Commit graph

494 commits

Author SHA1 Message Date
Andy Polyakov
2d22e08083 ARM assembler pack: reschedule instructions for dual-issue pipeline.
Modest improvement coefficients mean that code already had some
parallelism and there was not very much room for improvement. Special
thanks to Ted Krovetz for benchmarking the code with such patience.
2010-07-13 14:03:31 +00:00
Dr. Stephen Henson
0852f90c30 PR: 2297
Submitted by: Antony, Benoy <bantony@ebay.com>
Approved by: steve@openssl.org

Fix bug in AES wrap code when t > 0xff.
2010-07-09 17:26:04 +00:00
Andy Polyakov
874a3757af Rework framework for assembler support for AES counter mode and add
AES_ctr32_encrypt to aes-s390x.pl.
2010-07-09 12:21:52 +00:00
Andy Polyakov
1cbdca7bf2 Harmonize s390x assembler modules with "catch-all" rules from commit#19749. 2010-07-09 12:11:12 +00:00
Andy Polyakov
396df7311e crypto/*/Makefile: unify "catch-all" assembler make rules and harmonize
ARM assembler modules.
2010-07-08 15:03:42 +00:00
Andy Polyakov
3efe51a407 Revert previous Linux-specific/centric commit#19629. If it really has to
be done, it's definitely not the way to do it. So far answer to the
question was to ./config -Wa,--noexecstack (adopted by RedHat).
2010-05-05 22:05:39 +00:00
Ben Laurie
0e3ef596e5 Non-executable stack in asm. 2010-05-05 15:50:13 +00:00
Andy Polyakov
109757d254 aes-ppc.pl: 10% performance improvement on Power6. 2010-04-10 14:53:17 +00:00
Andy Polyakov
6c83629bd9 AESNI engine: add counter mode. 2010-04-10 13:56:59 +00:00
Andy Polyakov
97a6a01f0f ARMv4 assembler: fix compilation failure. Fix is actually unconfirmed, but
I can't think of any other cause for failure
2010-03-29 09:55:19 +00:00
Andy Polyakov
ea746dad5e Reserve for option to implement AES counter in assembler. 2010-02-23 16:51:24 +00:00
Andy Polyakov
91fdacb2c3 s390x assembler update: add support for run-time facility detection. 2010-01-19 12:24:59 +00:00
Andy Polyakov
cb3b9b1323 Throw in more PA-RISC assembler. 2009-12-27 20:49:40 +00:00
Andy Polyakov
6f766a4181 aesni-x86.pl: eliminate development comments. 2009-11-15 16:40:22 +00:00
Andy Polyakov
c5036d785a aesni-x86_64.pl: resolve LNK1223 error. 2009-05-02 10:21:29 +00:00
Andy Polyakov
d608b4d662 AES-NI engine jumbo update. 2009-05-02 09:04:17 +00:00
Andy Polyakov
eda2da3235 aesni-x86.pl: fix another typo and add test script. 2009-04-27 15:46:32 +00:00
Andy Polyakov
c0b03d44fb aesni-x86.pl: fix typos. 2009-04-27 12:50:44 +00:00
Andy Polyakov
d64a7232d4 Intel AES-NI engine.
Submitted by: Huang Ying
2009-04-27 05:55:13 +00:00
Andy Polyakov
4e52b9845e aes-390x.pl: commentary update. 2009-03-17 20:04:11 +00:00
Andy Polyakov
e22b864846 Make SPARC assembler modules *really* Purify-friendly. 2009-03-17 18:31:08 +00:00
Andy Polyakov
4c78bc05c4 Make SPARC assembler Pirify-friendly (Purify can't cope with certain
PIC constructs).
2009-03-16 13:32:38 +00:00
Andy Polyakov
8626230a02 s390x assembler pack update. 2009-02-09 15:42:04 +00:00
Andy Polyakov
3b0ee0d2bf Revisit RT#1801 and complete fix. 2008-12-27 13:32:21 +00:00
Andy Polyakov
0f76640fba Windows-specific addenum to "engage crypto/modes" commit #17716. 2008-12-23 15:15:44 +00:00
Andy Polyakov
a11974180f Patch the omission from prvious commit #17716. 2008-12-23 11:38:33 +00:00
Andy Polyakov
5d48a66a6a Engage crypto/modes. 2008-12-23 11:33:01 +00:00
Andy Polyakov
be01f79d3d x86_64 assembler pack: add support for Win64 SEH. 2008-12-19 11:17:29 +00:00
Andy Polyakov
6786f52ada SEGV in AES_cbc_encrypt in aes-x86_64 assembler module.
PR: 1801
Submitted by: Huang Ying
2008-12-17 14:11:30 +00:00
Bodo Möller
7a76219774 Implement Configure option pattern "experimental-foo"
(specifically, "experimental-jpake").
2008-12-02 01:21:39 +00:00
Andy Polyakov
1416aec60d Update make rules for x86_64 assembler pack. 2008-11-12 08:19:04 +00:00
Andy Polyakov
aa8f38e49b x86_64 assembler pack to comply with updated styling x86_64-xlate.pl rules. 2008-11-12 08:15:52 +00:00
Ben Laurie
5ee92a5ec1 Fix asserts. Fix incorrect dependency. 2008-11-02 13:15:06 +00:00
Andy Polyakov
f768be81d8 size_t-fy AES, Camellia and RC4. 2008-10-31 19:30:11 +00:00
Andy Polyakov
492279f6f3 AIX build updates. 2008-09-12 14:45:54 +00:00
Lutz Jänicke
4c1a6e004a Apply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev
PR: 1552
Submitted by: Roumen Petrov <openssl@roumenpetrov.info>, "Alon Bar-Lev" <alon.barlev@gmail.com>
2008-04-17 10:19:16 +00:00
Dr. Stephen Henson
fe591284be Update dependencies. 2008-03-22 18:52:03 +00:00
Dr. Stephen Henson
6e3bc4f073 More support for KEK RecipientInfo.
Generalise RecipientInfo and enveloped data handling so applications can
add their own key lookup routines as well as using the standard ones.
2008-03-18 01:00:38 +00:00
Dr. Stephen Henson
8931b30d84 And so it begins...
Initial support for CMS.

Add zlib compression BIO.

Add AES key wrap implementation.

Generalize S/MIME MIME code to support CMS and/or PKCS7.
2008-03-12 21:14:28 +00:00
Andy Polyakov
96d13fe62b Micro-profiling assisted "optimization" for Power6. Essentially it's so
to say educational commit. Reordering instructions doesn't improve
performance much, rather exhibits Power6 limitations.
2008-02-06 10:18:19 +00:00
Andy Polyakov
addd641f3a Unify ppc assembler make rules. 2008-01-13 22:01:30 +00:00
Andy Polyakov
fa8e921f66 Unify x86 perlasm make rules. 2008-01-11 13:15:11 +00:00
Andy Polyakov
ab0ff06205 Make aes-x86_64 work with debug Win64 build. 2008-01-05 18:17:20 +00:00
Andy Polyakov
79eeb47031 Make AES_T[ed] private to aes-586 module. 2008-01-05 08:58:18 +00:00
Andy Polyakov
ca64056836 Engage x86 assembler in Mac OS X build. 2007-12-18 17:33:49 +00:00
Andy Polyakov
ad8bd4ece8 Combat [bogus] relocations in some assember modules. 2007-11-22 20:51:48 +00:00
Andy Polyakov
7722e53f12 Yet another ARM update. It appears to be more appropriate to make
developers responsible for -march choice.
2007-09-27 16:27:03 +00:00
Andy Polyakov
d7e915616d 10% performance tweak in 64-bit mode. 2007-09-27 06:19:25 +00:00
Andy Polyakov
d8803d5ae6 aes_ige suffered SIGBUS on RISC platforms. 2007-08-29 21:30:13 +00:00
Andy Polyakov
0ddd3ea217 Make naming more consistent. 2007-08-28 21:02:38 +00:00
Andy Polyakov
55eab3b74b Make x86_64 modules work under Win64/x64. 2007-08-23 12:01:58 +00:00
Andy Polyakov
983180bb8b Buglet fixes and minor optimization in aes-x86_86 assembler. 2007-07-30 16:42:57 +00:00
Andy Polyakov
afaad0ada6 AES for IA64 update. 2007-07-27 18:20:52 +00:00
Andy Polyakov
a61710b868 Allow for option to skip hardware support. 2007-07-23 20:38:57 +00:00
Andy Polyakov
a415ebd026 Complete synchronization of aes-x86_64 with aes-586. 2007-07-21 14:20:46 +00:00
Andy Polyakov
52ee3d01ae Lppc_AES_[en|de]crypt_compact: size optimization. 2007-07-19 15:31:22 +00:00
Andy Polyakov
e59f992be6 Minor optimization in AES_set_encryption_key for x86_64. 2007-07-19 14:59:26 +00:00
Andy Polyakov
8bae7722a2 _x86_64_AES_[en|de]crypt_compact: size optimization and aggressive
T[ed]4 prefetch.
2007-07-19 14:29:41 +00:00
Andy Polyakov
96b0f6c16d Various minor updates to AES assembler modules. 2007-07-13 17:42:13 +00:00
Andy Polyakov
e1612ea59d Add _x86_64_AES_[en|de]crypt_compact. 2007-07-13 17:39:40 +00:00
Dr. Stephen Henson
9677bf0f30 Update .cvsignore 2007-06-18 12:40:24 +00:00
Andy Polyakov
f20af72312 AES_set_[en|de]crypt_key for ARMv4. 2007-05-30 15:57:31 +00:00
Andy Polyakov
7ef643360d s390x gas can't handle .align 128. 2007-05-28 16:32:50 +00:00
Andy Polyakov
76c828c627 AES_set_[en|de]crypt_key for s390x. 2007-05-28 16:30:18 +00:00
Andy Polyakov
86d8f3ee19 Typo in aes-ppc.pl. 2007-05-19 20:00:33 +00:00
Andy Polyakov
9c200f5471 Initial draft of AES for PPC. 2007-05-19 17:16:27 +00:00
Dr. Stephen Henson
9660cbcd6b Change C++ style comments. 2007-05-15 23:50:55 +00:00
Ben Laurie
69ab085290 More IGE speedup. 2007-05-13 15:14:38 +00:00
Ben Laurie
5f09d0ecc2 AES IGE mode speedup. 2007-05-13 12:57:59 +00:00
Andy Polyakov
3f6916cf29 Fix bug introduced in cn#16195. 2007-05-03 09:12:47 +00:00
Andy Polyakov
a4470ae7b2 Fine reading of manual suggests that km can return non-normal completion code. 2007-05-03 07:26:27 +00:00
Andy Polyakov
251718e4c1 Fix s390x bugs and correct performance coefficients. 2007-05-02 11:44:02 +00:00
Andy Polyakov
b900df5258 Engage s390x assembler modules. 2007-04-30 09:22:27 +00:00
Andy Polyakov
a2a54ffc5f s390x assembler pack. 2007-04-30 08:42:54 +00:00
Ben Laurie
f6301f6888 Avoid overrun. Coverity ID 60. 2007-04-05 15:45:58 +00:00
Andy Polyakov
82686bdcaa Minimize aes_core.c footprint when AES_[en|de]crypt is implemented in
assembler.
2007-01-25 20:47:00 +00:00
Andy Polyakov
14b1d089b6 Minor touch to aes-armv4.pl. 2007-01-25 11:28:07 +00:00
Andy Polyakov
a296239bdd AES for ARMv4. 2007-01-25 10:44:48 +00:00
Dr. Stephen Henson
560b79cbff Constify version strings and some structures. 2007-01-21 13:07:17 +00:00
Dr. Stephen Henson
4d7aff707e Update dependencies. 2006-11-30 13:41:47 +00:00
Andy Polyakov
591e85e928 Linking errors on IA64 and typo in aes-ia64.S. 2006-10-17 06:41:27 +00:00
Andy Polyakov
3a8012cbf2 Improve 386 portability of aes-586.pl. 2006-09-18 19:13:15 +00:00
Andy Polyakov
2b8a5406f9 Fix bug in aes-586.pl. 2006-08-31 21:15:38 +00:00
Dr. Stephen Henson
02c9b66a6c Fix C++ style comments, change assert to OPENSSL_assert, stop warning with
pedantic mode.
2006-08-31 20:56:20 +00:00
Ben Laurie
aa6d1a0c19 Forward port of IGE mode. 2006-08-31 14:04:04 +00:00
Andy Polyakov
6c69aa532e Revised AES_cbc_encrypt in x86 assembler module. 2006-08-07 09:05:52 +00:00
Andy Polyakov
fc92414273 Agressively prefetch S-box in SSE codepatch, relax alignment requirement,
check for SSE bit instead of MMX, as pshufw was introduces in PIII, minor
optimization, typos...
2006-08-02 22:38:16 +00:00
Andy Polyakov
53154d71c3 Switch to compact S-box when generating AES key schedule. 2006-08-02 07:46:56 +00:00
Andy Polyakov
8cebec9802 Switch to compact S-box when generating AES key schedule. 2006-08-01 22:10:39 +00:00
Andy Polyakov
22c268e6c9 Next generation aes-586.pl featuring AES_[en|de]crypt, accessing exclusively
256 byte S-box. AES_cbc_encrypt needs further work as it should also use
slow routines when processing smaller amount of data.
2006-07-31 20:03:56 +00:00
Andy Polyakov
af8c1d81a3 Reimplement outer rounds as "compact" in x86 assembler. This has rather
strong impact on decrypt performance, 20-25%. One probably should consider
switching between slower and faster routines depending on how much data
we were asked to process.
2006-07-18 10:05:38 +00:00
Andy Polyakov
dff2922aa7 Add option for "compact" rounds to aes_x86core.c. "Compact" rounds are
those referencing compact, 256-byte, S-boxes.
2006-07-14 09:57:55 +00:00
Andy Polyakov
86bdc0a3ee Fix compiler warnings. 2006-07-04 20:29:50 +00:00
Andy Polyakov
9c62bca11a Prepare playground for AES experimental code. 2006-07-02 09:18:00 +00:00
Andy Polyakov
985e4c4154 Mitigate the hazard of cache-collision timing attack on last round. The
only chance for T[ed]4 to get evicted in this module is when its cache
"overlaps" with last 128 bits of key schedule.
2006-06-28 08:52:16 +00:00
Andy Polyakov
9598fa8759 Mitigate the hazard of cache-collision timing attack on last round. Well,
prefetch could have been moved closer to Td4 references. Something for
later consideration...
2006-06-28 08:48:54 +00:00
Andy Polyakov
ac8173515a Mitigate cache-collision timing attack on last round. 2006-06-28 08:39:06 +00:00
Andy Polyakov
8fecd4b4f1 Sync aes.h with http://cvs.openssl.org/chngview?cn=15336. 2006-06-05 10:43:41 +00:00
Andy Polyakov
41fc5f2dbe Reimplement AES_ofb128_encrypt. 2006-06-05 10:40:54 +00:00
Andy Polyakov
bcfd3d68f5 Correct logical error in STRICT_ALIGNMENT check and remove copy of
eay licence, as module is practically rewritten from scratch [well,
even original submission was obviously "almost, but not quite,
entirely unlike" any other eay *_cfb.c module, not to mention new
functions].
2006-06-05 10:40:28 +00:00
Andy Polyakov
21f0db692d Tune up AES CFB. Performance improvement varies from 10% to 50% from
platform to platform. Its absolute value is within few percents
marginal from that of ECB.
2006-05-30 07:20:13 +00:00
Nils Larsch
49c5f38d3d undo accidental commit 2006-04-20 13:54:34 +00:00
Nils Larsch
f8296228f1 as we encrypt every bit separately we need to loop through the number
of bits; thanks to Michael McDougall <mmcdouga@saul.cis.upenn.edu>

PR: 1318
2006-04-20 13:11:52 +00:00
Andy Polyakov
35e00cc2d8 Minor aes-sparcv9.pl optimization. 2005-12-10 12:32:22 +00:00
Andy Polyakov
064f6cb6f2 Engage AES for UltraSPARC in sparcv9 targets. 2005-12-10 11:24:07 +00:00
Andy Polyakov
20ab8b4b41 Revoke the option to share AES S-boxes between C and assembler. It wastes
space, but gives total flexibility [back].
2005-12-10 11:22:57 +00:00
Andy Polyakov
7395d852c3 Initial draft for AES for UltraSPARC assembler. 2005-12-10 11:19:56 +00:00
Andy Polyakov
b2be099d16 Fix #if _MSC_VER clause in aes_locl.h 2005-07-30 19:42:50 +00:00
Andy Polyakov
0066590f98 Pedantic polish to aes-ia64 and sha512-ia64. 2005-07-20 15:15:22 +00:00
Andy Polyakov
b3f56e8b38 Typo in version number. 2005-07-20 11:11:14 +00:00
Andy Polyakov
5826e4f481 Perl stylistic/cosmetic update for aes-x86_64.pl. 2005-07-20 11:09:02 +00:00
Andy Polyakov
ef428d5681 Fix unwind directives in IA-64 assembler modules. This helps symbolic
debugging and doesn't affect functionality.

Submitted by: David Mosberger

Obtained from: http://www.hpl.hp.com/research/linux/crypto/
2005-07-18 09:54:14 +00:00
Andy Polyakov
afbe674edb ~15% better AES x86_64 assembler. 2005-07-18 09:15:04 +00:00
Andy Polyakov
b4f5e5c959 Commentary section update. 2005-07-14 13:16:31 +00:00
Andy Polyakov
d85185217b AES x86_64 assembler implementation. 2005-07-12 15:44:58 +00:00
Andy Polyakov
4e28f13209 Pedantic polish to aes-586.pl:-) 2005-07-01 10:13:30 +00:00
Andy Polyakov
53a20bfd94 Typos in commentary section. 2005-06-30 22:09:03 +00:00
Andy Polyakov
a28062338c AES_cbc_encrypt to allow end-user to retain small blocks performance by
aligning the key schedule in a specific manner.
2005-06-30 22:06:35 +00:00
Andy Polyakov
ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
2005-05-16 16:55:47 +00:00
Bodo Möller
10cde5010d make update 2005-05-16 00:27:37 +00:00
Andy Polyakov
81a86fcf17 Fool-proofing Makefiles 2005-05-15 22:23:26 +00:00
Andy Polyakov
e19e549041 Comply with optimization manual (no data should share cache-line with code). 2005-05-09 21:48:01 +00:00
Andy Polyakov
57ee007035 Fix constants.
PR: 1059
2005-05-07 08:11:50 +00:00
Ben Laurie
36d16f8ee0 Add DTLS support. 2005-04-26 16:02:40 +00:00
Andy Polyakov
3d5fd31280 Avoid L1 cache aliasing even between key and S-boxes. 2005-04-24 21:09:20 +00:00
Andy Polyakov
04d0d0accf Avoid aliasing between stack frames and S-boxes. Compress prefetch code. 2005-04-22 11:49:32 +00:00
Andy Polyakov
c8d5c71af5 Mitigate cache-timing attack in CBC mode. This is done by implementing
compressed tables (2x compression factor) and by pre-fetching them into
processor cache prior every CBC en-/decryption pass. One can argue why
just CBC? Well, it's commonly used mode in real-life applications and
API allows us to amortize the prefetch costs for larger data chunks...
2005-04-16 15:23:21 +00:00
Richard Levitte
4bb61becbb Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
Ben Laurie
42ba5d2329 Blow away Makefile.ssl. 2005-03-30 13:05:57 +00:00
Ulf Möller
8d274837e5 fix breakage for Perl versions that do boolean operations on long words 2005-03-19 11:13:30 +00:00
Andy Polyakov
67ea999d4a This patch was "ignited" by OpenBSD 3>=4 support. They've switched to ELF
and GNU binutils, but kept BSD make... And I took the opportunity to
unify other targets to this common least denominator...
2005-02-06 13:23:34 +00:00
Andy Polyakov
fbdce13e5a Please BSD make... 2005-01-25 22:09:11 +00:00
Andy Polyakov
8359421d90 Default to AES u32 being unsinged int and not long. This improves cache
locality on 64-bit platforms (and fixes IA64 assembler-empowered build:-).
The choice is guarded by newly introduced AES_LONG macro, which needs
to be defined only on 16-bit platforms which we don't support (not that
I know of). Meaning that one could as well skip long option altogether.
2005-01-24 14:22:05 +00:00
Andy Polyakov
efde5230f1 Improve ECB performance (48+14*rounds -> 18+13*rounds) and reserve for
hand-coded zero-copy AES_cbc_encrypt.
2005-01-24 14:14:53 +00:00
Andy Polyakov
bac252a5e3 Bug-fix in CBC encrypt tail processing and commentary section update. 2005-01-20 10:33:37 +00:00
Andy Polyakov
addb6e16a8 Throw in AES CBC assembler, up to +40% on aes-128-cbc benchmark. 2005-01-18 01:04:41 +00:00
Andy Polyakov
ed65fab910 Reserve for AES CBC assembler implementation... 2005-01-18 00:43:32 +00:00
Andy Polyakov
90cc40911b Don't zap AES CBC IV, when decrypting truncated content in place. 2005-01-18 00:26:52 +00:00
Andy Polyakov
e7e1150706 "Monolithic" x86 assembler replacement for aes_core.c. Up to +15% better
performance on recent microarchitectures.
2005-01-13 15:35:44 +00:00
Andy Polyakov
7de4b5b060 Permit "monolithic" AES assembler implementations, i.e. such which would
replace *whole* aes_core.c, not only AES_[de|en]crypt routines.
2005-01-09 16:01:58 +00:00
Andy Polyakov
25866e3982 Commentary update for AES IA-64 assembler module. 2004-12-30 10:55:02 +00:00
Andy Polyakov
3b3df98ca6 Minor AES x86 assembler tune-up. 2004-12-30 10:46:03 +00:00
Andy Polyakov
2e4a99f38b AES-CFB[18] 2x optimization. Well, I bet nobody cares about AES-CFB1
performance, but anyway...
2004-12-30 10:43:33 +00:00
Andy Polyakov
f1ce306f30 Oops-kind typos in aes-ia64.S... 2004-12-28 17:10:42 +00:00
Richard Levitte
37b11ca78e iv needs to be const because it sometimes takes it's value from a
const.
2004-12-28 10:35:13 +00:00
Andy Polyakov
9850f7f6b2 Remove yet another redundant memcpy. Not at least performance critical,
essentially cosmetic modification...
2004-12-26 13:05:40 +00:00
Andy Polyakov
131e064e4a Eliminate redundant memcpy of IV material. Performance improvement varies
from platform to platform and can be as large as 20%.
2004-12-26 12:31:37 +00:00
Andy Polyakov
556b8f3f77 Engage AES x86 assembler module for COFF and a.out targets. 2004-12-26 10:58:39 +00:00
Andy Polyakov
045d3285e2 Engage AES x86 assembler module on ELF platforms. 2004-12-23 21:44:28 +00:00
Andy Polyakov
25558bf743 Eliminate copies of TeN and TdN, use those found in assembler module. 2004-12-23 21:40:23 +00:00
Andy Polyakov
713147109c AES x86 assembler implementation. 2004-12-23 21:32:34 +00:00
Richard Levitte
fbf218b8c3 make update (oops, missed this file) 2004-12-13 22:57:39 +00:00
Richard Levitte
a2ac429da2 Don't use $(EXHEADER) directly in for loops, as most shells will break
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:55:01 +00:00
Richard Levitte
1a4b8e7cee Make sure memmove() is defined, even on SunOS 4.1.4.
PR: 963
2004-11-01 07:58:38 +00:00
Andy Polyakov
14fa6ad9f9 Make aes_ctr.c 64-bit savvy. 2004-08-23 22:19:51 +00:00
Andy Polyakov
33c3ecf741 Build-n-link new IA-64 modules on Linux and HP-UX. 2004-07-23 23:27:10 +00:00
Andy Polyakov
5bd4c26057 Various IA-64 assembler fix-ups. 2004-07-23 22:54:18 +00:00
Andy Polyakov
859ceeeb51 Anchor AES and SHA-256/-512 assembler from C. 2004-07-18 17:26:01 +00:00
Andy Polyakov
d0590fe6b2 Add anchors for AES, SHA-256/-512 assembler modules and SSE2 code pathes.
I also used this opportunity to clean up some out-of-date targets and
re-group targets by OS.
2004-07-18 16:19:34 +00:00
Andy Polyakov
2232b10f5a Add licensing terms. 2004-07-17 13:24:58 +00:00
Andy Polyakov
e34794dd1b IA-64 is intolerant to misaligned access. It was a problem on Win64 as
we were mislead by _MSC_VER macro, which is defined by *all* Windows
Microsoft compilers.
2004-07-17 12:55:55 +00:00
Andy Polyakov
51ce5230cd AES assembler implementation for IA-64. Note that there is no anchor from
C code yet...
2004-07-01 11:15:23 +00:00
Richard Levitte
8d1ebe0bd1 Add the missing parts for DES CFB1 and CFB8.
Add the corresponding AES parts while I'm at it.
make update
2004-01-28 19:05:35 +00:00
Richard Levitte
79b42e7654 Use sh explicitely to run point.sh
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:59:07 +00:00
Richard Levitte
4e952ae4fc Removing those memcpy()s also took away the possibility for in and out to
be the same.  Therefore, the removed memcpy()s need to be restored.
2003-10-29 06:21:22 +00:00
Richard Levitte
0b6956b474 Correct serious bug in AES-CBC decryption when the message length isn't
a multiple of AES_BLOCK_SIZE.
Optimize decryption of all complete blocks in AES-CBC by removing an
unnecessary memcpy().

The error was notified by James Fernandes <jf210032@exchange.DAYTONOH.NCR.com>.
The unnecessary memcpy() was found as an effect of investigating that error.
2003-10-15 09:00:14 +00:00
Richard Levitte
61f00386ab The counter is big-endian. Since it comes as an array of char,
there's absolutely no need to special-case it on little-endian
machines.

Notified by Thierry Boivin <Thierry.Boivin@celsecat.com>
2003-07-04 11:37:50 +00:00
Richard Levitte
2ae0352b0f Oops, I forgot to replace 'counter' with 'ivec' when used... 2003-07-03 20:50:44 +00:00
Richard Levitte
da6c44fc97 The 'counter' is really the IV. 2003-07-03 06:42:43 +00:00
Richard Levitte
da0d33560f Change AES-CTR to increment the IV by 1 instead of 2^64. 2003-07-03 06:41:30 +00:00
Richard Levitte
55b12f8641 The output from AES_cbc_encrypt() should be exact multiple blocks when encrypting 2003-06-10 04:11:42 +00:00
Richard Levitte
940767b03f Make sure we get the definition of OPENSSL_NO_AES. 2003-03-20 23:15:51 +00:00
Andy Polyakov
97e6bf6b22 Workaround for lame compiler bug introduced in "CPU pack" for MSVC6SP5. 2003-01-23 10:05:39 +00:00
Richard Levitte
aa18245f7e Make AES_ENCRYPT and AES_DECRYPT macros instead of static constants.
PR: 411
2002-12-20 18:21:35 +00:00
Richard Levitte
0bf23d9b20 WinCE patches 2002-11-15 22:37:18 +00:00
Richard Levitte
c863201780 Remove warnings. 2002-11-14 15:57:38 +00:00
Ben Laurie
54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Bodo Möller
b6fee5c2fb disable weird assert()s 2002-11-13 14:01:34 +00:00
Richard Levitte
69ce48c307 Make the CBC mode od AES accept lengths that aren't multiples of 16.
PR: 330
2002-11-12 11:00:25 +00:00
Richard Levitte
4006c56036 Add more commentary. Check that *num is smaller than the block size. 2002-10-11 22:42:34 +00:00
Richard Levitte
1729588435 The AES CTR API was buggy, we need to save the encrypted counter as well
between calls, or that will be lost if it returned with *num non-zero.
2002-10-11 22:37:29 +00:00
Richard Levitte
001ab3abad Use double dashes so makedepend doesn't misunderstand the flags we
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:25:12 +00:00
Richard Levitte
17085b022c Pass CFLAG to dependency makers, so non-standard system include paths are
handled properly.
Part of PR 75
2002-06-27 16:39:25 +00:00
Bodo Möller
c4c2c61e8c always include <string.h> (we do this in various other header files,
so it can't be bad)

PR: 102
2002-06-18 09:35:43 +00:00
Richard Levitte
09c70c3261 In CFB mode, the iv is always encrypted. 2002-05-31 13:07:39 +00:00
Richard Levitte
dbdc5d14d3 Correct AES counter mode, which incorrectly incremented the counter before
using it.
PR: 56
2002-05-30 14:06:06 +00:00
Richard Levitte
3adb8c3854 With Compaq make, it seems like # inside an action becomes part of the command, not a comment at all 2002-02-20 11:43:40 +00:00
Geoff Thorpe
5b2d6ff07e make update 2002-02-20 08:33:55 +00:00
Richard Levitte
97879bcd57 Add the modes OFB128, CFB128 and CTR128 to AES.
Submitted by Stephen Sprunk <stephen@sprunk.org>
2002-02-16 12:20:34 +00:00
Richard Levitte
f6fbd470e3 It looks like I didn't remove everything that has to do with the
non-existant aestest.c.
2002-01-26 04:45:37 +00:00
Richard Levitte
72165799a8 There is no aestest currently. The EVP tester is used to check the
AES algorithm.
2002-01-25 07:52:25 +00:00
Ben Laurie
9dd5ae6553 Constification, add config to /dev/crypto. 2002-01-18 16:51:05 +00:00
Geoff Thorpe
e4dd79bbc8 - Add the same header stuff to aes_locl.h as is in des_locl.h to avoid
undefined functions (memset, etc).
- Put a .cvsignore in the aes directory too.
2002-01-05 12:55:08 +00:00
Richard Levitte
6f9079fd50 Because Rijndael is more known as AES, use crypto/aes instead of
crypto/rijndael.  Additionally, I applied the AES integration patch
from Stephen Sprunk <stephen@sprunk.org> and fiddled it to work
properly with the normal EVP constructs (and incidently work the same
way as all other symmetric cipher implementations).

This results in an API that looks a lot like the rest of the OpenSSL
cipher suite.
2002-01-02 16:55:35 +00:00