summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormiod <>2014-06-21 12:07:02 +0000
committermiod <>2014-06-21 12:07:02 +0000
commit08ade2d2f3bc84d98839ae9064475c6fca84a29f (patch)
tree0267dceffc3c369fe1760e56382b3a9b490226d7
parent2ef56674b5be6f3ed20a4d2131278e87cf0664d3 (diff)
downloadopenbsd-08ade2d2f3bc84d98839ae9064475c6fca84a29f.tar.gz
openbsd-08ade2d2f3bc84d98839ae9064475c6fca84a29f.tar.bz2
openbsd-08ade2d2f3bc84d98839ae9064475c6fca84a29f.zip
KNF
Diffstat
-rw-r--r--src/lib/libcrypto/cmac/cm_ameth.c21
-rw-r--r--src/lib/libcrypto/cmac/cm_pmeth.c115
-rw-r--r--src/lib/libcrypto/cmac/cmac.c125
-rw-r--r--src/lib/libssl/src/crypto/cmac/cm_ameth.c21
-rw-r--r--src/lib/libssl/src/crypto/cmac/cm_pmeth.c115
-rw-r--r--src/lib/libssl/src/crypto/cmac/cmac.c125
6 files changed, 274 insertions, 248 deletions
diff --git a/src/lib/libcrypto/cmac/cm_ameth.c b/src/lib/libcrypto/cmac/cm_ameth.c
index e4952df2f9..a793e65262 100644
--- a/src/lib/libcrypto/cmac/cm_ameth.c
+++ b/src/lib/libcrypto/cmac/cm_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cm_ameth.c,v 1.3 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: cm_ameth.c,v 1.4 2014/06/21 12:07:02 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2010. 3 * project 2010.
4 */ 4 */
@@ -62,19 +62,23 @@
62 * key. 62 * key.
63 */ 63 */
64 64
65static int cmac_size(const EVP_PKEY *pkey) 65static int
66 { 66cmac_size(const EVP_PKEY *pkey)
67{
67 return EVP_MAX_BLOCK_LENGTH; 68 return EVP_MAX_BLOCK_LENGTH;
68 } 69}
69 70
70static void cmac_key_free(EVP_PKEY *pkey) 71static void
71 { 72cmac_key_free(EVP_PKEY *pkey)
73{
72 CMAC_CTX *cmctx = (CMAC_CTX *)pkey->pkey.ptr; 74 CMAC_CTX *cmctx = (CMAC_CTX *)pkey->pkey.ptr;
75
73 if (cmctx) 76 if (cmctx)
74 CMAC_CTX_free(cmctx); 77 CMAC_CTX_free(cmctx);
75 } 78}
76 79
77const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = { 80const EVP_PKEY_ASN1_METHOD
81cmac_asn1_meth = {
78 .pkey_id = EVP_PKEY_CMAC, 82 .pkey_id = EVP_PKEY_CMAC,
79 .pkey_base_id = EVP_PKEY_CMAC, 83 .pkey_base_id = EVP_PKEY_CMAC,
80 84
@@ -84,4 +88,3 @@ const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = {
84 .pkey_size = cmac_size, 88 .pkey_size = cmac_size,
85 .pkey_free = cmac_key_free 89 .pkey_free = cmac_key_free
86}; 90};
87
diff --git a/src/lib/libcrypto/cmac/cm_pmeth.c b/src/lib/libcrypto/cmac/cm_pmeth.c
index b65c1795ae..3010f91aca 100644
--- a/src/lib/libcrypto/cmac/cm_pmeth.c
+++ b/src/lib/libcrypto/cmac/cm_pmeth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cm_pmeth.c,v 1.4 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: cm_pmeth.c,v 1.5 2014/06/21 12:07:02 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2010. 3 * project 2010.
4 */ 4 */
@@ -61,135 +61,140 @@
61 61
62/* The context structure and "key" is simply a CMAC_CTX */ 62/* The context structure and "key" is simply a CMAC_CTX */
63 63
64static int pkey_cmac_init(EVP_PKEY_CTX *ctx) 64static int
65 { 65pkey_cmac_init(EVP_PKEY_CTX *ctx)
66{
66 ctx->data = CMAC_CTX_new(); 67 ctx->data = CMAC_CTX_new();
67 if (!ctx->data) 68 if (!ctx->data)
68 return 0; 69 return 0;
69 ctx->keygen_info_count = 0; 70 ctx->keygen_info_count = 0;
70 return 1; 71 return 1;
71 } 72}
72 73
73static int pkey_cmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) 74static int
74 { 75pkey_cmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
76{
75 if (!pkey_cmac_init(dst)) 77 if (!pkey_cmac_init(dst))
76 return 0; 78 return 0;
77 if (!CMAC_CTX_copy(dst->data, src->data)) 79 if (!CMAC_CTX_copy(dst->data, src->data))
78 return 0; 80 return 0;
79 return 1; 81 return 1;
80 } 82}
81 83
82static void pkey_cmac_cleanup(EVP_PKEY_CTX *ctx) 84static void
83 { 85pkey_cmac_cleanup(EVP_PKEY_CTX *ctx)
86{
84 CMAC_CTX_free(ctx->data); 87 CMAC_CTX_free(ctx->data);
85 } 88}
86 89
87static int pkey_cmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) 90static int
88 { 91pkey_cmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
92{
89 CMAC_CTX *cmkey = CMAC_CTX_new(); 93 CMAC_CTX *cmkey = CMAC_CTX_new();
90 CMAC_CTX *cmctx = ctx->data; 94 CMAC_CTX *cmctx = ctx->data;
95
91 if (!cmkey) 96 if (!cmkey)
92 return 0; 97 return 0;
93 if (!CMAC_CTX_copy(cmkey, cmctx)) 98 if (!CMAC_CTX_copy(cmkey, cmctx)) {
94 {
95 CMAC_CTX_free(cmkey); 99 CMAC_CTX_free(cmkey);
96 return 0; 100 return 0;
97 } 101 }
98 EVP_PKEY_assign(pkey, EVP_PKEY_CMAC, cmkey); 102 EVP_PKEY_assign(pkey, EVP_PKEY_CMAC, cmkey);
99 103
100 return 1; 104 return 1;
101 } 105}
102 106
103static int int_update(EVP_MD_CTX *ctx,const void *data,size_t count) 107static int
104 { 108int_update(EVP_MD_CTX *ctx,const void *data,size_t count)
109{
105 if (!CMAC_Update(ctx->pctx->data, data, count)) 110 if (!CMAC_Update(ctx->pctx->data, data, count))
106 return 0; 111 return 0;
107 return 1; 112 return 1;
108 } 113}
109 114
110static int cmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) 115static int
111 { 116cmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
117{
112 EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); 118 EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
113 mctx->update = int_update; 119 mctx->update = int_update;
114 return 1; 120 return 1;
115 } 121}
116 122
117static int cmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, 123static int
118 EVP_MD_CTX *mctx) 124cmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
119 { 125 EVP_MD_CTX *mctx)
126{
120 return CMAC_Final(ctx->data, sig, siglen); 127 return CMAC_Final(ctx->data, sig, siglen);
121 } 128}
122 129
123static int pkey_cmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) 130static int
124 { 131pkey_cmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
132{
125 CMAC_CTX *cmctx = ctx->data; 133 CMAC_CTX *cmctx = ctx->data;
126 switch (type)
127 {
128 134
129 case EVP_PKEY_CTRL_SET_MAC_KEY: 135 switch (type) {
136 case EVP_PKEY_CTRL_SET_MAC_KEY:
130 if (!p2 || p1 < 0) 137 if (!p2 || p1 < 0)
131 return 0; 138 return 0;
132 if (!CMAC_Init(cmctx, p2, p1, NULL, NULL)) 139 if (!CMAC_Init(cmctx, p2, p1, NULL, NULL))
133 return 0; 140 return 0;
134 break; 141 break;
135 142
136 case EVP_PKEY_CTRL_CIPHER: 143 case EVP_PKEY_CTRL_CIPHER:
137 if (!CMAC_Init(cmctx, NULL, 0, p2, ctx->engine)) 144 if (!CMAC_Init(cmctx, NULL, 0, p2, ctx->engine))
138 return 0; 145 return 0;
139 break; 146 break;
140 147
141 case EVP_PKEY_CTRL_MD: 148 case EVP_PKEY_CTRL_MD:
142 if (ctx->pkey && !CMAC_CTX_copy(ctx->data, 149 if (ctx->pkey && !CMAC_CTX_copy(ctx->data,
143 (CMAC_CTX *)ctx->pkey->pkey.ptr)) 150 (CMAC_CTX *)ctx->pkey->pkey.ptr))
144 return 0; 151 return 0;
145 if (!CMAC_Init(cmctx, NULL, 0, NULL, NULL)) 152 if (!CMAC_Init(cmctx, NULL, 0, NULL, NULL))
146 return 0; 153 return 0;
147 break; 154 break;
148 155
149 default: 156 default:
150 return -2; 157 return -2;
151
152 }
153 return 1;
154 } 158 }
159 return 1;
160}
155 161
156static int pkey_cmac_ctrl_str(EVP_PKEY_CTX *ctx, 162static int
157 const char *type, const char *value) 163pkey_cmac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
158 { 164{
159 if (!value) 165 if (!value)
160 {
161 return 0; 166 return 0;
162 } 167 if (!strcmp(type, "key")) {
163 if (!strcmp(type, "key"))
164 {
165 void *p = (void *)value; 168 void *p = (void *)value;
166 return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, 169 return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
167 strlen(p), p); 170 strlen(p), p);
168 } 171 }
169 if (!strcmp(type, "cipher")) 172 if (!strcmp(type, "cipher")) {
170 {
171 const EVP_CIPHER *c; 173 const EVP_CIPHER *c;
174
172 c = EVP_get_cipherbyname(value); 175 c = EVP_get_cipherbyname(value);
173 if (!c) 176 if (!c)
174 return 0; 177 return 0;
175 return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_CIPHER, -1, (void *)c); 178 return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_CIPHER, -1, (void *)c);
176 } 179 }
177 if (!strcmp(type, "hexkey")) 180 if (!strcmp(type, "hexkey")) {
178 {
179 unsigned char *key; 181 unsigned char *key;
180 int r; 182 int r;
181 long keylen; 183 long keylen;
184
182 key = string_to_hex(value, &keylen); 185 key = string_to_hex(value, &keylen);
183 if (!key) 186 if (!key)
184 return 0; 187 return 0;
185 r = pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key); 188 r = pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
186 free(key); 189 free(key);
187 return r; 190 return r;
188 }
189 return -2;
190 } 191 }
191 192
192const EVP_PKEY_METHOD cmac_pkey_meth = { 193 return -2;
194}
195
196const EVP_PKEY_METHOD
197cmac_pkey_meth = {
193 .pkey_id = EVP_PKEY_CMAC, 198 .pkey_id = EVP_PKEY_CMAC,
194 .flags = EVP_PKEY_FLAG_SIGCTX_CUSTOM, 199 .flags = EVP_PKEY_FLAG_SIGCTX_CUSTOM,
195 200
diff --git a/src/lib/libcrypto/cmac/cmac.c b/src/lib/libcrypto/cmac/cmac.c
index 237ff01b6b..b2f77c59bd 100644
--- a/src/lib/libcrypto/cmac/cmac.c
+++ b/src/lib/libcrypto/cmac/cmac.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cmac.c,v 1.5 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: cmac.c,v 1.6 2014/06/21 12:07:02 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -57,8 +57,7 @@
57#include "cryptlib.h" 57#include "cryptlib.h"
58#include <openssl/cmac.h> 58#include <openssl/cmac.h>
59 59
60struct CMAC_CTX_st 60struct CMAC_CTX_st {
61 {
62 /* Cipher context to use */ 61 /* Cipher context to use */
63 EVP_CIPHER_CTX cctx; 62 EVP_CIPHER_CTX cctx;
64 /* Keys k1 and k2 */ 63 /* Keys k1 and k2 */
@@ -70,61 +69,69 @@ struct CMAC_CTX_st
70 unsigned char last_block[EVP_MAX_BLOCK_LENGTH]; 69 unsigned char last_block[EVP_MAX_BLOCK_LENGTH];
71 /* Number of bytes in last block: -1 means context not initialised */ 70 /* Number of bytes in last block: -1 means context not initialised */
72 int nlast_block; 71 int nlast_block;
73 }; 72};
74 73
75 74
76/* Make temporary keys K1 and K2 */ 75/* Make temporary keys K1 and K2 */
77 76
78static void make_kn(unsigned char *k1, unsigned char *l, int bl) 77static void
79 { 78make_kn(unsigned char *k1, unsigned char *l, int bl)
79{
80 int i; 80 int i;
81
81 /* Shift block to left, including carry */ 82 /* Shift block to left, including carry */
82 for (i = 0; i < bl; i++) 83 for (i = 0; i < bl; i++) {
83 {
84 k1[i] = l[i] << 1; 84 k1[i] = l[i] << 1;
85 if (i < bl - 1 && l[i + 1] & 0x80) 85 if (i < bl - 1 && l[i + 1] & 0x80)
86 k1[i] |= 1; 86 k1[i] |= 1;
87 } 87 }
88 /* If MSB set fixup with R */ 88 /* If MSB set fixup with R */
89 if (l[0] & 0x80) 89 if (l[0] & 0x80)
90 k1[bl - 1] ^= bl == 16 ? 0x87 : 0x1b; 90 k1[bl - 1] ^= bl == 16 ? 0x87 : 0x1b;
91 } 91}
92 92
93CMAC_CTX *CMAC_CTX_new(void) 93CMAC_CTX *
94 { 94CMAC_CTX_new(void)
95{
95 CMAC_CTX *ctx; 96 CMAC_CTX *ctx;
97
96 ctx = malloc(sizeof(CMAC_CTX)); 98 ctx = malloc(sizeof(CMAC_CTX));
97 if (!ctx) 99 if (!ctx)
98 return NULL; 100 return NULL;
99 EVP_CIPHER_CTX_init(&ctx->cctx); 101 EVP_CIPHER_CTX_init(&ctx->cctx);
100 ctx->nlast_block = -1; 102 ctx->nlast_block = -1;
101 return ctx; 103 return ctx;
102 } 104}
103 105
104void CMAC_CTX_cleanup(CMAC_CTX *ctx) 106void
105 { 107CMAC_CTX_cleanup(CMAC_CTX *ctx)
108{
106 EVP_CIPHER_CTX_cleanup(&ctx->cctx); 109 EVP_CIPHER_CTX_cleanup(&ctx->cctx);
107 OPENSSL_cleanse(ctx->tbl, EVP_MAX_BLOCK_LENGTH); 110 OPENSSL_cleanse(ctx->tbl, EVP_MAX_BLOCK_LENGTH);
108 OPENSSL_cleanse(ctx->k1, EVP_MAX_BLOCK_LENGTH); 111 OPENSSL_cleanse(ctx->k1, EVP_MAX_BLOCK_LENGTH);
109 OPENSSL_cleanse(ctx->k2, EVP_MAX_BLOCK_LENGTH); 112 OPENSSL_cleanse(ctx->k2, EVP_MAX_BLOCK_LENGTH);
110 OPENSSL_cleanse(ctx->last_block, EVP_MAX_BLOCK_LENGTH); 113 OPENSSL_cleanse(ctx->last_block, EVP_MAX_BLOCK_LENGTH);
111 ctx->nlast_block = -1; 114 ctx->nlast_block = -1;
112 } 115}
113 116
114EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx) 117EVP_CIPHER_CTX *
115 { 118CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx)
119{
116 return &ctx->cctx; 120 return &ctx->cctx;
117 } 121}
118 122
119void CMAC_CTX_free(CMAC_CTX *ctx) 123void
120 { 124CMAC_CTX_free(CMAC_CTX *ctx)
125{
121 CMAC_CTX_cleanup(ctx); 126 CMAC_CTX_cleanup(ctx);
122 free(ctx); 127 free(ctx);
123 } 128}
124 129
125int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in) 130int
126 { 131CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in)
132{
127 int bl; 133 int bl;
134
128 if (in->nlast_block == -1) 135 if (in->nlast_block == -1)
129 return 0; 136 return 0;
130 if (!EVP_CIPHER_CTX_copy(&out->cctx, &in->cctx)) 137 if (!EVP_CIPHER_CTX_copy(&out->cctx, &in->cctx))
@@ -136,15 +143,16 @@ int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in)
136 memcpy(out->last_block, in->last_block, bl); 143 memcpy(out->last_block, in->last_block, bl);
137 out->nlast_block = in->nlast_block; 144 out->nlast_block = in->nlast_block;
138 return 1; 145 return 1;
139 } 146}
140 147
141int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen, 148int
142 const EVP_CIPHER *cipher, ENGINE *impl) 149CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
143 { 150 const EVP_CIPHER *cipher, ENGINE *impl)
151{
144 static unsigned char zero_iv[EVP_MAX_BLOCK_LENGTH]; 152 static unsigned char zero_iv[EVP_MAX_BLOCK_LENGTH];
153
145 /* All zeros means restart */ 154 /* All zeros means restart */
146 if (!key && !cipher && !impl && keylen == 0) 155 if (!key && !cipher && !impl && keylen == 0) {
147 {
148 /* Not initialised */ 156 /* Not initialised */
149 if (ctx->nlast_block == -1) 157 if (ctx->nlast_block == -1)
150 return 0; 158 return 0;
@@ -153,14 +161,14 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
153 memset(ctx->tbl, 0, EVP_CIPHER_CTX_block_size(&ctx->cctx)); 161 memset(ctx->tbl, 0, EVP_CIPHER_CTX_block_size(&ctx->cctx));
154 ctx->nlast_block = 0; 162 ctx->nlast_block = 0;
155 return 1; 163 return 1;
156 } 164 }
157 /* Initialiase context */ 165 /* Initialiase context */
158 if (cipher && !EVP_EncryptInit_ex(&ctx->cctx, cipher, impl, NULL, NULL)) 166 if (cipher && !EVP_EncryptInit_ex(&ctx->cctx, cipher, impl, NULL, NULL))
159 return 0; 167 return 0;
160 /* Non-NULL key means initialisation complete */ 168 /* Non-NULL key means initialisation complete */
161 if (key) 169 if (key) {
162 {
163 int bl; 170 int bl;
171
164 if (!EVP_CIPHER_CTX_cipher(&ctx->cctx)) 172 if (!EVP_CIPHER_CTX_cipher(&ctx->cctx))
165 return 0; 173 return 0;
166 if (!EVP_CIPHER_CTX_set_key_length(&ctx->cctx, keylen)) 174 if (!EVP_CIPHER_CTX_set_key_length(&ctx->cctx, keylen))
@@ -179,12 +187,13 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
179 /* Zero tbl so resume works */ 187 /* Zero tbl so resume works */
180 memset(ctx->tbl, 0, bl); 188 memset(ctx->tbl, 0, bl);
181 ctx->nlast_block = 0; 189 ctx->nlast_block = 0;
182 }
183 return 1;
184 } 190 }
191 return 1;
192}
185 193
186int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen) 194int
187 { 195CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen)
196{
188 const unsigned char *data = in; 197 const unsigned char *data = in;
189 size_t bl; 198 size_t bl;
190 199
@@ -194,9 +203,9 @@ int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen)
194 return 1; 203 return 1;
195 bl = EVP_CIPHER_CTX_block_size(&ctx->cctx); 204 bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
196 /* Copy into partial block if we need to */ 205 /* Copy into partial block if we need to */
197 if (ctx->nlast_block > 0) 206 if (ctx->nlast_block > 0) {
198 {
199 size_t nleft; 207 size_t nleft;
208
200 nleft = bl - ctx->nlast_block; 209 nleft = bl - ctx->nlast_block;
201 if (dlen < nleft) 210 if (dlen < nleft)
202 nleft = dlen; 211 nleft = dlen;
@@ -210,24 +219,23 @@ int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen)
210 /* Else not final block so encrypt it */ 219 /* Else not final block so encrypt it */
211 if (!EVP_Cipher(&ctx->cctx, ctx->tbl, ctx->last_block,bl)) 220 if (!EVP_Cipher(&ctx->cctx, ctx->tbl, ctx->last_block,bl))
212 return 0; 221 return 0;
213 } 222 }
214 /* Encrypt all but one of the complete blocks left */ 223 /* Encrypt all but one of the complete blocks left */
215 while(dlen > bl) 224 while (dlen > bl) {
216 {
217 if (!EVP_Cipher(&ctx->cctx, ctx->tbl, data, bl)) 225 if (!EVP_Cipher(&ctx->cctx, ctx->tbl, data, bl))
218 return 0; 226 return 0;
219 dlen -= bl; 227 dlen -= bl;
220 data += bl; 228 data += bl;
221 } 229 }
222 /* Copy any data left to last block buffer */ 230 /* Copy any data left to last block buffer */
223 memcpy(ctx->last_block, data, dlen); 231 memcpy(ctx->last_block, data, dlen);
224 ctx->nlast_block = dlen; 232 ctx->nlast_block = dlen;
225 return 1; 233 return 1;
234}
226 235
227 } 236int
228 237CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen)
229int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen) 238{
230 {
231 int i, bl, lb; 239 int i, bl, lb;
232 240
233 if (ctx->nlast_block == -1) 241 if (ctx->nlast_block == -1)
@@ -238,29 +246,26 @@ int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen)
238 return 1; 246 return 1;
239 lb = ctx->nlast_block; 247 lb = ctx->nlast_block;
240 /* Is last block complete? */ 248 /* Is last block complete? */
241 if (lb == bl) 249 if (lb == bl) {
242 {
243 for (i = 0; i < bl; i++) 250 for (i = 0; i < bl; i++)
244 out[i] = ctx->last_block[i] ^ ctx->k1[i]; 251 out[i] = ctx->last_block[i] ^ ctx->k1[i];
245 } 252 } else {
246 else
247 {
248 ctx->last_block[lb] = 0x80; 253 ctx->last_block[lb] = 0x80;
249 if (bl - lb > 1) 254 if (bl - lb > 1)
250 memset(ctx->last_block + lb + 1, 0, bl - lb - 1); 255 memset(ctx->last_block + lb + 1, 0, bl - lb - 1);
251 for (i = 0; i < bl; i++) 256 for (i = 0; i < bl; i++)
252 out[i] = ctx->last_block[i] ^ ctx->k2[i]; 257 out[i] = ctx->last_block[i] ^ ctx->k2[i];
253 } 258 }
254 if (!EVP_Cipher(&ctx->cctx, out, out, bl)) 259 if (!EVP_Cipher(&ctx->cctx, out, out, bl)) {
255 {
256 OPENSSL_cleanse(out, bl); 260 OPENSSL_cleanse(out, bl);
257 return 0; 261 return 0;
258 }
259 return 1;
260 } 262 }
263 return 1;
264}
261 265
262int CMAC_resume(CMAC_CTX *ctx) 266int
263 { 267CMAC_resume(CMAC_CTX *ctx)
268{
264 if (ctx->nlast_block == -1) 269 if (ctx->nlast_block == -1)
265 return 0; 270 return 0;
266 /* The buffer "tbl" containes the last fully encrypted block 271 /* The buffer "tbl" containes the last fully encrypted block
@@ -270,4 +275,4 @@ int CMAC_resume(CMAC_CTX *ctx)
270 * CMAC to continue after calling CMAC_Final(). 275 * CMAC to continue after calling CMAC_Final().
271 */ 276 */
272 return EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, ctx->tbl); 277 return EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, ctx->tbl);
273 } 278}
diff --git a/src/lib/libssl/src/crypto/cmac/cm_ameth.c b/src/lib/libssl/src/crypto/cmac/cm_ameth.c
index e4952df2f9..a793e65262 100644
--- a/src/lib/libssl/src/crypto/cmac/cm_ameth.c
+++ b/src/lib/libssl/src/crypto/cmac/cm_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cm_ameth.c,v 1.3 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: cm_ameth.c,v 1.4 2014/06/21 12:07:02 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2010. 3 * project 2010.
4 */ 4 */
@@ -62,19 +62,23 @@
62 * key. 62 * key.
63 */ 63 */
64 64
65static int cmac_size(const EVP_PKEY *pkey) 65static int
66 { 66cmac_size(const EVP_PKEY *pkey)
67{
67 return EVP_MAX_BLOCK_LENGTH; 68 return EVP_MAX_BLOCK_LENGTH;
68 } 69}
69 70
70static void cmac_key_free(EVP_PKEY *pkey) 71static void
71 { 72cmac_key_free(EVP_PKEY *pkey)
73{
72 CMAC_CTX *cmctx = (CMAC_CTX *)pkey->pkey.ptr; 74 CMAC_CTX *cmctx = (CMAC_CTX *)pkey->pkey.ptr;
75
73 if (cmctx) 76 if (cmctx)
74 CMAC_CTX_free(cmctx); 77 CMAC_CTX_free(cmctx);
75 } 78}
76 79
77const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = { 80const EVP_PKEY_ASN1_METHOD
81cmac_asn1_meth = {
78 .pkey_id = EVP_PKEY_CMAC, 82 .pkey_id = EVP_PKEY_CMAC,
79 .pkey_base_id = EVP_PKEY_CMAC, 83 .pkey_base_id = EVP_PKEY_CMAC,
80 84
@@ -84,4 +88,3 @@ const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = {
84 .pkey_size = cmac_size, 88 .pkey_size = cmac_size,
85 .pkey_free = cmac_key_free 89 .pkey_free = cmac_key_free
86}; 90};
87
diff --git a/src/lib/libssl/src/crypto/cmac/cm_pmeth.c b/src/lib/libssl/src/crypto/cmac/cm_pmeth.c
index b65c1795ae..3010f91aca 100644
--- a/src/lib/libssl/src/crypto/cmac/cm_pmeth.c
+++ b/src/lib/libssl/src/crypto/cmac/cm_pmeth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cm_pmeth.c,v 1.4 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: cm_pmeth.c,v 1.5 2014/06/21 12:07:02 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2010. 3 * project 2010.
4 */ 4 */
@@ -61,135 +61,140 @@
61 61
62/* The context structure and "key" is simply a CMAC_CTX */ 62/* The context structure and "key" is simply a CMAC_CTX */
63 63
64static int pkey_cmac_init(EVP_PKEY_CTX *ctx) 64static int
65 { 65pkey_cmac_init(EVP_PKEY_CTX *ctx)
66{
66 ctx->data = CMAC_CTX_new(); 67 ctx->data = CMAC_CTX_new();
67 if (!ctx->data) 68 if (!ctx->data)
68 return 0; 69 return 0;
69 ctx->keygen_info_count = 0; 70 ctx->keygen_info_count = 0;
70 return 1; 71 return 1;
71 } 72}
72 73
73static int pkey_cmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) 74static int
74 { 75pkey_cmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
76{
75 if (!pkey_cmac_init(dst)) 77 if (!pkey_cmac_init(dst))
76 return 0; 78 return 0;
77 if (!CMAC_CTX_copy(dst->data, src->data)) 79 if (!CMAC_CTX_copy(dst->data, src->data))
78 return 0; 80 return 0;
79 return 1; 81 return 1;
80 } 82}
81 83
82static void pkey_cmac_cleanup(EVP_PKEY_CTX *ctx) 84static void
83 { 85pkey_cmac_cleanup(EVP_PKEY_CTX *ctx)
86{
84 CMAC_CTX_free(ctx->data); 87 CMAC_CTX_free(ctx->data);
85 } 88}
86 89
87static int pkey_cmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) 90static int
88 { 91pkey_cmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
92{
89 CMAC_CTX *cmkey = CMAC_CTX_new(); 93 CMAC_CTX *cmkey = CMAC_CTX_new();
90 CMAC_CTX *cmctx = ctx->data; 94 CMAC_CTX *cmctx = ctx->data;
95
91 if (!cmkey) 96 if (!cmkey)
92 return 0; 97 return 0;
93 if (!CMAC_CTX_copy(cmkey, cmctx)) 98 if (!CMAC_CTX_copy(cmkey, cmctx)) {
94 {
95 CMAC_CTX_free(cmkey); 99 CMAC_CTX_free(cmkey);
96 return 0; 100 return 0;
97 } 101 }
98 EVP_PKEY_assign(pkey, EVP_PKEY_CMAC, cmkey); 102 EVP_PKEY_assign(pkey, EVP_PKEY_CMAC, cmkey);
99 103
100 return 1; 104 return 1;
101 } 105}
102 106
103static int int_update(EVP_MD_CTX *ctx,const void *data,size_t count) 107static int
104 { 108int_update(EVP_MD_CTX *ctx,const void *data,size_t count)
109{
105 if (!CMAC_Update(ctx->pctx->data, data, count)) 110 if (!CMAC_Update(ctx->pctx->data, data, count))
106 return 0; 111 return 0;
107 return 1; 112 return 1;
108 } 113}
109 114
110static int cmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) 115static int
111 { 116cmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
117{
112 EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); 118 EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
113 mctx->update = int_update; 119 mctx->update = int_update;
114 return 1; 120 return 1;
115 } 121}
116 122
117static int cmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, 123static int
118 EVP_MD_CTX *mctx) 124cmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
119 { 125 EVP_MD_CTX *mctx)
126{
120 return CMAC_Final(ctx->data, sig, siglen); 127 return CMAC_Final(ctx->data, sig, siglen);
121 } 128}
122 129
123static int pkey_cmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) 130static int
124 { 131pkey_cmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
132{
125 CMAC_CTX *cmctx = ctx->data; 133 CMAC_CTX *cmctx = ctx->data;
126 switch (type)
127 {
128 134
129 case EVP_PKEY_CTRL_SET_MAC_KEY: 135 switch (type) {
136 case EVP_PKEY_CTRL_SET_MAC_KEY:
130 if (!p2 || p1 < 0) 137 if (!p2 || p1 < 0)
131 return 0; 138 return 0;
132 if (!CMAC_Init(cmctx, p2, p1, NULL, NULL)) 139 if (!CMAC_Init(cmctx, p2, p1, NULL, NULL))
133 return 0; 140 return 0;
134 break; 141 break;
135 142
136 case EVP_PKEY_CTRL_CIPHER: 143 case EVP_PKEY_CTRL_CIPHER:
137 if (!CMAC_Init(cmctx, NULL, 0, p2, ctx->engine)) 144 if (!CMAC_Init(cmctx, NULL, 0, p2, ctx->engine))
138 return 0; 145 return 0;
139 break; 146 break;
140 147
141 case EVP_PKEY_CTRL_MD: 148 case EVP_PKEY_CTRL_MD:
142 if (ctx->pkey && !CMAC_CTX_copy(ctx->data, 149 if (ctx->pkey && !CMAC_CTX_copy(ctx->data,
143 (CMAC_CTX *)ctx->pkey->pkey.ptr)) 150 (CMAC_CTX *)ctx->pkey->pkey.ptr))
144 return 0; 151 return 0;
145 if (!CMAC_Init(cmctx, NULL, 0, NULL, NULL)) 152 if (!CMAC_Init(cmctx, NULL, 0, NULL, NULL))
146 return 0; 153 return 0;
147 break; 154 break;
148 155
149 default: 156 default:
150 return -2; 157 return -2;
151
152 }
153 return 1;
154 } 158 }
159 return 1;
160}
155 161
156static int pkey_cmac_ctrl_str(EVP_PKEY_CTX *ctx, 162static int
157 const char *type, const char *value) 163pkey_cmac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
158 { 164{
159 if (!value) 165 if (!value)
160 {
161 return 0; 166 return 0;
162 } 167 if (!strcmp(type, "key")) {
163 if (!strcmp(type, "key"))
164 {
165 void *p = (void *)value; 168 void *p = (void *)value;
166 return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, 169 return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
167 strlen(p), p); 170 strlen(p), p);
168 } 171 }
169 if (!strcmp(type, "cipher")) 172 if (!strcmp(type, "cipher")) {
170 {
171 const EVP_CIPHER *c; 173 const EVP_CIPHER *c;
174
172 c = EVP_get_cipherbyname(value); 175 c = EVP_get_cipherbyname(value);
173 if (!c) 176 if (!c)
174 return 0; 177 return 0;
175 return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_CIPHER, -1, (void *)c); 178 return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_CIPHER, -1, (void *)c);
176 } 179 }
177 if (!strcmp(type, "hexkey")) 180 if (!strcmp(type, "hexkey")) {
178 {
179 unsigned char *key; 181 unsigned char *key;
180 int r; 182 int r;
181 long keylen; 183 long keylen;
184
182 key = string_to_hex(value, &keylen); 185 key = string_to_hex(value, &keylen);
183 if (!key) 186 if (!key)
184 return 0; 187 return 0;
185 r = pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key); 188 r = pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
186 free(key); 189 free(key);
187 return r; 190 return r;
188 }
189 return -2;
190 } 191 }
191 192
192const EVP_PKEY_METHOD cmac_pkey_meth = { 193 return -2;
194}
195
196const EVP_PKEY_METHOD
197cmac_pkey_meth = {
193 .pkey_id = EVP_PKEY_CMAC, 198 .pkey_id = EVP_PKEY_CMAC,
194 .flags = EVP_PKEY_FLAG_SIGCTX_CUSTOM, 199 .flags = EVP_PKEY_FLAG_SIGCTX_CUSTOM,
195 200
diff --git a/src/lib/libssl/src/crypto/cmac/cmac.c b/src/lib/libssl/src/crypto/cmac/cmac.c
index 237ff01b6b..b2f77c59bd 100644
--- a/src/lib/libssl/src/crypto/cmac/cmac.c
+++ b/src/lib/libssl/src/crypto/cmac/cmac.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cmac.c,v 1.5 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: cmac.c,v 1.6 2014/06/21 12:07:02 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -57,8 +57,7 @@
57#include "cryptlib.h" 57#include "cryptlib.h"
58#include <openssl/cmac.h> 58#include <openssl/cmac.h>
59 59
60struct CMAC_CTX_st 60struct CMAC_CTX_st {
61 {
62 /* Cipher context to use */ 61 /* Cipher context to use */
63 EVP_CIPHER_CTX cctx; 62 EVP_CIPHER_CTX cctx;
64 /* Keys k1 and k2 */ 63 /* Keys k1 and k2 */
@@ -70,61 +69,69 @@ struct CMAC_CTX_st
70 unsigned char last_block[EVP_MAX_BLOCK_LENGTH]; 69 unsigned char last_block[EVP_MAX_BLOCK_LENGTH];
71 /* Number of bytes in last block: -1 means context not initialised */ 70 /* Number of bytes in last block: -1 means context not initialised */
72 int nlast_block; 71 int nlast_block;
73 }; 72};
74 73
75 74
76/* Make temporary keys K1 and K2 */ 75/* Make temporary keys K1 and K2 */
77 76
78static void make_kn(unsigned char *k1, unsigned char *l, int bl) 77static void
79 { 78make_kn(unsigned char *k1, unsigned char *l, int bl)
79{
80 int i; 80 int i;
81
81 /* Shift block to left, including carry */ 82 /* Shift block to left, including carry */
82 for (i = 0; i < bl; i++) 83 for (i = 0; i < bl; i++) {
83 {
84 k1[i] = l[i] << 1; 84 k1[i] = l[i] << 1;
85 if (i < bl - 1 && l[i + 1] & 0x80) 85 if (i < bl - 1 && l[i + 1] & 0x80)
86 k1[i] |= 1; 86 k1[i] |= 1;
87 } 87 }
88 /* If MSB set fixup with R */ 88 /* If MSB set fixup with R */
89 if (l[0] & 0x80) 89 if (l[0] & 0x80)
90 k1[bl - 1] ^= bl == 16 ? 0x87 : 0x1b; 90 k1[bl - 1] ^= bl == 16 ? 0x87 : 0x1b;
91 } 91}
92 92
93CMAC_CTX *CMAC_CTX_new(void) 93CMAC_CTX *
94 { 94CMAC_CTX_new(void)
95{
95 CMAC_CTX *ctx; 96 CMAC_CTX *ctx;
97
96 ctx = malloc(sizeof(CMAC_CTX)); 98 ctx = malloc(sizeof(CMAC_CTX));
97 if (!ctx) 99 if (!ctx)
98 return NULL; 100 return NULL;
99 EVP_CIPHER_CTX_init(&ctx->cctx); 101 EVP_CIPHER_CTX_init(&ctx->cctx);
100 ctx->nlast_block = -1; 102 ctx->nlast_block = -1;
101 return ctx; 103 return ctx;
102 } 104}
103 105
104void CMAC_CTX_cleanup(CMAC_CTX *ctx) 106void
105 { 107CMAC_CTX_cleanup(CMAC_CTX *ctx)
108{
106 EVP_CIPHER_CTX_cleanup(&ctx->cctx); 109 EVP_CIPHER_CTX_cleanup(&ctx->cctx);
107 OPENSSL_cleanse(ctx->tbl, EVP_MAX_BLOCK_LENGTH); 110 OPENSSL_cleanse(ctx->tbl, EVP_MAX_BLOCK_LENGTH);
108 OPENSSL_cleanse(ctx->k1, EVP_MAX_BLOCK_LENGTH); 111 OPENSSL_cleanse(ctx->k1, EVP_MAX_BLOCK_LENGTH);
109 OPENSSL_cleanse(ctx->k2, EVP_MAX_BLOCK_LENGTH); 112 OPENSSL_cleanse(ctx->k2, EVP_MAX_BLOCK_LENGTH);
110 OPENSSL_cleanse(ctx->last_block, EVP_MAX_BLOCK_LENGTH); 113 OPENSSL_cleanse(ctx->last_block, EVP_MAX_BLOCK_LENGTH);
111 ctx->nlast_block = -1; 114 ctx->nlast_block = -1;
112 } 115}
113 116
114EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx) 117EVP_CIPHER_CTX *
115 { 118CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx)
119{
116 return &ctx->cctx; 120 return &ctx->cctx;
117 } 121}
118 122
119void CMAC_CTX_free(CMAC_CTX *ctx) 123void
120 { 124CMAC_CTX_free(CMAC_CTX *ctx)
125{
121 CMAC_CTX_cleanup(ctx); 126 CMAC_CTX_cleanup(ctx);
122 free(ctx); 127 free(ctx);
123 } 128}
124 129
125int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in) 130int
126 { 131CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in)
132{
127 int bl; 133 int bl;
134
128 if (in->nlast_block == -1) 135 if (in->nlast_block == -1)
129 return 0; 136 return 0;
130 if (!EVP_CIPHER_CTX_copy(&out->cctx, &in->cctx)) 137 if (!EVP_CIPHER_CTX_copy(&out->cctx, &in->cctx))
@@ -136,15 +143,16 @@ int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in)
136 memcpy(out->last_block, in->last_block, bl); 143 memcpy(out->last_block, in->last_block, bl);
137 out->nlast_block = in->nlast_block; 144 out->nlast_block = in->nlast_block;
138 return 1; 145 return 1;
139 } 146}
140 147
141int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen, 148int
142 const EVP_CIPHER *cipher, ENGINE *impl) 149CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
143 { 150 const EVP_CIPHER *cipher, ENGINE *impl)
151{
144 static unsigned char zero_iv[EVP_MAX_BLOCK_LENGTH]; 152 static unsigned char zero_iv[EVP_MAX_BLOCK_LENGTH];
153
145 /* All zeros means restart */ 154 /* All zeros means restart */
146 if (!key && !cipher && !impl && keylen == 0) 155 if (!key && !cipher && !impl && keylen == 0) {
147 {
148 /* Not initialised */ 156 /* Not initialised */
149 if (ctx->nlast_block == -1) 157 if (ctx->nlast_block == -1)
150 return 0; 158 return 0;
@@ -153,14 +161,14 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
153 memset(ctx->tbl, 0, EVP_CIPHER_CTX_block_size(&ctx->cctx)); 161 memset(ctx->tbl, 0, EVP_CIPHER_CTX_block_size(&ctx->cctx));
154 ctx->nlast_block = 0; 162 ctx->nlast_block = 0;
155 return 1; 163 return 1;
156 } 164 }
157 /* Initialiase context */ 165 /* Initialiase context */
158 if (cipher && !EVP_EncryptInit_ex(&ctx->cctx, cipher, impl, NULL, NULL)) 166 if (cipher && !EVP_EncryptInit_ex(&ctx->cctx, cipher, impl, NULL, NULL))
159 return 0; 167 return 0;
160 /* Non-NULL key means initialisation complete */ 168 /* Non-NULL key means initialisation complete */
161 if (key) 169 if (key) {
162 {
163 int bl; 170 int bl;
171
164 if (!EVP_CIPHER_CTX_cipher(&ctx->cctx)) 172 if (!EVP_CIPHER_CTX_cipher(&ctx->cctx))
165 return 0; 173 return 0;
166 if (!EVP_CIPHER_CTX_set_key_length(&ctx->cctx, keylen)) 174 if (!EVP_CIPHER_CTX_set_key_length(&ctx->cctx, keylen))
@@ -179,12 +187,13 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
179 /* Zero tbl so resume works */ 187 /* Zero tbl so resume works */
180 memset(ctx->tbl, 0, bl); 188 memset(ctx->tbl, 0, bl);
181 ctx->nlast_block = 0; 189 ctx->nlast_block = 0;
182 }
183 return 1;
184 } 190 }
191 return 1;
192}
185 193
186int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen) 194int
187 { 195CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen)
196{
188 const unsigned char *data = in; 197 const unsigned char *data = in;
189 size_t bl; 198 size_t bl;
190 199
@@ -194,9 +203,9 @@ int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen)
194 return 1; 203 return 1;
195 bl = EVP_CIPHER_CTX_block_size(&ctx->cctx); 204 bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
196 /* Copy into partial block if we need to */ 205 /* Copy into partial block if we need to */
197 if (ctx->nlast_block > 0) 206 if (ctx->nlast_block > 0) {
198 {
199 size_t nleft; 207 size_t nleft;
208
200 nleft = bl - ctx->nlast_block; 209 nleft = bl - ctx->nlast_block;
201 if (dlen < nleft) 210 if (dlen < nleft)
202 nleft = dlen; 211 nleft = dlen;
@@ -210,24 +219,23 @@ int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen)
210 /* Else not final block so encrypt it */ 219 /* Else not final block so encrypt it */
211 if (!EVP_Cipher(&ctx->cctx, ctx->tbl, ctx->last_block,bl)) 220 if (!EVP_Cipher(&ctx->cctx, ctx->tbl, ctx->last_block,bl))
212 return 0; 221 return 0;
213 } 222 }
214 /* Encrypt all but one of the complete blocks left */ 223 /* Encrypt all but one of the complete blocks left */
215 while(dlen > bl) 224 while (dlen > bl) {
216 {
217 if (!EVP_Cipher(&ctx->cctx, ctx->tbl, data, bl)) 225 if (!EVP_Cipher(&ctx->cctx, ctx->tbl, data, bl))
218 return 0; 226 return 0;
219 dlen -= bl; 227 dlen -= bl;
220 data += bl; 228 data += bl;
221 } 229 }
222 /* Copy any data left to last block buffer */ 230 /* Copy any data left to last block buffer */
223 memcpy(ctx->last_block, data, dlen); 231 memcpy(ctx->last_block, data, dlen);
224 ctx->nlast_block = dlen; 232 ctx->nlast_block = dlen;
225 return 1; 233 return 1;
234}
226 235
227 } 236int
228 237CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen)
229int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen) 238{
230 {
231 int i, bl, lb; 239 int i, bl, lb;
232 240
233 if (ctx->nlast_block == -1) 241 if (ctx->nlast_block == -1)
@@ -238,29 +246,26 @@ int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen)
238 return 1; 246 return 1;
239 lb = ctx->nlast_block; 247 lb = ctx->nlast_block;
240 /* Is last block complete? */ 248 /* Is last block complete? */
241 if (lb == bl) 249 if (lb == bl) {
242 {
243 for (i = 0; i < bl; i++) 250 for (i = 0; i < bl; i++)
244 out[i] = ctx->last_block[i] ^ ctx->k1[i]; 251 out[i] = ctx->last_block[i] ^ ctx->k1[i];
245 } 252 } else {
246 else
247 {
248 ctx->last_block[lb] = 0x80; 253 ctx->last_block[lb] = 0x80;
249 if (bl - lb > 1) 254 if (bl - lb > 1)
250 memset(ctx->last_block + lb + 1, 0, bl - lb - 1); 255 memset(ctx->last_block + lb + 1, 0, bl - lb - 1);
251 for (i = 0; i < bl; i++) 256 for (i = 0; i < bl; i++)
252 out[i] = ctx->last_block[i] ^ ctx->k2[i]; 257 out[i] = ctx->last_block[i] ^ ctx->k2[i];
253 } 258 }
254 if (!EVP_Cipher(&ctx->cctx, out, out, bl)) 259 if (!EVP_Cipher(&ctx->cctx, out, out, bl)) {
255 {
256 OPENSSL_cleanse(out, bl); 260 OPENSSL_cleanse(out, bl);
257 return 0; 261 return 0;
258 }
259 return 1;
260 } 262 }
263 return 1;
264}
261 265
262int CMAC_resume(CMAC_CTX *ctx) 266int
263 { 267CMAC_resume(CMAC_CTX *ctx)
268{
264 if (ctx->nlast_block == -1) 269 if (ctx->nlast_block == -1)
265 return 0; 270 return 0;
266 /* The buffer "tbl" containes the last fully encrypted block 271 /* The buffer "tbl" containes the last fully encrypted block
@@ -270,4 +275,4 @@ int CMAC_resume(CMAC_CTX *ctx)
270 * CMAC to continue after calling CMAC_Final(). 275 * CMAC to continue after calling CMAC_Final().
271 */ 276 */
272 return EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, ctx->tbl); 277 return EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, ctx->tbl);
273 } 278}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 21:20:47 +0000