1 files changed, 68 insertions, 11 deletions
diff --git a/src/lib/libcrypto/aes/aes_wrap.c b/src/lib/libcrypto/aes/aes.c
index b30630fe47..d3bf85947d 100644
--- a/src/lib/libcrypto/aes/aes_wrap.c
+++ b/src/lib/libcrypto/aes/aes.c
@@ -1,9 +1,6 @@
-/* $OpenBSD: aes_wrap.c,v 1.12 2018/11/07 18:31:16 tb Exp $ */
+/* $OpenBSD: aes.c,v 1.1 2024/03/28 00:57:26 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
 /* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2002-2006 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -20,12 +17,12 @@
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
+ *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
@@ -34,7 +31,7 @@
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
@@ -49,17 +46,77 @@
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
+ *
 */
 #include <string.h>
 #include <openssl/aes.h>
 #include <openssl/bio.h>
+#include <openssl/modes.h>
-static const unsigned char default_iv[] = {
+static const unsigned char aes_wrap_default_iv[] = {
        0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6,
 };
+/*
+ * The input and output encrypted as though 128bit cfb mode is being
+ * used.  The extra state information to record how much of the
+ * 128bit block we have used is contained in *num;
+ */
+void
+AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, size_t length,
+    const AES_KEY *key, unsigned char *ivec, int *num, const int enc)
+{
+        CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
+            (block128_f)AES_encrypt);
+}
+/* N.B. This expects the input to be packed, MS bit first */
+void
+AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, size_t length,
+    const AES_KEY *key, unsigned char *ivec, int *num, const int enc)
+{
+        CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
+            (block128_f)AES_encrypt);
+}
+void
+AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, size_t length,
+    const AES_KEY *key, unsigned char *ivec, int *num, const int enc)
+{
+        CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
+            (block128_f)AES_encrypt);
+}
+void
+AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+    size_t length, const AES_KEY *key, unsigned char ivec[AES_BLOCK_SIZE],
+    unsigned char ecount_buf[AES_BLOCK_SIZE], unsigned int *num)
+{
+        CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
+            (block128_f)AES_encrypt);
+}
+void
+AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
+    const AES_KEY *key, const int enc)
+{
+        if (AES_ENCRYPT == enc)
+                AES_encrypt(in, out, key);
+        else
+                AES_decrypt(in, out, key);
+}
+void
+AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, size_t length,
+    const AES_KEY *key, unsigned char *ivec, int *num)
+{
+        CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
+            (block128_f)AES_encrypt);
+}
 int
 AES_wrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
    const unsigned char *in, unsigned int inlen)
@@ -73,7 +130,7 @@ AES_wrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
        t = 1;
        memmove(out + 8, in, inlen);
        if (!iv)
-                iv = default_iv;
+                iv = aes_wrap_default_iv;
        memcpy(A, iv, 8);
@@ -124,7 +181,7 @@ AES_unwrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
                }
        }
        if (!iv)
-                iv = default_iv;
+                iv = aes_wrap_default_iv;
        if (memcmp(A, iv, 8)) {
                explicit_bzero(out, inlen);
                return 0;

diff --git a/src/lib/libcrypto/aes/aes_wrap.c b/src/lib/libcrypto/aes/aes.c index b30630fe47..d3bf85947d 100644 --- a/src/lib/libcrypto/aes/aes_wrap.c +++ b/src/lib/libcrypto/aes/aes.c
@@ -1,9 +1,6 @@
1	/* $OpenBSD: aes_wrap.c,v 1.12 2018/11/07 18:31:16 tb Exp $ */	1	/* $OpenBSD: aes.c,v 1.1 2024/03/28 00:57:26 jsing Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project.
4	*/
5	/* ====================================================================	2	/* ====================================================================
6	* Copyright (c) 2008 The OpenSSL Project. All rights reserved.	3	* Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.
7	*	4	*
8	* Redistribution and use in source and binary forms, with or without	5	* Redistribution and use in source and binary forms, with or without
9	* modification, are permitted provided that the following conditions	6	* modification, are permitted provided that the following conditions
@@ -20,12 +17,12 @@
20	* 3. All advertising materials mentioning features or use of this	17	* 3. All advertising materials mentioning features or use of this
21	* software must display the following acknowledgment:	18	* software must display the following acknowledgment:
22	* "This product includes software developed by the OpenSSL Project	19	* "This product includes software developed by the OpenSSL Project
23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"	20	* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24	*	21	*
25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to	22	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26	* endorse or promote products derived from this software without	23	* endorse or promote products derived from this software without
27	* prior written permission. For written permission, please contact	24	* prior written permission. For written permission, please contact
28	* licensing@OpenSSL.org.	25	* openssl-core@openssl.org.
29	*	26	*
30	* 5. Products derived from this software may not be called "OpenSSL"	27	* 5. Products derived from this software may not be called "OpenSSL"
31	* nor may "OpenSSL" appear in their names without prior written	28	* nor may "OpenSSL" appear in their names without prior written
@@ -34,7 +31,7 @@
34	* 6. Redistributions of any form whatsoever must retain the following	31	* 6. Redistributions of any form whatsoever must retain the following
35	* acknowledgment:	32	* acknowledgment:
36	* "This product includes software developed by the OpenSSL Project	33	* "This product includes software developed by the OpenSSL Project
37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"	34	* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38	*	35	*
39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY	36	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE	37	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
@@ -49,17 +46,77 @@
49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	46	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	* OF THE POSSIBILITY OF SUCH DAMAGE.	47	* OF THE POSSIBILITY OF SUCH DAMAGE.
51	* ====================================================================	48	* ====================================================================
		49	*
52	*/	50	*/
53		51
54	#include <string.h>	52	#include <string.h>
55		53
56	#include <openssl/aes.h>	54	#include <openssl/aes.h>
57	#include <openssl/bio.h>	55	#include <openssl/bio.h>
		56	#include <openssl/modes.h>
58		57
59	static const unsigned char default_iv[] = {	58	static const unsigned char aes_wrap_default_iv[] = {
60	0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6,	59	0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6,
61	};	60	};
62		61
		62	/*
		63	* The input and output encrypted as though 128bit cfb mode is being
		64	* used. The extra state information to record how much of the
		65	* 128bit block we have used is contained in *num;
		66	*/
		67
		68	void
		69	AES_cfb128_encrypt(const unsigned char in, unsigned char out, size_t length,
		70	const AES_KEY key, unsigned char ivec, int *num, const int enc)
		71	{
		72	CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
		73	(block128_f)AES_encrypt);
		74	}
		75
		76	/* N.B. This expects the input to be packed, MS bit first */
		77	void
		78	AES_cfb1_encrypt(const unsigned char in, unsigned char out, size_t length,
		79	const AES_KEY key, unsigned char ivec, int *num, const int enc)
		80	{
		81	CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
		82	(block128_f)AES_encrypt);
		83	}
		84
		85	void
		86	AES_cfb8_encrypt(const unsigned char in, unsigned char out, size_t length,
		87	const AES_KEY key, unsigned char ivec, int *num, const int enc)
		88	{
		89	CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
		90	(block128_f)AES_encrypt);
		91	}
		92
		93	void
		94	AES_ctr128_encrypt(const unsigned char in, unsigned char out,
		95	size_t length, const AES_KEY *key, unsigned char ivec[AES_BLOCK_SIZE],
		96	unsigned char ecount_buf[AES_BLOCK_SIZE], unsigned int *num)
		97	{
		98	CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
		99	(block128_f)AES_encrypt);
		100	}
		101
		102	void
		103	AES_ecb_encrypt(const unsigned char in, unsigned char out,
		104	const AES_KEY *key, const int enc)
		105	{
		106	if (AES_ENCRYPT == enc)
		107	AES_encrypt(in, out, key);
		108	else
		109	AES_decrypt(in, out, key);
		110	}
		111
		112	void
		113	AES_ofb128_encrypt(const unsigned char in, unsigned char out, size_t length,
		114	const AES_KEY key, unsigned char ivec, int *num)
		115	{
		116	CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
		117	(block128_f)AES_encrypt);
		118	}
		119
63	int	120	int
64	AES_wrap_key(AES_KEY key, const unsigned char iv, unsigned char *out,	121	AES_wrap_key(AES_KEY key, const unsigned char iv, unsigned char *out,
65	const unsigned char *in, unsigned int inlen)	122	const unsigned char *in, unsigned int inlen)
@@ -73,7 +130,7 @@ AES_wrap_key(AES_KEY key, const unsigned char iv, unsigned char *out,
73	t = 1;	130	t = 1;
74	memmove(out + 8, in, inlen);	131	memmove(out + 8, in, inlen);
75	if (!iv)	132	if (!iv)
76	iv = default_iv;	133	iv = aes_wrap_default_iv;
77		134
78	memcpy(A, iv, 8);	135	memcpy(A, iv, 8);
79		136
@@ -124,7 +181,7 @@ AES_unwrap_key(AES_KEY key, const unsigned char iv, unsigned char *out,
124	}	181	}
125	}	182	}
126	if (!iv)	183	if (!iv)
127	iv = default_iv;	184	iv = aes_wrap_default_iv;
128	if (memcmp(A, iv, 8)) {	185	if (memcmp(A, iv, 8)) {
129	explicit_bzero(out, inlen);	186	explicit_bzero(out, inlen);
130	return 0;	187	return 0;