diff options
-rw-r--r-- | CHANGES | 6 | ||||
-rw-r--r-- | crypto/evp/Makefile.ssl | 38 | ||||
-rw-r--r-- | crypto/evp/c_allc.c | 15 | ||||
-rw-r--r-- | crypto/evp/e_aes.c | 153 | ||||
-rw-r--r-- | crypto/evp/e_rd.c | 203 | ||||
-rw-r--r-- | crypto/evp/evp.h | 14 | ||||
-rw-r--r-- | crypto/objects/obj_dat.h | 138 | ||||
-rw-r--r-- | crypto/objects/obj_mac.h | 136 | ||||
-rw-r--r-- | crypto/objects/obj_mac.num | 35 | ||||
-rw-r--r-- | crypto/objects/objects.txt | 40 | ||||
-rw-r--r-- | crypto/ocsp/Makefile.ssl | 23 | ||||
-rw-r--r-- | crypto/rijndael/Makefile.ssl | 5 | ||||
-rwxr-xr-x | crypto/rijndael/README | 164 | ||||
-rw-r--r-- | crypto/rijndael/boxes-fst-corrected.dat | 3986 | ||||
-rwxr-xr-x | crypto/rijndael/rd_fst.c | 1814 | ||||
-rwxr-xr-x | crypto/rijndael/rd_fst.h | 67 | ||||
-rw-r--r-- | crypto/rijndael/rijndael.h | 6 | ||||
-rw-r--r-- | ssl/s3_lib.c | 160 | ||||
-rw-r--r-- | ssl/ssl.h | 2 | ||||
-rw-r--r-- | ssl/ssl_algs.c | 9 | ||||
-rw-r--r-- | ssl/ssl_ciph.c | 40 | ||||
-rw-r--r-- | ssl/ssl_locl.h | 2 | ||||
-rw-r--r-- | ssl/tls1.h | 34 |
23 files changed, 2075 insertions, 5015 deletions
@@ -3,6 +3,12 @@ Changes between 0.9.6 and 0.9.7 [xx XXX 2000] + *) Update Rijndael code to version 3.0 and change EVP AES ciphers to + handle the new API. Currently only ECB, CBC modes supported. Add new + AES OIDs. Add TLS AES ciphersuites as described in the "AES Ciphersuites + for TLS" draft-ietf-tls-ciphersuite-03.txt. + [Ben Laurie, Steve Henson] + *) In the NCONF_...-based implementations for CONF_... queries (crypto/conf/conf_lib.c), if the input LHASH is NULL, avoid using a temporary CONF structure with the data component set to NULL diff --git a/crypto/evp/Makefile.ssl b/crypto/evp/Makefile.ssl index 01f09043c5..8ed956f8c9 100644 --- a/crypto/evp/Makefile.ssl +++ b/crypto/evp/Makefile.ssl @@ -24,7 +24,7 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= encode.c digest.c evp_enc.c evp_key.c \ e_des.c e_bf.c e_idea.c e_des3.c \ - e_rc4.c e_rd.c names.c \ + e_rc4.c e_aes.c names.c \ e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \ m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \ m_dss.c m_dss1.c m_mdc2.c m_ripemd.c \ @@ -35,7 +35,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c \ LIBOBJ= encode.o digest.o evp_enc.o evp_key.o \ e_des.o e_bf.o e_idea.o e_des3.o \ - e_rc4.o e_rd.o names.o \ + e_rc4.o e_aes.o names.o \ e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \ m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \ m_dss.o m_dss1.o m_mdc2.o m_ripemd.o \ @@ -254,6 +254,23 @@ digest.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h digest.o: ../cryptlib.h +e_aes.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_aes.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +e_aes.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h +e_aes.o: ../../include/openssl/des.h ../../include/openssl/dh.h +e_aes.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h +e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +e_aes.o: ../../include/openssl/evp.h ../../include/openssl/idea.h +e_aes.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h +e_aes.o: ../../include/openssl/md4.h ../../include/openssl/md5.h +e_aes.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h +e_aes.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +e_aes.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +e_aes.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +e_aes.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h e_bf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h e_bf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -425,23 +442,6 @@ e_rc5.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h e_rc5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h e_rc5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h e_rc5.o: ../cryptlib.h evp_locl.h -e_rd.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -e_rd.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -e_rd.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_rd.o: ../../include/openssl/des.h ../../include/openssl/dh.h -e_rd.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -e_rd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_rd.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_rd.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_rd.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_rd.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_rd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_rd.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h -e_rd.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -e_rd.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h -e_rd.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -e_rd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -e_rd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h e_xcbc_d.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h e_xcbc_d.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h e_xcbc_d.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index 02b3579b86..41f1ff135e 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -64,7 +64,6 @@ void OpenSSL_add_all_ciphers(void) { - int i,j; #ifndef NO_DES EVP_add_cipher(EVP_des_cfb()); @@ -147,13 +146,13 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher_alias(SN_rc5_cbc,"RC5"); #endif -#ifndef NO_RIJNDAEL - for(i=0 ; i < 3 ; ++i) - for(j=0 ; j < 3 ; ++j) - { - EVP_add_cipher(EVP_rijndael_ecb(i,j)); - EVP_add_cipher(EVP_rijndael_cbc(i,j)); - } +#ifndef NO_AES + EVP_add_cipher(EVP_aes_128_ecb()); + EVP_add_cipher(EVP_aes_128_cbc()); + EVP_add_cipher(EVP_aes_192_ecb()); + EVP_add_cipher(EVP_aes_192_cbc()); + EVP_add_cipher(EVP_aes_256_ecb()); + EVP_add_cipher(EVP_aes_256_cbc()); #endif PKCS12_PBE_add(); PKCS5_PBE_add(); diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c new file mode 100644 index 0000000000..87983c6035 --- /dev/null +++ b/crypto/evp/e_aes.c @@ -0,0 +1,153 @@ +/* ==================================================================== + * Copyright (c) 2001 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + */ + +#include <openssl/evp.h> +#include <openssl/err.h> +#include <string.h> +#include <assert.h> + +static int aes_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); +static int aes_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl); +static int aes_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl); + +#define IMPLEMENT_AES_CIPHER(name, ciph_func, keylen, ivlen, mode) \ +static EVP_CIPHER name##_cipher_st = \ + { \ + NID_##name, \ + 16,keylen,ivlen, \ + mode, \ + aes_init, \ + ciph_func, \ + NULL, \ + sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ \ + sizeof((((EVP_CIPHER_CTX *)NULL)->c.rijndael)), \ + EVP_CIPHER_set_asn1_iv, \ + EVP_CIPHER_get_asn1_iv, \ + NULL, \ + NULL \ + }; \ +EVP_CIPHER * EVP_##name(void) \ + { \ + return &name##_cipher_st; \ + } + +IMPLEMENT_AES_CIPHER(aes_128_ecb, aes_ecb, 16, 0, EVP_CIPH_ECB_MODE) +IMPLEMENT_AES_CIPHER(aes_192_ecb, aes_ecb, 24, 0, EVP_CIPH_ECB_MODE) +IMPLEMENT_AES_CIPHER(aes_256_ecb, aes_ecb, 32, 0, EVP_CIPH_ECB_MODE) + +IMPLEMENT_AES_CIPHER(aes_128_cbc, aes_cbc, 16, 16, EVP_CIPH_CBC_MODE) +IMPLEMENT_AES_CIPHER(aes_192_cbc, aes_cbc, 24, 24, EVP_CIPH_CBC_MODE) +IMPLEMENT_AES_CIPHER(aes_256_cbc, aes_cbc, 32, 32, EVP_CIPH_CBC_MODE) + +static int aes_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) + { + RIJNDAEL_KEY *k=&ctx->c.rijndael; + if (enc) + k->rounds = rijndaelKeySetupEnc(k->rd_key, key, ctx->key_len * 8); + else + k->rounds = rijndaelKeySetupDec(k->rd_key, key, ctx->key_len * 8); + + return 1; + } + +static int aes_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) + { + RIJNDAEL_KEY *k=&ctx->c.rijndael; + while(inl > 0) + { + if(ctx->encrypt) + rijndaelEncrypt(k->rd_key,k->rounds, in, out); + else + rijndaelDecrypt(k->rd_key,k->rounds, in, out); + inl-=16; + in+=16; + out+=16; + } + assert(inl == 0); + + return 1; + } + +static int aes_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) + { + int n; + unsigned char tmp[16]; + RIJNDAEL_KEY *k=&ctx->c.rijndael; + while(inl > 0) + { + if(ctx->encrypt) + { + for(n=0 ; n < 16 ; n++) + tmp[n] = in[n] ^ ctx->iv[n]; + rijndaelEncrypt(k->rd_key,k->rounds, tmp, out); + memcpy(ctx->iv,out,16); + } + else + { + memcpy(tmp, in, 16); + rijndaelDecrypt(k->rd_key,k->rounds, in, out); + for(n=0 ; n < 16 ; n++) + out[n] ^= ctx->iv[n]; + memcpy(ctx->iv,tmp,16); + } + inl-=16; + in+=16; + out+=16; + } + assert(inl == 0); + return 1; + } + diff --git a/crypto/evp/e_rd.c b/crypto/evp/e_rd.c deleted file mode 100644 index c2888aa055..0000000000 --- a/crypto/evp/e_rd.c +++ /dev/null @@ -1,203 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#include <openssl/evp.h> -#include <openssl/err.h> -#include <memory.h> -#include <assert.h> - -static EVP_CIPHER rd_cipher[3][3]; - -static int anSizes[]={16,24,32}; -static int anECBNIDs[3][3]= - { - { NID_rijndael_ecb_k128_b128,NID_rijndael_ecb_k192_b128,NID_rijndael_ecb_k256_b128 }, - { NID_rijndael_ecb_k128_b192,NID_rijndael_ecb_k192_b192,NID_rijndael_ecb_k256_b192 }, - { NID_rijndael_ecb_k128_b256,NID_rijndael_ecb_k192_b256,NID_rijndael_ecb_k256_b256 } - }; - -static int anCBCNIDs[3][3]= - { - { NID_rd128_cbc_b128,NID_rd192_cbc_b128,NID_rd256_cbc_b128 }, - { NID_rd128_cbc_b192,NID_rd192_cbc_b192,NID_rd256_cbc_b192 }, - { NID_rd128_cbc_b256,NID_rd192_cbc_b256,NID_rd256_cbc_b256 } - }; - -static int rd_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) - { - RIJNDAEL_KEY *k=&ctx->c.rijndael; - - k->enc=enc; - k->rounds=ctx->cipher->key_len/4+6; - rijndaelKeySched((const word8 (*)[4])key,k->keySched,k->rounds); - if(!k->enc) - rijndaelKeyEncToDec(k->keySched,k->rounds); - memcpy(k->iv,iv,ctx->cipher->iv_len); - - return 1; - } - -static int rd_cipher_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) - { - while(inl > 0) - { - if(ctx->c.rijndael.enc) - rijndaelEncrypt(in,out,ctx->c.rijndael.keySched, - ctx->c.rijndael.rounds); - else - rijndaelDecrypt(in,out,ctx->c.rijndael.keySched, - ctx->c.rijndael.rounds); - inl-=16; - in+=16; - out+=16; - } - assert(inl == 0); - - return 1; - } - -static int rd_cipher_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) - { - int n; - unsigned char tmp[16]; - - while(inl > 0) - { - if(ctx->c.rijndael.enc) - { - for(n=0 ; n < 16 ; ++n) - tmp[n]=in[n]^ctx->c.rijndael.iv[n]; - rijndaelEncrypt(tmp,out,ctx->c.rijndael.keySched, - ctx->c.rijndael.rounds); - memcpy(ctx->c.rijndael.iv,out,16); - } - else - { - rijndaelDecrypt(in,out,ctx->c.rijndael.keySched, - ctx->c.rijndael.rounds); - for(n=0 ; n < 16 ; ++n) - out[n]^=ctx->c.rijndael.iv[n]; - memcpy(ctx->c.rijndael.iv,in,16); - } - inl-=16; - in+=16; - out+=16; - } - assert(inl == 0); - - return 1; - } - -EVP_CIPHER *EVP_rijndael_ecb(int nBlockLength,int nKeyLength) - { - EVP_CIPHER *c; - - if(nBlockLength < 0 || nBlockLength > 2) - { - EVPerr(EVP_F_EVP_RIJNDAEL,EVP_R_BAD_BLOCK_LENGTH); - return NULL; - } - if(nKeyLength < 0 || nKeyLength > 2) - { - EVPerr(EVP_F_EVP_RIJNDAEL,EVP_R_BAD_KEY_LENGTH); - return NULL; - } - - c=&rd_cipher[nKeyLength][nBlockLength]; - - memset(c,'\0',sizeof *c); - - c->nid=anECBNIDs[nBlockLength][nKeyLength]; - c->block_size=anSizes[nBlockLength]; - c->key_len=anSizes[nKeyLength]; - c->iv_len=16; - c->flags=EVP_CIPH_ECB_MODE; - c->init=rd_init; - c->do_cipher=rd_cipher_ecb; - c->ctx_size=sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.rijndael)); - - return c; - } - -EVP_CIPHER *EVP_rijndael_cbc(int nBlockLength,int nKeyLength) - { - EVP_CIPHER *c; - - if(nBlockLength < 0 || nBlockLength > 2) - { - EVPerr(EVP_F_EVP_RIJNDAEL,EVP_R_BAD_BLOCK_LENGTH); - return NULL; - } - if(nKeyLength < 0 || nKeyLength > 2) - { - EVPerr(EVP_F_EVP_RIJNDAEL,EVP_R_BAD_KEY_LENGTH); - return NULL; - } - - c=&rd_cipher[nKeyLength][nBlockLength]; - - memset(c,'\0',sizeof *c); - - c->nid=anCBCNIDs[nBlockLength][nKeyLength]; - c->block_size=anSizes[nBlockLength]; - c->key_len=anSizes[nKeyLength]; - c->iv_len=16; - c->flags=EVP_CIPH_CBC_MODE; - c->init=rd_init; - c->do_cipher=rd_cipher_cbc; - c->ctx_size=sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.rijndael)); - - return c; - } diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index e8b4de48df..f00d4cf1fb 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -109,7 +109,7 @@ #ifndef NO_MDC2 #include <openssl/mdc2.h> #endif -#ifndef NO_RIJNDAEL +#ifndef NO_AES #include <openssl/rijndael.h> #endif @@ -449,7 +449,7 @@ struct evp_cipher_ctx_st #ifndef NO_CAST CAST_KEY cast_ks;/* key schedule */ #endif -#ifndef NO_RIJNDAEL +#ifndef NO_AES RIJNDAEL_KEY rijndael; #endif } c; @@ -705,9 +705,13 @@ EVP_CIPHER *EVP_rc5_32_12_16_ecb(void); EVP_CIPHER *EVP_rc5_32_12_16_cfb(void); EVP_CIPHER *EVP_rc5_32_12_16_ofb(void); #endif -#ifndef NO_RIJNDAEL -EVP_CIPHER *EVP_rijndael_ecb(int nBlockLength,int nKeyLength); -EVP_CIPHER *EVP_rijndael_cbc(int nBlockLength,int nKeyLength); +#ifndef NO_AES +EVP_CIPHER *EVP_aes_128_ecb(void); +EVP_CIPHER *EVP_aes_128_cbc(void); +EVP_CIPHER *EVP_aes_192_ecb(void); +EVP_CIPHER *EVP_aes_192_cbc(void); +EVP_CIPHER *EVP_aes_256_ecb(void); +EVP_CIPHER *EVP_aes_256_cbc(void); #endif void OpenSSL_add_all_algorithms(void); diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 5c5b5aaf14..163ab034b6 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -61,12 +61,12 @@ * perl obj_dat.pl objects.h obj_dat.h */ -#define NUM_NID 417 -#define NUM_SN 410 -#define NUM_LN 410 -#define NUM_OBJ 366 +#define NUM_NID 406 +#define NUM_SN 404 +#define NUM_LN 404 +#define NUM_OBJ 378 -static unsigned char lvalues[2896]={ +static unsigned char lvalues[3004]={ 0x00, /* [ 0] OBJ_undef */ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ @@ -433,6 +433,18 @@ static unsigned char lvalues[2896]={ 0xBA,0x82,0x58, /* [2872] OBJ_dcObject */ 0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2875] OBJ_domainComponent */ 0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2885] OBJ_Domain */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [2895] OBJ_aes_128_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [2904] OBJ_aes_128_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [2913] OBJ_aes_128_ofb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [2922] OBJ_aes_128_cfb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [2931] OBJ_aes_192_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [2940] OBJ_aes_192_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [2949] OBJ_aes_192_ofb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [2958] OBJ_aes_192_cfb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [2967] OBJ_aes_256_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [2976] OBJ_aes_256_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [2985] OBJ_aes_256_ofb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [2994] OBJ_aes_256_cfb */ }; static ASN1_OBJECT nid_objs[NUM_NID]={ @@ -1046,42 +1058,34 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ {"DC","domainComponent",NID_domainComponent,10,&(lvalues[2875]),0}, {"domain","Domain",NID_Domain,10,&(lvalues[2885]),0}, {NULL,NULL,NID_undef,0,NULL}, -{NULL,NULL,NID_undef,0,NULL}, -{NULL,NULL,NID_undef,0,NULL}, -{"RIJNDAEL-ECB-K128-B128","rijndael-ecb-k128-b128", - NID_rijndael_ecb_k128_b128,0,NULL}, -{"RIJNDAEL-ECB-K192-B128","rijndael-ecb-k192-b128", - NID_rijndael_ecb_k192_b128,0,NULL}, -{"RIJNDAEL-ECB-K256-B128","rijndael-ecb-k256-b128", - NID_rijndael_ecb_k256_b128,0,NULL}, -{"RIJNDAEL-ECB-K128-B192","rijndael-ecb-k128-b192", - NID_rijndael_ecb_k128_b192,0,NULL}, -{"RIJNDAEL-ECB-K192-B192","rijndael-ecb-k192-b192", - NID_rijndael_ecb_k192_b192,0,NULL}, -{"RIJNDAEL-ECB-K256-B192","rijndael-ecb-k256-b192", - NID_rijndael_ecb_k256_b192,0,NULL}, -{"RIJNDAEL-ECB-K128-B256","rijndael-ecb-k128-b256", - NID_rijndael_ecb_k128_b256,0,NULL}, -{"RIJNDAEL-ECB-K192-B256","rijndael-ecb-k192-b256", - NID_rijndael_ecb_k192_b256,0,NULL}, -{"RIJNDAEL-ECB-K256-B256","rijndael-ecb-k256-b256", - NID_rijndael_ecb_k256_b256,0,NULL}, -{NULL,NULL,NID_undef,0,NULL}, -{NULL,NULL,NID_undef,0,NULL}, -{NULL,NULL,NID_undef,0,NULL}, -{"RD128-CBC-B128","rd128-cbc-b128",NID_rd128_cbc_b128,0,NULL}, -{"RD192-CBC-B128","rd192-cbc-b128",NID_rd192_cbc_b128,0,NULL}, -{"RD256-CBC-B128","rd256-cbc-b128",NID_rd256_cbc_b128,0,NULL}, -{"RD128-CBC-B192","rd128-cbc-b192",NID_rd128_cbc_b192,0,NULL}, -{"RD192-CBC-B192","rd192-cbc-b192",NID_rd192_cbc_b192,0,NULL}, -{"RD256-CBC-B192","rd256-cbc-b192",NID_rd256_cbc_b192,0,NULL}, -{"RD128-CBC-B256","rd128-cbc-b256",NID_rd128_cbc_b256,0,NULL}, -{"RD192-CBC-B256","rd192-cbc-b256",NID_rd192_cbc_b256,0,NULL}, -{"RD256-CBC-B256","rd256-cbc-b256",NID_rd256_cbc_b256,0,NULL}, +{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[2895]),0}, +{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[2904]),0}, +{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb,9,&(lvalues[2913]),0}, +{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb,9,&(lvalues[2922]),0}, +{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[2931]),0}, +{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[2940]),0}, +{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb,9,&(lvalues[2949]),0}, +{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb,9,&(lvalues[2958]),0}, +{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[2967]),0}, +{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[2976]),0}, +{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb,9,&(lvalues[2985]),0}, +{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb,9,&(lvalues[2994]),0}, }; static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[364]),/* "AD_DVCS" */ +&(nid_objs[395]),/* "AES-128-CBC" */ +&(nid_objs[397]),/* "AES-128-CFB" */ +&(nid_objs[394]),/* "AES-128-ECB" */ +&(nid_objs[396]),/* "AES-128-OFB" */ +&(nid_objs[399]),/* "AES-192-CBC" */ +&(nid_objs[401]),/* "AES-192-CFB" */ +&(nid_objs[398]),/* "AES-192-ECB" */ +&(nid_objs[400]),/* "AES-192-OFB" */ +&(nid_objs[403]),/* "AES-256-CBC" */ +&(nid_objs[405]),/* "AES-256-CFB" */ +&(nid_objs[402]),/* "AES-256-ECB" */ +&(nid_objs[404]),/* "AES-256-OFB" */ &(nid_objs[91]),/* "BF-CBC" */ &(nid_objs[93]),/* "BF-CFB" */ &(nid_objs[92]),/* "BF-ECB" */ @@ -1167,24 +1171,6 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[122]),/* "RC5-CFB" */ &(nid_objs[121]),/* "RC5-ECB" */ &(nid_objs[123]),/* "RC5-OFB" */ -&(nid_objs[408]),/* "RD128-CBC-B128" */ -&(nid_objs[411]),/* "RD128-CBC-B192" */ -&(nid_objs[414]),/* "RD128-CBC-B256" */ -&(nid_objs[409]),/* "RD192-CBC-B128" */ -&(nid_objs[412]),/* "RD192-CBC-B192" */ -&(nid_objs[415]),/* "RD192-CBC-B256" */ -&(nid_objs[410]),/* "RD256-CBC-B128" */ -&(nid_objs[413]),/* "RD256-CBC-B192" */ -&(nid_objs[416]),/* "RD256-CBC-B256" */ -&(nid_objs[396]),/* "RIJNDAEL-ECB-K128-B128" */ -&(nid_objs[399]),/* "RIJNDAEL-ECB-K128-B192" */ -&(nid_objs[402]),/* "RIJNDAEL-ECB-K128-B256" */ -&(nid_objs[397]),/* "RIJNDAEL-ECB-K192-B128" */ -&(nid_objs[400]),/* "RIJNDAEL-ECB-K192-B192" */ -&(nid_objs[403]),/* "RIJNDAEL-ECB-K192-B256" */ -&(nid_objs[398]),/* "RIJNDAEL-ECB-K256-B128" */ -&(nid_objs[401]),/* "RIJNDAEL-ECB-K256-B192" */ -&(nid_objs[404]),/* "RIJNDAEL-ECB-K256-B256" */ &(nid_objs[117]),/* "RIPEMD160" */ &(nid_objs[124]),/* "RLE" */ &(nid_objs[19]),/* "RSA" */ @@ -1580,6 +1566,18 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[287]),/* "ac-auditEntity" */ &(nid_objs[288]),/* "ac-targeting" */ &(nid_objs[364]),/* "ad dvcs" */ +&(nid_objs[395]),/* "aes-128-cbc" */ +&(nid_objs[397]),/* "aes-128-cfb" */ +&(nid_objs[394]),/* "aes-128-ecb" */ +&(nid_objs[396]),/* "aes-128-ofb" */ +&(nid_objs[399]),/* "aes-192-cbc" */ +&(nid_objs[401]),/* "aes-192-cfb" */ +&(nid_objs[398]),/* "aes-192-ecb" */ +&(nid_objs[400]),/* "aes-192-ofb" */ +&(nid_objs[403]),/* "aes-256-cbc" */ +&(nid_objs[405]),/* "aes-256-cfb" */ +&(nid_objs[402]),/* "aes-256-ecb" */ +&(nid_objs[404]),/* "aes-256-ofb" */ &(nid_objs[376]),/* "algorithm" */ &(nid_objs[91]),/* "bf-cbc" */ &(nid_objs[93]),/* "bf-cfb" */ @@ -1855,24 +1853,6 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[122]),/* "rc5-cfb" */ &(nid_objs[121]),/* "rc5-ecb" */ &(nid_objs[123]),/* "rc5-ofb" */ -&(nid_objs[408]),/* "rd128-cbc-b128" */ -&(nid_objs[411]),/* "rd128-cbc-b192" */ -&(nid_objs[414]),/* "rd128-cbc-b256" */ -&(nid_objs[409]),/* "rd192-cbc-b128" */ -&(nid_objs[412]),/* "rd192-cbc-b192" */ -&(nid_objs[415]),/* "rd192-cbc-b256" */ -&(nid_objs[410]),/* "rd256-cbc-b128" */ -&(nid_objs[413]),/* "rd256-cbc-b192" */ -&(nid_objs[416]),/* "rd256-cbc-b256" */ -&(nid_objs[396]),/* "rijndael-ecb-k128-b128" */ -&(nid_objs[399]),/* "rijndael-ecb-k128-b192" */ -&(nid_objs[402]),/* "rijndael-ecb-k128-b256" */ -&(nid_objs[397]),/* "rijndael-ecb-k192-b128" */ -&(nid_objs[400]),/* "rijndael-ecb-k192-b192" */ -&(nid_objs[403]),/* "rijndael-ecb-k192-b256" */ -&(nid_objs[398]),/* "rijndael-ecb-k256-b128" */ -&(nid_objs[401]),/* "rijndael-ecb-k256-b192" */ -&(nid_objs[404]),/* "rijndael-ecb-k256-b256" */ &(nid_objs[117]),/* "ripemd160" */ &(nid_objs[119]),/* "ripemd160WithRSA" */ &(nid_objs[19]),/* "rsa" */ @@ -2171,6 +2151,18 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[373]),/* OBJ_id_pkix_OCSP_valid 1 3 6 1 5 5 7 48 1 9 */ &(nid_objs[374]),/* OBJ_id_pkix_OCSP_path 1 3 6 1 5 5 7 48 1 10 */ &(nid_objs[375]),/* OBJ_id_pkix_OCSP_trustRoot 1 3 6 1 5 5 7 48 1 11 */ +&(nid_objs[394]),/* OBJ_aes_128_ecb 2 16 840 1 101 3 4 1 1 */ +&(nid_objs[395]),/* OBJ_aes_128_cbc 2 16 840 1 101 3 4 1 2 */ +&(nid_objs[396]),/* OBJ_aes_128_ofb 2 16 840 1 101 3 4 1 3 */ +&(nid_objs[397]),/* OBJ_aes_128_cfb 2 16 840 1 101 3 4 1 4 */ +&(nid_objs[398]),/* OBJ_aes_192_ecb 2 16 840 1 101 3 4 1 21 */ +&(nid_objs[399]),/* OBJ_aes_192_cbc 2 16 840 1 101 3 4 1 22 */ +&(nid_objs[400]),/* OBJ_aes_192_ofb 2 16 840 1 101 3 4 1 23 */ +&(nid_objs[401]),/* OBJ_aes_192_cfb 2 16 840 1 101 3 4 1 24 */ +&(nid_objs[402]),/* OBJ_aes_256_ecb 2 16 840 1 101 3 4 1 41 */ +&(nid_objs[403]),/* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */ +&(nid_objs[404]),/* OBJ_aes_256_ofb 2 16 840 1 101 3 4 1 43 */ +&(nid_objs[405]),/* OBJ_aes_256_cfb 2 16 840 1 101 3 4 1 44 */ &(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */ &(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */ &(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */ diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h index ccfea00d8c..616c98003e 100644 --- a/crypto/objects/obj_mac.h +++ b/crypto/objects/obj_mac.h @@ -1797,75 +1797,69 @@ #define NID_zlib_compression 125 #define OBJ_zlib_compression 1L,1L,1L,1L,666L,2L -#define SN_rijndael_ecb_k128_b128 "RIJNDAEL-ECB-K128-B128" -#define LN_rijndael_ecb_k128_b128 "rijndael-ecb-k128-b128" -#define NID_rijndael_ecb_k128_b128 396 - -#define SN_rijndael_ecb_k192_b128 "RIJNDAEL-ECB-K192-B128" -#define LN_rijndael_ecb_k192_b128 "rijndael-ecb-k192-b128" -#define NID_rijndael_ecb_k192_b128 397 - -#define SN_rijndael_ecb_k256_b128 "RIJNDAEL-ECB-K256-B128" -#define LN_rijndael_ecb_k256_b128 "rijndael-ecb-k256-b128" -#define NID_rijndael_ecb_k256_b128 398 - -#define SN_rijndael_ecb_k128_b192 "RIJNDAEL-ECB-K128-B192" -#define LN_rijndael_ecb_k128_b192 "rijndael-ecb-k128-b192" -#define NID_rijndael_ecb_k128_b192 399 - -#define SN_rijndael_ecb_k192_b192 "RIJNDAEL-ECB-K192-B192" -#define LN_rijndael_ecb_k192_b192 "rijndael-ecb-k192-b192" -#define NID_rijndael_ecb_k192_b192 400 - -#define SN_rijndael_ecb_k256_b192 "RIJNDAEL-ECB-K256-B192" -#define LN_rijndael_ecb_k256_b192 "rijndael-ecb-k256-b192" -#define NID_rijndael_ecb_k256_b192 401 - -#define SN_rijndael_ecb_k128_b256 "RIJNDAEL-ECB-K128-B256" -#define LN_rijndael_ecb_k128_b256 "rijndael-ecb-k128-b256" -#define NID_rijndael_ecb_k128_b256 402 - -#define SN_rijndael_ecb_k192_b256 "RIJNDAEL-ECB-K192-B256" -#define LN_rijndael_ecb_k192_b256 "rijndael-ecb-k192-b256" -#define NID_rijndael_ecb_k192_b256 403 - -#define SN_rijndael_ecb_k256_b256 "RIJNDAEL-ECB-K256-B256" -#define LN_rijndael_ecb_k256_b256 "rijndael-ecb-k256-b256" -#define NID_rijndael_ecb_k256_b256 404 - -#define SN_rd128_cbc_b128 "RD128-CBC-B128" -#define LN_rd128_cbc_b128 "rd128-cbc-b128" -#define NID_rd128_cbc_b128 408 - -#define SN_rd192_cbc_b128 "RD192-CBC-B128" -#define LN_rd192_cbc_b128 "rd192-cbc-b128" -#define NID_rd192_cbc_b128 409 - -#define SN_rd256_cbc_b128 |