1 files changed, 11 insertions, 50 deletions
diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c
index ac148efab2..677322bf02 100644
--- a/src/lib/libcrypto/evp/e_des3.c
+++ b/src/lib/libcrypto/evp/e_des3.c
@@ -63,7 +63,6 @@
 #include <openssl/objects.h>
 #include "evp_locl.h"
 #include <openssl/des.h>
-#include <openssl/rand.h>
 static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                            const unsigned char *iv,int enc);
@@ -71,8 +70,6 @@ static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                             const unsigned char *iv,int enc);
-static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
 typedef struct
    {
    DES_key_schedule ks1;/* key schedule */
@@ -88,8 +85,7 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                              const unsigned char *in, unsigned int inl)
 {
        BLOCK_CIPHER_ecb_loop()
-                DES_ecb3_encrypt((const_DES_cblock *)(in + i),
+                DES_ecb3_encrypt(in + i,out + i, 
-                                 (DES_cblock *)(out + i),
                                 &data(ctx)->ks1, &data(ctx)->ks2,
                                 &data(ctx)->ks3,
                                 ctx->encrypt);
@@ -164,10 +160,10 @@ static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
    }
 BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
-                        EVP_CIPH_RAND_KEY, des_ede_init_key, NULL, 
+                        EVP_CIPH_FLAG_FIPS, des_ede_init_key, NULL, 
                        EVP_CIPHER_set_asn1_iv,
                        EVP_CIPHER_get_asn1_iv,
-                        des3_ctrl)
+                        NULL)
 #define des_ede3_cfb64_cipher des_ede_cfb64_cipher
 #define des_ede3_ofb_cipher des_ede_ofb_cipher
@@ -175,35 +171,28 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
 #define des_ede3_ecb_cipher des_ede_ecb_cipher
 BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
-                        EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL, 
+                        EVP_CIPH_FLAG_FIPS, des_ede3_init_key, NULL, 
                        EVP_CIPHER_set_asn1_iv,
                        EVP_CIPHER_get_asn1_iv,
-                        des3_ctrl)
+                        NULL)
 BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1,
-                     EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL,
+                     EVP_CIPH_FLAG_FIPS, des_ede3_init_key,NULL,
                     EVP_CIPHER_set_asn1_iv,
-                     EVP_CIPHER_get_asn1_iv,
+                     EVP_CIPHER_get_asn1_iv,NULL)
-                     des3_ctrl)
 BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8,
-                     EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL,
+                     EVP_CIPH_FLAG_FIPS, des_ede3_init_key,NULL,
                     EVP_CIPHER_set_asn1_iv,
-                     EVP_CIPHER_get_asn1_iv,
+                     EVP_CIPHER_get_asn1_iv,NULL)
-                     des3_ctrl)
 static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                            const unsigned char *iv, int enc)
        {
        DES_cblock *deskey = (DES_cblock *)key;
-#ifdef EVP_CHECK_DES_KEY
-        if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1)
-                !! DES_set_key_checked(&deskey[1],&data(ctx)->ks2))
-                return 0;
-#else
        DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
        DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
-#endif
        memcpy(&data(ctx)->ks3,&data(ctx)->ks1,
               sizeof(data(ctx)->ks1));
        return 1;
@@ -224,39 +213,11 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
        }
 #endif  /* KSSL_DEBUG */
-#ifdef EVP_CHECK_DES_KEY
-        if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1)
-                || DES_set_key_checked(&deskey[1],&data(ctx)->ks2)
-                || DES_set_key_checked(&deskey[2],&data(ctx)->ks3))
-                return 0;
-#else
        DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
        DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
        DES_set_key_unchecked(&deskey[2],&data(ctx)->ks3);
-#endif
-        return 1;
-        }
-static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+        return 1;
-        {
-        DES_cblock *deskey = ptr;
-        switch(type)
-                {
-        case EVP_CTRL_RAND_KEY:
-                if (RAND_bytes(ptr, c->key_len) <= 0)
-                        return 0;
-                DES_set_odd_parity(deskey);
-                if (c->key_len >= 16)
-                        DES_set_odd_parity(deskey + 1);
-                if (c->key_len >= 24)
-                        DES_set_odd_parity(deskey + 2);
-                return 1;
-        default:
-                return -1;
-                }
        }
 const EVP_CIPHER *EVP_des_ede(void)

diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c index ac148efab2..677322bf02 100644 --- a/src/lib/libcrypto/evp/e_des3.c +++ b/src/lib/libcrypto/evp/e_des3.c
@@ -63,7 +63,6 @@
63	#include <openssl/objects.h>	63	#include <openssl/objects.h>
64	#include "evp_locl.h"	64	#include "evp_locl.h"
65	#include <openssl/des.h>	65	#include <openssl/des.h>
66	#include <openssl/rand.h>
67		66
68	static int des_ede_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,	67	static int des_ede_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,
69	const unsigned char *iv,int enc);	68	const unsigned char *iv,int enc);
@@ -71,8 +70,6 @@ static int des_ede_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,
71	static int des_ede3_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,	70	static int des_ede3_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,
72	const unsigned char *iv,int enc);	71	const unsigned char *iv,int enc);
73		72
74	static int des3_ctrl(EVP_CIPHER_CTX c, int type, int arg, void ptr);
75
76	typedef struct	73	typedef struct
77	{	74	{
78	DES_key_schedule ks1;/* key schedule */	75	DES_key_schedule ks1;/* key schedule */
@@ -88,8 +85,7 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
88	const unsigned char *in, unsigned int inl)	85	const unsigned char *in, unsigned int inl)
89	{	86	{
90	BLOCK_CIPHER_ecb_loop()	87	BLOCK_CIPHER_ecb_loop()
91	DES_ecb3_encrypt((const_DES_cblock *)(in + i),	88	DES_ecb3_encrypt(in + i,out + i,
92	(DES_cblock *)(out + i),
93	&data(ctx)->ks1, &data(ctx)->ks2,	89	&data(ctx)->ks1, &data(ctx)->ks2,
94	&data(ctx)->ks3,	90	&data(ctx)->ks3,
95	ctx->encrypt);	91	ctx->encrypt);
@@ -164,10 +160,10 @@ static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
164	}	160	}
165		161
166	BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,	162	BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
167	EVP_CIPH_RAND_KEY, des_ede_init_key, NULL,	163	EVP_CIPH_FLAG_FIPS, des_ede_init_key, NULL,
168	EVP_CIPHER_set_asn1_iv,	164	EVP_CIPHER_set_asn1_iv,
169	EVP_CIPHER_get_asn1_iv,	165	EVP_CIPHER_get_asn1_iv,
170	des3_ctrl)	166	NULL)
171		167
172	#define des_ede3_cfb64_cipher des_ede_cfb64_cipher	168	#define des_ede3_cfb64_cipher des_ede_cfb64_cipher
173	#define des_ede3_ofb_cipher des_ede_ofb_cipher	169	#define des_ede3_ofb_cipher des_ede_ofb_cipher
@@ -175,35 +171,28 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
175	#define des_ede3_ecb_cipher des_ede_ecb_cipher	171	#define des_ede3_ecb_cipher des_ede_ecb_cipher
176		172
177	BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,	173	BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
178	EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL,	174	EVP_CIPH_FLAG_FIPS, des_ede3_init_key, NULL,
179	EVP_CIPHER_set_asn1_iv,	175	EVP_CIPHER_set_asn1_iv,
180	EVP_CIPHER_get_asn1_iv,	176	EVP_CIPHER_get_asn1_iv,
181	des3_ctrl)	177	NULL)
182		178
183	BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1,	179	BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1,
184	EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL,	180	EVP_CIPH_FLAG_FIPS, des_ede3_init_key,NULL,
185	EVP_CIPHER_set_asn1_iv,	181	EVP_CIPHER_set_asn1_iv,
186	EVP_CIPHER_get_asn1_iv,	182	EVP_CIPHER_get_asn1_iv,NULL)
187	des3_ctrl)
188		183
189	BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8,	184	BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8,
190	EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL,	185	EVP_CIPH_FLAG_FIPS, des_ede3_init_key,NULL,
191	EVP_CIPHER_set_asn1_iv,	186	EVP_CIPHER_set_asn1_iv,
192	EVP_CIPHER_get_asn1_iv,	187	EVP_CIPHER_get_asn1_iv,NULL)
193	des3_ctrl)
194		188
195	static int des_ede_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,	189	static int des_ede_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,
196	const unsigned char *iv, int enc)	190	const unsigned char *iv, int enc)
197	{	191	{
198	DES_cblock deskey = (DES_cblock )key;	192	DES_cblock deskey = (DES_cblock )key;
199	#ifdef EVP_CHECK_DES_KEY	193
200	if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1)
201	!! DES_set_key_checked(&deskey[1],&data(ctx)->ks2))
202	return 0;
203	#else
204	DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);	194	DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
205	DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);	195	DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
206	#endif
207	memcpy(&data(ctx)->ks3,&data(ctx)->ks1,	196	memcpy(&data(ctx)->ks3,&data(ctx)->ks1,
208	sizeof(data(ctx)->ks1));	197	sizeof(data(ctx)->ks1));
209	return 1;	198	return 1;
@@ -224,39 +213,11 @@ static int des_ede3_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,
224	}	213	}
225	#endif /* KSSL_DEBUG */	214	#endif /* KSSL_DEBUG */
226		215
227	#ifdef EVP_CHECK_DES_KEY
228	if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1)
229	\|\| DES_set_key_checked(&deskey[1],&data(ctx)->ks2)
230	\|\| DES_set_key_checked(&deskey[2],&data(ctx)->ks3))
231	return 0;
232	#else
233	DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);	216	DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
234	DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);	217	DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
235	DES_set_key_unchecked(&deskey[2],&data(ctx)->ks3);	218	DES_set_key_unchecked(&deskey[2],&data(ctx)->ks3);
236	#endif
237	return 1;
238	}
239		219
240	static int des3_ctrl(EVP_CIPHER_CTX c, int type, int arg, void ptr)	220	return 1;
241	{
242
243	DES_cblock *deskey = ptr;
244
245	switch(type)
246	{
247	case EVP_CTRL_RAND_KEY:
248	if (RAND_bytes(ptr, c->key_len) <= 0)
249	return 0;
250	DES_set_odd_parity(deskey);
251	if (c->key_len >= 16)
252	DES_set_odd_parity(deskey + 1);
253	if (c->key_len >= 24)
254	DES_set_odd_parity(deskey + 2);
255	return 1;
256
257	default:
258	return -1;
259	}
260	}	221	}
261		222
262	const EVP_CIPHER *EVP_des_ede(void)	223	const EVP_CIPHER *EVP_des_ede(void)