From a6cd870784b190afcfd5c98b2957f73996aad4fb Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 16 Feb 2002 12:39:07 +0000 Subject: [PATCH] The AES modes OFB and CFB are defined with 128 feedback bits. This deviates from the "standard" 64 bits of feedback that all other algorithms are using. Therefore, let's redo certain EVP macros to accept different amounts of feedback bits for these modes. Also, change e_aes.c to provide all usually available modes for AES. CTR isn't included yet. --- crypto/evp/e_aes.c | 46 ++++++++++++++++----------------------- crypto/evp/e_bf.c | 2 +- crypto/evp/e_cast.c | 2 +- crypto/evp/e_des.c | 2 +- crypto/evp/e_des3.c | 4 ++-- crypto/evp/e_idea.c | 6 +++--- crypto/evp/e_rc2.c | 2 +- crypto/evp/e_rc5.c | 2 +- crypto/evp/evp_locl.h | 50 +++++++++++++++++++++++-------------------- 9 files changed, 55 insertions(+), 61 deletions(-) diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 9d91533a9..9d03a9602 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -66,34 +66,24 @@ typedef struct #define data(ctx) EVP_C_DATA(EVP_AES_KEY,ctx) -#define IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(cname, ksched, cprefix, kstruct, \ - nid, block_size, key_len, iv_len, flags, \ - init_key, cleanup, set_asn1, get_asn1, ctrl) \ -BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \ -BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ -BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \ - init_key, cleanup, set_asn1, get_asn1, ctrl) \ -BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, 0, flags, \ - init_key, cleanup, set_asn1, get_asn1, ctrl) - -IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(aes_128, ks, AES, EVP_AES_KEY, - NID_aes_128, 16, 16, 16, - 0, aes_init_key, NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, - NULL) -IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(aes_192, ks, AES, EVP_AES_KEY, - NID_aes_192, 16, 24, 16, - 0, aes_init_key, NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, - NULL) -IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(aes_256, ks, AES, EVP_AES_KEY, - NID_aes_256, 16, 32, 16, - 0, aes_init_key, NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, - NULL) +IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY, + NID_aes_128, 16, 16, 16, 128, + 0, aes_init_key, NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL) +IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY, + NID_aes_192, 16, 24, 16, 128, + 0, aes_init_key, NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL) +IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY, + NID_aes_256, 16, 32, 16, 128, + 0, aes_init_key, NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL) static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { diff --git a/crypto/evp/e_bf.c b/crypto/evp/e_bf.c index e543df749..e74337567 100644 --- a/crypto/evp/e_bf.c +++ b/crypto/evp/e_bf.c @@ -74,7 +74,7 @@ typedef struct #define data(ctx) EVP_C_DATA(EVP_BF_KEY,ctx) -IMPLEMENT_BLOCK_CIPHER(bf, ks, BF, EVP_BF_KEY, NID_bf, 8, 16, 8, +IMPLEMENT_BLOCK_CIPHER(bf, ks, BF, EVP_BF_KEY, NID_bf, 8, 16, 8, 64, EVP_CIPH_VARIABLE_LENGTH, bf_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) diff --git a/crypto/evp/e_cast.c b/crypto/evp/e_cast.c index 3d4079c4d..3400fef18 100644 --- a/crypto/evp/e_cast.c +++ b/crypto/evp/e_cast.c @@ -76,7 +76,7 @@ typedef struct #define data(ctx) EVP_C_DATA(EVP_CAST_KEY,ctx) IMPLEMENT_BLOCK_CIPHER(cast5, ks, CAST, EVP_CAST_KEY, - NID_cast5, 8, CAST_KEY_LENGTH, 8, + NID_cast5, 8, CAST_KEY_LENGTH, 8, 64, EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c index 3e2cf30a6..105266a4b 100644 --- a/crypto/evp/e_des.c +++ b/crypto/evp/e_des.c @@ -100,7 +100,7 @@ static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, return 1; } -BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, +BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64, 0, des_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index 13b396c5d..077860e7b 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -130,7 +130,7 @@ static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, return 1; } -BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, +BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, 0, des_ede_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, @@ -141,7 +141,7 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, #define des_ede3_cbc_cipher des_ede_cbc_cipher #define des_ede3_ecb_cipher des_ede_ecb_cipher -BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, +BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, 0, des_ede3_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, diff --git a/crypto/evp/e_idea.c b/crypto/evp/e_idea.c index 66f06c062..ed838d3e6 100644 --- a/crypto/evp/e_idea.c +++ b/crypto/evp/e_idea.c @@ -88,10 +88,10 @@ typedef struct } EVP_IDEA_KEY; BLOCK_CIPHER_func_cbc(idea, idea, EVP_IDEA_KEY, ks) -BLOCK_CIPHER_func_ofb(idea, idea, EVP_IDEA_KEY, ks) -BLOCK_CIPHER_func_cfb(idea, idea, EVP_IDEA_KEY, ks) +BLOCK_CIPHER_func_ofb(idea, idea, 64, EVP_IDEA_KEY, ks) +BLOCK_CIPHER_func_cfb(idea, idea, 64, EVP_IDEA_KEY, ks) -BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, +BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64, 0, idea_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) diff --git a/crypto/evp/e_rc2.c b/crypto/evp/e_rc2.c index b62d94197..4685198e2 100644 --- a/crypto/evp/e_rc2.c +++ b/crypto/evp/e_rc2.c @@ -83,7 +83,7 @@ typedef struct IMPLEMENT_BLOCK_CIPHER(rc2, ks, RC2, EVP_RC2_KEY, NID_rc2, 8, - RC2_KEY_LENGTH, 8, + RC2_KEY_LENGTH, 8, 64, EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, rc2_init_key, NULL, rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv, diff --git a/crypto/evp/e_rc5.c b/crypto/evp/e_rc5.c index e22aedd68..3c7713b18 100644 --- a/crypto/evp/e_rc5.c +++ b/crypto/evp/e_rc5.c @@ -78,7 +78,7 @@ typedef struct #define data(ctx) EVP_C_DATA(EVP_RC5_KEY,ctx) IMPLEMENT_BLOCK_CIPHER(rc5_32_12_16, ks, RC5_32, EVP_RC5_KEY, NID_rc5, - 8, RC5_32_KEY_LENGTH, 8, + 8, RC5_32_KEY_LENGTH, 8, 64, EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, r_32_12_16_init_key, NULL, NULL, NULL, rc5_ctrl) diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h index fbf0a3ab8..7b088b484 100644 --- a/crypto/evp/evp_locl.h +++ b/crypto/evp/evp_locl.h @@ -75,10 +75,10 @@ static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const uns return 1;\ } -#define BLOCK_CIPHER_func_ofb(cname, cprefix, kstruct, ksched) \ +#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \ static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ {\ - cprefix##_ofb64_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\ + cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\ return 1;\ } @@ -89,18 +89,18 @@ static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const uns return 1;\ } -#define BLOCK_CIPHER_func_cfb(cname, cprefix, kstruct, ksched) \ +#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ {\ - cprefix##_cfb64_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ + cprefix##_cfb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ return 1;\ } -#define BLOCK_CIPHER_all_funcs(cname, cprefix, kstruct, ksched) \ +#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \ BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \ - BLOCK_CIPHER_func_cfb(cname, cprefix, kstruct, ksched) \ + BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ - BLOCK_CIPHER_func_ofb(cname, cprefix, kstruct, ksched) + BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) #define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \ key_len, iv_len, flags, init_key, cleanup, \ @@ -125,16 +125,18 @@ BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \ iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl) #define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, block_size, key_len, \ - iv_len, flags, init_key, cleanup, set_asn1, \ - get_asn1, ctrl) \ -BLOCK_CIPHER_def1(cname, cfb64, cfb, CFB, kstruct, nid, block_size, key_len, \ - iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl) + iv_len, cbits, flags, init_key, cleanup, \ + set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def1(cname, cfb##cbits, cfb, CFB, kstruct, nid, block_size, \ + key_len, iv_len, flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) #define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, block_size, key_len, \ - iv_len, flags, init_key, cleanup, set_asn1, \ - get_asn1, ctrl) \ -BLOCK_CIPHER_def1(cname, ofb64, ofb, OFB, kstruct, nid, block_size, key_len, \ - iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl) + iv_len, cbits, flags, init_key, cleanup, \ + set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, block_size, \ + key_len, iv_len, flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) #define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \ iv_len, flags, init_key, cleanup, set_asn1, \ @@ -143,14 +145,14 @@ BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \ iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl) #define BLOCK_CIPHER_defs(cname, kstruct, \ - nid, block_size, key_len, iv_len, flags, \ + nid, block_size, key_len, iv_len, cbits, flags, \ init_key, cleanup, set_asn1, get_asn1, ctrl) \ BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \ init_key, cleanup, set_asn1, get_asn1, ctrl) \ -BLOCK_CIPHER_def_cfb(cname, kstruct, nid, block_size, key_len, iv_len, flags, \ - init_key, cleanup, set_asn1, get_asn1, ctrl) \ -BLOCK_CIPHER_def_ofb(cname, kstruct, nid, block_size, key_len, iv_len, flags, \ - init_key, cleanup, set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def_cfb(cname, kstruct, nid, block_size, key_len, iv_len, cbits, \ + flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def_ofb(cname, kstruct, nid, block_size, key_len, iv_len, cbits, \ + flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \ BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, iv_len, flags, \ init_key, cleanup, set_asn1, get_asn1, ctrl) @@ -214,10 +216,12 @@ const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } */ #define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \ - block_size, key_len, iv_len, flags, init_key, \ + block_size, key_len, iv_len, cbits, \ + flags, init_key, \ cleanup, set_asn1, get_asn1, ctrl) \ - BLOCK_CIPHER_all_funcs(cname, cprefix, kstruct, ksched) \ + BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \ BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \ - flags, init_key, cleanup, set_asn1, get_asn1, ctrl) + cbits, flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) #define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data)