diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2019-08-26 17:05:08 +1000 |
---|---|---|
committer | Shane Lontis <shane.lontis@oracle.com> | 2019-08-26 17:05:08 +1000 |
commit | 4a42e2640499ce46d2733c4316c5fe4594a37c54 (patch) | |
tree | fe7235c50a838af626b46199beed5f85cb4e8b94 /crypto | |
parent | 37a830e729f56cfc7b893f321880ac52f1b35cdb (diff) |
Cleanup ciphers and Add 3des ciphers.
Moved the relevant ciphers into default and restructed headers to allow the move.
This removed most of the cases of #ifdef NO_XXX (which are now specified in build.info)
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9482)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/des/build.info | 9 | ||||
-rw-r--r-- | crypto/err/openssl.txt | 1 | ||||
-rw-r--r-- | crypto/evp/evp_enc.c | 39 | ||||
-rw-r--r-- | crypto/include/internal/ciphermode_platform.h | 7 |
4 files changed, 44 insertions, 12 deletions
diff --git a/crypto/des/build.info b/crypto/des/build.info index 474d14e229..33dd90c89a 100644 --- a/crypto/des/build.info +++ b/crypto/des/build.info @@ -13,13 +13,14 @@ IF[{- !$disabled{asm} -}] ENDIF LIBS=../../libcrypto -SOURCE[../../libcrypto]=\ - set_key.c ecb_enc.c cbc_enc.c \ - ecb3_enc.c cfb64enc.c cfb64ede.c cfb_enc.c \ +$COMMON=set_key.c ecb3_enc.c $DESASM +SOURCE[../../libcrypto]=$COMMON\ + ecb_enc.c cbc_enc.c \ + cfb64enc.c cfb64ede.c cfb_enc.c \ ofb64ede.c ofb64enc.c ofb_enc.c \ str2key.c pcbc_enc.c qud_cksm.c rand_key.c \ - $DESASM \ fcrypt.c xcbc_enc.c cbc_cksm.c +SOURCE[../../providers/fips]=$COMMON GENERATE[des_enc-sparc.S]=asm/des_enc.m4 GENERATE[dest4-sparcv9.S]=asm/dest4-sparcv9.pl $(PERLASM_SCHEME) diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index a545636447..58f6c4894f 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -2708,6 +2708,7 @@ PROP_R_TRAILING_CHARACTERS:110:trailing characters PROV_R_AES_KEY_SETUP_FAILED:101:aes key setup failed PROV_R_BAD_DECRYPT:100:bad decrypt PROV_R_CIPHER_OPERATION_FAILED:102:cipher operation failed +PROV_R_FAILED_TO_GENERATE_KEY:121:failed to generate key PROV_R_FAILED_TO_GET_PARAMETER:103:failed to get parameter PROV_R_FAILED_TO_SET_PARAMETER:104:failed to set parameter PROV_R_INVALID_AAD:108:invalid aad diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index e67e20c7ba..5723fe888e 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -217,6 +217,18 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, case NID_camellia_256_ctr: case NID_camellia_192_ctr: case NID_camellia_128_ctr: + case NID_des_ede3_cbc: + case NID_des_ede3_ecb: + case NID_des_ede3_ofb64: + case NID_des_ede3_cfb64: + case NID_des_ede3_cfb8: + case NID_des_ede3_cfb1: + case NID_des_ede_cbc: + case NID_des_ede_ecb: + case NID_des_ede_ofb64: + case NID_des_ede_cfb64: + case NID_desx_cbc: + case NID_id_smime_alg_CMS3DESwrap: break; default: goto legacy; @@ -1030,6 +1042,12 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_KEYLEN, &arg); break; case EVP_CTRL_RAND_KEY: /* Used by DES */ + set_params = 0; + params[0] = + OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY, + ptr, (size_t)arg); + break; + case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: /* Used by DASYNC */ case EVP_CTRL_INIT: /* TODO(3.0) Purely legacy, no provider counterpart */ default: @@ -1141,19 +1159,24 @@ const OSSL_PARAM *EVP_CIPHER_CTX_gettable_params(const EVP_CIPHER *cipher) return NULL; } -#if !defined(FIPS_MODE) -/* TODO(3.0): No support for RAND yet in the FIPS module */ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) { - int kl; if (ctx->cipher->flags & EVP_CIPH_RAND_KEY) return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key); - kl = EVP_CIPHER_CTX_key_length(ctx); - if (kl <= 0 || RAND_priv_bytes(key, kl) <= 0) - return 0; - return 1; + +#ifdef FIPS_MODE + return 0; +#else + { + int kl; + + kl = EVP_CIPHER_CTX_key_length(ctx); + if (kl <= 0 || RAND_priv_bytes(key, kl) <= 0) + return 0; + return 1; + } +#endif /* FIPS_MODE */ } -#endif int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) { diff --git a/crypto/include/internal/ciphermode_platform.h b/crypto/include/internal/ciphermode_platform.h index 934d8136d3..5db2e23eb9 100644 --- a/crypto/include/internal/ciphermode_platform.h +++ b/crypto/include/internal/ciphermode_platform.h @@ -223,6 +223,7 @@ void cmll256_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out, # define SPARC_AES_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_AES) +# define SPARC_DES_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_DES) # define HWAES_CAPABLE (OPENSSL_sparcv9cap_P[0] & SPARCV9_FJAESX) # define HWAES_set_encrypt_key aes_fx_set_encrypt_key # define HWAES_set_decrypt_key aes_fx_set_decrypt_key @@ -237,6 +238,12 @@ void aes_t4_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key); void aes_t4_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key); +void des_t4_key_expand(const void *key, DES_key_schedule *ks); +void des_t4_ede3_cbc_encrypt(const void *inp, void *out, size_t len, + const DES_key_schedule ks[3], unsigned char iv[8]); +void des_t4_ede3_cbc_decrypt(const void *inp, void *out, size_t len, + const DES_key_schedule ks[3], unsigned char iv[8]); + /* * Key-length specific subroutines were chosen for following reason. * Each SPARC T4 core can execute up to 8 threads which share core's |