summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/aes
diff options
context:
space:
mode:
authordjm <>2005-04-29 05:39:33 +0000
committerdjm <>2005-04-29 05:39:33 +0000
commit68edd00d9258df93b1366c71ac124e0cadf7bc08 (patch)
tree3ce4ae2a9747bbc11aed1f95f9bbea92c41f8683 /src/lib/libcrypto/aes
parentf396ed0f5ce0af56bfde2e75e15cf1f52924c779 (diff)
downloadopenbsd-68edd00d9258df93b1366c71ac124e0cadf7bc08.tar.gz
openbsd-68edd00d9258df93b1366c71ac124e0cadf7bc08.tar.bz2
openbsd-68edd00d9258df93b1366c71ac124e0cadf7bc08.zip
resolve conflicts
Diffstat (limited to 'src/lib/libcrypto/aes')
-rw-r--r--src/lib/libcrypto/aes/aes.h15
-rw-r--r--src/lib/libcrypto/aes/aes_cbc.c44
-rw-r--r--src/lib/libcrypto/aes/aes_cfb.c68
-rw-r--r--src/lib/libcrypto/aes/aes_core.c4
-rw-r--r--src/lib/libcrypto/aes/aes_ctr.c35
-rw-r--r--src/lib/libcrypto/aes/aes_locl.h2
6 files changed, 125 insertions, 43 deletions
diff --git a/src/lib/libcrypto/aes/aes.h b/src/lib/libcrypto/aes/aes.h
index da067f4a8f..8a3ea0b883 100644
--- a/src/lib/libcrypto/aes/aes.h
+++ b/src/lib/libcrypto/aes/aes.h
@@ -52,6 +52,8 @@
52#ifndef HEADER_AES_H 52#ifndef HEADER_AES_H
53#define HEADER_AES_H 53#define HEADER_AES_H
54 54
55#include <openssl/e_os2.h>
56
55#ifdef OPENSSL_NO_AES 57#ifdef OPENSSL_NO_AES
56#error AES is disabled. 58#error AES is disabled.
57#endif 59#endif
@@ -64,6 +66,10 @@
64#define AES_MAXNR 14 66#define AES_MAXNR 14
65#define AES_BLOCK_SIZE 16 67#define AES_BLOCK_SIZE 16
66 68
69#if defined(OPENSSL_FIPS)
70#define FIPS_AES_SIZE_T int
71#endif
72
67#ifdef __cplusplus 73#ifdef __cplusplus
68extern "C" { 74extern "C" {
69#endif 75#endif
@@ -95,6 +101,15 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
95void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, 101void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
96 const unsigned long length, const AES_KEY *key, 102 const unsigned long length, const AES_KEY *key,
97 unsigned char *ivec, int *num, const int enc); 103 unsigned char *ivec, int *num, const int enc);
104void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
105 const unsigned long length, const AES_KEY *key,
106 unsigned char *ivec, int *num, const int enc);
107void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
108 const unsigned long length, const AES_KEY *key,
109 unsigned char *ivec, int *num, const int enc);
110void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
111 const int nbits,const AES_KEY *key,
112 unsigned char *ivec,const int enc);
98void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, 113void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
99 const unsigned long length, const AES_KEY *key, 114 const unsigned long length, const AES_KEY *key,
100 unsigned char *ivec, int *num); 115 unsigned char *ivec, int *num);
diff --git a/src/lib/libcrypto/aes/aes_cbc.c b/src/lib/libcrypto/aes/aes_cbc.c
index 1222a21002..d2ba6bcdb4 100644
--- a/src/lib/libcrypto/aes/aes_cbc.c
+++ b/src/lib/libcrypto/aes/aes_cbc.c
@@ -66,6 +66,7 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
66 unsigned long n; 66 unsigned long n;
67 unsigned long len = length; 67 unsigned long len = length;
68 unsigned char tmp[AES_BLOCK_SIZE]; 68 unsigned char tmp[AES_BLOCK_SIZE];
69 const unsigned char *iv = ivec;
69 70
70 assert(in && out && key && ivec); 71 assert(in && out && key && ivec);
71 assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc)); 72 assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
@@ -73,22 +74,39 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
73 if (AES_ENCRYPT == enc) { 74 if (AES_ENCRYPT == enc) {
74 while (len >= AES_BLOCK_SIZE) { 75 while (len >= AES_BLOCK_SIZE) {
75 for(n=0; n < AES_BLOCK_SIZE; ++n) 76 for(n=0; n < AES_BLOCK_SIZE; ++n)
76 tmp[n] = in[n] ^ ivec[n]; 77 out[n] = in[n] ^ iv[n];
77 AES_encrypt(tmp, out, key); 78 AES_encrypt(out, out, key);
78 memcpy(ivec, out, AES_BLOCK_SIZE); 79 iv = out;
79 len -= AES_BLOCK_SIZE; 80 len -= AES_BLOCK_SIZE;
80 in += AES_BLOCK_SIZE; 81 in += AES_BLOCK_SIZE;
81 out += AES_BLOCK_SIZE; 82 out += AES_BLOCK_SIZE;
82 } 83 }
83 if (len) { 84 if (len) {
84 for(n=0; n < len; ++n) 85 for(n=0; n < len; ++n)
85 tmp[n] = in[n] ^ ivec[n]; 86 out[n] = in[n] ^ iv[n];
86 for(n=len; n < AES_BLOCK_SIZE; ++n) 87 for(n=len; n < AES_BLOCK_SIZE; ++n)
87 tmp[n] = ivec[n]; 88 out[n] = iv[n];
88 AES_encrypt(tmp, tmp, key); 89 AES_encrypt(out, out, key);
89 memcpy(out, tmp, AES_BLOCK_SIZE); 90 iv = out;
90 memcpy(ivec, tmp, AES_BLOCK_SIZE); 91 }
91 } 92 memcpy(ivec,iv,AES_BLOCK_SIZE);
93 } else if (in != out) {
94 while (len >= AES_BLOCK_SIZE) {
95 AES_decrypt(in, out, key);
96 for(n=0; n < AES_BLOCK_SIZE; ++n)
97 out[n] ^= iv[n];
98 iv = in;
99 len -= AES_BLOCK_SIZE;
100 in += AES_BLOCK_SIZE;
101 out += AES_BLOCK_SIZE;
102 }
103 if (len) {
104 AES_decrypt(in,tmp,key);
105 for(n=0; n < len; ++n)
106 out[n] = tmp[n] ^ iv[n];
107 iv = in;
108 }
109 memcpy(ivec,iv,AES_BLOCK_SIZE);
92 } else { 110 } else {
93 while (len >= AES_BLOCK_SIZE) { 111 while (len >= AES_BLOCK_SIZE) {
94 memcpy(tmp, in, AES_BLOCK_SIZE); 112 memcpy(tmp, in, AES_BLOCK_SIZE);
@@ -102,10 +120,12 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
102 } 120 }
103 if (len) { 121 if (len) {
104 memcpy(tmp, in, AES_BLOCK_SIZE); 122 memcpy(tmp, in, AES_BLOCK_SIZE);
105 AES_decrypt(tmp, tmp, key); 123 AES_decrypt(tmp, out, key);
106 for(n=0; n < len; ++n) 124 for(n=0; n < len; ++n)
107 out[n] = tmp[n] ^ ivec[n]; 125 out[n] ^= ivec[n];
126 for(n=len; n < AES_BLOCK_SIZE; ++n)
127 out[n] = tmp[n];
108 memcpy(ivec, tmp, AES_BLOCK_SIZE); 128 memcpy(ivec, tmp, AES_BLOCK_SIZE);
109 } 129 }
110 } 130 }
111} 131}
diff --git a/src/lib/libcrypto/aes/aes_cfb.c b/src/lib/libcrypto/aes/aes_cfb.c
index 9b569dda90..49f0411010 100644
--- a/src/lib/libcrypto/aes/aes_cfb.c
+++ b/src/lib/libcrypto/aes/aes_cfb.c
@@ -114,6 +114,7 @@
114 114
115#include <openssl/aes.h> 115#include <openssl/aes.h>
116#include "aes_locl.h" 116#include "aes_locl.h"
117#include "e_os.h"
117 118
118/* The input and output encrypted as though 128bit cfb mode is being 119/* The input and output encrypted as though 128bit cfb mode is being
119 * used. The extra state information to record how much of the 120 * used. The extra state information to record how much of the
@@ -155,3 +156,70 @@ void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
155 *num=n; 156 *num=n;
156} 157}
157 158
159/* This expects a single block of size nbits for both in and out. Note that
160 it corrupts any extra bits in the last byte of out */
161void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
162 const int nbits,const AES_KEY *key,
163 unsigned char *ivec,const int enc)
164 {
165 int n,rem,num;
166 unsigned char ovec[AES_BLOCK_SIZE*2];
167
168 if (nbits<=0 || nbits>128) return;
169
170 /* fill in the first half of the new IV with the current IV */
171 memcpy(ovec,ivec,AES_BLOCK_SIZE);
172 /* construct the new IV */
173 AES_encrypt(ivec,ivec,key);
174 num = (nbits+7)/8;
175 if (enc) /* encrypt the input */
176 for(n=0 ; n < num ; ++n)
177 out[n] = (ovec[AES_BLOCK_SIZE+n] = in[n] ^ ivec[n]);
178 else /* decrypt the input */
179 for(n=0 ; n < num ; ++n)
180 out[n] = (ovec[AES_BLOCK_SIZE+n] = in[n]) ^ ivec[n];
181 /* shift ovec left... */
182 rem = nbits%8;
183 num = nbits/8;
184 if(rem==0)
185 memcpy(ivec,ovec+num,AES_BLOCK_SIZE);
186 else
187 for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
188 ivec[n] = ovec[n+num]<<rem | ovec[n+num+1]>>(8-rem);
189
190 /* it is not necessary to cleanse ovec, since the IV is not secret */
191 }
192
193/* N.B. This expects the input to be packed, MS bit first */
194void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
195 const unsigned long length, const AES_KEY *key,
196 unsigned char *ivec, int *num, const int enc)
197 {
198 unsigned int n;
199 unsigned char c[1],d[1];
200
201 assert(in && out && key && ivec && num);
202 assert(*num == 0);
203
204 memset(out,0,(length+7)/8);
205 for(n=0 ; n < length ; ++n)
206 {
207 c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
208 AES_cfbr_encrypt_block(c,d,1,key,ivec,enc);
209 out[n/8]=(out[n/8]&~(1 << (7-n%8)))|((d[0]&0x80) >> (n%8));
210 }
211 }
212
213void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
214 const unsigned long length, const AES_KEY *key,
215 unsigned char *ivec, int *num, const int enc)
216 {
217 unsigned int n;
218
219 assert(in && out && key && ivec && num);
220 assert(*num == 0);
221
222 for(n=0 ; n < length ; ++n)
223 AES_cfbr_encrypt_block(&in[n],&out[n],8,key,ivec,enc);
224 }
225
diff --git a/src/lib/libcrypto/aes/aes_core.c b/src/lib/libcrypto/aes/aes_core.c
index 2f41a825f8..ed566a8123 100644
--- a/src/lib/libcrypto/aes/aes_core.c
+++ b/src/lib/libcrypto/aes/aes_core.c
@@ -37,8 +37,11 @@
37 37
38#include <stdlib.h> 38#include <stdlib.h>
39#include <openssl/aes.h> 39#include <openssl/aes.h>
40#include <openssl/fips.h>
40#include "aes_locl.h" 41#include "aes_locl.h"
41 42
43#ifndef OPENSSL_FIPS
44
42/* 45/*
43Te0[x] = S [x].[02, 01, 01, 03]; 46Te0[x] = S [x].[02, 01, 01, 03];
44Te1[x] = S [x].[03, 02, 01, 01]; 47Te1[x] = S [x].[03, 02, 01, 01];
@@ -1255,3 +1258,4 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
1255 PUTU32(out + 12, s3); 1258 PUTU32(out + 12, s3);
1256} 1259}
1257 1260
1261#endif /* ndef OPENSSL_FIPS */
diff --git a/src/lib/libcrypto/aes/aes_ctr.c b/src/lib/libcrypto/aes/aes_ctr.c
index 79e1c18f19..f36982be1e 100644
--- a/src/lib/libcrypto/aes/aes_ctr.c
+++ b/src/lib/libcrypto/aes/aes_ctr.c
@@ -59,7 +59,7 @@
59#include <openssl/aes.h> 59#include <openssl/aes.h>
60#include "aes_locl.h" 60#include "aes_locl.h"
61 61
62/* NOTE: CTR mode is big-endian. The rest of the AES code 62/* NOTE: the IV/counter CTR mode is big-endian. The rest of the AES code
63 * is endian-neutral. */ 63 * is endian-neutral. */
64 64
65/* increment counter (128-bit int) by 1 */ 65/* increment counter (128-bit int) by 1 */
@@ -67,61 +67,36 @@ static void AES_ctr128_inc(unsigned char *counter) {
67 unsigned long c; 67 unsigned long c;
68 68
69 /* Grab bottom dword of counter and increment */ 69 /* Grab bottom dword of counter and increment */
70#ifdef L_ENDIAN
71 c = GETU32(counter + 0);
72 c++;
73 PUTU32(counter + 0, c);
74#else
75 c = GETU32(counter + 12); 70 c = GETU32(counter + 12);
76 c++; 71 c++; c &= 0xFFFFFFFF;
77 PUTU32(counter + 12, c); 72 PUTU32(counter + 12, c);
78#endif
79 73
80 /* if no overflow, we're done */ 74 /* if no overflow, we're done */
81 if (c) 75 if (c)
82 return; 76 return;
83 77
84 /* Grab 1st dword of counter and increment */ 78 /* Grab 1st dword of counter and increment */
85#ifdef L_ENDIAN
86 c = GETU32(counter + 4);
87 c++;
88 PUTU32(counter + 4, c);
89#else
90 c = GETU32(counter + 8); 79 c = GETU32(counter + 8);
91 c++; 80 c++; c &= 0xFFFFFFFF;
92 PUTU32(counter + 8, c); 81 PUTU32(counter + 8, c);
93#endif
94 82
95 /* if no overflow, we're done */ 83 /* if no overflow, we're done */
96 if (c) 84 if (c)
97 return; 85 return;
98 86
99 /* Grab 2nd dword of counter and increment */ 87 /* Grab 2nd dword of counter and increment */
100#ifdef L_ENDIAN
101 c = GETU32(counter + 8);
102 c++;
103 PUTU32(counter + 8, c);
104#else
105 c = GETU32(counter + 4); 88 c = GETU32(counter + 4);
106 c++; 89 c++; c &= 0xFFFFFFFF;
107 PUTU32(counter + 4, c); 90 PUTU32(counter + 4, c);
108#endif
109 91
110 /* if no overflow, we're done */ 92 /* if no overflow, we're done */
111 if (c) 93 if (c)
112 return; 94 return;
113 95
114 /* Grab top dword of counter and increment */ 96 /* Grab top dword of counter and increment */
115#ifdef L_ENDIAN
116 c = GETU32(counter + 12);
117 c++;
118 PUTU32(counter + 12, c);
119#else
120 c = GETU32(counter + 0); 97 c = GETU32(counter + 0);
121 c++; 98 c++; c &= 0xFFFFFFFF;
122 PUTU32(counter + 0, c); 99 PUTU32(counter + 0, c);
123#endif
124
125} 100}
126 101
127/* The input encrypted as though 128bit counter mode is being 102/* The input encrypted as though 128bit counter mode is being
diff --git a/src/lib/libcrypto/aes/aes_locl.h b/src/lib/libcrypto/aes/aes_locl.h
index f290946058..4184729e34 100644
--- a/src/lib/libcrypto/aes/aes_locl.h
+++ b/src/lib/libcrypto/aes/aes_locl.h
@@ -62,7 +62,7 @@
62#include <stdlib.h> 62#include <stdlib.h>
63#include <string.h> 63#include <string.h>
64 64
65#if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE) 65#if defined(_MSC_VER) && !defined(_M_IA64) && !defined(OPENSSL_SYS_WINCE)
66# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) 66# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
67# define GETU32(p) SWAP(*((u32 *)(p))) 67# define GETU32(p) SWAP(*((u32 *)(p)))
68# define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); } 68# define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }