Cleanup ciphers and Add 3des ciphers.

Moved the relevant ciphers into default and restructed headers to allow the move. This removed most of the cases of #ifdef NO_XXX (which are now specified in build.info) Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9482)
author: Shane Lontis <shane.lontis@oracle.com> 2019-08-26 17:05:08 +1000
committer: Shane Lontis <shane.lontis@oracle.com> 2019-08-26 17:05:08 +1000
commit: 4a42e2640499ce46d2733c4316c5fe4594a37c54 (patch)
tree: fe7235c50a838af626b46199beed5f85cb4e8b94 /crypto
parent: 37a830e729f56cfc7b893f321880ac52f1b35cdb (diff)
4 files changed, 44 insertions, 12 deletions
diff --git a/crypto/des/build.info b/crypto/des/build.info
index 474d14e229..33dd90c89a 100644
--- a/crypto/des/build.info
+++ b/crypto/des/build.info
@@ -13,13 +13,14 @@ IF[{- !$disabled{asm} -}]
 ENDIF
 
 LIBS=../../libcrypto
-SOURCE[../../libcrypto]=\
-        set_key.c  ecb_enc.c  cbc_enc.c \
-        ecb3_enc.c cfb64enc.c cfb64ede.c cfb_enc.c \
+$COMMON=set_key.c ecb3_enc.c $DESASM
+SOURCE[../../libcrypto]=$COMMON\
+        ecb_enc.c  cbc_enc.c \
+        cfb64enc.c cfb64ede.c cfb_enc.c \
         ofb64ede.c ofb64enc.c ofb_enc.c \
         str2key.c  pcbc_enc.c qud_cksm.c rand_key.c \
-        $DESASM \
         fcrypt.c xcbc_enc.c cbc_cksm.c
+SOURCE[../../providers/fips]=$COMMON
 
 GENERATE[des_enc-sparc.S]=asm/des_enc.m4
 GENERATE[dest4-sparcv9.S]=asm/dest4-sparcv9.pl $(PERLASM_SCHEME)
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index a545636447..58f6c4894f 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2708,6 +2708,7 @@ PROP_R_TRAILING_CHARACTERS:110:trailing characters
 PROV_R_AES_KEY_SETUP_FAILED:101:aes key setup failed
 PROV_R_BAD_DECRYPT:100:bad decrypt
 PROV_R_CIPHER_OPERATION_FAILED:102:cipher operation failed
+PROV_R_FAILED_TO_GENERATE_KEY:121:failed to generate key
 PROV_R_FAILED_TO_GET_PARAMETER:103:failed to get parameter
 PROV_R_FAILED_TO_SET_PARAMETER:104:failed to set parameter
 PROV_R_INVALID_AAD:108:invalid aad
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index e67e20c7ba..5723fe888e 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -217,6 +217,18 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
         case NID_camellia_256_ctr:
         case NID_camellia_192_ctr:
         case NID_camellia_128_ctr:
+        case NID_des_ede3_cbc:
+        case NID_des_ede3_ecb:
+        case NID_des_ede3_ofb64:
+        case NID_des_ede3_cfb64:
+        case NID_des_ede3_cfb8:
+        case NID_des_ede3_cfb1:
+        case NID_des_ede_cbc:
+        case NID_des_ede_ecb:
+        case NID_des_ede_ofb64:
+        case NID_des_ede_cfb64:
+        case NID_desx_cbc:
+        case NID_id_smime_alg_CMS3DESwrap:
             break;
         default:
             goto legacy;
@@ -1030,6 +1042,12 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
         params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_KEYLEN, &arg);
         break;
     case EVP_CTRL_RAND_KEY:      /* Used by DES */
+        set_params = 0;
+        params[0] =
+            OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY,
+                                              ptr, (size_t)arg);
+        break;
+
     case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: /* Used by DASYNC */
     case EVP_CTRL_INIT: /* TODO(3.0) Purely legacy, no provider counterpart */
     default:
@@ -1141,19 +1159,24 @@ const OSSL_PARAM *EVP_CIPHER_CTX_gettable_params(const EVP_CIPHER *cipher)
     return NULL;
 }
 
-#if !defined(FIPS_MODE)
-/* TODO(3.0): No support for RAND yet in the FIPS module */
 int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
 {
-    int kl;
     if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
         return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
-    kl = EVP_CIPHER_CTX_key_length(ctx);
-    if (kl <= 0 || RAND_priv_bytes(key, kl) <= 0)
-        return 0;
-    return 1;
+
+#ifdef FIPS_MODE
+    return 0;
+#else
+    {
+        int kl;
+
+        kl = EVP_CIPHER_CTX_key_length(ctx);
+        if (kl <= 0 || RAND_priv_bytes(key, kl) <= 0)
+            return 0;
+        return 1;
+    }
+#endif /* FIPS_MODE */
 }
-#endif
 
 int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
 {
diff --git a/crypto/include/internal/ciphermode_platform.h b/crypto/include/internal/ciphermode_platform.h
index 934d8136d3..5db2e23eb9 100644
--- a/crypto/include/internal/ciphermode_platform.h
+++ b/crypto/include/internal/ciphermode_platform.h
@@ -223,6 +223,7 @@ void cmll256_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
 
 
 #  define SPARC_AES_CAPABLE       (OPENSSL_sparcv9cap_P[1] & CFR_AES)
+#  define SPARC_DES_CAPABLE       (OPENSSL_sparcv9cap_P[1] & CFR_DES)
 #  define HWAES_CAPABLE           (OPENSSL_sparcv9cap_P[0] & SPARCV9_FJAESX)
 #  define HWAES_set_encrypt_key aes_fx_set_encrypt_key
 #  define HWAES_set_decrypt_key aes_fx_set_decrypt_key
@@ -237,6 +238,12 @@ void aes_t4_encrypt(const unsigned char *in, unsigned char *out,
                     const AES_KEY *key);
 void aes_t4_decrypt(const unsigned char *in, unsigned char *out,
                     const AES_KEY *key);
+void des_t4_key_expand(const void *key, DES_key_schedule *ks);
+void des_t4_ede3_cbc_encrypt(const void *inp, void *out, size_t len,
+                             const DES_key_schedule ks[3], unsigned char iv[8]);
+void des_t4_ede3_cbc_decrypt(const void *inp, void *out, size_t len,
+                             const DES_key_schedule ks[3], unsigned char iv[8]);
+
 /*
  * Key-length specific subroutines were chosen for following reason.
  * Each SPARC T4 core can execute up to 8 threads which share core's
author	Shane Lontis <shane.lontis@oracle.com>	2019-08-26 17:05:08 +1000
committer	Shane Lontis <shane.lontis@oracle.com>	2019-08-26 17:05:08 +1000
commit	4a42e2640499ce46d2733c4316c5fe4594a37c54 (patch)
tree	fe7235c50a838af626b46199beed5f85cb4e8b94 /crypto
parent	37a830e729f56cfc7b893f321880ac52f1b35cdb (diff)