diff options
author | Bodo Möller <bodo@openssl.org> | 2007-04-23 23:50:26 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2007-04-23 23:50:26 +0000 |
commit | c3cc4662affa40ad8a88499a53a14209fa723677 (patch) | |
tree | 3c1458cdf4cfbd59ff2b9177b0293aa3f06b1caa | |
parent | 22892f9803fb9b4b6d208b34580555120e852229 (diff) |
Add SEED encryption algorithm.
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
46 files changed, 1627 insertions, 84 deletions
@@ -4,6 +4,20 @@ Changes between 0.9.8e and 0.9.8f [xx XXX xxxx] + *) Add the Korean symmetric 128-bit cipher SEED (see + http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp) and + add SEED ciphersuites from RFC 4162: + + TLS_RSA_WITH_SEED_CBC_SHA = "SEED-SHA" + TLS_DHE_DSS_WITH_SEED_CBC_SHA = "DHE-DSS-SEED-SHA" + TLS_DHE_RSA_WITH_SEED_CBC_SHA = "DHE-RSA-SEED-SHA" + TLS_DH_anon_WITH_SEED_CBC_SHA = "ADH-SEED-SHA" + + To minimize changes between patchlevels in the OpenSSL 0.9.8 + series, SEED remains excluded from compilation unless OpenSSL + is configured with 'enable-seed'. + [KISA, Bodo Moeller] + *) Mitigate branch prediction attacks, which can be practical if a single processor is shared, allowing a spy process to extract information. For detailed background information, see @@ -600,11 +600,12 @@ my $perl; # All of the following is disabled by default (RC5 was enabled before 0.9.8): my %disabled = ( # "what" => "comment" - "camellia" => "default", - "gmp" => "default", + "camellia" => "default", + "gmp" => "default", "mdc2" => "default", "rc5" => "default", - "rfc3779" => "default", + "rfc3779" => "default", + "seed" => "default", "shared" => "default", "zlib" => "default", "zlib-dynamic" => "default" @@ -615,7 +616,7 @@ my %disabled = ( # "what" => "comment" # For symmetry, "disable-..." is a synonym for "no-...". # This is what $depflags will look like with the above default: -my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 "; +my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED "; my $no_sse2=0; diff --git a/Makefile.org b/Makefile.org index c1334c6e1e..341edc19de 100644 --- a/Makefile.org +++ b/Makefile.org @@ -111,7 +111,7 @@ SHLIBDIRS= crypto ssl SDIRS= \ objects \ md2 md4 md5 sha mdc2 hmac ripemd \ - des aes rc2 rc4 rc5 idea bf cast camellia \ + des aes rc2 rc4 rc5 idea bf cast camellia seed \ bn ec rsa dsa ecdsa dh ecdh dso engine \ buffer bio stack lhash rand err \ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \ diff --git a/apps/dsa.c b/apps/dsa.c index d503031ec3..9e103037dd 100644 --- a/apps/dsa.c +++ b/apps/dsa.c @@ -87,6 +87,7 @@ * -camellia128 - encrypt output if PEM format * -camellia192 - encrypt output if PEM format * -camellia256 - encrypt output if PEM format + * -seed - encrypt output if PEM format * -text - print a text version * -modulus - print the DSA public key */ @@ -219,6 +220,9 @@ bad: BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n"); BIO_printf(bio_err," encrypt PEM output with cbc camellia\n"); #endif +#ifndef OPENSSL_NO_SEED + BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n"); +#endif BIO_printf(bio_err," -text print the key in text\n"); BIO_printf(bio_err," -noout don't print key out\n"); BIO_printf(bio_err," -modulus print the DSA public value\n"); diff --git a/apps/gendsa.c b/apps/gendsa.c index 936a42b810..8a296c66e5 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -140,6 +140,10 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-idea") == 0) enc=EVP_idea_cbc(); #endif +#ifndef OPENSSL_NO_SEED + else if (strcmp(*argv,"-seed") == 0) + enc=EVP_seed_cbc(); +#endif #ifndef OPENSSL_NO_AES else if (strcmp(*argv,"-aes128") == 0) enc=EVP_aes_128_cbc(); @@ -178,6 +182,10 @@ bad: #ifndef OPENSSL_NO_IDEA BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n"); #endif +#ifndef OPENSSL_NO_SEED + BIO_printf(bio_err," -seed\n"); + BIO_printf(bio_err," encrypt PEM output with cbc seed\n"); +#endif #ifndef OPENSSL_NO_AES BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); diff --git a/apps/genrsa.c b/apps/genrsa.c index d716a3cde3..1599bb7a69 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -160,6 +160,10 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-idea") == 0) enc=EVP_idea_cbc(); #endif +#ifndef OPENSSL_NO_SEED + else if (strcmp(*argv,"-seed") == 0) + enc=EVP_seed_cbc(); +#endif #ifndef OPENSSL_NO_AES else if (strcmp(*argv,"-aes128") == 0) enc=EVP_aes_128_cbc(); @@ -195,6 +199,10 @@ bad: #ifndef OPENSSL_NO_IDEA BIO_printf(bio_err," -idea encrypt the generated key with IDEA in cbc mode\n"); #endif +#ifndef OPENSSL_NO_SEED + BIO_printf(bio_err," -seed\n"); + BIO_printf(bio_err," encrypt PEM output with cbc seed\n"); +#endif #ifndef OPENSSL_NO_AES BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); diff --git a/apps/pkcs12.c b/apps/pkcs12.c index d5873e93d4..762f317efb 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -153,10 +153,13 @@ int MAIN(int argc, char **argv) cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; else if (!strcmp (*args, "-export")) export_cert = 1; else if (!strcmp (*args, "-des")) enc=EVP_des_cbc(); + else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc(); #ifndef OPENSSL_NO_IDEA else if (!strcmp (*args, "-idea")) enc=EVP_idea_cbc(); #endif - else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc(); +#ifndef OPENSSL_NO_SEED + else if (!strcmp(*args, "-seed")) enc=EVP_seed_cbc(); +#endif #ifndef OPENSSL_NO_AES else if (!strcmp(*args,"-aes128")) enc=EVP_aes_128_cbc(); else if (!strcmp(*args,"-aes192")) enc=EVP_aes_192_cbc(); @@ -306,6 +309,9 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_IDEA BIO_printf (bio_err, "-idea encrypt private keys with idea\n"); #endif +#ifndef OPENSSL_NO_SEED + BIO_printf (bio_err, "-seed encrypt private keys with seed\n"); +#endif #ifndef OPENSSL_NO_AES BIO_printf (bio_err, "-aes128, -aes192, -aes256\n"); BIO_printf (bio_err, " encrypt PEM output with cbc aes\n"); diff --git a/apps/progs.h b/apps/progs.h index 011974b216..89e1e059bd 100644 --- a/apps/progs.h +++ b/apps/progs.h @@ -197,6 +197,9 @@ FUNCTION functions[] = { #ifndef OPENSSL_NO_IDEA {FUNC_TYPE_CIPHER,"idea",enc_main}, #endif +#ifndef OPENSSL_NO_SEED + {FUNC_TYPE_CIPHER,"seed",enc_main}, +#endif #ifndef OPENSSL_NO_RC4 {FUNC_TYPE_CIPHER,"rc4",enc_main}, #endif @@ -263,6 +266,18 @@ FUNCTION functions[] = { #ifndef OPENSSL_NO_IDEA {FUNC_TYPE_CIPHER,"idea-ofb",enc_main}, #endif +#ifndef OPENSSL_NO_SEED + {FUNC_TYPE_CIPHER,"seed-cbc",enc_main}, +#endif +#ifndef OPENSSL_NO_SEED + {FUNC_TYPE_CIPHER,"seed-ecb",enc_main}, +#endif +#ifndef OPENSSL_NO_SEED + {FUNC_TYPE_CIPHER,"seed-cfb",enc_main}, +#endif +#ifndef OPENSSL_NO_SEED + {FUNC_TYPE_CIPHER,"seed-ofb",enc_main}, +#endif #ifndef OPENSSL_NO_RC2 {FUNC_TYPE_CIPHER,"rc2-cbc",enc_main}, #endif diff --git a/apps/progs.pl b/apps/progs.pl index 7b1de74bef..d74cfdc0f1 100644 --- a/apps/progs.pl +++ b/apps/progs.pl @@ -61,13 +61,14 @@ foreach ( "camellia-192-cbc", "camellia-192-ecb", "camellia-256-cbc", "camellia-256-ecb", "base64", - "des", "des3", "desx", "idea", "rc4", "rc4-40", + "des", "des3", "desx", "idea", "seed", "rc4", "rc4-40", "rc2", "bf", "cast", "rc5", "des-ecb", "des-ede", "des-ede3", "des-cbc", "des-ede-cbc","des-ede3-cbc", "des-cfb", "des-ede-cfb","des-ede3-cfb", "des-ofb", "des-ede-ofb","des-ede3-ofb", - "idea-cbc","idea-ecb", "idea-cfb", "idea-ofb", + "idea-cbc","idea-ecb", "idea-cfb", "idea-ofb", + "seed-cbc","seed-ecb", "seed-cfb", "seed-ofb", "rc2-cbc", "rc2-ecb", "rc2-cfb","rc2-ofb", "rc2-64-cbc", "rc2-40-cbc", "bf-cbc", "bf-ecb", "bf-cfb", "bf-ofb", "cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb", @@ -80,6 +81,7 @@ foreach ( elsif ($_ =~ /aes/) { $t="#ifndef OPENSSL_NO_AES\n${t}#endif\n"; } elsif ($_ =~ /camellia/) { $t="#ifndef OPENSSL_NO_CAMELLIA\n${t}#endif\n"; } elsif ($_ =~ /idea/) { $t="#ifndef OPENSSL_NO_IDEA\n${t}#endif\n"; } + elsif ($_ =~ /seed/) { $t="#ifndef OPENSSL_NO_SEED\n${t}#endif\n"; } elsif ($_ =~ /rc4/) { $t="#ifndef OPENSSL_NO_RC4\n${t}#endif\n"; } elsif ($_ =~ /rc2/) { $t="#ifndef OPENSSL_NO_RC2\n${t}#endif\n"; } elsif ($_ =~ /bf/) { $t="#ifndef OPENSSL_NO_BF\n${t}#endif\n"; } diff --git a/apps/rsa.c b/apps/rsa.c index cf09a190ca..930f1f038a 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -81,6 +81,7 @@ * -des - encrypt output if PEM format with DES in cbc mode * -des3 - encrypt output if PEM format * -idea - encrypt output if PEM format + * -seed - encrypt output if PEM format * -aes128 - encrypt output if PEM format * -aes192 - encrypt output if PEM format * -aes256 - encrypt output if PEM format @@ -211,6 +212,9 @@ bad: #ifndef OPENSSL_NO_IDEA BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n"); #endif +#ifndef OPENSSL_NO_SEED + BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n"); +#endif #ifndef OPENSSL_NO_AES BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); diff --git a/apps/smime.c b/apps/smime.c index 830f18cd84..ce8a1cbecb 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -145,6 +145,10 @@ int MAIN(int argc, char **argv) else if (!strcmp (*args, "-des")) cipher = EVP_des_cbc(); #endif +#ifndef OPENSSL_NO_SEED + else if (!strcmp (*args, "-seed")) + cipher = EVP_seed_cbc(); +#endif #ifndef OPENSSL_NO_RC2 else if (!strcmp (*args, "-rc2-40")) cipher = EVP_rc2_40_cbc(); @@ -423,6 +427,9 @@ int MAIN(int argc, char **argv) BIO_printf (bio_err, "-des3 encrypt with triple DES\n"); BIO_printf (bio_err, "-des encrypt with DES\n"); #endif +#ifndef OPENSSL_NO_SEED + BIO_printf (bio_err, "-seed encrypt with SEED\n"); +#endif #ifndef OPENSSL_NO_RC2 BIO_printf (bio_err, "-rc2-40 encrypt with RC2-40 (default)\n"); BIO_printf (bio_err, "-rc2-64 encrypt with RC2-64\n"); diff --git a/apps/speed.c b/apps/speed.c index 7858aee76e..92a58fdfc1 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -201,6 +201,9 @@ #ifndef OPENSSL_NO_IDEA #include <openssl/idea.h> #endif +#ifndef OPENSSL_NO_SEED +#include <openssl/seed.h> +#endif #ifndef OPENSSL_NO_BF #include <openssl/blowfish.h> #endif @@ -272,7 +275,7 @@ static void print_result(int alg,int run_no,int count,double time_used); static int do_multi(int multi); #endif -#define ALGOR_NUM 24 +#define ALGOR_NUM 25 #define SIZE_NUM 5 #define RSA_NUM 4 #define DSA_NUM 3 @@ -282,7 +285,7 @@ static int do_multi(int multi); static const char *names[ALGOR_NUM]={ "md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4", - "des cbc","des ede3","idea cbc", + "des cbc","des ede3","idea cbc","seed cbc", "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc", "aes-128 cbc","aes-192 cbc","aes-256 cbc", "camellia-128 cbc","camellia-192 cbc","camellia-256 cbc", @@ -533,6 +536,9 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_IDEA IDEA_KEY_SCHEDULE idea_ks; #endif +#ifndef OPENSSL_NO_SEED + SEED_KEY_SCHEDULE seed_ks; +#endif #ifndef OPENSSL_NO_BF BF_KEY bf_ks; #endif @@ -597,19 +603,20 @@ int MAIN(int argc, char **argv) #define D_CBC_DES 8 #define D_EDE3_DES 9 #define D_CBC_IDEA 10 -#define D_CBC_RC2 11 -#define D_CBC_RC5 12 -#define D_CBC_BF 13 -#define D_CBC_CAST 14 -#define D_CBC_128_AES 15 -#define D_CBC_192_AES 16 -#define D_CBC_256_AES 17 -#define D_CBC_128_CML 18 -#define D_CBC_192_CML 19 -#define D_CBC_256_CML 20 -#define D_EVP 21 -#define D_SHA256 22 -#define D_SHA512 23 +#define D_CBC_SEED 11 +#define D_CBC_RC2 12 +#define D_CBC_RC5 13 +#define D_CBC_BF 14 +#define D_CBC_CAST 15 +#define D_CBC_128_AES 16 +#define D_CBC_192_AES 17 +#define D_CBC_256_AES 18 +#define D_CBC_128_CML 19 +#define D_CBC_192_CML 20 +#define D_CBC_256_CML 21 +#define D_EVP 22 +#define D_SHA256 23 +#define D_SHA512 24 double d=0.0; long c[ALGOR_NUM][SIZE_NUM]; #define R_DSA_512 0 @@ -999,6 +1006,11 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"idea") == 0) doit[D_CBC_IDEA]=1; else #endif +#ifndef OPENSSL_NO_SEED + if (strcmp(*argv,"seed-cbc") == 0) doit[D_CBC_SEED]=1; + else if (strcmp(*argv,"seed") == 0) doit[D_CBC_SEED]=1; + else +#endif #ifndef OPENSSL_NO_BF if (strcmp(*argv,"bf-cbc") == 0) doit[D_CBC_BF]=1; else if (strcmp(*argv,"blowfish") == 0) doit[D_CBC_BF]=1; @@ -1144,6 +1156,9 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_IDEA BIO_printf(bio_err,"idea-cbc "); #endif +#ifndef OPENSSL_NO_SEED + BIO_printf(bio_err,"seed-cbc "); +#endif #ifndef OPENSSL_NO_RC2 BIO_printf(bio_err,"rc2-cbc "); #endif @@ -1153,7 +1168,7 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_BF BIO_printf(bio_err,"bf-cbc"); #endif -#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_RC2) || \ +#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || !defined(OPENSSL_NO_RC2) || \ !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_RC5) BIO_printf(bio_err,"\n"); #endif @@ -1195,6 +1210,9 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_IDEA BIO_printf(bio_err,"idea "); #endif +#ifndef OPENSSL_NO_SEED + BIO_printf(bio_err,"seed "); +#endif #ifndef OPENSSL_NO_RC2 BIO_printf(bio_err,"rc2 "); #endif @@ -1213,10 +1231,10 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_BF BIO_printf(bio_err,"blowfish"); #endif -#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_RC2) || \ - !defined(OPENSSL_NO_DES) || !defined(OPENSSL_NO_RSA) || \ - !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_AES) || \ - !defined(OPENSSL_NO_CAMELLIA) +#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || \ + !defined(OPENSSL_NO_RC2) || !defined(OPENSSL_NO_DES) || \ + !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_BF) || \ + !defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA) BIO_printf(bio_err,"\n"); #endif @@ -1318,6 +1336,9 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_IDEA idea_set_encrypt_key(key16,&idea_ks); #endif +#ifndef OPENSSL_NO_SEED + SEED_set_key(key16,&seed_ks); +#endif #ifndef OPENSSL_NO_RC4 RC4_set_key(&rc4_ks,16,key16); #endif @@ -1361,6 +1382,7 @@ int MAIN(int argc, char **argv) c[D_CBC_DES][0]=count; c[D_EDE3_DES][0]=count/3; c[D_CBC_IDEA][0]=count; + c[D_CBC_SEED][0]=count; c[D_CBC_RC2][0]=count; c[D_CBC_RC5][0]=count; c[D_CBC_BF][0]=count; @@ -1396,6 +1418,7 @@ int MAIN(int argc, char **argv) c[D_CBC_DES][i]=c[D_CBC_DES][i-1]*l0/l1; c[D_EDE3_DES][i]=c[D_EDE3_DES][i-1]*l0/l1; c[D_CBC_IDEA][i]=c[D_CBC_IDEA][i-1]*l0/l1; + c[D_CBC_SEED][i]=c[D_CBC_SEED][i-1]*l0/l1; c[D_CBC_RC2][i]=c[D_CBC_RC2][i-1]*l0/l1; c[D_CBC_RC5][i]=c[D_CBC_RC5][i-1]*l0/l1; c[D_CBC_BF][i]=c[D_CBC_BF][i-1]*l0/l1; @@ -1861,6 +1884,21 @@ int MAIN(int argc, char **argv) } } #endif +#ifndef OPENSSL_NO_SEED + if (doit[D_CBC_SEED]) + { + for (j=0; j<SIZE_NUM; j++) + { + print_message(names[D_CBC_SEED],c[D_CBC_SEED][j],lengths[j]); + Time_F(START); + for (count=0,run=1; COND(c[D_CBC_SEED][j]); count++) + SEED_cbc_encrypt(buf,buf, + (unsigned long)lengths[j],&seed_ks,iv,1); + d=Time_F(STOP); + print_result(D_CBC_SEED,j,count,d); + } + } +#endif #ifndef OPENSSL_NO_RC2 if (doit[D_CBC_RC2]) { @@ -797,7 +797,7 @@ case "$GUESSOS" in i386-*) options="$options 386" ;; esac -for i in aes bf camellia cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 ripemd rsa sha +for i in aes bf camellia cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 ripemd rsa seed sha do if [ ! -d crypto/$i ] then diff --git a/crypto/crypto-lib.com b/crypto/crypto-lib.com index 5d5a37ecf4..44a99af04f 100644 --- a/crypto/crypto-lib.com +++ b/crypto/crypto-lib.com @@ -78,7 +78,7 @@ $! $ ENCRYPT_TYPES = "Basic,"+ - "OBJECTS,"+ - "MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ - - "DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,"+ - + "DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,"+ - "BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,"+ - "BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ - "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ - @@ -184,6 +184,7 @@ $ LIB_BF = "bf_skey,bf_ecb,bf_enc,bf_cfb64,bf_ofb64" $ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64" $ LIB_CAMELLIA = "camellia,cmll_misc,cmll_ecb,cmll_cbc,cmll_ofb,"+ - "cmll_cfb,cmll_ctr" +$ LIB_SEED = "seed,seed_cbc,seed_ecb,seed_cfb,seed_ofb" $ LIB_BN_ASM = "[.asm]vms.mar,vms-helper" $ IF F$TRNLNM("OPENSSL_NO_ASM").OR.ARCH.EQS."AXP" THEN LIB_BN_ASM = "bn_asm" $ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ - @@ -226,7 +227,7 @@ $ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd,"+ - $ LIB_ERR = "err,err_all,err_prn" $ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err" $ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,"+ - - "e_des,e_bf,e_idea,e_des3,e_camellia,"+ - + "e_des,e_bf,e_idea,e_des3,e_camellia,e_seed,"+ - "e_rc4,e_aes,names,"+ - "e_xcbc_d,e_rc2,e_cast,e_rc5" $ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1," + - diff --git a/crypto/evp/Makefile b/crypto/evp/Makefile index a4f9ae2167..96b45aabc1 100644 --- a/crypto/evp/Makefile +++ b/crypto/evp/Makefile @@ -20,7 +20,7 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \ e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\ - e_rc4.c e_aes.c names.c \ + e_rc4.c e_aes.c names.c e_seed.c \ e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \ m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \ m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\ @@ -32,7 +32,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \ LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \ e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\ - e_rc4.o e_aes.o names.o \ + e_rc4.o e_aes.o names.o e_seed.o \ e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \ m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \ m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\ @@ -271,6 +271,7 @@ e_rc5.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h e_rc5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h e_rc5.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h e_rc5.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc5.c +e_seed.o: ../../include/openssl/opensslconf.h e_seed.c e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index 9ba4d0c6e0..7054d8125d 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -107,6 +107,15 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher_alias(SN_idea_cbc,"idea"); #endif +#ifndef OPENSSL_NO_SEED + EVP_add_cipher(EVP_seed_ecb()); + EVP_add_cipher(EVP_seed_cfb()); + EVP_add_cipher(EVP_seed_ofb()); + EVP_add_cipher(EVP_seed_cbc()); + EVP_add_cipher_alias(SN_seed_cbc,"SEED"); + EVP_add_cipher_alias(SN_seed_cbc,"seed"); +#endif + #ifndef OPENSSL_NO_RC2 EVP_add_cipher(EVP_rc2_ecb()); EVP_add_cipher(EVP_rc2_cfb()); diff --git a/crypto/evp/e_seed.c b/crypto/evp/e_seed.c new file mode 100644 index 0000000000..2d1759d276 --- /dev/null +++ b/crypto/evp/e_seed.c @@ -0,0 +1,83 @@ +/* crypto/evp/e_seed.c -*- mode:C; c-file-style: "eay" -*- */ +/* ==================================================================== + * Copyright (c) 2007 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |