1 files changed, 145 insertions, 1 deletions
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
index 7c713db026..6b455dc503 100644
--- a/src/lib/libcrypto/evp/e_aes.c
+++ b/src/lib/libcrypto/evp/e_aes.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_aes.c,v 1.34 2017/05/02 03:59:44 deraadt Exp $ */
+/* $OpenBSD: e_aes.c,v 1.35 2019/03/17 18:07:41 tb Exp $ */
 /* ====================================================================
 * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.
 *
@@ -49,6 +49,7 @@
 *
 */
+#include <limits.h>
 #include <stdlib.h>
 #include <string.h>
@@ -1549,4 +1550,147 @@ EVP_aead_aes_256_gcm(void)
        return &aead_aes_256_gcm;
 }
+typedef struct {
+        union {
+                double align;
+                AES_KEY ks;
+        } ks;
+        unsigned char *iv;
+} EVP_AES_WRAP_CTX;
+static int
+aes_wrap_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+    const unsigned char *iv, int enc)
+{
+        EVP_AES_WRAP_CTX *wctx = (EVP_AES_WRAP_CTX *)ctx->cipher_data;
+        if (iv == NULL && key == NULL)
+                return 1;
+        if (key != NULL) {
+                if (ctx->encrypt)
+                        AES_set_encrypt_key(key, 8 * ctx->key_len,
+                            &wctx->ks.ks);
+                else
+                        AES_set_decrypt_key(key, 8 * ctx->key_len,
+                            &wctx->ks.ks);
+                if (iv == NULL)
+                        wctx->iv = NULL;
+        }
+        if (iv != NULL) {
+                memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+                wctx->iv = ctx->iv;
+        }
+        return 1;
+}
+static int
+aes_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+    const unsigned char *in, size_t inlen)
+{
+        EVP_AES_WRAP_CTX *wctx = ctx->cipher_data;
+        int ret;
+        if (in == NULL)
+                return 0;
+        if (inlen % 8 != 0)
+                return -1;
+        if (ctx->encrypt && inlen < 8)
+                return -1;
+        if (!ctx->encrypt && inlen < 16)
+                return -1;
+        if (inlen > INT_MAX)
+                return -1;
+        if (out == NULL) {
+                if (ctx->encrypt)
+                        return inlen + 8;
+                else
+                        return inlen - 8;
+        }
+        if (ctx->encrypt)
+                ret = AES_wrap_key(&wctx->ks.ks, wctx->iv, out, in,
+                    (unsigned int)inlen);
+        else
+                ret = AES_unwrap_key(&wctx->ks.ks, wctx->iv, out, in,
+                    (unsigned int)inlen);
+        return ret != 0 ? ret : -1;
+}
+#define WRAP_FLAGS \
+    ( EVP_CIPH_WRAP_MODE | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER | \
+      EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1 )
+static const EVP_CIPHER aes_128_wrap = {
+        .nid = NID_id_aes128_wrap,
+        .block_size = 8,
+        .key_len = 16,
+        .iv_len = 8,
+        .flags = WRAP_FLAGS,
+        .init = aes_wrap_init_key,
+        .do_cipher = aes_wrap_cipher,
+        .cleanup = NULL,
+        .ctx_size = sizeof(EVP_AES_WRAP_CTX),
+        .set_asn1_parameters = NULL,
+        .get_asn1_parameters = NULL,
+        .ctrl = NULL,
+        .app_data = NULL,
+};
+const EVP_CIPHER *
+EVP_aes_128_wrap(void)
+{
+        return &aes_128_wrap;
+}
+static const EVP_CIPHER aes_192_wrap = {
+        .nid = NID_id_aes192_wrap,
+        .block_size = 8,
+        .key_len = 24,
+        .iv_len = 8,
+        .flags = WRAP_FLAGS,
+        .init = aes_wrap_init_key,
+        .do_cipher = aes_wrap_cipher,
+        .cleanup = NULL,
+        .ctx_size = sizeof(EVP_AES_WRAP_CTX),
+        .set_asn1_parameters = NULL,
+        .get_asn1_parameters = NULL,
+        .ctrl = NULL,
+        .app_data = NULL,
+};
+const EVP_CIPHER *
+EVP_aes_192_wrap(void)
+{
+        return &aes_192_wrap;
+}
+static const EVP_CIPHER aes_256_wrap = {
+        .nid = NID_id_aes256_wrap,
+        .block_size = 8,
+        .key_len = 32,
+        .iv_len = 8,
+        .flags = WRAP_FLAGS,
+        .init = aes_wrap_init_key,
+        .do_cipher = aes_wrap_cipher,
+        .cleanup = NULL,
+        .ctx_size = sizeof(EVP_AES_WRAP_CTX),
+        .set_asn1_parameters = NULL,
+        .get_asn1_parameters = NULL,
+        .ctrl = NULL,
+        .app_data = NULL,
+};
+const EVP_CIPHER *
+EVP_aes_256_wrap(void)
+{
+        return &aes_256_wrap;
+}
 #endif

diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c index 7c713db026..6b455dc503 100644 --- a/src/lib/libcrypto/evp/e_aes.c +++ b/src/lib/libcrypto/evp/e_aes.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: e_aes.c,v 1.34 2017/05/02 03:59:44 deraadt Exp $ */	1	/* $OpenBSD: e_aes.c,v 1.35 2019/03/17 18:07:41 tb Exp $ */
2	/* ====================================================================	2	/* ====================================================================
3	* Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.	3	* Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.
4	*	4	*
@@ -49,6 +49,7 @@
49	*	49	*
50	*/	50	*/
51		51
		52	#include <limits.h>
52	#include <stdlib.h>	53	#include <stdlib.h>
53	#include <string.h>	54	#include <string.h>
54		55
@@ -1549,4 +1550,147 @@ EVP_aead_aes_256_gcm(void)
1549	return &aead_aes_256_gcm;	1550	return &aead_aes_256_gcm;
1550	}	1551	}
1551		1552
		1553	typedef struct {
		1554	union {
		1555	double align;
		1556	AES_KEY ks;
		1557	} ks;
		1558	unsigned char *iv;
		1559	} EVP_AES_WRAP_CTX;
		1560
		1561	static int
		1562	aes_wrap_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,
		1563	const unsigned char *iv, int enc)
		1564	{
		1565	EVP_AES_WRAP_CTX wctx = (EVP_AES_WRAP_CTX )ctx->cipher_data;
		1566
		1567	if (iv == NULL && key == NULL)
		1568	return 1;
		1569
		1570	if (key != NULL) {
		1571	if (ctx->encrypt)
		1572	AES_set_encrypt_key(key, 8 * ctx->key_len,
		1573	&wctx->ks.ks);
		1574	else
		1575	AES_set_decrypt_key(key, 8 * ctx->key_len,
		1576	&wctx->ks.ks);
		1577
		1578	if (iv == NULL)
		1579	wctx->iv = NULL;
		1580	}
		1581
		1582	if (iv != NULL) {
		1583	memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
		1584	wctx->iv = ctx->iv;
		1585	}
		1586
		1587	return 1;
		1588	}
		1589
		1590	static int
		1591	aes_wrap_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
		1592	const unsigned char *in, size_t inlen)
		1593	{
		1594	EVP_AES_WRAP_CTX *wctx = ctx->cipher_data;
		1595	int ret;
		1596
		1597	if (in == NULL)
		1598	return 0;
		1599
		1600	if (inlen % 8 != 0)
		1601	return -1;
		1602	if (ctx->encrypt && inlen < 8)
		1603	return -1;
		1604	if (!ctx->encrypt && inlen < 16)
		1605	return -1;
		1606	if (inlen > INT_MAX)
		1607	return -1;
		1608
		1609	if (out == NULL) {
		1610	if (ctx->encrypt)
		1611	return inlen + 8;
		1612	else
		1613	return inlen - 8;
		1614	}
		1615
		1616	if (ctx->encrypt)
		1617	ret = AES_wrap_key(&wctx->ks.ks, wctx->iv, out, in,
		1618	(unsigned int)inlen);
		1619	else
		1620	ret = AES_unwrap_key(&wctx->ks.ks, wctx->iv, out, in,
		1621	(unsigned int)inlen);
		1622
		1623	return ret != 0 ? ret : -1;
		1624	}
		1625
		1626	#define WRAP_FLAGS \
		1627	( EVP_CIPH_WRAP_MODE \| EVP_CIPH_CUSTOM_IV \| EVP_CIPH_FLAG_CUSTOM_CIPHER \| \
		1628	EVP_CIPH_ALWAYS_CALL_INIT \| EVP_CIPH_FLAG_DEFAULT_ASN1 )
		1629
		1630	static const EVP_CIPHER aes_128_wrap = {
		1631	.nid = NID_id_aes128_wrap,
		1632	.block_size = 8,
		1633	.key_len = 16,
		1634	.iv_len = 8,
		1635	.flags = WRAP_FLAGS,
		1636	.init = aes_wrap_init_key,
		1637	.do_cipher = aes_wrap_cipher,
		1638	.cleanup = NULL,
		1639	.ctx_size = sizeof(EVP_AES_WRAP_CTX),
		1640	.set_asn1_parameters = NULL,
		1641	.get_asn1_parameters = NULL,
		1642	.ctrl = NULL,
		1643	.app_data = NULL,
		1644	};
		1645
		1646	const EVP_CIPHER *
		1647	EVP_aes_128_wrap(void)
		1648	{
		1649	return &aes_128_wrap;
		1650	}
		1651
		1652	static const EVP_CIPHER aes_192_wrap = {
		1653	.nid = NID_id_aes192_wrap,
		1654	.block_size = 8,
		1655	.key_len = 24,
		1656	.iv_len = 8,
		1657	.flags = WRAP_FLAGS,
		1658	.init = aes_wrap_init_key,
		1659	.do_cipher = aes_wrap_cipher,
		1660	.cleanup = NULL,
		1661	.ctx_size = sizeof(EVP_AES_WRAP_CTX),
		1662	.set_asn1_parameters = NULL,
		1663	.get_asn1_parameters = NULL,
		1664	.ctrl = NULL,
		1665	.app_data = NULL,
		1666	};
		1667
		1668	const EVP_CIPHER *
		1669	EVP_aes_192_wrap(void)
		1670	{
		1671	return &aes_192_wrap;
		1672	}
		1673
		1674	static const EVP_CIPHER aes_256_wrap = {
		1675	.nid = NID_id_aes256_wrap,
		1676	.block_size = 8,
		1677	.key_len = 32,
		1678	.iv_len = 8,
		1679	.flags = WRAP_FLAGS,
		1680	.init = aes_wrap_init_key,
		1681	.do_cipher = aes_wrap_cipher,
		1682	.cleanup = NULL,
		1683	.ctx_size = sizeof(EVP_AES_WRAP_CTX),
		1684	.set_asn1_parameters = NULL,
		1685	.get_asn1_parameters = NULL,
		1686	.ctrl = NULL,
		1687	.app_data = NULL,
		1688	};
		1689
		1690	const EVP_CIPHER *
		1691	EVP_aes_256_wrap(void)
		1692	{
		1693	return &aes_256_wrap;
		1694	}
		1695
1552	#endif	1696	#endif