From: Matt Caswell Date: Thu, 18 Dec 2025 14:08:29 +0000 (+0000) Subject: Cleanup block cipher macros in include/crypto/evp.h X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=32eaa748a3020896d3ac7b76c75f56ffd8112e56;p=thirdparty%2Fopenssl.git Cleanup block cipher macros in include/crypto/evp.h Remove some unneeded deadcode and fix the formatting Also fix all users of those macros to avoid compilation warnings Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/29446) --- diff --git a/.clang-format b/.clang-format index 46564bf2c0f..e4e27555ea6 100644 --- a/.clang-format +++ b/.clang-format @@ -1132,8 +1132,14 @@ TypeNames: # OpenSSL uses macros extensively. Tell clang-format about them. TypenameMacros: ['LHASH_OF', 'STACK_OF'] StatementMacros: + - "BLOCK_CIPHER_aead" - "BLOCK_CIPHER_generic" - "BLOCK_CIPHER_custom" + - "BLOCK_CIPHER_def_cbc" + - "BLOCK_CIPHER_def_cfb" + - "BLOCK_CIPHER_def_ofb" + - "BLOCK_CIPHER_def_ecb" + - "BLOCK_CIPHER_defs" - "BLOCK_CIPHER_generic_pack" - "DECLARE_AES_EVP" - "DECLARE_ASN1_ALLOC_FUNCTIONS" diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c index 83e272232e7..061d4515e04 100644 --- a/crypto/evp/e_aria.c +++ b/crypto/evp/e_aria.c @@ -20,134 +20,23 @@ #include "crypto/modes.h" #include "evp_local.h" -/* ARIA subkey Structure */ -typedef struct { - ARIA_KEY ks; -} EVP_ARIA_KEY; - -/* ARIA GCM context */ -typedef struct { - union { - OSSL_UNION_ALIGN; - ARIA_KEY ks; - } ks; /* ARIA subkey to use */ - int key_set; /* Set if key initialised */ - int iv_set; /* Set if an iv is set */ - GCM128_CONTEXT gcm; - unsigned char *iv; /* Temporary IV store */ - int ivlen; /* IV length */ - int taglen; - int iv_gen; /* It is OK to generate IVs */ - int tls_aad_len; /* TLS AAD length */ -} EVP_ARIA_GCM_CTX; - -/* ARIA CCM context */ -typedef struct { - union { - OSSL_UNION_ALIGN; - ARIA_KEY ks; - } ks; /* ARIA key schedule to use */ - int key_set; /* Set if key initialised */ - int iv_set; /* Set if an iv is set */ - int tag_set; /* Set if tag is valid */ - int len_set; /* Set if message length set */ - int L, M; /* L and M parameters from RFC3610 */ - int tls_aad_len; /* TLS AAD length */ - CCM128_CONTEXT ccm; - ccm128_f str; -} EVP_ARIA_CCM_CTX; - -/* The subkey for ARIA is generated. */ -static int aria_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - int ret; - int mode = EVP_CIPHER_CTX_get_mode(ctx); - - if (enc || (mode != EVP_CIPH_ECB_MODE && mode != EVP_CIPH_CBC_MODE)) - ret = ossl_aria_set_encrypt_key(key, - EVP_CIPHER_CTX_get_key_length(ctx) * 8, - EVP_CIPHER_CTX_get_cipher_data(ctx)); - else - ret = ossl_aria_set_decrypt_key(key, - EVP_CIPHER_CTX_get_key_length(ctx) * 8, - EVP_CIPHER_CTX_get_cipher_data(ctx)); - if (ret < 0) { - ERR_raise(ERR_LIB_EVP, EVP_R_ARIA_KEY_SETUP_FAILED); - return 0; - } - return 1; -} - -static void aria_cbc_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const ARIA_KEY *key, - unsigned char *ivec, const int enc) -{ - - if (enc) - CRYPTO_cbc128_encrypt(in, out, len, key, ivec, - (block128_f)ossl_aria_encrypt); - else - CRYPTO_cbc128_decrypt(in, out, len, key, ivec, - (block128_f)ossl_aria_encrypt); -} - -static void aria_cfb128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const ARIA_KEY *key, - unsigned char *ivec, int *num, const int enc) -{ - - CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc, - (block128_f)ossl_aria_encrypt); -} - -static void aria_cfb1_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const ARIA_KEY *key, - unsigned char *ivec, int *num, const int enc) -{ - CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc, - (block128_f)ossl_aria_encrypt); -} - -static void aria_cfb8_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const ARIA_KEY *key, - unsigned char *ivec, int *num, const int enc) -{ - CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc, - (block128_f)ossl_aria_encrypt); -} - -static void aria_ecb_encrypt(const unsigned char *in, unsigned char *out, - const ARIA_KEY *key, const int enc) -{ - ossl_aria_encrypt(in, out, key); -} - -static void aria_ofb128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const ARIA_KEY *key, - unsigned char *ivec, int *num) -{ - CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num, - (block128_f)ossl_aria_encrypt); -} - IMPLEMENT_BLOCK_CIPHER(aria_128, ks, aria, EVP_ARIA_KEY, NID_aria_128, 16, 16, 16, 128, - 0, aria_init_key, NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, + 0, NULL, NULL, + NULL, + NULL, NULL) IMPLEMENT_BLOCK_CIPHER(aria_192, ks, aria, EVP_ARIA_KEY, NID_aria_192, 16, 24, 16, 128, - 0, aria_init_key, NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, + 0, NULL, NULL, + NULL, + NULL, NULL) IMPLEMENT_BLOCK_CIPHER(aria_256, ks, aria, EVP_ARIA_KEY, NID_aria_256, 16, 32, 16, 128, - 0, aria_init_key, NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, + 0, NULL, NULL, + NULL, + NULL, NULL) #define IMPLEMENT_ARIA_CFBR(ksize, cbits) \ @@ -164,10 +53,10 @@ IMPLEMENT_ARIA_CFBR(256, 8) nid##_##keylen##_##nmode, blocksize, keylen / 8, ivlen, \ flags | EVP_CIPH_##MODE##_MODE, \ EVP_ORIG_GLOBAL, \ - aria_init_key, \ - aria_##mode##_cipher, \ NULL, \ - sizeof(EVP_ARIA_KEY), \ + NULL, \ + NULL, \ + 0, \ NULL, NULL, NULL, NULL \ }; \ const EVP_CIPHER *EVP_aria_##keylen##_##mode(void) \ @@ -175,584 +64,9 @@ IMPLEMENT_ARIA_CFBR(256, 8) return &aria_##keylen##_##mode; \ } -static int aria_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - int n = EVP_CIPHER_CTX_get_num(ctx); - unsigned int num; - EVP_ARIA_KEY *dat = EVP_C_DATA(EVP_ARIA_KEY, ctx); - - if (n < 0) - return 0; - num = (unsigned int)n; - - CRYPTO_ctr128_encrypt(in, out, len, &dat->ks, ctx->iv, - EVP_CIPHER_CTX_buf_noconst(ctx), &num, - (block128_f)ossl_aria_encrypt); - EVP_CIPHER_CTX_set_num(ctx, num); - return 1; -} - BLOCK_CIPHER_generic(NID_aria, 128, 1, 16, ctr, ctr, CTR, 0) - BLOCK_CIPHER_generic(NID_aria, 192, 1, 16, ctr, ctr, CTR, 0) - BLOCK_CIPHER_generic(NID_aria, 256, 1, 16, ctr, ctr, CTR, 0) - - /* Authenticated cipher modes (GCM/CCM) */ - - /* increment counter (64-bit int) by 1 */ - static void ctr64_inc(unsigned char *counter) -{ - int n = 8; - unsigned char c; - - do { - --n; - c = counter[n]; - ++c; - counter[n] = c; - if (c) - return; - } while (n); -} - -static int aria_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - int ret; - EVP_ARIA_GCM_CTX *gctx = EVP_C_DATA(EVP_ARIA_GCM_CTX, ctx); - - if (!iv && !key) - return 1; - if (key) { - ret = ossl_aria_set_encrypt_key(key, - EVP_CIPHER_CTX_get_key_length(ctx) * 8, - &gctx->ks.ks); - CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, - (block128_f)ossl_aria_encrypt); - if (ret < 0) { - ERR_raise(ERR_LIB_EVP, EVP_R_ARIA_KEY_SETUP_FAILED); - return 0; - } - - /* - * If we have an iv can set it directly, otherwise use saved IV. - */ - if (iv == NULL && gctx->iv_set) - iv = gctx->iv; - if (iv) { - CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen); - gctx->iv_set = 1; - } - gctx->key_set = 1; - } else { - /* If key set use IV, otherwise copy */ - if (gctx->key_set) - CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen); - else - memcpy(gctx->iv, iv, gctx->ivlen); - gctx->iv_set = 1; - gctx->iv_gen = 0; - } - return 1; -} - -static int aria_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) -{ - EVP_ARIA_GCM_CTX *gctx = EVP_C_DATA(EVP_ARIA_GCM_CTX, c); - - switch (type) { - case EVP_CTRL_INIT: - gctx->key_set = 0; - gctx->iv_set = 0; - gctx->ivlen = EVP_CIPHER_get_iv_length(c->cipher); - gctx->iv = c->iv; - gctx->taglen = -1; - gctx->iv_gen = 0; - gctx->tls_aad_len = -1; - return 1; - - case EVP_CTRL_GET_IVLEN: - *(int *)ptr = gctx->ivlen; - return 1; - - case EVP_CTRL_AEAD_SET_IVLEN: - if (arg <= 0) - return 0; - /* Allocate memory for IV if needed */ - if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) { - if (gctx->iv != c->iv) - OPENSSL_free(gctx->iv); - if ((gctx->iv = OPENSSL_malloc(arg)) == NULL) - return 0; - } - gctx->ivlen = arg; - return 1; - - case EVP_CTRL_AEAD_SET_TAG: - if (arg <= 0 || arg > 16 || EVP_CIPHER_CTX_is_encrypting(c)) - return 0; - memcpy(EVP_CIPHER_CTX_buf_noconst(c), ptr, arg); - gctx->taglen = arg; - return 1; - - case EVP_CTRL_AEAD_GET_TAG: - if (arg <= 0 || arg > 16 || !EVP_CIPHER_CTX_is_encrypting(c) - || gctx->taglen < 0) - return 0; - memcpy(ptr, EVP_CIPHER_CTX_buf_noconst(c), arg); - return 1; - - case EVP_CTRL_GCM_SET_IV_FIXED: - /* Special case: -1 length restores whole IV */ - if (arg == -1) { - memcpy(gctx->iv, ptr, gctx->ivlen); - gctx->iv_gen = 1; - return 1; - } - /* - * Fixed field must be at least 4 bytes and invocation field at least - * 8. - */ - if ((arg < 4) || (gctx->ivlen - arg) < 8) - return 0; - if (arg) - memcpy(gctx->iv, ptr, arg); - if (EVP_CIPHER_CTX_is_encrypting(c) - && RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0) - return 0; - gctx->iv_gen = 1; - return 1; - - case EVP_CTRL_GCM_IV_GEN: - if (gctx->iv_gen == 0 || gctx->key_set == 0) - return 0; - CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen); - if (arg <= 0 || arg > gctx->ivlen) - arg = gctx->ivlen; - memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg); - /* - * Invocation field will be at least 8 bytes in size and so no need - * to check wrap around or increment more than last 8 bytes. - */ - ctr64_inc(gctx->iv + gctx->ivlen - 8); - gctx->iv_set = 1; - return 1; - - case EVP_CTRL_GCM_SET_IV_INV: - if (gctx->iv_gen == 0 || gctx->key_set == 0 - || EVP_CIPHER_CTX_is_encrypting(c)) - return 0; - memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg); - CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen); - gctx->iv_set = 1; - return 1; - - case EVP_CTRL_AEAD_TLS1_AAD: - /* Save the AAD for later use */ - if (arg != EVP_AEAD_TLS1_AAD_LEN) - return 0; - memcpy(EVP_CIPHER_CTX_buf_noconst(c), ptr, arg); - gctx->tls_aad_len = arg; - { - unsigned int len = EVP_CIPHER_CTX_buf_noconst(c)[arg - 2] << 8 - | EVP_CIPHER_CTX_buf_noconst(c)[arg - 1]; - /* Correct length for explicit IV */ - if (len < EVP_GCM_TLS_EXPLICIT_IV_LEN) - return 0; - len -= EVP_GCM_TLS_EXPLICIT_IV_LEN; - /* If decrypting correct for tag too */ - if (!EVP_CIPHER_CTX_is_encrypting(c)) { - if (len < EVP_GCM_TLS_TAG_LEN) - return 0; - len -= EVP_GCM_TLS_TAG_LEN; - } - EVP_CIPHER_CTX_buf_noconst(c)[arg - 2] = len >> 8; - EVP_CIPHER_CTX_buf_noconst(c)[arg - 1] = len & 0xff; - } - /* Extra padding: tag appended to record */ - return EVP_GCM_TLS_TAG_LEN; - - case EVP_CTRL_COPY: { - EVP_CIPHER_CTX *out = ptr; - EVP_ARIA_GCM_CTX *gctx_out = EVP_C_DATA(EVP_ARIA_GCM_CTX, out); - if (gctx->gcm.key) { - if (gctx->gcm.key != &gctx->ks) - return 0; - gctx_out->gcm.key = &gctx_out->ks; - } - if (gctx->iv == c->iv) - gctx_out->iv = out->iv; - else { - if ((gctx_out->iv = OPENSSL_malloc(gctx->ivlen)) == NULL) - return 0; - memcpy(gctx_out->iv, gctx->iv, gctx->ivlen); - } - return 1; - } - - default: - return -1; - } -} - -static int aria_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_ARIA_GCM_CTX *gctx = EVP_C_DATA(EVP_ARIA_GCM_CTX, ctx); - int rv = -1; - - /* Encrypt/decrypt must be performed in place */ - if (out != in - || len < (EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN)) - return -1; - /* - * Set IV from start of buffer or generate IV and write to start of - * buffer. - */ - if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CIPHER_CTX_is_encrypting(ctx) ? EVP_CTRL_GCM_IV_GEN : EVP_CTRL_GCM_SET_IV_INV, - EVP_GCM_TLS_EXPLICIT_IV_LEN, out) - <= 0) - goto err; - /* Use saved AAD */ - if (CRYPTO_gcm128_aad(&gctx->gcm, EVP_CIPHER_CTX_buf_noconst(ctx), - gctx->tls_aad_len)) - goto err; - /* Fix buffer and length to point to payload */ - in += EVP_GCM_TLS_EXPLICIT_IV_LEN; - out += EVP_GCM_TLS_EXPLICIT_IV_LEN; - len -= EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN; - if (EVP_CIPHER_CTX_is_encrypting(ctx)) { - /* Encrypt payload */ - if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, len)) - goto err; - out += len; - /* Finally write tag */ - CRYPTO_gcm128_tag(&gctx->gcm, out, EVP_GCM_TLS_TAG_LEN); - rv = (int)(len + EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN); - } else { - /* Decrypt */ - if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, len)) - goto err; - /* Retrieve tag */ - CRYPTO_gcm128_tag(&gctx->gcm, EVP_CIPHER_CTX_buf_noconst(ctx), - EVP_GCM_TLS_TAG_LEN); - /* If tag mismatch wipe buffer */ - if (CRYPTO_memcmp(EVP_CIPHER_CTX_buf_noconst(ctx), in + len, - EVP_GCM_TLS_TAG_LEN)) { - OPENSSL_cleanse(out, len); - goto err; - } - rv = (int)len; - } - -err: - gctx->iv_set = 0; - gctx->tls_aad_len = -1; - return rv; -} - -static int aria_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_ARIA_GCM_CTX *gctx = EVP_C_DATA(EVP_ARIA_GCM_CTX, ctx); - - /* If not set up, return error */ - if (!gctx->key_set) - return -1; - - if (gctx->tls_aad_len >= 0) - return aria_gcm_tls_cipher(ctx, out, in, len); - - if (!gctx->iv_set) - return -1; - if (in) { - if (out == NULL) { - if (CRYPTO_gcm128_aad(&gctx->gcm, in, len)) - return -1; - } else if (EVP_CIPHER_CTX_is_encrypting(ctx)) { - if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, len)) - return -1; - } else { - if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, len)) - return -1; - } - return (int)len; - } - if (!EVP_CIPHER_CTX_is_encrypting(ctx)) { - if (gctx->taglen < 0) - return -1; - if (CRYPTO_gcm128_finish(&gctx->gcm, - EVP_CIPHER_CTX_buf_noconst(ctx), - gctx->taglen) - != 0) - return -1; - gctx->iv_set = 0; - return 0; - } - CRYPTO_gcm128_tag(&gctx->gcm, EVP_CIPHER_CTX_buf_noconst(ctx), 16); - gctx->taglen = 16; - /* Don't reuse the IV */ - gctx->iv_set = 0; - return 0; -} - -static int aria_gcm_cleanup(EVP_CIPHER_CTX *ctx) -{ - EVP_ARIA_GCM_CTX *gctx = EVP_C_DATA(EVP_ARIA_GCM_CTX, ctx); - - if (gctx->iv != ctx->iv) - OPENSSL_free(gctx->iv); - - return 1; -} - -static int aria_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - int ret; - EVP_ARIA_CCM_CTX *cctx = EVP_C_DATA(EVP_ARIA_CCM_CTX, ctx); - - if (!iv && !key) - return 1; - - if (key) { - ret = ossl_aria_set_encrypt_key(key, - EVP_CIPHER_CTX_get_key_length(ctx) * 8, - &cctx->ks.ks); - CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L, - &cctx->ks, (block128_f)ossl_aria_encrypt); - if (ret < 0) { - ERR_raise(ERR_LIB_EVP, EVP_R_ARIA_KEY_SETUP_FAILED); - return 0; - } - cctx->str = NULL; - cctx->key_set = 1; - } - if (iv) { - memcpy(ctx->iv, iv, 15 - cctx->L); - cctx->iv_set = 1; - } - return 1; -} - -static int aria_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) -{ - EVP_ARIA_CCM_CTX *cctx = EVP_C_DATA(EVP_ARIA_CCM_CTX, c); - - switch (type) { - case EVP_CTRL_INIT: - cctx->key_set = 0; - cctx->iv_set = 0; - cctx->L = 8; - cctx->M = 12; - cctx->tag_set = 0; - cctx->len_set = 0; - cctx->tls_aad_len = -1; - return 1; - - case EVP_CTRL_GET_IVLEN: - *(int *)ptr = 15 - cctx->L; - return 1; - - case EVP_CTRL_AEAD_TLS1_AAD: - /* Save the AAD for later use */ - if (arg != EVP_AEAD_TLS1_AAD_LEN) - return 0; - memcpy(EVP_CIPHER_CTX_buf_noconst(c), ptr, arg); - cctx->tls_aad_len = arg; - { - uint16_t len = EVP_CIPHER_CTX_buf_noconst(c)[arg - 2] << 8 - | EVP_CIPHER_CTX_buf_noconst(c)[arg - 1]; - /* Correct length for explicit IV */ - if (len < EVP_CCM_TLS_EXPLICIT_IV_LEN) - return 0; - len -= EVP_CCM_TLS_EXPLICIT_IV_LEN; - /* If decrypting correct for tag too */ - if (!EVP_CIPHER_CTX_is_encrypting(c)) { - if (len < cctx->M) - return 0; - len -= cctx->M; - } - EVP_CIPHER_CTX_buf_noconst(c)[arg - 2] = len >> 8; - EVP_CIPHER_CTX_buf_noconst(c)[arg - 1] = len & 0xff; - } - /* Extra padding: tag appended to record */ - return cctx->M; - - case EVP_CTRL_CCM_SET_IV_FIXED: - /* Sanity check length */ - if (arg != EVP_CCM_TLS_FIXED_IV_LEN) - return 0; - /* Just copy to first part of IV */ - memcpy(c->iv, ptr, arg); - return 1; - - case EVP_CTRL_AEAD_SET_IVLEN: - arg = 15 - arg; - /* fall through */ - case EVP_CTRL_CCM_SET_L: - if (arg < 2 || arg > 8) - return 0; - cctx->L = arg; - return 1; - case EVP_CTRL_AEAD_SET_TAG: - if ((arg & 1) || arg < 4 || arg > 16) - return 0; - if (EVP_CIPHER_CTX_is_encrypting(c) && ptr) - return 0; - if (ptr) { - cctx->tag_set = 1; - memcpy(EVP_CIPHER_CTX_buf_noconst(c), ptr, arg); - } - cctx->M = arg; - return 1; - - case EVP_CTRL_AEAD_GET_TAG: - if (!EVP_CIPHER_CTX_is_encrypting(c) || !cctx->tag_set) - return 0; - if (!CRYPTO_ccm128_tag(&cctx->ccm, ptr, (size_t)arg)) - return 0; - cctx->tag_set = 0; - cctx->iv_set = 0; - cctx->len_set = 0; - return 1; - - case EVP_CTRL_COPY: { - EVP_CIPHER_CTX *out = ptr; - EVP_ARIA_CCM_CTX *cctx_out = EVP_C_DATA(EVP_ARIA_CCM_CTX, out); - if (cctx->ccm.key) { - if (cctx->ccm.key != &cctx->ks) - return 0; - cctx_out->ccm.key = &cctx_out->ks; - } - return 1; - } - - default: - return -1; - } -} - -static int aria_ccm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_ARIA_CCM_CTX *cctx = EVP_C_DATA(EVP_ARIA_CCM_CTX, ctx); - CCM128_CONTEXT *ccm = &cctx->ccm; - - /* Encrypt/decrypt must be performed in place */ - if (out != in || len < (EVP_CCM_TLS_EXPLICIT_IV_LEN + (size_t)cctx->M)) - return -1; - /* If encrypting set explicit IV from sequence number (start of AAD) */ - if (EVP_CIPHER_CTX_is_encrypting(ctx)) - memcpy(out, EVP_CIPHER_CTX_buf_noconst(ctx), - EVP_CCM_TLS_EXPLICIT_IV_LEN); - /* Get rest of IV from explicit IV */ - memcpy(ctx->iv + EVP_CCM_TLS_FIXED_IV_LEN, in, - EVP_CCM_TLS_EXPLICIT_IV_LEN); - /* Correct length value */ - len -= EVP_CCM_TLS_EXPLICIT_IV_LEN + cctx->M; - if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, - len)) - return -1; - /* Use saved AAD */ - CRYPTO_ccm128_aad(ccm, EVP_CIPHER_CTX_buf_noconst(ctx), - cctx->tls_aad_len); - /* Fix buffer to point to payload */ - in += EVP_CCM_TLS_EXPLICIT_IV_LEN; - out += EVP_CCM_TLS_EXPLICIT_IV_LEN; - if (EVP_CIPHER_CTX_is_encrypting(ctx)) { - if (cctx->str ? CRYPTO_ccm128_encrypt_ccm64(ccm, in, out, len, cctx->str) - : CRYPTO_ccm128_encrypt(ccm, in, out, len)) - return -1; - if (!CRYPTO_ccm128_tag(ccm, out + len, cctx->M)) - return -1; - return (int)(len + EVP_CCM_TLS_EXPLICIT_IV_LEN + cctx->M); - } else { - if (cctx->str ? !CRYPTO_ccm128_decrypt_ccm64(ccm, in, out, len, cctx->str) - : !CRYPTO_ccm128_decrypt(ccm, in, out, len)) { - unsigned char tag[16]; - if (CRYPTO_ccm128_tag(ccm, tag, cctx->M)) { - if (!CRYPTO_memcmp(tag, in + len, cctx->M)) - return (int)len; - } - } - OPENSSL_cleanse(out, len); - return -1; - } -} - -static int aria_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_ARIA_CCM_CTX *cctx = EVP_C_DATA(EVP_ARIA_CCM_CTX, ctx); - CCM128_CONTEXT *ccm = &cctx->ccm; - - /* If not set up, return error */ - if (!cctx->key_set) - return -1; - - if (cctx->tls_aad_len >= 0) - return aria_ccm_tls_cipher(ctx, out, in, len); - - /* EVP_*Final() doesn't return any data */ - if (in == NULL && out != NULL) - return 0; - - if (!cctx->iv_set) - return -1; - - if (!out) { - if (!in) { - if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len)) - return -1; - cctx->len_set = 1; - return (int)len; - } - /* If have AAD need message length */ - if (!cctx->len_set && len) - return -1; - CRYPTO_ccm128_aad(ccm, in, len); - return (int)len; - } - - /* The tag must be set before actually decrypting data */ - if (!EVP_CIPHER_CTX_is_encrypting(ctx) && !cctx->tag_set) - return -1; - - /* If not set length yet do it */ - if (!cctx->len_set) { - if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len)) - return -1; - cctx->len_set = 1; - } - if (EVP_CIPHER_CTX_is_encrypting(ctx)) { - if (cctx->str ? CRYPTO_ccm128_encrypt_ccm64(ccm, in, out, len, cctx->str) - : CRYPTO_ccm128_encrypt(ccm, in, out, len)) - return -1; - cctx->tag_set = 1; - return (int)len; - } else { - int rv = -1; - if (cctx->str ? !CRYPTO_ccm128_decrypt_ccm64(ccm, in, out, len, - cctx->str) - : !CRYPTO_ccm128_decrypt(ccm, in, out, len)) { - unsigned char tag[16]; - if (CRYPTO_ccm128_tag(ccm, tag, cctx->M)) { - if (!CRYPTO_memcmp(tag, EVP_CIPHER_CTX_buf_noconst(ctx), - cctx->M)) - rv = (int)len; - } - } - if (rv == -1) - OPENSSL_cleanse(out, len); - cctx->iv_set = 0; - cctx->tag_set = 0; - cctx->len_set = 0; - return rv; - } -} - -#define aria_ccm_cleanup NULL +BLOCK_CIPHER_generic(NID_aria, 192, 1, 16, ctr, ctr, CTR, 0) +BLOCK_CIPHER_generic(NID_aria, 256, 1, 16, ctr, ctr, CTR, 0) #define ARIA_AUTH_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 \ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ @@ -766,11 +80,11 @@ static int aria_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 1, keylen / 8, 12, \ ARIA_AUTH_FLAGS | EVP_CIPH_##MODE##_MODE, \ EVP_ORIG_GLOBAL, \ - aria_##mode##_init_key, \ - aria_##mode##_cipher, \ - aria_##mode##_cleanup, \ - sizeof(EVP_ARIA_##MODE##_CTX), \ - NULL, NULL, aria_##mode##_ctrl, NULL \ + NULL, \ + NULL, \ + NULL, \ + 0, \ + NULL, NULL, NULL, NULL \ }; \ const EVP_CIPHER *EVP_aria_##keylen##_##mode(void) \ { \ @@ -778,11 +92,11 @@ static int aria_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } BLOCK_CIPHER_aead(128, gcm, GCM) - BLOCK_CIPHER_aead(192, gcm, GCM) - BLOCK_CIPHER_aead(256, gcm, GCM) +BLOCK_CIPHER_aead(192, gcm, GCM) +BLOCK_CIPHER_aead(256, gcm, GCM) - BLOCK_CIPHER_aead(128, ccm, CCM) - BLOCK_CIPHER_aead(192, ccm, CCM) - BLOCK_CIPHER_aead(256, ccm, CCM) +BLOCK_CIPHER_aead(128, ccm, CCM) +BLOCK_CIPHER_aead(192, ccm, CCM) +BLOCK_CIPHER_aead(256, ccm, CCM) #endif diff --git a/crypto/evp/e_bf.c b/crypto/evp/e_bf.c index 8cac877e91c..3c73be0e45c 100644 --- a/crypto/evp/e_bf.c +++ b/crypto/evp/e_bf.c @@ -7,12 +7,6 @@ * https://www.openssl.org/source/license.html */ -/* - * BF low level APIs are deprecated for public use, but still ok for internal - * use. - */ -#include "internal/deprecated.h" - #include #include "internal/cryptlib.h" #ifndef OPENSSL_NO_BF @@ -22,28 +16,7 @@ #include #include "evp_local.h" -static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); - -typedef struct { - BF_KEY ks; -} EVP_BF_KEY; - -#define data(ctx) EVP_C_DATA(EVP_BF_KEY, ctx) - IMPLEMENT_BLOCK_CIPHER(bf, ks, BF, EVP_BF_KEY, NID_bf, 8, 16, 8, 64, - EVP_CIPH_VARIABLE_LENGTH, bf_init_key, NULL, - EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) - -static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - int len = EVP_CIPHER_CTX_get_key_length(ctx); - - if (len < 0) - return 0; - BF_set_key(&data(ctx)->ks, len, key); - return 1; -} - + EVP_CIPH_VARIABLE_LENGTH, NULL, NULL, + NULL, NULL, NULL) #endif diff --git a/crypto/evp/e_camellia.c b/crypto/evp/e_camellia.c index c994bb395d8..72d692c139b 100644 --- a/crypto/evp/e_camellia.c +++ b/crypto/evp/e_camellia.c @@ -7,12 +7,6 @@ * https://www.openssl.org/source/license.html */ -/* - * Camellia low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - #include #include @@ -25,155 +19,15 @@ #include "crypto/cmll_platform.h" #include "evp_local.h" -static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); - -/* Camellia subkey Structure */ -typedef struct { - CAMELLIA_KEY ks; - block128_f block; - union { - cbc128_f cbc; - ctr128_f ctr; - } stream; -} EVP_CAMELLIA_KEY; - -#define MAXBITCHUNK ((size_t)1 << (sizeof(size_t) * 8 - 4)) - -/* Attribute operation for Camellia */ -#define data(ctx) EVP_C_DATA(EVP_CAMELLIA_KEY, ctx) - -#if defined(AES_ASM) && (defined(__sparc) || defined(__sparc__)) -/* ---------^^^ this is not a typo, just a way to detect that - * assembler support was in general requested... */ -#include "crypto/sparc_arch.h" - -static int cmll_t4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - int ret, mode, bits; - EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *)EVP_CIPHER_CTX_get_cipher_data(ctx); - - mode = EVP_CIPHER_CTX_get_mode(ctx); - bits = EVP_CIPHER_CTX_get_key_length(ctx) * 8; - - cmll_t4_set_key(key, bits, &dat->ks); - - if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) - && !enc) { - ret = 0; - dat->block = (block128_f)cmll_t4_decrypt; - switch (bits) { - case 128: - dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? (cbc128_f)cmll128_t4_cbc_decrypt : NULL; - break; - case 192: - case 256: - dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? (cbc128_f)cmll256_t4_cbc_decrypt : NULL; - break; - default: - ret = -1; - } - } else { - ret = 0; - dat->block = (block128_f)cmll_t4_encrypt; - switch (bits) { - case 128: - if (mode == EVP_CIPH_CBC_MODE) - dat->stream.cbc = (cbc128_f)cmll128_t4_cbc_encrypt; - else if (mode == EVP_CIPH_CTR_MODE) - dat->stream.ctr = (ctr128_f)cmll128_t4_ctr32_encrypt; - else - dat->stream.cbc = NULL; - break; - case 192: - case 256: - if (mode == EVP_CIPH_CBC_MODE) - dat->stream.cbc = (cbc128_f)cmll256_t4_cbc_encrypt; - else if (mode == EVP_CIPH_CTR_MODE) - dat->stream.ctr = (ctr128_f)cmll256_t4_ctr32_encrypt; - else - dat->stream.cbc = NULL; - break; - default: - ret = -1; - } - } - - if (ret < 0) { - ERR_raise(ERR_LIB_EVP, EVP_R_CAMELLIA_KEY_SETUP_FAILED); - return 0; - } - - return 1; -} - -#define cmll_t4_cbc_cipher camellia_cbc_cipher -static int cmll_t4_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len); - -#define cmll_t4_ecb_cipher camellia_ecb_cipher -static int cmll_t4_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len); - -#define cmll_t4_ofb_cipher camellia_ofb_cipher -static int cmll_t4_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len); - -#define cmll_t4_cfb_cipher camellia_cfb_cipher -static int cmll_t4_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len); - -#define cmll_t4_cfb8_cipher camellia_cfb8_cipher -static int cmll_t4_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len); - -#define cmll_t4_cfb1_cipher camellia_cfb1_cipher -static int cmll_t4_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len); - -#define cmll_t4_ctr_cipher camellia_ctr_cipher -static int cmll_t4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len); - -#define BLOCK_CIPHER_generic(nid, keylen, blocksize, ivlen, nmode, mode, MODE, flags) \ - static const EVP_CIPHER cmll_t4_##keylen##_##mode = { \ - nid##_##keylen##_##nmode, blocksize, keylen / 8, ivlen, \ - flags | EVP_CIPH_##MODE##_MODE, \ - EVP_ORIG_GLOBAL, \ - cmll_t4_init_key, \ - cmll_t4_##mode##_cipher, \ - NULL, \ - sizeof(EVP_CAMELLIA_KEY), \ - NULL, NULL, NULL, NULL \ - }; \ - static const EVP_CIPHER camellia_##keylen##_##mode = { \ - nid##_##keylen##_##nmode, blocksize, \ - keylen / 8, ivlen, \ - flags | EVP_CIPH_##MODE##_MODE, \ - EVP_ORIG_GLOBAL, \ - camellia_init_key, \ - camellia_##mode##_cipher, \ - NULL, \ - sizeof(EVP_CAMELLIA_KEY), \ - NULL, NULL, NULL, NULL \ - }; \ - const EVP_CIPHER *EVP_camellia_##keylen##_##mode(void) \ - { \ - return SPARC_CMLL_CAPABLE ? &cmll_t4_##keylen##_##mode : &camellia_##keylen##_##mode; \ - } - -#else - #define BLOCK_CIPHER_generic(nid, keylen, blocksize, ivlen, nmode, mode, MODE, flags) \ static const EVP_CIPHER camellia_##keylen##_##mode = { \ nid##_##keylen##_##nmode, blocksize, keylen / 8, ivlen, \ flags | EVP_CIPH_##MODE##_MODE, \ EVP_ORIG_GLOBAL, \ - camellia_init_key, \ - camellia_##mode##_cipher, \ NULL, \ - sizeof(EVP_CAMELLIA_KEY), \ + NULL, \ + NULL, \ + 0, \ NULL, NULL, NULL, NULL \ }; \ const EVP_CIPHER *EVP_camellia_##keylen##_##mode(void) \ @@ -181,171 +35,15 @@ static int cmll_t4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, return &camellia_##keylen##_##mode; \ } -#endif - -#define BLOCK_CIPHER_generic_pack(nid, keylen, flags) \ - BLOCK_CIPHER_generic(nid, keylen, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, keylen, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb1, cfb1, CFB, flags) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb8, cfb8, CFB, flags) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags) - -/* The subkey for Camellia is generated. */ -static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - int ret, mode; - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY, ctx); - - ret = Camellia_set_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8, - &dat->ks); - if (ret < 0) { - ERR_raise(ERR_LIB_EVP, EVP_R_CAMELLIA_KEY_SETUP_FAILED); - return 0; - } - - mode = EVP_CIPHER_CTX_get_mode(ctx); - if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) - && !enc) { - dat->block = (block128_f)Camellia_decrypt; - dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? (cbc128_f)Camellia_cbc_encrypt : NULL; - } else { - dat->block = (block128_f)Camellia_encrypt; - dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? (cbc128_f)Camellia_cbc_encrypt : NULL; - } - - return 1; -} - -static int camellia_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY, ctx); - - if (dat->stream.cbc) - (*dat->stream.cbc)(in, out, len, &dat->ks, ctx->iv, - EVP_CIPHER_CTX_is_encrypting(ctx)); - else if (EVP_CIPHER_CTX_is_encrypting(ctx)) - CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv, dat->block); - else - CRYPTO_cbc128_decrypt(in, out, len, &dat->ks, ctx->iv, dat->block); - - return 1; -} - -static int camellia_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - size_t bl = EVP_CIPHER_CTX_get_block_size(ctx); - size_t i; - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY, ctx); - - if (len < bl) - return 1; - - for (i = 0, len -= bl; i <= len; i += bl) - (*dat->block)(in + i, out + i, &dat->ks); - - return 1; -} - -static int camellia_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY, ctx); - - int num = EVP_CIPHER_CTX_get_num(ctx); - CRYPTO_ofb128_encrypt(in, out, len, &dat->ks, ctx->iv, &num, dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); - return 1; -} - -static int camellia_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY, ctx); - - int num = EVP_CIPHER_CTX_get_num(ctx); - CRYPTO_cfb128_encrypt(in, out, len, &dat->ks, ctx->iv, &num, - EVP_CIPHER_CTX_is_encrypting(ctx), dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); - return 1; -} - -static int camellia_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY, ctx); - - int num = EVP_CIPHER_CTX_get_num(ctx); - CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks, ctx->iv, &num, - EVP_CIPHER_CTX_is_encrypting(ctx), dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); - return 1; -} - -static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY, ctx); - - if (EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS)) { - int num = EVP_CIPHER_CTX_get_num(ctx); - CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks, ctx->iv, &num, - EVP_CIPHER_CTX_is_encrypting(ctx), - dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); - return 1; - } - - while (len >= MAXBITCHUNK) { - int num = EVP_CIPHER_CTX_get_num(ctx); - CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks, - ctx->iv, &num, - EVP_CIPHER_CTX_is_encrypting(ctx), - dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); - len -= MAXBITCHUNK; - out += MAXBITCHUNK; - in += MAXBITCHUNK; - } - if (len) { - int num = EVP_CIPHER_CTX_get_num(ctx); - CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks, - ctx->iv, &num, - EVP_CIPHER_CTX_is_encrypting(ctx), - dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); - } - - return 1; -} - -static int camellia_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - int snum = EVP_CIPHER_CTX_get_num(ctx); - unsigned int num; - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY, ctx); - - if (snum < 0) - return 0; - num = snum; - if (dat->stream.ctr) - CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks, ctx->iv, - EVP_CIPHER_CTX_buf_noconst(ctx), - &num, - dat->stream.ctr); - else - CRYPTO_ctr128_encrypt(in, out, len, &dat->ks, ctx->iv, - EVP_CIPHER_CTX_buf_noconst(ctx), &num, - dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); - return 1; -} +#define BLOCK_CIPHER_generic_pack(nid, keylen, flags) \ + BLOCK_CIPHER_generic(nid, keylen, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, keylen, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, keylen, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb1, cfb1, CFB, flags) \ + BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb8, cfb8, CFB, flags) \ + BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags) BLOCK_CIPHER_generic_pack(NID_camellia, 128, 0) - BLOCK_CIPHER_generic_pack(NID_camellia, 192, 0) - BLOCK_CIPHER_generic_pack(NID_camellia, 256, 0) +BLOCK_CIPHER_generic_pack(NID_camellia, 192, 0) +BLOCK_CIPHER_generic_pack(NID_camellia, 256, 0) diff --git a/crypto/evp/e_cast.c b/crypto/evp/e_cast.c index f45469e8212..ade66b5b98f 100644 --- a/crypto/evp/e_cast.c +++ b/crypto/evp/e_cast.c @@ -7,12 +7,6 @@ * https://www.openssl.org/source/license.html */ -/* - * CAST low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - #include #include "internal/cryptlib.h" @@ -23,29 +17,9 @@ #include #include "evp_local.h" -static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); - -typedef struct { - CAST_KEY ks; -} EVP_CAST_KEY; - -#define data(ctx) EVP_C_DATA(EVP_CAST_KEY, ctx) - IMPLEMENT_BLOCK_CIPHER(cast5, ks, CAST, EVP_CAST_KEY, NID_cast5, 8, CAST_KEY_LENGTH, 8, 64, - EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL, - EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) - -static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - int keylen = EVP_CIPHER_CTX_get_key_length(ctx); - - if (keylen <= 0) - return 0; - CAST_set_key(&data(ctx)->ks, keylen, key); - return 1; -} + EVP_CIPH_VARIABLE_LENGTH, NULL, NULL, + NULL, NULL, NULL) #endif diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c index b8d10829c25..3125154eaab 100644 --- a/crypto/evp/e_des.c +++ b/crypto/evp/e_des.c @@ -6,13 +6,6 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ - -/* - * DES low level APIs are deprecated for public use, but still ok for internal - * use. - */ -#include "internal/deprecated.h" - #include #include "internal/cryptlib.h" #ifndef OPENSSL_NO_DES @@ -23,223 +16,16 @@ #include #include "evp_local.h" -typedef struct { - union { - OSSL_UNION_ALIGN; - DES_key_schedule ks; - } ks; - union { - void (*cbc)(const void *, void *, size_t, - const DES_key_schedule *, unsigned char *); - } stream; -} EVP_DES_KEY; - -#if defined(AES_ASM) && (defined(__sparc) || defined(__sparc__)) -/* ----------^^^ this is not a typo, just a way to detect that - * assembler support was in general requested... */ -#include "crypto/sparc_arch.h" - -#define SPARC_DES_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_DES) - -void des_t4_key_expand(const void *key, DES_key_schedule *ks); -void des_t4_cbc_encrypt(const void *inp, void *out, size_t len, - const DES_key_schedule *ks, unsigned char iv[8]); -void des_t4_cbc_decrypt(const void *inp, void *out, size_t len, - const DES_key_schedule *ks, unsigned char iv[8]); -#endif - -static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); - -/* - * Because of various casts and different names can't use - * IMPLEMENT_BLOCK_CIPHER - */ - -static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - BLOCK_CIPHER_ecb_loop() - DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), - EVP_CIPHER_CTX_get_cipher_data(ctx), - EVP_CIPHER_CTX_is_encrypting(ctx)); - return 1; -} - -static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - int num = EVP_CIPHER_CTX_get_num(ctx); - DES_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)ctx->iv, &num); - EVP_CIPHER_CTX_set_num(ctx, num); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - if (inl) { - int num = EVP_CIPHER_CTX_get_num(ctx); - DES_ofb64_encrypt(in, out, (long)inl, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)ctx->iv, &num); - EVP_CIPHER_CTX_set_num(ctx, num); - } - return 1; -} - -static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - EVP_DES_KEY *dat = (EVP_DES_KEY *)EVP_CIPHER_CTX_get_cipher_data(ctx); - - if (dat->stream.cbc != NULL) { - (*dat->stream.cbc)(in, out, inl, &dat->ks.ks, ctx->iv); - return 1; - } - while (inl >= EVP_MAXCHUNK) { - DES_ncbc_encrypt(in, out, (long)EVP_MAXCHUNK, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)ctx->iv, - EVP_CIPHER_CTX_is_encrypting(ctx)); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - if (inl) - DES_ncbc_encrypt(in, out, (long)inl, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)ctx->iv, - EVP_CIPHER_CTX_is_encrypting(ctx)); - return 1; -} - -static int des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - int num = EVP_CIPHER_CTX_get_num(ctx); - DES_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)ctx->iv, &num, - EVP_CIPHER_CTX_is_encrypting(ctx)); - EVP_CIPHER_CTX_set_num(ctx, num); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - if (inl) { - int num = EVP_CIPHER_CTX_get_num(ctx); - DES_cfb64_encrypt(in, out, (long)inl, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)ctx->iv, &num, - EVP_CIPHER_CTX_is_encrypting(ctx)); - EVP_CIPHER_CTX_set_num(ctx, num); - } - return 1; -} - -/* - * Although we have a CFB-r implementation for DES, it doesn't pack the right - * way, so wrap it here - */ -static int des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - size_t n, chunk = EVP_MAXCHUNK / 8; - unsigned char c[1]; - unsigned char d[1] = { 0 }; /* Appease Coverity */ - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - for (n = 0; n < chunk * 8; ++n) { - c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0; - DES_cfb_encrypt(c, d, 1, 1, EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)ctx->iv, - EVP_CIPHER_CTX_is_encrypting(ctx)); - out[n / 8] = (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) | ((d[0] & 0x80) >> (unsigned int)(n % 8)); - } - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - DES_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)ctx->iv, - EVP_CIPHER_CTX_is_encrypting(ctx)); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - if (inl) - DES_cfb_encrypt(in, out, 8, (long)inl, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)ctx->iv, - EVP_CIPHER_CTX_is_encrypting(ctx)); - return 1; -} - BLOCK_CIPHER_defs(des, EVP_DES_KEY, NID_des, 8, 8, 8, 64, - EVP_CIPH_RAND_KEY, des_init_key, NULL, - EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl) - - BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 1, - EVP_CIPH_RAND_KEY, des_init_key, NULL, - EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl) - - BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 8, - EVP_CIPH_RAND_KEY, des_init_key, NULL, - EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl) - - static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - DES_cblock *deskey = (DES_cblock *)key; - EVP_DES_KEY *dat = (EVP_DES_KEY *)EVP_CIPHER_CTX_get_cipher_data(ctx); - - dat->stream.cbc = NULL; -#if defined(SPARC_DES_CAPABLE) - if (SPARC_DES_CAPABLE) { - int mode = EVP_CIPHER_CTX_get_mode(ctx); - - if (mode == EVP_CIPH_CBC_MODE) { - des_t4_key_expand(key, &dat->ks.ks); - dat->stream.cbc = enc ? des_t4_cbc_encrypt : des_t4_cbc_decrypt; - return 1; - } - } -#endif - DES_set_key_unchecked(deskey, EVP_CIPHER_CTX_get_cipher_data(ctx)); - return 1; -} - -static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) -{ + EVP_CIPH_RAND_KEY, NULL, NULL, + NULL, NULL, NULL) - switch (type) { - case EVP_CTRL_RAND_KEY: - if (RAND_priv_bytes(ptr, 8) <= 0) - return 0; - DES_set_odd_parity((DES_cblock *)ptr); - return 1; +BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 1, + EVP_CIPH_RAND_KEY, NULL, NULL, + NULL, NULL, NULL) - default: - return -1; - } -} +BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 8, + EVP_CIPH_RAND_KEY, NULL, NULL, + NULL, NULL, NULL) #endif diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index 7a674cc7187..40b2da81a11 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -7,295 +7,30 @@ * https://www.openssl.org/source/license.html */ -/* - * DES low level APIs are deprecated for public use, but still ok for internal - * use. - */ -#include "internal/deprecated.h" - #include #include "internal/cryptlib.h" #ifndef OPENSSL_NO_DES #include #include "crypto/evp.h" -#include "crypto/sha.h" #include #include #include "evp_local.h" -typedef struct { - union { - OSSL_UNION_ALIGN; - DES_key_schedule ks[3]; - } ks; - union { - void (*cbc)(const void *, void *, size_t, - const DES_key_schedule *, unsigned char *); - } stream; -} DES_EDE_KEY; -#define ks1 ks.ks[0] -#define ks2 ks.ks[1] -#define ks3 ks.ks[2] - -#if defined(AES_ASM) && (defined(__sparc) || defined(__sparc__)) -/* ---------^^^ this is not a typo, just a way to detect that - * assembler support was in general requested... */ -#include "crypto/sparc_arch.h" - -#define SPARC_DES_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_DES) - -void des_t4_key_expand(const void *key, DES_key_schedule *ks); -void des_t4_ede3_cbc_encrypt(const void *inp, void *out, size_t len, - const DES_key_schedule ks[3], unsigned char iv[8]); -void des_t4_ede3_cbc_decrypt(const void *inp, void *out, size_t len, - const DES_key_schedule ks[3], unsigned char iv[8]); -#endif - -static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); - -static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); - -static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); - -#define data(ctx) EVP_C_DATA(DES_EDE_KEY, ctx) - -/* - * Because of various casts and different args can't use - * IMPLEMENT_BLOCK_CIPHER - */ - -static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - BLOCK_CIPHER_ecb_loop() - DES_ecb3_encrypt((const_DES_cblock *)(in + i), - (DES_cblock *)(out + i), - &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, EVP_CIPHER_CTX_is_encrypting(ctx)); - return 1; -} - -static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - int num = EVP_CIPHER_CTX_get_num(ctx); - DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, - &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, - (DES_cblock *)ctx->iv, - &num); - EVP_CIPHER_CTX_set_num(ctx, num); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - if (inl) { - int num = EVP_CIPHER_CTX_get_num(ctx); - DES_ede3_ofb64_encrypt(in, out, (long)inl, - &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, - (DES_cblock *)ctx->iv, - &num); - EVP_CIPHER_CTX_set_num(ctx, num); - } - return 1; -} - -static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - DES_EDE_KEY *dat = data(ctx); - - if (dat->stream.cbc != NULL) { - (*dat->stream.cbc)(in, out, inl, dat->ks.ks, - ctx->iv); - return 1; - } - - while (inl >= EVP_MAXCHUNK) { - DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, - &dat->ks1, &dat->ks2, &dat->ks3, - (DES_cblock *)ctx->iv, - EVP_CIPHER_CTX_is_encrypting(ctx)); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - if (inl) - DES_ede3_cbc_encrypt(in, out, (long)inl, - &dat->ks1, &dat->ks2, &dat->ks3, - (DES_cblock *)ctx->iv, - EVP_CIPHER_CTX_is_encrypting(ctx)); - return 1; -} - -static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - int num = EVP_CIPHER_CTX_get_num(ctx); - DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, - &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, (DES_cblock *)ctx->iv, - &num, EVP_CIPHER_CTX_is_encrypting(ctx)); - EVP_CIPHER_CTX_set_num(ctx, num); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - if (inl) { - int num = EVP_CIPHER_CTX_get_num(ctx); - DES_ede3_cfb64_encrypt(in, out, (long)inl, - &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, (DES_cblock *)ctx->iv, - &num, EVP_CIPHER_CTX_is_encrypting(ctx)); - EVP_CIPHER_CTX_set_num(ctx, num); - } - return 1; -} - -/* - * Although we have a CFB-r implementation for 3-DES, it doesn't pack the - * right way, so wrap it here - */ -static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - size_t n; - unsigned char c[1]; - unsigned char d[1] = { 0 }; /* Appease Coverity */ - - if (!EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS)) - inl *= 8; - for (n = 0; n < inl; ++n) { - c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0; - DES_ede3_cfb_encrypt(c, d, 1, 1, - &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, (DES_cblock *)ctx->iv, - EVP_CIPHER_CTX_is_encrypting(ctx)); - out[n / 8] = (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) - | ((d[0] & 0x80) >> (unsigned int)(n % 8)); - } - - return 1; -} - -static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - DES_ede3_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK, - &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, (DES_cblock *)ctx->iv, - EVP_CIPHER_CTX_is_encrypting(ctx)); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - if (inl) - DES_ede3_cfb_encrypt(in, out, 8, (long)inl, - &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, (DES_cblock *)ctx->iv, - EVP_CIPHER_CTX_is_encrypting(ctx)); - return 1; -} - BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, - des_ede_init_key, NULL, NULL, NULL, des3_ctrl) -#define des_ede3_cfb64_cipher des_ede_cfb64_cipher -#define des_ede3_ofb_cipher des_ede_ofb_cipher -#define des_ede3_cbc_cipher des_ede_cbc_cipher -#define des_ede3_ecb_cipher des_ede_ecb_cipher - BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, - EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, - des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) - - BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1, - EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, - des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) - - BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8, - EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, - des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) - - static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - DES_cblock *deskey = (DES_cblock *)key; - DES_EDE_KEY *dat = data(ctx); + NULL, NULL, NULL, NULL, NULL) - dat->stream.cbc = NULL; -#if defined(SPARC_DES_CAPABLE) - if (SPARC_DES_CAPABLE) { - int mode = EVP_CIPHER_CTX_get_mode(ctx); - - if (mode == EVP_CIPH_CBC_MODE) { - des_t4_key_expand(&deskey[0], &dat->ks1); - des_t4_key_expand(&deskey[1], &dat->ks2); - memcpy(&dat->ks3, &dat->ks1, sizeof(dat->ks1)); - dat->stream.cbc = enc ? des_t4_ede3_cbc_encrypt : des_t4_ede3_cbc_decrypt; - return 1; - } - } -#endif - DES_set_key_unchecked(&deskey[0], &dat->ks1); - DES_set_key_unchecked(&deskey[1], &dat->ks2); - memcpy(&dat->ks3, &dat->ks1, sizeof(dat->ks1)); - return 1; -} - -static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - DES_cblock *deskey = (DES_cblock *)key; - DES_EDE_KEY *dat = data(ctx); - - dat->stream.cbc = NULL; -#if defined(SPARC_DES_CAPABLE) - if (SPARC_DES_CAPABLE) { - int mode = EVP_CIPHER_CTX_get_mode(ctx); - - if (mode == EVP_CIPH_CBC_MODE) { - des_t4_key_expand(&deskey[0], &dat->ks1); - des_t4_key_expand(&deskey[1], &dat->ks2); - des_t4_key_expand(&deskey[2], &dat->ks3); - dat->stream.cbc = enc ? des_t4_ede3_cbc_encrypt : des_t4_ede3_cbc_decrypt; - return 1; - } - } -#endif - DES_set_key_unchecked(&deskey[0], &dat->ks1); - DES_set_key_unchecked(&deskey[1], &dat->ks2); - DES_set_key_unchecked(&deskey[2], &dat->ks3); - return 1; -} - -static int des3_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) -{ - - DES_cblock *deskey = ptr; - int kl; +BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, + EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, + NULL, NULL, NULL, NULL, NULL) - switch (type) { - case EVP_CTRL_RAND_KEY: - kl = EVP_CIPHER_CTX_get_key_length(ctx); - if (kl < 0 || RAND_priv_bytes(ptr, kl) <= 0) - return 0; - DES_set_odd_parity(deskey); - if (kl >= 16) - DES_set_odd_parity(deskey + 1); - if (kl >= 24) - DES_set_odd_parity(deskey + 2); - return 1; +BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1, + EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, + NULL, NULL, NULL, NULL, des3_NULLctrl) - default: - return -1; - } -} +BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8, + EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, + NULL, NULL, NULL, NULL, NULL) const EVP_CIPHER *EVP_des_ede(void) { @@ -307,113 +42,15 @@ const EVP_CIPHER *EVP_des_ede3(void) return &des_ede3_ecb; } -#include - -static const unsigned char wrap_iv[8] = { - 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 -}; - -static int des_ede3_unwrap(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - unsigned char icv[8], iv[8], sha1tmp[SHA_DIGEST_LENGTH]; - int rv = -1; - - if (inl < 24) - return -1; - if (out == NULL) - return (int)(inl - 16); - memcpy(ctx->iv, wrap_iv, 8); - /* Decrypt first block which will end up as icv */ - des_ede_cbc_cipher(ctx, icv, in, 8); - /* Decrypt central blocks */ - /* - * If decrypting in place move whole output along a block so the next - * des_ede_cbc_cipher is in place. - */ - if (out == in) { - memmove(out, out + 8, inl - 8); - in -= 8; - } - des_ede_cbc_cipher(ctx, out, in + 8, inl - 16); - /* Decrypt final block which will be IV */ - des_ede_cbc_cipher(ctx, iv, in + inl - 8, 8); - /* Reverse order of everything */ - BUF_reverse(icv, NULL, 8); - BUF_reverse(out, NULL, inl - 16); - BUF_reverse(ctx->iv, iv, 8); - /* Decrypt again using new IV */ - des_ede_cbc_cipher(ctx, out, out, inl - 16); - des_ede_cbc_cipher(ctx, icv, icv, 8); - if (ossl_sha1(out, inl - 16, sha1tmp) /* Work out hash of first portion */ - && CRYPTO_memcmp(sha1tmp, icv, 8) == 0) - rv = (int)(inl - 16); - OPENSSL_cleanse(icv, 8); - OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH); - OPENSSL_cleanse(iv, 8); - OPENSSL_cleanse(ctx->iv, 8); - if (rv == -1) - OPENSSL_cleanse(out, inl - 16); - - return rv; -} - -static int des_ede3_wrap(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - unsigned char sha1tmp[SHA_DIGEST_LENGTH]; - if (out == NULL) - return (int)(inl + 16); - /* Copy input to output buffer + 8 so we have space for IV */ - memmove(out + 8, in, inl); - /* Work out ICV */ - if (!ossl_sha1(in, inl, sha1tmp)) - return -1; - memcpy(out + inl + 8, sha1tmp, 8); - OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH); - /* Generate random IV */ - if (RAND_bytes(ctx->iv, 8) <= 0) - return -1; - memcpy(out, ctx->iv, 8); - /* Encrypt everything after IV in place */ - des_ede_cbc_cipher(ctx, out + 8, out + 8, inl + 8); - BUF_reverse(out, NULL, inl + 16); - memcpy(ctx->iv, wrap_iv, 8); - des_ede_cbc_cipher(ctx, out, out, inl + 16); - return (int)(inl + 16); -} - -static int des_ede3_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - /* - * Sanity check input length: we typically only wrap keys so EVP_MAXCHUNK - * is more than will ever be needed. Also input length must be a multiple - * of 8 bits. - */ - if (inl >= EVP_MAXCHUNK || inl % 8) - return -1; - - if (ossl_is_partially_overlapping(out, in, (int)inl)) { - ERR_raise(ERR_LIB_EVP, EVP_R_PARTIALLY_OVERLAPPING); - return 0; - } - - if (EVP_CIPHER_CTX_is_encrypting(ctx)) - return des_ede3_wrap(ctx, out, in, inl); - else - return des_ede3_unwrap(ctx, out, in, inl); -} - static const EVP_CIPHER des3_wrap = { NID_id_smime_alg_CMS3DESwrap, 8, 24, 0, EVP_CIPH_WRAP_MODE | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1, EVP_ORIG_GLOBAL, - des_ede3_init_key, des_ede3_wrap_cipher, + NULL, NULL, NULL, - sizeof(DES_EDE_KEY), + 0, NULL, NULL, NULL, NULL }; diff --git a/crypto/evp/e_idea.c b/crypto/evp/e_idea.c index 0371094fe3b..70b65bb3a0b 100644 --- a/crypto/evp/e_idea.c +++ b/crypto/evp/e_idea.c @@ -7,13 +7,6 @@ * https://www.openssl.org/source/license.html */ -/* - * IDEA low level APIs are deprecated for public use, but still ok for internal - * use where we're using them to implement the higher level EVP interface, as is - * the case here. - */ -#include "internal/deprecated.h" - #include #include "internal/cryptlib.h" @@ -24,55 +17,8 @@ #include #include "evp_local.h" -/* Can't use IMPLEMENT_BLOCK_CIPHER because IDEA_ecb_encrypt is different */ - -typedef struct { - IDEA_KEY_SCHEDULE ks; -} EVP_IDEA_KEY; - -static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); - -/* - * NB IDEA_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a - * special case - */ - -static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - BLOCK_CIPHER_ecb_loop() - IDEA_ecb_encrypt(in + i, out + i, &EVP_C_DATA(EVP_IDEA_KEY, ctx)->ks); - return 1; -} - -BLOCK_CIPHER_func_cbc(idea, IDEA, EVP_IDEA_KEY, ks) - BLOCK_CIPHER_func_ofb(idea, IDEA, 64, EVP_IDEA_KEY, ks) - BLOCK_CIPHER_func_cfb(idea, IDEA, 64, EVP_IDEA_KEY, ks) - - BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64, - 0, idea_init_key, NULL, - EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) - - static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - if (!enc) { - if (EVP_CIPHER_CTX_get_mode(ctx) == EVP_CIPH_OFB_MODE) - enc = 1; - else if (EVP_CIPHER_CTX_get_mode(ctx) == EVP_CIPH_CFB_MODE) - enc = 1; - } - if (enc) - IDEA_set_encrypt_key(key, &EVP_C_DATA(EVP_IDEA_KEY, ctx)->ks); - else { - IDEA_KEY_SCHEDULE tmp; - - IDEA_set_encrypt_key(key, &tmp); - IDEA_set_decrypt_key(&tmp, &EVP_C_DATA(EVP_IDEA_KEY, ctx)->ks); - OPENSSL_cleanse((unsigned char *)&tmp, sizeof(IDEA_KEY_SCHEDULE)); - } - return 1; -} +BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64, + 0, NULL, NULL, + NULL, NULL, NULL) #endif diff --git a/crypto/evp/e_rc2.c b/crypto/evp/e_rc2.c index 88e359bd44e..6aee5fd97ab 100644 --- a/crypto/evp/e_rc2.c +++ b/crypto/evp/e_rc2.c @@ -6,13 +6,6 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ - -/* - * RC2 low level APIs are deprecated for public use, but still ok for internal - * use. - */ -#include "internal/deprecated.h" - #include #include "internal/cryptlib.h" @@ -24,43 +17,26 @@ #include #include "evp_local.h" -static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx); -static int rc2_magic_to_meth(int i); -static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); -static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); -static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); - -typedef struct { - int key_bits; /* effective key bits */ - RC2_KEY ks; /* key schedule */ -} EVP_RC2_KEY; - -#define data(ctx) EVP_C_DATA(EVP_RC2_KEY, ctx) - IMPLEMENT_BLOCK_CIPHER(rc2, ks, RC2, EVP_RC2_KEY, NID_rc2, 8, RC2_KEY_LENGTH, 8, 64, EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, - rc2_init_key, NULL, - rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv, - rc2_ctrl) -#define RC2_40_MAGIC 0xa0 -#define RC2_64_MAGIC 0x78 -#define RC2_128_MAGIC 0x3a + NULL, NULL, + NULL, NULL, + NULL) + static const EVP_CIPHER r2_64_cbc_cipher = { NID_rc2_64_cbc, 8, 8 /* 64 bit */, 8, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, EVP_ORIG_GLOBAL, - rc2_init_key, - rc2_cbc_cipher, NULL, - sizeof(EVP_RC2_KEY), - rc2_set_asn1_type_and_iv, - rc2_get_asn1_type_and_iv, - rc2_ctrl, + NULL, + NULL, + 0, + NULL, + NULL, + NULL, NULL }; @@ -69,13 +45,13 @@ static const EVP_CIPHER r2_40_cbc_cipher = { 8, 5 /* 40 bit */, 8, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, EVP_ORIG_GLOBAL, - rc2_init_key, - rc2_cbc_cipher, NULL, - sizeof(EVP_RC2_KEY), - rc2_set_asn1_type_and_iv, - rc2_get_asn1_type_and_iv, - rc2_ctrl, + NULL, + NULL, + 0, + NULL, + NULL, + NULL, NULL }; @@ -89,111 +65,4 @@ const EVP_CIPHER *EVP_rc2_40_cbc(void) return &r2_40_cbc_cipher; } -static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - RC2_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_get_key_length(ctx), - key, data(ctx)->key_bits); - return 1; -} - -static int rc2_meth_to_magic(EVP_CIPHER_CTX *e) -{ - int i; - - if (EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i) <= 0) - return 0; - if (i == 128) - return RC2_128_MAGIC; - else if (i == 64) - return RC2_64_MAGIC; - else if (i == 40) - return RC2_40_MAGIC; - else - return 0; -} - -static int rc2_magic_to_meth(int i) -{ - if (i == RC2_128_MAGIC) - return 128; - else if (i == RC2_64_MAGIC) - return 64; - else if (i == RC2_40_MAGIC) - return 40; - else { - ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_SIZE); - return 0; - } -} - -static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) -{ - long num = 0; - int i = 0; - int key_bits; - unsigned int l; - unsigned char iv[EVP_MAX_IV_LENGTH]; - - if (type != NULL) { - l = EVP_CIPHER_CTX_get_iv_length(c); - OPENSSL_assert(l <= sizeof(iv)); - i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l); - if (i != (int)l) - return -1; - key_bits = rc2_magic_to_meth((int)num); - if (!key_bits) - return -1; - if (i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1)) - return -1; - if (EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, - NULL) - <= 0 - || EVP_CIPHER_CTX_set_key_length(c, key_bits / 8) <= 0) - return -1; - } - return i; -} - -static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) -{ - long num; - int i = 0, j; - - if (type != NULL) { - num = rc2_meth_to_magic(c); - j = EVP_CIPHER_CTX_get_iv_length(c); - i = ASN1_TYPE_set_int_octetstring(type, num, c->oiv, j); - } - return i; -} - -static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) -{ - switch (type) { - case EVP_CTRL_INIT: - data(c)->key_bits = EVP_CIPHER_CTX_get_key_length(c) * 8; - return 1; - - case EVP_CTRL_GET_RC2_KEY_BITS: - *(int *)ptr = data(c)->key_bits; - return 1; - - case EVP_CTRL_SET_RC2_KEY_BITS: - if (arg > 0) { - data(c)->key_bits = arg; - return 1; - } - return 0; -#ifdef PBE_PRF_TEST - case EVP_CTRL_PBE_PRF_NID: - *(int *)ptr = NID_hmacWithMD5; - return 1; -#endif - - default: - return -1; - } -} - #endif diff --git a/crypto/evp/e_seed.c b/crypto/evp/e_seed.c index a88cab02941..6ac6f0451bf 100644 --- a/crypto/evp/e_seed.c +++ b/crypto/evp/e_seed.c @@ -7,12 +7,6 @@ * https://www.openssl.org/source/license.html */ -/* - * SEED low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - #include #include #include @@ -22,20 +16,6 @@ #include "crypto/evp.h" #include "evp_local.h" -static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); - -typedef struct { - SEED_KEY_SCHEDULE ks; -} EVP_SEED_KEY; - IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed, 16, 16, 16, 128, EVP_CIPH_FLAG_DEFAULT_ASN1, - seed_init_key, 0, 0, 0, 0) - -static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - SEED_set_key(key, &EVP_C_DATA(EVP_SEED_KEY, ctx)->ks); - return 1; -} + NULL, 0, 0, 0, 0) diff --git a/crypto/evp/e_sm4.c b/crypto/evp/e_sm4.c index f833e755162..2ce538f3a00 100644 --- a/crypto/evp/e_sm4.c +++ b/crypto/evp/e_sm4.c @@ -20,28 +20,15 @@ #include "crypto/sm4_platform.h" #include "evp_local.h" -typedef struct { - union { - OSSL_UNION_ALIGN; - SM4_KEY ks; - } ks; - block128_f block; - union { - ecb128_f ecb; - cbc128_f cbc; - ctr128_f ctr; - } stream; -} EVP_SM4_KEY; - #define BLOCK_CIPHER_generic(nid, blocksize, ivlen, nmode, mode, MODE, flags) \ static const EVP_CIPHER sm4_##mode = { \ nid##_##nmode, blocksize, 128 / 8, ivlen, \ flags | EVP_CIPH_##MODE##_MODE, \ EVP_ORIG_GLOBAL, \ - sm4_init_key, \ - sm4_##mode##_cipher, \ NULL, \ - sizeof(EVP_SM4_KEY), \ + NULL, \ + NULL, \ + 0, \ NULL, NULL, NULL, NULL \ }; \ const EVP_CIPHER *EVP_sm4_##mode(void) \ @@ -49,182 +36,12 @@ typedef struct { return &sm4_##mode; \ } -#define DEFINE_BLOCK_CIPHERS(nid, flags) \ - BLOCK_CIPHER_generic(nid, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, 1, 16, ctr, ctr, CTR, flags) - -static int sm4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - int mode; - EVP_SM4_KEY *dat = EVP_C_DATA(EVP_SM4_KEY, ctx); - - mode = EVP_CIPHER_CTX_get_mode(ctx); - if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) - && !enc) { -#ifdef HWSM4_CAPABLE - if (HWSM4_CAPABLE) { - HWSM4_set_decrypt_key(key, &dat->ks.ks); - dat->block = (block128_f)HWSM4_decrypt; - dat->stream.cbc = NULL; -#ifdef HWSM4_cbc_encrypt - if (mode == EVP_CIPH_CBC_MODE) - dat->stream.cbc = (cbc128_f)HWSM4_cbc_encrypt; -#endif -#ifdef HWSM4_ecb_encrypt - if (mode == EVP_CIPH_ECB_MODE) - dat->stream.ecb = (ecb128_f)HWSM4_ecb_encrypt; -#endif - } else -#endif -#ifdef VPSM4_CAPABLE - if (VPSM4_CAPABLE) { - vpsm4_set_decrypt_key(key, &dat->ks.ks); - dat->block = (block128_f)vpsm4_decrypt; - dat->stream.cbc = NULL; - if (mode == EVP_CIPH_CBC_MODE) - dat->stream.cbc = (cbc128_f)vpsm4_cbc_encrypt; - else if (mode == EVP_CIPH_ECB_MODE) - dat->stream.ecb = (ecb128_f)vpsm4_ecb_encrypt; - } else -#endif - { - dat->block = (block128_f)ossl_sm4_decrypt; - ossl_sm4_set_key(key, EVP_CIPHER_CTX_get_cipher_data(ctx)); - } - } else -#ifdef HWSM4_CAPABLE - if (HWSM4_CAPABLE) { - HWSM4_set_encrypt_key(key, &dat->ks.ks); - dat->block = (block128_f)HWSM4_encrypt; - dat->stream.cbc = NULL; -#ifdef HWSM4_cbc_encrypt - if (mode == EVP_CIPH_CBC_MODE) - dat->stream.cbc = (cbc128_f)HWSM4_cbc_encrypt; - else -#endif -#ifdef HWSM4_ecb_encrypt - if (mode == EVP_CIPH_ECB_MODE) - dat->stream.ecb = (ecb128_f)HWSM4_ecb_encrypt; - else -#endif -#ifdef HWSM4_ctr32_encrypt_blocks - if (mode == EVP_CIPH_CTR_MODE) - dat->stream.ctr = (ctr128_f)HWSM4_ctr32_encrypt_blocks; - else -#endif - (void)0; /* terminate potentially open 'else' */ - } else -#endif -#ifdef VPSM4_CAPABLE - if (VPSM4_CAPABLE) { - vpsm4_set_encrypt_key(key, &dat->ks.ks); - dat->block = (block128_f)vpsm4_encrypt; - dat->stream.cbc = NULL; - if (mode == EVP_CIPH_CBC_MODE) - dat->stream.cbc = (cbc128_f)vpsm4_cbc_encrypt; - else if (mode == EVP_CIPH_ECB_MODE) - dat->stream.ecb = (ecb128_f)vpsm4_ecb_encrypt; - else if (mode == EVP_CIPH_CTR_MODE) - dat->stream.ctr = (ctr128_f)vpsm4_ctr32_encrypt_blocks; - } else -#endif - { - dat->block = (block128_f)ossl_sm4_encrypt; - ossl_sm4_set_key(key, EVP_CIPHER_CTX_get_cipher_data(ctx)); - } - return 1; -} - -static int sm4_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_SM4_KEY *dat = EVP_C_DATA(EVP_SM4_KEY, ctx); - - if (dat->stream.cbc) - (*dat->stream.cbc)(in, out, len, &dat->ks.ks, ctx->iv, - EVP_CIPHER_CTX_is_encrypting(ctx)); - else if (EVP_CIPHER_CTX_is_encrypting(ctx)) - CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv, - dat->block); - else - CRYPTO_cbc128_decrypt(in, out, len, &dat->ks, - ctx->iv, dat->block); - return 1; -} - -static int sm4_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_SM4_KEY *dat = EVP_C_DATA(EVP_SM4_KEY, ctx); - int num = EVP_CIPHER_CTX_get_num(ctx); - - CRYPTO_cfb128_encrypt(in, out, len, &dat->ks, - ctx->iv, &num, - EVP_CIPHER_CTX_is_encrypting(ctx), dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); - return 1; -} - -static int sm4_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - size_t bl = EVP_CIPHER_CTX_get_block_size(ctx); - size_t i; - EVP_SM4_KEY *dat = EVP_C_DATA(EVP_SM4_KEY, ctx); - - if (len < bl) - return 1; - - if (dat->stream.ecb != NULL) - (*dat->stream.ecb)(in, out, len, &dat->ks.ks, - EVP_CIPHER_CTX_is_encrypting(ctx)); - else - for (i = 0, len -= bl; i <= len; i += bl) - (*dat->block)(in + i, out + i, &dat->ks); - - return 1; -} - -static int sm4_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_SM4_KEY *dat = EVP_C_DATA(EVP_SM4_KEY, ctx); - int num = EVP_CIPHER_CTX_get_num(ctx); - - CRYPTO_ofb128_encrypt(in, out, len, &dat->ks, - ctx->iv, &num, dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); - return 1; -} - -static int sm4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - int n = EVP_CIPHER_CTX_get_num(ctx); - unsigned int num; - EVP_SM4_KEY *dat = EVP_C_DATA(EVP_SM4_KEY, ctx); - - if (n < 0) - return 0; - num = (unsigned int)n; - - if (dat->stream.ctr) - CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks, - ctx->iv, - EVP_CIPHER_CTX_buf_noconst(ctx), - &num, dat->stream.ctr); - else - CRYPTO_ctr128_encrypt(in, out, len, &dat->ks, - ctx->iv, - EVP_CIPHER_CTX_buf_noconst(ctx), &num, - dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); - return 1; -} +#define DEFINE_BLOCK_CIPHERS(nid, flags) \ + BLOCK_CIPHER_generic(nid, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, 1, 16, ctr, ctr, CTR, flags) DEFINE_BLOCK_CIPHERS(NID_sm4, 0) #endif diff --git a/crypto/evp/e_xcbc_d.c b/crypto/evp/e_xcbc_d.c index eaa021be2cf..cb0a0ee795f 100644 --- a/crypto/evp/e_xcbc_d.c +++ b/crypto/evp/e_xcbc_d.c @@ -7,12 +7,6 @@ * https://www.openssl.org/source/license.html */ -/* - * DES low level APIs are deprecated for public use, but still ok for internal - * use. - */ -#include "internal/deprecated.h" - #include #include "internal/cryptlib.h" @@ -24,30 +18,17 @@ #include #include "evp_local.h" -static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); - -typedef struct { - DES_key_schedule ks; /* key schedule */ - DES_cblock inw; - DES_cblock outw; -} DESX_CBC_KEY; - -#define data(ctx) EVP_C_DATA(DESX_CBC_KEY, ctx) - static const EVP_CIPHER d_xcbc_cipher = { NID_desx_cbc, 8, 24, 8, EVP_CIPH_CBC_MODE, EVP_ORIG_GLOBAL, - desx_cbc_init_key, - desx_cbc_cipher, NULL, - sizeof(DESX_CBC_KEY), - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, + NULL, + NULL, + 0, + NULL, + NULL, NULL, NULL }; @@ -56,36 +37,4 @@ const EVP_CIPHER *EVP_desx_cbc(void) { return &d_xcbc_cipher; } - -static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - DES_cblock *deskey = (DES_cblock *)key; - - DES_set_key_unchecked(deskey, &data(ctx)->ks); - memcpy(&data(ctx)->inw[0], &key[8], 8); - memcpy(&data(ctx)->outw[0], &key[16], 8); - - return 1; -} - -static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - DES_xcbc_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks, - (DES_cblock *)ctx->iv, - &data(ctx)->inw, &data(ctx)->outw, - EVP_CIPHER_CTX_is_encrypting(ctx)); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - if (inl) - DES_xcbc_encrypt(in, out, (long)inl, &data(ctx)->ks, - (DES_cblock *)ctx->iv, - &data(ctx)->inw, &data(ctx)->outw, - EVP_CIPHER_CTX_is_encrypting(ctx)); - return 1; -} #endif diff --git a/include/crypto/evp.h b/include/crypto/evp.h index a787b9cc6ae..5efe4d3584f 100644 --- a/include/crypto/evp.h +++ b/include/crypto/evp.h @@ -281,93 +281,8 @@ struct evp_cipher_st { OSSL_FUNC_cipher_decrypt_skey_init_fn *dinit_skey; } /* EVP_CIPHER */; -/* Macros to code block cipher wrappers */ - -/* Wrapper functions for each cipher mode */ - -#define EVP_C_DATA(kstruct, ctx) \ - ((kstruct *)EVP_CIPHER_CTX_get_cipher_data(ctx)) - -#define BLOCK_CIPHER_ecb_loop() \ - size_t i, bl; \ - bl = EVP_CIPHER_CTX_get0_cipher(ctx)->block_size; \ - if (inl < bl) \ - return 1; \ - inl -= bl; \ - for (i = 0; i <= inl; i += bl) - -#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ - static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ - { \ - BLOCK_CIPHER_ecb_loop() \ - cprefix##_ecb_encrypt(in + i, out + i, &EVP_C_DATA(kstruct, ctx)->ksched, EVP_CIPHER_CTX_is_encrypting(ctx)); \ - return 1; \ - } - #define EVP_MAXCHUNK ((size_t)1 << 30) -#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \ - static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ - { \ - while (inl >= EVP_MAXCHUNK) { \ - int num = EVP_CIPHER_CTX_get_num(ctx); \ - cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct, ctx)->ksched, ctx->iv, &num); \ - EVP_CIPHER_CTX_set_num(ctx, num); \ - inl -= EVP_MAXCHUNK; \ - in += EVP_MAXCHUNK; \ - out += EVP_MAXCHUNK; \ - } \ - if (inl) { \ - int num = EVP_CIPHER_CTX_get_num(ctx); \ - cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct, ctx)->ksched, ctx->iv, &num); \ - EVP_CIPHER_CTX_set_num(ctx, num); \ - } \ - return 1; \ - } - -#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \ - static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ - { \ - while (inl >= EVP_MAXCHUNK) { \ - cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct, ctx)->ksched, ctx->iv, EVP_CIPHER_CTX_is_encrypting(ctx)); \ - inl -= EVP_MAXCHUNK; \ - in += EVP_MAXCHUNK; \ - out += EVP_MAXCHUNK; \ - } \ - if (inl) \ - cprefix##_cbc_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct, ctx)->ksched, ctx->iv, EVP_CIPHER_CTX_is_encrypting(ctx)); \ - return 1; \ - } - -#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ - static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ - { \ - size_t chunk = EVP_MAXCHUNK; \ - if (cbits == 1) \ - chunk >>= 3; \ - if (inl < chunk) \ - chunk = inl; \ - while (inl && inl >= chunk) { \ - int num = EVP_CIPHER_CTX_get_num(ctx); \ - cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits == 1) && !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) ? chunk * 8 : chunk), \ - &EVP_C_DATA(kstruct, ctx)->ksched, ctx->iv, \ - &num, EVP_CIPHER_CTX_is_encrypting(ctx)); \ - EVP_CIPHER_CTX_set_num(ctx, num); \ - inl -= chunk; \ - in += chunk; \ - out += chunk; \ - if (inl < chunk) \ - chunk = inl; \ - } \ - return 1; \ - } - -#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \ - BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \ - BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ - BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ - BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) - #define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \ key_len, iv_len, flags, init_key, cleanup, \ set_asn1, get_asn1, ctrl) \ @@ -375,12 +290,12 @@ struct evp_cipher_st { nid##_##nmode, block_size, key_len, iv_len, \ flags | EVP_CIPH_##MODE##_MODE, \ EVP_ORIG_GLOBAL, \ - init_key, \ - cname##_##mode##_cipher, \ - cleanup, \ - sizeof(kstruct), \ - set_asn1, get_asn1, \ - ctrl, \ + NULL, \ + NULL, \ + NULL, \ + 0, \ + NULL, NULL, \ + NULL, \ NULL \ }; \ const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; } @@ -411,95 +326,31 @@ struct evp_cipher_st { BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \ 0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl) -#define BLOCK_CIPHER_defs(cname, kstruct, \ - nid, block_size, key_len, iv_len, cbits, flags, \ - init_key, cleanup, set_asn1, get_asn1, ctrl) \ - BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \ - init_key, cleanup, set_asn1, get_asn1, ctrl) \ - BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \ - flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \ - BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \ - flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \ - BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \ - init_key, cleanup, set_asn1, get_asn1, ctrl) - -/*- -#define BLOCK_CIPHER_defs(cname, kstruct, \ - nid, block_size, key_len, iv_len, flags,\ - init_key, cleanup, set_asn1, get_asn1, ctrl)\ -static const EVP_CIPHER cname##_cbc = {\ - nid##_cbc, block_size, key_len, iv_len, \ - flags | EVP_CIPH_CBC_MODE,\ - EVP_ORIG_GLOBAL,\ - init_key,\ - cname##_cbc_cipher,\ - cleanup,\ - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ - set_asn1, get_asn1,\ - ctrl, \ - NULL \ -};\ -const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\ -static const EVP_CIPHER cname##_cfb = {\ - nid##_cfb64, 1, key_len, iv_len, \ - flags | EVP_CIPH_CFB_MODE,\ - EVP_ORIG_GLOBAL,\ - init_key,\ - cname##_cfb_cipher,\ - cleanup,\ - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ - set_asn1, get_asn1,\ - ctrl,\ - NULL \ -};\ -const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\ -static const EVP_CIPHER cname##_ofb = {\ - nid##_ofb64, 1, key_len, iv_len, \ - flags | EVP_CIPH_OFB_MODE,\ - EVP_ORIG_GLOBAL,\ - init_key,\ - cname##_ofb_cipher,\ - cleanup,\ - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ - set_asn1, get_asn1,\ - ctrl,\ - NULL \ -};\ -const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\ -static const EVP_CIPHER cname##_ecb = {\ - nid##_ecb, block_size, key_len, iv_len, \ - flags | EVP_CIPH_ECB_MODE,\ - EVP_ORIG_GLOBAL,\ - init_key,\ - cname##_ecb_cipher,\ - cleanup,\ - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ - set_asn1, get_asn1,\ - ctrl,\ - NULL \ -};\ -const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } -*/ - -#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \ - block_size, key_len, iv_len, cbits, \ - flags, init_key, \ - cleanup, set_asn1, get_asn1, ctrl) \ - BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \ - BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \ - cbits, flags, init_key, cleanup, set_asn1, \ - get_asn1, ctrl) +#define BLOCK_CIPHER_defs(cname, kstruct, \ + nid, block_size, key_len, iv_len, cbits, flags, \ + init_key, cleanup, set_asn1, get_asn1, ctrl) \ + BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \ + init_key, cleanup, set_asn1, get_asn1, ctrl) \ + BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \ + flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \ + BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \ + flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \ + BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \ + init_key, cleanup, set_asn1, get_asn1, ctrl) + +#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \ + block_size, key_len, iv_len, cbits, \ + flags, init_key, \ + cleanup, set_asn1, get_asn1, ctrl) \ + BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \ + cbits, flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) #define IMPLEMENT_CFBR(cipher, cprefix, kstruct, ksched, keysize, cbits, iv_len, fl) \ - BLOCK_CIPHER_func_cfb(cipher##_##keysize, cprefix, cbits, kstruct, ksched) \ - BLOCK_CIPHER_def_cfb(cipher##_##keysize, kstruct, \ - NID_##cipher##_##keysize, keysize / 8, iv_len, cbits, \ - (fl) | EVP_CIPH_FLAG_DEFAULT_ASN1, \ - cipher##_init_key, NULL, NULL, NULL, NULL) + BLOCK_CIPHER_def_cfb(cipher##_##keysize, kstruct, \ + NID_##cipher##_##keysize, keysize / 8, iv_len, cbits, \ + (fl) | EVP_CIPH_FLAG_DEFAULT_ASN1, \ + cipher##_init_key, NULL, NULL, NULL, NULL) typedef struct { unsigned char iv[EVP_MAX_IV_LENGTH];