resolve conflicts

author: djm <> 2005-04-29 05:39:33 +0000
committer: djm <> 2005-04-29 05:39:33 +0000
commit: 68edd00d9258df93b1366c71ac124e0cadf7bc08 (patch)
tree: 3ce4ae2a9747bbc11aed1f95f9bbea92c41f8683 /src/lib/libcrypto/aes
parent: f396ed0f5ce0af56bfde2e75e15cf1f52924c779 (diff)
download: openbsd-68edd00d9258df93b1366c71ac124e0cadf7bc08.tar.gz
openbsd-68edd00d9258df93b1366c71ac124e0cadf7bc08.tar.bz2
openbsd-68edd00d9258df93b1366c71ac124e0cadf7bc08.zip
6 files changed, 125 insertions, 43 deletions
diff --git a/src/lib/libcrypto/aes/aes.h b/src/lib/libcrypto/aes/aes.h
index da067f4a8f..8a3ea0b883 100644
--- a/src/lib/libcrypto/aes/aes.h
+++ b/src/lib/libcrypto/aes/aes.h
@@ -52,6 +52,8 @@
 #ifndef HEADER_AES_H
 #define HEADER_AES_H
+#include <openssl/e_os2.h>
 #ifdef OPENSSL_NO_AES
 #error AES is disabled.
 #endif
@@ -64,6 +66,10 @@
 #define AES_MAXNR 14
 #define AES_BLOCK_SIZE 16
+#if defined(OPENSSL_FIPS)
+#define FIPS_AES_SIZE_T int
+#endif
 #ifdef  __cplusplus
 extern "C" {
 #endif
@@ -95,6 +101,15 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
 void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
        const unsigned long length, const AES_KEY *key,
        unsigned char *ivec, int *num, const int enc);
+void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+        const unsigned long length, const AES_KEY *key,
+        unsigned char *ivec, int *num, const int enc);
+void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+        const unsigned long length, const AES_KEY *key,
+        unsigned char *ivec, int *num, const int enc);
+void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
+                            const int nbits,const AES_KEY *key,
+                            unsigned char *ivec,const int enc);
 void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
        const unsigned long length, const AES_KEY *key,
        unsigned char *ivec, int *num);
diff --git a/src/lib/libcrypto/aes/aes_cbc.c b/src/lib/libcrypto/aes/aes_cbc.c
index 1222a21002..d2ba6bcdb4 100644
--- a/src/lib/libcrypto/aes/aes_cbc.c
+++ b/src/lib/libcrypto/aes/aes_cbc.c
@@ -66,6 +66,7 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
        unsigned long n;
        unsigned long len = length;
        unsigned char tmp[AES_BLOCK_SIZE];
+        const unsigned char *iv = ivec;
        assert(in && out && key && ivec);
        assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
@@ -73,22 +74,39 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
        if (AES_ENCRYPT == enc) {
                while (len >= AES_BLOCK_SIZE) {
                        for(n=0; n < AES_BLOCK_SIZE; ++n)
-                                tmp[n] = in[n] ^ ivec[n];
+                                out[n] = in[n] ^ iv[n];
-                        AES_encrypt(tmp, out, key);
+                        AES_encrypt(out, out, key);
-                        memcpy(ivec, out, AES_BLOCK_SIZE);
+                        iv = out;
                        len -= AES_BLOCK_SIZE;
                        in += AES_BLOCK_SIZE;
                        out += AES_BLOCK_SIZE;
                }
                if (len) {
                        for(n=0; n < len; ++n)
-                                tmp[n] = in[n] ^ ivec[n];
+                                out[n] = in[n] ^ iv[n];
                        for(n=len; n < AES_BLOCK_SIZE; ++n)
-                                tmp[n] = ivec[n];
+                                out[n] = iv[n];
-                        AES_encrypt(tmp, tmp, key);
+                        AES_encrypt(out, out, key);
-                        memcpy(out, tmp, AES_BLOCK_SIZE);
+                        iv = out;
-                        memcpy(ivec, tmp, AES_BLOCK_SIZE);
+                }
-                }                       
+                memcpy(ivec,iv,AES_BLOCK_SIZE);
+        } else if (in != out) {
+                while (len >= AES_BLOCK_SIZE) {
+                        AES_decrypt(in, out, key);
+                        for(n=0; n < AES_BLOCK_SIZE; ++n)
+                                out[n] ^= iv[n];
+                        iv = in;
+                        len -= AES_BLOCK_SIZE;
+                        in  += AES_BLOCK_SIZE;
+                        out += AES_BLOCK_SIZE;
+                }
+                if (len) {
+                        AES_decrypt(in,tmp,key);
+                        for(n=0; n < len; ++n)
+                                out[n] = tmp[n] ^ iv[n];
+                        iv = in;
+                }
+                memcpy(ivec,iv,AES_BLOCK_SIZE);
        } else {
                while (len >= AES_BLOCK_SIZE) {
                        memcpy(tmp, in, AES_BLOCK_SIZE);
@@ -102,10 +120,12 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
                }
                if (len) {
                        memcpy(tmp, in, AES_BLOCK_SIZE);
-                        AES_decrypt(tmp, tmp, key);
+                        AES_decrypt(tmp, out, key);
                        for(n=0; n < len; ++n)
-                                out[n] = tmp[n] ^ ivec[n];
+                                out[n] ^= ivec[n];
+                        for(n=len; n < AES_BLOCK_SIZE; ++n)
+                                out[n] = tmp[n];
                        memcpy(ivec, tmp, AES_BLOCK_SIZE);
-                }                       
+                }
        }
 }
diff --git a/src/lib/libcrypto/aes/aes_cfb.c b/src/lib/libcrypto/aes/aes_cfb.c
index 9b569dda90..49f0411010 100644
--- a/src/lib/libcrypto/aes/aes_cfb.c
+++ b/src/lib/libcrypto/aes/aes_cfb.c
@@ -114,6 +114,7 @@
 #include <openssl/aes.h>
 #include "aes_locl.h"
+#include "e_os.h"
 /* The input and output encrypted as though 128bit cfb mode is being
 * used.  The extra state information to record how much of the
@@ -155,3 +156,70 @@ void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
        *num=n;
 }
+/* This expects a single block of size nbits for both in and out. Note that
+   it corrupts any extra bits in the last byte of out */
+void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
+                            const int nbits,const AES_KEY *key,
+                            unsigned char *ivec,const int enc)
+    {
+    int n,rem,num;
+    unsigned char ovec[AES_BLOCK_SIZE*2];
+    if (nbits<=0 || nbits>128) return;
+        /* fill in the first half of the new IV with the current IV */
+        memcpy(ovec,ivec,AES_BLOCK_SIZE);
+        /* construct the new IV */
+        AES_encrypt(ivec,ivec,key);
+        num = (nbits+7)/8;
+        if (enc)        /* encrypt the input */
+            for(n=0 ; n < num ; ++n)
+                out[n] = (ovec[AES_BLOCK_SIZE+n] = in[n] ^ ivec[n]);
+        else            /* decrypt the input */
+            for(n=0 ; n < num ; ++n)
+                out[n] = (ovec[AES_BLOCK_SIZE+n] = in[n]) ^ ivec[n];
+        /* shift ovec left... */
+        rem = nbits%8;
+        num = nbits/8;
+        if(rem==0)
+            memcpy(ivec,ovec+num,AES_BLOCK_SIZE);
+        else
+            for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
+                ivec[n] = ovec[n+num]<<rem | ovec[n+num+1]>>(8-rem);
+    /* it is not necessary to cleanse ovec, since the IV is not secret */
+    }
+/* N.B. This expects the input to be packed, MS bit first */
+void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+                      const unsigned long length, const AES_KEY *key,
+                      unsigned char *ivec, int *num, const int enc)
+    {
+    unsigned int n;
+    unsigned char c[1],d[1];
+    assert(in && out && key && ivec && num);
+    assert(*num == 0);
+    memset(out,0,(length+7)/8);
+    for(n=0 ; n < length ; ++n)
+        {
+        c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
+        AES_cfbr_encrypt_block(c,d,1,key,ivec,enc);
+        out[n/8]=(out[n/8]&~(1 << (7-n%8)))|((d[0]&0x80) >> (n%8));
+        }
+    }
+void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+                      const unsigned long length, const AES_KEY *key,
+                      unsigned char *ivec, int *num, const int enc)
+    {
+    unsigned int n;
+    assert(in && out && key && ivec && num);
+    assert(*num == 0);
+    for(n=0 ; n < length ; ++n)
+        AES_cfbr_encrypt_block(&in[n],&out[n],8,key,ivec,enc);
+    }
diff --git a/src/lib/libcrypto/aes/aes_core.c b/src/lib/libcrypto/aes/aes_core.c
index 2f41a825f8..ed566a8123 100644
--- a/src/lib/libcrypto/aes/aes_core.c
+++ b/src/lib/libcrypto/aes/aes_core.c
@@ -37,8 +37,11 @@
 #include <stdlib.h>
 #include <openssl/aes.h>
+#include <openssl/fips.h>
 #include "aes_locl.h"
+#ifndef OPENSSL_FIPS
 /*
 Te0[x] = S [x].[02, 01, 01, 03];
 Te1[x] = S [x].[03, 02, 01, 01];
@@ -1255,3 +1258,4 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
        PUTU32(out + 12, s3);
 }
+#endif /* ndef OPENSSL_FIPS */
diff --git a/src/lib/libcrypto/aes/aes_ctr.c b/src/lib/libcrypto/aes/aes_ctr.c
index 79e1c18f19..f36982be1e 100644
--- a/src/lib/libcrypto/aes/aes_ctr.c
+++ b/src/lib/libcrypto/aes/aes_ctr.c
@@ -59,7 +59,7 @@
 #include <openssl/aes.h>
 #include "aes_locl.h"
-/* NOTE: CTR mode is big-endian.  The rest of the AES code
+/* NOTE: the IV/counter CTR mode is big-endian.  The rest of the AES code
 * is endian-neutral. */
 /* increment counter (128-bit int) by 1 */
@@ -67,61 +67,36 @@ static void AES_ctr128_inc(unsigned char *counter) {
        unsigned long c;
        /* Grab bottom dword of counter and increment */
-#ifdef L_ENDIAN
-        c = GETU32(counter +  0);
-        c++;
-        PUTU32(counter +  0, c);
-#else
        c = GETU32(counter + 12);
-        c++;
+        c++;    c &= 0xFFFFFFFF;
        PUTU32(counter + 12, c);
-#endif
        /* if no overflow, we're done */
        if (c)
                return;
        /* Grab 1st dword of counter and increment */
-#ifdef L_ENDIAN
-        c = GETU32(counter +  4);
-        c++;
-        PUTU32(counter +  4, c);
-#else
        c = GETU32(counter +  8);
-        c++;
+        c++;    c &= 0xFFFFFFFF;
        PUTU32(counter +  8, c);
-#endif
        /* if no overflow, we're done */
        if (c)
                return;
        /* Grab 2nd dword of counter and increment */
-#ifdef L_ENDIAN
-        c = GETU32(counter +  8);
-        c++;
-        PUTU32(counter +  8, c);
-#else
        c = GETU32(counter +  4);
-        c++;
+        c++;    c &= 0xFFFFFFFF;
        PUTU32(counter +  4, c);
-#endif
        /* if no overflow, we're done */
        if (c)
                return;
        /* Grab top dword of counter and increment */
-#ifdef L_ENDIAN
-        c = GETU32(counter + 12);
-        c++;
-        PUTU32(counter + 12, c);
-#else
        c = GETU32(counter +  0);
-        c++;
+        c++;    c &= 0xFFFFFFFF;
        PUTU32(counter +  0, c);
-#endif
 }
 /* The input encrypted as though 128bit counter mode is being
diff --git a/src/lib/libcrypto/aes/aes_locl.h b/src/lib/libcrypto/aes/aes_locl.h
index f290946058..4184729e34 100644
--- a/src/lib/libcrypto/aes/aes_locl.h
+++ b/src/lib/libcrypto/aes/aes_locl.h
@@ -62,7 +62,7 @@
 #include <stdlib.h>
 #include <string.h>
-#if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE)
+#if defined(_MSC_VER) && !defined(_M_IA64) && !defined(OPENSSL_SYS_WINCE)
 # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
 # define GETU32(p) SWAP(*((u32 *)(p)))
 # define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
author	djm <>	2005-04-29 05:39:33 +0000
committer	djm <>	2005-04-29 05:39:33 +0000
commit	68edd00d9258df93b1366c71ac124e0cadf7bc08 (patch)
tree	3ce4ae2a9747bbc11aed1f95f9bbea92c41f8683 /src/lib/libcrypto/aes
parent	f396ed0f5ce0af56bfde2e75e15cf1f52924c779 (diff)
download	openbsd-68edd00d9258df93b1366c71ac124e0cadf7bc08.tar.gz openbsd-68edd00d9258df93b1366c71ac124e0cadf7bc08.tar.bz2 openbsd-68edd00d9258df93b1366c71ac124e0cadf7bc08.zip