Cleanup ciphers and Add 3des ciphers.
Moved the relevant ciphers into default and restructed headers to allow the move. This removed most of the cases of #ifdef NO_XXX (which are now specified in build.info) Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9482)
This commit is contained in:
parent
37a830e729
commit
4a42e26404
61 changed files with 1441 additions and 480 deletions
|
@ -13,13 +13,14 @@ IF[{- !$disabled{asm} -}]
|
|||
ENDIF
|
||||
|
||||
LIBS=../../libcrypto
|
||||
SOURCE[../../libcrypto]=\
|
||||
set_key.c ecb_enc.c cbc_enc.c \
|
||||
ecb3_enc.c cfb64enc.c cfb64ede.c cfb_enc.c \
|
||||
$COMMON=set_key.c ecb3_enc.c $DESASM
|
||||
SOURCE[../../libcrypto]=$COMMON\
|
||||
ecb_enc.c cbc_enc.c \
|
||||
cfb64enc.c cfb64ede.c cfb_enc.c \
|
||||
ofb64ede.c ofb64enc.c ofb_enc.c \
|
||||
str2key.c pcbc_enc.c qud_cksm.c rand_key.c \
|
||||
$DESASM \
|
||||
fcrypt.c xcbc_enc.c cbc_cksm.c
|
||||
SOURCE[../../providers/fips]=$COMMON
|
||||
|
||||
GENERATE[des_enc-sparc.S]=asm/des_enc.m4
|
||||
GENERATE[dest4-sparcv9.S]=asm/dest4-sparcv9.pl $(PERLASM_SCHEME)
|
||||
|
|
|
@ -2708,6 +2708,7 @@ PROP_R_TRAILING_CHARACTERS:110:trailing characters
|
|||
PROV_R_AES_KEY_SETUP_FAILED:101:aes key setup failed
|
||||
PROV_R_BAD_DECRYPT:100:bad decrypt
|
||||
PROV_R_CIPHER_OPERATION_FAILED:102:cipher operation failed
|
||||
PROV_R_FAILED_TO_GENERATE_KEY:121:failed to generate key
|
||||
PROV_R_FAILED_TO_GET_PARAMETER:103:failed to get parameter
|
||||
PROV_R_FAILED_TO_SET_PARAMETER:104:failed to set parameter
|
||||
PROV_R_INVALID_AAD:108:invalid aad
|
||||
|
|
|
@ -217,6 +217,18 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
|
|||
case NID_camellia_256_ctr:
|
||||
case NID_camellia_192_ctr:
|
||||
case NID_camellia_128_ctr:
|
||||
case NID_des_ede3_cbc:
|
||||
case NID_des_ede3_ecb:
|
||||
case NID_des_ede3_ofb64:
|
||||
case NID_des_ede3_cfb64:
|
||||
case NID_des_ede3_cfb8:
|
||||
case NID_des_ede3_cfb1:
|
||||
case NID_des_ede_cbc:
|
||||
case NID_des_ede_ecb:
|
||||
case NID_des_ede_ofb64:
|
||||
case NID_des_ede_cfb64:
|
||||
case NID_desx_cbc:
|
||||
case NID_id_smime_alg_CMS3DESwrap:
|
||||
break;
|
||||
default:
|
||||
goto legacy;
|
||||
|
@ -1030,6 +1042,12 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
|
|||
params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_KEYLEN, &arg);
|
||||
break;
|
||||
case EVP_CTRL_RAND_KEY: /* Used by DES */
|
||||
set_params = 0;
|
||||
params[0] =
|
||||
OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY,
|
||||
ptr, (size_t)arg);
|
||||
break;
|
||||
|
||||
case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: /* Used by DASYNC */
|
||||
case EVP_CTRL_INIT: /* TODO(3.0) Purely legacy, no provider counterpart */
|
||||
default:
|
||||
|
@ -1141,19 +1159,24 @@ const OSSL_PARAM *EVP_CIPHER_CTX_gettable_params(const EVP_CIPHER *cipher)
|
|||
return NULL;
|
||||
}
|
||||
|
||||
#if !defined(FIPS_MODE)
|
||||
/* TODO(3.0): No support for RAND yet in the FIPS module */
|
||||
int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
|
||||
{
|
||||
int kl;
|
||||
if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
|
||||
return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
|
||||
kl = EVP_CIPHER_CTX_key_length(ctx);
|
||||
if (kl <= 0 || RAND_priv_bytes(key, kl) <= 0)
|
||||
return 0;
|
||||
return 1;
|
||||
|
||||
#ifdef FIPS_MODE
|
||||
return 0;
|
||||
#else
|
||||
{
|
||||
int kl;
|
||||
|
||||
kl = EVP_CIPHER_CTX_key_length(ctx);
|
||||
if (kl <= 0 || RAND_priv_bytes(key, kl) <= 0)
|
||||
return 0;
|
||||
return 1;
|
||||
}
|
||||
#endif /* FIPS_MODE */
|
||||
}
|
||||
#endif
|
||||
|
||||
int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
|
||||
{
|
||||
|
|
|
@ -223,6 +223,7 @@ void cmll256_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
|
|||
|
||||
|
||||
# define SPARC_AES_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_AES)
|
||||
# define SPARC_DES_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_DES)
|
||||
# define HWAES_CAPABLE (OPENSSL_sparcv9cap_P[0] & SPARCV9_FJAESX)
|
||||
# define HWAES_set_encrypt_key aes_fx_set_encrypt_key
|
||||
# define HWAES_set_decrypt_key aes_fx_set_decrypt_key
|
||||
|
@ -237,6 +238,12 @@ void aes_t4_encrypt(const unsigned char *in, unsigned char *out,
|
|||
const AES_KEY *key);
|
||||
void aes_t4_decrypt(const unsigned char *in, unsigned char *out,
|
||||
const AES_KEY *key);
|
||||
void des_t4_key_expand(const void *key, DES_key_schedule *ks);
|
||||
void des_t4_ede3_cbc_encrypt(const void *inp, void *out, size_t len,
|
||||
const DES_key_schedule ks[3], unsigned char iv[8]);
|
||||
void des_t4_ede3_cbc_decrypt(const void *inp, void *out, size_t len,
|
||||
const DES_key_schedule ks[3], unsigned char iv[8]);
|
||||
|
||||
/*
|
||||
* Key-length specific subroutines were chosen for following reason.
|
||||
* Each SPARC T4 core can execute up to 8 threads which share core's
|
||||
|
|
|
@ -302,6 +302,12 @@ IV length and the tag length.
|
|||
|
||||
Sets the IV length to be used for an AEAD cipher for the associated cipher ctx.
|
||||
|
||||
=item B<OSSL_CIPHER_PARAM_RANDOM_KEY> (octet_string)
|
||||
|
||||
Gets a implementation specific randomly generated key for the associated
|
||||
cipher ctx. This is currently only supported by 3DES (which sets the key to
|
||||
odd parity).
|
||||
|
||||
=back
|
||||
|
||||
=head1 RETURN VALUES
|
||||
|
|
|
@ -54,6 +54,7 @@ extern "C" {
|
|||
#define OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD "tlsaadpad" /* size_t */
|
||||
#define OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED "tlsivfixed" /* octet_string */
|
||||
#define OSSL_CIPHER_PARAM_AEAD_IVLEN "aeadivlen" /* size_t */
|
||||
#define OSSL_CIPHER_PARAM_RANDOM_KEY "randkey" /* octet_string */
|
||||
|
||||
/* digest parameters */
|
||||
#define OSSL_DIGEST_PARAM_XOFLEN "xoflen"
|
||||
|
|
|
@ -9,6 +9,7 @@
|
|||
|
||||
#include <assert.h>
|
||||
#include "cipher_locl.h"
|
||||
#include "internal/providercommonerr.h"
|
||||
|
||||
/*
|
||||
* Fills a single block of buffered data from the input, and returns the amount
|
||||
|
|
|
@ -1,21 +1,18 @@
|
|||
LIBS=../../../libcrypto
|
||||
|
||||
IF[{- !$disabled{des} -}]
|
||||
$COMMON_DES=cipher_tdes.c cipher_tdes_hw.c
|
||||
ENDIF
|
||||
|
||||
$COMMON=cipher_common.c cipher_common_hw.c block.c \
|
||||
cipher_aes.c cipher_aes_hw.c \
|
||||
cipher_gcm.c cipher_aes_gcm.c cipher_gcm_hw.c \
|
||||
cipher_ccm.c cipher_aes_ccm.c cipher_ccm_hw.c
|
||||
cipher_gcm.c cipher_gcm_hw.c \
|
||||
cipher_aes_gcm.c cipher_aes_gcm_hw.c \
|
||||
cipher_ccm.c cipher_ccm_hw.c \
|
||||
cipher_aes_ccm.c cipher_aes_ccm_hw.c \
|
||||
$COMMON_DES
|
||||
|
||||
SOURCE[../../../libcrypto]=$COMMON
|
||||
IF[{- !$disabled{aria} -}]
|
||||
SOURCE[../../../libcrypto]=\
|
||||
cipher_aria.c cipher_aria_hw.c \
|
||||
cipher_aria_gcm.c cipher_aria_ccm.c
|
||||
ENDIF
|
||||
|
||||
IF[{- !$disabled{camellia} -}]
|
||||
SOURCE[../../../libcrypto]=\
|
||||
cipher_camellia.c cipher_camellia_hw.c
|
||||
ENDIF
|
||||
INCLUDE[../../../libcrypto]=. ../../../crypto
|
||||
|
||||
SOURCE[../../fips]=$COMMON
|
||||
|
|
|
@ -9,7 +9,8 @@
|
|||
|
||||
/* Dispatch functions for AES cipher modes ecb, cbc, ofb, cfb, ctr */
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "cipher_aes.h"
|
||||
#include "internal/provider_algs.h"
|
||||
|
||||
static OSSL_OP_cipher_freectx_fn aes_freectx;
|
||||
static OSSL_OP_cipher_dupctx_fn aes_dupctx;
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
*/
|
||||
|
||||
#include <openssl/aes.h>
|
||||
#include "internal/ciphers/ciphercommon.h"
|
||||
|
||||
typedef struct prov_aes_ctx_st {
|
||||
PROV_CIPHER_CTX base; /* Must be first */
|
||||
|
|
|
@ -10,6 +10,8 @@
|
|||
/* Dispatch functions for AES CCM mode */
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "internal/ciphers/cipher_ccm.h"
|
||||
#include "internal/provider_algs.h"
|
||||
|
||||
static void *aes_ccm_newctx(void *provctx, size_t keybits)
|
||||
{
|
||||
|
|
64
providers/common/ciphers/cipher_aes_ccm_hw.c
Normal file
64
providers/common/ciphers/cipher_aes_ccm_hw.c
Normal file
|
@ -0,0 +1,64 @@
|
|||
/*
|
||||
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/* AES CCM mode */
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "internal/ciphers/cipher_ccm.h"
|
||||
|
||||
#define AES_HW_CCM_SET_KEY_FN(fn_set_enc_key, fn_blk, fn_ccm_enc, fn_ccm_dec) \
|
||||
fn_set_enc_key(key, keylen * 8, &actx->ccm.ks.ks); \
|
||||
CRYPTO_ccm128_init(&ctx->ccm_ctx, ctx->m, ctx->l, &actx->ccm.ks.ks, \
|
||||
(block128_f)fn_blk); \
|
||||
ctx->str = ctx->enc ? (ccm128_f)fn_ccm_enc : (ccm128_f)fn_ccm_dec; \
|
||||
ctx->key_set = 1;
|
||||
|
||||
static int ccm_generic_aes_initkey(PROV_CCM_CTX *ctx, const unsigned char *key,
|
||||
size_t keylen)
|
||||
{
|
||||
PROV_AES_CCM_CTX *actx = (PROV_AES_CCM_CTX *)ctx;
|
||||
|
||||
#ifdef HWAES_CAPABLE
|
||||
if (HWAES_CAPABLE) {
|
||||
AES_HW_CCM_SET_KEY_FN(HWAES_set_encrypt_key, HWAES_encrypt, NULL, NULL);
|
||||
} else
|
||||
#endif /* HWAES_CAPABLE */
|
||||
|
||||
#ifdef VPAES_CAPABLE
|
||||
if (VPAES_CAPABLE) {
|
||||
AES_HW_CCM_SET_KEY_FN(vpaes_set_encrypt_key, vpaes_encrypt, NULL, NULL);
|
||||
} else
|
||||
#endif
|
||||
{
|
||||
AES_HW_CCM_SET_KEY_FN(AES_set_encrypt_key, AES_encrypt, NULL, NULL)
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
static const PROV_CCM_HW aes_ccm = {
|
||||
ccm_generic_aes_initkey,
|
||||
ccm_generic_setiv,
|
||||
ccm_generic_setaad,
|
||||
ccm_generic_auth_encrypt,
|
||||
ccm_generic_auth_decrypt,
|
||||
ccm_generic_gettag
|
||||
};
|
||||
|
||||
#if defined(S390X_aes_128_CAPABLE)
|
||||
# include "cipher_aes_ccm_hw_s390x.inc"
|
||||
#elif defined(AESNI_CAPABLE)
|
||||
# include "cipher_aes_ccm_hw_aesni.inc"
|
||||
#elif defined(SPARC_AES_CAPABLE)
|
||||
# include "cipher_aes_ccm_hw_t4.inc"
|
||||
#else
|
||||
const PROV_CCM_HW *PROV_AES_HW_ccm(size_t keybits)
|
||||
{
|
||||
return &aes_ccm;
|
||||
}
|
||||
#endif
|
|
@ -17,8 +17,9 @@ static int ccm_aesni_initkey(PROV_CCM_CTX *ctx, const unsigned char *key,
|
|||
{
|
||||
PROV_AES_CCM_CTX *actx = (PROV_AES_CCM_CTX *)ctx;
|
||||
|
||||
AES_CCM_SET_KEY_FN(aesni_set_encrypt_key, aesni_encrypt,
|
||||
aesni_ccm64_encrypt_blocks, aesni_ccm64_decrypt_blocks);
|
||||
AES_HW_CCM_SET_KEY_FN(aesni_set_encrypt_key, aesni_encrypt,
|
||||
aesni_ccm64_encrypt_blocks,
|
||||
aesni_ccm64_decrypt_blocks);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
|
@ -17,7 +17,7 @@ static int ccm_t4_aes_initkey(PROV_CCM_CTX *ctx, const unsigned char *key,
|
|||
{
|
||||
PROV_AES_CCM_CTX *actx = (PROV_AES_CCM_CTX *)ctx;
|
||||
|
||||
AES_CCM_SET_KEY_FN(aes_t4_set_encrypt_key, aes_t4_encrypt, NULL, NULL);
|
||||
AES_HW_CCM_SET_KEY_FN(aes_t4_set_encrypt_key, aes_t4_encrypt, NULL, NULL);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
|
@ -10,6 +10,8 @@
|
|||
/* Dispatch functions for AES GCM mode */
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "internal/ciphers/cipher_gcm.h"
|
||||
#include "internal/provider_algs.h"
|
||||
|
||||
static void *aes_gcm_newctx(void *provctx, size_t keybits)
|
||||
{
|
||||
|
|
78
providers/common/ciphers/cipher_aes_gcm_hw.c
Normal file
78
providers/common/ciphers/cipher_aes_gcm_hw.c
Normal file
|
@ -0,0 +1,78 @@
|
|||
/*
|
||||
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/* Dispatch functions for AES GCM mode */
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "internal/ciphers/cipher_gcm.h"
|
||||
|
||||
static int generic_aes_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key,
|
||||
size_t keylen)
|
||||
{
|
||||
PROV_AES_GCM_CTX *actx = (PROV_AES_GCM_CTX *)ctx;
|
||||
AES_KEY *ks = &actx->ks.ks;
|
||||
|
||||
# ifdef HWAES_CAPABLE
|
||||
if (HWAES_CAPABLE) {
|
||||
# ifdef HWAES_ctr32_encrypt_blocks
|
||||
GCM_HW_SET_KEY_CTR_FN(ks, HWAES_set_encrypt_key, HWAES_encrypt,
|
||||
HWAES_ctr32_encrypt_blocks);
|
||||
# else
|
||||
GCM_HW_SET_KEY_CTR_FN(ks, HWAES_set_encrypt_key, HWAES_encrypt, NULL);
|
||||
# endif /* HWAES_ctr32_encrypt_blocks */
|
||||
} else
|
||||
# endif /* HWAES_CAPABLE */
|
||||
|
||||
# ifdef BSAES_CAPABLE
|
||||
if (BSAES_CAPABLE) {
|
||||
GCM_HW_SET_KEY_CTR_FN(ks, AES_set_encrypt_key, AES_encrypt,
|
||||
bsaes_ctr32_encrypt_blocks);
|
||||
} else
|
||||
# endif /* BSAES_CAPABLE */
|
||||
|
||||
# ifdef VPAES_CAPABLE
|
||||
if (VPAES_CAPABLE) {
|
||||
GCM_HW_SET_KEY_CTR_FN(ks, vpaes_set_encrypt_key, vpaes_encrypt, NULL);
|
||||
} else
|
||||
# endif /* VPAES_CAPABLE */
|
||||
|
||||
{
|
||||
# ifdef AES_CTR_ASM
|
||||
GCM_HW_SET_KEY_CTR_FN(ks, AES_set_encrypt_key, AES_encrypt,
|
||||
AES_ctr32_encrypt);
|
||||
# else
|
||||
GCM_HW_SET_KEY_CTR_FN(ks, AES_set_encrypt_key, AES_encrypt, NULL);
|
||||
# endif /* AES_CTR_ASM */
|
||||
}
|
||||
ctx->key_set = 1;
|
||||
return 1;
|
||||
}
|
||||
|
||||
static const PROV_GCM_HW aes_gcm = {
|
||||
generic_aes_gcm_initkey,
|
||||
gcm_setiv,
|
||||
gcm_aad_update,
|
||||
gcm_cipher_update,
|
||||
gcm_cipher_final,
|
||||
gcm_one_shot
|
||||
};
|
||||
|
||||
#if defined(S390X_aes_128_CAPABLE)
|
||||
# include "cipher_aes_gcm_hw_s390x.inc"
|
||||
#elif defined(AESNI_CAPABLE)
|
||||
# include "cipher_aes_gcm_hw_aesni.inc"
|
||||
#elif defined(SPARC_AES_CAPABLE)
|
||||
# include "cipher_aes_gcm_hw_t4.inc"
|
||||
#else
|
||||
const PROV_GCM_HW *PROV_AES_HW_gcm(size_t keybits)
|
||||
{
|
||||
return &aes_gcm;
|
||||
}
|
||||
#endif
|
||||
|
|
@ -17,9 +17,8 @@ static int aesni_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key,
|
|||
{
|
||||
PROV_AES_GCM_CTX *actx = (PROV_AES_GCM_CTX *)ctx;
|
||||
AES_KEY *ks = &actx->ks.ks;
|
||||
|
||||
SET_KEY_CTR_FN(ks, aesni_set_encrypt_key, aesni_encrypt,
|
||||
aesni_ctr32_encrypt_blocks);
|
||||
GCM_HW_SET_KEY_CTR_FN(ks, aesni_set_encrypt_key, aesni_encrypt,
|
||||
aesni_ctr32_encrypt_blocks);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
|
@ -34,7 +34,7 @@ static int t4_aes_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key,
|
|||
return 0;
|
||||
}
|
||||
|
||||
SET_KEY_CTR_FN(ks, aes_t4_set_encrypt_key, aes_t4_encrypt, ctr);
|
||||
GCM_HW_SET_KEY_CTR_FN(ks, aes_t4_set_encrypt_key, aes_t4_encrypt, ctr);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
|
@ -7,7 +7,8 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "cipher_aes.h"
|
||||
#include "internal/providercommonerr.h"
|
||||
|
||||
static int cipher_hw_aes_initkey(PROV_CIPHER_CTX *dat,
|
||||
const unsigned char *key, size_t keylen)
|
||||
|
|
|
@ -10,6 +10,8 @@
|
|||
/* Dispatch functions for ccm mode */
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "internal/ciphers/cipher_ccm.h"
|
||||
#include "internal/providercommonerr.h"
|
||||
|
||||
static int ccm_cipher_internal(PROV_CCM_CTX *ctx, unsigned char *out,
|
||||
size_t *padlen, const unsigned char *in,
|
||||
|
|
|
@ -7,58 +7,29 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "internal/ciphers/ciphercommon.h"
|
||||
#include "internal/ciphers/cipher_ccm.h"
|
||||
|
||||
#define AES_CCM_SET_KEY_FN(fn_set_enc_key, fn_blk, fn_ccm_enc, fn_ccm_dec) \
|
||||
fn_set_enc_key(key, keylen * 8, &actx->ccm.ks.ks); \
|
||||
CRYPTO_ccm128_init(&ctx->ccm_ctx, ctx->m, ctx->l, &actx->ccm.ks.ks, \
|
||||
(block128_f)fn_blk); \
|
||||
ctx->str = ctx->enc ? (ccm128_f)fn_ccm_enc : (ccm128_f)fn_ccm_dec; \
|
||||
ctx->key_set = 1;
|
||||
|
||||
static int ccm_generic_aes_initkey(PROV_CCM_CTX *ctx, const unsigned char *key,
|
||||
size_t keylen)
|
||||
{
|
||||
PROV_AES_CCM_CTX *actx = (PROV_AES_CCM_CTX *)ctx;
|
||||
|
||||
#ifdef HWAES_CAPABLE
|
||||
if (HWAES_CAPABLE) {
|
||||
AES_CCM_SET_KEY_FN(HWAES_set_encrypt_key, HWAES_encrypt, NULL, NULL);
|
||||
} else
|
||||
#endif /* HWAES_CAPABLE */
|
||||
#ifdef VPAES_CAPABLE
|
||||
if (VPAES_CAPABLE) {
|
||||
AES_CCM_SET_KEY_FN(vpaes_set_encrypt_key, vpaes_encrypt, NULL, NULL);
|
||||
} else
|
||||
#endif
|
||||
{
|
||||
AES_CCM_SET_KEY_FN(AES_set_encrypt_key, AES_encrypt, NULL, NULL)
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int ccm_generic_setiv(PROV_CCM_CTX *ctx, const unsigned char *nonce,
|
||||
size_t nlen, size_t mlen)
|
||||
int ccm_generic_setiv(PROV_CCM_CTX *ctx, const unsigned char *nonce,
|
||||
size_t nlen, size_t mlen)
|
||||
{
|
||||
return CRYPTO_ccm128_setiv(&ctx->ccm_ctx, nonce, nlen, mlen) == 0;
|
||||
}
|
||||
|
||||
static int ccm_generic_setaad(PROV_CCM_CTX *ctx, const unsigned char *aad,
|
||||
size_t alen)
|
||||
int ccm_generic_setaad(PROV_CCM_CTX *ctx, const unsigned char *aad, size_t alen)
|
||||
{
|
||||
CRYPTO_ccm128_aad(&ctx->ccm_ctx, aad, alen);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int ccm_generic_gettag(PROV_CCM_CTX *ctx, unsigned char *tag,
|
||||
size_t tlen)
|
||||
int ccm_generic_gettag(PROV_CCM_CTX *ctx, unsigned char *tag, size_t tlen)
|
||||
{
|
||||
return CRYPTO_ccm128_tag(&ctx->ccm_ctx, tag, tlen) > 0;
|
||||
}
|
||||
|
||||
static int ccm_generic_auth_encrypt(PROV_CCM_CTX *ctx, const unsigned char *in,
|
||||
unsigned char *out, size_t len,
|
||||
unsigned char *tag, size_t taglen)
|
||||
int ccm_generic_auth_encrypt(PROV_CCM_CTX *ctx, const unsigned char *in,
|
||||
unsigned char *out, size_t len,
|
||||
unsigned char *tag, size_t taglen)
|
||||
{
|
||||
int rv;
|
||||
|
||||
|
@ -73,10 +44,9 @@ static int ccm_generic_auth_encrypt(PROV_CCM_CTX *ctx, const unsigned char *in,
|
|||
return rv;
|
||||
}
|
||||
|
||||
static int ccm_generic_auth_decrypt(PROV_CCM_CTX *ctx, const unsigned char *in,
|
||||
unsigned char *out, size_t len,
|
||||
unsigned char *expected_tag,
|
||||
size_t taglen)
|
||||
int ccm_generic_auth_decrypt(PROV_CCM_CTX *ctx, const unsigned char *in,
|
||||
unsigned char *out, size_t len,
|
||||
unsigned char *expected_tag, size_t taglen)
|
||||
{
|
||||
int rv = 0;
|
||||
|
||||
|
@ -97,25 +67,3 @@ static int ccm_generic_auth_decrypt(PROV_CCM_CTX *ctx, const unsigned char *in,
|
|||
return rv;
|
||||
}
|
||||
|
||||
static const PROV_CCM_HW aes_ccm = {
|
||||
ccm_generic_aes_initkey,
|
||||
ccm_generic_setiv,
|
||||
ccm_generic_setaad,
|
||||
ccm_generic_auth_encrypt,
|
||||
ccm_generic_auth_decrypt,
|
||||
ccm_generic_gettag
|
||||
};
|
||||
#if defined(S390X_aes_128_CAPABLE)
|
||||
# include "cipher_aes_ccm_hw_s390x.inc"
|
||||
#elif defined(AESNI_CAPABLE)
|
||||
# include "cipher_aes_ccm_hw_aesni.inc"
|
||||
#elif defined(SPARC_AES_CAPABLE)
|
||||
# include "cipher_aes_ccm_hw_t4.inc"
|
||||
#else
|
||||
const PROV_CCM_HW *PROV_AES_HW_ccm(size_t keybits)
|
||||
{
|
||||
return &aes_ccm;
|
||||
}
|
||||
#endif
|
||||
|
||||
#include "cipher_aria_ccm_hw.inc"
|
||||
|
|
|
@ -12,12 +12,11 @@
|
|||
*/
|
||||
|
||||
#include "cipher_locl.h"
|
||||
|
||||
#define MAXCHUNK ((size_t)1 << (sizeof(long) * 8 - 2))
|
||||
#define MAXBITCHUNK ((size_t)1 << (sizeof(size_t) * 8 - 4))
|
||||
#include "internal/provider_ctx.h"
|
||||
#include "internal/providercommonerr.h"
|
||||
|
||||
/*-
|
||||
* Default cipher functions for OSSL_PARAM gettables and settables
|
||||
* Generic cipher functions for OSSL_PARAM gettables and settables
|
||||
*/
|
||||
static const OSSL_PARAM cipher_known_gettable_params[] = {
|
||||
OSSL_PARAM_int(OSSL_CIPHER_PARAM_MODE, NULL),
|
||||
|
@ -26,12 +25,12 @@ static const OSSL_PARAM cipher_known_gettable_params[] = {
|
|||
OSSL_PARAM_int(OSSL_CIPHER_PARAM_BLOCK_SIZE, NULL),
|
||||
OSSL_PARAM_END
|
||||
};
|
||||
const OSSL_PARAM *cipher_default_gettable_params(void)
|
||||
const OSSL_PARAM *cipher_generic_gettable_params(void)
|
||||
{
|
||||
return cipher_known_gettable_params;
|
||||
}
|
||||
|
||||
int cipher_default_get_params(OSSL_PARAM params[], int md, unsigned long flags,
|
||||
int cipher_generic_get_params(OSSL_PARAM params[], int md, unsigned long flags,
|
||||
int kbits, int blkbits, int ivbits)
|
||||
{
|
||||
OSSL_PARAM *p;
|
||||
|
@ -64,18 +63,8 @@ int cipher_default_get_params(OSSL_PARAM params[], int md, unsigned long flags,
|
|||
return 1;
|
||||
}
|
||||
|
||||
static const OSSL_PARAM cipher_known_gettable_ctx_params[] = {
|
||||
OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL),
|
||||
OSSL_PARAM_int(OSSL_CIPHER_PARAM_IVLEN, NULL),
|
||||
OSSL_PARAM_int(OSSL_CIPHER_PARAM_PADDING, NULL),
|
||||
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_NUM, NULL),
|
||||
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
|
||||
OSSL_PARAM_END
|
||||
};
|
||||
const OSSL_PARAM *cipher_default_gettable_ctx_params(void)
|
||||
{
|
||||
return cipher_known_gettable_ctx_params;
|
||||
}
|
||||
CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(cipher_generic)
|
||||
CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(cipher_generic)
|
||||
|
||||
static const OSSL_PARAM cipher_known_settable_ctx_params[] = {
|
||||
OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL),
|
||||
|
@ -83,7 +72,7 @@ static const OSSL_PARAM cipher_known_settable_ctx_params[] = {
|
|||
OSSL_PARAM_int(OSSL_CIPHER_PARAM_NUM, NULL),
|
||||
OSSL_PARAM_END
|
||||
};
|
||||
const OSSL_PARAM *cipher_default_settable_ctx_params(void)
|
||||
const OSSL_PARAM *cipher_generic_settable_ctx_params(void)
|
||||
{
|
||||
return cipher_known_settable_ctx_params;
|
||||
}
|
||||
|
@ -125,11 +114,11 @@ static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx,
|
|||
ctx->enc = enc;
|
||||
|
||||
if (iv != NULL && ctx->mode != EVP_CIPH_ECB_MODE) {
|
||||
if (ivlen != GENERIC_BLOCK_SIZE) {
|
||||
if (ivlen != ctx->ivlen) {
|
||||
ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
memcpy(ctx->iv, iv, GENERIC_BLOCK_SIZE);
|
||||
memcpy(ctx->iv, iv, ctx->ivlen);
|
||||
}
|
||||
if (key != NULL) {
|
||||
if (keylen != ctx->keylen) {
|
||||
|
@ -161,34 +150,34 @@ int cipher_generic_block_update(void *vctx, unsigned char *out, size_t *outl,
|
|||
{
|
||||
size_t outlint = 0;
|
||||
PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
|
||||
size_t nextblocks = fillblock(ctx->buf, &ctx->bufsz, GENERIC_BLOCK_SIZE, &in,
|
||||
&inl);
|
||||
size_t blksz = ctx->blocksize;
|
||||
size_t nextblocks = fillblock(ctx->buf, &ctx->bufsz, blksz, &in, &inl);
|
||||
|
||||
/*
|
||||
* If we're decrypting and we end an update on a block boundary we hold
|
||||
* the last block back in case this is the last update call and the last
|
||||
* block is padded.
|
||||
*/
|
||||
if (ctx->bufsz == GENERIC_BLOCK_SIZE && (ctx->enc || inl > 0 || !ctx->pad)) {
|
||||
if (outsize < GENERIC_BLOCK_SIZE) {
|
||||
if (ctx->bufsz == blksz && (ctx->enc || inl > 0 || !ctx->pad)) {
|
||||
if (outsize < blksz) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
|
||||
return 0;
|
||||
}
|
||||
if (!ctx->hw->cipher(ctx, out, ctx->buf, GENERIC_BLOCK_SIZE)) {
|
||||
if (!ctx->hw->cipher(ctx, out, ctx->buf, blksz)) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
|
||||
return 0;
|
||||
}
|
||||
ctx->bufsz = 0;
|
||||
outlint = GENERIC_BLOCK_SIZE;
|
||||
out += GENERIC_BLOCK_SIZE;
|
||||
outlint = blksz;
|
||||
out += blksz;
|
||||
}
|
||||
if (nextblocks > 0) {
|
||||
if (!ctx->enc && ctx->pad && nextblocks == inl) {
|
||||
if (!ossl_assert(inl >= GENERIC_BLOCK_SIZE)) {
|
||||
if (!ossl_assert(inl >= blksz)) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
|
||||
return 0;
|
||||
}
|
||||
nextblocks -= GENERIC_BLOCK_SIZE;
|
||||
nextblocks -= blksz;
|
||||
}
|
||||
outlint += nextblocks;
|
||||
if (outsize < outlint) {
|
||||
|
@ -202,7 +191,7 @@ int cipher_generic_block_update(void *vctx, unsigned char *out, size_t *outl,
|
|||
in += nextblocks;
|
||||
inl -= nextblocks;
|
||||
}
|
||||
if (!trailingdata(ctx->buf, &ctx->bufsz, GENERIC_BLOCK_SIZE, &in, &inl)) {
|
||||
if (!trailingdata(ctx->buf, &ctx->bufsz, blksz, &in, &inl)) {
|
||||
/* ERR_raise already called */
|
||||
return 0;
|
||||
}
|
||||
|
@ -215,33 +204,34 @@ int cipher_generic_block_final(void *vctx, unsigned char *out, size_t *outl,
|
|||
size_t outsize)
|
||||
{
|
||||
PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
|
||||
size_t blksz = ctx->blocksize;
|
||||
|
||||
if (ctx->enc) {
|
||||
if (ctx->pad) {
|
||||
padblock(ctx->buf, &ctx->bufsz, GENERIC_BLOCK_SIZE);
|
||||
padblock(ctx->buf, &ctx->bufsz, blksz);
|
||||
} else if (ctx->bufsz == 0) {
|
||||
*outl = 0;
|
||||
return 1;
|
||||
} else if (ctx->bufsz != GENERIC_BLOCK_SIZE) {
|
||||
} else if (ctx->bufsz != blksz) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_WRONG_FINAL_BLOCK_LENGTH);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (outsize < GENERIC_BLOCK_SIZE) {
|
||||
if (outsize < blksz) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
|
||||
return 0;
|
||||
}
|
||||
if (!ctx->hw->cipher(ctx, out, ctx->buf, GENERIC_BLOCK_SIZE)) {
|
||||
if (!ctx->hw->cipher(ctx, out, ctx->buf, blksz)) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
|
||||
return 0;
|
||||
}
|
||||
ctx->bufsz = 0;
|
||||
*outl = GENERIC_BLOCK_SIZE;
|
||||
*outl = blksz;
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* Decrypting */
|
||||
if (ctx->bufsz != GENERIC_BLOCK_SIZE) {
|
||||
if (ctx->bufsz != blksz) {
|
||||
if (ctx->bufsz == 0 && !ctx->pad) {
|
||||
*outl = 0;
|
||||
return 1;
|
||||
|
@ -250,12 +240,12 @@ int cipher_generic_block_final(void *vctx, unsigned char *out, size_t *outl,
|
|||
return 0;
|
||||
}
|
||||
|
||||
if (!ctx->hw->cipher(ctx, ctx->buf, ctx->buf, GENERIC_BLOCK_SIZE)) {
|
||||
if (!ctx->hw->cipher(ctx, ctx->buf, ctx->buf, blksz)) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (ctx->pad && !unpadblock(ctx->buf, &ctx->bufsz, GENERIC_BLOCK_SIZE)) {
|
||||
if (ctx->pad && !unpadblock(ctx->buf, &ctx->bufsz, blksz)) {
|
||||
/* ERR_raise already called */
|
||||
return 0;
|
||||
}
|
||||
|
@ -322,7 +312,7 @@ int cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[])
|
|||
OSSL_PARAM *p;
|
||||
|
||||
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
|
||||
if (p != NULL && !OSSL_PARAM_set_int(p, GENERIC_BLOCK_SIZE)) {
|
||||
if (p != NULL && !OSSL_PARAM_set_int(p, ctx->ivlen)) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
|
||||
return 0;
|
||||
}
|
||||
|
@ -333,8 +323,8 @@ int cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[])
|
|||
}
|
||||
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV);
|
||||
if (p != NULL
|
||||
&& !OSSL_PARAM_set_octet_ptr(p, &ctx->iv, GENERIC_BLOCK_SIZE)
|
||||
&& !OSSL_PARAM_set_octet_string(p, &ctx->iv, GENERIC_BLOCK_SIZE)) {
|
||||
&& !OSSL_PARAM_set_octet_ptr(p, &ctx->iv, ctx->ivlen)
|
||||
&& !OSSL_PARAM_set_octet_string(p, &ctx->iv, ctx->ivlen)) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
|
||||
return 0;
|
||||
}
|
||||
|
@ -390,14 +380,18 @@ int cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[])
|
|||
return 1;
|
||||
}
|
||||
|
||||
void cipher_generic_initkey(void *vctx, int kbits, int blkbits, int mode,
|
||||
const PROV_CIPHER_HW *hw)
|
||||
void cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits,
|
||||
size_t ivbits, int mode,
|
||||
const PROV_CIPHER_HW *hw, void *provctx)
|
||||
{
|
||||
PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
|
||||
|
||||
ctx->pad = 1;
|
||||
ctx->keylen = ((kbits) / 8);
|
||||
ctx->ivlen = ((ivbits) / 8);
|
||||
ctx->hw = hw;
|
||||
ctx->mode = mode;
|
||||
ctx->blocksize = blkbits/8;
|
||||
ctx->blocksize = blkbits / 8;
|
||||
if (provctx != NULL)
|
||||
ctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); /* used for rand */
|
||||
}
|
||||
|
|
|
@ -9,9 +9,6 @@
|
|||
|
||||
#include "cipher_locl.h"
|
||||
|
||||
#define MAXCHUNK ((size_t)1 << (sizeof(long) * 8 - 2))
|
||||
#define MAXBITCHUNK ((size_t)1 << (sizeof(size_t) * 8 - 4))
|
||||
|
||||
/*-
|
||||
* The generic cipher functions for cipher modes cbc, ecb, ofb, cfb and ctr.
|
||||
* Used if there is no special hardware implementations.
|
||||
|
|
|
@ -10,6 +10,8 @@
|
|||
/* Dispatch functions for gcm mode */
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "internal/ciphers/cipher_gcm.h"
|
||||
#include "internal/providercommonerr.h"
|
||||
#include "internal/rand_int.h"
|
||||
#include "internal/provider_ctx.h"
|
||||
|
||||
|
|
|
@ -8,94 +8,22 @@
|
|||
*/
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "internal/ciphers/cipher_gcm.h"
|
||||
|
||||
static const PROV_GCM_HW aes_gcm;
|
||||
|
||||
static int gcm_setiv(PROV_GCM_CTX *ctx, const unsigned char *iv, size_t ivlen);
|
||||
static int gcm_aad_update(PROV_GCM_CTX *ctx, const unsigned char *aad,
|
||||
size_t aad_len);
|
||||
static int gcm_cipher_final(PROV_GCM_CTX *ctx, unsigned char *tag);
|
||||
static int gcm_one_shot(PROV_GCM_CTX *ctx, unsigned char *aad, size_t aad_len,
|
||||
const unsigned char *in, size_t in_len,
|
||||
unsigned char *out, unsigned char *tag, size_t tag_len);
|
||||
static int gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in,
|
||||
size_t len, unsigned char *out);
|
||||
|
||||
#define SET_KEY_CTR_FN(ks, fn_set_enc_key, fn_block, fn_ctr) \
|
||||
ctx->ks = ks; \
|
||||
fn_set_enc_key(key, keylen * 8, ks); \
|
||||
CRYPTO_gcm128_init(&ctx->gcm, ks, (block128_f)fn_block); \
|
||||
ctx->ctr = (ctr128_f)fn_ctr; \
|
||||
ctx->key_set = 1;
|
||||
|
||||
#if defined(AESNI_CAPABLE)
|
||||
# include "cipher_aes_gcm_hw_aesni.inc"
|
||||
#elif defined(AES_ASM) && (defined(__sparc) || defined(__sparc__))
|
||||
# include "cipher_aes_gcm_hw_t4.inc"
|
||||
#elif defined(OPENSSL_CPUID_OBJ) && defined(__s390__)
|
||||
# include "cipher_aes_gcm_hw_s390x.inc"
|
||||
#else
|
||||
const PROV_GCM_HW *PROV_AES_HW_gcm(size_t keybits)
|
||||
{
|
||||
return &aes_gcm;
|
||||
}
|
||||
#endif
|
||||
|
||||
static int generic_aes_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key,
|
||||
size_t keylen)
|
||||
{
|
||||
PROV_AES_GCM_CTX *actx = (PROV_AES_GCM_CTX *)ctx;
|
||||
AES_KEY *ks = &actx->ks.ks;
|
||||
|
||||
# ifdef HWAES_CAPABLE
|
||||
if (HWAES_CAPABLE) {
|
||||
# ifdef HWAES_ctr32_encrypt_blocks
|
||||
SET_KEY_CTR_FN(ks, HWAES_set_encrypt_key, HWAES_encrypt,
|
||||
HWAES_ctr32_encrypt_blocks);
|
||||
# else
|
||||
SET_KEY_CTR_FN(ks, HWAES_set_encrypt_key, HWAES_encrypt, NULL);
|
||||
# endif /* HWAES_ctr32_encrypt_blocks */
|
||||
} else
|
||||
# endif /* HWAES_CAPABLE */
|
||||
|
||||
# ifdef BSAES_CAPABLE
|
||||
if (BSAES_CAPABLE) {
|
||||
SET_KEY_CTR_FN(ks, AES_set_encrypt_key, AES_encrypt,
|
||||
bsaes_ctr32_encrypt_blocks);
|
||||
} else
|
||||
# endif /* BSAES_CAPABLE */
|
||||
|
||||
# ifdef VPAES_CAPABLE
|
||||
if (VPAES_CAPABLE) {
|
||||
SET_KEY_CTR_FN(ks, vpaes_set_encrypt_key, vpaes_encrypt, NULL);
|
||||
} else
|
||||
# endif /* VPAES_CAPABLE */
|
||||
|
||||
{
|
||||
# ifdef AES_CTR_ASM
|
||||
SET_KEY_CTR_FN(ks, AES_set_encrypt_key, AES_encrypt, AES_ctr32_encrypt);
|
||||
# else
|
||||
SET_KEY_CTR_FN(ks, AES_set_encrypt_key, AES_encrypt, NULL);
|
||||
# endif /* AES_CTR_ASM */
|
||||
}
|
||||
ctx->key_set = 1;
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int gcm_setiv(PROV_GCM_CTX *ctx, const unsigned char *iv, size_t ivlen)
|
||||
int gcm_setiv(PROV_GCM_CTX *ctx, const unsigned char *iv, size_t ivlen)
|
||||
{
|
||||
CRYPTO_gcm128_setiv(&ctx->gcm, iv, ivlen);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int gcm_aad_update(PROV_GCM_CTX *ctx,
|
||||
const unsigned char *aad, size_t aad_len)
|
||||
int gcm_aad_update(PROV_GCM_CTX *ctx, const unsigned char *aad, size_t aad_len)
|
||||
{
|
||||
return CRYPTO_gcm128_aad(&ctx->gcm, aad, aad_len) == 0;
|
||||
}
|
||||
|
||||
static int gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in,
|
||||
size_t len, unsigned char *out)
|
||||
int gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in,
|
||||
size_t len, unsigned char *out)
|
||||
{
|
||||
if (ctx->enc) {
|
||||
if (ctx->ctr != NULL) {
|
||||
|
@ -156,7 +84,7 @@ static int gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in,
|
|||
return 1;
|
||||
}
|
||||
|
||||
static int gcm_cipher_final(PROV_GCM_CTX *ctx, unsigned char *tag)
|
||||
int gcm_cipher_final(PROV_GCM_CTX *ctx, unsigned char *tag)
|
||||
{
|
||||
if (ctx->enc) {
|
||||
CRYPTO_gcm128_tag(&ctx->gcm, tag, GCM_TAG_MAX_SIZE);
|
||||
|
@ -169,9 +97,9 @@ static int gcm_cipher_final(PROV_GCM_CTX *ctx, unsigned char *tag)
|
|||
return 1;
|
||||
}
|
||||
|
||||
static int gcm_one_shot(PROV_GCM_CTX *ctx, unsigned char *aad, size_t aad_len,
|
||||
const unsigned char *in, size_t in_len,
|
||||
unsigned char *out, unsigned char *tag, size_t tag_len)
|
||||
int gcm_one_shot(PROV_GCM_CTX *ctx, unsigned char *aad, size_t aad_len,
|
||||
const unsigned char *in, size_t in_len,
|
||||
unsigned char *out, unsigned char *tag, size_t tag_len)
|
||||
{
|
||||
int ret = 0;
|
||||
|
||||
|
@ -188,14 +116,3 @@ static int gcm_one_shot(PROV_GCM_CTX *ctx, unsigned char *aad, size_t aad_len,
|
|||
err:
|
||||
return ret;
|
||||
}
|
||||
|
||||
static const PROV_GCM_HW aes_gcm = {
|
||||
generic_aes_gcm_initkey,
|
||||
gcm_setiv,
|
||||
gcm_aad_update,
|
||||
gcm_cipher_update,
|
||||
gcm_cipher_final,
|
||||
gcm_one_shot
|
||||
};
|
||||
|
||||
#include "cipher_aria_gcm_hw.inc"
|
||||
|
|
|
@ -7,84 +7,23 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <openssl/opensslconf.h>
|
||||
#include <openssl/params.h>
|
||||
#include <openssl/core_numbers.h>
|
||||
#include <openssl/core_names.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/err.h>
|
||||
#include "internal/cryptlib.h"
|
||||
#include "internal/modes_int.h"
|
||||
#include "internal/provider_algs.h"
|
||||
#include "internal/providercommonerr.h"
|
||||
#include "internal/ciphermode_platform.h"
|
||||
#include "internal/ciphers/ciphercommon.h"
|
||||
|
||||
#define GENERIC_BLOCK_SIZE 16
|
||||
#define IV_STATE_UNINITIALISED 0 /* initial state is not initialized */
|
||||
#define IV_STATE_BUFFERED 1 /* iv has been copied to the iv buffer */
|
||||
#define IV_STATE_COPIED 2 /* iv has been copied from the iv buffer */
|
||||
#define IV_STATE_FINISHED 3 /* the iv has been used - so don't reuse it */
|
||||
#define CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(name) \
|
||||
static const OSSL_PARAM name##_known_gettable_ctx_params[] = { \
|
||||
OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL), \
|
||||
OSSL_PARAM_int(OSSL_CIPHER_PARAM_IVLEN, NULL), \
|
||||
OSSL_PARAM_int(OSSL_CIPHER_PARAM_PADDING, NULL), \
|
||||
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_NUM, NULL), \
|
||||
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
|
||||
|
||||
#define PROV_CIPHER_FUNC(type, name, args) typedef type (* OSSL_##name##_fn)args
|
||||
|
||||
typedef struct prov_cipher_hw_st PROV_CIPHER_HW;
|
||||
typedef struct prov_cipher_ctx_st PROV_CIPHER_CTX;
|
||||
|
||||
typedef int (PROV_CIPHER_HW_FN)(PROV_CIPHER_CTX *dat, unsigned char *out,
|
||||
const unsigned char *in, size_t len);
|
||||
|
||||
struct prov_cipher_ctx_st {
|
||||
block128_f block;
|
||||
union {
|
||||
cbc128_f cbc;
|
||||
ctr128_f ctr;
|
||||
} stream;
|
||||
|
||||
/*
|
||||
* num contains the number of bytes of |iv| which are valid for modes that
|
||||
* manage partial blocks themselves.
|
||||
*/
|
||||
size_t num;
|
||||
|
||||
int mode;
|
||||
int enc; /* Set to 1 for encrypt, or 0 otherwise */
|
||||
size_t bufsz; /* Number of bytes in buf */
|
||||
size_t keylen; /* key size (in bytes) */
|
||||
size_t blocksize;
|
||||
uint64_t flags;
|
||||
unsigned int pad : 1; /* Whether padding should be used or not */
|
||||
|
||||
/* Buffer of partial blocks processed via update calls */
|
||||
unsigned char buf[GENERIC_BLOCK_SIZE];
|
||||
unsigned char iv[GENERIC_BLOCK_SIZE];
|
||||
const PROV_CIPHER_HW *hw; /* hardware specific functions */
|
||||
const void *ks; /* Pointer to algorithm specific key data */
|
||||
};
|
||||
|
||||
struct prov_cipher_hw_st {
|
||||
int (*init)(PROV_CIPHER_CTX *dat, const uint8_t *key, size_t keylen);
|
||||
PROV_CIPHER_HW_FN *cipher;
|
||||
};
|
||||
|
||||
OSSL_OP_cipher_encrypt_init_fn cipher_generic_einit;
|
||||
OSSL_OP_cipher_decrypt_init_fn cipher_generic_dinit;
|
||||
OSSL_OP_cipher_update_fn cipher_generic_block_update;
|
||||
OSSL_OP_cipher_final_fn cipher_generic_block_final;
|
||||
OSSL_OP_cipher_update_fn cipher_generic_stream_update;
|
||||
OSSL_OP_cipher_final_fn cipher_generic_stream_final;
|
||||
OSSL_OP_cipher_cipher_fn cipher_generic_cipher;
|
||||
OSSL_OP_cipher_get_ctx_params_fn cipher_generic_get_ctx_params;
|
||||
OSSL_OP_cipher_set_ctx_params_fn cipher_generic_set_ctx_params;
|
||||
OSSL_OP_cipher_gettable_params_fn cipher_default_gettable_params;
|
||||
OSSL_OP_cipher_gettable_ctx_params_fn cipher_default_gettable_ctx_params;
|
||||
OSSL_OP_cipher_settable_ctx_params_fn cipher_default_settable_ctx_params;
|
||||
OSSL_OP_cipher_gettable_ctx_params_fn cipher_aead_gettable_ctx_params;
|
||||
OSSL_OP_cipher_settable_ctx_params_fn cipher_aead_settable_ctx_params;
|
||||
int cipher_default_get_params(OSSL_PARAM params[], int md, unsigned long flags,
|
||||
int kbits, int blkbits, int ivbits);
|
||||
void cipher_generic_initkey(void *vctx, int kbits, int blkbits, int mode,
|
||||
const PROV_CIPHER_HW *ciph);
|
||||
#define CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(name) \
|
||||
OSSL_PARAM_END \
|
||||
}; \
|
||||
const OSSL_PARAM * name##_gettable_ctx_params(void) \
|
||||
{ \
|
||||
return name##_known_gettable_ctx_params; \
|
||||
}
|
||||
|
||||
size_t fillblock(unsigned char *buf, size_t *buflen, size_t blocksize,
|
||||
const unsigned char **in, size_t *inlen);
|
||||
|
@ -92,102 +31,3 @@ int trailingdata(unsigned char *buf, size_t *buflen, size_t blocksize,
|
|||
const unsigned char **in, size_t *inlen);
|
||||
void padblock(unsigned char *buf, size_t *buflen, size_t blocksize);
|
||||
int unpadblock(unsigned char *buf, size_t *buflen, size_t blocksize);
|
||||
|
||||
#include "cipher_aes.h"
|
||||
#include "cipher_aria.h"
|
||||
#include "cipher_camellia.h"
|
||||
#include "cipher_gcm.h"
|
||||
#include "cipher_ccm.h"
|
||||
|
||||
#define IMPLEMENT_generic_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \
|
||||
blkbits, ivbits, typ) \
|
||||
static OSSL_OP_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \
|
||||
static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \
|
||||
{ \
|
||||
return cipher_default_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, \
|
||||
kbits, blkbits, ivbits); \
|
||||
} \
|
||||
static OSSL_OP_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \
|
||||
static void * alg##_##kbits##_##lcmode##_newctx(void *provctx) \
|
||||
{ \
|
||||
PROV_##UCALG##_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); \
|
||||
if (ctx != NULL) { \
|
||||
cipher_generic_initkey(ctx, kbits, blkbits, EVP_CIPH_##UCMODE##_MODE, \
|
||||
PROV_CIPHER_HW_##alg##_##lcmode(kbits)); \
|
||||
} \
|
||||
return ctx; \
|
||||
} \
|
||||
const OSSL_DISPATCH alg##kbits##lcmode##_functions[] = { \
|
||||
{ OSSL_FUNC_CIPHER_NEWCTX, \
|
||||
(void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \
|
||||
{ OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \
|
||||
{ OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \
|
||||
{ OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))cipher_generic_einit }, \
|
||||
{ OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))cipher_generic_dinit }, \
|
||||
{ OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))cipher_generic_##typ##_update },\
|
||||
{ OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_##typ##_final }, \
|
||||
{ OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))cipher_generic_cipher }, \
|
||||
{ OSSL_FUNC_CIPHER_GET_PARAMS, \
|
||||
(void (*)(void)) alg##_##kbits##_##lcmode##_get_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_generic_get_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_generic_set_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \
|
||||
(void (*)(void))cipher_default_gettable_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_default_gettable_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_default_settable_ctx_params }, \
|
||||
{ 0, NULL } \
|
||||
};
|
||||
|
||||
#define IMPLEMENT_aead_cipher(alg, lc, UCMODE, flags, kbits, blkbits, ivbits) \
|
||||
static OSSL_OP_cipher_get_params_fn alg##_##kbits##_##lc##_get_params; \
|
||||
static int alg##_##kbits##_##lc##_get_params(OSSL_PARAM params[]) \
|
||||
{ \
|
||||
return cipher_default_get_params(params, EVP_CIPH_##UCMODE##_MODE, \
|
||||
flags, kbits, blkbits, ivbits); \
|
||||
} \
|
||||
static OSSL_OP_cipher_newctx_fn alg##kbits##lc##_newctx; \
|
||||
static void * alg##kbits##lc##_newctx(void *provctx) \
|
||||
{ \
|
||||
return alg##_##lc##_newctx(provctx, kbits); \
|
||||
} \
|
||||
const OSSL_DISPATCH alg##kbits##lc##_functions[] = { \
|
||||
{ OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))alg##kbits##lc##_newctx }, \
|
||||
{ OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_##lc##_freectx }, \
|
||||
{ OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void)) lc##_einit }, \
|
||||
{ OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void)) lc##_dinit }, \
|
||||
{ OSSL_FUNC_CIPHER_UPDATE, (void (*)(void)) lc##_stream_update }, \
|
||||
{ OSSL_FUNC_CIPHER_FINAL, (void (*)(void)) lc##_stream_final }, \
|
||||
{ OSSL_FUNC_CIPHER_CIPHER, (void (*)(void)) lc##_cipher }, \
|
||||
{ OSSL_FUNC_CIPHER_GET_PARAMS, \
|
||||
(void (*)(void)) alg##_##kbits##_##lc##_get_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \
|
||||
(void (*)(void)) lc##_get_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \
|
||||
(void (*)(void)) lc##_set_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \
|
||||
(void (*)(void))cipher_default_gettable_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_aead_gettable_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_aead_settable_ctx_params }, \
|
||||
{ 0, NULL } \
|
||||
}
|
||||
|
||||
PROV_CIPHER_HW_FN cipher_hw_generic_cbc;
|
||||
PROV_CIPHER_HW_FN cipher_hw_generic_ecb;
|
||||
PROV_CIPHER_HW_FN cipher_hw_generic_ofb128;
|
||||
PROV_CIPHER_HW_FN cipher_hw_generic_cfb128;
|
||||
PROV_CIPHER_HW_FN cipher_hw_generic_cfb8;
|
||||
PROV_CIPHER_HW_FN cipher_hw_generic_cfb1;
|
||||
PROV_CIPHER_HW_FN cipher_hw_generic_ctr;
|
||||
PROV_CIPHER_HW_FN cipher_hw_chunked_cbc;
|
||||
PROV_CIPHER_HW_FN cipher_hw_chunked_cfb8;
|
||||
PROV_CIPHER_HW_FN cipher_hw_chunked_cfb128;
|
||||
PROV_CIPHER_HW_FN cipher_hw_chunked_ofb128;
|
||||
#define cipher_hw_chunked_ecb cipher_hw_generic_ecb
|
||||
#define cipher_hw_chunked_ctr cipher_hw_generic_ctr
|
||||
#define cipher_hw_chunked_cfb1 cipher_hw_generic_cfb1
|
||||
|
|
116
providers/common/ciphers/cipher_tdes.c
Normal file
116
providers/common/ciphers/cipher_tdes.c
Normal file
|
@ -0,0 +1,116 @@
|
|||
/*
|
||||
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "internal/ciphers/cipher_tdes.h"
|
||||
#include "internal/rand_int.h"
|
||||
#include "internal/provider_algs.h"
|
||||
#include "internal/providercommonerr.h"
|
||||
|
||||
void *tdes_newctx(void *provctx, int mode, size_t kbits, size_t blkbits,
|
||||
size_t ivbits, const PROV_CIPHER_HW *hw)
|
||||
{
|
||||
PROV_TDES_CTX *tctx = OPENSSL_zalloc(sizeof(*tctx));
|
||||
|
||||
if (tctx != NULL)
|
||||
cipher_generic_initkey(tctx, kbits, blkbits, ivbits, mode, hw, provctx);
|
||||
return tctx;
|
||||
}
|
||||
|
||||
void tdes_freectx(void *vctx)
|
||||
{
|
||||
PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
|
||||
|
||||
OPENSSL_clear_free(ctx, sizeof(*ctx));
|
||||
}
|
||||
|
||||
static int tdes_init(void *vctx, const unsigned char *key, size_t keylen,
|
||||
const unsigned char *iv, size_t ivlen, int enc)
|
||||
{
|
||||
PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
|
||||
|
||||
ctx->enc = enc;
|
||||
|
||||
if (iv != NULL) {
|
||||
if (ivlen != TDES_IVLEN) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN);
|
||||
return 0;
|
||||
}
|
||||
memcpy(ctx->iv, iv, TDES_IVLEN);
|
||||
}
|
||||
|
||||
if (key != NULL) {
|
||||
if (keylen != ctx->keylen) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN);
|
||||
return 0;
|
||||
}
|
||||
return ctx->hw->init(ctx, key, ctx->keylen);
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
int tdes_einit(void *vctx, const unsigned char *key, size_t keylen,
|
||||
const unsigned char *iv, size_t ivlen)
|
||||
{
|
||||
return tdes_init(vctx, key, keylen, iv, ivlen, 1);
|
||||
}
|
||||
|
||||
int tdes_dinit(void *vctx, const unsigned char *key, size_t keylen,
|
||||
const unsigned char *iv, size_t ivlen)
|
||||
{
|
||||
return tdes_init(vctx, key, keylen, iv, ivlen, 0);
|
||||
}
|
||||
|
||||
static int tdes_generatekey(PROV_CIPHER_CTX *ctx, void *ptr)
|
||||
{
|
||||
|
||||
DES_cblock *deskey = ptr;
|
||||
size_t kl = ctx->keylen;
|
||||
|
||||
if (kl == 0 || rand_priv_bytes_ex(ctx->libctx, ptr, kl) <= 0)
|
||||
return 0;
|
||||
DES_set_odd_parity(deskey);
|
||||
if (kl >= 16)
|
||||
DES_set_odd_parity(deskey + 1);
|
||||
if (kl >= 24) {
|
||||
DES_set_odd_parity(deskey + 2);
|
||||
return 1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(tdes)
|
||||
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY, NULL, 0),
|
||||
CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(tdes)
|
||||
|
||||
int tdes_get_ctx_params(void *vctx, OSSL_PARAM params[])
|
||||
{
|
||||
PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
|
||||
OSSL_PARAM *p;
|
||||
|
||||
if (!cipher_generic_get_ctx_params(vctx, params))
|
||||
return 0;
|
||||
|
||||
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_RANDOM_KEY);
|
||||
if (p != NULL && !tdes_generatekey(ctx, p->data)) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GENERATE_KEY);
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
/*
|
||||
* TODO(3.0) - ECB mode does not use an IV - but existing test code is setting
|
||||
* an IV. Fixing this could potentially make applications break.
|
||||
*/
|
||||
|
||||
/* tdes_ede3_ecb_functions */
|
||||
IMPLEMENT_tdes_cipher(ede3, EDE3, ecb, ECB, TDES_FLAGS, 64*3, 64, 64, block);
|
||||
/* tdes_ede3_cbc_functions */
|
||||
IMPLEMENT_tdes_cipher(ede3, EDE3, cbc, CBC, TDES_FLAGS, 64*3, 64, 64, block);
|
82
providers/common/ciphers/cipher_tdes_hw.c
Normal file
82
providers/common/ciphers/cipher_tdes_hw.c
Normal file
|
@ -0,0 +1,82 @@
|
|||
/*
|
||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "internal/ciphers/cipher_tdes.h"
|
||||
|
||||
#define ks1 tks.ks[0]
|
||||
#define ks2 tks.ks[1]
|
||||
#define ks3 tks.ks[2]
|
||||
|
||||
int cipher_hw_tdes_ede3_initkey(PROV_CIPHER_CTX *ctx, const unsigned char *key,
|
||||
size_t keylen)
|
||||
{
|
||||
PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx;
|
||||
DES_cblock *deskey = (DES_cblock *)key;
|
||||
|
||||
tctx->tstream.cbc = NULL;
|
||||
# if defined(SPARC_DES_CAPABLE)
|
||||
if (SPARC_DES_CAPABLE) {
|
||||
if (ctx->mode == EVP_CIPH_CBC_MODE) {
|
||||
des_t4_key_expand(&deskey[0], &tctx->ks1);
|
||||
des_t4_key_expand(&deskey[1], &tctx->ks2);
|
||||
des_t4_key_expand(&deskey[2], &tctx->ks3);
|
||||
dat->tstream.cbc = enc ? des_t4_ede3_cbc_encrypt :
|
||||
des_t4_ede3_cbc_decrypt;
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
# endif
|
||||
DES_set_key_unchecked(&deskey[0], &tctx->ks1);
|
||||
DES_set_key_unchecked(&deskey[1], &tctx->ks2);
|
||||
DES_set_key_unchecked(&deskey[2], &tctx->ks3);
|
||||
return 1;
|
||||
}
|
||||
|
||||
int cipher_hw_tdes_cbc(PROV_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t inl)
|
||||
{
|
||||
PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx;
|
||||
|
||||
if (tctx->tstream.cbc != NULL) {
|
||||
(*tctx->tstream.cbc) (in, out, inl, tctx->tks.ks, ctx->iv);
|
||||
return 1;
|
||||
}
|
||||
|
||||
while (inl >= MAXCHUNK) {
|
||||
DES_ede3_cbc_encrypt(in, out, (long)MAXCHUNK, &tctx->ks1, &tctx->ks2,
|
||||
&tctx->ks3, (DES_cblock *)ctx->iv, ctx->enc);
|
||||
inl -= MAXCHUNK;
|
||||
in += MAXCHUNK;
|
||||
out += MAXCHUNK;
|
||||
}
|
||||
if (inl > 0)
|
||||
DES_ede3_cbc_encrypt(in, out, (long)inl, &tctx->ks1, &tctx->ks2,
|
||||
&tctx->ks3, (DES_cblock *)ctx->iv, ctx->enc);
|
||||
return 1;
|
||||
}
|
||||
|
||||
int cipher_hw_tdes_ecb(PROV_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t len)
|
||||
{
|
||||
size_t i;
|
||||
PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx;
|
||||
|
||||
if (len < DES_BLOCK_SIZE)
|
||||
return 1;
|
||||
|
||||
for (i = 0, len -= DES_BLOCK_SIZE; i <= len; i += DES_BLOCK_SIZE) {
|
||||
DES_ecb3_encrypt((const_DES_cblock *)(in + i), (DES_cblock *)(out + i),
|
||||
&tctx->ks1, &tctx->ks2, &tctx->ks3, ctx->enc);
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
PROV_CIPHER_HW_tdes_mode(ede3, ecb)
|
||||
PROV_CIPHER_HW_tdes_mode(ede3, cbc)
|
49
providers/common/include/internal/ciphers/cipher_aead.h
Normal file
49
providers/common/include/internal/ciphers/cipher_aead.h
Normal file
|
@ -0,0 +1,49 @@
|
|||
/*
|
||||
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/* TODO(3.0) Figure out what flags are really needed */
|
||||
#define AEAD_FLAGS (EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1 \
|
||||
| EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
|
||||
| EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
|
||||
| EVP_CIPH_CUSTOM_COPY)
|
||||
|
||||
#define IMPLEMENT_aead_cipher(alg, lc, UCMODE, flags, kbits, blkbits, ivbits) \
|
||||
static OSSL_OP_cipher_get_params_fn alg##_##kbits##_##lc##_get_params; \
|
||||
static int alg##_##kbits##_##lc##_get_params(OSSL_PARAM params[]) \
|
||||
{ \
|
||||
return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \
|
||||
flags, kbits, blkbits, ivbits); \
|
||||
} \
|
||||
static OSSL_OP_cipher_newctx_fn alg##kbits##lc##_newctx; \
|
||||
static void * alg##kbits##lc##_newctx(void *provctx) \
|
||||
{ \
|
||||
return alg##_##lc##_newctx(provctx, kbits); \
|
||||
} \
|
||||
const OSSL_DISPATCH alg##kbits##lc##_functions[] = { \
|
||||
{ OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))alg##kbits##lc##_newctx }, \
|
||||
{ OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_##lc##_freectx }, \
|
||||
{ OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void)) lc##_einit }, \
|
||||
{ OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void)) lc##_dinit }, \
|
||||
{ OSSL_FUNC_CIPHER_UPDATE, (void (*)(void)) lc##_stream_update }, \
|
||||
{ OSSL_FUNC_CIPHER_FINAL, (void (*)(void)) lc##_stream_final }, \
|
||||
{ OSSL_FUNC_CIPHER_CIPHER, (void (*)(void)) lc##_cipher }, \
|
||||
{ OSSL_FUNC_CIPHER_GET_PARAMS, \
|
||||
(void (*)(void)) alg##_##kbits##_##lc##_get_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \
|
||||
(void (*)(void)) lc##_get_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \
|
||||
(void (*)(void)) lc##_set_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \
|
||||
(void (*)(void))cipher_generic_gettable_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_aead_gettable_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_aead_settable_ctx_params }, \
|
||||
{ 0, NULL } \
|
||||
}
|
|
@ -7,6 +7,8 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "cipher_aead.h"
|
||||
|
||||
typedef struct prov_ccm_hw_st PROV_CCM_HW;
|
||||
|
||||
#if defined(OPENSSL_CPUID_OBJ) && defined(__s390__)
|
||||
|
@ -111,20 +113,6 @@ struct prov_ccm_hw_st {
|
|||
|
||||
const PROV_CCM_HW *PROV_AES_HW_ccm(size_t keylen);
|
||||
|
||||
#if !defined(OPENSSL_NO_ARIA) && !defined(FIPS_MODE)
|
||||
# include "internal/aria.h"
|
||||
typedef struct prov_aria_ccm_ctx_st {
|
||||
PROV_CCM_CTX base; /* Must be first */
|
||||
union {
|
||||
OSSL_UNION_ALIGN;
|
||||
ARIA_KEY ks;
|
||||
} ks; /* ARIA key schedule to use */
|
||||
} PROV_ARIA_CCM_CTX;
|
||||
|
||||
const PROV_CCM_HW *PROV_ARIA_HW_ccm(size_t keylen);
|
||||
|
||||
#endif /* !defined(OPENSSL_NO_ARIA) && !defined(FIPS_MODE) */
|
||||
|
||||
OSSL_OP_cipher_encrypt_init_fn ccm_einit;
|
||||
OSSL_OP_cipher_decrypt_init_fn ccm_dinit;
|
||||
OSSL_OP_cipher_get_ctx_params_fn ccm_get_ctx_params;
|
||||
|
@ -134,3 +122,14 @@ OSSL_OP_cipher_final_fn ccm_stream_final;
|
|||
OSSL_OP_cipher_cipher_fn ccm_cipher;
|
||||
void ccm_initctx(PROV_CCM_CTX *ctx, size_t keybits, const PROV_CCM_HW *hw);
|
||||
void ccm_finalctx(PROV_CCM_CTX *ctx);
|
||||
|
||||
int ccm_generic_setiv(PROV_CCM_CTX *ctx, const unsigned char *nonce,
|
||||
size_t nlen, size_t mlen);
|
||||
int ccm_generic_setaad(PROV_CCM_CTX *ctx, const unsigned char *aad, size_t alen);
|
||||
int ccm_generic_gettag(PROV_CCM_CTX *ctx, unsigned char *tag, size_t tlen);
|
||||
int ccm_generic_auth_encrypt(PROV_CCM_CTX *ctx, const unsigned char *in,
|
||||
unsigned char *out, size_t len,
|
||||
unsigned char *tag, size_t taglen);
|
||||
int ccm_generic_auth_decrypt(PROV_CCM_CTX *ctx, const unsigned char *in,
|
||||
unsigned char *out, size_t len,
|
||||
unsigned char *expected_tag, size_t taglen);
|
|
@ -9,6 +9,7 @@
|
|||
*/
|
||||
|
||||
#include <openssl/aes.h>
|
||||
#include "cipher_aead.h"
|
||||
|
||||
typedef struct prov_gcm_hw_st PROV_GCM_HW;
|
||||
|
||||
|
@ -16,12 +17,6 @@ typedef struct prov_gcm_hw_st PROV_GCM_HW;
|
|||
#define GCM_IV_MAX_SIZE 64
|
||||
#define GCM_TAG_MAX_SIZE 16
|
||||
|
||||
/* TODO(3.0) Figure out what flags are really needed */
|
||||
#define AEAD_FLAGS (EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1 \
|
||||
| EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
|
||||
| EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
|
||||
| EVP_CIPH_CUSTOM_COPY)
|
||||
|
||||
#if defined(OPENSSL_CPUID_OBJ) && defined(__s390__)
|
||||
/*-
|
||||
* KMA-GCM-AES parameter block - begin
|
||||
|
@ -137,21 +132,6 @@ struct prov_gcm_hw_st {
|
|||
};
|
||||
const PROV_GCM_HW *PROV_AES_HW_gcm(size_t keybits);
|
||||
|
||||
#if !defined(OPENSSL_NO_ARIA) && !defined(FIPS_MODE)
|
||||
|
||||
#include "internal/aria.h"
|
||||
|
||||
typedef struct prov_aria_gcm_ctx_st {
|
||||
PROV_GCM_CTX base; /* must be first entry in struct */
|
||||
union {
|
||||
OSSL_UNION_ALIGN;
|
||||
ARIA_KEY ks;
|
||||
} ks;
|
||||
} PROV_ARIA_GCM_CTX;
|
||||
const PROV_GCM_HW *PROV_ARIA_HW_gcm(size_t keybits);
|
||||
|
||||
#endif /* !defined(OPENSSL_NO_ARIA) && !defined(FIPS_MODE) */
|
||||
|
||||
OSSL_OP_cipher_encrypt_init_fn gcm_einit;
|
||||
OSSL_OP_cipher_decrypt_init_fn gcm_dinit;
|
||||
OSSL_OP_cipher_get_ctx_params_fn gcm_get_ctx_params;
|
||||
|
@ -163,3 +143,19 @@ void gcm_deinitctx(PROV_GCM_CTX *ctx);
|
|||
void gcm_initctx(void *provctx, PROV_GCM_CTX *ctx, size_t keybits,
|
||||
const PROV_GCM_HW *hw, size_t ivlen_min);
|
||||
|
||||
int gcm_setiv(PROV_GCM_CTX *ctx, const unsigned char *iv, size_t ivlen);
|
||||
int gcm_aad_update(PROV_GCM_CTX *ctx, const unsigned char *aad,
|
||||
size_t aad_len);
|
||||
int gcm_cipher_final(PROV_GCM_CTX *ctx, unsigned char *tag);
|
||||
int gcm_one_shot(PROV_GCM_CTX *ctx, unsigned char *aad, size_t aad_len,
|
||||
const unsigned char *in, size_t in_len,
|
||||
unsigned char *out, unsigned char *tag, size_t tag_len);
|
||||
int gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in,
|
||||
size_t len, unsigned char *out);
|
||||
|
||||
#define GCM_HW_SET_KEY_CTR_FN(ks, fn_set_enc_key, fn_block, fn_ctr) \
|
||||
ctx->ks = ks; \
|
||||
fn_set_enc_key(key, keylen * 8, ks); \
|
||||
CRYPTO_gcm128_init(&ctx->gcm, ks, (block128_f)fn_block); \
|
||||
ctx->ctr = (ctr128_f)fn_ctr; \
|
||||
ctx->key_set = 1;
|
96
providers/common/include/internal/ciphers/cipher_tdes.h
Normal file
96
providers/common/include/internal/ciphers/cipher_tdes.h
Normal file
|
@ -0,0 +1,96 @@
|
|||
/*
|
||||
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <openssl/des.h>
|
||||
#include <openssl/core_numbers.h>
|
||||
|
||||
#define DES_BLOCK_SIZE 8
|
||||
#define TDES_IVLEN 8
|
||||
|
||||
/* TODO(3.0) Figure out what flags need to be here */
|
||||
#define TDES_FLAGS (EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1)
|
||||
|
||||
typedef struct prov_tdes_ctx_st {
|
||||
PROV_CIPHER_CTX base; /* Must be first */
|
||||
union {
|
||||
OSSL_UNION_ALIGN;
|
||||
DES_key_schedule ks[3];
|
||||
} tks;
|
||||
union {
|
||||
void (*cbc) (const void *, void *, size_t,
|
||||
const DES_key_schedule *, unsigned char *);
|
||||
} tstream;
|
||||
|
||||
} PROV_TDES_CTX;
|
||||
|
||||
#define IMPLEMENT_tdes_cipher(type, UCTYPE, lcmode, UCMODE, flags, \
|
||||
kbits, blkbits, ivbits, block) \
|
||||
static OSSL_OP_cipher_newctx_fn tdes_##type##_##lcmode##_newctx; \
|
||||
static void *tdes_##type##_##lcmode##_newctx(void *provctx) \
|
||||
{ \
|
||||
return tdes_newctx(provctx, EVP_CIPH_##UCMODE##_MODE, kbits, blkbits, \
|
||||
ivbits, PROV_CIPHER_HW_tdes_##type##_##lcmode()); \
|
||||
} \
|
||||
static OSSL_OP_cipher_get_params_fn tdes_##type##_##lcmode##_get_params; \
|
||||
static int tdes_##type##_##lcmode##_get_params(OSSL_PARAM params[]) \
|
||||
{ \
|
||||
return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, \
|
||||
kbits, blkbits, ivbits); \
|
||||
} \
|
||||
const OSSL_DISPATCH tdes_##type##_##lcmode##_functions[] = { \
|
||||
{ OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))tdes_einit }, \
|
||||
{ OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))tdes_dinit }, \
|
||||
{ OSSL_FUNC_CIPHER_UPDATE, \
|
||||
(void (*)(void))cipher_generic_##block##_update }, \
|
||||
{ OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_##block##_final },\
|
||||
{ OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))cipher_generic_cipher }, \
|
||||
{ OSSL_FUNC_CIPHER_NEWCTX, \
|
||||
(void (*)(void))tdes_##type##_##lcmode##_newctx }, \
|
||||
{ OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))tdes_freectx }, \
|
||||
{ OSSL_FUNC_CIPHER_GET_PARAMS, \
|
||||
(void (*)(void))tdes_##type##_##lcmode##_get_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \
|
||||
(void (*)(void))cipher_generic_gettable_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (void (*)(void))tdes_get_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \
|
||||
(void (*)(void))tdes_gettable_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_generic_set_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_generic_settable_ctx_params }, \
|
||||
{ 0, NULL } \
|
||||
}
|
||||
|
||||
void *tdes_newctx(void *provctx, int mode, size_t kbits, size_t blkbits,
|
||||
size_t ivbits, const PROV_CIPHER_HW *hw);
|
||||
OSSL_OP_cipher_freectx_fn tdes_freectx;
|
||||
OSSL_OP_cipher_encrypt_init_fn tdes_einit;
|
||||
OSSL_OP_cipher_decrypt_init_fn tdes_dinit;
|
||||
OSSL_OP_cipher_get_ctx_params_fn tdes_get_ctx_params;
|
||||
OSSL_OP_cipher_gettable_ctx_params_fn tdes_gettable_ctx_params;
|
||||
|
||||
#define PROV_CIPHER_HW_tdes_mode(type, mode) \
|
||||
static const PROV_CIPHER_HW type##_##mode = { \
|
||||
cipher_hw_tdes_##type##_initkey, \
|
||||
cipher_hw_tdes_##mode \
|
||||
}; \
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_##type##_##mode(void) \
|
||||
{ \
|
||||
return &type##_##mode; \
|
||||
}
|
||||
|
||||
int cipher_hw_tdes_ede3_initkey(PROV_CIPHER_CTX *ctx, const unsigned char *key,
|
||||
size_t keylen);
|
||||
int cipher_hw_tdes_cbc(PROV_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t inl);
|
||||
int cipher_hw_tdes_ecb(PROV_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t len);
|
||||
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_ede3_cbc(void);
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_ede3_ecb(void);
|
149
providers/common/include/internal/ciphers/ciphercommon.h
Normal file
149
providers/common/include/internal/ciphers/ciphercommon.h
Normal file
|
@ -0,0 +1,149 @@
|
|||
/*
|
||||
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <openssl/params.h>
|
||||
#include <openssl/core_numbers.h>
|
||||
#include <openssl/core_names.h>
|
||||
#include <openssl/evp.h>
|
||||
#include "internal/cryptlib.h"
|
||||
#include "internal/modes_int.h"
|
||||
#include "internal/ciphermode_platform.h"
|
||||
|
||||
#define MAXCHUNK ((size_t)1 << (sizeof(long) * 8 - 2))
|
||||
#define MAXBITCHUNK ((size_t)1 << (sizeof(size_t) * 8 - 4))
|
||||
|
||||
#define GENERIC_BLOCK_SIZE 16
|
||||
#define IV_STATE_UNINITIALISED 0 /* initial state is not initialized */
|
||||
#define IV_STATE_BUFFERED 1 /* iv has been copied to the iv buffer */
|
||||
#define IV_STATE_COPIED 2 /* iv has been copied from the iv buffer */
|
||||
#define IV_STATE_FINISHED 3 /* the iv has been used - so don't reuse it */
|
||||
|
||||
#define PROV_CIPHER_FUNC(type, name, args) typedef type (* OSSL_##name##_fn)args
|
||||
|
||||
typedef struct prov_cipher_hw_st PROV_CIPHER_HW;
|
||||
typedef struct prov_cipher_ctx_st PROV_CIPHER_CTX;
|
||||
|
||||
typedef int (PROV_CIPHER_HW_FN)(PROV_CIPHER_CTX *dat, unsigned char *out,
|
||||
const unsigned char *in, size_t len);
|
||||
|
||||
struct prov_cipher_ctx_st {
|
||||
block128_f block;
|
||||
union {
|
||||
cbc128_f cbc;
|
||||
ctr128_f ctr;
|
||||
} stream;
|
||||
|
||||
/*
|
||||
* num contains the number of bytes of |iv| which are valid for modes that
|
||||
* manage partial blocks themselves.
|
||||
*/
|
||||
size_t num;
|
||||
|
||||
int mode;
|
||||
int enc; /* Set to 1 for encrypt, or 0 otherwise */
|
||||
size_t bufsz; /* Number of bytes in buf */
|
||||
size_t keylen; /* key size (in bytes) */
|
||||
size_t ivlen;
|
||||
size_t blocksize;
|
||||
uint64_t flags;
|
||||
unsigned int pad : 1; /* Whether padding should be used or not */
|
||||
|
||||
/* Buffer of partial blocks processed via update calls */
|
||||
unsigned char buf[GENERIC_BLOCK_SIZE];
|
||||
unsigned char iv[GENERIC_BLOCK_SIZE];
|
||||
const PROV_CIPHER_HW *hw; /* hardware specific functions */
|
||||
const void *ks; /* Pointer to algorithm specific key data */
|
||||
OPENSSL_CTX *libctx;
|
||||
};
|
||||
|
||||
struct prov_cipher_hw_st {
|
||||
int (*init)(PROV_CIPHER_CTX *dat, const uint8_t *key, size_t keylen);
|
||||
PROV_CIPHER_HW_FN *cipher;
|
||||
};
|
||||
|
||||
OSSL_OP_cipher_encrypt_init_fn cipher_generic_einit;
|
||||
OSSL_OP_cipher_decrypt_init_fn cipher_generic_dinit;
|
||||
OSSL_OP_cipher_update_fn cipher_generic_block_update;
|
||||
OSSL_OP_cipher_final_fn cipher_generic_block_final;
|
||||
OSSL_OP_cipher_update_fn cipher_generic_stream_update;
|
||||
OSSL_OP_cipher_final_fn cipher_generic_stream_final;
|
||||
OSSL_OP_cipher_cipher_fn cipher_generic_cipher;
|
||||
OSSL_OP_cipher_get_ctx_params_fn cipher_generic_get_ctx_params;
|
||||
OSSL_OP_cipher_set_ctx_params_fn cipher_generic_set_ctx_params;
|
||||
OSSL_OP_cipher_gettable_params_fn cipher_generic_gettable_params;
|
||||
OSSL_OP_cipher_gettable_ctx_params_fn cipher_generic_gettable_ctx_params;
|
||||
OSSL_OP_cipher_settable_ctx_params_fn cipher_generic_settable_ctx_params;
|
||||
OSSL_OP_cipher_gettable_ctx_params_fn cipher_aead_gettable_ctx_params;
|
||||
OSSL_OP_cipher_settable_ctx_params_fn cipher_aead_settable_ctx_params;
|
||||
int cipher_generic_get_params(OSSL_PARAM params[], int md, unsigned long flags,
|
||||
int kbits, int blkbits, int ivbits);
|
||||
void cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits,
|
||||
size_t ivbits, int mode,
|
||||
const PROV_CIPHER_HW *hw, void *provctx);
|
||||
|
||||
#define IMPLEMENT_generic_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \
|
||||
blkbits, ivbits, typ) \
|
||||
static OSSL_OP_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \
|
||||
static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \
|
||||
{ \
|
||||
return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, \
|
||||
kbits, blkbits, ivbits); \
|
||||
} \
|
||||
static OSSL_OP_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \
|
||||
static void * alg##_##kbits##_##lcmode##_newctx(void *provctx) \
|
||||
{ \
|
||||
PROV_##UCALG##_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); \
|
||||
if (ctx != NULL) { \
|
||||
cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \
|
||||
EVP_CIPH_##UCMODE##_MODE, \
|
||||
PROV_CIPHER_HW_##alg##_##lcmode(kbits), NULL); \
|
||||
} \
|
||||
return ctx; \
|
||||
} \
|
||||
const OSSL_DISPATCH alg##kbits##lcmode##_functions[] = { \
|
||||
{ OSSL_FUNC_CIPHER_NEWCTX, \
|
||||
(void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \
|
||||
{ OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \
|
||||
{ OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \
|
||||
{ OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))cipher_generic_einit }, \
|
||||
{ OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))cipher_generic_dinit }, \
|
||||
{ OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))cipher_generic_##typ##_update },\
|
||||
{ OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_##typ##_final }, \
|
||||
{ OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))cipher_generic_cipher }, \
|
||||
{ OSSL_FUNC_CIPHER_GET_PARAMS, \
|
||||
(void (*)(void)) alg##_##kbits##_##lcmode##_get_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_generic_get_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_generic_set_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \
|
||||
(void (*)(void))cipher_generic_gettable_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_generic_gettable_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_generic_settable_ctx_params }, \
|
||||
{ 0, NULL } \
|
||||
};
|
||||
|
||||
PROV_CIPHER_HW_FN cipher_hw_generic_cbc;
|
||||
PROV_CIPHER_HW_FN cipher_hw_generic_ecb;
|
||||
PROV_CIPHER_HW_FN cipher_hw_generic_ofb128;
|
||||
PROV_CIPHER_HW_FN cipher_hw_generic_cfb128;
|
||||
PROV_CIPHER_HW_FN cipher_hw_generic_cfb8;
|
||||
PROV_CIPHER_HW_FN cipher_hw_generic_cfb1;
|
||||
PROV_CIPHER_HW_FN cipher_hw_generic_ctr;
|
||||
PROV_CIPHER_HW_FN cipher_hw_chunked_cbc;
|
||||
PROV_CIPHER_HW_FN cipher_hw_chunked_cfb8;
|
||||
PROV_CIPHER_HW_FN cipher_hw_chunked_cfb128;
|
||||
PROV_CIPHER_HW_FN cipher_hw_chunked_ofb128;
|
||||
#define cipher_hw_chunked_ecb cipher_hw_generic_ecb
|
||||
#define cipher_hw_chunked_ctr cipher_hw_generic_ctr
|
||||
#define cipher_hw_chunked_cfb1 cipher_hw_generic_cfb1
|
||||
|
||||
|
|
@ -126,6 +126,24 @@ extern const OSSL_DISPATCH kmac256_functions[];
|
|||
extern const OSSL_DISPATCH siphash_functions[];
|
||||
extern const OSSL_DISPATCH poly1305_functions[];
|
||||
|
||||
extern const OSSL_DISPATCH tdes_ede3_ecb_functions[];
|
||||
extern const OSSL_DISPATCH tdes_ede3_cbc_functions[];
|
||||
|
||||
#ifndef FIPS_MODE
|
||||
extern const OSSL_DISPATCH tdes_ede3_ofb_functions[];
|
||||
extern const OSSL_DISPATCH tdes_ede3_cfb_functions[];
|
||||
extern const OSSL_DISPATCH tdes_ede3_cfb8_functions[];
|
||||
extern const OSSL_DISPATCH tdes_ede3_cfb1_functions[];
|
||||
|
||||
extern const OSSL_DISPATCH tdes_ede2_ecb_functions[];
|
||||
extern const OSSL_DISPATCH tdes_ede2_cbc_functions[];
|
||||
extern const OSSL_DISPATCH tdes_ede2_ofb_functions[];
|
||||
extern const OSSL_DISPATCH tdes_ede2_cfb_functions[];
|
||||
|
||||
extern const OSSL_DISPATCH tdes_desx_cbc_functions[];
|
||||
extern const OSSL_DISPATCH tdes_wrap_cbc_functions[];
|
||||
#endif /* FIPS_MODE */
|
||||
|
||||
/* Key management */
|
||||
extern const OSSL_DISPATCH dh_keymgmt_functions[];
|
||||
|
||||
|
|
|
@ -41,7 +41,7 @@ int ERR_load_PROV_strings(void);
|
|||
# define PROV_F_GMAC_SET_PARAMS 0
|
||||
# define PROV_F_KMAC_SET_PARAMS 0
|
||||
# define PROV_F_POLY1305_SET_PARAMS 0
|
||||
# define PROV_F_PROV_AES_CTX_GENERIC_INIT 0
|
||||
# define PROV_F_PROV_AES_KEY_GENERIC_INIT 0
|
||||
# define PROV_F_TRAILINGDATA 0
|
||||
# define PROV_F_UNPADBLOCK 0
|
||||
# endif
|
||||
|
@ -52,6 +52,7 @@ int ERR_load_PROV_strings(void);
|
|||
# define PROV_R_AES_KEY_SETUP_FAILED 101
|
||||
# define PROV_R_BAD_DECRYPT 100
|
||||
# define PROV_R_CIPHER_OPERATION_FAILED 102
|
||||
# define PROV_R_FAILED_TO_GENERATE_KEY 121
|
||||
# define PROV_R_FAILED_TO_GET_PARAMETER 103
|
||||
# define PROV_R_FAILED_TO_SET_PARAMETER 104
|
||||
# define PROV_R_INVALID_AAD 108
|
||||
|
|
|
@ -19,6 +19,8 @@ static const ERR_STRING_DATA PROV_str_reasons[] = {
|
|||
{ERR_PACK(ERR_LIB_PROV, 0, PROV_R_BAD_DECRYPT), "bad decrypt"},
|
||||
{ERR_PACK(ERR_LIB_PROV, 0, PROV_R_CIPHER_OPERATION_FAILED),
|
||||
"cipher operation failed"},
|
||||
{ERR_PACK(ERR_LIB_PROV, 0, PROV_R_FAILED_TO_GENERATE_KEY),
|
||||
"failed to generate key"},
|
||||
{ERR_PACK(ERR_LIB_PROV, 0, PROV_R_FAILED_TO_GET_PARAMETER),
|
||||
"failed to get parameter"},
|
||||
{ERR_PACK(ERR_LIB_PROV, 0, PROV_R_FAILED_TO_SET_PARAMETER),
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
SUBDIRS=digests macs
|
||||
SUBDIRS=digests macs ciphers
|
||||
LIBS=../../libcrypto
|
||||
SOURCE[../../libcrypto]=\
|
||||
defltprov.c
|
||||
|
|
22
providers/default/ciphers/build.info
Normal file
22
providers/default/ciphers/build.info
Normal file
|
@ -0,0 +1,22 @@
|
|||
LIBS=../../../libcrypto
|
||||
|
||||
IF[{- !$disabled{des} -}]
|
||||
SOURCE[../../../libcrypto]=\
|
||||
cipher_tdes_default.c cipher_tdes_default_hw.c \
|
||||
cipher_tdes_wrap.c cipher_tdes_wrap_hw.c \
|
||||
cipher_desx.c cipher_desx_hw.c
|
||||
ENDIF
|
||||
|
||||
IF[{- !$disabled{aria} -}]
|
||||
SOURCE[../../../libcrypto]=\
|
||||
cipher_aria.c cipher_aria_hw.c \
|
||||
cipher_aria_gcm.c cipher_aria_gcm_hw.c \
|
||||
cipher_aria_ccm.c cipher_aria_ccm_hw.c
|
||||
ENDIF
|
||||
|
||||
IF[{- !$disabled{camellia} -}]
|
||||
SOURCE[../../../libcrypto]=\
|
||||
cipher_camellia.c cipher_camellia_hw.c
|
||||
ENDIF
|
||||
|
||||
INCLUDE[../../../libcrypto]=. ../../../crypto
|
|
@ -9,7 +9,8 @@
|
|||
|
||||
/* Dispatch functions for ARIA cipher modes ecb, cbc, ofb, cfb, ctr */
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "cipher_aria.h"
|
||||
#include "internal/provider_algs.h"
|
||||
|
||||
static OSSL_OP_cipher_freectx_fn aria_freectx;
|
||||
static OSSL_OP_cipher_dupctx_fn aria_dupctx;
|
|
@ -7,8 +7,8 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#if !defined(OPENSSL_NO_ARIA)
|
||||
# include "internal/aria.h"
|
||||
#include "internal/aria.h"
|
||||
#include "internal/ciphers/ciphercommon.h"
|
||||
|
||||
typedef struct prov_aria_ctx_st {
|
||||
PROV_CIPHER_CTX base; /* Must be first */
|
||||
|
@ -18,6 +18,7 @@ typedef struct prov_aria_ctx_st {
|
|||
} ks;
|
||||
} PROV_ARIA_CTX;
|
||||
|
||||
|
||||
# define PROV_CIPHER_HW_aria_ofb PROV_CIPHER_HW_aria_ofb128
|
||||
# define PROV_CIPHER_HW_aria_cfb PROV_CIPHER_HW_aria_cfb128
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_aria_ecb(size_t keybits);
|
||||
|
@ -27,5 +28,3 @@ const PROV_CIPHER_HW *PROV_CIPHER_HW_aria_cfb128(size_t keybits);
|
|||
const PROV_CIPHER_HW *PROV_CIPHER_HW_aria_cfb1(size_t keybits);
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_aria_cfb8(size_t keybits);
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_aria_ctr(size_t keybits);
|
||||
|
||||
#endif /* OPENSSL_NO_ARIA */
|
|
@ -9,7 +9,10 @@
|
|||
|
||||
/* Dispatch functions for ARIA CCM mode */
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "cipher_aria_ccm.h"
|
||||
#include "internal/provider_algs.h"
|
||||
|
||||
static OSSL_OP_cipher_freectx_fn aria_ccm_freectx;
|
||||
|
||||
static void *aria_ccm_newctx(void *provctx, size_t keybits)
|
||||
{
|
||||
|
@ -20,7 +23,6 @@ static void *aria_ccm_newctx(void *provctx, size_t keybits)
|
|||
return ctx;
|
||||
}
|
||||
|
||||
static OSSL_OP_cipher_freectx_fn aria_ccm_freectx;
|
||||
static void aria_ccm_freectx(void *vctx)
|
||||
{
|
||||
PROV_ARIA_CCM_CTX *ctx = (PROV_ARIA_CCM_CTX *)vctx;
|
22
providers/default/ciphers/cipher_aria_ccm.h
Normal file
22
providers/default/ciphers/cipher_aria_ccm.h
Normal file
|
@ -0,0 +1,22 @@
|
|||
/*
|
||||
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "internal/aria.h"
|
||||
#include "internal/ciphers/ciphercommon.h"
|
||||
#include "internal/ciphers/cipher_ccm.h"
|
||||
|
||||
typedef struct prov_aria_ccm_ctx_st {
|
||||
PROV_CCM_CTX base; /* Must be first */
|
||||
union {
|
||||
OSSL_UNION_ALIGN;
|
||||
ARIA_KEY ks;
|
||||
} ks; /* ARIA key schedule to use */
|
||||
} PROV_ARIA_CCM_CTX;
|
||||
|
||||
const PROV_CCM_HW *PROV_ARIA_HW_ccm(size_t keylen);
|
|
@ -9,10 +9,9 @@
|
|||
|
||||
/*-
|
||||
* Generic support for ARIA CCM.
|
||||
* This file is included by cipher_ccm_hw.c
|
||||
*/
|
||||
|
||||
#if !defined(OPENSSL_NO_ARIA) && !defined(FIPS_MODE)
|
||||
#include "cipher_aria_ccm.h"
|
||||
|
||||
static int ccm_aria_initkey(PROV_CCM_CTX *ctx,
|
||||
const unsigned char *key, size_t keylen)
|
||||
|
@ -39,4 +38,3 @@ const PROV_CCM_HW *PROV_ARIA_HW_ccm(size_t keybits)
|
|||
{
|
||||
return &ccm_aria;
|
||||
}
|
||||
#endif /* OPENSSL_NO_ARIA */
|
|
@ -9,7 +9,8 @@
|
|||
|
||||
/* Dispatch functions for ARIA GCM mode */
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "cipher_aria_gcm.h"
|
||||
#include "internal/provider_algs.h"
|
||||
|
||||
static void *aria_gcm_newctx(void *provctx, size_t keybits)
|
||||
{
|
22
providers/default/ciphers/cipher_aria_gcm.h
Normal file
22
providers/default/ciphers/cipher_aria_gcm.h
Normal file
|
@ -0,0 +1,22 @@
|
|||
/*
|
||||
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "internal/aria.h"
|
||||
#include "internal/ciphers/ciphercommon.h"
|
||||
#include "internal/ciphers/cipher_gcm.h"
|
||||
|
||||
typedef struct prov_aria_gcm_ctx_st {
|
||||
PROV_GCM_CTX base; /* must be first entry in struct */
|
||||
union {
|
||||
OSSL_UNION_ALIGN;
|
||||
ARIA_KEY ks;
|
||||
} ks;
|
||||
} PROV_ARIA_GCM_CTX;
|
||||
|
||||
const PROV_GCM_HW *PROV_ARIA_HW_gcm(size_t keybits);
|
|
@ -9,10 +9,9 @@
|
|||
|
||||
/*-
|
||||
* Generic support for ARIA GCM.
|
||||
* This file is included by cipher_gcm_hw.c
|
||||
*/
|
||||
|
||||
#if !defined(OPENSSL_NO_ARIA) && !defined(FIPS_MODE)
|
||||
#include "cipher_aria_gcm.h"
|
||||
|
||||
static int aria_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key,
|
||||
size_t keylen)
|
||||
|
@ -20,7 +19,7 @@ static int aria_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key,
|
|||
PROV_ARIA_GCM_CTX *actx = (PROV_ARIA_GCM_CTX *)ctx;
|
||||
ARIA_KEY *ks = &actx->ks.ks;
|
||||
|
||||
SET_KEY_CTR_FN(ks, aria_set_encrypt_key, aria_encrypt, NULL);
|
||||
GCM_HW_SET_KEY_CTR_FN(ks, aria_set_encrypt_key, aria_encrypt, NULL);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -49,5 +48,3 @@ const PROV_GCM_HW *PROV_ARIA_HW_gcm(size_t keybits)
|
|||
{
|
||||
return &aria_gcm;
|
||||
}
|
||||
|
||||
#endif /* !defined(OPENSSL_NO_ARIA) && !defined(FIPS_MODE) */
|
|
@ -7,7 +7,7 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "cipher_aria.h"
|
||||
|
||||
static int cipher_hw_aria_initkey(PROV_CIPHER_CTX *dat,
|
||||
const unsigned char *key, size_t keylen)
|
|
@ -9,9 +9,9 @@
|
|||
|
||||
/* Dispatch functions for CAMELLIA cipher modes ecb, cbc, ofb, cfb, ctr */
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "cipher_camellia.h"
|
||||
#include "internal/provider_algs.h"
|
||||
|
||||
#if !defined(OPENSSL_NO_CAMELLIA)
|
||||
static OSSL_OP_cipher_freectx_fn camellia_freectx;
|
||||
static OSSL_OP_cipher_dupctx_fn camellia_dupctx;
|
||||
|
||||
|
@ -79,4 +79,3 @@ IMPLEMENT_generic_cipher(camellia, CAMELLIA, ctr, CTR, 0, 192, 8, 128, stream)
|
|||
/* camellia128ctr_functions */
|
||||
IMPLEMENT_generic_cipher(camellia, CAMELLIA, ctr, CTR, 0, 128, 8, 128, stream)
|
||||
|
||||
#endif /* OPENSSL_NO_CAMELLIA */
|
|
@ -7,9 +7,8 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef OPENSSL_NO_CAMELLIA
|
||||
|
||||
# include <openssl/camellia.h>
|
||||
#include "openssl/camellia.h"
|
||||
#include "internal/ciphers/ciphercommon.h"
|
||||
|
||||
typedef struct prov_camellia_ctx_st {
|
||||
PROV_CIPHER_CTX base; /* Must be first */
|
||||
|
@ -19,8 +18,8 @@ typedef struct prov_camellia_ctx_st {
|
|||
} ks;
|
||||
} PROV_CAMELLIA_CTX;
|
||||
|
||||
# define PROV_CIPHER_HW_camellia_ofb PROV_CIPHER_HW_camellia_ofb128
|
||||
# define PROV_CIPHER_HW_camellia_cfb PROV_CIPHER_HW_camellia_cfb128
|
||||
#define PROV_CIPHER_HW_camellia_ofb PROV_CIPHER_HW_camellia_ofb128
|
||||
#define PROV_CIPHER_HW_camellia_cfb PROV_CIPHER_HW_camellia_cfb128
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_camellia_ecb(size_t keybits);
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_camellia_cbc(size_t keybits);
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_camellia_ofb128(size_t keybits);
|
||||
|
@ -28,5 +27,3 @@ const PROV_CIPHER_HW *PROV_CIPHER_HW_camellia_cfb128(size_t keybits);
|
|||
const PROV_CIPHER_HW *PROV_CIPHER_HW_camellia_cfb1(size_t keybits);
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_camellia_cfb8(size_t keybits);
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_camellia_ctr(size_t keybits);
|
||||
|
||||
#endif /* OPENSSL_NO_CAMELLIA */
|
|
@ -7,9 +7,9 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "cipher_locl.h"
|
||||
#include "cipher_camellia.h"
|
||||
#include <openssl/camellia.h>
|
||||
|
||||
#if !defined(OPENSSL_NO_CAMELLIA)
|
||||
static int cipher_hw_camellia_initkey(PROV_CIPHER_CTX *dat,
|
||||
const unsigned char *key, size_t keylen)
|
||||
{
|
||||
|
@ -62,4 +62,3 @@ PROV_CIPHER_HW_camellia_mode(cfb128)
|
|||
PROV_CIPHER_HW_camellia_mode(cfb1)
|
||||
PROV_CIPHER_HW_camellia_mode(cfb8)
|
||||
PROV_CIPHER_HW_camellia_mode(ctr)
|
||||
#endif /* OPENSSL_NO_CAMELLIA */
|
15
providers/default/ciphers/cipher_desx.c
Normal file
15
providers/default/ciphers/cipher_desx.c
Normal file
|
@ -0,0 +1,15 @@
|
|||
/*
|
||||
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "cipher_tdes_default.h"
|
||||
#include "internal/provider_algs.h"
|
||||
|
||||
/* desx_cbc_functions */
|
||||
IMPLEMENT_tdes_cipher(desx, DESX, cbc, CBC, TDES_FLAGS, 64*3, 64, 64, block);
|
||||
|
62
providers/default/ciphers/cipher_desx_hw.c
Normal file
62
providers/default/ciphers/cipher_desx_hw.c
Normal file
|
@ -0,0 +1,62 @@
|
|||
/*
|
||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <openssl/des.h>
|
||||
#include "cipher_tdes_default.h"
|
||||
|
||||
/*
|
||||
* Note the PROV_TDES_CTX has been used for the DESX cipher, just to reduce
|
||||
* code size.
|
||||
*/
|
||||
#define ks1 tks.ks[0]
|
||||
#define ks2 tks.ks[1].ks[0].cblock
|
||||
#define ks3 tks.ks[2].ks[0].cblock
|
||||
|
||||
static int cipher_hw_desx_cbc_initkey(PROV_CIPHER_CTX *ctx,
|
||||
const unsigned char *key, size_t keylen)
|
||||
{
|
||||
PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx;
|
||||
DES_cblock *deskey = (DES_cblock *)key;
|
||||
|
||||
DES_set_key_unchecked(deskey, &tctx->ks1);
|
||||
memcpy(&tctx->ks2, &key[8], 8);
|
||||
memcpy(&tctx->ks3, &key[16], 8);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int cipher_hw_desx_cbc(PROV_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t inl)
|
||||
{
|
||||
PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx;
|
||||
|
||||
while (inl >= MAXCHUNK) {
|
||||
DES_xcbc_encrypt(in, out, (long)MAXCHUNK, &tctx->ks1,
|
||||
(DES_cblock *)ctx->iv, &tctx->ks2, &tctx->ks3,
|
||||
ctx->enc);
|
||||
inl -= MAXCHUNK;
|
||||
in += MAXCHUNK;
|
||||
out += MAXCHUNK;
|
||||
}
|
||||
if (inl > 0)
|
||||
DES_xcbc_encrypt(in, out, (long)inl, &tctx->ks1,
|
||||
(DES_cblock *)ctx->iv, &tctx->ks2, &tctx->ks3,
|
||||
ctx->enc);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static const PROV_CIPHER_HW desx_cbc =
|
||||
{
|
||||
cipher_hw_desx_cbc_initkey,
|
||||
cipher_hw_desx_cbc
|
||||
};
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_desx_cbc(void)
|
||||
{
|
||||
return &desx_cbc;
|
||||
}
|
29
providers/default/ciphers/cipher_tdes_default.c
Normal file
29
providers/default/ciphers/cipher_tdes_default.c
Normal file
|
@ -0,0 +1,29 @@
|
|||
/*
|
||||
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "cipher_tdes_default.h"
|
||||
#include "internal/provider_algs.h"
|
||||
|
||||
/* tdes_ede3_ofb_functions */
|
||||
IMPLEMENT_tdes_cipher(ede3, EDE3, ofb, OFB, TDES_FLAGS, 64*3, 8, 64, stream);
|
||||
/* tdes_ede3_cfb_functions */
|
||||
IMPLEMENT_tdes_cipher(ede3, EDE3, cfb, CFB, TDES_FLAGS, 64*3, 8, 64, stream);
|
||||
/* tdes_ede3_cfb1_functions */
|
||||
IMPLEMENT_tdes_cipher(ede3, EDE3, cfb1, CFB, TDES_FLAGS, 64*3, 8, 64, stream);
|
||||
/* tdes_ede3_cfb8_functions */
|
||||
IMPLEMENT_tdes_cipher(ede3, EDE3, cfb8, CFB, TDES_FLAGS, 64*3, 8, 64, stream);
|
||||
|
||||
/* tdes_ede2_ecb_functions */
|
||||
IMPLEMENT_tdes_cipher(ede2, EDE2, ecb, ECB, TDES_FLAGS, 64*2, 64, 64, block);
|
||||
/* tdes_ede2_cbc_functions */
|
||||
IMPLEMENT_tdes_cipher(ede2, EDE2, cbc, CBC, TDES_FLAGS, 64*2, 64, 64, block);
|
||||
/* tdes_ede2_ofb_functions */
|
||||
IMPLEMENT_tdes_cipher(ede2, EDE2, ofb, OFB, TDES_FLAGS, 64*2, 8, 64, stream);
|
||||
/* tdes_ede2_cfb_functions */
|
||||
IMPLEMENT_tdes_cipher(ede2, EDE2, cfb, CFB, TDES_FLAGS, 64*2, 8, 64, stream);
|
25
providers/default/ciphers/cipher_tdes_default.h
Normal file
25
providers/default/ciphers/cipher_tdes_default.h
Normal file
|
@ -0,0 +1,25 @@
|
|||
/*
|
||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "internal/ciphers/ciphercommon.h"
|
||||
#include "internal/ciphers/cipher_tdes.h"
|
||||
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_ede3_ofb(void);
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_ede3_cfb(void);
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_ede3_cfb1(void);
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_ede3_cfb8(void);
|
||||
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_ede2_cbc(void);
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_ede2_ecb(void);
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_ede2_ofb(void);
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_ede2_cfb(void);
|
||||
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_desx_cbc(void);
|
||||
|
||||
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_wrap_cbc(void);
|
140
providers/default/ciphers/cipher_tdes_default_hw.c
Normal file
140
providers/default/ciphers/cipher_tdes_default_hw.c
Normal file
|
@ -0,0 +1,140 @@
|
|||
/*
|
||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "cipher_tdes_default.h"
|
||||
|
||||
#define ks1 tks.ks[0]
|
||||
#define ks2 tks.ks[1]
|
||||
#define ks3 tks.ks[2]
|
||||
|
||||
static int cipher_hw_tdes_ede2_initkey(PROV_CIPHER_CTX *ctx,
|
||||
const unsigned char *key, size_t keylen)
|
||||
{
|
||||
PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx;
|
||||
DES_cblock *deskey = (DES_cblock *)key;
|
||||
|
||||
tctx->tstream.cbc = NULL;
|
||||
# if defined(SPARC_DES_CAPABLE)
|
||||
if (SPARC_DES_CAPABLE) {
|
||||
if (ctx->mode == EVP_CIPH_CBC_MODE) {
|
||||
des_t4_key_expand(&deskey[0], &tctx->ks1);
|
||||
des_t4_key_expand(&deskey[1], &tctx->ks2);
|
||||
memcpy(&tctx->ks3, &tctx->ks1, sizeof(tctx->ks1));
|
||||
tctx->tstream.cbc = ctx->enc ? des_t4_ede3_cbc_encrypt :
|
||||
des_t4_ede3_cbc_decrypt;
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
# endif
|
||||
DES_set_key_unchecked(&deskey[0], &tctx->ks1);
|
||||
DES_set_key_unchecked(&deskey[1], &tctx->ks2);
|
||||
memcpy(&tctx->ks3, &tctx->ks1, sizeof(tctx->ks1));
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int cipher_hw_tdes_ofb(PROV_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t inl)
|
||||
{
|
||||
PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx;
|
||||
int num = ctx->num;
|
||||
|
||||
while (inl >= MAXCHUNK) {
|
||||
DES_ede3_ofb64_encrypt(in, out, (long)MAXCHUNK, &tctx->ks1, &tctx->ks2,
|
||||
&tctx->ks3, (DES_cblock *)ctx->iv, &num);
|
||||
inl -= MAXCHUNK;
|
||||
in += MAXCHUNK;
|
||||
out += MAXCHUNK;
|
||||
}
|
||||
if (inl > 0) {
|
||||
DES_ede3_ofb64_encrypt(in, out, (long)inl, &tctx->ks1, &tctx->ks2,
|
||||
&tctx->ks3, (DES_cblock *)ctx->iv, &num);
|
||||
}
|
||||
ctx->num = num;
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int cipher_hw_tdes_cfb(PROV_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t inl)
|
||||
{
|
||||
PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx;
|
||||
int num = ctx->num;
|
||||
|
||||
while (inl >= MAXCHUNK) {
|
||||
|
||||
DES_ede3_cfb64_encrypt(in, out, (long)MAXCHUNK,
|
||||
&tctx->ks1, &tctx->ks2, &tctx->ks3,
|
||||
(DES_cblock *)ctx->iv, &num, ctx->enc);
|
||||
inl -= MAXCHUNK;
|
||||
in += MAXCHUNK;
|
||||
out += MAXCHUNK;
|
||||
}
|
||||
if (inl > 0) {
|
||||
DES_ede3_cfb64_encrypt(in, out, (long)inl,
|
||||
&tctx->ks1, &tctx->ks2, &tctx->ks3,
|
||||
(DES_cblock *)ctx->iv, &num, ctx->enc);
|
||||
}
|
||||
ctx->num = num;
|
||||
return 1;
|
||||
}
|
||||
|
||||
/*
|
||||
* Although we have a CFB-r implementation for 3-DES, it doesn't pack the
|
||||
* right way, so wrap it here
|
||||
*/
|
||||
static int cipher_hw_tdes_cfb1(PROV_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t inl)
|
||||
{
|
||||
PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx;
|
||||
size_t n;
|
||||
unsigned char c[1], d[1];
|
||||
|
||||
if ((ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) == 0)
|
||||
inl *= 8;
|
||||
for (n = 0; n < inl; ++n) {
|
||||
c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
|
||||
DES_ede3_cfb_encrypt(c, d, 1, 1,
|
||||
&tctx->ks1, &tctx->ks2, &tctx->ks3,
|
||||
(DES_cblock *)ctx->iv, ctx->enc);
|
||||
out[n / 8] = (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8)))
|
||||
| ((d[0] & 0x80) >> (unsigned int)(n % 8));
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int cipher_hw_tdes_cfb8(PROV_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t inl)
|
||||
{
|
||||
PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx;
|
||||
|
||||
while (inl >= MAXCHUNK) {
|
||||
DES_ede3_cfb_encrypt(in, out, 8, (long)MAXCHUNK,
|
||||
&tctx->ks1, &tctx->ks2, &tctx->ks3,
|
||||
(DES_cblock *)ctx->iv, ctx->enc);
|
||||
inl -= MAXCHUNK;
|
||||
in += MAXCHUNK;
|
||||
out += MAXCHUNK;
|
||||
}
|
||||
if (inl > 0)
|
||||
DES_ede3_cfb_encrypt(in, out, 8, (long)inl,
|
||||
&tctx->ks1, &tctx->ks2, &tctx->ks3,
|
||||
(DES_cblock *)ctx->iv, ctx->enc);
|
||||
return 1;
|
||||
}
|
||||
|
||||
PROV_CIPHER_HW_tdes_mode(ede3, ofb)
|
||||
PROV_CIPHER_HW_tdes_mode(ede3, cfb)
|
||||
PROV_CIPHER_HW_tdes_mode(ede3, cfb1)
|
||||
PROV_CIPHER_HW_tdes_mode(ede3, cfb8)
|
||||
|
||||
PROV_CIPHER_HW_tdes_mode(ede2, ecb)
|
||||
PROV_CIPHER_HW_tdes_mode(ede2, cbc)
|
||||
PROV_CIPHER_HW_tdes_mode(ede2, ofb)
|
||||
PROV_CIPHER_HW_tdes_mode(ede2, cfb)
|
||||
|
199
providers/default/ciphers/cipher_tdes_wrap.c
Normal file
199
providers/default/ciphers/cipher_tdes_wrap.c
Normal file
|
@ -0,0 +1,199 @@
|
|||
/*
|
||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <openssl/sha.h>
|
||||
#include "cipher_tdes_default.h"
|
||||
#include "internal/evp_int.h"
|
||||
#include "internal/rand_int.h"
|
||||
#include "internal/provider_algs.h"
|
||||
#include "internal/providercommonerr.h"
|
||||
|
||||
/* TODO (3.0) Figure out what flags are requred */
|
||||
#define TDES_WRAP_FLAGS (EVP_CIPH_WRAP_MODE | EVP_CIPH_CUSTOM_IV \
|
||||
| EVP_CIPH_FLAG_CUSTOM_CIPHER \
|
||||
| EVP_CIPH_FLAG_DEFAULT_ASN1)
|
||||
|
||||
|
||||
static OSSL_OP_cipher_update_fn tdes_wrap_update;
|
||||
static OSSL_OP_cipher_cipher_fn tdes_wrap_cipher;
|
||||
|
||||
static const unsigned char wrap_iv[8] =
|
||||
{
|
||||
0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05
|
||||
};
|
||||
|
||||
static int des_ede3_unwrap(PROV_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t inl)
|
||||
{
|
||||
unsigned char icv[8], iv[TDES_IVLEN], sha1tmp[SHA_DIGEST_LENGTH];
|
||||
int rv = -1;
|
||||
|
||||
if (inl < 24)
|
||||
return -1;
|
||||
if (out == NULL)
|
||||
return inl - 16;
|
||||
|
||||
memcpy(ctx->iv, wrap_iv, 8);
|
||||
/* Decrypt first block which will end up as icv */
|
||||
ctx->hw->cipher(ctx, icv, in, 8);
|
||||
/* Decrypt central blocks */
|
||||
/*
|
||||
* If decrypting in place move whole output along a block so the next
|
||||
* des_ede_cbc_cipher is in place.
|
||||
*/
|
||||
if (out == in) {
|
||||
memmove(out, out + 8, inl - 8);
|
||||
in -= 8;
|
||||
}
|
||||
ctx->hw->cipher(ctx, out, in + 8, inl - 16);
|
||||
/* Decrypt final block which will be IV */
|
||||
ctx->hw->cipher(ctx, iv, in + inl - 8, 8);
|
||||
/* Reverse order of everything */
|
||||
BUF_reverse(icv, NULL, 8);
|
||||
BUF_reverse(out, NULL, inl - 16);
|
||||
BUF_reverse(ctx->iv, iv, 8);
|
||||
/* Decrypt again using new IV */
|
||||
ctx->hw->cipher(ctx, out, out, inl - 16);
|
||||
ctx->hw->cipher(ctx, icv, icv, 8);
|
||||
/* Work out SHA1 hash of first portion */
|
||||
SHA1(out, inl - 16, sha1tmp);
|
||||
|
||||
if (!CRYPTO_memcmp(sha1tmp, icv, 8))
|
||||
rv = inl - 16;
|
||||
OPENSSL_cleanse(icv, 8);
|
||||
OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH);
|
||||
OPENSSL_cleanse(iv, 8);
|
||||
OPENSSL_cleanse(ctx->iv, sizeof(ctx->iv));
|
||||
if (rv == -1)
|
||||
OPENSSL_cleanse(out, inl - 16);
|
||||
|
||||
return rv;
|
||||
}
|
||||
|
||||
static int des_ede3_wrap(PROV_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t inl)
|
||||
{
|
||||
unsigned char sha1tmp[SHA_DIGEST_LENGTH];
|
||||
size_t ivlen = TDES_IVLEN;
|
||||
size_t icvlen = TDES_IVLEN;
|
||||
size_t len = inl + ivlen + icvlen;
|
||||
|
||||
if (out == NULL)
|
||||
return len;
|
||||
|
||||
/* Copy input to output buffer + 8 so we have space for IV */
|
||||
memmove(out + ivlen, in, inl);
|
||||
/* Work out ICV */
|
||||
SHA1(in, inl, sha1tmp);
|
||||
memcpy(out + inl + ivlen, sha1tmp, icvlen);
|
||||
OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH);
|
||||
/* Generate random IV */
|
||||
if (rand_bytes_ex(ctx->libctx, ctx->iv, ivlen) <= 0)
|
||||
return 0;
|
||||
memcpy(out, ctx->iv, ivlen);
|
||||
/* Encrypt everything after IV in place */
|
||||
ctx->hw->cipher(ctx, out + ivlen, out + ivlen, inl + ivlen);
|
||||
BUF_reverse(out, NULL, len);
|
||||
memcpy(ctx->iv, wrap_iv, ivlen);
|
||||
ctx->hw->cipher(ctx, out, out, len);
|
||||
return len;
|
||||
}
|
||||
|
||||
static int tdes_wrap_cipher_internal(PROV_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t inl)
|
||||
{
|
||||
/*
|
||||
* Sanity check input length: we typically only wrap keys so EVP_MAXCHUNK
|
||||
* is more than will ever be needed. Also input length must be a multiple
|
||||
* of 8 bits.
|
||||
*/
|
||||
if (inl >= EVP_MAXCHUNK || inl % 8)
|
||||
return -1;
|
||||
if (ctx->enc)
|
||||
return des_ede3_wrap(ctx, out, in, inl);
|
||||
else
|
||||
return des_ede3_unwrap(ctx, out, in, inl);
|
||||
}
|
||||
|
||||
static int tdes_wrap_cipher(void *vctx,
|
||||
unsigned char *out, size_t *outl, size_t outsize,
|
||||
const unsigned char *in, size_t inl)
|
||||
{
|
||||
PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
|
||||
int ret;
|
||||
|
||||
*outl = 0;
|
||||
if (outsize < inl) {
|
||||
PROVerr(0, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
|
||||
return -1;
|
||||
}
|
||||
|
||||
ret = tdes_wrap_cipher_internal(ctx, out, in, inl);
|
||||
if (ret <= 0)
|
||||
return 0;
|
||||
|
||||
*outl = ret;
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int tdes_wrap_update(void *vctx, unsigned char *out, size_t *outl,
|
||||
size_t outsize, const unsigned char *in,
|
||||
size_t inl)
|
||||
{
|
||||
*outl = 0;
|
||||
if (outsize < inl) {
|
||||
PROVerr(0, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (!tdes_wrap_cipher(vctx, out, outl, outsize, in, inl)) {
|
||||
PROVerr(0, PROV_R_CIPHER_OPERATION_FAILED);
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
# define IMPLEMENT_WRAP_CIPHER(flags, kbits, blkbits, ivbits) \
|
||||
static OSSL_OP_cipher_newctx_fn tdes_wrap_newctx; \
|
||||
static void *tdes_wrap_newctx(void *provctx) \
|
||||
{ \
|
||||
return tdes_newctx(provctx, EVP_CIPH_WRAP_MODE, kbits, blkbits, ivbits, \
|
||||
PROV_CIPHER_HW_tdes_wrap_cbc()); \
|
||||
} \
|
||||
static OSSL_OP_cipher_get_params_fn tdes_wrap_get_params; \
|
||||
static int tdes_wrap_get_params(OSSL_PARAM params[]) \
|
||||
{ \
|
||||
return cipher_generic_get_params(params, EVP_CIPH_WRAP_MODE, flags, \
|
||||
kbits, blkbits, ivbits); \
|
||||
} \
|
||||
const OSSL_DISPATCH tdes_wrap_cbc_functions[] = \
|
||||
{ \
|
||||
{ OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void)) tdes_einit }, \
|
||||
{ OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void)) tdes_dinit }, \
|
||||
{ OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))tdes_wrap_cipher }, \
|
||||
{ OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))tdes_wrap_newctx }, \
|
||||
{ OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))tdes_freectx }, \
|
||||
{ OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))tdes_wrap_update }, \
|
||||
{ OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_stream_final }, \
|
||||
{ OSSL_FUNC_CIPHER_GET_PARAMS, (void (*)(void))tdes_wrap_get_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \
|
||||
(void (*)(void))cipher_generic_gettable_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (void (*)(void))tdes_get_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \
|
||||
(void (*)(void))tdes_gettable_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_generic_set_ctx_params }, \
|
||||
{ OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \
|
||||
(void (*)(void))cipher_generic_settable_ctx_params }, \
|
||||
{ 0, NULL } \
|
||||
}
|
||||
|
||||
/* tdes_wrap_cbc_functions */
|
||||
IMPLEMENT_WRAP_CIPHER(TDES_WRAP_FLAGS, 64*3, 64, 0);
|
14
providers/default/ciphers/cipher_tdes_wrap_hw.c
Normal file
14
providers/default/ciphers/cipher_tdes_wrap_hw.c
Normal file
|
@ -0,0 +1,14 @@
|
|||
/*
|
||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "cipher_tdes_default.h"
|
||||
|
||||
#define cipher_hw_tdes_wrap_initkey cipher_hw_tdes_ede3_initkey
|
||||
|
||||
PROV_CIPHER_HW_tdes_mode(wrap, cbc)
|
|
@ -173,6 +173,18 @@ static const OSSL_ALGORITHM deflt_ciphers[] = {
|
|||
{ "CAMELLIA-192-CTR", "default=yes", camellia192ctr_functions },
|
||||
{ "CAMELLIA-128-CTR", "default=yes", camellia128ctr_functions },
|
||||
#endif /* OPENSSL_NO_CAMELLIA */
|
||||
{ "DES-EDE3", "default=yes", tdes_ede3_ecb_functions },
|
||||
{ "DES-EDE3-CBC", "default=yes", tdes_ede3_cbc_functions },
|
||||
{ "DES-EDE3-OFB", "default=yes", tdes_ede3_ofb_functions },
|
||||
{ "DES-EDE3-CFB", "default=yes", tdes_ede3_cfb_functions },
|
||||
{ "DES-EDE3-CFB8", "default=yes", tdes_ede3_cfb8_functions },
|
||||
{ "DES-EDE3-CFB1", "default=yes", tdes_ede3_cfb1_functions },
|
||||
{ "DES-EDE", "default=yes", tdes_ede2_ecb_functions },
|
||||
{ "DES-EDE-CBC", "default=yes", tdes_ede2_cbc_functions },
|
||||
{ "DES-EDE-OFB", "default=yes", tdes_ede2_ofb_functions },
|
||||
{ "DES-EDE-CFB", "default=yes", tdes_ede2_cfb_functions },
|
||||
{ "DESX-CBC", "default=yes", tdes_desx_cbc_functions },
|
||||
{ "id-smime-alg-CMS3DESwrap", "default=yes", tdes_wrap_cbc_functions },
|
||||
{ NULL, NULL, NULL }
|
||||
};
|
||||
|
||||
|
|
|
@ -324,6 +324,8 @@ static const OSSL_ALGORITHM fips_ciphers[] = {
|
|||
{ "id-aes256-CCM", "fips=yes", aes256ccm_functions },
|
||||
{ "id-aes192-CCM", "fips=yes", aes192ccm_functions },
|
||||
{ "id-aes128-CCM", "fips=yes", aes128ccm_functions },
|
||||
{ "DES-EDE3", "fips=yes", tdes_ede3_ecb_functions },
|
||||
{ "DES-EDE3-CBC", "fips=yes", tdes_ede3_cbc_functions },
|
||||
{ NULL, NULL, NULL }
|
||||
};
|
||||
|
||||
|
|
|
@ -22,12 +22,14 @@
|
|||
Title = DES Tests (various sources)
|
||||
|
||||
Cipher = DES-EDE3-CFB1
|
||||
Availablein = default
|
||||
Key = 000102030405060708090A0B0C0D0E0F1011121314151617
|
||||
IV = 0001020304050607
|
||||
Plaintext = "Hello World"
|
||||
Ciphertext = 3CF55D656E9C0664513358
|
||||
|
||||
Cipher = DES-EDE3-CFB1
|
||||
Availablein = default
|
||||
Key = 000102030405060708090A0B0C0D0E0F1011121314151617
|
||||
IV = 0001020304050607
|
||||
Operation = DECRYPT
|
||||
|
@ -35,6 +37,7 @@ Plaintext = "Hello World"
|
|||
Ciphertext = 3CF55D656E9C0664513358
|
||||
|
||||
Cipher = DESX-CBC
|
||||
Availablein = default
|
||||
Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210
|
||||
IV = fedcba9876543210
|
||||
Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
|
||||
|
@ -50,36 +53,43 @@ Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
|
|||
# DES ECB tests (from destest)
|
||||
|
||||
Cipher = DES-ECB
|
||||
Availablein = default
|
||||
Key = 0000000000000000
|
||||
Plaintext = 0000000000000000
|
||||
Ciphertext = 8CA64DE9C1B123A7
|
||||
|
||||
Cipher = DES-ECB
|
||||
Availablein = default
|
||||
Key = FFFFFFFFFFFFFFFF
|
||||
Plaintext = FFFFFFFFFFFFFFFF
|
||||
Ciphertext = 7359B2163E4EDC58
|
||||
|
||||
Cipher = DES-ECB
|
||||
Availablein = default
|
||||
Key = 3000000000000000
|
||||
Plaintext = 1000000000000001
|
||||
Ciphertext = 958E6E627A05557B
|
||||
|
||||
Cipher = DES-ECB
|
||||
Availablein = default
|
||||
Key = 1111111111111111
|
||||
Plaintext = 1111111111111111
|
||||
Ciphertext = F40379AB9E0EC533
|
||||
|
||||
Cipher = DES-ECB
|
||||
Availablein = default
|
||||
Key = 0123456789ABCDEF
|
||||
Plaintext = 1111111111111111
|
||||
Ciphertext = 17668DFC7292532D
|
||||
|
||||
Cipher = DES-ECB
|
||||
Availablein = default
|
||||
Key = 1111111111111111
|
||||
Plaintext = 0123456789ABCDEF
|
||||
Ciphertext = 8A5AE1F81AB8F2DD
|
||||
|
||||
Cipher = DES-ECB
|
||||
Availablein = default
|
||||
Key = FEDCBA9876543210
|
||||
Plaintext = 0123456789ABCDEF
|
||||
Ciphertext = ED39D950FA74BCC4
|
||||
|
|
Loading…
Reference in a new issue