diff options
author | Pauli <paul.dale@oracle.com> | 2020-10-20 22:15:10 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2020-10-22 22:35:26 +1000 |
commit | 85209c07459b1c6007e0fc550f40c05deec78531 (patch) | |
tree | bd4ac16f7aad18e091ca76c18039c071c6297e75 | |
parent | fc1ccdffe96bc9d32f4287c31f7ff99f9dd37854 (diff) |
Remove EVP_aes_(128|192|256)_siv functions
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13195)
-rw-r--r-- | crypto/evp/c_allc.c | 5 | ||||
-rw-r--r-- | crypto/evp/e_aes.c | 111 | ||||
-rw-r--r-- | include/openssl/evp.h | 5 | ||||
-rw-r--r-- | util/libcrypto.num | 3 | ||||
-rw-r--r-- | util/missingcrypto.txt | 3 |
5 files changed, 0 insertions, 127 deletions
diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index df8e5a5bcb..6c50501b62 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -190,11 +190,6 @@ void openssl_add_all_ciphers_int(void) EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1()); EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256()); -#ifndef OPENSSL_NO_SIV - EVP_add_cipher(EVP_aes_128_siv()); - EVP_add_cipher(EVP_aes_192_siv()); - EVP_add_cipher(EVP_aes_256_siv()); -#endif #ifndef OPENSSL_NO_ARIA EVP_add_cipher(EVP_aria_128_ecb()); EVP_add_cipher(EVP_aria_128_cbc()); diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 08abd5fb09..96ee5d1403 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -4002,114 +4002,3 @@ BLOCK_CIPHER_custom(NID_aes, 192, 16, 12, ocb, OCB, BLOCK_CIPHER_custom(NID_aes, 256, 16, 12, ocb, OCB, EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) #endif /* OPENSSL_NO_OCB */ - -/* AES-SIV mode */ -#ifndef OPENSSL_NO_SIV - -typedef SIV128_CONTEXT EVP_AES_SIV_CTX; - -#define aesni_siv_init_key aes_siv_init_key -static int aes_siv_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - const EVP_CIPHER *ctr; - const EVP_CIPHER *cbc; - SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, ctx); - int klen = EVP_CIPHER_CTX_key_length(ctx) / 2; - - if (key == NULL) - return 1; - - switch (klen) { - case 16: - cbc = EVP_aes_128_cbc(); - ctr = EVP_aes_128_ctr(); - break; - case 24: - cbc = EVP_aes_192_cbc(); - ctr = EVP_aes_192_ctr(); - break; - case 32: - cbc = EVP_aes_256_cbc(); - ctr = EVP_aes_256_ctr(); - break; - default: - return 0; - } - - /* klen is the length of the underlying cipher, not the input key, - which should be twice as long */ - return CRYPTO_siv128_init(sctx, key, klen, cbc, ctr, NULL, NULL); -} - -#define aesni_siv_cipher aes_siv_cipher -static int aes_siv_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, ctx); - - /* EncryptFinal or DecryptFinal */ - if (in == NULL) - return CRYPTO_siv128_finish(sctx); - - /* Deal with associated data */ - if (out == NULL) - return CRYPTO_siv128_aad(sctx, in, len); - - if (EVP_CIPHER_CTX_encrypting(ctx)) - return CRYPTO_siv128_encrypt(sctx, in, out, len); - - return CRYPTO_siv128_decrypt(sctx, in, out, len); -} - -#define aesni_siv_cleanup aes_siv_cleanup -static int aes_siv_cleanup(EVP_CIPHER_CTX *c) -{ - SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, c); - - return CRYPTO_siv128_cleanup(sctx); -} - - -#define aesni_siv_ctrl aes_siv_ctrl -static int aes_siv_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) -{ - SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, c); - SIV128_CONTEXT *sctx_out; - - switch (type) { - case EVP_CTRL_INIT: - return CRYPTO_siv128_cleanup(sctx); - - case EVP_CTRL_SET_SPEED: - return CRYPTO_siv128_speed(sctx, arg); - - case EVP_CTRL_AEAD_SET_TAG: - if (!EVP_CIPHER_CTX_encrypting(c)) - return CRYPTO_siv128_set_tag(sctx, ptr, arg); - return 1; - - case EVP_CTRL_AEAD_GET_TAG: - if (!EVP_CIPHER_CTX_encrypting(c)) - return 0; - return CRYPTO_siv128_get_tag(sctx, ptr, arg); - - case EVP_CTRL_COPY: - sctx_out = EVP_C_DATA(SIV128_CONTEXT, (EVP_CIPHER_CTX*)ptr); - return CRYPTO_siv128_copy_ctx(sctx_out, sctx); - - default: - return -1; - - } -} - -#define SIV_FLAGS (EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1 \ - | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ - | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_COPY \ - | EVP_CIPH_CTRL_INIT) - -BLOCK_CIPHER_custom(NID_aes, 128, 1, 0, siv, SIV, SIV_FLAGS) -BLOCK_CIPHER_custom(NID_aes, 192, 1, 0, siv, SIV, SIV_FLAGS) -BLOCK_CIPHER_custom(NID_aes, 256, 1, 0, siv, SIV, SIV_FLAGS) -#endif diff --git a/include/openssl/evp.h b/include/openssl/evp.h index b2b87f2ab4..4472bcf50e 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -950,11 +950,6 @@ const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void); const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void); const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void); const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void); -# ifndef OPENSSL_NO_SIV -const EVP_CIPHER *EVP_aes_128_siv(void); -const EVP_CIPHER *EVP_aes_192_siv(void); -const EVP_CIPHER *EVP_aes_256_siv(void); -# endif # ifndef OPENSSL_NO_ARIA const EVP_CIPHER *EVP_aria_128_ecb(void); const EVP_CIPHER *EVP_aria_128_cbc(void); diff --git a/util/libcrypto.num b/util/libcrypto.num index 3d3edf9356..3573058dc9 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4427,9 +4427,6 @@ OPENSSL_version_minor ? 3_0_0 EXIST::FUNCTION: OPENSSL_version_patch ? 3_0_0 EXIST::FUNCTION: OPENSSL_version_pre_release ? 3_0_0 EXIST::FUNCTION: OPENSSL_version_build_metadata ? 3_0_0 EXIST::FUNCTION: -EVP_aes_128_siv ? 3_0_0 EXIST::FUNCTION:SIV -EVP_aes_192_siv ? 3_0_0 EXIST::FUNCTION:SIV -EVP_aes_256_siv ? 3_0_0 EXIST::FUNCTION:SIV OPENSSL_INIT_set_config_filename ? 3_0_0 EXIST::FUNCTION:STDIO OPENSSL_INIT_set_config_file_flags ? 3_0_0 EXIST::FUNCTION:STDIO ASYNC_WAIT_CTX_get_callback ? 3_0_0 EXIST::FUNCTION: diff --git a/util/missingcrypto.txt b/util/missingcrypto.txt index f2b91e2587..71c0d5002b 100644 --- a/util/missingcrypto.txt +++ b/util/missingcrypto.txt @@ -700,9 +700,6 @@ EVP_PKEY_save_parameters(3) EVP_add_alg_module(3) EVP_add_cipher(3) EVP_add_digest(3) -EVP_aes_128_siv(3) -EVP_aes_192_siv(3) -EVP_aes_256_siv(3) EVP_get_pw_prompt(3) EVP_hex2ctrl(3) EVP_read_pw_string(3) |