The rest of the keysizes for CFB1, working AES AVS test for CFB1.

2003-07-29 13:24:27 +00:00 · 2003-07-29 13:24:27 +00:00 · c473d53898
commit c473d53898
parent e8f8249319
7 changed files with 78 additions and 25 deletions
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@ -84,6 +84,19 @@ IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
 		       EVP_CIPHER_get_asn1_iv,
 		       NULL)

+#define IMPLEMENT_CFBR(keysize,cbits) \
+	BLOCK_CIPHER_func_cfb(aes_##keysize,AES,cbits,EVP_AES_KEY,ks) \
+	BLOCK_CIPHER_def_cfb(aes_##keysize,EVP_AES_KEY, \
+			     NID_aes_##keysize, keysize/8, 16, cbits, \
+			     0, aes_init_key, NULL, \
+			     EVP_CIPHER_set_asn1_iv, \
+			     EVP_CIPHER_get_asn1_iv, \
+			     NULL)
+
+IMPLEMENT_CFBR(128,1)
+IMPLEMENT_CFBR(192,1)
+IMPLEMENT_CFBR(256,1)
+     /*
 BLOCK_CIPHER_func_cfb(aes_128,AES,1,EVP_AES_KEY,ks)
 BLOCK_CIPHER_def_cfb(aes_128,EVP_AES_KEY,
 		     NID_aes_128, 16, 16, 1,
@ -91,6 +104,7 @@ BLOCK_CIPHER_def_cfb(aes_128,EVP_AES_KEY,
 		     EVP_CIPHER_set_asn1_iv,
 		     EVP_CIPHER_get_asn1_iv,
 		     NULL)
+     */

 static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 		   const unsigned char *iv, int enc)
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@ -62,12 +62,12 @@
 * [including the GNU Public Licence.]
 */

-#define NUM_NID 651
-#define NUM_SN 644
-#define NUM_LN 644
-#define NUM_OBJ 618
+#define NUM_NID 653
+#define NUM_SN 646
+#define NUM_LN 646
+#define NUM_OBJ 620

-static unsigned char lvalues[4461]={
+static unsigned char lvalues[4473]={
 0x00,                                        /* [  0] OBJ_undef */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  1] OBJ_rsadsi */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  7] OBJ_pkcs */
@ -686,6 +686,8 @@ static unsigned char lvalues[4461]={
 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4434] OBJ_ms_smartcard_login */
 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4444] OBJ_ms_upn */
 0x29,0x01,0x01,0x85,0x1A,0x03,               /* [4454] OBJ_aes_128_cfb1 */
+0x29,0x01,0x01,0x85,0x1A,0x04,               /* [4460] OBJ_aes_192_cfb1 */
+0x29,0x01,0x01,0x85,0x1A,0x05,               /* [4466] OBJ_aes_256_cfb1 */
 };

 static ASN1_OBJECT nid_objs[NUM_NID]={
@ -1730,6 +1732,8 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
 {"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10,
 	&(lvalues[4444]),0},
 {"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,6,&(lvalues[4454]),0},
+{"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,6,&(lvalues[4460]),0},
+{"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,6,&(lvalues[4466]),0},
 };

 static ASN1_OBJECT *sn_objs[NUM_SN]={
@ -1741,10 +1745,12 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
 &(nid_objs[420]),/* "AES-128-OFB" */
 &(nid_objs[423]),/* "AES-192-CBC" */
 &(nid_objs[425]),/* "AES-192-CFB" */
+&(nid_objs[651]),/* "AES-192-CFB1" */
 &(nid_objs[422]),/* "AES-192-ECB" */
 &(nid_objs[424]),/* "AES-192-OFB" */
 &(nid_objs[427]),/* "AES-256-CBC" */
 &(nid_objs[429]),/* "AES-256-CFB" */
+&(nid_objs[652]),/* "AES-256-CFB1" */
 &(nid_objs[426]),/* "AES-256-ECB" */
 &(nid_objs[428]),/* "AES-256-OFB" */
 &(nid_objs[91]),/* "BF-CBC" */
@ -2493,10 +2499,12 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
 &(nid_objs[420]),/* "aes-128-ofb" */
 &(nid_objs[423]),/* "aes-192-cbc" */
 &(nid_objs[425]),/* "aes-192-cfb" */
+&(nid_objs[651]),/* "aes-192-cfb1" */
 &(nid_objs[422]),/* "aes-192-ecb" */
 &(nid_objs[424]),/* "aes-192-ofb" */
 &(nid_objs[427]),/* "aes-256-cbc" */
 &(nid_objs[429]),/* "aes-256-cfb" */
+&(nid_objs[652]),/* "aes-256-cfb1" */
 &(nid_objs[426]),/* "aes-256-ecb" */
 &(nid_objs[428]),/* "aes-256-ofb" */
 &(nid_objs[376]),/* "algorithm" */
@ -3240,6 +3248,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
 &(nid_objs[124]),/* OBJ_rle_compression              1 1 1 1 666 1 */
 &(nid_objs[125]),/* OBJ_zlib_compression             1 1 1 1 666 2 */
 &(nid_objs[650]),/* OBJ_aes_128_cfb1                 1 1 1 1 666 3 */
+&(nid_objs[651]),/* OBJ_aes_192_cfb1                 1 1 1 1 666 4 */
+&(nid_objs[652]),/* OBJ_aes_256_cfb1                 1 1 1 1 666 5 */
 &(nid_objs[ 1]),/* OBJ_rsadsi                       1 2 840 113549 */
 &(nid_objs[185]),/* OBJ_X9cm                         1 2 840 10040 4 */
 &(nid_objs[127]),/* OBJ_id_pkix                      1 3 6 1 5 5 7 */
--- a/crypto/objects/obj_mac.h
+++ b/crypto/objects/obj_mac.h
@ -2014,6 +2014,16 @@
 #define NID_aes_128_cfb1		650
 #define OBJ_aes_128_cfb1		1L,1L,1L,1L,666L,3L

+#define SN_aes_192_cfb1		"AES-192-CFB1"
+#define LN_aes_192_cfb1		"aes-192-cfb1"
+#define NID_aes_192_cfb1		651
+#define OBJ_aes_192_cfb1		1L,1L,1L,1L,666L,4L
+
+#define SN_aes_256_cfb1		"AES-256-CFB1"
+#define LN_aes_256_cfb1		"aes-256-cfb1"
+#define NID_aes_256_cfb1		652
+#define OBJ_aes_256_cfb1		1L,1L,1L,1L,666L,5L
+
 #define SN_hold_instruction_code		"holdInstructionCode"
 #define LN_hold_instruction_code		"Hold Instruction Code"
 #define NID_hold_instruction_code		430
--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@ -648,3 +648,5 @@ international_organizations		647
 ms_smartcard_login		648
 ms_upn		649
 aes_128_cfb1		650
+aes_192_cfb1		651
+aes_256_cfb1		652
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@ -684,6 +684,8 @@ aes 44			: AES-256-CFB		: aes-256-cfb
 # There are no OIDs for these modes...

 1 1 1 1 666 3		: AES-128-CFB1		: aes-128-cfb1
+1 1 1 1 666 4		: AES-192-CFB1		: aes-192-cfb1
+1 1 1 1 666 5		: AES-256-CFB1		: aes-256-cfb1

 # Hold instruction CRL entry extension
 !Cname hold-instruction-code
--- a/fips/aes/Makefile.ssl
+++ b/fips/aes/Makefile.ssl
@ -67,7 +67,7 @@ tags:

 tests:

-fips_aesavs: fips_aesavs.o
+fips_aesavs: fips_aesavs.o ../../libcrypto.a
 	$(CC) $(CFLAGS) -o fips_aesavs fips_aesavs.o ../../libcrypto.a

 fips_test: top
--- a/fips/aes/fips_aesavs.c
+++ b/fips/aes/fips_aesavs.c
@ -105,6 +105,12 @@ int AESTest(EVP_CIPHER_CTX *ctx,
 	    case 5128:
 		cipher=EVP_aes_128_cfb1();
 		break;
+	    case 5192:
+		cipher=EVP_aes_192_cfb1();
+		break;
+	    case 5256:
+		cipher=EVP_aes_256_cfb1();
+		break;
 	    default:
 		printf("Didn't handle mode %d\n",kt);
 		exit(1);
@ -207,16 +213,22 @@ void PrintValue(char *tag, unsigned char *val, int len)
 #endif
 }

-void OutputValue(char *tag, unsigned char *val, int len, FILE *rfp)
-{
-  char obuf[2048];
-  int olen;
-  olen = bin2hex(val, len, obuf);
-  fprintf(rfp, "%s = %.*s\n", tag, olen, obuf);
+void OutputValue(char *tag, unsigned char *val, int len, FILE *rfp,int bitmode)
+    {
+    char obuf[2048];
+    int olen;
+
+    if(bitmode)
+	fprintf(rfp,"%s = %d\n",tag,val[0] ? 1 : 0);
+    else
+	{
+	olen = bin2hex(val, len, obuf);
+	fprintf(rfp, "%s = %.*s\n", tag, olen, obuf);
+	}
 #if VERBOSE
-  printf("%s = %.*s\n", tag, olen, obuf);
+    printf("%s = %.*s\n", tag, olen, obuf);
 #endif
-}
+    }

 /*-----------------------------------------------*/
 char *t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"};
@ -276,11 +288,12 @@ int do_mct(char *amode,
 	/* printf("Iteration %d\n", i); */
 	if (i > 0)
 	    {
-	    OutputValue("KEY", key[i], nkeysz, rfp);
+	    OutputValue("KEY",key[i],nkeysz,rfp,0);
 	    if (imode != ECB)  /* ECB */
-		OutputValue("IV", iv[i], AES_BLOCK_SIZE, rfp);
+		OutputValue("IV",iv[i],AES_BLOCK_SIZE,rfp,0);
 	    /* Output Ciphertext | Plaintext */
-	    OutputValue(t_tag[dir^1], (dir)? ptext[0]: ctext[0], len, rfp);
+	    OutputValue(t_tag[dir^1],dir ? ptext[0] : ctext[0],len,rfp,
+			imode == CFB1);
 	    }
 	for (j = 0; j < 1000; ++j)
 	    {
@ -373,6 +386,9 @@ int do_mct(char *amode,
 	    case CFB1:
 		if(j == 0)
 		    {
+		    /* compensate for wrong endianness of input file */
+		    if(i == 0)
+			ptext[0][0]<<=7;
 		    ret=AESTest(&ctx,amode,akeysz,key[i],iv[i],dir,
 				(char*)ptext[j], ctext[j], len);
 		    }
@ -403,10 +419,8 @@ int do_mct(char *amode,
 	    }
 	--j; /* reset to last of range */
 	/* Output Ciphertext | Plaintext */
-	if(imode == CFB1)
-	    fprintf(rfp,"%s = %d\n",t_tag[dir],(dir?ctext[j]:ptext[j])[0]&1);
-	else
-	    OutputValue(t_tag[dir], (dir)?ctext[j]:ptext[j], len, rfp);
+	OutputValue(t_tag[dir],dir ? ctext[j] : ptext[j],len,rfp,
+		    imode == CFB1);
 	fprintf(rfp, "\n");  /* add separator */

 	/* Compute next KEY */
@ -493,7 +507,7 @@ int do_mct(char *amode,
 	    case CFB1:
 		for(n1=0,n2=127 ; n1 < 128 ; ++n1,--n2)
 		    sb(iv[i+1],n1,gb(ctext[j-n2],0));
-		ptext[0][0]=ctext[j-128][0]&1;
+		ptext[0][0]=ctext[j-128][0]&0x80;
 		break;
 		}
 	    }
@ -518,7 +532,7 @@ int do_mct(char *amode,
 	    case CFB1:
 		for(n1=0,n2=127 ; n1 < 128 ; ++n1,--n2)
 		    sb(iv[i+1],n1,gb(ptext[j-n2],0));
-		ctext[0][0]=ptext[j-128][0]&1;
+		ctext[0][0]=ptext[j-128][0]&0x80;
 		break;
 		}
 	    }
@ -759,7 +773,7 @@ int proc_file(char *rqfile)
 		  ret = AESTest(&ctx, amode, akeysz, aKey, iVec, 
 				dir,  /* 0 = decrypt, 1 = encrypt */
 				plaintext, ciphertext, len);
-		  OutputValue("CIPHERTEXT", ciphertext, len, rfp);
+		  OutputValue("CIPHERTEXT",ciphertext,len,rfp,0);
 		}
 	      step = 6;
 	    }
@ -793,7 +807,8 @@ int proc_file(char *rqfile)
 		  ret = AESTest(&ctx, amode, akeysz, aKey, iVec, 
 				dir,  /* 0 = decrypt, 1 = encrypt */
 				plaintext, ciphertext, len);
-		  OutputValue("PLAINTEXT", (unsigned char*)plaintext, len, rfp);
+		  OutputValue("PLAINTEXT",(unsigned char *)plaintext,len,rfp,
+			      0);
 		}
 	      step = 6;
 	    }