diff options
Diffstat (limited to 'src/lib/libcrypto')
| -rw-r--r-- | src/lib/libcrypto/evp/e_aes.c | 59 |
1 files changed, 33 insertions, 26 deletions
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c index f672c998eb..59ed9e93e2 100644 --- a/src/lib/libcrypto/evp/e_aes.c +++ b/src/lib/libcrypto/evp/e_aes.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: e_aes.c,v 1.62 2025/05/10 05:54:38 tb Exp $ */ | 1 | /* $OpenBSD: e_aes.c,v 1.63 2025/05/18 09:47:38 jsing Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| @@ -69,7 +69,6 @@ typedef struct { | |||
| 69 | AES_KEY ks; | 69 | AES_KEY ks; |
| 70 | block128_f block; | 70 | block128_f block; |
| 71 | union { | 71 | union { |
| 72 | cbc128_f cbc; | ||
| 73 | ctr128_f ctr; | 72 | ctr128_f ctr; |
| 74 | } stream; | 73 | } stream; |
| 75 | } EVP_AES_KEY; | 74 | } EVP_AES_KEY; |
| @@ -175,24 +174,21 @@ aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |||
| 175 | int ret, mode; | 174 | int ret, mode; |
| 176 | EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; | 175 | EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; |
| 177 | 176 | ||
| 177 | dat->stream.ctr = NULL; | ||
| 178 | |||
| 178 | mode = ctx->cipher->flags & EVP_CIPH_MODE; | 179 | mode = ctx->cipher->flags & EVP_CIPH_MODE; |
| 180 | |||
| 179 | if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) && | 181 | if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) && |
| 180 | !enc) { | 182 | !enc) { |
| 181 | ret = aesni_set_decrypt_key(key, ctx->key_len * 8, | 183 | ret = aesni_set_decrypt_key(key, ctx->key_len * 8, |
| 182 | ctx->cipher_data); | 184 | ctx->cipher_data); |
| 183 | dat->block = (block128_f)aesni_decrypt; | 185 | dat->block = (block128_f)aesni_decrypt; |
| 184 | dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? | ||
| 185 | (cbc128_f)aesni_cbc_encrypt : NULL; | ||
| 186 | } else { | 186 | } else { |
| 187 | ret = aesni_set_encrypt_key(key, ctx->key_len * 8, | 187 | ret = aesni_set_encrypt_key(key, ctx->key_len * 8, |
| 188 | ctx->cipher_data); | 188 | ctx->cipher_data); |
| 189 | dat->block = (block128_f)aesni_encrypt; | 189 | dat->block = (block128_f)aesni_encrypt; |
| 190 | if (mode == EVP_CIPH_CBC_MODE) | 190 | if (mode == EVP_CIPH_CTR_MODE) |
| 191 | dat->stream.cbc = (cbc128_f)aesni_cbc_encrypt; | ||
| 192 | else if (mode == EVP_CIPH_CTR_MODE) | ||
| 193 | dat->stream.ctr = (ctr128_f)aesni_ctr32_encrypt_blocks; | 191 | dat->stream.ctr = (ctr128_f)aesni_ctr32_encrypt_blocks; |
| 194 | else | ||
| 195 | dat->stream.cbc = NULL; | ||
| 196 | } | 192 | } |
| 197 | 193 | ||
| 198 | if (ret < 0) { | 194 | if (ret < 0) { |
| @@ -332,18 +328,16 @@ aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |||
| 332 | int ret, mode; | 328 | int ret, mode; |
| 333 | EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; | 329 | EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; |
| 334 | 330 | ||
| 331 | dat->stream.ctr = NULL; | ||
| 332 | |||
| 335 | mode = ctx->cipher->flags & EVP_CIPH_MODE; | 333 | mode = ctx->cipher->flags & EVP_CIPH_MODE; |
| 336 | 334 | ||
| 337 | if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) && !enc) { | 335 | if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) && !enc) { |
| 338 | ret = AES_set_decrypt_key(key, ctx->key_len * 8, &dat->ks); | 336 | ret = AES_set_decrypt_key(key, ctx->key_len * 8, &dat->ks); |
| 339 | dat->block = (block128_f)AES_decrypt; | 337 | dat->block = (block128_f)AES_decrypt; |
| 340 | dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? | ||
| 341 | (cbc128_f)AES_cbc_encrypt : NULL; | ||
| 342 | } else { | 338 | } else { |
| 343 | ret = AES_set_encrypt_key(key, ctx->key_len * 8, &dat->ks); | 339 | ret = AES_set_encrypt_key(key, ctx->key_len * 8, &dat->ks); |
| 344 | dat->block = (block128_f)AES_encrypt; | 340 | dat->block = (block128_f)AES_encrypt; |
| 345 | dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? | ||
| 346 | (cbc128_f)AES_cbc_encrypt : NULL; | ||
| 347 | #ifdef AES_CTR_ASM | 341 | #ifdef AES_CTR_ASM |
| 348 | if (mode == EVP_CIPH_CTR_MODE) | 342 | if (mode == EVP_CIPH_CTR_MODE) |
| 349 | dat->stream.ctr = (ctr128_f)AES_ctr32_encrypt; | 343 | dat->stream.ctr = (ctr128_f)AES_ctr32_encrypt; |
| @@ -359,20 +353,33 @@ aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |||
| 359 | } | 353 | } |
| 360 | 354 | ||
| 361 | static int | 355 | static int |
| 356 | aes_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | ||
| 357 | const unsigned char *iv, int encrypt) | ||
| 358 | { | ||
| 359 | EVP_AES_KEY *eak = ctx->cipher_data; | ||
| 360 | |||
| 361 | if (encrypt) { | ||
| 362 | if (AES_set_encrypt_key(key, ctx->key_len * 8, &eak->ks) < 0) { | ||
| 363 | EVPerror(EVP_R_AES_KEY_SETUP_FAILED); | ||
| 364 | return 0; | ||
| 365 | } | ||
| 366 | } else { | ||
| 367 | if (AES_set_decrypt_key(key, ctx->key_len * 8, &eak->ks) < 0) { | ||
| 368 | EVPerror(EVP_R_AES_KEY_SETUP_FAILED); | ||
| 369 | return 0; | ||
| 370 | } | ||
| 371 | } | ||
| 372 | |||
| 373 | return 1; | ||
| 374 | } | ||
| 375 | |||
| 376 | static int | ||
| 362 | aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | 377 | aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, |
| 363 | const unsigned char *in, size_t len) | 378 | const unsigned char *in, size_t len) |
| 364 | { | 379 | { |
| 365 | EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; | 380 | EVP_AES_KEY *eak = ctx->cipher_data; |
| 366 | 381 | ||
| 367 | if (dat->stream.cbc) | 382 | AES_cbc_encrypt(in, out, len, &eak->ks, ctx->iv, ctx->encrypt); |
| 368 | (*dat->stream.cbc)(in, out, len, &dat->ks, ctx->iv, | ||
| 369 | ctx->encrypt); | ||
| 370 | else if (ctx->encrypt) | ||
| 371 | CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv, | ||
| 372 | dat->block); | ||
| 373 | else | ||
| 374 | CRYPTO_cbc128_decrypt(in, out, len, &dat->ks, ctx->iv, | ||
| 375 | dat->block); | ||
| 376 | 383 | ||
| 377 | return 1; | 384 | return 1; |
| 378 | } | 385 | } |
| @@ -490,7 +497,7 @@ static const EVP_CIPHER aes_128_cbc = { | |||
| 490 | .key_len = 16, | 497 | .key_len = 16, |
| 491 | .iv_len = 16, | 498 | .iv_len = 16, |
| 492 | .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE, | 499 | .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE, |
| 493 | .init = aes_init_key, | 500 | .init = aes_cbc_init_key, |
| 494 | .do_cipher = aes_cbc_cipher, | 501 | .do_cipher = aes_cbc_cipher, |
| 495 | .ctx_size = sizeof(EVP_AES_KEY), | 502 | .ctx_size = sizeof(EVP_AES_KEY), |
| 496 | }; | 503 | }; |
| @@ -736,7 +743,7 @@ static const EVP_CIPHER aes_192_cbc = { | |||
| 736 | .key_len = 24, | 743 | .key_len = 24, |
| 737 | .iv_len = 16, | 744 | .iv_len = 16, |
| 738 | .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE, | 745 | .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE, |
| 739 | .init = aes_init_key, | 746 | .init = aes_cbc_init_key, |
| 740 | .do_cipher = aes_cbc_cipher, | 747 | .do_cipher = aes_cbc_cipher, |
| 741 | .ctx_size = sizeof(EVP_AES_KEY), | 748 | .ctx_size = sizeof(EVP_AES_KEY), |
| 742 | }; | 749 | }; |
| @@ -982,7 +989,7 @@ static const EVP_CIPHER aes_256_cbc = { | |||
| 982 | .key_len = 32, | 989 | .key_len = 32, |
| 983 | .iv_len = 16, | 990 | .iv_len = 16, |
| 984 | .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE, | 991 | .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE, |
| 985 | .init = aes_init_key, | 992 | .init = aes_cbc_init_key, |
| 986 | .do_cipher = aes_cbc_cipher, | 993 | .do_cipher = aes_cbc_cipher, |
| 987 | .ctx_size = sizeof(EVP_AES_KEY), | 994 | .ctx_size = sizeof(EVP_AES_KEY), |
| 988 | }; | 995 | }; |