Because Rijndael is more known as AES, use crypto/aes instead of
crypto/rijndael. Additionally, I applied the AES integration patch from Stephen Sprunk <stephen@sprunk.org> and fiddled it to work properly with the normal EVP constructs (and incidently work the same way as all other symmetric cipher implementations). This results in an API that looks a lot like the rest of the OpenSSL cipher suite.
This commit is contained in:
parent
c938563a81
commit
6f9079fd50
18 changed files with 1807 additions and 109 deletions
5
CHANGES
5
CHANGES
|
@ -12,6 +12,11 @@
|
|||
*) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
|
||||
+) applies to 0.9.7 only
|
||||
|
||||
+) Change the AES code to follow the same name structure as all other
|
||||
symmetric ciphers, and behave the same way. Move everything to
|
||||
the directory crypto/aes, thereby obsoleting crypto/rijndael.
|
||||
[Stephen Sprunk <stephen@sprunk.org> and Richard Levitte]
|
||||
|
||||
*) Fix ssl3_read_bytes (ssl/s3_pkt.c): To ignore messages of unknown
|
||||
type, we must throw them away by setting rr->length to 0.
|
||||
[D P Chang <dpc@qualys.com>]
|
||||
|
|
|
@ -166,7 +166,7 @@ SHLIBDIRS= crypto ssl
|
|||
SDIRS= \
|
||||
md2 md4 md5 sha mdc2 hmac ripemd \
|
||||
des rc2 rc4 rc5 idea bf cast \
|
||||
bn ec rsa dsa dh dso engine rijndael \
|
||||
bn ec rsa dsa dh dso engine aes \
|
||||
buffer bio stack lhash rand err objects \
|
||||
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
|
||||
|
||||
|
|
|
@ -28,7 +28,7 @@ LIBS=
|
|||
|
||||
SDIRS= md2 md5 sha mdc2 hmac ripemd \
|
||||
des rc2 rc4 rc5 idea bf cast \
|
||||
bn ec rsa dsa dh dso engine rijndael \
|
||||
bn ec rsa dsa dh dso engine aes \
|
||||
buffer bio stack lhash rand err objects \
|
||||
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
|
||||
|
||||
|
|
92
crypto/aes/Makefile.ssl
Normal file
92
crypto/aes/Makefile.ssl
Normal file
|
@ -0,0 +1,92 @@
|
|||
#
|
||||
# crypto/aes/Makefile
|
||||
#
|
||||
|
||||
DIR= aes
|
||||
TOP= ../..
|
||||
CC= cc
|
||||
CPP= $(CC) -E
|
||||
INCLUDES=
|
||||
CFLAG=-g
|
||||
INSTALL_PREFIX=
|
||||
OPENSSLDIR= /usr/local/ssl
|
||||
INSTALLTOP= /usr/local/ssl
|
||||
MAKE= make -f Makefile.ssl
|
||||
MAKEDEPPROG= makedepend
|
||||
MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
|
||||
MAKEFILE= Makefile.ssl
|
||||
AR= ar r
|
||||
|
||||
# CFLAGS= -mpentiumpro $(INCLUDES) $(CFLAG) -O3 -fexpensive-optimizations -funroll-loops -fforce-addr
|
||||
CFLAGS= $(INCLUDES) $(CFLAG)
|
||||
|
||||
GENERAL=Makefile
|
||||
TEST=aestest.c
|
||||
APPS=
|
||||
|
||||
LIB=$(TOP)/libcrypto.a
|
||||
LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c
|
||||
LIBOBJ=aes_core.o aes_misc.o aes_ecb.o aes_cbc.o
|
||||
|
||||
SRC= $(LIBSRC)
|
||||
|
||||
EXHEADER= aes.h
|
||||
HEADER= aes_locl.h $(EXHEADER)
|
||||
|
||||
ALL= $(GENERAL) $(SRC) $(HEADER)
|
||||
|
||||
top:
|
||||
(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
|
||||
|
||||
all: lib
|
||||
|
||||
lib: $(LIBOBJ)
|
||||
$(AR) $(LIB) $(LIBOBJ)
|
||||
$(RANLIB) $(LIB) || echo Never mind.
|
||||
@touch lib
|
||||
|
||||
$(LIBOBJ): $(LIBSRC)
|
||||
|
||||
files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
links:
|
||||
@$(TOP)/util/point.sh Makefile.ssl Makefile
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
||||
install: installs
|
||||
|
||||
installs:
|
||||
@for i in $(EXHEADER) ; \
|
||||
do \
|
||||
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
|
||||
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
|
||||
done;
|
||||
|
||||
tags:
|
||||
ctags $(SRC)
|
||||
|
||||
tests:
|
||||
|
||||
lint:
|
||||
lint -DLINT $(INCLUDES) $(SRC)>fluff
|
||||
|
||||
depend:
|
||||
$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
|
||||
|
||||
dclean:
|
||||
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
|
||||
mv -f Makefile.new $(MAKEFILE)
|
||||
|
||||
clean:
|
||||
rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
|
||||
|
||||
# DO NOT DELETE THIS LINE -- make depend depends on it.
|
||||
|
||||
aes_cbc.o: ../../include/openssl/aes.h aes_cbc.c aes_locl.h
|
||||
aes_core.o: ../../include/openssl/aes.h aes_core.c aes_locl.h
|
||||
aes_ecb.o: ../../include/openssl/aes.h aes_ecb.c aes_locl.h
|
||||
aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/opensslv.h
|
||||
aes_misc.o: aes_locl.h aes_misc.c
|
3
crypto/aes/README
Normal file
3
crypto/aes/README
Normal file
|
@ -0,0 +1,3 @@
|
|||
This is an OpenSSL-compatible version of AES (also called Rijndael).
|
||||
aes_core.c is basically the same as rijndael-alg-fst.c but with an
|
||||
API that looks like the rest of the OpenSSL symmetric cipher suite.
|
93
crypto/aes/aes.h
Normal file
93
crypto/aes/aes.h
Normal file
|
@ -0,0 +1,93 @@
|
|||
/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef HEADER_AES_H
|
||||
#define HEADER_AES_H
|
||||
|
||||
#ifdef OPENSSL_NO_AES
|
||||
#error AES is disabled.
|
||||
#endif
|
||||
|
||||
static const int AES_DECRYPT = 0;
|
||||
static const int AES_ENCRYPT = 1;
|
||||
#define AES_MAXNR 14 /* array size can't be a const in C */
|
||||
static const int AES_BLOCK_SIZE = 16; /* bytes */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* This should be a hidden type, but EVP requires that the size be known */
|
||||
struct aes_key_st {
|
||||
unsigned long rd_key[4 *(AES_MAXNR + 1)];
|
||||
int rounds;
|
||||
};
|
||||
typedef struct aes_key_st AES_KEY;
|
||||
|
||||
const char *AES_options(void);
|
||||
|
||||
int AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key);
|
||||
int AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key);
|
||||
|
||||
void AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key);
|
||||
void AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key);
|
||||
|
||||
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const AES_KEY *key, const int enc);
|
||||
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const unsigned long length, const AES_KEY *key,
|
||||
unsigned char *ivec, const int enc);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* !HEADER_AES_H */
|
89
crypto/aes/aes_cbc.c
Normal file
89
crypto/aes/aes_cbc.c
Normal file
|
@ -0,0 +1,89 @@
|
|||
/* crypto/aes/aes_cbc.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
*/
|
||||
|
||||
#include <assert.h>
|
||||
#include <openssl/aes.h>
|
||||
#include "aes_locl.h"
|
||||
|
||||
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const unsigned long length, const AES_KEY *key,
|
||||
unsigned char *ivec, const int enc) {
|
||||
|
||||
int n;
|
||||
unsigned long len = length;
|
||||
unsigned char tmp[16];
|
||||
|
||||
assert(in && out && key && ivec);
|
||||
assert(length % AES_BLOCK_SIZE == 0);
|
||||
assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
|
||||
|
||||
if (AES_ENCRYPT == enc)
|
||||
while (len > 0) {
|
||||
for(n=0; n < 16; ++n)
|
||||
tmp[n] = in[n] ^ ivec[n];
|
||||
AES_encrypt(tmp, out, key);
|
||||
memcpy(ivec, out, 16);
|
||||
len -= 16;
|
||||
in += 16;
|
||||
out += 16;
|
||||
}
|
||||
else
|
||||
while (len > 0) {
|
||||
memcpy(tmp, in, 16);
|
||||
AES_decrypt(in, out, key);
|
||||
for(n=0; n < 16; ++n)
|
||||
out[n] ^= ivec[n];
|
||||
memcpy(ivec, tmp, 16);
|
||||
len -= 16;
|
||||
in += 16;
|
||||
out += 16;
|
||||
}
|
||||
}
|
1261
crypto/aes/aes_core.c
Normal file
1261
crypto/aes/aes_core.c
Normal file
File diff suppressed because it is too large
Load diff
67
crypto/aes/aes_ecb.c
Normal file
67
crypto/aes/aes_ecb.c
Normal file
|
@ -0,0 +1,67 @@
|
|||
/* crypto/aes/aes_ecb.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
*/
|
||||
|
||||
#include <assert.h>
|
||||
#include <openssl/aes.h>
|
||||
#include "aes_locl.h"
|
||||
|
||||
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const AES_KEY *key, const int enc) {
|
||||
|
||||
assert(in && out && key);
|
||||
assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
|
||||
|
||||
if (AES_ENCRYPT == enc)
|
||||
AES_encrypt(in, out, key);
|
||||
else
|
||||
AES_decrypt(in, out, key);
|
||||
}
|
||||
|
70
crypto/aes/aes_locl.h
Normal file
70
crypto/aes/aes_locl.h
Normal file
|
@ -0,0 +1,70 @@
|
|||
/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef HEADER_AES_LOCL_H
|
||||
#define HEADER_AES_LOCL_H
|
||||
|
||||
#ifdef OPENSSL_NO_AES
|
||||
#error AES is disabled.
|
||||
#endif
|
||||
|
||||
typedef unsigned long u32;
|
||||
typedef unsigned short u16;
|
||||
typedef unsigned char u8;
|
||||
|
||||
#define MAXKC (256/32)
|
||||
#define MAXKB (256/8)
|
||||
#define MAXNR 14
|
||||
|
||||
/* This controls loop-unrolling in aes_core.c */
|
||||
#undef FULL_UNROLL
|
||||
|
||||
#endif /* !HEADER_AES_LOCL_H */
|
64
crypto/aes/aes_misc.c
Normal file
64
crypto/aes/aes_misc.c
Normal file
|
@ -0,0 +1,64 @@
|
|||
/* crypto/aes/aes_misc.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
*/
|
||||
|
||||
#include <openssl/opensslv.h>
|
||||
#include <openssl/aes.h>
|
||||
#include "aes_locl.h"
|
||||
|
||||
const char *AES_version="AES" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
const char *AES_options(void) {
|
||||
#ifdef FULL_UNROLL
|
||||
return "aes(full)";
|
||||
#else
|
||||
return "aes(partial)";
|
||||
#endif
|
||||
}
|
|
@ -186,15 +186,15 @@ digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
|
|||
digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
|
||||
digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
digest.o: ../../include/openssl/ui.h ../cryptlib.h digest.c
|
||||
e_aes.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
|
||||
e_aes.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
|
||||
e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
|
||||
e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
|
||||
e_aes.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
|
||||
e_aes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
|
||||
e_aes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rd_fst.h
|
||||
e_aes.o: ../../include/openssl/rijndael.h ../../include/openssl/safestack.h
|
||||
e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h e_aes.c
|
||||
e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
|
||||
e_aes.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
|
||||
e_aes.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
|
||||
e_aes.o: ../../include/openssl/err.h ../../include/openssl/evp.h
|
||||
e_aes.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
|
||||
e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
|
||||
e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
|
||||
e_aes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
|
||||
e_aes.o: ../../include/openssl/symhacks.h e_aes.c evp_locl.h
|
||||
e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
|
||||
e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
|
||||
e_bf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
|
||||
|
|
|
@ -53,102 +53,57 @@
|
|||
#include <openssl/err.h>
|
||||
#include <string.h>
|
||||
#include <assert.h>
|
||||
#include <openssl/rijndael.h>
|
||||
#include <openssl/aes.h>
|
||||
#include "evp_locl.h"
|
||||
|
||||
static int aes_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||
static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||
const unsigned char *iv, int enc);
|
||||
static int aes_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, unsigned int inl);
|
||||
static int aes_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, unsigned int inl);
|
||||
|
||||
#define IMPLEMENT_AES_CIPHER(name, ciph_func, keylen, ivlen, mode) \
|
||||
static const EVP_CIPHER name##_cipher_st = \
|
||||
{ \
|
||||
NID_##name, \
|
||||
16,keylen,ivlen, \
|
||||
mode, \
|
||||
aes_init, \
|
||||
ciph_func, \
|
||||
NULL, \
|
||||
sizeof(RIJNDAEL_KEY), \
|
||||
EVP_CIPHER_set_asn1_iv, \
|
||||
EVP_CIPHER_get_asn1_iv, \
|
||||
NULL, \
|
||||
NULL \
|
||||
}; \
|
||||
const EVP_CIPHER * EVP_##name(void) \
|
||||
{ \
|
||||
return &name##_cipher_st; \
|
||||
}
|
||||
|
||||
IMPLEMENT_AES_CIPHER(aes_128_ecb, aes_ecb, 16, 0, EVP_CIPH_ECB_MODE)
|
||||
IMPLEMENT_AES_CIPHER(aes_192_ecb, aes_ecb, 24, 0, EVP_CIPH_ECB_MODE)
|
||||
IMPLEMENT_AES_CIPHER(aes_256_ecb, aes_ecb, 32, 0, EVP_CIPH_ECB_MODE)
|
||||
|
||||
IMPLEMENT_AES_CIPHER(aes_128_cbc, aes_cbc, 16, 16, EVP_CIPH_CBC_MODE)
|
||||
IMPLEMENT_AES_CIPHER(aes_192_cbc, aes_cbc, 24, 16, EVP_CIPH_CBC_MODE)
|
||||
IMPLEMENT_AES_CIPHER(aes_256_cbc, aes_cbc, 32, 16, EVP_CIPH_CBC_MODE)
|
||||
|
||||
static int aes_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||
const unsigned char *iv, int enc)
|
||||
typedef struct
|
||||
{
|
||||
RIJNDAEL_KEY *k=ctx->cipher_data;
|
||||
AES_KEY ks;
|
||||
} EVP_AES_KEY;
|
||||
|
||||
#define data(ctx) EVP_C_DATA(EVP_AES_KEY,ctx)
|
||||
|
||||
#define IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(cname, ksched, cprefix, kstruct, \
|
||||
nid, block_size, key_len, iv_len, flags, \
|
||||
init_key, cleanup, set_asn1, get_asn1, ctrl) \
|
||||
BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
|
||||
BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
|
||||
BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
|
||||
init_key, cleanup, set_asn1, get_asn1, ctrl) \
|
||||
BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, 0, flags, \
|
||||
init_key, cleanup, set_asn1, get_asn1, ctrl)
|
||||
|
||||
IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(aes_128, ks, AES, EVP_AES_KEY,
|
||||
NID_aes_128, 16, 16, 16,
|
||||
0, aes_init_key, NULL,
|
||||
EVP_CIPHER_set_asn1_iv,
|
||||
EVP_CIPHER_get_asn1_iv,
|
||||
NULL)
|
||||
IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(aes_192, ks, AES, EVP_AES_KEY,
|
||||
NID_aes_192, 16, 24, 16,
|
||||
0, aes_init_key, NULL,
|
||||
EVP_CIPHER_set_asn1_iv,
|
||||
EVP_CIPHER_get_asn1_iv,
|
||||
NULL)
|
||||
IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(aes_256, ks, AES, EVP_AES_KEY,
|
||||
NID_aes_256, 16, 32, 16,
|
||||
0, aes_init_key, NULL,
|
||||
EVP_CIPHER_set_asn1_iv,
|
||||
EVP_CIPHER_get_asn1_iv,
|
||||
NULL)
|
||||
|
||||
static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||
const unsigned char *iv, int enc) {
|
||||
|
||||
if (enc)
|
||||
k->rounds = rijndaelKeySetupEnc(k->rd_key, key, ctx->key_len * 8);
|
||||
AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
|
||||
else
|
||||
k->rounds = rijndaelKeySetupDec(k->rd_key, key, ctx->key_len * 8);
|
||||
AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int aes_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, unsigned int inl)
|
||||
{
|
||||
RIJNDAEL_KEY *k=ctx->cipher_data;
|
||||
while(inl > 0)
|
||||
{
|
||||
if(ctx->encrypt)
|
||||
rijndaelEncrypt(k->rd_key,k->rounds, in, out);
|
||||
else
|
||||
rijndaelDecrypt(k->rd_key,k->rounds, in, out);
|
||||
inl-=16;
|
||||
in+=16;
|
||||
out+=16;
|
||||
}
|
||||
assert(inl == 0);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int aes_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, unsigned int inl)
|
||||
{
|
||||
int n;
|
||||
unsigned char tmp[16];
|
||||
RIJNDAEL_KEY *k=ctx->cipher_data;
|
||||
while(inl > 0)
|
||||
{
|
||||
if(ctx->encrypt)
|
||||
{
|
||||
for(n=0 ; n < 16 ; n++)
|
||||
tmp[n] = in[n] ^ ctx->iv[n];
|
||||
rijndaelEncrypt(k->rd_key,k->rounds, tmp, out);
|
||||
memcpy(ctx->iv,out,16);
|
||||
}
|
||||
else
|
||||
{
|
||||
memcpy(tmp, in, 16);
|
||||
rijndaelDecrypt(k->rd_key,k->rounds, in, out);
|
||||
for(n=0 ; n < 16 ; n++)
|
||||
out[n] ^= ctx->iv[n];
|
||||
memcpy(ctx->iv,tmp,16);
|
||||
}
|
||||
inl-=16;
|
||||
in+=16;
|
||||
out+=16;
|
||||
}
|
||||
assert(inl == 0);
|
||||
return 1;
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -34,7 +34,7 @@ $ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN -
|
|||
$
|
||||
$ SDIRS := ,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,-
|
||||
DES,RC2,RC4,RC5,IDEA,BF,CAST,-
|
||||
BN,EC,RSA,DSA,DH,DSO,ENGINE,RIJNDAEL,-
|
||||
BN,EC,RSA,DSA,DH,DSO,ENGINE,AES,-
|
||||
BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,-
|
||||
EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,-
|
||||
UI,KRB5
|
||||
|
@ -61,7 +61,7 @@ $ EXHEADER_DSA := dsa.h
|
|||
$ EXHEADER_DH := dh.h
|
||||
$ EXHEADER_DSO := dso.h
|
||||
$ EXHEADER_ENGINE := engine.h
|
||||
$ EXHEADER_RIJNDAEL := rd_fst.h,rijndael.h
|
||||
$ EXHEADER_AES := aes.h
|
||||
$ EXHEADER_BUFFER := buffer.h
|
||||
$ EXHEADER_BIO := bio.h
|
||||
$ EXHEADER_STACK := stack.h,safestack.h
|
||||
|
|
|
@ -430,7 +430,7 @@ $! Copy All The ".H" Files From The [.CRYPTO] Directory Tree.
|
|||
$!
|
||||
$ SDIRS := ,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,-
|
||||
DES,RC2,RC4,RC5,IDEA,BF,CAST,-
|
||||
BN,EC,RSA,DSA,DH,DSO,ENGINE,RIJNDAEL,-
|
||||
BN,EC,RSA,DSA,DH,DSO,ENGINE,AES,-
|
||||
BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,-
|
||||
EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5
|
||||
$ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,symhacks.h,-
|
||||
|
@ -456,7 +456,7 @@ $ EXHEADER_DSA := dsa.h
|
|||
$ EXHEADER_DH := dh.h
|
||||
$ EXHEADER_DSO := dso.h
|
||||
$ EXHEADER_ENGINE := engine.h
|
||||
$ EXHEADER_RIJNDAEL := rd_fst.h,rijndael.h
|
||||
$ EXHEADER_AES := aes.h
|
||||
$ EXHEADER_BUFFER := buffer.h
|
||||
$ EXHEADER_BIO := bio.h
|
||||
$ EXHEADER_STACK := stack.h,safestack.h
|
||||
|
|
|
@ -92,7 +92,7 @@ $no_mdc2=1 if ($no_des);
|
|||
$no_ssl3=1 if ($no_md5 || $no_sha);
|
||||
$no_ssl3=1 if ($no_rsa && $no_dh);
|
||||
|
||||
$no_ssl2=1 if ($no_md5 || $no_rsa);
|
||||
$no_ssl2=1 if ($no_md5);
|
||||
$no_ssl2=1 if ($no_rsa);
|
||||
|
||||
$out_def="out";
|
||||
|
@ -873,7 +873,7 @@ sub read_options
|
|||
elsif (/^no-dsa$/) { $no_dsa=1; }
|
||||
elsif (/^no-dh$/) { $no_dh=1; }
|
||||
elsif (/^no-hmac$/) { $no_hmac=1; }
|
||||
elsif (/^no-rijndael$/) { $no_rijndael=1; }
|
||||
elsif (/^no-aes$/) { $no_aes=1; }
|
||||
elsif (/^no-asm$/) { $no_asm=1; }
|
||||
elsif (/^nasm$/) { $nasm=1; }
|
||||
elsif (/^gaswin$/) { $gaswin=1; }
|
||||
|
|
|
@ -208,8 +208,7 @@ $crypto.=" crypto/md5/md5.h" ; # unless $no_md5;
|
|||
$crypto.=" crypto/mdc2/mdc2.h" ; # unless $no_mdc2;
|
||||
$crypto.=" crypto/sha/sha.h" ; # unless $no_sha;
|
||||
$crypto.=" crypto/ripemd/ripemd.h" ; # unless $no_ripemd;
|
||||
$crypto.=" crypto/rijndael/rijndael.h" ; # unless $no_aes;
|
||||
$crypto.=" crypto/rijndael/rd_fst.h" ; # unless $no_aes;
|
||||
$crypto.=" crypto/aes/aes.h" ; # unless $no_aes;
|
||||
|
||||
$crypto.=" crypto/bn/bn.h";
|
||||
$crypto.=" crypto/rsa/rsa.h" ; # unless $no_rsa;
|
||||
|
|
|
@ -23,7 +23,7 @@ my @dirs = (
|
|||
"crypto/idea",
|
||||
"crypto/bf",
|
||||
"crypto/cast",
|
||||
"crypto/rijndael",
|
||||
"crypto/aes",
|
||||
"crypto/bn",
|
||||
"crypto/rsa",
|
||||
"crypto/dsa",
|
||||
|
|
Loading…
Reference in a new issue