diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2019-09-15 20:06:28 +1000 |
---|---|---|
committer | Shane Lontis <shane.lontis@oracle.com> | 2019-09-15 20:06:28 +1000 |
commit | 55c7dc79274f7256f573d99353f887263b162b7b (patch) | |
tree | e03e4810c1681965dbcff19b5a624695ff70ee0d /providers/common | |
parent | 7bb82f92d94375e7673fe02cb8186595b2c539f2 (diff) |
Add blowfish ciphers to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9887)
Diffstat (limited to 'providers/common')
-rw-r--r-- | providers/common/ciphers/cipher_aes_xts.c | 8 | ||||
-rw-r--r-- | providers/common/ciphers/cipher_common.c | 13 | ||||
-rw-r--r-- | providers/common/ciphers/cipher_tdes.c | 5 | ||||
-rw-r--r-- | providers/common/include/internal/ciphers/cipher_tdes.h | 4 | ||||
-rw-r--r-- | providers/common/include/internal/ciphers/ciphercommon.h | 82 | ||||
-rw-r--r-- | providers/common/include/internal/provider_algs.h | 6 |
6 files changed, 103 insertions, 15 deletions
diff --git a/providers/common/ciphers/cipher_aes_xts.c b/providers/common/ciphers/cipher_aes_xts.c index feaa36991f..c85475442b 100644 --- a/providers/common/ciphers/cipher_aes_xts.c +++ b/providers/common/ciphers/cipher_aes_xts.c @@ -106,13 +106,13 @@ static int aes_xts_dinit(void *vctx, const unsigned char *key, size_t keylen, return aes_xts_init(vctx, key, keylen, iv, ivlen, 0); } -static void *aes_xts_newctx(void *provctx, unsigned int mode, size_t kbits, - size_t blkbits, size_t ivbits) +static void *aes_xts_newctx(void *provctx, unsigned int mode, uint64_t flags, + size_t kbits, size_t blkbits, size_t ivbits) { PROV_AES_XTS_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) { - cipher_generic_initkey(&ctx->base, kbits, blkbits, ivbits, mode, + cipher_generic_initkey(&ctx->base, kbits, blkbits, ivbits, mode, flags, PROV_CIPHER_HW_aes_xts(kbits), NULL); } return ctx; @@ -255,7 +255,7 @@ static int aes_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ static OSSL_OP_cipher_newctx_fn aes_##kbits##_xts_newctx; \ static void *aes_##kbits##_xts_newctx(void *provctx) \ { \ - return aes_xts_newctx(provctx, EVP_CIPH_##UCMODE##_MODE, 2 * kbits, \ + return aes_xts_newctx(provctx, EVP_CIPH_##UCMODE##_MODE, flags, 2 * kbits, \ AES_XTS_BLOCK_BITS, AES_XTS_IV_BITS); \ } \ const OSSL_DISPATCH aes##kbits##xts_functions[] = { \ diff --git a/providers/common/ciphers/cipher_common.c b/providers/common/ciphers/cipher_common.c index 18d6dd9ca5..3c45dd5b9a 100644 --- a/providers/common/ciphers/cipher_common.c +++ b/providers/common/ciphers/cipher_common.c @@ -124,9 +124,13 @@ static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx, memcpy(ctx->iv, iv, ctx->ivlen); } if (key != NULL) { - if (keylen != ctx->keylen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN); - return 0; + if ((ctx->flags & EVP_CIPH_VARIABLE_LENGTH) == 0) { + if (keylen != ctx->keylen) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN); + return 0; + } + } else { + ctx->keylen = keylen; } return ctx->hw->init(ctx, key, ctx->keylen); } @@ -384,11 +388,12 @@ int cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } void cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits, - size_t ivbits, unsigned int mode, + size_t ivbits, unsigned int mode, uint64_t flags, const PROV_CIPHER_HW *hw, void *provctx) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; + ctx->flags = flags; ctx->pad = 1; ctx->keylen = ((kbits) / 8); ctx->ivlen = ((ivbits) / 8); diff --git a/providers/common/ciphers/cipher_tdes.c b/providers/common/ciphers/cipher_tdes.c index 91df2ce194..e3e80d186a 100644 --- a/providers/common/ciphers/cipher_tdes.c +++ b/providers/common/ciphers/cipher_tdes.c @@ -14,12 +14,13 @@ #include "internal/providercommonerr.h" void *tdes_newctx(void *provctx, int mode, size_t kbits, size_t blkbits, - size_t ivbits, const PROV_CIPHER_HW *hw) + size_t ivbits, uint64_t flags, const PROV_CIPHER_HW *hw) { PROV_TDES_CTX *tctx = OPENSSL_zalloc(sizeof(*tctx)); if (tctx != NULL) - cipher_generic_initkey(tctx, kbits, blkbits, ivbits, mode, hw, provctx); + cipher_generic_initkey(tctx, kbits, blkbits, ivbits, mode, flags, hw, + provctx); return tctx; } diff --git a/providers/common/include/internal/ciphers/cipher_tdes.h b/providers/common/include/internal/ciphers/cipher_tdes.h index 0d3c90c0af..120201d1ad 100644 --- a/providers/common/include/internal/ciphers/cipher_tdes.h +++ b/providers/common/include/internal/ciphers/cipher_tdes.h @@ -35,7 +35,7 @@ static OSSL_OP_cipher_newctx_fn tdes_##type##_##lcmode##_newctx; \ static void *tdes_##type##_##lcmode##_newctx(void *provctx) \ { \ return tdes_newctx(provctx, EVP_CIPH_##UCMODE##_MODE, kbits, blkbits, \ - ivbits, PROV_CIPHER_HW_tdes_##type##_##lcmode()); \ + ivbits, flags, PROV_CIPHER_HW_tdes_##type##_##lcmode());\ } \ static OSSL_OP_cipher_get_params_fn tdes_##type##_##lcmode##_get_params; \ static int tdes_##type##_##lcmode##_get_params(OSSL_PARAM params[]) \ @@ -68,7 +68,7 @@ const OSSL_DISPATCH tdes_##type##_##lcmode##_functions[] = { \ } void *tdes_newctx(void *provctx, int mode, size_t kbits, size_t blkbits, - size_t ivbits, const PROV_CIPHER_HW *hw); + size_t ivbits, uint64_t flags, const PROV_CIPHER_HW *hw); OSSL_OP_cipher_freectx_fn tdes_freectx; OSSL_OP_cipher_encrypt_init_fn tdes_einit; OSSL_OP_cipher_decrypt_init_fn tdes_dinit; diff --git a/providers/common/include/internal/ciphers/ciphercommon.h b/providers/common/include/internal/ciphers/ciphercommon.h index 5593447264..fe55342e19 100644 --- a/providers/common/include/internal/ciphers/ciphercommon.h +++ b/providers/common/include/internal/ciphers/ciphercommon.h @@ -85,7 +85,7 @@ int cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, unsigned long flags, size_t kbits, size_t blkbits, size_t ivbits); void cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits, - size_t ivbits, unsigned int mode, + size_t ivbits, unsigned int mode, uint64_t flags, const PROV_CIPHER_HW *hw, void *provctx); #define IMPLEMENT_generic_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \ @@ -102,7 +102,7 @@ static void * alg##_##kbits##_##lcmode##_newctx(void *provctx) \ PROV_##UCALG##_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); \ if (ctx != NULL) { \ cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \ - EVP_CIPH_##UCMODE##_MODE, \ + EVP_CIPH_##UCMODE##_MODE, flags, \ PROV_CIPHER_HW_##alg##_##lcmode(kbits), NULL); \ } \ return ctx; \ @@ -147,4 +147,80 @@ PROV_CIPHER_HW_FN cipher_hw_chunked_ofb128; #define cipher_hw_chunked_ctr cipher_hw_generic_ctr #define cipher_hw_chunked_cfb1 cipher_hw_generic_cfb1 - +#define IMPLEMENT_CIPHER_HW_OFB(MODE, NAME, CTX_NAME, KEY_NAME, FUNC_PREFIX) \ +static int cipher_hw_##NAME##_##MODE##_cipher(PROV_CIPHER_CTX *ctx, \ + unsigned char *out, \ + const unsigned char *in, size_t len) \ +{ \ + int num = ctx->num; \ + KEY_NAME *key = &(((CTX_NAME *)ctx)->ks.ks); \ + \ + while (len >= MAXCHUNK) { \ + FUNC_PREFIX##_encrypt(in, out, MAXCHUNK, key, ctx->iv, &num); \ + len -= MAXCHUNK; \ + in += MAXCHUNK; \ + out += MAXCHUNK; \ + } \ + if (len > 0) { \ + FUNC_PREFIX##_encrypt(in, out, (long)len, key, ctx->iv, &num); \ + } \ + ctx->num = num; \ + return 1; \ +} + +#define IMPLEMENT_CIPHER_HW_ECB(MODE, NAME, CTX_NAME, KEY_NAME, FUNC_PREFIX) \ +static int cipher_hw_##NAME##_##MODE##_cipher(PROV_CIPHER_CTX *ctx, \ + unsigned char *out, \ + const unsigned char *in, size_t len) \ +{ \ + size_t i, bl = ctx->blocksize; \ + KEY_NAME *key = &(((CTX_NAME *)ctx)->ks.ks); \ + \ + if (len < bl) \ + return 1; \ + for (i = 0, len -= bl; i <= len; i += bl) \ + FUNC_PREFIX##_encrypt(in + i, out + i, key, ctx->enc); \ + return 1; \ +} + +#define IMPLEMENT_CIPHER_HW_CBC(MODE, NAME, CTX_NAME, KEY_NAME, FUNC_PREFIX) \ +static int cipher_hw_##NAME##_##MODE##_cipher(PROV_CIPHER_CTX *ctx, \ + unsigned char *out, \ + const unsigned char *in, size_t len) \ +{ \ + KEY_NAME *key = &(((CTX_NAME *)ctx)->ks.ks); \ + \ + while (len >= MAXCHUNK) { \ + FUNC_PREFIX##_encrypt(in, out, MAXCHUNK, key, ctx->iv, ctx->enc); \ + len -= MAXCHUNK; \ + in += MAXCHUNK; \ + out += MAXCHUNK; \ + } \ + if (len > 0) \ + FUNC_PREFIX##_encrypt(in, out, (long)len, key, ctx->iv, ctx->enc); \ + return 1; \ +} + +#define IMPLEMENT_CIPHER_HW_CFB(MODE, NAME, CTX_NAME, KEY_NAME, FUNC_PREFIX) \ +static int cipher_hw_##NAME##_##MODE##_cipher(PROV_CIPHER_CTX *ctx, \ + unsigned char *out, \ + const unsigned char *in, size_t len) \ +{ \ + size_t chunk = MAXCHUNK; \ + KEY_NAME *key = &(((CTX_NAME *)ctx)->ks.ks); \ + int num = ctx->num; \ + \ + if (len < chunk) \ + chunk = len; \ + while (len > 0 && len >= chunk) { \ + FUNC_PREFIX##_encrypt(in, out, (long)chunk, key, ctx->iv, &num, \ + ctx->enc); \ + len -= chunk; \ + in += chunk; \ + out += chunk; \ + if (len < chunk) \ + chunk = len; \ + } \ + ctx->num = num; \ + return 1; \ +} diff --git a/providers/common/include/internal/provider_algs.h b/providers/common/include/internal/provider_algs.h index e6da5f32a8..5f54612b0a 100644 --- a/providers/common/include/internal/provider_algs.h +++ b/providers/common/include/internal/provider_algs.h @@ -116,6 +116,12 @@ extern const OSSL_DISPATCH camellia256ctr_functions[]; extern const OSSL_DISPATCH camellia192ctr_functions[]; extern const OSSL_DISPATCH camellia128ctr_functions[]; #endif /* OPENSSL_NO_CAMELLIA */ +#ifndef OPENSSL_NO_BF +extern const OSSL_DISPATCH blowfish128ecb_functions[]; +extern const OSSL_DISPATCH blowfish128cbc_functions[]; +extern const OSSL_DISPATCH blowfish64ofb64_functions[]; +extern const OSSL_DISPATCH blowfish64cfb64_functions[]; +#endif /* OPENSSL_NO_BF */ extern const OSSL_DISPATCH tdes_ede3_ecb_functions[]; extern const OSSL_DISPATCH tdes_ede3_cbc_functions[]; |