diff options
| author | Andy Polyakov <appro@openssl.org> | 2014-02-05 14:05:08 +0100 |
|---|---|---|
| committer | Andy Polyakov <appro@openssl.org> | 2014-02-05 14:05:08 +0100 |
| commit | 0d5096fbd6bd58bd68ca114c5e4f59fd2f9aa199 (patch) | |
| tree | dd75dc1871c744a309064270eed6df777c4b99ad | |
| parent | 3847d15d6bf124b1703fbc27f69bdce7755f768d (diff) | |
evp/e_aes_cbc_hmac_sha*.c: additional CTRL to query buffer requirements.
| -rw-r--r-- | crypto/evp/e_aes_cbc_hmac_sha1.c | 15 | ||||
| -rw-r--r-- | crypto/evp/e_aes_cbc_hmac_sha256.c | 15 | ||||
| -rw-r--r-- | crypto/evp/evp.h | 1 |
3 files changed, 25 insertions, 6 deletions
diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c index 730842047f..b14d8371c8 100644 --- a/crypto/evp/e_aes_cbc_hmac_sha1.c +++ b/crypto/evp/e_aes_cbc_hmac_sha1.c @@ -775,6 +775,8 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void } } #if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK + case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE: + return (int)(5+16+((arg+20+16)&-16)); case EVP_CTRL_TLS1_1_MULTIBLOCK_AAD: { EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param = @@ -791,10 +793,17 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void if ((param->inp[9]<<8|param->inp[10]) < TLS1_1_VERSION) return -1; - if (inp_len<4096) return 0; /* too short */ + if (inp_len) + { + if (inp_len<4096) return 0; /* too short */ - if (inp_len>=8192 && OPENSSL_ia32cap_P[2]&(1<<5)) - n4x=2; /* AVX2 */ + if (inp_len>=8192 && OPENSSL_ia32cap_P[2]&(1<<5)) + n4x=2; /* AVX2 */ + } + else if ((n4x=param->interleave/4) && n4x<=2) + inp_len = param->len; + else + return -1; key->md = key->head; SHA1_Update(&key->md,param->inp,13); diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c index 8470bb96b8..01823d201e 100644 --- a/crypto/evp/e_aes_cbc_hmac_sha256.c +++ b/crypto/evp/e_aes_cbc_hmac_sha256.c @@ -728,6 +728,8 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, vo } } #if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK + case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE: + return (int)(5+16+((arg+32+16)&-16)); case EVP_CTRL_TLS1_1_MULTIBLOCK_AAD: { EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param = @@ -744,10 +746,17 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, vo if ((param->inp[9]<<8|param->inp[10]) < TLS1_1_VERSION) return -1; - if (inp_len<4096) return 0; /* too short */ + if (inp_len) + { + if (inp_len<4096) return 0; /* too short */ - if (inp_len>=8192 && OPENSSL_ia32cap_P[2]&(1<<5)) - n4x=2; /* AVX2 */ + if (inp_len>=8192 && OPENSSL_ia32cap_P[2]&(1<<5)) + n4x=2; /* AVX2 */ + } + else if ((n4x=param->interleave/4) && n4x<=2) + inp_len = param->len; + else + return -1; key->md = key->head; SHA256_Update(&key->md,param->inp,13); diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index a5aa4c87fc..94d1dc863b 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -413,6 +413,7 @@ struct evp_cipher_st #define EVP_CTRL_TLS1_1_MULTIBLOCK_AAD 0x19 #define EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT 0x1a #define EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT 0x1b +#define EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE 0x1c typedef struct { unsigned char *out; |