diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-06-05 17:36:44 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-06-05 17:36:44 +0000 |
commit | c6fa97a6d6fffb057b3b96e7c0b75711dfd3bbc8 (patch) | |
tree | ba309f05634d09ca5e76487e63bab7404c6ab412 /crypto/rc4 | |
parent | 24d7159abd5e8a3fb5a75167e01b24230fb0874b (diff) |
FIPS low level blocking for AES, RC4 and Camellia. This is complicated by
use of assembly language routines: rename the assembly language function
to the private_* variant unconditionally and perform tests from a small
C wrapper.
Diffstat (limited to 'crypto/rc4')
-rw-r--r-- | crypto/rc4/Makefile | 4 | ||||
-rw-r--r-- | crypto/rc4/asm/rc4-586.pl | 8 | ||||
-rw-r--r-- | crypto/rc4/asm/rc4-s390x.pl | 10 | ||||
-rwxr-xr-x | crypto/rc4/asm/rc4-x86_64.pl | 8 | ||||
-rw-r--r-- | crypto/rc4/rc4.h | 1 | ||||
-rw-r--r-- | crypto/rc4/rc4_skey.c | 2 | ||||
-rw-r--r-- | crypto/rc4/rc4_utl.c | 62 |
7 files changed, 79 insertions, 16 deletions
diff --git a/crypto/rc4/Makefile b/crypto/rc4/Makefile index 264451a213..8f6b0dc68a 100644 --- a/crypto/rc4/Makefile +++ b/crypto/rc4/Makefile @@ -21,8 +21,8 @@ TEST=rc4test.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC=rc4_skey.c rc4_enc.c -LIBOBJ=$(RC4_ENC) +LIBSRC=rc4_skey.c rc4_enc.c rc4_utl.c +LIBOBJ=$(RC4_ENC) rc4_utl.o SRC= $(LIBSRC) diff --git a/crypto/rc4/asm/rc4-586.pl b/crypto/rc4/asm/rc4-586.pl index 38a44a70ef..ec82c35b88 100644 --- a/crypto/rc4/asm/rc4-586.pl +++ b/crypto/rc4/asm/rc4-586.pl @@ -24,7 +24,7 @@ # For reference! This code delivers ~80% of rc4-amd64.pl # performance on the same Opteron machine. # (**) This number requires compressed key schedule set up by -# RC4_set_key [see commentary below for further details]. +# private_RC4_set_key [see commentary below for further details]. # # <appro@fy.chalmers.se> @@ -166,8 +166,8 @@ $idx="edx"; &external_label("OPENSSL_ia32cap_P"); -# void RC4_set_key(RC4_KEY *key,int len,const unsigned char *data); -&function_begin("RC4_set_key"); +# void private_RC4_set_key(RC4_KEY *key,int len,const unsigned char *data); +&function_begin("private_RC4_set_key"); &mov ($out,&wparam(0)); # load key &mov ($idi,&wparam(1)); # load len &mov ($inp,&wparam(2)); # load data @@ -245,7 +245,7 @@ $idx="edx"; &xor ("eax","eax"); &mov (&DWP(-8,$out),"eax"); # key->x=0; &mov (&DWP(-4,$out),"eax"); # key->y=0; -&function_end("RC4_set_key"); +&function_end("private_RC4_set_key"); # const char *RC4_options(void); &function_begin_B("RC4_options"); diff --git a/crypto/rc4/asm/rc4-s390x.pl b/crypto/rc4/asm/rc4-s390x.pl index 96681fa05e..c7ed59510b 100644 --- a/crypto/rc4/asm/rc4-s390x.pl +++ b/crypto/rc4/asm/rc4-s390x.pl @@ -130,7 +130,7 @@ $code.=<<___; ___ } -# void RC4_set_key(RC4_KEY *key,unsigned int len,const void *inp) +# void private_RC4_set_key(RC4_KEY *key,unsigned int len,const void *inp) { $cnt="%r0"; $idx="%r1"; @@ -143,10 +143,10 @@ $ikey="%r7"; $iinp="%r8"; $code.=<<___; -.globl RC4_set_key -.type RC4_set_key,\@function +.globl private_RC4_set_key +.type private_RC4_set_key,\@function .align 64 -RC4_set_key: +private_RC4_set_key: stmg %r6,%r8,48($sp) lhi $cnt,256 la $idx,0(%r0) @@ -182,7 +182,7 @@ RC4_set_key: .Ldone: lmg %r6,%r8,48($sp) br $rp -.size RC4_set_key,.-RC4_set_key +.size private_RC4_set_key,.-private_RC4_set_key ___ } diff --git a/crypto/rc4/asm/rc4-x86_64.pl b/crypto/rc4/asm/rc4-x86_64.pl index 677be5fe25..b04eb1a72a 100755 --- a/crypto/rc4/asm/rc4-x86_64.pl +++ b/crypto/rc4/asm/rc4-x86_64.pl @@ -266,10 +266,10 @@ $ido="%r9"; $code.=<<___; .extern OPENSSL_ia32cap_P -.globl RC4_set_key -.type RC4_set_key,\@function,3 +.globl private_RC4_set_key +.type private_RC4_set_key,\@function,3 .align 16 -RC4_set_key: +private_RC4_set_key: lea 8($dat),$dat lea ($inp,$len),$inp neg $len @@ -339,7 +339,7 @@ RC4_set_key: mov %eax,-8($dat) mov %eax,-4($dat) ret -.size RC4_set_key,.-RC4_set_key +.size private_RC4_set_key,.-private_RC4_set_key .globl RC4_options .type RC4_options,\@abi-omnipotent diff --git a/crypto/rc4/rc4.h b/crypto/rc4/rc4.h index 29d1acccf5..88ceb46bc5 100644 --- a/crypto/rc4/rc4.h +++ b/crypto/rc4/rc4.h @@ -79,6 +79,7 @@ typedef struct rc4_key_st const char *RC4_options(void); void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); +void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); void RC4(RC4_KEY *key, size_t len, const unsigned char *indata, unsigned char *outdata); diff --git a/crypto/rc4/rc4_skey.c b/crypto/rc4/rc4_skey.c index b22c40b0bd..d8108cf19c 100644 --- a/crypto/rc4/rc4_skey.c +++ b/crypto/rc4/rc4_skey.c @@ -85,7 +85,7 @@ const char *RC4_options(void) * Date: Wed, 14 Sep 1994 06:35:31 GMT */ -void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) +void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) { register RC4_INT tmp; register int id1,id2; diff --git a/crypto/rc4/rc4_utl.c b/crypto/rc4/rc4_utl.c new file mode 100644 index 0000000000..ab3f02fe6a --- /dev/null +++ b/crypto/rc4/rc4_utl.c @@ -0,0 +1,62 @@ +/* crypto/rc4/rc4_utl.c -*- mode:C; c-file-style: "eay" -*- */ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + */ + +#include <openssl/opensslv.h> +#include <openssl/crypto.h> +#include <openssl/rc4.h> + +void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) + { +#ifdef OPENSSL_FIPS + fips_cipher_abort(RC4); +#endif + private_RC4_set_key(key, len, data); + } |