Note that str is NULL if a key was passed on the command
* line, so we get no salt in that case. Is this a bug?
*/
if (str != NULL)
{
/* Salt handling: if encrypting generate a salt and

View file

@ -150,7 +150,10 @@ void OpenSSL_add_all_ciphers(void)
#ifndef NO_RIJNDAEL
for(i=0 ; i < 3 ; ++i)
for(j=0 ; j < 3 ; ++j)
{
EVP_add_cipher(EVP_rijndael_ecb(i,j));
EVP_add_cipher(EVP_rijndael_cbc(i,j));
}
#endif
PKCS12_PBE_add();
PKCS5_PBE_add();

View file

@ -56,14 +56,21 @@
static EVP_CIPHER rd_cipher[3][3];
static int anSizes[]={16,24,32};
static int anNIDs[3][3]=
static int anECBNIDs[3][3]=
{
{ NID_rijndael_ecb_k128_b128,NID_rijndael_ecb_k192_b128,NID_rijndael_ecb_k256_b128 },
{ NID_rijndael_ecb_k128_b192,NID_rijndael_ecb_k192_b192,NID_rijndael_ecb_k256_b192 },
{ NID_rijndael_ecb_k128_b256,NID_rijndael_ecb_k192_b256,NID_rijndael_ecb_k256_b256 }
};
static int rd_init_ecb(EVP_CIPHER_CTX *ctx, const unsigned char *key,
static int anCBCNIDs[3][3]=
{
{ NID_rd128_cbc_b128,NID_rd192_cbc_b128,NID_rd256_cbc_b128 },
{ NID_rd128_cbc_b192,NID_rd192_cbc_b192,NID_rd256_cbc_b192 },
{ NID_rd128_cbc_b256,NID_rd192_cbc_b256,NID_rd256_cbc_b256 }
};
static int rd_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
RIJNDAEL_KEY *k=&ctx->c.rijndael;
@ -98,6 +105,39 @@ static int rd_cipher_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out,
return 1;
}
static int rd_cipher_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl)
{
int n;
unsigned char tmp[16];
while(inl > 0)
{
if(ctx->c.rijndael.enc)
{
for(n=0 ; n < 16 ; ++n)
tmp[n]=in[n]^ctx->c.rijndael.iv[n];
rijndaelEncrypt(tmp,out,ctx->c.rijndael.keySched,
ctx->c.rijndael.rounds);
memcpy(ctx->c.rijndael.iv,out,16);
}
else
{
rijndaelDecrypt(in,out,ctx->c.rijndael.keySched,
ctx->c.rijndael.rounds);
for(n=0 ; n < 16 ; ++n)
out[n]^=ctx->c.rijndael.iv[n];
memcpy(ctx->c.rijndael.iv,in,16);
}
inl-=16;
in+=16;
out+=16;
}
assert(inl == 0);
return 1;
}
EVP_CIPHER *EVP_rijndael_ecb(int nBlockLength,int nKeyLength)
{
EVP_CIPHER *c;
@ -117,15 +157,47 @@ EVP_CIPHER *EVP_rijndael_ecb(int nBlockLength,int nKeyLength)
memset(c,'\0',sizeof *c);
c->nid=anNIDs[nBlockLength][nKeyLength];
c->nid=anECBNIDs[nBlockLength][nKeyLength];
c->block_size=anSizes[nBlockLength];
c->key_len=anSizes[nKeyLength];
c->iv_len=16;
c->flags=EVP_CIPH_ECB_MODE;
c->init=rd_init_ecb;
c->init=rd_init;
c->do_cipher=rd_cipher_ecb;
c->ctx_size=sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rijndael));
return c;
}
EVP_CIPHER *EVP_rijndael_cbc(int nBlockLength,int nKeyLength)
{
EVP_CIPHER *c;
if(nBlockLength < 0 || nBlockLength > 2)
{
EVPerr(EVP_F_EVP_RIJNDAEL,EVP_R_BAD_BLOCK_LENGTH);
return NULL;
}
if(nKeyLength < 0 || nKeyLength > 2)
{
EVPerr(EVP_F_EVP_RIJNDAEL,EVP_R_BAD_KEY_LENGTH);
return NULL;
}
c=&rd_cipher[nKeyLength][nBlockLength];
memset(c,'\0',sizeof *c);
c->nid=anCBCNIDs[nBlockLength][nKeyLength];
c->block_size=anSizes[nBlockLength];
c->key_len=anSizes[nKeyLength];
c->iv_len=16;
c->flags=EVP_CIPH_CBC_MODE;
c->init=rd_init;
c->do_cipher=rd_cipher_cbc;
c->ctx_size=sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rijndael));
return c;
}

View file

@ -707,6 +707,7 @@ EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
#endif
#ifndef NO_RIJNDAEL
EVP_CIPHER *EVP_rijndael_ecb(int nBlockLength,int nKeyLength);
EVP_CIPHER *EVP_rijndael_cbc(int nBlockLength,int nKeyLength);
#endif
void OpenSSL_add_all_algorithms(void);

View file

@ -61,9 +61,9 @@
* perl obj_dat.pl objects.h obj_dat.h
*/
#define NUM_NID 405
#define NUM_SN 401
#define NUM_LN 401
#define NUM_NID 417
#define NUM_SN 410
#define NUM_LN 410
#define NUM_OBJ 366
static unsigned char lvalues[2896]={
@ -1066,6 +1066,18 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
NID_rijndael_ecb_k192_b256,0,NULL},
{"RIJNDAEL-ECB-K256-B256","rijndael-ecb-k256-b256",
NID_rijndael_ecb_k256_b256,0,NULL},
{NULL,NULL,NID_undef,0,NULL},
{NULL,NULL,NID_undef,0,NULL},
{NULL,NULL,NID_undef,0,NULL},
{"RD128-CBC-B128","rd128-cbc-b128",NID_rd128_cbc_b128,0,NULL},
{"RD192-CBC-B128","rd192-cbc-b128",NID_rd192_cbc_b128,0,NULL},
{"RD256-CBC-B128","rd256-cbc-b128",NID_rd256_cbc_b128,0,NULL},
{"RD128-CBC-B192","rd128-cbc-b192",NID_rd128_cbc_b192,0,NULL},
{"RD192-CBC-B192","rd192-cbc-b192",NID_rd192_cbc_b192,0,NULL},
{"RD256-CBC-B192","rd256-cbc-b192",NID_rd256_cbc_b192,0,NULL},
{"RD128-CBC-B256","rd128-cbc-b256",NID_rd128_cbc_b256,0,NULL},
{"RD192-CBC-B256","rd192-cbc-b256",NID_rd192_cbc_b256,0,NULL},
{"RD256-CBC-B256","rd256-cbc-b256",NID_rd256_cbc_b256,0,NULL},
};
static ASN1_OBJECT *sn_objs[NUM_SN]={
@ -1155,6 +1167,15 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[122]),/* "RC5-CFB" */
&(nid_objs[121]),/* "RC5-ECB" */
&(nid_objs[123]),/* "RC5-OFB" */
&(nid_objs[408]),/* "RD128-CBC-B128" */
&(nid_objs[411]),/* "RD128-CBC-B192" */
&(nid_objs[414]),/* "RD128-CBC-B256" */
&(nid_objs[409]),/* "RD192-CBC-B128" */
&(nid_objs[412]),/* "RD192-CBC-B192" */
&(nid_objs[415]),/* "RD192-CBC-B256" */
&(nid_objs[410]),/* "RD256-CBC-B128" */
&(nid_objs[413]),/* "RD256-CBC-B192" */
&(nid_objs[416]),/* "RD256-CBC-B256" */
&(nid_objs[396]),/* "RIJNDAEL-ECB-K128-B128" */
&(nid_objs[399]),/* "RIJNDAEL-ECB-K128-B192" */
&(nid_objs[402]),/* "RIJNDAEL-ECB-K128-B256" */
@ -1834,6 +1855,15 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[122]),/* "rc5-cfb" */
&(nid_objs[121]),/* "rc5-ecb" */
&(nid_objs[123]),/* "rc5-ofb" */
&(nid_objs[408]),/* "rd128-cbc-b128" */
&(nid_objs[411]),/* "rd128-cbc-b192" */
&(nid_objs[414]),/* "rd128-cbc-b256" */
&(nid_objs[409]),/* "rd192-cbc-b128" */
&(nid_objs[412]),/* "rd192-cbc-b192" */
&(nid_objs[415]),/* "rd192-cbc-b256" */
&(nid_objs[410]),/* "rd256-cbc-b128" */
&(nid_objs[413]),/* "rd256-cbc-b192" */
&(nid_objs[416]),/* "rd256-cbc-b256" */
&(nid_objs[396]),/* "rijndael-ecb-k128-b128" */
&(nid_objs[399]),/* "rijndael-ecb-k128-b192" */
&(nid_objs[402]),/* "rijndael-ecb-k128-b256" */

View file

@ -1833,3 +1833,39 @@
#define LN_rijndael_ecb_k256_b256 "rijndael-ecb-k256-b256"
#define NID_rijndael_ecb_k256_b256 404
#define SN_rd128_cbc_b128 "RD128-CBC-B128"
#define LN_rd128_cbc_b128 "rd128-cbc-b128"
#define NID_rd128_cbc_b128 408
#define SN_rd192_cbc_b128 "RD192-CBC-B128"
#define LN_rd192_cbc_b128 "rd192-cbc-b128"
#define NID_rd192_cbc_b128 409
#define SN_rd256_cbc_b128 "RD256-CBC-B128"
#define LN_rd256_cbc_b128 "rd256-cbc-b128"
#define NID_rd256_cbc_b128 410
#define SN_rd128_cbc_b192 "RD128-CBC-B192"
#define LN_rd128_cbc_b192 "rd128-cbc-b192"
#define NID_rd128_cbc_b192 411
#define SN_rd192_cbc_b192 "RD192-CBC-B192"
#define LN_rd192_cbc_b192 "rd192-cbc-b192"
#define NID_rd192_cbc_b192 412
#define SN_rd256_cbc_b192 "RD256-CBC-B192"
#define LN_rd256_cbc_b192 "rd256-cbc-b192"
#define NID_rd256_cbc_b192 413
#define SN_rd128_cbc_b256 "RD128-CBC-B256"
#define LN_rd128_cbc_b256 "rd128-cbc-b256"
#define NID_rd128_cbc_b256 414
#define SN_rd192_cbc_b256 "RD192-CBC-B256"
#define LN_rd192_cbc_b256 "rd192-cbc-b256"
#define NID_rd192_cbc_b256 415
#define SN_rd256_cbc_b256 "RD256-CBC-B256"
#define LN_rd256_cbc_b256 "rd256-cbc-b256"
#define NID_rd256_cbc_b256 416

View file

@ -402,3 +402,15 @@ rijndael_ecb_k256_b192 401
rijndael_ecb_k128_b256 402
rijndael_ecb_k192_b256 403
rijndael_ecb_k256_b256 404
rd128_cbc 405
rd192_cbc 406
rd256_cbc 407
rd128_cbc_b128 408
rd192_cbc_b128 409
rd256_cbc_b128 410
rd128_cbc_b192 411
rd192_cbc_b192 412
rd256_cbc_b192 413
rd128_cbc_b256 414
rd192_cbc_b256 415
rd256_cbc_b256 416

View file

@ -601,3 +601,12 @@ enterprises 1466 344 : dcobject : dcObject
: RIJNDAEL-ECB-K128-B256: rijndael-ecb-k128-b256
: RIJNDAEL-ECB-K192-B256: rijndael-ecb-k192-b256
: RIJNDAEL-ECB-K256-B256: rijndael-ecb-k256-b256
: RD128-CBC-B128 : rd128-cbc-b128
: RD192-CBC-B128 : rd192-cbc-b128
: RD256-CBC-B128 : rd256-cbc-b128
: RD128-CBC-B192 : rd128-cbc-b192
: RD192-CBC-B192 : rd192-cbc-b192
: RD256-CBC-B192 : rd256-cbc-b192
: RD128-CBC-B256 : rd128-cbc-b256
: RD192-CBC-B256 : rd192-cbc-b256
: RD256-CBC-B256 : rd256-cbc-b256

View file

@ -20,7 +20,7 @@ RD_ENC= rd_enc.o
# or use
#DES_ENC= bx86-elf.o
CFLAGS= $(INCLUDES) $(CFLAG) -DINTERMEDIATE_VALUE_KAT -DBINARY_KEY_MATERIAL
CFLAGS= -mpentiumpro $(INCLUDES) $(CFLAG) -DINTERMEDIATE_VALUE_KAT -DBINARY_KEY_MATERIAL -O3 -fexpensive-optimizations -funroll-loops -fforce-addr
GENERAL=Makefile
#TEST=rijndael-test-fst.c table.128 table.192 table.256
@ -45,6 +45,8 @@ lib: $(LIBOBJ)
$(RANLIB) $(LIB)
@touch lib
$(LIBOBJ): $(LIBSRC)
files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO

View file

@ -708,6 +708,19 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS
},
/* Cipher ?? */
{
1,
TLS1_TXT_RSA_WITH_RD_128_SHA,
TLS1_CK_RSA_WITH_RD_128_SHA,
SSL_kRSA|SSL_aRSA|SSL_RD|SSL_SHA |SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
#endif
/* end of list */

View file

@ -153,6 +153,7 @@ extern "C" {
#define SSL_TXT_RC4 "RC4"
#define SSL_TXT_RC2 "RC2"
#define SSL_TXT_IDEA "IDEA"
#define SSL_TXT_RD "RD"
#define SSL_TXT_MD5 "MD5"
#define SSL_TXT_SHA1 "SHA1"
#define SSL_TXT_SHA "SHA"

View file

@ -63,6 +63,8 @@
int SSL_library_init(void)
{
int k;
#ifndef NO_DES
EVP_add_cipher(EVP_des_cbc());
EVP_add_cipher(EVP_des_ede3_cbc());
@ -76,6 +78,8 @@ int SSL_library_init(void)
#ifndef NO_RC2
EVP_add_cipher(EVP_rc2_cbc());
#endif
for(k=0 ; k < 2 ; ++k)
EVP_add_cipher(EVP_rijndael_cbc(0,k));
#ifndef NO_MD2
EVP_add_digest(EVP_md2());
@ -96,7 +100,6 @@ int SSL_library_init(void)
EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
#endif
/* If you want support for phased out ciphers, add the following */
#if 0
EVP_add_digest(EVP_sha());

View file

@ -68,7 +68,10 @@
#define SSL_ENC_IDEA_IDX 4
#define SSL_ENC_eFZA_IDX 5
#define SSL_ENC_NULL_IDX 6
#define SSL_ENC_NUM_IDX 7
#define SSL_ENC_RD128_IDX 7
#define SSL_ENC_RD192_IDX 8
#define SSL_ENC_RD256_IDX 9
#define SSL_ENC_NUM_IDX 10
static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
NULL,NULL,NULL,NULL,NULL,NULL,
@ -124,6 +127,7 @@ static const SSL_CIPHER cipher_aliases[]={
{0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_RD, 0,SSL_RD, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0},
{0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0},
@ -163,6 +167,12 @@ static void load_ciphers(void)
EVP_get_cipherbyname(SN_rc2_cbc);
ssl_cipher_methods[SSL_ENC_IDEA_IDX]=
EVP_get_cipherbyname(SN_idea_cbc);
ssl_cipher_methods[SSL_ENC_RD128_IDX]=
EVP_get_cipherbyname(SN_rd128_cbc_b128);
ssl_cipher_methods[SSL_ENC_RD192_IDX]=
EVP_get_cipherbyname(SN_rd192_cbc_b128);
ssl_cipher_methods[SSL_ENC_RD256_IDX]=
EVP_get_cipherbyname(SN_rd256_cbc_b128);
ssl_digest_methods[SSL_MD_MD5_IDX]=
EVP_get_digestbyname(SN_md5);
@ -223,6 +233,15 @@ int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc,
case SSL_eNULL:
i=SSL_ENC_NULL_IDX;
break;
case SSL_RD:
switch(c->alg_bits)
{
case 128: i=SSL_ENC_RD128_IDX; break;
case 192: i=SSL_ENC_RD192_IDX; break;
case 256: i=SSL_ENC_RD256_IDX; break;
default: i=-1; break;
}
break;
default:
i= -1;
break;
@ -308,6 +327,7 @@ static unsigned long ssl_cipher_get_disabled(void)
mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0;
mask |= (ssl_cipher_methods[SSL_ENC_RD128_IDX] == NULL) ? SSL_RD:0;
mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
@ -979,6 +999,15 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
case SSL_eNULL:
enc="None";
break;
case SSL_RD:
switch(cipher->strength_bits == 128)
{
case 128: enc="Rijndael(128)"; break;
case 192: enc="Rijndael(192)"; break;
case 256: enc="Rijndael(256)"; break;
default: enc="Rijndael(???)"; break;
}
break;
default:
enc="unknown";
break;

View file

@ -251,7 +251,7 @@
#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA)
#define SSL_KRB5 (SSL_kKRB5|SSL_aKRB5)
#define SSL_ENC_MASK 0x0007F000L
#define SSL_ENC_MASK 0x0087F000L
#define SSL_DES 0x00001000L
#define SSL_3DES 0x00002000L
#define SSL_RC4 0x00004000L
@ -259,6 +259,7 @@
#define SSL_IDEA 0x00010000L
#define SSL_eFZA 0x00020000L
#define SSL_eNULL 0x00040000L
#define SSL_RD 0x00800000L
#define SSL_MAC_MASK 0x00180000L
#define SSL_MD5 0x00080000L

View file

@ -95,6 +95,8 @@ extern "C" {
#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064
#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065
#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066
/* not yet real */
#define TLS1_CK_RSA_WITH_RD_128_SHA 0x03000067
/* XXX
* Inconsistency alert:
@ -110,6 +112,8 @@ extern "C" {
#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA"
#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA"
#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
/* Not yet real */
#define TLS1_TXT_RSA_WITH_RD_128_SHA "RD128-SHA"
#define TLS_CT_RSA_SIGN 1