diff options
author | djm <> | 2005-04-29 05:39:33 +0000 |
---|---|---|
committer | djm <> | 2005-04-29 05:39:33 +0000 |
commit | 68edd00d9258df93b1366c71ac124e0cadf7bc08 (patch) | |
tree | 3ce4ae2a9747bbc11aed1f95f9bbea92c41f8683 /src/lib/libcrypto/aes | |
parent | f396ed0f5ce0af56bfde2e75e15cf1f52924c779 (diff) | |
download | openbsd-68edd00d9258df93b1366c71ac124e0cadf7bc08.tar.gz openbsd-68edd00d9258df93b1366c71ac124e0cadf7bc08.tar.bz2 openbsd-68edd00d9258df93b1366c71ac124e0cadf7bc08.zip |
resolve conflicts
Diffstat (limited to 'src/lib/libcrypto/aes')
-rw-r--r-- | src/lib/libcrypto/aes/aes.h | 15 | ||||
-rw-r--r-- | src/lib/libcrypto/aes/aes_cbc.c | 44 | ||||
-rw-r--r-- | src/lib/libcrypto/aes/aes_cfb.c | 68 | ||||
-rw-r--r-- | src/lib/libcrypto/aes/aes_core.c | 4 | ||||
-rw-r--r-- | src/lib/libcrypto/aes/aes_ctr.c | 35 | ||||
-rw-r--r-- | src/lib/libcrypto/aes/aes_locl.h | 2 |
6 files changed, 125 insertions, 43 deletions
diff --git a/src/lib/libcrypto/aes/aes.h b/src/lib/libcrypto/aes/aes.h index da067f4a8f..8a3ea0b883 100644 --- a/src/lib/libcrypto/aes/aes.h +++ b/src/lib/libcrypto/aes/aes.h | |||
@@ -52,6 +52,8 @@ | |||
52 | #ifndef HEADER_AES_H | 52 | #ifndef HEADER_AES_H |
53 | #define HEADER_AES_H | 53 | #define HEADER_AES_H |
54 | 54 | ||
55 | #include <openssl/e_os2.h> | ||
56 | |||
55 | #ifdef OPENSSL_NO_AES | 57 | #ifdef OPENSSL_NO_AES |
56 | #error AES is disabled. | 58 | #error AES is disabled. |
57 | #endif | 59 | #endif |
@@ -64,6 +66,10 @@ | |||
64 | #define AES_MAXNR 14 | 66 | #define AES_MAXNR 14 |
65 | #define AES_BLOCK_SIZE 16 | 67 | #define AES_BLOCK_SIZE 16 |
66 | 68 | ||
69 | #if defined(OPENSSL_FIPS) | ||
70 | #define FIPS_AES_SIZE_T int | ||
71 | #endif | ||
72 | |||
67 | #ifdef __cplusplus | 73 | #ifdef __cplusplus |
68 | extern "C" { | 74 | extern "C" { |
69 | #endif | 75 | #endif |
@@ -95,6 +101,15 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, | |||
95 | void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, | 101 | void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, |
96 | const unsigned long length, const AES_KEY *key, | 102 | const unsigned long length, const AES_KEY *key, |
97 | unsigned char *ivec, int *num, const int enc); | 103 | unsigned char *ivec, int *num, const int enc); |
104 | void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, | ||
105 | const unsigned long length, const AES_KEY *key, | ||
106 | unsigned char *ivec, int *num, const int enc); | ||
107 | void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, | ||
108 | const unsigned long length, const AES_KEY *key, | ||
109 | unsigned char *ivec, int *num, const int enc); | ||
110 | void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out, | ||
111 | const int nbits,const AES_KEY *key, | ||
112 | unsigned char *ivec,const int enc); | ||
98 | void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, | 113 | void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, |
99 | const unsigned long length, const AES_KEY *key, | 114 | const unsigned long length, const AES_KEY *key, |
100 | unsigned char *ivec, int *num); | 115 | unsigned char *ivec, int *num); |
diff --git a/src/lib/libcrypto/aes/aes_cbc.c b/src/lib/libcrypto/aes/aes_cbc.c index 1222a21002..d2ba6bcdb4 100644 --- a/src/lib/libcrypto/aes/aes_cbc.c +++ b/src/lib/libcrypto/aes/aes_cbc.c | |||
@@ -66,6 +66,7 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, | |||
66 | unsigned long n; | 66 | unsigned long n; |
67 | unsigned long len = length; | 67 | unsigned long len = length; |
68 | unsigned char tmp[AES_BLOCK_SIZE]; | 68 | unsigned char tmp[AES_BLOCK_SIZE]; |
69 | const unsigned char *iv = ivec; | ||
69 | 70 | ||
70 | assert(in && out && key && ivec); | 71 | assert(in && out && key && ivec); |
71 | assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc)); | 72 | assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc)); |
@@ -73,22 +74,39 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, | |||
73 | if (AES_ENCRYPT == enc) { | 74 | if (AES_ENCRYPT == enc) { |
74 | while (len >= AES_BLOCK_SIZE) { | 75 | while (len >= AES_BLOCK_SIZE) { |
75 | for(n=0; n < AES_BLOCK_SIZE; ++n) | 76 | for(n=0; n < AES_BLOCK_SIZE; ++n) |
76 | tmp[n] = in[n] ^ ivec[n]; | 77 | out[n] = in[n] ^ iv[n]; |
77 | AES_encrypt(tmp, out, key); | 78 | AES_encrypt(out, out, key); |
78 | memcpy(ivec, out, AES_BLOCK_SIZE); | 79 | iv = out; |
79 | len -= AES_BLOCK_SIZE; | 80 | len -= AES_BLOCK_SIZE; |
80 | in += AES_BLOCK_SIZE; | 81 | in += AES_BLOCK_SIZE; |
81 | out += AES_BLOCK_SIZE; | 82 | out += AES_BLOCK_SIZE; |
82 | } | 83 | } |
83 | if (len) { | 84 | if (len) { |
84 | for(n=0; n < len; ++n) | 85 | for(n=0; n < len; ++n) |
85 | tmp[n] = in[n] ^ ivec[n]; | 86 | out[n] = in[n] ^ iv[n]; |
86 | for(n=len; n < AES_BLOCK_SIZE; ++n) | 87 | for(n=len; n < AES_BLOCK_SIZE; ++n) |
87 | tmp[n] = ivec[n]; | 88 | out[n] = iv[n]; |
88 | AES_encrypt(tmp, tmp, key); | 89 | AES_encrypt(out, out, key); |
89 | memcpy(out, tmp, AES_BLOCK_SIZE); | 90 | iv = out; |
90 | memcpy(ivec, tmp, AES_BLOCK_SIZE); | 91 | } |
91 | } | 92 | memcpy(ivec,iv,AES_BLOCK_SIZE); |
93 | } else if (in != out) { | ||
94 | while (len >= AES_BLOCK_SIZE) { | ||
95 | AES_decrypt(in, out, key); | ||
96 | for(n=0; n < AES_BLOCK_SIZE; ++n) | ||
97 | out[n] ^= iv[n]; | ||
98 | iv = in; | ||
99 | len -= AES_BLOCK_SIZE; | ||
100 | in += AES_BLOCK_SIZE; | ||
101 | out += AES_BLOCK_SIZE; | ||
102 | } | ||
103 | if (len) { | ||
104 | AES_decrypt(in,tmp,key); | ||
105 | for(n=0; n < len; ++n) | ||
106 | out[n] = tmp[n] ^ iv[n]; | ||
107 | iv = in; | ||
108 | } | ||
109 | memcpy(ivec,iv,AES_BLOCK_SIZE); | ||
92 | } else { | 110 | } else { |
93 | while (len >= AES_BLOCK_SIZE) { | 111 | while (len >= AES_BLOCK_SIZE) { |
94 | memcpy(tmp, in, AES_BLOCK_SIZE); | 112 | memcpy(tmp, in, AES_BLOCK_SIZE); |
@@ -102,10 +120,12 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, | |||
102 | } | 120 | } |
103 | if (len) { | 121 | if (len) { |
104 | memcpy(tmp, in, AES_BLOCK_SIZE); | 122 | memcpy(tmp, in, AES_BLOCK_SIZE); |
105 | AES_decrypt(tmp, tmp, key); | 123 | AES_decrypt(tmp, out, key); |
106 | for(n=0; n < len; ++n) | 124 | for(n=0; n < len; ++n) |
107 | out[n] = tmp[n] ^ ivec[n]; | 125 | out[n] ^= ivec[n]; |
126 | for(n=len; n < AES_BLOCK_SIZE; ++n) | ||
127 | out[n] = tmp[n]; | ||
108 | memcpy(ivec, tmp, AES_BLOCK_SIZE); | 128 | memcpy(ivec, tmp, AES_BLOCK_SIZE); |
109 | } | 129 | } |
110 | } | 130 | } |
111 | } | 131 | } |
diff --git a/src/lib/libcrypto/aes/aes_cfb.c b/src/lib/libcrypto/aes/aes_cfb.c index 9b569dda90..49f0411010 100644 --- a/src/lib/libcrypto/aes/aes_cfb.c +++ b/src/lib/libcrypto/aes/aes_cfb.c | |||
@@ -114,6 +114,7 @@ | |||
114 | 114 | ||
115 | #include <openssl/aes.h> | 115 | #include <openssl/aes.h> |
116 | #include "aes_locl.h" | 116 | #include "aes_locl.h" |
117 | #include "e_os.h" | ||
117 | 118 | ||
118 | /* The input and output encrypted as though 128bit cfb mode is being | 119 | /* The input and output encrypted as though 128bit cfb mode is being |
119 | * used. The extra state information to record how much of the | 120 | * used. The extra state information to record how much of the |
@@ -155,3 +156,70 @@ void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, | |||
155 | *num=n; | 156 | *num=n; |
156 | } | 157 | } |
157 | 158 | ||
159 | /* This expects a single block of size nbits for both in and out. Note that | ||
160 | it corrupts any extra bits in the last byte of out */ | ||
161 | void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out, | ||
162 | const int nbits,const AES_KEY *key, | ||
163 | unsigned char *ivec,const int enc) | ||
164 | { | ||
165 | int n,rem,num; | ||
166 | unsigned char ovec[AES_BLOCK_SIZE*2]; | ||
167 | |||
168 | if (nbits<=0 || nbits>128) return; | ||
169 | |||
170 | /* fill in the first half of the new IV with the current IV */ | ||
171 | memcpy(ovec,ivec,AES_BLOCK_SIZE); | ||
172 | /* construct the new IV */ | ||
173 | AES_encrypt(ivec,ivec,key); | ||
174 | num = (nbits+7)/8; | ||
175 | if (enc) /* encrypt the input */ | ||
176 | for(n=0 ; n < num ; ++n) | ||
177 | out[n] = (ovec[AES_BLOCK_SIZE+n] = in[n] ^ ivec[n]); | ||
178 | else /* decrypt the input */ | ||
179 | for(n=0 ; n < num ; ++n) | ||
180 | out[n] = (ovec[AES_BLOCK_SIZE+n] = in[n]) ^ ivec[n]; | ||
181 | /* shift ovec left... */ | ||
182 | rem = nbits%8; | ||
183 | num = nbits/8; | ||
184 | if(rem==0) | ||
185 | memcpy(ivec,ovec+num,AES_BLOCK_SIZE); | ||
186 | else | ||
187 | for(n=0 ; n < AES_BLOCK_SIZE ; ++n) | ||
188 | ivec[n] = ovec[n+num]<<rem | ovec[n+num+1]>>(8-rem); | ||
189 | |||
190 | /* it is not necessary to cleanse ovec, since the IV is not secret */ | ||
191 | } | ||
192 | |||
193 | /* N.B. This expects the input to be packed, MS bit first */ | ||
194 | void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, | ||
195 | const unsigned long length, const AES_KEY *key, | ||
196 | unsigned char *ivec, int *num, const int enc) | ||
197 | { | ||
198 | unsigned int n; | ||
199 | unsigned char c[1],d[1]; | ||
200 | |||
201 | assert(in && out && key && ivec && num); | ||
202 | assert(*num == 0); | ||
203 | |||
204 | memset(out,0,(length+7)/8); | ||
205 | for(n=0 ; n < length ; ++n) | ||
206 | { | ||
207 | c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0; | ||
208 | AES_cfbr_encrypt_block(c,d,1,key,ivec,enc); | ||
209 | out[n/8]=(out[n/8]&~(1 << (7-n%8)))|((d[0]&0x80) >> (n%8)); | ||
210 | } | ||
211 | } | ||
212 | |||
213 | void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, | ||
214 | const unsigned long length, const AES_KEY *key, | ||
215 | unsigned char *ivec, int *num, const int enc) | ||
216 | { | ||
217 | unsigned int n; | ||
218 | |||
219 | assert(in && out && key && ivec && num); | ||
220 | assert(*num == 0); | ||
221 | |||
222 | for(n=0 ; n < length ; ++n) | ||
223 | AES_cfbr_encrypt_block(&in[n],&out[n],8,key,ivec,enc); | ||
224 | } | ||
225 | |||
diff --git a/src/lib/libcrypto/aes/aes_core.c b/src/lib/libcrypto/aes/aes_core.c index 2f41a825f8..ed566a8123 100644 --- a/src/lib/libcrypto/aes/aes_core.c +++ b/src/lib/libcrypto/aes/aes_core.c | |||
@@ -37,8 +37,11 @@ | |||
37 | 37 | ||
38 | #include <stdlib.h> | 38 | #include <stdlib.h> |
39 | #include <openssl/aes.h> | 39 | #include <openssl/aes.h> |
40 | #include <openssl/fips.h> | ||
40 | #include "aes_locl.h" | 41 | #include "aes_locl.h" |
41 | 42 | ||
43 | #ifndef OPENSSL_FIPS | ||
44 | |||
42 | /* | 45 | /* |
43 | Te0[x] = S [x].[02, 01, 01, 03]; | 46 | Te0[x] = S [x].[02, 01, 01, 03]; |
44 | Te1[x] = S [x].[03, 02, 01, 01]; | 47 | Te1[x] = S [x].[03, 02, 01, 01]; |
@@ -1255,3 +1258,4 @@ void AES_decrypt(const unsigned char *in, unsigned char *out, | |||
1255 | PUTU32(out + 12, s3); | 1258 | PUTU32(out + 12, s3); |
1256 | } | 1259 | } |
1257 | 1260 | ||
1261 | #endif /* ndef OPENSSL_FIPS */ | ||
diff --git a/src/lib/libcrypto/aes/aes_ctr.c b/src/lib/libcrypto/aes/aes_ctr.c index 79e1c18f19..f36982be1e 100644 --- a/src/lib/libcrypto/aes/aes_ctr.c +++ b/src/lib/libcrypto/aes/aes_ctr.c | |||
@@ -59,7 +59,7 @@ | |||
59 | #include <openssl/aes.h> | 59 | #include <openssl/aes.h> |
60 | #include "aes_locl.h" | 60 | #include "aes_locl.h" |
61 | 61 | ||
62 | /* NOTE: CTR mode is big-endian. The rest of the AES code | 62 | /* NOTE: the IV/counter CTR mode is big-endian. The rest of the AES code |
63 | * is endian-neutral. */ | 63 | * is endian-neutral. */ |
64 | 64 | ||
65 | /* increment counter (128-bit int) by 1 */ | 65 | /* increment counter (128-bit int) by 1 */ |
@@ -67,61 +67,36 @@ static void AES_ctr128_inc(unsigned char *counter) { | |||
67 | unsigned long c; | 67 | unsigned long c; |
68 | 68 | ||
69 | /* Grab bottom dword of counter and increment */ | 69 | /* Grab bottom dword of counter and increment */ |
70 | #ifdef L_ENDIAN | ||
71 | c = GETU32(counter + 0); | ||
72 | c++; | ||
73 | PUTU32(counter + 0, c); | ||
74 | #else | ||
75 | c = GETU32(counter + 12); | 70 | c = GETU32(counter + 12); |
76 | c++; | 71 | c++; c &= 0xFFFFFFFF; |
77 | PUTU32(counter + 12, c); | 72 | PUTU32(counter + 12, c); |
78 | #endif | ||
79 | 73 | ||
80 | /* if no overflow, we're done */ | 74 | /* if no overflow, we're done */ |
81 | if (c) | 75 | if (c) |
82 | return; | 76 | return; |
83 | 77 | ||
84 | /* Grab 1st dword of counter and increment */ | 78 | /* Grab 1st dword of counter and increment */ |
85 | #ifdef L_ENDIAN | ||
86 | c = GETU32(counter + 4); | ||
87 | c++; | ||
88 | PUTU32(counter + 4, c); | ||
89 | #else | ||
90 | c = GETU32(counter + 8); | 79 | c = GETU32(counter + 8); |
91 | c++; | 80 | c++; c &= 0xFFFFFFFF; |
92 | PUTU32(counter + 8, c); | 81 | PUTU32(counter + 8, c); |
93 | #endif | ||
94 | 82 | ||
95 | /* if no overflow, we're done */ | 83 | /* if no overflow, we're done */ |
96 | if (c) | 84 | if (c) |
97 | return; | 85 | return; |
98 | 86 | ||
99 | /* Grab 2nd dword of counter and increment */ | 87 | /* Grab 2nd dword of counter and increment */ |
100 | #ifdef L_ENDIAN | ||
101 | c = GETU32(counter + 8); | ||
102 | c++; | ||
103 | PUTU32(counter + 8, c); | ||
104 | #else | ||
105 | c = GETU32(counter + 4); | 88 | c = GETU32(counter + 4); |
106 | c++; | 89 | c++; c &= 0xFFFFFFFF; |
107 | PUTU32(counter + 4, c); | 90 | PUTU32(counter + 4, c); |
108 | #endif | ||
109 | 91 | ||
110 | /* if no overflow, we're done */ | 92 | /* if no overflow, we're done */ |
111 | if (c) | 93 | if (c) |
112 | return; | 94 | return; |
113 | 95 | ||
114 | /* Grab top dword of counter and increment */ | 96 | /* Grab top dword of counter and increment */ |
115 | #ifdef L_ENDIAN | ||
116 | c = GETU32(counter + 12); | ||
117 | c++; | ||
118 | PUTU32(counter + 12, c); | ||
119 | #else | ||
120 | c = GETU32(counter + 0); | 97 | c = GETU32(counter + 0); |
121 | c++; | 98 | c++; c &= 0xFFFFFFFF; |
122 | PUTU32(counter + 0, c); | 99 | PUTU32(counter + 0, c); |
123 | #endif | ||
124 | |||
125 | } | 100 | } |
126 | 101 | ||
127 | /* The input encrypted as though 128bit counter mode is being | 102 | /* The input encrypted as though 128bit counter mode is being |
diff --git a/src/lib/libcrypto/aes/aes_locl.h b/src/lib/libcrypto/aes/aes_locl.h index f290946058..4184729e34 100644 --- a/src/lib/libcrypto/aes/aes_locl.h +++ b/src/lib/libcrypto/aes/aes_locl.h | |||
@@ -62,7 +62,7 @@ | |||
62 | #include <stdlib.h> | 62 | #include <stdlib.h> |
63 | #include <string.h> | 63 | #include <string.h> |
64 | 64 | ||
65 | #if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE) | 65 | #if defined(_MSC_VER) && !defined(_M_IA64) && !defined(OPENSSL_SYS_WINCE) |
66 | # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) | 66 | # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) |
67 | # define GETU32(p) SWAP(*((u32 *)(p))) | 67 | # define GETU32(p) SWAP(*((u32 *)(p))) |
68 | # define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); } | 68 | # define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); } |