Dr. Stephen Henson
e75c5a794e
CCM support.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-08-14 06:56:11 +01:00
Dr. Stephen Henson
9cca7be11d
Relax CCM tag check.
...
In CCM mode don't require a tag before initialising decrypt: this allows
the tag length to be set without requiring the tag.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-07-06 15:42:23 +01:00
Emilia Kasper
1e4a355dca
Use CRYPTO_memcmp when comparing authenticators
...
Pointed out by Victor Vasiliev (vasilvv@mit.edu ) via Adam Langley
(Google).
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-06-08 14:55:50 +02:00
Matt Caswell
c826988109
Sanity check EVP_CTRL_AEAD_TLS_AAD
...
The various implementations of EVP_CTRL_AEAD_TLS_AAD expect a buffer of at
least 13 bytes long. Add sanity checks to ensure that the length is at
least that. Also add a new constant (EVP_AEAD_TLS1_AAD_LEN) to evp.h to
represent this length. Thanks to Kevin Wojtysiak (Int3 Solutions) and
Paramjot Oberoi (Int3 Solutions) for reporting this issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-04-30 23:12:39 +01:00
Andy Polyakov
33b188a8e8
Engage vpaes-armv8 module.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-28 15:42:12 +01:00
Andy Polyakov
bdc985b133
evp/e_aes.c: fix pair of SPARC T4-specific problems:
...
- SIGSEGV/ILL in CCM (RT#3688);
- SIGBUS in OCB;
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-02-09 10:26:20 +01:00
Rich Salz
fd22ab9edf
Dead code: if 0 removal from crypto/evp and an unused file.
...
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-02-02 16:53:54 -05:00
Matt Caswell
e640fa0200
Harmonise use of EVP_CTRL_GET_TAG/EVP_CTRL_SET_TAG/EVP_CTRL_SET_IVLEN
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-28 10:39:01 +00:00
Matt Caswell
d57d135c33
Replace EVP_CTRL_OCB_SET_TAGLEN with EVP_CTRL_SET_TAG for consistency with
...
CCM
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-28 10:38:38 +00:00
Matt Caswell
0f113f3ee4
Run util/openssl-format-source -v -c .
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Andy Polyakov
c1669e1c20
Remove inconsistency in ARM support.
...
This facilitates "universal" builds, ones that target multiple
architectures, e.g. ARMv5 through ARMv7. See commentary in
Configure for details.
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-01-04 23:45:08 +01:00
Dr. Stephen Henson
73e45b2dd1
remove OPENSSL_FIPSAPI
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 13:25:38 +00:00
Dr. Stephen Henson
916e56208b
remove FIPS module code from crypto/evp
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 13:25:38 +00:00
Matt Caswell
3feb63054a
Added OPENSSL_NO_OCB guards
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 10:29:03 +00:00
Matt Caswell
e6b336efa3
Add EVP support for OCB mode
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 10:28:34 +00:00
Emilia Kasper
da92be4d68
Fix build when BSAES_ASM is defined but VPAES_ASM is not
...
Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-08-21 15:42:57 +02:00
Andy Polyakov
0e716d9207
Engage GHASH for PowerISA 2.0.7.
...
[and split ppccap.c to ppccap.c and ppc_arch.h]
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-20 14:16:31 +02:00
Dr. Stephen Henson
d31fed73e2
RFC 5649 support.
...
Add support for RFC5649 key wrapping with padding.
Add RFC5649 tests to evptests.txt
Based on PR#3434 contribution by Petr Spacek <pspacek@redhat.com>.
EVP support and minor changes added by Stephen Henson.
Doxygen comment block updates by Tim Hudson.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-18 21:37:13 +01:00
Dr. Stephen Henson
58f4698f67
Make *Final work for key wrap again.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-17 23:29:14 +01:00
Dr. Stephen Henson
d12eef1501
Sanity check lengths for AES wrap algorithm.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-17 12:57:40 +01:00
Dr. Stephen Henson
c2fd5d79ff
Fix copy for CCM, GCM and XTS.
...
Internal pointers in CCM, GCM and XTS contexts should either be
NULL or set to point to the appropriate key schedule. This needs
to be adjusted when copying contexts.
2014-06-30 12:57:29 +01:00
ZNV
370bf1d708
Make EVP_CIPHER_CTX_copy work in GCM mode.
...
PR#3272
2014-06-29 22:01:28 +01:00
Andy Polyakov
764fe518da
aesp8-ppc.pl: add CTR mode.
2014-06-16 08:05:19 +02:00
Andy Polyakov
53a224bb0a
evp/e_aes.c: add erroneously omitted break;
2014-06-04 08:33:06 +02:00
Andy Polyakov
030a3f9527
evp/e_aes.c: populate HWAES_* to remaning modes.
...
Submitted by: Ard Biesheuvel.
2014-06-02 21:48:02 +02:00
Andy Polyakov
de51e830a6
Engage POWER8 AES support.
2014-06-01 23:38:11 +02:00
Andy Polyakov
ddacb8f27b
Engage ARMv8 AES support.
2014-06-01 22:20:37 +02:00
Andy Polyakov
e9c80e04c1
evp/e_[aes|camellia].c: fix typo in CBC subroutine.
...
It worked because it was never called.
2013-12-18 21:42:46 +01:00
Andy Polyakov
f0f4b8f126
PPC assembly pack update addendum.
2013-12-18 21:39:15 +01:00
Andy Polyakov
07f3e4f3f9
Take vpaes-ppc module into loop.
2013-11-27 22:39:13 +01:00
Ard Biesheuvel
a2ea9f3ecc
Added support for ARM/NEON based bit sliced AES in XTS mode
...
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
2013-09-15 19:37:16 +02:00
Dr. Stephen Henson
e61f5d55bc
Algorithm parameter support.
...
Check and set AlgorithmIdenfier parameters for key wrap algorithms.
Currently these just set parameters to NULL.
2013-08-05 15:45:00 +01:00
Andy Polyakov
a59f436295
crypto/evp/e_aes.c: fix logical pre-processor bug and formatting.
...
Bug would emerge when XTS is added to bsaes-armv7.pl. Pointed out by
Ard Biesheuvel of Linaro.
2013-08-03 17:09:06 +02:00
Dr. Stephen Henson
97cf1f6c28
EVP support for wrapping algorithms.
...
Add support for key wrap algorithms via EVP interface.
Generalise AES wrap algorithm and add to modes, making existing
AES wrap algorithm a special case.
Move test code to evptests.txt
2013-07-17 21:45:00 +01:00
Andy Polyakov
9575d1a91a
bsaes-armv7.pl: add bsaes_cbc_encrypt and bsaes_ctr32_encrypt_blocks.
...
Submitted by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Contributor claims ~50% improvement in CTR and ~9% in CBC decrypt
on Cortex-A15.
2013-04-23 17:52:14 +02:00
Andy Polyakov
a42abde699
e_aes.c: reserve for future extensions.
2013-04-04 15:55:49 +02:00
Andy Polyakov
4e049c5259
Add AES-NI GCM stitch.
2013-03-29 20:45:33 +01:00
Andy Polyakov
cd68694646
AES for SPARC T4: add XTS, reorder subroutines to improve TLB locality.
2012-11-24 21:55:23 +00:00
Dr. Stephen Henson
057c8a2b9e
fix error code
2012-10-18 16:21:39 +00:00
Dr. Stephen Henson
964eaad78c
Don't require tag before ciphertext in AESGCM mode
2012-10-16 22:46:08 +00:00
Andy Polyakov
c5f6da54fc
Add SPARC T4 AES support.
...
Submitted by: David Miller
2012-10-06 18:08:09 +00:00
Andy Polyakov
244ed51a0d
e_aes.c: uninitialized variable in aes_ccm_init_key.
...
PR: 2874
Submitted by: Tomas Mraz
2012-09-15 08:45:42 +00:00
Andy Polyakov
77aae9654f
Configure, e_aes.c: allow for XTS assembler implementation.
2011-11-15 12:18:40 +00:00
Andy Polyakov
32268b183f
e_aes.c: additional sanity check in aes_xts_cipher.
2011-11-12 13:26:36 +00:00
Andy Polyakov
60d4e99cf3
bsaes-x86_64.pl: add bsaes_xts_[en|de]crypt.
2011-11-10 22:41:31 +00:00
Andy Polyakov
9a480169cd
e_aes.c: fold aesni_xts_cipher and [most importantly] fix aes_xts_cipher's
...
return value after custom flag was rightly reverted.
2011-11-06 19:48:39 +00:00
Andy Polyakov
a75a52a43e
bsaes-x86_64.pl: add CBC decrypt and engage it in e_aes.c.
2011-10-30 12:15:56 +00:00
Andy Polyakov
f2784994ec
e_aes.c: fold even aesni_ccm_cipher.
2011-10-24 06:00:06 +00:00
Andy Polyakov
507b0d9d38
e_aes.c: prevent potential DoS in aes_gcm_tls_cipher.
2011-10-23 22:58:40 +00:00
Dr. Stephen Henson
f59a5d6079
No need for custom flag in XTS mode: block length is 1.
2011-10-23 17:06:28 +00:00