generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix AES code.

Browse Source 
Update Rijndael source to v3.0

Add AES OIDs.

Change most references of Rijndael to AES.

Add new draft AES ciphersuites.
This commit is contained in:
Dr. Stephen Henson 2001-02-07 18:15:18 +00:00
parent d4219c485b
commit deb2c1a1c5
23 changed files with 2054 additions and 4994 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGES
View File

@ -3,6 +3,12 @@
Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
*) Update Rijndael code to version 3.0 and change EVP AES ciphers to
handle the new API. Currently only ECB, CBC modes supported. Add new
AES OIDs. Add TLS AES ciphersuites as described in the "AES Ciphersuites
for TLS" draft-ietf-tls-ciphersuite-03.txt.
[Ben Laurie, Steve Henson]
*) In the NCONF_...-based implementations for CONF_... queries
(crypto/conf/conf_lib.c), if the input LHASH is NULL, avoid using
a temporary CONF structure with the data component set to NULL

38
crypto/evp/Makefile.ssl
View File

@ -24,7 +24,7 @@ APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC= encode.c digest.c evp_enc.c evp_key.c \
e_des.c e_bf.c e_idea.c e_des3.c \
e_rc4.c e_rd.c names.c \
e_rc4.c e_aes.c names.c \
e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \
m_dss.c m_dss1.c m_mdc2.c m_ripemd.c \
@ -35,7 +35,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c \
LIBOBJ= encode.o digest.o evp_enc.o evp_key.o \
e_des.o e_bf.o e_idea.o e_des3.o \
e_rc4.o e_rd.o names.o \
e_rc4.o e_aes.o names.o \
e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \
m_dss.o m_dss1.o m_mdc2.o m_ripemd.o \
@ -254,6 +254,23 @@ digest.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
digest.o: ../cryptlib.h
e_aes.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_aes.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
e_aes.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
e_aes.o: ../../include/openssl/des.h ../../include/openssl/dh.h
e_aes.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
e_aes.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
e_aes.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
e_aes.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
e_aes.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h
e_aes.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
e_aes.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
e_aes.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
e_aes.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
e_bf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
e_bf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@ -425,23 +442,6 @@ e_rc5.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
e_rc5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
e_rc5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
e_rc5.o: ../cryptlib.h evp_locl.h
e_rd.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_rd.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
e_rd.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
e_rd.o: ../../include/openssl/des.h ../../include/openssl/dh.h
e_rd.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
e_rd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
e_rd.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
e_rd.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
e_rd.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
e_rd.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
e_rd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
e_rd.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h
e_rd.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
e_rd.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
e_rd.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
e_rd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
e_rd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
e_xcbc_d.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_xcbc_d.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
e_xcbc_d.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h

15
crypto/evp/c_allc.c
View File

@ -64,7 +64,6 @@
void OpenSSL_add_all_ciphers(void)
{
int i,j;
#ifndef NO_DES
EVP_add_cipher(EVP_des_cfb());
@ -147,13 +146,13 @@ void OpenSSL_add_all_ciphers(void)
EVP_add_cipher_alias(SN_rc5_cbc,"RC5");
#endif
#ifndef NO_RIJNDAEL
for(i=0 ; i < 3 ; ++i)
for(j=0 ; j < 3 ; ++j)
{
EVP_add_cipher(EVP_rijndael_ecb(i,j));
EVP_add_cipher(EVP_rijndael_cbc(i,j));
}
#ifndef NO_AES
EVP_add_cipher(EVP_aes_128_ecb());
EVP_add_cipher(EVP_aes_128_cbc());
EVP_add_cipher(EVP_aes_192_ecb());
EVP_add_cipher(EVP_aes_192_cbc());
EVP_add_cipher(EVP_aes_256_ecb());
EVP_add_cipher(EVP_aes_256_cbc());
#endif
PKCS12_PBE_add();
PKCS5_PBE_add();

153
crypto/evp/e_aes.c Normal file
View File

@ -0,0 +1,153 @@
/* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <openssl/evp.h>
#include <openssl/err.h>
#include <string.h>
#include <assert.h>
static int aes_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
static int aes_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl);
static int aes_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl);
#define IMPLEMENT_AES_CIPHER(name, ciph_func, keylen, ivlen, mode) \
static EVP_CIPHER name##_cipher_st = \
{ \
NID_##name, \
16,keylen,ivlen, \
mode, \
aes_init, \
ciph_func, \
NULL, \
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ \
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rijndael)), \
EVP_CIPHER_set_asn1_iv, \
EVP_CIPHER_get_asn1_iv, \
NULL, \
NULL \
}; \
EVP_CIPHER * EVP_##name(void) \
{ \
return &name##_cipher_st; \
}
IMPLEMENT_AES_CIPHER(aes_128_ecb, aes_ecb, 16, 0, EVP_CIPH_ECB_MODE)
IMPLEMENT_AES_CIPHER(aes_192_ecb, aes_ecb, 24, 0, EVP_CIPH_ECB_MODE)
IMPLEMENT_AES_CIPHER(aes_256_ecb, aes_ecb, 32, 0, EVP_CIPH_ECB_MODE)
IMPLEMENT_AES_CIPHER(aes_128_cbc, aes_cbc, 16, 16, EVP_CIPH_CBC_MODE)
IMPLEMENT_AES_CIPHER(aes_192_cbc, aes_cbc, 24, 24, EVP_CIPH_CBC_MODE)
IMPLEMENT_AES_CIPHER(aes_256_cbc, aes_cbc, 32, 32, EVP_CIPH_CBC_MODE)
static int aes_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
RIJNDAEL_KEY *k=&ctx->c.rijndael;
if (enc)
k->rounds = rijndaelKeySetupEnc(k->rd_key, key, ctx->key_len * 8);
else
k->rounds = rijndaelKeySetupDec(k->rd_key, key, ctx->key_len * 8);
return 1;
}
static int aes_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl)
{
RIJNDAEL_KEY *k=&ctx->c.rijndael;
while(inl > 0)
{
if(ctx->encrypt)
rijndaelEncrypt(k->rd_key,k->rounds, in, out);
else
rijndaelDecrypt(k->rd_key,k->rounds, in, out);
inl-=16;
in+=16;
out+=16;
}
assert(inl == 0);
return 1;
}
static int aes_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl)
{
int n;
unsigned char tmp[16];
RIJNDAEL_KEY *k=&ctx->c.rijndael;
while(inl > 0)
{
if(ctx->encrypt)
{
for(n=0 ; n < 16 ; n++)
tmp[n] = in[n] ^ ctx->iv[n];
rijndaelEncrypt(k->rd_key,k->rounds, tmp, out);
memcpy(ctx->iv,out,16);
}
else
{
memcpy(tmp, in, 16);
rijndaelDecrypt(k->rd_key,k->rounds, in, out);
for(n=0 ; n < 16 ; n++)
out[n] ^= ctx->iv[n];
memcpy(ctx->iv,tmp,16);
}
inl-=16;
in+=16;
out+=16;
}
assert(inl == 0);
return 1;
}

203
crypto/evp/e_rd.c
View File

@ -1,203 +0,0 @@
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <openssl/evp.h>
#include <openssl/err.h>
#include <memory.h>
#include <assert.h>
static EVP_CIPHER rd_cipher[3][3];
static int anSizes[]={16,24,32};
static int anECBNIDs[3][3]=
{
{ NID_rijndael_ecb_k128_b128,NID_rijndael_ecb_k192_b128,NID_rijndael_ecb_k256_b128 },
{ NID_rijndael_ecb_k128_b192,NID_rijndael_ecb_k192_b192,NID_rijndael_ecb_k256_b192 },
{ NID_rijndael_ecb_k128_b256,NID_rijndael_ecb_k192_b256,NID_rijndael_ecb_k256_b256 }
};
static int anCBCNIDs[3][3]=
{
{ NID_rd128_cbc_b128,NID_rd192_cbc_b128,NID_rd256_cbc_b128 },
{ NID_rd128_cbc_b192,NID_rd192_cbc_b192,NID_rd256_cbc_b192 },
{ NID_rd128_cbc_b256,NID_rd192_cbc_b256,NID_rd256_cbc_b256 }
};
static int rd_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
RIJNDAEL_KEY *k=&ctx->c.rijndael;
k->enc=enc;
k->rounds=ctx->cipher->key_len/4+6;
rijndaelKeySched((const word8 (*)[4])key,k->keySched,k->rounds);
if(!k->enc)
rijndaelKeyEncToDec(k->keySched,k->rounds);
memcpy(k->iv,iv,ctx->cipher->iv_len);
return 1;
}
static int rd_cipher_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl)
{
while(inl > 0)
{
if(ctx->c.rijndael.enc)
rijndaelEncrypt(in,out,ctx->c.rijndael.keySched,
ctx->c.rijndael.rounds);
else
rijndaelDecrypt(in,out,ctx->c.rijndael.keySched,
ctx->c.rijndael.rounds);
inl-=16;
in+=16;
out+=16;
}
assert(inl == 0);
return 1;
}
static int rd_cipher_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl)
{
int n;
unsigned char tmp[16];
while(inl > 0)
{
if(ctx->c.rijndael.enc)
{
for(n=0 ; n < 16 ; ++n)
tmp[n]=in[n]^ctx->c.rijndael.iv[n];
rijndaelEncrypt(tmp,out,ctx->c.rijndael.keySched,
ctx->c.rijndael.rounds);
memcpy(ctx->c.rijndael.iv,out,16);
}
else
{
rijndaelDecrypt(in,out,ctx->c.rijndael.keySched,
ctx->c.rijndael.rounds);
for(n=0 ; n < 16 ; ++n)
out[n]^=ctx->c.rijndael.iv[n];
memcpy(ctx->c.rijndael.iv,in,16);
}
inl-=16;
in+=16;
out+=16;
}
assert(inl == 0);
return 1;
}
EVP_CIPHER *EVP_rijndael_ecb(int nBlockLength,int nKeyLength)
{
EVP_CIPHER *c;
if(nBlockLength < 0 || nBlockLength > 2)
{
EVPerr(EVP_F_EVP_RIJNDAEL,EVP_R_BAD_BLOCK_LENGTH);
return NULL;
}
if(nKeyLength < 0 || nKeyLength > 2)
{
EVPerr(EVP_F_EVP_RIJNDAEL,EVP_R_BAD_KEY_LENGTH);
return NULL;
}
c=&rd_cipher[nKeyLength][nBlockLength];
memset(c,'\0',sizeof *c);
c->nid=anECBNIDs[nBlockLength][nKeyLength];
c->block_size=anSizes[nBlockLength];
c->key_len=anSizes[nKeyLength];
c->iv_len=16;
c->flags=EVP_CIPH_ECB_MODE;
c->init=rd_init;
c->do_cipher=rd_cipher_ecb;
c->ctx_size=sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rijndael));
return c;
}
EVP_CIPHER *EVP_rijndael_cbc(int nBlockLength,int nKeyLength)
{
EVP_CIPHER *c;
if(nBlockLength < 0 || nBlockLength > 2)
{
EVPerr(EVP_F_EVP_RIJNDAEL,EVP_R_BAD_BLOCK_LENGTH);
return NULL;
}
if(nKeyLength < 0 || nKeyLength > 2)
{
EVPerr(EVP_F_EVP_RIJNDAEL,EVP_R_BAD_KEY_LENGTH);
return NULL;
}
c=&rd_cipher[nKeyLength][nBlockLength];
memset(c,'\0',sizeof *c);
c->nid=anCBCNIDs[nBlockLength][nKeyLength];
c->block_size=anSizes[nBlockLength];
c->key_len=anSizes[nKeyLength];
c->iv_len=16;
c->flags=EVP_CIPH_CBC_MODE;
c->init=rd_init;
c->do_cipher=rd_cipher_cbc;
c->ctx_size=sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rijndael));
return c;
}

14
crypto/evp/evp.h
View File

@ -109,7 +109,7 @@
#ifndef NO_MDC2
#include <openssl/mdc2.h>
#endif
#ifndef NO_RIJNDAEL
#ifndef NO_AES
#include <openssl/rijndael.h>
#endif
@ -449,7 +449,7 @@ struct evp_cipher_ctx_st
#ifndef NO_CAST
CAST_KEY cast_ks;/* key schedule */
#endif
#ifndef NO_RIJNDAEL
#ifndef NO_AES
RIJNDAEL_KEY rijndael;
#endif
} c;
@ -705,9 +705,13 @@ EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
#endif
#ifndef NO_RIJNDAEL
EVP_CIPHER *EVP_rijndael_ecb(int nBlockLength,int nKeyLength);
EVP_CIPHER *EVP_rijndael_cbc(int nBlockLength,int nKeyLength);
#ifndef NO_AES
EVP_CIPHER *EVP_aes_128_ecb(void);
EVP_CIPHER *EVP_aes_128_cbc(void);
EVP_CIPHER *EVP_aes_192_ecb(void);
EVP_CIPHER *EVP_aes_192_cbc(void);
EVP_CIPHER *EVP_aes_256_ecb(void);
EVP_CIPHER *EVP_aes_256_cbc(void);
#endif
void OpenSSL_add_all_algorithms(void);

138
crypto/objects/obj_dat.h
View File

@ -61,12 +61,12 @@
* perl obj_dat.pl objects.h obj_dat.h
*/
#define NUM_NID 417
#define NUM_SN 410
#define NUM_LN 410
#define NUM_OBJ 366
#define NUM_NID 406
#define NUM_SN 404
#define NUM_LN 404
#define NUM_OBJ 378
static unsigned char lvalues[2896]={
static unsigned char lvalues[3004]={
0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
@ -433,6 +433,18 @@ static unsigned char lvalues[2896]={
0xBA,0x82,0x58, /* [2872] OBJ_dcObject */
0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2875] OBJ_domainComponent */
0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2885] OBJ_Domain */
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [2895] OBJ_aes_128_ecb */
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [2904] OBJ_aes_128_cbc */
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [2913] OBJ_aes_128_ofb */
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [2922] OBJ_aes_128_cfb */
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [2931] OBJ_aes_192_ecb */
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [2940] OBJ_aes_192_cbc */
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [2949] OBJ_aes_192_ofb */
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [2958] OBJ_aes_192_cfb */
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [2967] OBJ_aes_256_ecb */
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [2976] OBJ_aes_256_cbc */
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [2985] OBJ_aes_256_ofb */
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [2994] OBJ_aes_256_cfb */
};
static ASN1_OBJECT nid_objs[NUM_NID]={
@ -1046,42 +1058,34 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2875]),0},
{"domain","Domain",NID_Domain,10,&(lvalues[2885]),0},
{NULL,NULL,NID_undef,0,NULL},
{NULL,NULL,NID_undef,0,NULL},
{NULL,NULL,NID_undef,0,NULL},
{"RIJNDAEL-ECB-K128-B128","rijndael-ecb-k128-b128",
NID_rijndael_ecb_k128_b128,0,NULL},
{"RIJNDAEL-ECB-K192-B128","rijndael-ecb-k192-b128",
NID_rijndael_ecb_k192_b128,0,NULL},
{"RIJNDAEL-ECB-K256-B128","rijndael-ecb-k256-b128",
NID_rijndael_ecb_k256_b128,0,NULL},
{"RIJNDAEL-ECB-K128-B192","rijndael-ecb-k128-b192",
NID_rijndael_ecb_k128_b192,0,NULL},
{"RIJNDAEL-ECB-K192-B192","rijndael-ecb-k192-b192",
NID_rijndael_ecb_k192_b192,0,NULL},
{"RIJNDAEL-ECB-K256-B192","rijndael-ecb-k256-b192",
NID_rijndael_ecb_k256_b192,0,NULL},
{"RIJNDAEL-ECB-K128-B256","rijndael-ecb-k128-b256",
NID_rijndael_ecb_k128_b256,0,NULL},
{"RIJNDAEL-ECB-K192-B256","rijndael-ecb-k192-b256",
NID_rijndael_ecb_k192_b256,0,NULL},
{"RIJNDAEL-ECB-K256-B256","rijndael-ecb-k256-b256",
NID_rijndael_ecb_k256_b256,0,NULL},
{NULL,NULL,NID_undef,0,NULL},
{NULL,NULL,NID_undef,0,NULL},
{NULL,NULL,NID_undef,0,NULL},
{"RD128-CBC-B128","rd128-cbc-b128",NID_rd128_cbc_b128,0,NULL},
{"RD192-CBC-B128","rd192-cbc-b128",NID_rd192_cbc_b128,0,NULL},
{"RD256-CBC-B128","rd256-cbc-b128",NID_rd256_cbc_b128,0,NULL},
{"RD128-CBC-B192","rd128-cbc-b192",NID_rd128_cbc_b192,0,NULL},
{"RD192-CBC-B192","rd192-cbc-b192",NID_rd192_cbc_b192,0,NULL},
{"RD256-CBC-B192","rd256-cbc-b192",NID_rd256_cbc_b192,0,NULL},
{"RD128-CBC-B256","rd128-cbc-b256",NID_rd128_cbc_b256,0,NULL},
{"RD192-CBC-B256","rd192-cbc-b256",NID_rd192_cbc_b256,0,NULL},
{"RD256-CBC-B256","rd256-cbc-b256",NID_rd256_cbc_b256,0,NULL},
{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[2895]),0},
{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[2904]),0},
{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb,9,&(lvalues[2913]),0},
{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb,9,&(lvalues[2922]),0},
{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[2931]),0},
{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[2940]),0},
{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb,9,&(lvalues[2949]),0},
{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb,9,&(lvalues[2958]),0},
{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[2967]),0},
{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[2976]),0},
{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb,9,&(lvalues[2985]),0},
{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb,9,&(lvalues[2994]),0},
};
static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[364]),/* "AD_DVCS" */
&(nid_objs[395]),/* "AES-128-CBC" */
&(nid_objs[397]),/* "AES-128-CFB" */
&(nid_objs[394]),/* "AES-128-ECB" */
&(nid_objs[396]),/* "AES-128-OFB" */
&(nid_objs[399]),/* "AES-192-CBC" */
&(nid_objs[401]),/* "AES-192-CFB" */
&(nid_objs[398]),/* "AES-192-ECB" */
&(nid_objs[400]),/* "AES-192-OFB" */
&(nid_objs[403]),/* "AES-256-CBC" */
&(nid_objs[405]),/* "AES-256-CFB" */
&(nid_objs[402]),/* "AES-256-ECB" */
&(nid_objs[404]),/* "AES-256-OFB" */
&(nid_objs[91]),/* "BF-CBC" */
&(nid_objs[93]),/* "BF-CFB" */
&(nid_objs[92]),/* "BF-ECB" */
@ -1167,24 +1171,6 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[122]),/* "RC5-CFB" */
&(nid_objs[121]),/* "RC5-ECB" */
&(nid_objs[123]),/* "RC5-OFB" */
&(nid_objs[408]),/* "RD128-CBC-B128" */
&(nid_objs[411]),/* "RD128-CBC-B192" */
&(nid_objs[414]),/* "RD128-CBC-B256" */
&(nid_objs[409]),/* "RD192-CBC-B128" */
&(nid_objs[412]),/* "RD192-CBC-B192" */
&(nid_objs[415]),/* "RD192-CBC-B256" */
&(nid_objs[410]),/* "RD256-CBC-B128" */
&(nid_objs[413]),/* "RD256-CBC-B192" */
&(nid_objs[416]),/* "RD256-CBC-B256" */
&(nid_objs[396]),/* "RIJNDAEL-ECB-K128-B128" */
&(nid_objs[399]),/* "RIJNDAEL-ECB-K128-B192" */
&(nid_objs[402]),/* "RIJNDAEL-ECB-K128-B256" */
&(nid_objs[397]),/* "RIJNDAEL-ECB-K192-B128" */
&(nid_objs[400]),/* "RIJNDAEL-ECB-K192-B192" */
&(nid_objs[403]),/* "RIJNDAEL-ECB-K192-B256" */
&(nid_objs[398]),/* "RIJNDAEL-ECB-K256-B128" */
&(nid_objs[401]),/* "RIJNDAEL-ECB-K256-B192" */
&(nid_objs[404]),/* "RIJNDAEL-ECB-K256-B256" */
&(nid_objs[117]),/* "RIPEMD160" */
&(nid_objs[124]),/* "RLE" */
&(nid_objs[19]),/* "RSA" */
@ -1580,6 +1566,18 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[287]),/* "ac-auditEntity" */
&(nid_objs[288]),/* "ac-targeting" */
&(nid_objs[364]),/* "ad dvcs" */
&(nid_objs[395]),/* "aes-128-cbc" */
&(nid_objs[397]),/* "aes-128-cfb" */
&(nid_objs[394]),/* "aes-128-ecb" */
&(nid_objs[396]),/* "aes-128-ofb" */
&(nid_objs[399]),/* "aes-192-cbc" */
&(nid_objs[401]),/* "aes-192-cfb" */
&(nid_objs[398]),/* "aes-192-ecb" */
&(nid_objs[400]),/* "aes-192-ofb" */
&(nid_objs[403]),/* "aes-256-cbc" */
&(nid_objs[405]),/* "aes-256-cfb" */
&(nid_objs[402]),/* "aes-256-ecb" */
&(nid_objs[404]),/* "aes-256-ofb" */
&(nid_objs[376]),/* "algorithm" */
&(nid_objs[91]),/* "bf-cbc" */
&(nid_objs[93]),/* "bf-cfb" */
@ -1855,24 +1853,6 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[122]),/* "rc5-cfb" */
&(nid_objs[121]),/* "rc5-ecb" */
&(nid_objs[123]),/* "rc5-ofb" */
&(nid_objs[408]),/* "rd128-cbc-b128" */
&(nid_objs[411]),/* "rd128-cbc-b192" */
&(nid_objs[414]),/* "rd128-cbc-b256" */
&(nid_objs[409]),/* "rd192-cbc-b128" */
&(nid_objs[412]),/* "rd192-cbc-b192" */
&(nid_objs[415]),/* "rd192-cbc-b256" */
&(nid_objs[410]),/* "rd256-cbc-b128" */
&(nid_objs[413]),/* "rd256-cbc-b192" */
&(nid_objs[416]),/* "rd256-cbc-b256" */
&(nid_objs[396]),/* "rijndael-ecb-k128-b128" */
&(nid_objs[399]),/* "rijndael-ecb-k128-b192" */
&(nid_objs[402]),/* "rijndael-ecb-k128-b256" */
&(nid_objs[397]),/* "rijndael-ecb-k192-b128" */
&(nid_objs[400]),/* "rijndael-ecb-k192-b192" */
&(nid_objs[403]),/* "rijndael-ecb-k192-b256" */
&(nid_objs[398]),/* "rijndael-ecb-k256-b128" */
&(nid_objs[401]),/* "rijndael-ecb-k256-b192" */
&(nid_objs[404]),/* "rijndael-ecb-k256-b256" */
&(nid_objs[117]),/* "ripemd160" */
&(nid_objs[119]),/* "ripemd160WithRSA" */
&(nid_objs[19]),/* "rsa" */
@ -2171,6 +2151,18 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[373]),/* OBJ_id_pkix_OCSP_valid 1 3 6 1 5 5 7 48 1 9 */
&(nid_objs[374]),/* OBJ_id_pkix_OCSP_path 1 3 6 1 5 5 7 48 1 10 */
&(nid_objs[375]),/* OBJ_id_pkix_OCSP_trustRoot 1 3 6 1 5 5 7 48 1 11 */
&(nid_objs[394]),/* OBJ_aes_128_ecb 2 16 840 1 101 3 4 1 1 */
&(nid_objs[395]),/* OBJ_aes_128_cbc 2 16 840 1 101 3 4 1 2 */
&(nid_objs[396]),/* OBJ_aes_128_ofb 2 16 840 1 101 3 4 1 3 */
&(nid_objs[397]),/* OBJ_aes_128_cfb 2 16 840 1 101 3 4 1 4 */
&(nid_objs[398]),/* OBJ_aes_192_ecb 2 16 840 1 101 3 4 1 21 */
&(nid_objs[399]),/* OBJ_aes_192_cbc 2 16 840 1 101 3 4 1 22 */
&(nid_objs[400]),/* OBJ_aes_192_ofb 2 16 840 1 101 3 4 1 23 */
&(nid_objs[401]),/* OBJ_aes_192_cfb 2 16 840 1 101 3 4 1 24 */
&(nid_objs[402]),/* OBJ_aes_256_ecb 2 16 840 1 101 3 4 1 41 */
&(nid_objs[403]),/* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */
&(nid_objs[404]),/* OBJ_aes_256_ofb 2 16 840 1 101 3 4 1 43 */
&(nid_objs[405]),/* OBJ_aes_256_cfb 2 16 840 1 101 3 4 1 44 */
&(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */
&(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */
&(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */

108
crypto/objects/obj_mac.h
View File

@ -1797,75 +1797,69 @@
#define NID_zlib_compression 125
#define OBJ_zlib_compression 1L,1L,1L,1L,666L,2L
#define SN_rijndael_ecb_k128_b128 "RIJNDAEL-ECB-K128-B128"
#define LN_rijndael_ecb_k128_b128 "rijndael-ecb-k128-b128"
#define NID_rijndael_ecb_k128_b128 396
#define OBJ_csor 2L,16L,840L,1L,101L,3L
#define SN_rijndael_ecb_k192_b128 "RIJNDAEL-ECB-K192-B128"
#define LN_rijndael_ecb_k192_b128 "rijndael-ecb-k192-b128"
#define NID_rijndael_ecb_k192_b128 397
#define OBJ_nistAlgorithms OBJ_csor,4L
#define SN_rijndael_ecb_k256_b128 "RIJNDAEL-ECB-K256-B128"
#define LN_rijndael_ecb_k256_b128 "rijndael-ecb-k256-b128"
#define NID_rijndael_ecb_k256_b128 398
#define OBJ_aes OBJ_nistAlgorithms,1L
#define SN_rijndael_ecb_k128_b192 "RIJNDAEL-ECB-K128-B192"
#define LN_rijndael_ecb_k128_b192 "rijndael-ecb-k128-b192"
#define NID_rijndael_ecb_k128_b192 399
#define SN_aes_128_ecb "AES-128-ECB"
#define LN_aes_128_ecb "aes-128-ecb"
#define NID_aes_128_ecb 394
#define OBJ_aes_128_ecb OBJ_aes,1L
#define SN_rijndael_ecb_k192_b192 "RIJNDAEL-ECB-K192-B192"
#define LN_rijndael_ecb_k192_b192 "rijndael-ecb-k192-b192"
#define NID_rijndael_ecb_k192_b192 400
#define SN_aes_128_cbc "AES-128-CBC"
#define LN_aes_128_cbc "aes-128-cbc"
#define NID_aes_128_cbc 395
#define OBJ_aes_128_cbc OBJ_aes,2L
#define SN_rijndael_ecb_k256_b192 "RIJNDAEL-ECB-K256-B192"
#define LN_rijndael_ecb_k256_b192 "rijndael-ecb-k256-b192"
#define NID_rijndael_ecb_k256_b192 401
#define SN_aes_128_ofb "AES-128-OFB"
#define LN_aes_128_ofb "aes-128-ofb"
#define NID_aes_128_ofb 396
#define OBJ_aes_128_ofb OBJ_aes,3L
#define SN_rijndael_ecb_k128_b256 "RIJNDAEL-ECB-K128-B256"
#define LN_rijndael_ecb_k128_b256 "rijndael-ecb-k128-b256"
#define NID_rijndael_ecb_k128_b256 402
#define SN_aes_128_cfb "AES-128-CFB"
#define LN_aes_128_cfb "aes-128-cfb"
#define NID_aes_128_cfb 397
#define OBJ_aes_128_cfb OBJ_aes,4L
#define SN_rijndael_ecb_k192_b256 "RIJNDAEL-ECB-K192-B256"
#define LN_rijndael_ecb_k192_b256 "rijndael-ecb-k192-b256"
#define NID_rijndael_ecb_k192_b256 403
#define SN_aes_192_ecb "AES-192-ECB"
#define LN_aes_192_ecb "aes-192-ecb"
#define NID_aes_192_ecb 398
#define OBJ_aes_192_ecb OBJ_aes,21L
#define SN_rijndael_ecb_k256_b256 "RIJNDAEL-ECB-K256-B256"
#define LN_rijndael_ecb_k256_b256 "rijndael-ecb-k256-b256"
#define NID_rijndael_ecb_k256_b256 404
#define SN_aes_192_cbc "AES-192-CBC"
#define LN_aes_192_cbc "aes-192-cbc"
#define NID_aes_192_cbc 399
#define OBJ_aes_192_cbc OBJ_aes,22L
#define SN_rd128_cbc_b128 "RD128-CBC-B128"
#define LN_rd128_cbc_b128 "rd128-cbc-b128"
#define NID_rd128_cbc_b128 408
#define SN_aes_192_ofb "AES-192-OFB"
#define LN_aes_192_ofb "aes-192-ofb"
#define NID_aes_192_ofb 400
#define OBJ_aes_192_ofb OBJ_aes,23L
#define SN_rd192_cbc_b128 "RD192-CBC-B128"
#define LN_rd192_cbc_b128 "rd192-cbc-b128"
#define NID_rd192_cbc_b128 409
#define SN_aes_192_cfb "AES-192-CFB"
#define LN_aes_192_cfb "aes-192-cfb"
#define NID_aes_192_cfb 401
#define OBJ_aes_192_cfb OBJ_aes,24L
#define SN_rd256_cbc_b128 "RD256-CBC-B128"
#define LN_rd256_cbc_b128 "rd256-cbc-b128"
#define NID_rd256_cbc_b128 410
#define SN_aes_256_ecb "AES-256-ECB"
#define LN_aes_256_ecb "aes-256-ecb"
#define NID_aes_256_ecb 402
#define OBJ_aes_256_ecb OBJ_aes,41L
#define SN_rd128_cbc_b192 "RD128-CBC-B192"
#define LN_rd128_cbc_b192 "rd128-cbc-b192"
#define NID_rd128_cbc_b192 411
#define SN_aes_256_cbc "AES-256-CBC"
#define LN_aes_256_cbc "aes-256-cbc"
#define NID_aes_256_cbc 403
#define OBJ_aes_256_cbc OBJ_aes,42L
#define SN_rd192_cbc_b192 "RD192-CBC-B192"
#define LN_rd192_cbc_b192 "rd192-cbc-b192"
#define NID_rd192_cbc_b192 412
#define SN_aes_256_ofb "AES-256-OFB"
#define LN_aes_256_ofb "aes-256-ofb"
#define NID_aes_256_ofb 404
#define OBJ_aes_256_ofb OBJ_aes,43L
#define SN_rd256_cbc_b192 "RD256-CBC-B192"
#define LN_rd256_cbc_b192 "rd256-cbc-b192"
#define NID_rd256_cbc_b192 413
#define SN_rd128_cbc_b256 "RD128-CBC-B256"
#define LN_rd128_cbc_b256 "rd128-cbc-b256"
#define NID_rd128_cbc_b256 414
#define SN_rd192_cbc_b256 "RD192-CBC-B256"
#define LN_rd192_cbc_b256 "rd192-cbc-b256"
#define NID_rd192_cbc_b256 415
#define SN_rd256_cbc_b256 "RD256-CBC-B256"
#define LN_rd256_cbc_b256 "rd256-cbc-b256"
#define NID_rd256_cbc_b256 416
#define SN_aes_256_cfb "AES-256-CFB"
#define LN_aes_256_cfb "aes-256-cfb"
#define NID_aes_256_cfb 405
#define OBJ_aes_256_cfb OBJ_aes,44L

35
crypto/objects/obj_mac.num
View File

@ -391,26 +391,15 @@ dcObject 390
domainComponent 391
Domain 392
ld_ce 393
rd_ecb 394
rijndael_ecb 395
rijndael_ecb_k128_b128 396
rijndael_ecb_k192_b128 397
rijndael_ecb_k256_b128 398
rijndael_ecb_k128_b192 399
rijndael_ecb_k192_b192 400
rijndael_ecb_k256_b192 401
rijndael_ecb_k128_b256 402
rijndael_ecb_k192_b256 403
rijndael_ecb_k256_b256 404
rd128_cbc 405
rd192_cbc 406
rd256_cbc 407
rd128_cbc_b128 408
rd192_cbc_b128 409
rd256_cbc_b128 410
rd128_cbc_b192 411
rd192_cbc_b192 412
rd256_cbc_b192 413
rd128_cbc_b256 414
rd192_cbc_b256 415
rd256_cbc_b256 416
aes_128_ecb 394
aes_128_cbc 395
aes_128_ofb 396
aes_128_cfb 397
aes_192_ecb 398
aes_192_cbc 399
aes_192_ofb 400
aes_192_cfb 401
aes_256_ecb 402
aes_256_cbc 403
aes_256_ofb 404
aes_256_cfb 405

40
crypto/objects/objects.txt
View File

@ -591,22 +591,24 @@ enterprises 1466 344 : dcobject : dcObject
!Cname zlib-compression
1 1 1 1 666 2 : ZLIB : zlib compression
# Rijndael
: RIJNDAEL-ECB-K128-B128: rijndael-ecb-k128-b128
: RIJNDAEL-ECB-K192-B128: rijndael-ecb-k192-b128
: RIJNDAEL-ECB-K256-B128: rijndael-ecb-k256-b128
: RIJNDAEL-ECB-K128-B192: rijndael-ecb-k128-b192
: RIJNDAEL-ECB-K192-B192: rijndael-ecb-k192-b192
: RIJNDAEL-ECB-K256-B192: rijndael-ecb-k256-b192
: RIJNDAEL-ECB-K128-B256: rijndael-ecb-k128-b256
: RIJNDAEL-ECB-K192-B256: rijndael-ecb-k192-b256
: RIJNDAEL-ECB-K256-B256: rijndael-ecb-k256-b256
: RD128-CBC-B128 : rd128-cbc-b128
: RD192-CBC-B128 : rd192-cbc-b128
: RD256-CBC-B128 : rd256-cbc-b128
: RD128-CBC-B192 : rd128-cbc-b192
: RD192-CBC-B192 : rd192-cbc-b192
: RD256-CBC-B192 : rd256-cbc-b192
: RD128-CBC-B256 : rd128-cbc-b256
: RD192-CBC-B256 : rd192-cbc-b256
: RD256-CBC-B256 : rd256-cbc-b256
# AES aka Rijndael
!Alias csor 2 16 840 1 101 3
!Alias nistAlgorithms csor 4
!Alias aes nistAlgorithms 1
aes 1 : AES-128-ECB : aes-128-ecb
aes 2 : AES-128-CBC : aes-128-cbc
aes 3 : AES-128-OFB : aes-128-ofb
aes 4 : AES-128-CFB : aes-128-cfb
aes 21 : AES-192-ECB : aes-192-ecb
aes 22 : AES-192-CBC : aes-192-cbc
aes 23 : AES-192-OFB : aes-192-ofb
aes 24 : AES-192-CFB : aes-192-cfb
aes 41 : AES-256-ECB : aes-256-ecb
aes 42 : AES-256-CBC : aes-256-cbc
aes 43 : AES-256-OFB : aes-256-ofb
aes 44 : AES-256-CFB : aes-256-cfb

23
crypto/ocsp/Makefile.ssl
View File

@ -234,6 +234,29 @@ ocsp_prn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
ocsp_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
ocsp_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
ocsp_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
ocsp_srv.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ocsp_srv.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
ocsp_srv.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
ocsp_srv.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
ocsp_srv.o: ../../include/openssl/des.h ../../include/openssl/dh.h
ocsp_srv.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
ocsp_srv.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
ocsp_srv.o: ../../include/openssl/err.h ../../include/openssl/evp.h
ocsp_srv.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
ocsp_srv.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
ocsp_srv.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
ocsp_srv.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
ocsp_srv.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
ocsp_srv.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h
ocsp_srv.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
ocsp_srv.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
ocsp_srv.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
ocsp_srv.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
ocsp_srv.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
ocsp_srv.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
ocsp_srv.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ocsp_srv.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
ocsp_srv.o: ../../include/openssl/x509v3.h ../cryptlib.h
ocsp_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ocsp_vfy.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
ocsp_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h

5
crypto/rijndael/Makefile.ssl
View File

@ -20,10 +20,9 @@ RD_ENC= rd_enc.o
# or use
#DES_ENC= bx86-elf.o
CFLAGS= -mpentiumpro $(INCLUDES) $(CFLAG) -DINTERMEDIATE_VALUE_KAT -DBINARY_KEY_MATERIAL -O3 -fexpensive-optimizations -funroll-loops -fforce-addr
CFLAGS= -mpentiumpro $(INCLUDES) $(CFLAG) -O3 -fexpensive-optimizations -funroll-loops -fforce-addr
GENERAL=Makefile
#TEST=rijndael-test-fst.c table.128 table.192 table.256
TEST=
APPS=
@ -85,4 +84,4 @@ clean:
# DO NOT DELETE THIS LINE
rd_fst.o: boxes-fst-corrected.dat rd_fst.h
rd_fst.o: rd_fst.h

128
crypto/rijndael/README
View File

@ -1,84 +1,80 @@
Rijndael
Joan Daemen
Optimised ANSI C code for the Rijndael cipher (now AES)
Optimised ANSI C v2.4
-----------------------------------------------------------
Authors:
Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
Paulo Barreto <paulo.barreto@terra.com.br>
This archive contains the following files:
All code contained in this distributed is placed in the public domain.
Makefile: A file that allows for easy compiling of the code with
Unix `make' (tested with GNU make).
README: This file.
boxes-fst.dat: Tables that are needed by the reference implementation.
The tables implement the S-box and its inverse, and also
some temporary tables needed for multiplying in the finite
field GF(2^8).
rijndael-alg-fst.c:
rijndael-alg-fst.h:
Algorithm implementation.
rijndael-api-fst.c:
rijndael-api-fst.h:
Interface to the C API.
rijndaeltest-fst.c:
Implementation of the KAT and MCT.
table.128:
table.192:
table.256:
Files needed for the KAT (for the Table Known Answer Test).
========================================================================
Disclaimer:
THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Instructions for the KAT and MCT software:
========================================================================
1) Compile the C code and put the executable in the same directory as the
table.??? files.
2) Run the executable. It generates all the tables in the NIST format.
3) Compare the generated tables with the original provided tables, e.g.
in Unix, with `diff'.
4) The code is independent of the ENDIANness of the machine.
However, the code casts char pointers to int pointers.
On some platforms, this casting can cause problems.
This will cause malfunctioning of the CBC Monte Carlo tests.
In this case, the compile parameter STRICT_ALIGN should be set to 1.
(Of course this results in slower code.)
Acknowledgements:
We are deeply indebted to the following people for their bug reports,
fixes, and improvement suggestions to the API implementation. Though we
tried to list all contributions, we apologise in advance for any
missing reference:
Changes with respect to v1.0 (= round 1 submission)
---------------------------------------------------
Andrew Bales <Andrew.Bales@Honeywell.com>
Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
John Skodon <skodonj@webquill.com>
1) Removed the parameter blockLen from makeKey() and cipherInit().
The parameter is still present in the structures keyInstance and
cipherInstance.
2) Removed some calls to sscan().
3) Corrected the CBC decryption Monte Carlo test code.
4) Provided code for platforms with pointer alignment problems.
----------------------------------------------------------------------
========================================================================
Changes from v2.0 (= round 2 submission)
----------------------------------------
Description:
Various bug fixes in CBC encryption and decryption mode.
This optimised implementation of Rijndael is noticeably faster than the
previous versions on Intel processors under Win32 w/ MSVC 6.0. On the
same processor under Linux w/ gcc-2.95.2, the key setup is also
considerably faster, but normal encryption/decryption is only marginally
faster.
----------------------------------------------------------------------
To enable full loop unrolling for encryption/decryption, define the
conditional compilation directive FULL_UNROLL. This may help increase
performance or not, depending on the platform.
Changes from v2.2
-----------------
To compute the intermediate value tests, define the conditional
compilation directive INTERMEDIATE_VALUE_KAT. It may be worthwhile to
define the TRACE_KAT_MCT directive too, which provides useful progress
information during the generation of the KAT and MCT sets.
-- Moved number of rounds to the keyInstance structure
to make implementation thread-safe
-- Functions used only to generate the Intermediate Value
Known Answer Test are now conditionally compiled
via #define INTERMEDIATE_VALUE_KAT
-- Further optimized for the default 128-bit block size
-- Fixed CBC decryption bug (chained IV was lost if input
and outBuffer were the same)
-- Added padding capability to CBC mode (allows encryption
of any number of octets, not only full blocks)
========================================================================
----------------------------------------------------------------------
Contents:
Changes from v2.3
-----------------
README This file
rijndael-alg-fst.c The algorithm implementation.
rijndael-alg-fst.h The corresponding header file.
rijndael-api-fst.c NIST's implementation.
rijndael-api-fst.h The corresponding header file.
rijndael-test-fst.c A simple program to generate test vectors.
table.128 Data for the table tests and 128-bit keys.
table.192 Data for the table tests and 192-bit keys.
table.256 Data for the table tests and 256-bit keys.
fips-test-vectors.txt Key schedule and ciphertext intermediate values
(reduced set proposed for FIPS inclusion).
Makefile A sample makefile; may need some changes,
depending on the C compiler used.
N.B. Both the API implementation and the provisional reduced set of
test vectors are likely to change, according to NIST's final decision
regarding modes of operation and the FIPS contents. They are therefore
marked as "version 2.9" rather than "version 3.0".
Fixed a small bug in CBC mode.

3986
crypto/rijndael/boxes-fst-corrected.dat
View File

File diff suppressed because it is too large Load Diff

1836
crypto/rijndael/rd_fst.c
View File

File diff suppressed because it is too large Load Diff

67
crypto/rijndael/rd_fst.h
View File

@ -1,46 +1,47 @@
/*
* rijndael-alg-fst.h v2.4 April '2000
/**
* rijndael-alg-fst.h
*
* Optimised ANSI C code
* @version 3.0 (December 2000)
*
* #define INTERMEDIATE_VALUE_KAT to generate the Intermediate Value Known Answer Test.
* Optimised ANSI C code for the Rijndael cipher (now AES)
*
* @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
* @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
* @author Paulo Barreto <paulo.barreto@terra.com.br>
*
* This code is hereby placed in the public domain.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef __RIJNDAEL_ALG_FST_H
#define __RIJNDAEL_ALG_FST_H
#define RIJNDAEL_MAXKC (256/32)
#define RIJNDAEL_MAXROUNDS 14
#define MAXKC (256/32)
#define MAXKB (256/8)
#define MAXNR 14
#ifndef USUAL_TYPES
#define USUAL_TYPES
typedef unsigned char byte;
typedef unsigned char word8;
typedef unsigned short word16;
typedef unsigned int word32;
#endif /* USUAL_TYPES */
typedef unsigned char u8;
typedef unsigned short u16;
typedef unsigned int u32;
int rijndaelKeySched(const word8 k[RIJNDAEL_MAXKC][4],
word8 rk[RIJNDAEL_MAXROUNDS+1][4][4],
int ROUNDS);
int rijndaelKeyEncToDec(word8 W[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS);
int rijndaelEncrypt(const word8 a[16],word8 b[16],
word8 rk[RIJNDAEL_MAXROUNDS+1][4][4],
int ROUNDS);
int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits);
int rijndaelKeySetupDec(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits);
void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16], u8 ct[16]);
void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16], u8 pt[16]);
#ifdef INTERMEDIATE_VALUE_KAT
int rijndaelEncryptRound(word8 a[4][4],word8 rk[RIJNDAEL_MAXROUNDS+1][4][4],
int ROUNDS, int rounds);
#endif /* INTERMEDIATE_VALUE_KAT */
int rijndaelDecrypt(const word8 a[16], word8 b[16],
word8 rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS);
#ifdef INTERMEDIATE_VALUE_KAT
int rijndaelDecryptRound(word8 a[4][4], word8 rk[RIJNDAEL_MAXROUNDS+1][4][4],
int ROUNDS, int rounds);
void rijndaelEncryptRound(const u32 rk[/*4*(Nr + 1)*/], int Nr, u8 block[16], int rounds);
void rijndaelDecryptRound(const u32 rk[/*4*(Nr + 1)*/], int Nr, u8 block[16], int rounds);
#endif /* INTERMEDIATE_VALUE_KAT */
#endif /* __RIJNDAEL_ALG_FST_H */

6
crypto/rijndael/rijndael.h
View File

@ -1,11 +1,7 @@
#include "openssl/rd_fst.h"
#define RIJNDAEL_MAX_IV 16
typedef struct
{
word8 keySched[RIJNDAEL_MAXROUNDS+1][4][4];
u32 rd_key[4 *(MAXNR + 1)];
int rounds;
word8 iv[RIJNDAEL_MAX_IV];
int enc;
} RIJNDAEL_KEY;

160
ssl/s3_lib.c
View File

@ -615,6 +615,8 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
#endif /* NO_KRB5 */
#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
/* New TLS Export CipherSuites */
/* Cipher 60 */
@ -708,20 +710,166 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS
},
/* Cipher ?? */
#endif
/* New AES ciphersuites */
/* Cipher 2F */
{
1,
TLS1_TXT_RSA_WITH_RD_128_SHA,
TLS1_CK_RSA_WITH_RD_128_SHA,
SSL_kRSA|SSL_aRSA|SSL_RD|SSL_SHA |SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
TLS1_TXT_RSA_WITH_AES_128_SHA,
TLS1_CK_RSA_WITH_AES_128_SHA,
SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
SSL_NOT_EXP|SSL_MEDIUM,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
#endif
/* Cipher 30 */
{
0,
TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
TLS1_CK_DH_DSS_WITH_AES_128_SHA,
SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_MEDIUM,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* Cipher 31 */
{
0,
TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
TLS1_CK_DH_RSA_WITH_AES_128_SHA,
SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_MEDIUM,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* Cipher 32 */
{
1,
TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_MEDIUM,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* Cipher 33 */
{
1,
TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_MEDIUM,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* Cipher 34 */
{
1,
TLS1_TXT_ADH_WITH_AES_128_SHA,
TLS1_CK_ADH_WITH_AES_128_SHA,
SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_MEDIUM,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* Cipher 35 */
{
1,
TLS1_TXT_RSA_WITH_AES_256_SHA,
TLS1_CK_RSA_WITH_AES_256_SHA,
SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
256,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* Cipher 36 */
{
0,
TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
TLS1_CK_DH_DSS_WITH_AES_256_SHA,
SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
256,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* Cipher 37 */
{
0,
TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
TLS1_CK_DH_RSA_WITH_AES_256_SHA,
SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
256,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* Cipher 38 */
{
1,
TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
256,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* Cipher 39 */
{
1,
TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
256,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* Cipher 3A */
{
1,
TLS1_TXT_ADH_WITH_AES_256_SHA,
TLS1_CK_ADH_WITH_AES_256_SHA,
SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
256,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* end of list */
};

2
ssl/ssl.h
View File

@ -153,7 +153,7 @@ extern "C" {
#define SSL_TXT_RC4 "RC4"
#define SSL_TXT_RC2 "RC2"
#define SSL_TXT_IDEA "IDEA"
#define SSL_TXT_RD "RD"
#define SSL_TXT_AES "AES"
#define SSL_TXT_MD5 "MD5"
#define SSL_TXT_SHA1 "SHA1"
#define SSL_TXT_SHA "SHA"

9
ssl/ssl_algs.c
View File

@ -63,7 +63,6 @@
int SSL_library_init(void)
{
int k;
#ifndef NO_DES
EVP_add_cipher(EVP_des_cbc());
@ -78,9 +77,11 @@ int SSL_library_init(void)
#ifndef NO_RC2
EVP_add_cipher(EVP_rc2_cbc());
#endif
for(k=0 ; k < 2 ; ++k)
EVP_add_cipher(EVP_rijndael_cbc(0,k));
#ifndef NO_AES
EVP_add_cipher(EVP_aes_128_cbc());
EVP_add_cipher(EVP_aes_192_cbc());
EVP_add_cipher(EVP_aes_256_cbc());
#endif
#ifndef NO_MD2
EVP_add_digest(EVP_md2());
#endif

40
ssl/ssl_ciph.c
View File

@ -68,10 +68,9 @@
#define SSL_ENC_IDEA_IDX 4
#define SSL_ENC_eFZA_IDX 5
#define SSL_ENC_NULL_IDX 6
#define SSL_ENC_RD128_IDX 7
#define SSL_ENC_RD192_IDX 8
#define SSL_ENC_RD256_IDX 9
#define SSL_ENC_NUM_IDX 10
#define SSL_ENC_AES128_IDX 7
#define SSL_ENC_AES256_IDX 8
#define SSL_ENC_NUM_IDX 9
static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
NULL,NULL,NULL,NULL,NULL,NULL,
@ -127,7 +126,7 @@ static const SSL_CIPHER cipher_aliases[]={
{0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_RD, 0,SSL_RD, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_AES, 0,SSL_AES, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0},
{0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0},
@ -167,12 +166,10 @@ static void load_ciphers(void)
EVP_get_cipherbyname(SN_rc2_cbc);
ssl_cipher_methods[SSL_ENC_IDEA_IDX]=
EVP_get_cipherbyname(SN_idea_cbc);
ssl_cipher_methods[SSL_ENC_RD128_IDX]=
EVP_get_cipherbyname(SN_rd128_cbc_b128);
ssl_cipher_methods[SSL_ENC_RD192_IDX]=
EVP_get_cipherbyname(SN_rd192_cbc_b128);
ssl_cipher_methods[SSL_ENC_RD256_IDX]=
EVP_get_cipherbyname(SN_rd256_cbc_b128);
ssl_cipher_methods[SSL_ENC_AES128_IDX]=
EVP_get_cipherbyname(SN_aes_128_cbc);
ssl_cipher_methods[SSL_ENC_AES256_IDX]=
EVP_get_cipherbyname(SN_aes_256_cbc);
ssl_digest_methods[SSL_MD_MD5_IDX]=
EVP_get_digestbyname(SN_md5);
@ -233,12 +230,11 @@ int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc,
case SSL_eNULL:
i=SSL_ENC_NULL_IDX;
break;
case SSL_RD:
case SSL_AES:
switch(c->alg_bits)
{
case 128: i=SSL_ENC_RD128_IDX; break;
case 192: i=SSL_ENC_RD192_IDX; break;
case 256: i=SSL_ENC_RD256_IDX; break;
case 128: i=SSL_ENC_AES128_IDX; break;
case 256: i=SSL_ENC_AES256_IDX; break;
default: i=-1; break;
}
break;
@ -327,7 +323,7 @@ static unsigned long ssl_cipher_get_disabled(void)
mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0;
mask |= (ssl_cipher_methods[SSL_ENC_RD128_IDX] == NULL) ? SSL_RD:0;
mask |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES:0;
mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
@ -999,13 +995,13 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
case SSL_eNULL:
enc="None";
break;
case SSL_RD:
switch(cipher->strength_bits == 128)
case SSL_AES:
switch(cipher->strength_bits)
{
case 128: enc="Rijndael(128)"; break;
case 192: enc="Rijndael(192)"; break;
case 256: enc="Rijndael(256)"; break;
default: enc="Rijndael(???)"; break;
case 128: enc="AES(128)"; break;
case 192: enc="AES(192)"; break;
case 256: enc="AES(256)"; break;
default: enc="AES(???)"; break;
}
break;
default:

2
ssl/ssl_locl.h
View File

@ -259,7 +259,7 @@
#define SSL_IDEA 0x00010000L
#define SSL_eFZA 0x00020000L
#define SSL_eNULL 0x00040000L
#define SSL_RD 0x00800000L
#define SSL_AES 0x00800000L
#define SSL_MAC_MASK 0x00180000L
#define SSL_MD5 0x00080000L

34
ssl/tls1.h
View File

@ -95,8 +95,22 @@ extern "C" {
#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064
#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065
#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066
/* not yet real */
#define TLS1_CK_RSA_WITH_RD_128_SHA 0x03000067
/* AES ciphersuites from draft ietf-tls-ciphersuite-03.txt */
#define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
#define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
#define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031
#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA 0x03000032
#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033
#define TLS1_CK_ADH_WITH_AES_128_SHA 0x03000034
#define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035
#define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036
#define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037
#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA 0x03000038
#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
#define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
/* XXX
* Inconsistency alert:
@ -112,8 +126,20 @@ extern "C" {
#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA"
#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA"
#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
/* Not yet real */
#define TLS1_TXT_RSA_WITH_RD_128_SHA "RD128-SHA"
/* AES ciphersuites from draft ietf-tls-ciphersuite-03.txt */
#define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA"
#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA"
#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AES128-SHA"
#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AES128-SHA"
#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AES128-SHA"
#define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AES128-SHA"
#define TLS1_TXT_RSA_WITH_AES_256_SHA "AES256-SHA"
#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AES256-SHA"
#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AES256-SHA"
#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AES256-SHA"
#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA"
#define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA"
#define TLS_CT_RSA_SIGN 1