diff options
Diffstat (limited to 'Cryptlib/OpenSSL/crypto/evp')
65 files changed, 5996 insertions, 4617 deletions
diff --git a/Cryptlib/OpenSSL/crypto/evp/bio_b64.c b/Cryptlib/OpenSSL/crypto/evp/bio_b64.c index 32a884a7..538b5202 100644 --- a/Cryptlib/OpenSSL/crypto/evp/bio_b64.c +++ b/Cryptlib/OpenSSL/crypto/evp/bio_b64.c @@ -1,18 +1,66 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/bio_b64.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> #include <errno.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/buffer.h> #include <openssl/evp.h> -#include "internal/bio.h" static int b64_write(BIO *h, const char *buf, int num); static int b64_read(BIO *h, char *buf, int size); @@ -41,12 +89,12 @@ typedef struct b64_struct { int encode; int start; /* have we started decoding yet? */ int cont; /* <= 0 when finished */ - EVP_ENCODE_CTX *base64; + EVP_ENCODE_CTX base64; char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE) + 10]; char tmp[B64_BLOCK_SIZE]; } BIO_B64_CTX; -static const BIO_METHOD methods_b64 = { +static BIO_METHOD methods_b64 = { BIO_TYPE_BASE64, "base64 encoding", b64_write, b64_read, @@ -58,50 +106,43 @@ static const BIO_METHOD methods_b64 = { b64_callback_ctrl, }; - -const BIO_METHOD *BIO_f_base64(void) +BIO_METHOD *BIO_f_base64(void) { - return &methods_b64; + return (&methods_b64); } static int b64_new(BIO *bi) { BIO_B64_CTX *ctx; - ctx = OPENSSL_zalloc(sizeof(*ctx)); + ctx = (BIO_B64_CTX *)OPENSSL_malloc(sizeof(BIO_B64_CTX)); if (ctx == NULL) - return 0; + return (0); + ctx->buf_len = 0; + ctx->tmp_len = 0; + ctx->tmp_nl = 0; + ctx->buf_off = 0; ctx->cont = 1; ctx->start = 1; - ctx->base64 = EVP_ENCODE_CTX_new(); - if (ctx->base64 == NULL) { - OPENSSL_free(ctx); - return 0; - } - - BIO_set_data(bi, ctx); - BIO_set_init(bi, 1); + ctx->encode = 0; - return 1; + bi->init = 1; + bi->ptr = (char *)ctx; + bi->flags = 0; + bi->num = 0; + return (1); } static int b64_free(BIO *a) { - BIO_B64_CTX *ctx; if (a == NULL) - return 0; - - ctx = BIO_get_data(a); - if (ctx == NULL) - return 0; - - EVP_ENCODE_CTX_free(ctx->base64); - OPENSSL_free(ctx); - BIO_set_data(a, NULL); - BIO_set_init(a, 0); - - return 1; + return (0); + OPENSSL_free(a->ptr); + a->ptr = NULL; + a->init = 0; + a->flags = 0; + return (1); } static int b64_read(BIO *b, char *out, int outl) @@ -109,15 +150,13 @@ static int b64_read(BIO *b, char *out, int outl) int ret = 0, i, ii, j, k, x, n, num, ret_code = 0; BIO_B64_CTX *ctx; unsigned char *p, *q; - BIO *next; if (out == NULL) return (0); - ctx = (BIO_B64_CTX *)BIO_get_data(b); + ctx = (BIO_B64_CTX *)b->ptr; - next = BIO_next(b); - if ((ctx == NULL) || (next == NULL)) - return 0; + if ((ctx == NULL) || (b->next_bio == NULL)) + return (0); BIO_clear_retry_flags(b); @@ -126,7 +165,7 @@ static int b64_read(BIO *b, char *out, int outl) ctx->buf_len = 0; ctx->buf_off = 0; ctx->tmp_len = 0; - EVP_DecodeInit(ctx->base64); + EVP_DecodeInit(&(ctx->base64)); } /* First check if there are bytes decoded/encoded */ @@ -157,14 +196,14 @@ static int b64_read(BIO *b, char *out, int outl) if (ctx->cont <= 0) break; - i = BIO_read(next, &(ctx->tmp[ctx->tmp_len]), + i = BIO_read(b->next_bio, &(ctx->tmp[ctx->tmp_len]), B64_BLOCK_SIZE - ctx->tmp_len); if (i <= 0) { ret_code = i; /* Should we continue next time we are called? */ - if (!BIO_should_retry(next)) { + if (!BIO_should_retry(b->next_bio)) { ctx->cont = i; /* If buffer empty break */ if (ctx->tmp_len == 0) @@ -205,11 +244,11 @@ static int b64_read(BIO *b, char *out, int outl) continue; } - k = EVP_DecodeUpdate(ctx->base64, + k = EVP_DecodeUpdate(&(ctx->base64), (unsigned char *)ctx->buf, &num, p, q - p); if ((k <= 0) && (num == 0) && (ctx->start)) - EVP_DecodeInit(ctx->base64); + EVP_DecodeInit(&ctx->base64); else { if (p != (unsigned char *) &(ctx->tmp[0])) { @@ -218,7 +257,7 @@ static int b64_read(BIO *b, char *out, int outl) for (x = 0; x < i; x++) ctx->tmp[x] = p[x]; } - EVP_DecodeInit(ctx->base64); + EVP_DecodeInit(&ctx->base64); ctx->start = 0; break; } @@ -259,7 +298,11 @@ static int b64_read(BIO *b, char *out, int outl) if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) { int z, jj; +#if 0 + jj = (i >> 2) << 2; +#else jj = i & ~3; /* process per 4 */ +#endif z = EVP_DecodeBlock((unsigned char *)ctx->buf, (unsigned char *)ctx->tmp, jj); if (jj > 2) { @@ -282,7 +325,7 @@ static int b64_read(BIO *b, char *out, int outl) } i = z; } else { - i = EVP_DecodeUpdate(ctx->base64, + i = EVP_DecodeUpdate(&(ctx->base64), (unsigned char *)ctx->buf, &ctx->buf_len, (unsigned char *)ctx->tmp, i); ctx->tmp_len = 0; @@ -320,13 +363,8 @@ static int b64_write(BIO *b, const char *in, int inl) int n; int i; BIO_B64_CTX *ctx; - BIO *next; - - ctx = (BIO_B64_CTX *)BIO_get_data(b); - next = BIO_next(b); - if ((ctx == NULL) || (next == NULL)) - return 0; + ctx = (BIO_B64_CTX *)b->ptr; BIO_clear_retry_flags(b); if (ctx->encode != B64_ENCODE) { @@ -334,7 +372,7 @@ static int b64_write(BIO *b, const char *in, int inl) ctx->buf_len = 0; ctx->buf_off = 0; ctx->tmp_len = 0; - EVP_EncodeInit(ctx->base64); + EVP_EncodeInit(&(ctx->base64)); } OPENSSL_assert(ctx->buf_off < (int)sizeof(ctx->buf)); @@ -342,7 +380,7 @@ static int b64_write(BIO *b, const char *in, int inl) OPENSSL_assert(ctx->buf_len >= ctx->buf_off); n = ctx->buf_len - ctx->buf_off; while (n > 0) { - i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n); + i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n); if (i <= 0) { BIO_copy_next_retry(b); return (i); @@ -403,10 +441,9 @@ static int b64_write(BIO *b, const char *in, int inl) ret += n; } } else { - if (!EVP_EncodeUpdate(ctx->base64, - (unsigned char *)ctx->buf, &ctx->buf_len, - (unsigned char *)in, n)) - return ((ret == 0) ? -1 : ret); + EVP_EncodeUpdate(&(ctx->base64), + (unsigned char *)ctx->buf, &ctx->buf_len, + (unsigned char *)in, n); OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); OPENSSL_assert(ctx->buf_len >= ctx->buf_off); ret += n; @@ -417,7 +454,7 @@ static int b64_write(BIO *b, const char *in, int inl) ctx->buf_off = 0; n = ctx->buf_len; while (n > 0) { - i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n); + i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n); if (i <= 0) { BIO_copy_next_retry(b); return ((ret == 0) ? i : ret); @@ -439,40 +476,36 @@ static long b64_ctrl(BIO *b, int cmd, long num, void *ptr) BIO_B64_CTX *ctx; long ret = 1; int i; - BIO *next; - ctx = (BIO_B64_CTX *)BIO_get_data(b); - next = BIO_next(b); - if ((ctx == NULL) || (next == NULL)) - return 0; + ctx = (BIO_B64_CTX *)b->ptr; switch (cmd) { case BIO_CTRL_RESET: ctx->cont = 1; ctx->start = 1; ctx->encode = B64_NONE; - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; case BIO_CTRL_EOF: /* More to read */ if (ctx->cont <= 0) ret = 1; else - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; case BIO_CTRL_WPENDING: /* More to write in buffer */ OPENSSL_assert(ctx->buf_len >= ctx->buf_off); ret = ctx->buf_len - ctx->buf_off; if ((ret == 0) && (ctx->encode != B64_NONE) - && (EVP_ENCODE_CTX_num(ctx->base64) != 0)) + && (ctx->base64.num != 0)) ret = 1; else if (ret <= 0) - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; case BIO_CTRL_PENDING: /* More to read in buffer */ OPENSSL_assert(ctx->buf_len >= ctx->buf_off); ret = ctx->buf_len - ctx->buf_off; if (ret <= 0) - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; case BIO_CTRL_FLUSH: /* do a final write */ @@ -491,21 +524,20 @@ static long b64_ctrl(BIO *b, int cmd, long num, void *ptr) ctx->tmp_len = 0; goto again; } - } else if (ctx->encode != B64_NONE - && EVP_ENCODE_CTX_num(ctx->base64) != 0) { + } else if (ctx->encode != B64_NONE && ctx->base64.num != 0) { ctx->buf_off = 0; - EVP_EncodeFinal(ctx->base64, + EVP_EncodeFinal(&(ctx->base64), (unsigned char *)ctx->buf, &(ctx->buf_len)); /* push out the bytes */ goto again; } /* Finally flush the underlying BIO */ - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; case BIO_C_DO_STATE_MACHINE: BIO_clear_retry_flags(b); - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); BIO_copy_next_retry(b); break; @@ -515,22 +547,21 @@ static long b64_ctrl(BIO *b, int cmd, long num, void *ptr) case BIO_CTRL_GET: case BIO_CTRL_SET: default: - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; } - return ret; + return (ret); } static long b64_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) { long ret = 1; - BIO *next = BIO_next(b); - if (next == NULL) - return 0; + if (b->next_bio == NULL) + return (0); switch (cmd) { default: - ret = BIO_callback_ctrl(next, cmd, fp); + ret = BIO_callback_ctrl(b->next_bio, cmd, fp); break; } return (ret); diff --git a/Cryptlib/OpenSSL/crypto/evp/bio_enc.c b/Cryptlib/OpenSSL/crypto/evp/bio_enc.c index 5a3beef9..0806f233 100644 --- a/Cryptlib/OpenSSL/crypto/evp/bio_enc.c +++ b/Cryptlib/OpenSSL/crypto/evp/bio_enc.c @@ -1,18 +1,66 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/bio_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> #include <errno.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/buffer.h> #include <openssl/evp.h> -#include "internal/bio.h" static int enc_write(BIO *h, const char *buf, int num); static int enc_read(BIO *h, char *buf, int size); @@ -27,8 +75,7 @@ static int enc_new(BIO *h); static int enc_free(BIO *data); static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps); #define ENC_BLOCK_SIZE (1024*4) -#define ENC_MIN_CHUNK (256) -#define BUF_OFFSET (ENC_MIN_CHUNK + EVP_MAX_BLOCK_LENGTH) +#define BUF_OFFSET (EVP_MAX_BLOCK_LENGTH*2) typedef struct enc_struct { int buf_len; @@ -36,16 +83,15 @@ typedef struct enc_struct { int cont; /* <= 0 when finished */ int finished; int ok; /* bad decrypt */ - EVP_CIPHER_CTX *cipher; - unsigned char *read_start, *read_end; + EVP_CIPHER_CTX cipher; /* * buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate can return * up to a block more data than is presented to it */ - unsigned char buf[BUF_OFFSET + ENC_BLOCK_SIZE]; + char buf[ENC_BLOCK_SIZE + BUF_OFFSET + 2]; } BIO_ENC_CTX; -static const BIO_METHOD methods_enc = { +static BIO_METHOD methods_enc = { BIO_TYPE_CIPHER, "cipher", enc_write, enc_read, @@ -57,7 +103,7 @@ static const BIO_METHOD methods_enc = { enc_callback_ctrl, }; -const BIO_METHOD *BIO_f_cipher(void) +BIO_METHOD *BIO_f_cipher(void) { return (&methods_enc); } @@ -66,22 +112,21 @@ static int enc_new(BIO *bi) { BIO_ENC_CTX *ctx; - ctx = OPENSSL_zalloc(sizeof(*ctx)); + ctx = (BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX)); if (ctx == NULL) - return 0; + return (0); + EVP_CIPHER_CTX_init(&ctx->cipher); - ctx->cipher = EVP_CIPHER_CTX_new(); - if (ctx->cipher == NULL) { - OPENSSL_free(ctx); - return 0; - } + ctx->buf_len = 0; + ctx->buf_off = 0; ctx->cont = 1; + ctx->finished = 0; ctx->ok = 1; - ctx->read_end = ctx->read_start = &(ctx->buf[BUF_OFFSET]); - BIO_set_data(bi, ctx); - BIO_set_init(bi, 1); - return 1; + bi->init = 0; + bi->ptr = (char *)ctx; + bi->flags = 0; + return (1); } static int enc_free(BIO *a) @@ -89,33 +134,28 @@ static int enc_free(BIO *a) BIO_ENC_CTX *b; if (a == NULL) - return 0; - - b = BIO_get_data(a); - if (b == NULL) - return 0; - - EVP_CIPHER_CTX_free(b->cipher); - OPENSSL_clear_free(b, sizeof(BIO_ENC_CTX)); - BIO_set_data(a, NULL); - BIO_set_init(a, 0); - - return 1; + return (0); + b = (BIO_ENC_CTX *)a->ptr; + EVP_CIPHER_CTX_cleanup(&(b->cipher)); + OPENSSL_cleanse(a->ptr, sizeof(BIO_ENC_CTX)); + OPENSSL_free(a->ptr); + a->ptr = NULL; + a->init = 0; + a->flags = 0; + return (1); } static int enc_read(BIO *b, char *out, int outl) { - int ret = 0, i, blocksize; + int ret = 0, i; BIO_ENC_CTX *ctx; - BIO *next; if (out == NULL) return (0); - ctx = BIO_get_data(b); + ctx = (BIO_ENC_CTX *)b->ptr; - next = BIO_next(b); - if ((ctx == NULL) || (next == NULL)) - return 0; + if ((ctx == NULL) || (b->next_bio == NULL)) + return (0); /* First check if there are bytes decoded/encoded */ if (ctx->buf_len > 0) { @@ -133,10 +173,6 @@ static int enc_read(BIO *b, char *out, int outl) } } - blocksize = EVP_CIPHER_CTX_block_size(ctx->cipher); - if (blocksize == 1) - blocksize = 0; - /* * At this point, we have room of outl bytes and an empty buffer, so we * should read in some more. @@ -146,21 +182,18 @@ static int enc_read(BIO *b, char *out, int outl) if (ctx->cont <= 0) break; - if (ctx->read_start == ctx->read_end) { /* time to read more data */ - ctx->read_end = ctx->read_start = &(ctx->buf[BUF_OFFSET]); - i = BIO_read(next, ctx->read_start, ENC_BLOCK_SIZE); - if (i > 0) - ctx->read_end += i; - } else { - i = ctx->read_end - ctx->read_start; - } + /* + * read in at IV offset, read the EVP_Cipher documentation about why + */ + i = BIO_read(b->next_bio, &(ctx->buf[BUF_OFFSET]), ENC_BLOCK_SIZE); if (i <= 0) { /* Should be continue next time we are called? */ - if (!BIO_should_retry(next)) { + if (!BIO_should_retry(b->next_bio)) { ctx->cont = i; - i = EVP_CipherFinal_ex(ctx->cipher, - ctx->buf, &(ctx->buf_len)); + i = EVP_CipherFinal_ex(&(ctx->cipher), + (unsigned char *)ctx->buf, + &(ctx->buf_len)); ctx->ok = i; ctx->buf_off = 0; } else { @@ -168,40 +201,14 @@ static int enc_read(BIO *b, char *out, int outl) break; } } else { - if (outl > ENC_MIN_CHUNK) { - /* - * Depending on flags block cipher decrypt can write - * one extra block and then back off, i.e. output buffer - * has to accommodate extra block... - */ - int j = outl - blocksize, buf_len; - - if (!EVP_CipherUpdate(ctx->cipher, - (unsigned char *)out, &buf_len, - ctx->read_start, i > j ? j : i)) { - BIO_clear_retry_flags(b); - return 0; - } - ret += buf_len; - out += buf_len; - outl -= buf_len; - - if ((i -= j) <= 0) { - ctx->read_start = ctx->read_end; - continue; - } - ctx->read_start += j; - } - if (i > ENC_MIN_CHUNK) - i = ENC_MIN_CHUNK; - if (!EVP_CipherUpdate(ctx->cipher, - ctx->buf, &ctx->buf_len, - ctx->read_start, i)) { + if (!EVP_CipherUpdate(&ctx->cipher, + (unsigned char *)ctx->buf, &ctx->buf_len, + (unsigned char *)&(ctx->buf[BUF_OFFSET]), + i)) { BIO_clear_retry_flags(b); ctx->ok = 0; return 0; } - ctx->read_start += i; ctx->cont = 1; /* * Note: it is possible for EVP_CipherUpdate to decrypt zero @@ -235,19 +242,14 @@ static int enc_write(BIO *b, const char *in, int inl) { int ret = 0, n, i; BIO_ENC_CTX *ctx; - BIO *next; - - ctx = BIO_get_data(b); - next = BIO_next(b); - if ((ctx == NULL) || (next == NULL)) - return 0; + ctx = (BIO_ENC_CTX *)b->ptr; ret = inl; BIO_clear_retry_flags(b); n = ctx->buf_len - ctx->buf_off; while (n > 0) { - i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n); + i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n); if (i <= 0) { BIO_copy_next_retry(b); return (i); @@ -263,9 +265,9 @@ static int enc_write(BIO *b, const char *in, int inl) ctx->buf_off = 0; while (inl > 0) { n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl; - if (!EVP_CipherUpdate(ctx->cipher, - ctx->buf, &ctx->buf_len, - (const unsigned char *)in, n)) { + if (!EVP_CipherUpdate(&ctx->cipher, + (unsigned char *)ctx->buf, &ctx->buf_len, + (unsigned char *)in, n)) { BIO_clear_retry_flags(b); ctx->ok = 0; return 0; @@ -276,7 +278,7 @@ static int enc_write(BIO *b, const char *in, int inl) ctx->buf_off = 0; n = ctx->buf_len; while (n > 0) { - i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n); + i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n); if (i <= 0) { BIO_copy_next_retry(b); return (ret == inl) ? i : ret - inl; @@ -298,37 +300,32 @@ static long enc_ctrl(BIO *b, int cmd, long num, void *ptr) long ret = 1; int i; EVP_CIPHER_CTX **c_ctx; - BIO *next; - ctx = BIO_get_data(b); - next = BIO_next(b); - if (ctx == NULL) - return 0; + ctx = (BIO_ENC_CTX *)b->ptr; switch (cmd) { case BIO_CTRL_RESET: ctx->ok = 1; ctx->finished = 0; - if (!EVP_CipherInit_ex(ctx->cipher, NULL, NULL, NULL, NULL, - EVP_CIPHER_CTX_encrypting(ctx->cipher))) - return 0; - ret = BIO_ctrl(next, cmd, num, ptr); + EVP_CipherInit_ex(&(ctx->cipher), NULL, NULL, NULL, NULL, + ctx->cipher.encrypt); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; case BIO_CTRL_EOF: /* More to read */ if (ctx->cont <= 0) ret = 1; else - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; case BIO_CTRL_WPENDING: ret = ctx->buf_len - ctx->buf_off; if (ret <= 0) - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; case BIO_CTRL_PENDING: /* More to read in buffer */ ret = ctx->buf_len - ctx->buf_off; if (ret <= 0) - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; case BIO_CTRL_FLUSH: /* do a final write */ @@ -342,7 +339,7 @@ static long enc_ctrl(BIO *b, int cmd, long num, void *ptr) if (!ctx->finished) { ctx->finished = 1; ctx->buf_off = 0; - ret = EVP_CipherFinal_ex(ctx->cipher, + ret = EVP_CipherFinal_ex(&(ctx->cipher), (unsigned char *)ctx->buf, &(ctx->buf_len)); ctx->ok = (int)ret; @@ -354,33 +351,31 @@ static long enc_ctrl(BIO *b, int cmd, long num, void *ptr) } /* Finally flush the underlying BIO */ - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; case BIO_C_GET_CIPHER_STATUS: ret = (long)ctx->ok; break; case BIO_C_DO_STATE_MACHINE: BIO_clear_retry_flags(b); - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); BIO_copy_next_retry(b); break; case BIO_C_GET_CIPHER_CTX: c_ctx = (EVP_CIPHER_CTX **)ptr; - *c_ctx = ctx->cipher; - BIO_set_init(b, 1); + (*c_ctx) = &(ctx->cipher); + b->init = 1; break; case BIO_CTRL_DUP: dbio = (BIO *)ptr; - dctx = BIO_get_data(dbio); - dctx->cipher = EVP_CIPHER_CTX_new(); - if (dctx->cipher == NULL) - return 0; - ret = EVP_CIPHER_CTX_copy(dctx->cipher, ctx->cipher); + dctx = (BIO_ENC_CTX *)dbio->ptr; + EVP_CIPHER_CTX_init(&dctx->cipher); + ret = EVP_CIPHER_CTX_copy(&dctx->cipher, &ctx->cipher); if (ret) - BIO_set_init(dbio, 1); + dbio->init = 1; break; default: - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; } return (ret); @@ -389,13 +384,12 @@ static long enc_ctrl(BIO *b, int cmd, long num, void *ptr) static long enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) { long ret = 1; - BIO *next = BIO_next(b); - if (next == NULL) + if (b->next_bio == NULL) return (0); switch (cmd) { default: - ret = BIO_callback_ctrl(next, cmd, fp); + ret = BIO_callback_ctrl(b->next_bio, cmd, fp); break; } return (ret); @@ -421,29 +415,23 @@ EVP_CIPHER_ctx *c; } */ -int BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k, - const unsigned char *i, int e) +void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k, + const unsigned char *i, int e) { BIO_ENC_CTX *ctx; - long (*callback) (struct bio_st *, int, const char *, int, long, long); - - ctx = BIO_get_data(b); - if (ctx == NULL) - return 0; - - callback = BIO_get_callback(b); - if ((callback != NULL) && - (callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, - 0L) <= 0)) - return 0; + if (b == NULL) + return; - BIO_set_init(b, 1); + if ((b->callback != NULL) && + (b->callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 0L) <= + 0)) + return; - if (!EVP_CipherInit_ex(ctx->cipher, c, NULL, k, i, e)) - return 0; + b->init = 1; + ctx = (BIO_ENC_CTX *)b->ptr; + EVP_CipherInit_ex(&(ctx->cipher), c, NULL, k, i, e); - if (callback != NULL) - return callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 1L); - return 1; + if (b->callback != NULL) + b->callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 1L); } diff --git a/Cryptlib/OpenSSL/crypto/evp/bio_md.c b/Cryptlib/OpenSSL/crypto/evp/bio_md.c index cd968ec2..f0b0c0c0 100644 --- a/Cryptlib/OpenSSL/crypto/evp/bio_md.c +++ b/Cryptlib/OpenSSL/crypto/evp/bio_md.c @@ -1,20 +1,66 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/bio_md.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> #include <errno.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/buffer.h> #include <openssl/evp.h> -#include "internal/evp_int.h" -#include "evp_locl.h" -#include "internal/bio.h" /* * BIO_put and BIO_get both add to the digest, BIO_gets returns the digest @@ -31,7 +77,7 @@ static int md_new(BIO *h); static int md_free(BIO *data); static long md_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp); -static const BIO_METHOD methods_md = { +static BIO_METHOD methods_md = { BIO_TYPE_MD, "message digest", md_write, md_read, @@ -43,7 +89,7 @@ static const BIO_METHOD methods_md = { md_callback_ctrl, }; -const BIO_METHOD *BIO_f_md(void) +BIO_METHOD *BIO_f_md(void) { return (&methods_md); } @@ -52,44 +98,41 @@ static int md_new(BIO *bi) { EVP_MD_CTX *ctx; - ctx = EVP_MD_CTX_new(); + ctx = EVP_MD_CTX_create(); if (ctx == NULL) return (0); - BIO_set_init(bi, 1); - BIO_set_data(bi, ctx); - - return 1; + bi->init = 0; + bi->ptr = (char *)ctx; + bi->flags = 0; + return (1); } static int md_free(BIO *a) { if (a == NULL) return (0); - EVP_MD_CTX_free(BIO_get_data(a)); - BIO_set_data(a, NULL); - BIO_set_init(a, 0); - - return 1; + EVP_MD_CTX_destroy(a->ptr); + a->ptr = NULL; + a->init = 0; + a->flags = 0; + return (1); } static int md_read(BIO *b, char *out, int outl) { int ret = 0; EVP_MD_CTX *ctx; - BIO *next; if (out == NULL) return (0); + ctx = b->ptr; - ctx = BIO_get_data(b); - next = BIO_next(b); - - if ((ctx == NULL) || (next == NULL)) + if ((ctx == NULL) || (b->next_bio == NULL)) return (0); - ret = BIO_read(next, out, outl); - if (BIO_get_init(b)) { + ret = BIO_read(b->next_bio, out, outl); + if (b->init) { if (ret > 0) { if (EVP_DigestUpdate(ctx, (unsigned char *)out, (unsigned int)ret) <= 0) @@ -105,17 +148,14 @@ static int md_write(BIO *b, const char *in, int inl) { int ret = 0; EVP_MD_CTX *ctx; - BIO *next; if ((in == NULL) || (inl <= 0)) - return 0; - - ctx = BIO_get_data(b); - next = BIO_next(b); - if ((ctx != NULL) && (next != NULL)) - ret = BIO_write(next, in, inl); + return (0); + ctx = b->ptr; - if (BIO_get_init(b)) { + if ((ctx != NULL) && (b->next_bio != NULL)) + ret = BIO_write(b->next_bio, in, inl); + if (b->init) { if (ret > 0) { if (!EVP_DigestUpdate(ctx, (const unsigned char *)in, (unsigned int)ret)) { @@ -124,11 +164,11 @@ static int md_write(BIO *b, const char *in, int inl) } } } - if (next != NULL) { + if (b->next_bio != NULL) { BIO_clear_retry_flags(b); BIO_copy_next_retry(b); } - return ret; + return (ret); } static long md_ctrl(BIO *b, int cmd, long num, void *ptr) @@ -137,23 +177,21 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr) const EVP_MD **ppmd; EVP_MD *md; long ret = 1; - BIO *dbio, *next; - + BIO *dbio; - ctx = BIO_get_data(b); - next = BIO_next(b); + ctx = b->ptr; switch (cmd) { case BIO_CTRL_RESET: - if (BIO_get_init(b)) + if (b->init) ret = EVP_DigestInit_ex(ctx, ctx->digest, NULL); else ret = 0; if (ret > 0) - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; case BIO_C_GET_MD: - if (BIO_get_init(b)) { + if (b->init) { ppmd = ptr; *ppmd = ctx->digest; } else @@ -162,17 +200,17 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr) case BIO_C_GET_MD_CTX: pctx = ptr; *pctx = ctx; - BIO_set_init(b, 1); + b->init = 1; break; case BIO_C_SET_MD_CTX: - if (BIO_get_init(b)) - BIO_set_data(b, ptr); + if (b->init) + b->ptr = ptr; else ret = 0; break; case BIO_C_DO_STATE_MACHINE: BIO_clear_retry_flags(b); - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); BIO_copy_next_retry(b); break; @@ -180,17 +218,17 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr) md = ptr; ret = EVP_DigestInit_ex(ctx, md, NULL); if (ret > 0) - BIO_set_init(b, 1); + b->init = 1; break; case BIO_CTRL_DUP: dbio = ptr; - dctx = BIO_get_data(dbio); + dctx = dbio->ptr; if (!EVP_MD_CTX_copy_ex(dctx, ctx)) return 0; - BIO_set_init(b, 1); + b->init = 1; break; default: - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; } return (ret); @@ -199,16 +237,12 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr) static long md_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) { long ret = 1; - BIO *next; - - next = BIO_next(b); - - if (next == NULL) - return 0; + if (b->next_bio == NULL) + return (0); switch (cmd) { default: - ret = BIO_callback_ctrl(next, cmd, fp); + ret = BIO_callback_ctrl(b->next_bio, cmd, fp); break; } return (ret); @@ -219,13 +253,20 @@ static int md_gets(BIO *bp, char *buf, int size) EVP_MD_CTX *ctx; unsigned int ret; - ctx = BIO_get_data(bp); - + ctx = bp->ptr; if (size < ctx->digest->md_size) - return 0; - + return (0); if (EVP_DigestFinal_ex(ctx, (unsigned char *)buf, &ret) <= 0) return -1; return ((int)ret); } + +/*- +static int md_puts(bp,str) +BIO *bp; +char *str; + { + return(-1); + } +*/ diff --git a/Cryptlib/OpenSSL/crypto/evp/bio_ok.c b/Cryptlib/OpenSSL/crypto/evp/bio_ok.c index 7974b963..16e151f1 100644 --- a/Cryptlib/OpenSSL/crypto/evp/bio_ok.c +++ b/Cryptlib/OpenSSL/crypto/evp/bio_ok.c @@ -1,10 +1,59 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/bio_ok.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ /*- @@ -71,12 +120,11 @@ #include <stdio.h> #include <errno.h> #include <assert.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/buffer.h> -#include "internal/bio.h" +#include <openssl/bio.h> #include <openssl/evp.h> #include <openssl/rand.h> -#include "internal/evp_int.h" static int ok_write(BIO *h, const char *buf, int num); static int ok_read(BIO *h, char *buf, int size); @@ -85,10 +133,10 @@ static int ok_new(BIO *h); static int ok_free(BIO *data); static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp); -static __owur int sig_out(BIO *b); -static __owur int sig_in(BIO *b); -static __owur int block_out(BIO *b); -static __owur int block_in(BIO *b); +static int sig_out(BIO *b); +static int sig_in(BIO *b); +static int block_out(BIO *b); +static int block_in(BIO *b); #define OK_BLOCK_SIZE (1024*4) #define OK_BLOCK_BLOCK 4 #define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE) @@ -101,13 +149,13 @@ typedef struct ok_struct { size_t buf_off_save; int cont; /* <= 0 when finished */ int finished; - EVP_MD_CTX *md; + EVP_MD_CTX md; int blockout; /* output block is ready */ int sigio; /* must process signature */ unsigned char buf[IOBS]; } BIO_OK_CTX; -static const BIO_METHOD methods_ok = { +static BIO_METHOD methods_ok = { BIO_TYPE_CIPHER, "reliable", ok_write, ok_read, @@ -119,7 +167,7 @@ static const BIO_METHOD methods_ok = { ok_callback_ctrl, }; -const BIO_METHOD *BIO_f_reliable(void) +BIO_METHOD *BIO_f_reliable(void) { return (&methods_ok); } @@ -128,54 +176,51 @@ static int ok_new(BIO *bi) { BIO_OK_CTX *ctx; - ctx = OPENSSL_zalloc(sizeof(*ctx)); + ctx = (BIO_OK_CTX *)OPENSSL_malloc(sizeof(BIO_OK_CTX)); if (ctx == NULL) - return 0; + return (0); + ctx->buf_len = 0; + ctx->buf_off = 0; + ctx->buf_len_save = 0; + ctx->buf_off_save = 0; ctx->cont = 1; + ctx->finished = 0; + ctx->blockout = 0; ctx->sigio = 1; - ctx->md = EVP_MD_CTX_new(); - if (ctx->md == NULL) { - OPENSSL_free(ctx); - return 0; - } - BIO_set_init(bi, 0); - BIO_set_data(bi, ctx); - return 1; + EVP_MD_CTX_init(&ctx->md); + + bi->init = 0; + bi->ptr = (char *)ctx; + bi->flags = 0; + return (1); } static int ok_free(BIO *a) { - BIO_OK_CTX *ctx; - if (a == NULL) - return 0; - - ctx = BIO_get_data(a); - - EVP_MD_CTX_free(ctx->md); - OPENSSL_clear_free(ctx, sizeof(BIO_OK_CTX)); - BIO_set_data(a, NULL); - BIO_set_init(a, 0); - - return 1; + return (0); + EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md); + OPENSSL_cleanse(a->ptr, sizeof(BIO_OK_CTX)); + OPENSSL_free(a->ptr); + a->ptr = NULL; + a->init = 0; + a->flags = 0; + return (1); } static int ok_read(BIO *b, char *out, int outl) { int ret = 0, i, n; BIO_OK_CTX *ctx; - BIO *next; if (out == NULL) - return 0; - - ctx = BIO_get_data(b); - next = BIO_next(b); + return (0); + ctx = (BIO_OK_CTX *)b->ptr; - if ((ctx == NULL) || (next == NULL) || (BIO_get_init(b) == 0)) - return 0; + if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) + return (0); while (outl > 0) { @@ -214,7 +259,7 @@ static int ok_read(BIO *b, char *out, int outl) /* no clean bytes in buffer -- fill it */ n = IOBS - ctx->buf_len; - i = BIO_read(next, &(ctx->buf[ctx->buf_len]), n); + i = BIO_read(b->next_bio, &(ctx->buf[ctx->buf_len]), n); if (i <= 0) break; /* nothing new */ @@ -245,23 +290,21 @@ static int ok_read(BIO *b, char *out, int outl) BIO_clear_retry_flags(b); BIO_copy_next_retry(b); - return ret; + return (ret); } static int ok_write(BIO *b, const char *in, int inl) { int ret = 0, n, i; BIO_OK_CTX *ctx; - BIO *next; if (inl <= 0) return inl; - ctx = BIO_get_data(b); - next = BIO_next(b); + ctx = (BIO_OK_CTX *)b->ptr; ret = inl; - if ((ctx == NULL) || (next == NULL) || (BIO_get_init(b) == 0)) + if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) return (0); if (ctx->sigio && !sig_out(b)) @@ -271,7 +314,7 @@ static int ok_write(BIO *b, const char *in, int inl) BIO_clear_retry_flags(b); n = ctx->buf_len - ctx->buf_off; while (ctx->blockout && n > 0) { - i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n); + i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n); if (i <= 0) { BIO_copy_next_retry(b); if (!BIO_should_retry(b)) @@ -295,7 +338,8 @@ static int ok_write(BIO *b, const char *in, int inl) n = (inl + ctx->buf_len > OK_BLOCK_SIZE + OK_BLOCK_BLOCK) ? (int)(OK_BLOCK_SIZE + OK_BLOCK_BLOCK - ctx->buf_len) : inl; - memcpy(&ctx->buf[ctx->buf_len], in, n); + memcpy((unsigned char *)(&(ctx->buf[ctx->buf_len])), + (unsigned char *)in, n); ctx->buf_len += n; inl -= n; in += n; @@ -320,10 +364,8 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr) const EVP_MD **ppmd; long ret = 1; int i; - BIO *next; - ctx = BIO_get_data(b); - next = BIO_next(b); + ctx = b->ptr; switch (cmd) { case BIO_CTRL_RESET: @@ -335,19 +377,19 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr) ctx->finished = 0; ctx->blockout = 0; ctx->sigio = 1; - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; case BIO_CTRL_EOF: /* More to read */ if (ctx->cont <= 0) ret = 1; else - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; case BIO_CTRL_PENDING: /* More to read in buffer */ case BIO_CTRL_WPENDING: /* More to read in buffer */ ret = ctx->blockout ? ctx->buf_len - ctx->buf_off : 0; if (ret <= 0) - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; case BIO_CTRL_FLUSH: /* do a final write */ @@ -368,11 +410,11 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr) ctx->cont = (int)ret; /* Finally flush the underlying BIO */ - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; case BIO_C_DO_STATE_MACHINE: BIO_clear_retry_flags(b); - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); BIO_copy_next_retry(b); break; case BIO_CTRL_INFO: @@ -380,41 +422,36 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr) break; case BIO_C_SET_MD: md = ptr; - if (!EVP_DigestInit_ex(ctx->md, md, NULL)) + if (!EVP_DigestInit_ex(&ctx->md, md, NULL)) return 0; - BIO_set_init(b, 1); + b->init = 1; break; case BIO_C_GET_MD: - if (BIO_get_init(b)) { + if (b->init) { ppmd = ptr; - *ppmd = EVP_MD_CTX_md(ctx->md); + *ppmd = ctx->md.digest; } else ret = 0; break; default: - ret = BIO_ctrl(next, cmd, num, ptr); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; } - return ret; + return (ret); } static long ok_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) { long ret = 1; - BIO *next; - - next = BIO_next(b); - - if (next == NULL) - return 0; + if (b->next_bio == NULL) + return (0); switch (cmd) { default: - ret = BIO_callback_ctrl(next, cmd, fp); + ret = BIO_callback_ctrl(b->next_bio, cmd, fp); break; } - - return ret; + return (ret); } static void longswap(void *_ptr, size_t len) @@ -441,36 +478,30 @@ static int sig_out(BIO *b) { BIO_OK_CTX *ctx; EVP_MD_CTX *md; - const EVP_MD *digest; - int md_size; - void *md_data; - ctx = BIO_get_data(b); - md = ctx->md; - digest = EVP_MD_CTX_md(md); - md_size = EVP_MD_size(digest); - md_data = EVP_MD_CTX_md_data(md); + ctx = b->ptr; + md = &ctx->md; - if (ctx->buf_len + 2 * md_size > OK_BLOCK_SIZE) + if (ctx->buf_len + 2 * md->digest->md_size > OK_BLOCK_SIZE) return 1; - if (!EVP_DigestInit_ex(md, digest, NULL)) + if (!EVP_DigestInit_ex(md, md->digest, NULL)) goto berr; /* * FIXME: there's absolutely no guarantee this makes any sense at all, * particularly now EVP_MD_CTX has been restructured. */ - if (RAND_bytes(md_data, md_size) <= 0) + if (RAND_bytes(md->md_data, md->digest->md_size) <= 0) goto berr; - memcpy(&(ctx->buf[ctx->buf_len]), md_data, md_size); - longswap(&(ctx->buf[ctx->buf_len]), md_size); - ctx->buf_len += md_size; + memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size); + longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size); + ctx->buf_len += md->digest->md_size; if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN))) goto berr; if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL)) goto berr; - ctx->buf_len += md_size; + ctx->buf_len += md->digest->md_size; ctx->blockout = 1; ctx->sigio = 0; return 1; @@ -485,31 +516,25 @@ static int sig_in(BIO *b) EVP_MD_CTX *md; unsigned char tmp[EVP_MAX_MD_SIZE]; int ret = 0; - const EVP_MD *digest; - int md_size; - void *md_data; - ctx = BIO_get_data(b); - md = ctx->md; - digest = EVP_MD_CTX_md(md); - md_size = EVP_MD_size(digest); - md_data = EVP_MD_CTX_md_data(md); + ctx = b->ptr; + md = &ctx->md; - if ((int)(ctx->buf_len - ctx->buf_off) < 2 * md_size) + if ((int)(ctx->buf_len - ctx->buf_off) < 2 * md->digest->md_size) return 1; - if (!EVP_DigestInit_ex(md, digest, NULL)) + if (!EVP_DigestInit_ex(md, md->digest, NULL)) goto berr; - memcpy(md_data, &(ctx->buf[ctx->buf_off]), md_size); - longswap(md_data, md_size); - ctx->buf_off += md_size; + memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size); + longswap(md->md_data, md->digest->md_size); + ctx->buf_off += md->digest->md_size; if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN))) goto berr; if (!EVP_DigestFinal_ex(md, tmp, NULL)) goto berr; - ret = memcmp(&(ctx->buf[ctx->buf_off]), tmp, md_size) == 0; - ctx->buf_off += md_size; + ret = memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0; + ctx->buf_off += md->digest->md_size; if (ret == 1) { ctx->sigio = 0; if (ctx->buf_len != ctx->buf_off) { @@ -532,13 +557,9 @@ static int block_out(BIO *b) BIO_OK_CTX *ctx; EVP_MD_CTX *md; unsigned long tl; - const EVP_MD *digest; - int md_size; - ctx = BIO_get_data(b); - md = ctx->md; - digest = EVP_MD_CTX_md(md); - md_size = EVP_MD_size(digest); + ctx = b->ptr; + md = &ctx->md; tl = ctx->buf_len - OK_BLOCK_BLOCK; ctx->buf[0] = (unsigned char)(tl >> 24); @@ -550,7 +571,7 @@ static int block_out(BIO *b) goto berr; if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL)) goto berr; - ctx->buf_len += md_size; + ctx->buf_len += md->digest->md_size; ctx->blockout = 1; return 1; berr: @@ -564,11 +585,9 @@ static int block_in(BIO *b) EVP_MD_CTX *md; unsigned long tl = 0; unsigned char tmp[EVP_MAX_MD_SIZE]; - int md_size; - ctx = BIO_get_data(b); - md = ctx->md; - md_size = EVP_MD_size(EVP_MD_CTX_md(md)); + ctx = b->ptr; + md = &ctx->md; assert(sizeof(tl) >= OK_BLOCK_BLOCK); /* always true */ tl = ctx->buf[0]; @@ -579,7 +598,7 @@ static int block_in(BIO *b) tl <<= 8; tl |= ctx->buf[3]; - if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md_size) + if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md->digest->md_size) return 1; if (!EVP_DigestUpdate(md, @@ -587,9 +606,10 @@ static int block_in(BIO *b) goto berr; if (!EVP_DigestFinal_ex(md, tmp, NULL)) goto berr; - if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md_size) == 0) { + if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == + 0) { /* there might be parts from next block lurking around ! */ - ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md_size; + ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md->digest->md_size; ctx->buf_len_save = ctx->buf_len; ctx->buf_off = OK_BLOCK_BLOCK; ctx->buf_len = tl + OK_BLOCK_BLOCK; diff --git a/Cryptlib/OpenSSL/crypto/evp/c_all.c b/Cryptlib/OpenSSL/crypto/evp/c_all.c new file mode 100644 index 00000000..719e34d2 --- /dev/null +++ b/Cryptlib/OpenSSL/crypto/evp/c_all.c @@ -0,0 +1,85 @@ +/* crypto/evp/c_all.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "cryptlib.h" +#include <openssl/evp.h> +#ifndef OPENSSL_NO_ENGINE +# include <openssl/engine.h> +#endif + +#if 0 +# undef OpenSSL_add_all_algorithms + +void OpenSSL_add_all_algorithms(void) +{ + OPENSSL_add_all_algorithms_noconf(); +} +#endif + +void OPENSSL_add_all_algorithms_noconf(void) +{ + /* + * For the moment OPENSSL_cpuid_setup does something + * only on IA-32, but we reserve the option for all + * platforms... + */ + OPENSSL_cpuid_setup(); + OpenSSL_add_all_ciphers(); + OpenSSL_add_all_digests(); +} diff --git a/Cryptlib/OpenSSL/crypto/evp/c_allc.c b/Cryptlib/OpenSSL/crypto/evp/c_allc.c index 6ed31edb..280e5840 100644 --- a/Cryptlib/OpenSSL/crypto/evp/c_allc.c +++ b/Cryptlib/OpenSSL/crypto/evp/c_allc.c @@ -1,20 +1,68 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/c_allc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/evp.h> -#include <internal/evp_int.h> #include <openssl/pkcs12.h> #include <openssl/objects.h> -void openssl_add_all_ciphers_int(void) +void OpenSSL_add_all_ciphers(void) { #ifndef OPENSSL_NO_DES @@ -44,13 +92,8 @@ void openssl_add_all_ciphers_int(void) EVP_add_cipher(EVP_des_ecb()); EVP_add_cipher(EVP_des_ede()); - EVP_add_cipher_alias(SN_des_ede_ecb, "DES-EDE-ECB"); - EVP_add_cipher_alias(SN_des_ede_ecb, "des-ede-ecb"); EVP_add_cipher(EVP_des_ede3()); - EVP_add_cipher_alias(SN_des_ede3_ecb, "DES-EDE3-ECB"); - EVP_add_cipher_alias(SN_des_ede3_ecb, "des-ede3-ecb"); EVP_add_cipher(EVP_des_ede3_wrap()); - EVP_add_cipher_alias(SN_id_smime_alg_CMS3DESwrap, "des3-wrap"); #endif #ifndef OPENSSL_NO_RC4 @@ -88,9 +131,6 @@ void openssl_add_all_ciphers_int(void) EVP_add_cipher(EVP_rc2_64_cbc()); EVP_add_cipher_alias(SN_rc2_cbc, "RC2"); EVP_add_cipher_alias(SN_rc2_cbc, "rc2"); - EVP_add_cipher_alias(SN_rc2_cbc, "rc2-128"); - EVP_add_cipher_alias(SN_rc2_64_cbc, "rc2-64"); - EVP_add_cipher_alias(SN_rc2_40_cbc, "rc2-40"); #endif #ifndef OPENSSL_NO_BF @@ -123,6 +163,7 @@ void openssl_add_all_ciphers_int(void) EVP_add_cipher_alias(SN_rc5_cbc, "RC5"); #endif +#ifndef OPENSSL_NO_AES EVP_add_cipher(EVP_aes_128_ecb()); EVP_add_cipher(EVP_aes_128_cbc()); EVP_add_cipher(EVP_aes_128_cfb()); @@ -131,14 +172,9 @@ void openssl_add_all_ciphers_int(void) EVP_add_cipher(EVP_aes_128_ofb()); EVP_add_cipher(EVP_aes_128_ctr()); EVP_add_cipher(EVP_aes_128_gcm()); -#ifndef OPENSSL_NO_OCB - EVP_add_cipher(EVP_aes_128_ocb()); -#endif EVP_add_cipher(EVP_aes_128_xts()); EVP_add_cipher(EVP_aes_128_ccm()); EVP_add_cipher(EVP_aes_128_wrap()); - EVP_add_cipher_alias(SN_id_aes128_wrap, "aes128-wrap"); - EVP_add_cipher(EVP_aes_128_wrap_pad()); EVP_add_cipher_alias(SN_aes_128_cbc, "AES128"); EVP_add_cipher_alias(SN_aes_128_cbc, "aes128"); EVP_add_cipher(EVP_aes_192_ecb()); @@ -149,13 +185,8 @@ void openssl_add_all_ciphers_int(void) EVP_add_cipher(EVP_aes_192_ofb()); EVP_add_cipher(EVP_aes_192_ctr()); EVP_add_cipher(EVP_aes_192_gcm()); -#ifndef OPENSSL_NO_OCB - EVP_add_cipher(EVP_aes_192_ocb()); -#endif EVP_add_cipher(EVP_aes_192_ccm()); EVP_add_cipher(EVP_aes_192_wrap()); - EVP_add_cipher_alias(SN_id_aes192_wrap, "aes192-wrap"); - EVP_add_cipher(EVP_aes_192_wrap_pad()); EVP_add_cipher_alias(SN_aes_192_cbc, "AES192"); EVP_add_cipher_alias(SN_aes_192_cbc, "aes192"); EVP_add_cipher(EVP_aes_256_ecb()); @@ -166,20 +197,20 @@ void openssl_add_all_ciphers_int(void) EVP_add_cipher(EVP_aes_256_ofb()); EVP_add_cipher(EVP_aes_256_ctr()); EVP_add_cipher(EVP_aes_256_gcm()); -#ifndef OPENSSL_NO_OCB - EVP_add_cipher(EVP_aes_256_ocb()); -#endif EVP_add_cipher(EVP_aes_256_xts()); EVP_add_cipher(EVP_aes_256_ccm()); EVP_add_cipher(EVP_aes_256_wrap()); - EVP_add_cipher_alias(SN_id_aes256_wrap, "aes256-wrap"); - EVP_add_cipher(EVP_aes_256_wrap_pad()); EVP_add_cipher_alias(SN_aes_256_cbc, "AES256"); EVP_add_cipher_alias(SN_aes_256_cbc, "aes256"); +# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1()); +# endif +# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256) EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256()); +# endif +#endif #ifndef OPENSSL_NO_CAMELLIA EVP_add_cipher(EVP_camellia_128_ecb()); @@ -206,15 +237,5 @@ void openssl_add_all_ciphers_int(void) EVP_add_cipher(EVP_camellia_256_ofb()); EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256"); EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256"); - EVP_add_cipher(EVP_camellia_128_ctr()); - EVP_add_cipher(EVP_camellia_192_ctr()); - EVP_add_cipher(EVP_camellia_256_ctr()); -#endif - -#ifndef OPENSSL_NO_CHACHA - EVP_add_cipher(EVP_chacha20()); -# ifndef OPENSSL_NO_POLY1305 - EVP_add_cipher(EVP_chacha20_poly1305()); -# endif #endif } diff --git a/Cryptlib/OpenSSL/crypto/evp/c_alld.c b/Cryptlib/OpenSSL/crypto/evp/c_alld.c index ec79734e..fdbe3ee0 100644 --- a/Cryptlib/OpenSSL/crypto/evp/c_alld.c +++ b/Cryptlib/OpenSSL/crypto/evp/c_alld.c @@ -1,49 +1,114 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/c_alld.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/evp.h> -#include <internal/evp_int.h> #include <openssl/pkcs12.h> #include <openssl/objects.h> -void openssl_add_all_digests_int(void) +void OpenSSL_add_all_digests(void) { #ifndef OPENSSL_NO_MD4 EVP_add_digest(EVP_md4()); #endif #ifndef OPENSSL_NO_MD5 EVP_add_digest(EVP_md5()); + EVP_add_digest_alias(SN_md5, "ssl2-md5"); EVP_add_digest_alias(SN_md5, "ssl3-md5"); - EVP_add_digest(EVP_md5_sha1()); #endif +#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) + EVP_add_digest(EVP_sha()); +# ifndef OPENSSL_NO_DSA + EVP_add_digest(EVP_dss()); +# endif +#endif +#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) EVP_add_digest(EVP_sha1()); EVP_add_digest_alias(SN_sha1, "ssl3-sha1"); EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA); +# ifndef OPENSSL_NO_DSA + EVP_add_digest(EVP_dss1()); + EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2); + EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1"); + EVP_add_digest_alias(SN_dsaWithSHA1, "dss1"); +# endif +# ifndef OPENSSL_NO_ECDSA + EVP_add_digest(EVP_ecdsa()); +# endif +#endif #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES) EVP_add_digest(EVP_mdc2()); #endif -#ifndef OPENSSL_NO_RMD160 +#ifndef OPENSSL_NO_RIPEMD EVP_add_digest(EVP_ripemd160()); EVP_add_digest_alias(SN_ripemd160, "ripemd"); EVP_add_digest_alias(SN_ripemd160, "rmd160"); #endif +#ifndef OPENSSL_NO_SHA256 EVP_add_digest(EVP_sha224()); EVP_add_digest(EVP_sha256()); +#endif +#ifndef OPENSSL_NO_SHA512 EVP_add_digest(EVP_sha384()); EVP_add_digest(EVP_sha512()); +#endif #ifndef OPENSSL_NO_WHIRLPOOL EVP_add_digest(EVP_whirlpool()); #endif -#ifndef OPENSSL_NO_BLAKE2 - EVP_add_digest(EVP_blake2b512()); - EVP_add_digest(EVP_blake2s256()); -#endif } diff --git a/Cryptlib/OpenSSL/crypto/evp/cmeth_lib.c b/Cryptlib/OpenSSL/crypto/evp/cmeth_lib.c deleted file mode 100644 index e2295c4d..00000000 --- a/Cryptlib/OpenSSL/crypto/evp/cmeth_lib.c +++ /dev/null @@ -1,151 +0,0 @@ -/* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <string.h> - -#include <openssl/evp.h> -#include "internal/evp_int.h" -#include "evp_locl.h" - -EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len) -{ - EVP_CIPHER *cipher = OPENSSL_zalloc(sizeof(EVP_CIPHER)); - - if (cipher != NULL) { - cipher->nid = cipher_type; - cipher->block_size = block_size; - cipher->key_len = key_len; - } - return cipher; -} - -EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher) -{ - EVP_CIPHER *to = EVP_CIPHER_meth_new(cipher->nid, cipher->block_size, - cipher->key_len); - - if (to != NULL) - memcpy(to, cipher, sizeof(*to)); - return to; -} - -void EVP_CIPHER_meth_free(EVP_CIPHER *cipher) -{ - OPENSSL_free(cipher); -} - -int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len) -{ - cipher->iv_len = iv_len; - return 1; -} - -int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags) -{ - cipher->flags = flags; - return 1; -} - -int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size) -{ - cipher->ctx_size = ctx_size; - return 1; -} - -int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher, - int (*init) (EVP_CIPHER_CTX *ctx, - const unsigned char *key, - const unsigned char *iv, - int enc)) -{ - cipher->init = init; - return 1; -} - -int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher, - int (*do_cipher) (EVP_CIPHER_CTX *ctx, - unsigned char *out, - const unsigned char *in, - size_t inl)) -{ - cipher->do_cipher = do_cipher; - return 1; -} - -int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher, - int (*cleanup) (EVP_CIPHER_CTX *)) -{ - cipher->cleanup = cleanup; - return 1; -} - -int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher, - int (*set_asn1_parameters) (EVP_CIPHER_CTX *, - ASN1_TYPE *)) -{ - cipher->set_asn1_parameters = set_asn1_parameters; - return 1; -} - -int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher, - int (*get_asn1_parameters) (EVP_CIPHER_CTX *, - ASN1_TYPE *)) -{ - cipher->get_asn1_parameters = get_asn1_parameters; - return 1; -} - -int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher, - int (*ctrl) (EVP_CIPHER_CTX *, int type, - int arg, void *ptr)) -{ - cipher->ctrl = ctrl; - return 1; -} - - -int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx, - const unsigned char *key, - const unsigned char *iv, - int enc) -{ - return cipher->init; -} -int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx, - unsigned char *out, - const unsigned char *in, - size_t inl) -{ - return cipher->do_cipher; -} - -int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *) -{ - return cipher->cleanup; -} - -int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *, - ASN1_TYPE *) -{ - return cipher->set_asn1_parameters; -} - -int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *, - ASN1_TYPE *) -{ - return cipher->get_asn1_parameters; -} - -int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *, - int type, int arg, - void *ptr) -{ - return cipher->ctrl; -} - diff --git a/Cryptlib/OpenSSL/crypto/evp/digest.c b/Cryptlib/OpenSSL/crypto/evp/digest.c index 65eff7c8..4db17962 100644 --- a/Cryptlib/OpenSSL/crypto/evp/digest.c +++ b/Cryptlib/OpenSSL/crypto/evp/digest.c @@ -1,75 +1,173 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/digest.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +/* ==================================================================== + * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/objects.h> #include <openssl/evp.h> -#include <openssl/engine.h> -#include "internal/evp_int.h" -#include "evp_locl.h" - -/* This call frees resources associated with the context */ -int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) -{ - if (ctx == NULL) - return 1; - - /* - * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because - * sometimes only copies of the context are ever finalised. - */ - if (ctx->digest && ctx->digest->cleanup - && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED)) - ctx->digest->cleanup(ctx); - if (ctx->digest && ctx->digest->ctx_size && ctx->md_data - && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) { - OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); - } - EVP_PKEY_CTX_free(ctx->pctx); #ifndef OPENSSL_NO_ENGINE - ENGINE_finish(ctx->engine); +# include <openssl/engine.h> #endif - OPENSSL_cleanse(ctx, sizeof(*ctx)); - return 1; -} +#ifdef OPENSSL_FIPS +# include <openssl/fips.h> +# include "evp_locl.h" +#endif -EVP_MD_CTX *EVP_MD_CTX_new(void) +void EVP_MD_CTX_init(EVP_MD_CTX *ctx) { - return OPENSSL_zalloc(sizeof(EVP_MD_CTX)); + memset(ctx, '\0', sizeof *ctx); } -void EVP_MD_CTX_free(EVP_MD_CTX *ctx) +EVP_MD_CTX *EVP_MD_CTX_create(void) { - EVP_MD_CTX_reset(ctx); - OPENSSL_free(ctx); + EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof *ctx); + + if (ctx) + EVP_MD_CTX_init(ctx); + + return ctx; } int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) { - EVP_MD_CTX_reset(ctx); + EVP_MD_CTX_init(ctx); return EVP_DigestInit_ex(ctx, type, NULL); } int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) { EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); +#ifdef OPENSSL_FIPS + /* If FIPS mode switch to approved implementation if possible */ + if (FIPS_mode()) { + const EVP_MD *fipsmd; + if (type) { + fipsmd = evp_get_fips_md(type); + if (fipsmd) + type = fipsmd; + } + } +#endif #ifndef OPENSSL_NO_ENGINE /* * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so * this context may already have an ENGINE! Try to avoid releasing the * previous handle, re-querying for an ENGINE, and having a - * reinitialisation, when it may all be unnecessary. + * reinitialisation, when it may all be unecessary. */ - if (ctx->engine && ctx->digest && - (type == NULL || (type->type == ctx->digest->type))) + if (ctx->engine && ctx->digest && (!type || + (type + && (type->type == + ctx->digest->type)))) goto skip_to_init; if (type) { /* @@ -77,21 +175,21 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) * previous check attempted to avoid this if the same ENGINE and * EVP_MD could be used). */ - ENGINE_finish(ctx->engine); - if (impl != NULL) { + if (ctx->engine) + ENGINE_finish(ctx->engine); + if (impl) { if (!ENGINE_init(impl)) { EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR); return 0; } - } else { + } else /* Ask if an ENGINE is reserved for this job */ impl = ENGINE_get_digest_engine(type->type); - } - if (impl != NULL) { + if (impl) { /* There's an ENGINE for this job ... (apparently) */ const EVP_MD *d = ENGINE_get_digest(impl, type->type); - - if (d == NULL) { + if (!d) { + /* Same comment from evp_enc.c */ EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR); ENGINE_finish(impl); return 0; @@ -115,13 +213,13 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) #endif if (ctx->digest != type) { if (ctx->digest && ctx->digest->ctx_size) { - OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); + OPENSSL_free(ctx->md_data); ctx->md_data = NULL; } ctx->digest = type; if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) { ctx->update = type->update; - ctx->md_data = OPENSSL_zalloc(type->ctx_size); + ctx->md_data = OPENSSL_malloc(type->ctx_size); if (ctx->md_data == NULL) { EVPerr(EVP_F_EVP_DIGESTINIT_EX, ERR_R_MALLOC_FAILURE); return 0; @@ -140,11 +238,24 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) } if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) return 1; +#ifdef OPENSSL_FIPS + if (FIPS_mode()) { + if (FIPS_digestinit(ctx, type)) + return 1; + OPENSSL_free(ctx->md_data); + ctx->md_data = NULL; + return 0; + } +#endif return ctx->digest->init(ctx); } int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) { +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + return FIPS_digestupdate(ctx, data, count); +#endif return ctx->update(ctx, data, count); } @@ -153,7 +264,7 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) { int ret; ret = EVP_DigestFinal_ex(ctx, md, size); - EVP_MD_CTX_reset(ctx); + EVP_MD_CTX_cleanup(ctx); return ret; } @@ -161,6 +272,10 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) { int ret; +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + return FIPS_digestfinal(ctx, md, size); +#endif OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); ret = ctx->digest->final(ctx, md); @@ -176,7 +291,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) { - EVP_MD_CTX_reset(out); + EVP_MD_CTX_init(out); return EVP_MD_CTX_copy_ex(out, in); } @@ -200,22 +315,15 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) EVP_MD_CTX_set_flags(out, EVP_MD_CTX_FLAG_REUSE); } else tmp_buf = NULL; - EVP_MD_CTX_reset(out); - memcpy(out, in, sizeof(*out)); - - /* Null these variables, since they are getting fixed up - * properly below. Anything else may cause a memleak and/or - * double free if any of the memory allocations below fail - */ - out->md_data = NULL; - out->pctx = NULL; + EVP_MD_CTX_cleanup(out); + memcpy(out, in, sizeof *out); if (in->md_data && out->digest->ctx_size) { if (tmp_buf) out->md_data = tmp_buf; else { out->md_data = OPENSSL_malloc(out->digest->ctx_size); - if (out->md_data == NULL) { + if (!out->md_data) { EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_MALLOC_FAILURE); return 0; } @@ -228,7 +336,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) if (in->pctx) { out->pctx = EVP_PKEY_CTX_dup(in->pctx); if (!out->pctx) { - EVP_MD_CTX_reset(out); + EVP_MD_CTX_cleanup(out); return 0; } } @@ -243,27 +351,58 @@ int EVP_Digest(const void *data, size_t count, unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl) { - EVP_MD_CTX *ctx = EVP_MD_CTX_new(); + EVP_MD_CTX ctx; int ret; - if (ctx == NULL) - return 0; - EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_ONESHOT); - ret = EVP_DigestInit_ex(ctx, type, impl) - && EVP_DigestUpdate(ctx, data, count) - && EVP_DigestFinal_ex(ctx, md, size); - EVP_MD_CTX_free(ctx); + EVP_MD_CTX_init(&ctx); + EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_ONESHOT); + ret = EVP_DigestInit_ex(&ctx, type, impl) + && EVP_DigestUpdate(&ctx, data, count) + && EVP_DigestFinal_ex(&ctx, md, size); + EVP_MD_CTX_cleanup(&ctx); return ret; } -int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2) +void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx) { - if (ctx->digest && ctx->digest->md_ctrl) { - int ret = ctx->digest->md_ctrl(ctx, cmd, p1, p2); - if (ret <= 0) - return 0; - return 1; + if (ctx) { + EVP_MD_CTX_cleanup(ctx); + OPENSSL_free(ctx); + } +} + +/* This call frees resources associated with the context */ +int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) +{ +#ifndef OPENSSL_FIPS + /* + * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because + * sometimes only copies of the context are ever finalised. + */ + if (ctx->digest && ctx->digest->cleanup + && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED)) + ctx->digest->cleanup(ctx); + if (ctx->digest && ctx->digest->ctx_size && ctx->md_data + && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) { + OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size); + OPENSSL_free(ctx->md_data); } - return 0; +#endif + if (ctx->pctx) + EVP_PKEY_CTX_free(ctx->pctx); +#ifndef OPENSSL_NO_ENGINE + if (ctx->engine) + /* + * The EVP_MD we used belongs to an ENGINE, release the functional + * reference we held for this reason. + */ + ENGINE_finish(ctx->engine); +#endif +#ifdef OPENSSL_FIPS + FIPS_md_ctx_cleanup(ctx); +#endif + memset(ctx, '\0', sizeof *ctx); + + return 1; } diff --git a/Cryptlib/OpenSSL/crypto/evp/e_aes.c b/Cryptlib/OpenSSL/crypto/evp/e_aes.c index 17822f20..7c62d327 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_aes.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_aes.c @@ -1,23 +1,67 @@ -/* - * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved. +/* ==================================================================== + * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ #include <openssl/opensslconf.h> +#ifndef OPENSSL_NO_AES #include <openssl/crypto.h> -#include <openssl/evp.h> -#include <openssl/err.h> -#include <string.h> -#include <assert.h> -#include <openssl/aes.h> -#include "internal/evp_int.h" -#include "modes_lcl.h" -#include <openssl/rand.h> -#include "evp_locl.h" +# include <openssl/evp.h> +# include <openssl/err.h> +# include <string.h> +# include <assert.h> +# include <openssl/aes.h> +# include "evp_locl.h" +# include "modes_lcl.h" +# include <openssl/rand.h> + +# undef EVP_CIPH_FLAG_FIPS +# define EVP_CIPH_FLAG_FIPS 0 typedef struct { union { @@ -69,38 +113,13 @@ typedef struct { int tag_set; /* Set if tag is valid */ int len_set; /* Set if message length set */ int L, M; /* L and M parameters from RFC3610 */ - int tls_aad_len; /* TLS AAD length */ CCM128_CONTEXT ccm; ccm128_f str; } EVP_AES_CCM_CTX; -#ifndef OPENSSL_NO_OCB -typedef struct { - union { - double align; - AES_KEY ks; - } ksenc; /* AES key schedule to use for encryption */ - union { - double align; - AES_KEY ks; - } ksdec; /* AES key schedule to use for decryption */ - int key_set; /* Set if key initialised */ - int iv_set; /* Set if an iv is set */ - OCB128_CONTEXT ocb; - unsigned char *iv; /* Temporary IV store */ - unsigned char tag[16]; - unsigned char data_buf[16]; /* Store partial data blocks */ - unsigned char aad_buf[16]; /* Store partial AAD blocks */ - int data_buf_len; - int aad_buf_len; - int ivlen; /* IV length */ - int taglen; -} EVP_AES_OCB_CTX; -#endif - -#define MAXBITCHUNK ((size_t)1<<(sizeof(size_t)*8-4)) +# define MAXBITCHUNK ((size_t)1<<(sizeof(size_t)*8-4)) -#ifdef VPAES_ASM +# ifdef VPAES_ASM int vpaes_set_encrypt_key(const unsigned char *userKey, int bits, AES_KEY *key); int vpaes_set_decrypt_key(const unsigned char *userKey, int bits, @@ -115,8 +134,8 @@ void vpaes_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t length, const AES_KEY *key, unsigned char *ivec, int enc); -#endif -#ifdef BSAES_ASM +# endif +# ifdef BSAES_ASM void bsaes_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t length, const AES_KEY *key, unsigned char ivec[16], int enc); @@ -129,55 +148,54 @@ void bsaes_xts_encrypt(const unsigned char *inp, unsigned char *out, void bsaes_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len, const AES_KEY *key1, const AES_KEY *key2, const unsigned char iv[16]); -#endif -#ifdef AES_CTR_ASM +# endif +# ifdef AES_CTR_ASM void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out, size_t blocks, const AES_KEY *key, const unsigned char ivec[AES_BLOCK_SIZE]); -#endif -#ifdef AES_XTS_ASM -void AES_xts_encrypt(const char *inp, char *out, size_t len, +# endif +# ifdef AES_XTS_ASM +void AES_xts_encrypt(const unsigned char *inp, unsigned char *out, size_t len, const AES_KEY *key1, const AES_KEY *key2, const unsigned char iv[16]); -void AES_xts_decrypt(const char *inp, char *out, size_t len, +void AES_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len, const AES_KEY *key1, const AES_KEY *key2, const unsigned char iv[16]); -#endif +# endif -#if defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC)) -# include "ppc_arch.h" -# ifdef VPAES_ASM -# define VPAES_CAPABLE (OPENSSL_ppccap_P & PPC_ALTIVEC) +# if defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC)) +# include "ppc_arch.h" +# ifdef VPAES_ASM +# define VPAES_CAPABLE (OPENSSL_ppccap_P & PPC_ALTIVEC) +# endif +# define HWAES_CAPABLE (OPENSSL_ppccap_P & PPC_CRYPTO207) +# define HWAES_set_encrypt_key aes_p8_set_encrypt_key +# define HWAES_set_decrypt_key aes_p8_set_decrypt_key +# define HWAES_encrypt aes_p8_encrypt +# define HWAES_decrypt aes_p8_decrypt +# define HWAES_cbc_encrypt aes_p8_cbc_encrypt +# define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks # endif -# define HWAES_CAPABLE (OPENSSL_ppccap_P & PPC_CRYPTO207) -# define HWAES_set_encrypt_key aes_p8_set_encrypt_key -# define HWAES_set_decrypt_key aes_p8_set_decrypt_key -# define HWAES_encrypt aes_p8_encrypt -# define HWAES_decrypt aes_p8_decrypt -# define HWAES_cbc_encrypt aes_p8_cbc_encrypt -# define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks -# define HWAES_xts_encrypt aes_p8_xts_encrypt -# define HWAES_xts_decrypt aes_p8_xts_decrypt -#endif -#if defined(AES_ASM) && !defined(I386_ONLY) && ( \ +# if defined(AES_ASM) && !defined(I386_ONLY) && ( \ ((defined(__i386) || defined(__i386__) || \ defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \ defined(__x86_64) || defined(__x86_64__) || \ - defined(_M_AMD64) || defined(_M_X64) ) + defined(_M_AMD64) || defined(_M_X64) || \ + defined(__INTEL__) ) extern unsigned int OPENSSL_ia32cap_P[]; -# ifdef VPAES_ASM -# define VPAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32))) -# endif -# ifdef BSAES_ASM -# define BSAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32))) -# endif +# ifdef VPAES_ASM +# define VPAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32))) +# endif +# ifdef BSAES_ASM +# define BSAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32))) +# endif /* * AES-NI section */ -# define AESNI_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32))) +# define AESNI_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32))) int aesni_set_encrypt_key(const unsigned char *userKey, int bits, AES_KEY *key); @@ -228,43 +246,41 @@ void aesni_ccm64_decrypt_blocks(const unsigned char *in, const unsigned char ivec[16], unsigned char cmac[16]); -# if defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64) +# if defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64) size_t aesni_gcm_encrypt(const unsigned char *in, unsigned char *out, size_t len, const void *key, unsigned char ivec[16], u64 *Xi); -# define AES_gcm_encrypt aesni_gcm_encrypt +# define AES_gcm_encrypt aesni_gcm_encrypt size_t aesni_gcm_decrypt(const unsigned char *in, unsigned char *out, size_t len, const void *key, unsigned char ivec[16], u64 *Xi); -# define AES_gcm_decrypt aesni_gcm_decrypt +# define AES_gcm_decrypt aesni_gcm_decrypt void gcm_ghash_avx(u64 Xi[2], const u128 Htable[16], const u8 *in, size_t len); -# define AES_GCM_ASM(gctx) (gctx->ctr==aesni_ctr32_encrypt_blocks && \ +# define AES_GCM_ASM(gctx) (gctx->ctr==aesni_ctr32_encrypt_blocks && \ gctx->gcm.ghash==gcm_ghash_avx) -# define AES_GCM_ASM2(gctx) (gctx->gcm.block==(block128_f)aesni_encrypt && \ +# define AES_GCM_ASM2(gctx) (gctx->gcm.block==(block128_f)aesni_encrypt && \ gctx->gcm.ghash==gcm_ghash_avx) -# undef AES_GCM_ASM2 /* minor size optimization */ -# endif +# undef AES_GCM_ASM2 /* minor size optimization */ +# endif static int aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { int ret, mode; - EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx); + EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data; - mode = EVP_CIPHER_CTX_mode(ctx); + mode = ctx->cipher->flags & EVP_CIPH_MODE; if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) && !enc) { - ret = aesni_set_decrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &dat->ks.ks); + ret = aesni_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data); dat->block = (block128_f) aesni_decrypt; dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? (cbc128_f) aesni_cbc_encrypt : NULL; } else { - ret = aesni_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &dat->ks.ks); + ret = aesni_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data); dat->block = (block128_f) aesni_encrypt; if (mode == EVP_CIPH_CBC_MODE) dat->stream.cbc = (cbc128_f) aesni_cbc_encrypt; @@ -285,9 +301,7 @@ static int aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, static int aesni_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - aesni_cbc_encrypt(in, out, len, &EVP_C_DATA(EVP_AES_KEY,ctx)->ks.ks, - EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_encrypting(ctx)); + aesni_cbc_encrypt(in, out, len, ctx->cipher_data, ctx->iv, ctx->encrypt); return 1; } @@ -295,46 +309,44 @@ static int aesni_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, static int aesni_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - size_t bl = EVP_CIPHER_CTX_block_size(ctx); + size_t bl = ctx->cipher->block_size; if (len < bl) return 1; - aesni_ecb_encrypt(in, out, len, &EVP_C_DATA(EVP_AES_KEY,ctx)->ks.ks, - EVP_CIPHER_CTX_encrypting(ctx)); + aesni_ecb_encrypt(in, out, len, ctx->cipher_data, ctx->encrypt); return 1; } -# define aesni_ofb_cipher aes_ofb_cipher +# define aesni_ofb_cipher aes_ofb_cipher static int aesni_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); -# define aesni_cfb_cipher aes_cfb_cipher +# define aesni_cfb_cipher aes_cfb_cipher static int aesni_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); -# define aesni_cfb8_cipher aes_cfb8_cipher +# define aesni_cfb8_cipher aes_cfb8_cipher static int aesni_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); -# define aesni_cfb1_cipher aes_cfb1_cipher +# define aesni_cfb1_cipher aes_cfb1_cipher static int aesni_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); -# define aesni_ctr_cipher aes_ctr_cipher +# define aesni_ctr_cipher aes_ctr_cipher static int aesni_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); static int aesni_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx); + EVP_AES_GCM_CTX *gctx = ctx->cipher_data; if (!iv && !key) return 1; if (key) { - aesni_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &gctx->ks.ks); + aesni_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks); CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f) aesni_encrypt); gctx->ctr = (ctr128_f) aesni_ctr32_encrypt_blocks; /* @@ -359,34 +371,31 @@ static int aesni_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, return 1; } -# define aesni_gcm_cipher aes_gcm_cipher +# define aesni_gcm_cipher aes_gcm_cipher static int aesni_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX,ctx); + EVP_AES_XTS_CTX *xctx = ctx->cipher_data; if (!iv && !key) return 1; if (key) { /* key_len is two AES keys */ if (enc) { - aesni_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 4, - &xctx->ks1.ks); + aesni_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks); xctx->xts.block1 = (block128_f) aesni_encrypt; xctx->stream = aesni_xts_encrypt; } else { - aesni_set_decrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 4, - &xctx->ks1.ks); + aesni_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks); xctx->xts.block1 = (block128_f) aesni_decrypt; xctx->stream = aesni_xts_decrypt; } - aesni_set_encrypt_key(key + EVP_CIPHER_CTX_key_length(ctx) / 2, - EVP_CIPHER_CTX_key_length(ctx) * 4, - &xctx->ks2.ks); + aesni_set_encrypt_key(key + ctx->key_len / 2, + ctx->key_len * 4, &xctx->ks2.ks); xctx->xts.block2 = (block128_f) aesni_encrypt; xctx->xts.key1 = &xctx->ks1; @@ -394,25 +403,24 @@ static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, if (iv) { xctx->xts.key2 = &xctx->ks2; - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 16); + memcpy(ctx->iv, iv, 16); } return 1; } -# define aesni_xts_cipher aes_xts_cipher +# define aesni_xts_cipher aes_xts_cipher static int aesni_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); static int aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - EVP_AES_CCM_CTX *cctx = EVP_C_DATA(EVP_AES_CCM_CTX,ctx); + EVP_AES_CCM_CTX *cctx = ctx->cipher_data; if (!iv && !key) return 1; if (key) { - aesni_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &cctx->ks.ks); + aesni_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks.ks); CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L, &cctx->ks, (block128_f) aesni_encrypt); cctx->str = enc ? (ccm128_f) aesni_ccm64_encrypt_blocks : @@ -420,86 +428,17 @@ static int aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, cctx->key_set = 1; } if (iv) { - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 15 - cctx->L); + memcpy(ctx->iv, iv, 15 - cctx->L); cctx->iv_set = 1; } return 1; } -# define aesni_ccm_cipher aes_ccm_cipher +# define aesni_ccm_cipher aes_ccm_cipher static int aesni_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); -# ifndef OPENSSL_NO_OCB -void aesni_ocb_encrypt(const unsigned char *in, unsigned char *out, - size_t blocks, const void *key, - size_t start_block_num, - unsigned char offset_i[16], - const unsigned char L_[][16], - unsigned char checksum[16]); -void aesni_ocb_decrypt(const unsigned char *in, unsigned char *out, - size_t blocks, const void *key, - size_t start_block_num, - unsigned char offset_i[16], - const unsigned char L_[][16], - unsigned char checksum[16]); - -static int aesni_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - EVP_AES_OCB_CTX *octx = EVP_C_DATA(EVP_AES_OCB_CTX,ctx); - if (!iv && !key) - return 1; - if (key) { - do { - /* - * We set both the encrypt and decrypt key here because decrypt - * needs both. We could possibly optimise to remove setting the - * decrypt for an encryption operation. - */ - aesni_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &octx->ksenc.ks); - aesni_set_decrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &octx->ksdec.ks); - if (!CRYPTO_ocb128_init(&octx->ocb, - &octx->ksenc.ks, &octx->ksdec.ks, - (block128_f) aesni_encrypt, - (block128_f) aesni_decrypt, - enc ? aesni_ocb_encrypt - : aesni_ocb_decrypt)) - return 0; - } - while (0); - - /* - * If we have an iv we can set it directly, otherwise use saved IV. - */ - if (iv == NULL && octx->iv_set) - iv = octx->iv; - if (iv) { - if (CRYPTO_ocb128_setiv(&octx->ocb, iv, octx->ivlen, octx->taglen) - != 1) - return 0; - octx->iv_set = 1; - } - octx->key_set = 1; - } else { - /* If key set use IV, otherwise copy */ - if (octx->key_set) - CRYPTO_ocb128_setiv(&octx->ocb, iv, octx->ivlen, octx->taglen); - else - memcpy(octx->iv, iv, octx->ivlen); - octx->iv_set = 1; - } - return 1; -} - -# define aesni_ocb_cipher aes_ocb_cipher -static int aesni_ocb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len); -# endif /* OPENSSL_NO_OCB */ - -# define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \ +# define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \ static const EVP_CIPHER aesni_##keylen##_##mode = { \ nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \ flags|EVP_CIPH_##MODE##_MODE, \ @@ -520,7 +459,7 @@ static const EVP_CIPHER aes_##keylen##_##mode = { \ const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \ { return AESNI_CAPABLE?&aesni_##keylen##_##mode:&aes_##keylen##_##mode; } -# define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \ +# define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \ static const EVP_CIPHER aesni_##keylen##_##mode = { \ nid##_##keylen##_##mode,blocksize, \ (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \ @@ -542,24 +481,13 @@ static const EVP_CIPHER aes_##keylen##_##mode = { \ const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \ { return AESNI_CAPABLE?&aesni_##keylen##_##mode:&aes_##keylen##_##mode; } -#elif defined(AES_ASM) && (defined(__sparc) || defined(__sparc__)) +# elif defined(AES_ASM) && (defined(__sparc) || defined(__sparc__)) -# include "sparc_arch.h" +# include "sparc_arch.h" extern unsigned int OPENSSL_sparcv9cap_P[]; -/* - * Initial Fujitsu SPARC64 X support - */ -# define HWAES_CAPABLE (OPENSSL_sparcv9cap_P[0] & SPARCV9_FJAESX) -# define HWAES_set_encrypt_key aes_fx_set_encrypt_key -# define HWAES_set_decrypt_key aes_fx_set_decrypt_key -# define HWAES_encrypt aes_fx_encrypt -# define HWAES_decrypt aes_fx_decrypt -# define HWAES_cbc_encrypt aes_fx_cbc_encrypt -# define HWAES_ctr32_encrypt_blocks aes_fx_ctr32_encrypt_blocks - -# define SPARC_AES_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_AES) +# define SPARC_AES_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_AES) void aes_t4_set_encrypt_key(const unsigned char *key, int bits, AES_KEY *ks); void aes_t4_set_decrypt_key(const unsigned char *key, int bits, AES_KEY *ks); @@ -576,7 +504,7 @@ void aes_t4_decrypt(const unsigned char *in, unsigned char *out, * non-key-length specific routines would require conditional branches * either in inner loops or on subroutines' entries. Former is hardly * acceptable, while latter means code size increase to size occupied - * by multiple key-length specific subroutines, so why fight? + * by multiple key-length specfic subroutines, so why fight? */ void aes128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t len, const AES_KEY *key, @@ -622,14 +550,14 @@ static int aes_t4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { int ret, mode, bits; - EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx); + EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data; - mode = EVP_CIPHER_CTX_mode(ctx); - bits = EVP_CIPHER_CTX_key_length(ctx) * 8; + mode = ctx->cipher->flags & EVP_CIPH_MODE; + bits = ctx->key_len * 8; if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) && !enc) { ret = 0; - aes_t4_set_decrypt_key(key, bits, &dat->ks.ks); + aes_t4_set_decrypt_key(key, bits, ctx->cipher_data); dat->block = (block128_f) aes_t4_decrypt; switch (bits) { case 128: @@ -649,7 +577,7 @@ static int aes_t4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, } } else { ret = 0; - aes_t4_set_encrypt_key(key, bits, &dat->ks.ks); + aes_t4_set_encrypt_key(key, bits, ctx->cipher_data); dat->block = (block128_f) aes_t4_encrypt; switch (bits) { case 128: @@ -689,42 +617,42 @@ static int aes_t4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, return 1; } -# define aes_t4_cbc_cipher aes_cbc_cipher +# define aes_t4_cbc_cipher aes_cbc_cipher static int aes_t4_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); -# define aes_t4_ecb_cipher aes_ecb_cipher +# define aes_t4_ecb_cipher aes_ecb_cipher static int aes_t4_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); -# define aes_t4_ofb_cipher aes_ofb_cipher +# define aes_t4_ofb_cipher aes_ofb_cipher static int aes_t4_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); -# define aes_t4_cfb_cipher aes_cfb_cipher +# define aes_t4_cfb_cipher aes_cfb_cipher static int aes_t4_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); -# define aes_t4_cfb8_cipher aes_cfb8_cipher +# define aes_t4_cfb8_cipher aes_cfb8_cipher static int aes_t4_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); -# define aes_t4_cfb1_cipher aes_cfb1_cipher +# define aes_t4_cfb1_cipher aes_cfb1_cipher static int aes_t4_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); -# define aes_t4_ctr_cipher aes_ctr_cipher +# define aes_t4_ctr_cipher aes_ctr_cipher static int aes_t4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); static int aes_t4_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx); + EVP_AES_GCM_CTX *gctx = ctx->cipher_data; if (!iv && !key) return 1; if (key) { - int bits = EVP_CIPHER_CTX_key_length(ctx) * 8; + int bits = ctx->key_len * 8; aes_t4_set_encrypt_key(key, bits, &gctx->ks.ks); CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f) aes_t4_encrypt); @@ -763,19 +691,19 @@ static int aes_t4_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, return 1; } -# define aes_t4_gcm_cipher aes_gcm_cipher +# define aes_t4_gcm_cipher aes_gcm_cipher static int aes_t4_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); static int aes_t4_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX,ctx); + EVP_AES_XTS_CTX *xctx = ctx->cipher_data; if (!iv && !key) return 1; if (key) { - int bits = EVP_CIPHER_CTX_key_length(ctx) * 4; + int bits = ctx->key_len * 4; xctx->stream = NULL; /* key_len is two AES keys */ if (enc) { @@ -785,6 +713,11 @@ static int aes_t4_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, case 128: xctx->stream = aes128_t4_xts_encrypt; break; +# if 0 /* not yet */ + case 192: + xctx->stream = aes192_t4_xts_encrypt; + break; +# endif case 256: xctx->stream = aes256_t4_xts_encrypt; break; @@ -792,13 +725,17 @@ static int aes_t4_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, return 0; } } else { - aes_t4_set_decrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 4, - &xctx->ks1.ks); + aes_t4_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks); xctx->xts.block1 = (block128_f) aes_t4_decrypt; switch (bits) { case 128: xctx->stream = aes128_t4_xts_decrypt; break; +# if 0 /* not yet */ + case 192: + xctx->stream = aes192_t4_xts_decrypt; + break; +# endif case 256: xctx->stream = aes256_t4_xts_decrypt; break; @@ -807,9 +744,8 @@ static int aes_t4_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, } } - aes_t4_set_encrypt_key(key + EVP_CIPHER_CTX_key_length(ctx) / 2, - EVP_CIPHER_CTX_key_length(ctx) * 4, - &xctx->ks2.ks); + aes_t4_set_encrypt_key(key + ctx->key_len / 2, + ctx->key_len * 4, &xctx->ks2.ks); xctx->xts.block2 = (block128_f) aes_t4_encrypt; xctx->xts.key1 = &xctx->ks1; @@ -817,97 +753,61 @@ static int aes_t4_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, if (iv) { xctx->xts.key2 = &xctx->ks2; - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 16); + memcpy(ctx->iv, iv, 16); } return 1; } -# define aes_t4_xts_cipher aes_xts_cipher +# define aes_t4_xts_cipher aes_xts_cipher static int aes_t4_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); static int aes_t4_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - EVP_AES_CCM_CTX *cctx = EVP_C_DATA(EVP_AES_CCM_CTX,ctx); + EVP_AES_CCM_CTX *cctx = ctx->cipher_data; if (!iv && !key) return 1; if (key) { - int bits = EVP_CIPHER_CTX_key_length(ctx) * 8; + int bits = ctx->key_len * 8; aes_t4_set_encrypt_key(key, bits, &cctx->ks.ks); CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L, &cctx->ks, (block128_f) aes_t4_encrypt); +# if 0 /* not yet */ + switch (bits) { + case 128: + cctx->str = enc ? (ccm128_f) aes128_t4_ccm64_encrypt : + (ccm128_f) ae128_t4_ccm64_decrypt; + break; + case 192: + cctx->str = enc ? (ccm128_f) aes192_t4_ccm64_encrypt : + (ccm128_f) ae192_t4_ccm64_decrypt; + break; + case 256: + cctx->str = enc ? (ccm128_f) aes256_t4_ccm64_encrypt : + (ccm128_f) ae256_t4_ccm64_decrypt; + break; + default: + return 0; + } +# else cctx->str = NULL; +# endif cctx->key_set = 1; } if (iv) { - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 15 - cctx->L); + memcpy(ctx->iv, iv, 15 - cctx->L); cctx->iv_set = 1; } return 1; } -# define aes_t4_ccm_cipher aes_ccm_cipher +# define aes_t4_ccm_cipher aes_ccm_cipher static int aes_t4_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); -# ifndef OPENSSL_NO_OCB -static int aes_t4_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - EVP_AES_OCB_CTX *octx = EVP_C_DATA(EVP_AES_OCB_CTX,ctx); - if (!iv && !key) - return 1; - if (key) { - do { - /* - * We set both the encrypt and decrypt key here because decrypt - * needs both. We could possibly optimise to remove setting the - * decrypt for an encryption operation. - */ - aes_t4_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &octx->ksenc.ks); - aes_t4_set_decrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &octx->ksdec.ks); - if (!CRYPTO_ocb128_init(&octx->ocb, - &octx->ksenc.ks, &octx->ksdec.ks, - (block128_f) aes_t4_encrypt, - (block128_f) aes_t4_decrypt, - NULL)) - return 0; - } - while (0); - - /* - * If we have an iv we can set it directly, otherwise use saved IV. - */ - if (iv == NULL && octx->iv_set) - iv = octx->iv; - if (iv) { - if (CRYPTO_ocb128_setiv(&octx->ocb, iv, octx->ivlen, octx->taglen) - != 1) - return 0; - octx->iv_set = 1; - } - octx->key_set = 1; - } else { - /* If key set use IV, otherwise copy */ - if (octx->key_set) - CRYPTO_ocb128_setiv(&octx->ocb, iv, octx->ivlen, octx->taglen); - else - memcpy(octx->iv, iv, octx->ivlen); - octx->iv_set = 1; - } - return 1; -} - -# define aes_t4_ocb_cipher aes_ocb_cipher -static int aes_t4_ocb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len); -# endif /* OPENSSL_NO_OCB */ - -# define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \ +# define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \ static const EVP_CIPHER aes_t4_##keylen##_##mode = { \ nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \ flags|EVP_CIPH_##MODE##_MODE, \ @@ -928,7 +828,7 @@ static const EVP_CIPHER aes_##keylen##_##mode = { \ const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \ { return SPARC_AES_CAPABLE?&aes_t4_##keylen##_##mode:&aes_##keylen##_##mode; } -# define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \ +# define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \ static const EVP_CIPHER aes_t4_##keylen##_##mode = { \ nid##_##keylen##_##mode,blocksize, \ (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \ @@ -950,9 +850,9 @@ static const EVP_CIPHER aes_##keylen##_##mode = { \ const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \ { return SPARC_AES_CAPABLE?&aes_t4_##keylen##_##mode:&aes_##keylen##_##mode; } -#else +# else -# define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \ +# define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \ static const EVP_CIPHER aes_##keylen##_##mode = { \ nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \ flags|EVP_CIPH_##MODE##_MODE, \ @@ -964,7 +864,7 @@ static const EVP_CIPHER aes_##keylen##_##mode = { \ const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \ { return &aes_##keylen##_##mode; } -# define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \ +# define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \ static const EVP_CIPHER aes_##keylen##_##mode = { \ nid##_##keylen##_##mode,blocksize, \ (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \ @@ -976,29 +876,25 @@ static const EVP_CIPHER aes_##keylen##_##mode = { \ NULL,NULL,aes_##mode##_ctrl,NULL }; \ const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \ { return &aes_##keylen##_##mode; } +# endif -#endif - -#if defined(OPENSSL_CPUID_OBJ) && (defined(__arm__) || defined(__arm) || defined(__aarch64__)) -# include "arm_arch.h" -# if __ARM_MAX_ARCH__>=7 -# if defined(BSAES_ASM) -# define BSAES_CAPABLE (OPENSSL_armcap_P & ARMV7_NEON) +# if defined(OPENSSL_CPUID_OBJ) && (defined(__arm__) || defined(__arm) || defined(__aarch64__)) +# include "arm_arch.h" +# if __ARM_MAX_ARCH__>=7 +# if defined(BSAES_ASM) +# define BSAES_CAPABLE (OPENSSL_armcap_P & ARMV7_NEON) +# endif +# define HWAES_CAPABLE (OPENSSL_armcap_P & ARMV8_AES) +# define HWAES_set_encrypt_key aes_v8_set_encrypt_key +# define HWAES_set_decrypt_key aes_v8_set_decrypt_key +# define HWAES_encrypt aes_v8_encrypt +# define HWAES_decrypt aes_v8_decrypt +# define HWAES_cbc_encrypt aes_v8_cbc_encrypt +# define HWAES_ctr32_encrypt_blocks aes_v8_ctr32_encrypt_blocks # endif -# if defined(VPAES_ASM) -# define VPAES_CAPABLE (OPENSSL_armcap_P & ARMV7_NEON) -# endif -# define HWAES_CAPABLE (OPENSSL_armcap_P & ARMV8_AES) -# define HWAES_set_encrypt_key aes_v8_set_encrypt_key -# define HWAES_set_decrypt_key aes_v8_set_decrypt_key -# define HWAES_encrypt aes_v8_encrypt -# define HWAES_decrypt aes_v8_decrypt -# define HWAES_cbc_encrypt aes_v8_cbc_encrypt -# define HWAES_ctr32_encrypt_blocks aes_v8_ctr32_encrypt_blocks # endif -#endif -#if defined(HWAES_CAPABLE) +# if defined(HWAES_CAPABLE) int HWAES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key); int HWAES_set_decrypt_key(const unsigned char *userKey, const int bits, @@ -1013,15 +909,9 @@ void HWAES_cbc_encrypt(const unsigned char *in, unsigned char *out, void HWAES_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out, size_t len, const AES_KEY *key, const unsigned char ivec[16]); -void HWAES_xts_encrypt(const unsigned char *inp, unsigned char *out, - size_t len, const AES_KEY *key1, - const AES_KEY *key2, const unsigned char iv[16]); -void HWAES_xts_decrypt(const unsigned char *inp, unsigned char *out, - size_t len, const AES_KEY *key1, - const AES_KEY *key2, const unsigned char iv[16]); -#endif +# endif -#define BLOCK_CIPHER_generic_pack(nid,keylen,flags) \ +# define BLOCK_CIPHER_generic_pack(nid,keylen,flags) \ BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \ BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \ BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \ @@ -1034,97 +924,85 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { int ret, mode; - EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx); + EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data; - mode = EVP_CIPHER_CTX_mode(ctx); + mode = ctx->cipher->flags & EVP_CIPH_MODE; if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) - && !enc) { -#ifdef HWAES_CAPABLE + && !enc) +# ifdef HWAES_CAPABLE if (HWAES_CAPABLE) { - ret = HWAES_set_decrypt_key(key, - EVP_CIPHER_CTX_key_length(ctx) * 8, - &dat->ks.ks); + ret = HWAES_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks); dat->block = (block128_f) HWAES_decrypt; dat->stream.cbc = NULL; -# ifdef HWAES_cbc_encrypt +# ifdef HWAES_cbc_encrypt if (mode == EVP_CIPH_CBC_MODE) dat->stream.cbc = (cbc128_f) HWAES_cbc_encrypt; -# endif +# endif } else -#endif -#ifdef BSAES_CAPABLE +# endif +# ifdef BSAES_CAPABLE if (BSAES_CAPABLE && mode == EVP_CIPH_CBC_MODE) { - ret = AES_set_decrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &dat->ks.ks); + ret = AES_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks); dat->block = (block128_f) AES_decrypt; dat->stream.cbc = (cbc128_f) bsaes_cbc_encrypt; } else -#endif -#ifdef VPAES_CAPABLE +# endif +# ifdef VPAES_CAPABLE if (VPAES_CAPABLE) { - ret = vpaes_set_decrypt_key(key, - EVP_CIPHER_CTX_key_length(ctx) * 8, - &dat->ks.ks); + ret = vpaes_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks); dat->block = (block128_f) vpaes_decrypt; dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? (cbc128_f) vpaes_cbc_encrypt : NULL; } else -#endif +# endif { - ret = AES_set_decrypt_key(key, - EVP_CIPHER_CTX_key_length(ctx) * 8, - &dat->ks.ks); + ret = AES_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks); dat->block = (block128_f) AES_decrypt; dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? (cbc128_f) AES_cbc_encrypt : NULL; - } } else -#ifdef HWAES_CAPABLE +# ifdef HWAES_CAPABLE if (HWAES_CAPABLE) { - ret = HWAES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &dat->ks.ks); + ret = HWAES_set_encrypt_key(key, ctx->key_len * 8, &dat->ks.ks); dat->block = (block128_f) HWAES_encrypt; dat->stream.cbc = NULL; -# ifdef HWAES_cbc_encrypt +# ifdef HWAES_cbc_encrypt if (mode == EVP_CIPH_CBC_MODE) dat->stream.cbc = (cbc128_f) HWAES_cbc_encrypt; else -# endif -# ifdef HWAES_ctr32_encrypt_blocks +# endif +# ifdef HWAES_ctr32_encrypt_blocks if (mode == EVP_CIPH_CTR_MODE) dat->stream.ctr = (ctr128_f) HWAES_ctr32_encrypt_blocks; else -# endif +# endif (void)0; /* terminate potentially open 'else' */ } else -#endif -#ifdef BSAES_CAPABLE +# endif +# ifdef BSAES_CAPABLE if (BSAES_CAPABLE && mode == EVP_CIPH_CTR_MODE) { - ret = AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &dat->ks.ks); + ret = AES_set_encrypt_key(key, ctx->key_len * 8, &dat->ks.ks); dat->block = (block128_f) AES_encrypt; dat->stream.ctr = (ctr128_f) bsaes_ctr32_encrypt_blocks; } else -#endif -#ifdef VPAES_CAPABLE +# endif +# ifdef VPAES_CAPABLE if (VPAES_CAPABLE) { - ret = vpaes_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &dat->ks.ks); + ret = vpaes_set_encrypt_key(key, ctx->key_len * 8, &dat->ks.ks); dat->block = (block128_f) vpaes_encrypt; dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? (cbc128_f) vpaes_cbc_encrypt : NULL; } else -#endif +# endif { - ret = AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &dat->ks.ks); + ret = AES_set_encrypt_key(key, ctx->key_len * 8, &dat->ks.ks); dat->block = (block128_f) AES_encrypt; dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? (cbc128_f) AES_cbc_encrypt : NULL; -#ifdef AES_CTR_ASM +# ifdef AES_CTR_ASM if (mode == EVP_CIPH_CTR_MODE) dat->stream.ctr = (ctr128_f) AES_ctr32_encrypt; -#endif +# endif } if (ret < 0) { @@ -1138,18 +1016,14 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx); + EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data; if (dat->stream.cbc) - (*dat->stream.cbc) (in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_encrypting(ctx)); - else if (EVP_CIPHER_CTX_encrypting(ctx)) - CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), dat->block); + (*dat->stream.cbc) (in, out, len, &dat->ks, ctx->iv, ctx->encrypt); + else if (ctx->encrypt) + CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv, dat->block); else - CRYPTO_cbc128_decrypt(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), dat->block); + CRYPTO_cbc128_decrypt(in, out, len, &dat->ks, ctx->iv, dat->block); return 1; } @@ -1157,9 +1031,9 @@ static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, static int aes_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - size_t bl = EVP_CIPHER_CTX_block_size(ctx); + size_t bl = ctx->cipher->block_size; size_t i; - EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx); + EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data; if (len < bl) return 1; @@ -1173,70 +1047,52 @@ static int aes_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, static int aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx); + EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data; - int num = EVP_CIPHER_CTX_num(ctx); CRYPTO_ofb128_encrypt(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), &num, dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); + ctx->iv, &ctx->num, dat->block); return 1; } static int aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx); + EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data; - int num = EVP_CIPHER_CTX_num(ctx); CRYPTO_cfb128_encrypt(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), &num, - EVP_CIPHER_CTX_encrypting(ctx), dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); + ctx->iv, &ctx->num, ctx->encrypt, dat->block); return 1; } static int aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx); + EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data; - int num = EVP_CIPHER_CTX_num(ctx); CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), &num, - EVP_CIPHER_CTX_encrypting(ctx), dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); + ctx->iv, &ctx->num, ctx->encrypt, dat->block); return 1; } static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx); + EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data; - if (EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS)) { - int num = EVP_CIPHER_CTX_num(ctx); + if (ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) { CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), &num, - EVP_CIPHER_CTX_encrypting(ctx), dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); + ctx->iv, &ctx->num, ctx->encrypt, dat->block); return 1; } while (len >= MAXBITCHUNK) { - int num = EVP_CIPHER_CTX_num(ctx); CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), &num, - EVP_CIPHER_CTX_encrypting(ctx), dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); + ctx->iv, &ctx->num, ctx->encrypt, dat->block); len -= MAXBITCHUNK; } - if (len) { - int num = EVP_CIPHER_CTX_num(ctx); + if (len) CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), &num, - EVP_CIPHER_CTX_encrypting(ctx), dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); - } + ctx->iv, &ctx->num, ctx->encrypt, dat->block); return 1; } @@ -1244,34 +1100,28 @@ static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, static int aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - unsigned int num = EVP_CIPHER_CTX_num(ctx); - EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx); + unsigned int num = ctx->num; + EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data; if (dat->stream.ctr) CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_buf_noconst(ctx), - &num, dat->stream.ctr); + ctx->iv, ctx->buf, &num, dat->stream.ctr); else CRYPTO_ctr128_encrypt(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_buf_noconst(ctx), &num, - dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); + ctx->iv, ctx->buf, &num, dat->block); + ctx->num = (size_t)num; return 1; } -BLOCK_CIPHER_generic_pack(NID_aes, 128, 0) - BLOCK_CIPHER_generic_pack(NID_aes, 192, 0) - BLOCK_CIPHER_generic_pack(NID_aes, 256, 0) +BLOCK_CIPHER_generic_pack(NID_aes, 128, EVP_CIPH_FLAG_FIPS) + BLOCK_CIPHER_generic_pack(NID_aes, 192, EVP_CIPH_FLAG_FIPS) + BLOCK_CIPHER_generic_pack(NID_aes, 256, EVP_CIPH_FLAG_FIPS) static int aes_gcm_cleanup(EVP_CIPHER_CTX *c) { - EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,c); - if (gctx == NULL) - return 0; + EVP_AES_GCM_CTX *gctx = c->cipher_data; OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm)); - if (gctx->iv != EVP_CIPHER_CTX_iv_noconst(c)) + if (gctx->iv != c->iv) OPENSSL_free(gctx->iv); return 1; } @@ -1294,44 +1144,43 @@ static void ctr64_inc(unsigned char *counter) static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) { - EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,c); + EVP_AES_GCM_CTX *gctx = c->cipher_data; switch (type) { case EVP_CTRL_INIT: gctx->key_set = 0; gctx->iv_set = 0; - gctx->ivlen = EVP_CIPHER_CTX_iv_length(c); - gctx->iv = EVP_CIPHER_CTX_iv_noconst(c); + gctx->ivlen = c->cipher->iv_len; + gctx->iv = c->iv; gctx->taglen = -1; gctx->iv_gen = 0; gctx->tls_aad_len = -1; return 1; - case EVP_CTRL_AEAD_SET_IVLEN: + case EVP_CTRL_GCM_SET_IVLEN: if (arg <= 0) return 0; /* Allocate memory for IV if needed */ if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) { - if (gctx->iv != EVP_CIPHER_CTX_iv_noconst(c)) + if (gctx->iv != c->iv) OPENSSL_free(gctx->iv); gctx->iv = OPENSSL_malloc(arg); - if (gctx->iv == NULL) + if (!gctx->iv) return 0; } gctx->ivlen = arg; return 1; - case EVP_CTRL_AEAD_SET_TAG: - if (arg <= 0 || arg > 16 || EVP_CIPHER_CTX_encrypting(c)) + case EVP_CTRL_GCM_SET_TAG: + if (arg <= 0 || arg > 16 || c->encrypt) return 0; - memcpy(EVP_CIPHER_CTX_buf_noconst(c), ptr, arg); + memcpy(c->buf, ptr, arg); gctx->taglen = arg; return 1; - case EVP_CTRL_AEAD_GET_TAG: - if (arg <= 0 || arg > 16 || !EVP_CIPHER_CTX_encrypting(c) - || gctx->taglen < 0) + case EVP_CTRL_GCM_GET_TAG: + if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0) return 0; - memcpy(ptr, EVP_CIPHER_CTX_buf_noconst(c), arg); + memcpy(ptr, c->buf, arg); return 1; case EVP_CTRL_GCM_SET_IV_FIXED: @@ -1349,8 +1198,7 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) return 0; if (arg) memcpy(gctx->iv, ptr, arg); - if (EVP_CIPHER_CTX_encrypting(c) - && RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0) + if (c->encrypt && RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0) return 0; gctx->iv_gen = 1; return 1; @@ -1371,8 +1219,7 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) return 1; case EVP_CTRL_GCM_SET_IV_INV: - if (gctx->iv_gen == 0 || gctx->key_set == 0 - || EVP_CIPHER_CTX_encrypting(c)) + if (gctx->iv_gen == 0 || gctx->key_set == 0 || c->encrypt) return 0; memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg); CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen); @@ -1383,24 +1230,17 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) /* Save the AAD for later use */ if (arg != EVP_AEAD_TLS1_AAD_LEN) return 0; - memcpy(EVP_CIPHER_CTX_buf_noconst(c), ptr, arg); + memcpy(c->buf, ptr, arg); gctx->tls_aad_len = arg; { - unsigned int len = - EVP_CIPHER_CTX_buf_noconst(c)[arg - 2] << 8 - | EVP_CIPHER_CTX_buf_noconst(c)[arg - 1]; + unsigned int len = c->buf[arg - 2] << 8 | c->buf[arg - 1]; /* Correct length for explicit IV */ - if (len < EVP_GCM_TLS_EXPLICIT_IV_LEN) - return 0; len -= EVP_GCM_TLS_EXPLICIT_IV_LEN; /* If decrypting correct for tag too */ - if (!EVP_CIPHER_CTX_encrypting(c)) { - if (len < EVP_GCM_TLS_TAG_LEN) - return 0; + if (!c->encrypt) len -= EVP_GCM_TLS_TAG_LEN; - } - EVP_CIPHER_CTX_buf_noconst(c)[arg - 2] = len >> 8; - EVP_CIPHER_CTX_buf_noconst(c)[arg - 1] = len & 0xff; + c->buf[arg - 2] = len >> 8; + c->buf[arg - 1] = len & 0xff; } /* Extra padding: tag appended to record */ return EVP_GCM_TLS_TAG_LEN; @@ -1408,17 +1248,17 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) case EVP_CTRL_COPY: { EVP_CIPHER_CTX *out = ptr; - EVP_AES_GCM_CTX *gctx_out = EVP_C_DATA(EVP_AES_GCM_CTX,out); + EVP_AES_GCM_CTX *gctx_out = out->cipher_data; if (gctx->gcm.key) { if (gctx->gcm.key != &gctx->ks) return 0; gctx_out->gcm.key = &gctx_out->ks; } - if (gctx->iv == EVP_CIPHER_CTX_iv_noconst(c)) - gctx_out->iv = EVP_CIPHER_CTX_iv_noconst(out); + if (gctx->iv == c->iv) + gctx_out->iv = out->iv; else { gctx_out->iv = OPENSSL_malloc(gctx->ivlen); - if (gctx_out->iv == NULL) + if (!gctx_out->iv) return 0; memcpy(gctx_out->iv, gctx->iv, gctx->ivlen); } @@ -1434,56 +1274,52 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) static int aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx); + EVP_AES_GCM_CTX *gctx = ctx->cipher_data; if (!iv && !key) return 1; if (key) { do { -#ifdef HWAES_CAPABLE +# ifdef HWAES_CAPABLE if (HWAES_CAPABLE) { - HWAES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &gctx->ks.ks); + HWAES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks); CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f) HWAES_encrypt); -# ifdef HWAES_ctr32_encrypt_blocks +# ifdef HWAES_ctr32_encrypt_blocks gctx->ctr = (ctr128_f) HWAES_ctr32_encrypt_blocks; -# else +# else gctx->ctr = NULL; -# endif +# endif break; } else -#endif -#ifdef BSAES_CAPABLE +# endif +# ifdef BSAES_CAPABLE if (BSAES_CAPABLE) { - AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &gctx->ks.ks); + AES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks); CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f) AES_encrypt); gctx->ctr = (ctr128_f) bsaes_ctr32_encrypt_blocks; break; } else -#endif -#ifdef VPAES_CAPABLE +# endif +# ifdef VPAES_CAPABLE if (VPAES_CAPABLE) { - vpaes_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &gctx->ks.ks); + vpaes_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks); CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f) vpaes_encrypt); gctx->ctr = NULL; break; } else -#endif +# endif (void)0; /* terminate potentially open 'else' */ - AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &gctx->ks.ks); + AES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks); CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f) AES_encrypt); -#ifdef AES_CTR_ASM +# ifdef AES_CTR_ASM gctx->ctr = (ctr128_f) AES_ctr32_encrypt; -#else +# else gctx->ctr = NULL; -#endif +# endif } while (0); /* @@ -1518,7 +1354,7 @@ static int aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx); + EVP_AES_GCM_CTX *gctx = ctx->cipher_data; int rv = -1; /* Encrypt/decrypt must be performed in place */ if (out != in @@ -1528,23 +1364,22 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, * Set IV from start of buffer or generate IV and write to start of * buffer. */ - if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CIPHER_CTX_encrypting(ctx) ? + if (EVP_CIPHER_CTX_ctrl(ctx, ctx->encrypt ? EVP_CTRL_GCM_IV_GEN : EVP_CTRL_GCM_SET_IV_INV, EVP_GCM_TLS_EXPLICIT_IV_LEN, out) <= 0) goto err; /* Use saved AAD */ - if (CRYPTO_gcm128_aad(&gctx->gcm, EVP_CIPHER_CTX_buf_noconst(ctx), - gctx->tls_aad_len)) + if (CRYPTO_gcm128_aad(&gctx->gcm, ctx->buf, gctx->tls_aad_len)) goto err; /* Fix buffer and length to point to payload */ in += EVP_GCM_TLS_EXPLICIT_IV_LEN; out += EVP_GCM_TLS_EXPLICIT_IV_LEN; len -= EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN; - if (EVP_CIPHER_CTX_encrypting(ctx)) { + if (ctx->encrypt) { /* Encrypt payload */ if (gctx->ctr) { size_t bulk = 0; -#if defined(AES_GCM_ASM) +# if defined(AES_GCM_ASM) if (len >= 32 && AES_GCM_ASM(gctx)) { if (CRYPTO_gcm128_encrypt(&gctx->gcm, NULL, NULL, 0)) return -1; @@ -1554,7 +1389,7 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, gctx->gcm.Yi.c, gctx->gcm.Xi.u); gctx->gcm.len.u[1] += bulk; } -#endif +# endif if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm, in + bulk, out + bulk, @@ -1562,7 +1397,7 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, goto err; } else { size_t bulk = 0; -#if defined(AES_GCM_ASM2) +# if defined(AES_GCM_ASM2) if (len >= 32 && AES_GCM_ASM2(gctx)) { if (CRYPTO_gcm128_encrypt(&gctx->gcm, NULL, NULL, 0)) return -1; @@ -1572,7 +1407,7 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, gctx->gcm.Yi.c, gctx->gcm.Xi.u); gctx->gcm.len.u[1] += bulk; } -#endif +# endif if (CRYPTO_gcm128_encrypt(&gctx->gcm, in + bulk, out + bulk, len - bulk)) goto err; @@ -1585,7 +1420,7 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, /* Decrypt */ if (gctx->ctr) { size_t bulk = 0; -#if defined(AES_GCM_ASM) +# if defined(AES_GCM_ASM) if (len >= 16 && AES_GCM_ASM(gctx)) { if (CRYPTO_gcm128_decrypt(&gctx->gcm, NULL, NULL, 0)) return -1; @@ -1595,7 +1430,7 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, gctx->gcm.Yi.c, gctx->gcm.Xi.u); gctx->gcm.len.u[1] += bulk; } -#endif +# endif if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm, in + bulk, out + bulk, @@ -1603,7 +1438,7 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, goto err; } else { size_t bulk = 0; -#if defined(AES_GCM_ASM2) +# if defined(AES_GCM_ASM2) if (len >= 16 && AES_GCM_ASM2(gctx)) { if (CRYPTO_gcm128_decrypt(&gctx->gcm, NULL, NULL, 0)) return -1; @@ -1613,17 +1448,15 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, gctx->gcm.Yi.c, gctx->gcm.Xi.u); gctx->gcm.len.u[1] += bulk; } -#endif +# endif if (CRYPTO_gcm128_decrypt(&gctx->gcm, in + bulk, out + bulk, len - bulk)) goto err; } /* Retrieve tag */ - CRYPTO_gcm128_tag(&gctx->gcm, EVP_CIPHER_CTX_buf_noconst(ctx), - EVP_GCM_TLS_TAG_LEN); + CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, EVP_GCM_TLS_TAG_LEN); /* If tag mismatch wipe buffer */ - if (CRYPTO_memcmp(EVP_CIPHER_CTX_buf_noconst(ctx), in + len, - EVP_GCM_TLS_TAG_LEN)) { + if (CRYPTO_memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN)) { OPENSSL_cleanse(out, len); goto err; } @@ -1639,7 +1472,7 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx); + EVP_AES_GCM_CTX *gctx = ctx->cipher_data; /* If not set up, return error */ if (!gctx->key_set) return -1; @@ -1653,10 +1486,10 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, if (out == NULL) { if (CRYPTO_gcm128_aad(&gctx->gcm, in, len)) return -1; - } else if (EVP_CIPHER_CTX_encrypting(ctx)) { + } else if (ctx->encrypt) { if (gctx->ctr) { size_t bulk = 0; -#if defined(AES_GCM_ASM) +# if defined(AES_GCM_ASM) if (len >= 32 && AES_GCM_ASM(gctx)) { size_t res = (16 - gctx->gcm.mres) % 16; @@ -1670,7 +1503,7 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, gctx->gcm.len.u[1] += bulk; bulk += res; } -#endif +# endif if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm, in + bulk, out + bulk, @@ -1678,7 +1511,7 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, return -1; } else { size_t bulk = 0; -#if defined(AES_GCM_ASM2) +# if defined(AES_GCM_ASM2) if (len >= 32 && AES_GCM_ASM2(gctx)) { size_t res = (16 - gctx->gcm.mres) % 16; @@ -1692,7 +1525,7 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, gctx->gcm.len.u[1] += bulk; bulk += res; } -#endif +# endif if (CRYPTO_gcm128_encrypt(&gctx->gcm, in + bulk, out + bulk, len - bulk)) return -1; @@ -1700,7 +1533,7 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } else { if (gctx->ctr) { size_t bulk = 0; -#if defined(AES_GCM_ASM) +# if defined(AES_GCM_ASM) if (len >= 16 && AES_GCM_ASM(gctx)) { size_t res = (16 - gctx->gcm.mres) % 16; @@ -1714,7 +1547,7 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, gctx->gcm.len.u[1] += bulk; bulk += res; } -#endif +# endif if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm, in + bulk, out + bulk, @@ -1722,7 +1555,7 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, return -1; } else { size_t bulk = 0; -#if defined(AES_GCM_ASM2) +# if defined(AES_GCM_ASM2) if (len >= 16 && AES_GCM_ASM2(gctx)) { size_t res = (16 - gctx->gcm.mres) % 16; @@ -1736,7 +1569,7 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, gctx->gcm.len.u[1] += bulk; bulk += res; } -#endif +# endif if (CRYPTO_gcm128_decrypt(&gctx->gcm, in + bulk, out + bulk, len - bulk)) return -1; @@ -1744,17 +1577,15 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } return len; } else { - if (!EVP_CIPHER_CTX_encrypting(ctx)) { + if (!ctx->encrypt) { if (gctx->taglen < 0) return -1; - if (CRYPTO_gcm128_finish(&gctx->gcm, - EVP_CIPHER_CTX_buf_noconst(ctx), - gctx->taglen) != 0) + if (CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf, gctx->taglen) != 0) return -1; gctx->iv_set = 0; return 0; } - CRYPTO_gcm128_tag(&gctx->gcm, EVP_CIPHER_CTX_buf_noconst(ctx), 16); + CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, 16); gctx->taglen = 16; /* Don't reuse the IV */ gctx->iv_set = 0; @@ -1763,24 +1594,27 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } -#define CUSTOM_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 \ +# define CUSTOM_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 \ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ | EVP_CIPH_CUSTOM_COPY) BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM, - EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) + EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | + CUSTOM_FLAGS) BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, gcm, GCM, - EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) + EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | + CUSTOM_FLAGS) BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, gcm, GCM, - EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) + EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | + CUSTOM_FLAGS) static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) { - EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX,c); + EVP_AES_XTS_CTX *xctx = c->cipher_data; if (type == EVP_CTRL_COPY) { EVP_CIPHER_CTX *out = ptr; - EVP_AES_XTS_CTX *xctx_out = EVP_C_DATA(EVP_AES_XTS_CTX,out); + EVP_AES_XTS_CTX *xctx_out = out->cipher_data; if (xctx->xts.key1) { if (xctx->xts.key1 != &xctx->ks1) return 0; @@ -1803,90 +1637,75 @@ static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX,ctx); + EVP_AES_XTS_CTX *xctx = ctx->cipher_data; if (!iv && !key) return 1; if (key) do { -#ifdef AES_XTS_ASM +# ifdef AES_XTS_ASM xctx->stream = enc ? AES_xts_encrypt : AES_xts_decrypt; -#else +# else xctx->stream = NULL; -#endif +# endif /* key_len is two AES keys */ -#ifdef HWAES_CAPABLE +# ifdef HWAES_CAPABLE if (HWAES_CAPABLE) { if (enc) { - HWAES_set_encrypt_key(key, - EVP_CIPHER_CTX_key_length(ctx) * 4, + HWAES_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks); xctx->xts.block1 = (block128_f) HWAES_encrypt; -# ifdef HWAES_xts_encrypt - xctx->stream = HWAES_xts_encrypt; -# endif } else { - HWAES_set_decrypt_key(key, - EVP_CIPHER_CTX_key_length(ctx) * 4, + HWAES_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks); xctx->xts.block1 = (block128_f) HWAES_decrypt; -# ifdef HWAES_xts_decrypt - xctx->stream = HWAES_xts_decrypt; -#endif } - HWAES_set_encrypt_key(key + EVP_CIPHER_CTX_key_length(ctx) / 2, - EVP_CIPHER_CTX_key_length(ctx) * 4, - &xctx->ks2.ks); + HWAES_set_encrypt_key(key + ctx->key_len / 2, + ctx->key_len * 4, &xctx->ks2.ks); xctx->xts.block2 = (block128_f) HWAES_encrypt; xctx->xts.key1 = &xctx->ks1; break; } else -#endif -#ifdef BSAES_CAPABLE +# endif +# ifdef BSAES_CAPABLE if (BSAES_CAPABLE) xctx->stream = enc ? bsaes_xts_encrypt : bsaes_xts_decrypt; else -#endif -#ifdef VPAES_CAPABLE +# endif +# ifdef VPAES_CAPABLE if (VPAES_CAPABLE) { if (enc) { - vpaes_set_encrypt_key(key, - EVP_CIPHER_CTX_key_length(ctx) * 4, + vpaes_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks); xctx->xts.block1 = (block128_f) vpaes_encrypt; } else { - vpaes_set_decrypt_key(key, - EVP_CIPHER_CTX_key_length(ctx) * 4, + vpaes_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks); xctx->xts.block1 = (block128_f) vpaes_decrypt; } - vpaes_set_encrypt_key(key + EVP_CIPHER_CTX_key_length(ctx) / 2, - EVP_CIPHER_CTX_key_length(ctx) * 4, - &xctx->ks2.ks); + vpaes_set_encrypt_key(key + ctx->key_len / 2, + ctx->key_len * 4, &xctx->ks2.ks); xctx->xts.block2 = (block128_f) vpaes_encrypt; xctx->xts.key1 = &xctx->ks1; break; } else -#endif +# endif (void)0; /* terminate potentially open 'else' */ if (enc) { - AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 4, - &xctx->ks1.ks); + AES_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks); xctx->xts.block1 = (block128_f) AES_encrypt; } else { - AES_set_decrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 4, - &xctx->ks1.ks); + AES_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks); xctx->xts.block1 = (block128_f) AES_decrypt; } - AES_set_encrypt_key(key + EVP_CIPHER_CTX_key_length(ctx) / 2, - EVP_CIPHER_CTX_key_length(ctx) * 4, - &xctx->ks2.ks); + AES_set_encrypt_key(key + ctx->key_len / 2, + ctx->key_len * 4, &xctx->ks2.ks); xctx->xts.block2 = (block128_f) AES_encrypt; xctx->xts.key1 = &xctx->ks1; @@ -1894,7 +1713,7 @@ static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, if (iv) { xctx->xts.key2 = &xctx->ks2; - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 16); + memcpy(ctx->iv, iv, 16); } return 1; @@ -1903,34 +1722,34 @@ static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, static int aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX,ctx); + EVP_AES_XTS_CTX *xctx = ctx->cipher_data; if (!xctx->xts.key1 || !xctx->xts.key2) return 0; if (!out || !in || len < AES_BLOCK_SIZE) return 0; if (xctx->stream) (*xctx->stream) (in, out, len, - xctx->xts.key1, xctx->xts.key2, - EVP_CIPHER_CTX_iv_noconst(ctx)); - else if (CRYPTO_xts128_encrypt(&xctx->xts, EVP_CIPHER_CTX_iv_noconst(ctx), - in, out, len, - EVP_CIPHER_CTX_encrypting(ctx))) + xctx->xts.key1, xctx->xts.key2, ctx->iv); + else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len, + ctx->encrypt)) return 0; return 1; } -#define aes_xts_cleanup NULL +# define aes_xts_cleanup NULL -#define XTS_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV \ +# define XTS_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV \ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ | EVP_CIPH_CUSTOM_COPY) -BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS, XTS_FLAGS) - BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS, XTS_FLAGS) +BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS, + EVP_CIPH_FLAG_FIPS | XTS_FLAGS) + BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS, + EVP_CIPH_FLAG_FIPS | XTS_FLAGS) static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) { - EVP_AES_CCM_CTX *cctx = EVP_C_DATA(EVP_AES_CCM_CTX,c); + EVP_AES_CCM_CTX *cctx = c->cipher_data; switch (type) { case EVP_CTRL_INIT: cctx->key_set = 0; @@ -1939,44 +1758,9 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->M = 12; cctx->tag_set = 0; cctx->len_set = 0; - cctx->tls_aad_len = -1; return 1; - case EVP_CTRL_AEAD_TLS1_AAD: - /* Save the AAD for later use */ - if (arg != EVP_AEAD_TLS1_AAD_LEN) - return 0; - memcpy(EVP_CIPHER_CTX_buf_noconst(c), ptr, arg); - cctx->tls_aad_len = arg; - { - uint16_t len = - EVP_CIPHER_CTX_buf_noconst(c)[arg - 2] << 8 - | EVP_CIPHER_CTX_buf_noconst(c)[arg - 1]; - /* Correct length for explicit IV */ - if (len < EVP_CCM_TLS_EXPLICIT_IV_LEN) - return 0; - len -= EVP_CCM_TLS_EXPLICIT_IV_LEN; - /* If decrypting correct for tag too */ - if (!EVP_CIPHER_CTX_encrypting(c)) { - if (len < cctx->M) - return 0; - len -= cctx->M; - } - EVP_CIPHER_CTX_buf_noconst(c)[arg - 2] = len >> 8; - EVP_CIPHER_CTX_buf_noconst(c)[arg - 1] = len & 0xff; - } - /* Extra padding: tag appended to record */ - return cctx->M; - - case EVP_CTRL_CCM_SET_IV_FIXED: - /* Sanity check length */ - if (arg != EVP_CCM_TLS_FIXED_IV_LEN) - return 0; - /* Just copy to first part of IV */ - memcpy(EVP_CIPHER_CTX_iv_noconst(c), ptr, arg); - return 1; - - case EVP_CTRL_AEAD_SET_IVLEN: + case EVP_CTRL_CCM_SET_IVLEN: arg = 15 - arg; case EVP_CTRL_CCM_SET_L: if (arg < 2 || arg > 8) @@ -1984,20 +1768,20 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->L = arg; return 1; - case EVP_CTRL_AEAD_SET_TAG: + case EVP_CTRL_CCM_SET_TAG: if ((arg & 1) || arg < 4 || arg > 16) return 0; - if (EVP_CIPHER_CTX_encrypting(c) && ptr) + if (c->encrypt && ptr) return 0; if (ptr) { cctx->tag_set = 1; - memcpy(EVP_CIPHER_CTX_buf_noconst(c), ptr, arg); + memcpy(c->buf, ptr, arg); } cctx->M = arg; return 1; - case EVP_CTRL_AEAD_GET_TAG: - if (!EVP_CIPHER_CTX_encrypting(c) || !cctx->tag_set) + case EVP_CTRL_CCM_GET_TAG: + if (!c->encrypt || !cctx->tag_set) return 0; if (!CRYPTO_ccm128_tag(&cctx->ccm, ptr, (size_t)arg)) return 0; @@ -2009,7 +1793,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) case EVP_CTRL_COPY: { EVP_CIPHER_CTX *out = ptr; - EVP_AES_CCM_CTX *cctx_out = EVP_C_DATA(EVP_AES_CCM_CTX,out); + EVP_AES_CCM_CTX *cctx_out = out->cipher_data; if (cctx->ccm.key) { if (cctx->ccm.key != &cctx->ks) return 0; @@ -2027,15 +1811,14 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) static int aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - EVP_AES_CCM_CTX *cctx = EVP_C_DATA(EVP_AES_CCM_CTX,ctx); + EVP_AES_CCM_CTX *cctx = ctx->cipher_data; if (!iv && !key) return 1; if (key) do { -#ifdef HWAES_CAPABLE +# ifdef HWAES_CAPABLE if (HWAES_CAPABLE) { - HWAES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &cctx->ks.ks); + HWAES_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks.ks); CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L, &cctx->ks, (block128_f) HWAES_encrypt); @@ -2043,101 +1826,43 @@ static int aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, cctx->key_set = 1; break; } else -#endif -#ifdef VPAES_CAPABLE +# endif +# ifdef VPAES_CAPABLE if (VPAES_CAPABLE) { - vpaes_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &cctx->ks.ks); + vpaes_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks.ks); CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L, &cctx->ks, (block128_f) vpaes_encrypt); cctx->str = NULL; cctx->key_set = 1; break; } -#endif - AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &cctx->ks.ks); +# endif + AES_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks.ks); CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L, &cctx->ks, (block128_f) AES_encrypt); cctx->str = NULL; cctx->key_set = 1; } while (0); if (iv) { - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 15 - cctx->L); + memcpy(ctx->iv, iv, 15 - cctx->L); cctx->iv_set = 1; } return 1; } -static int aes_ccm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_AES_CCM_CTX *cctx = EVP_C_DATA(EVP_AES_CCM_CTX,ctx); - CCM128_CONTEXT *ccm = &cctx->ccm; - /* Encrypt/decrypt must be performed in place */ - if (out != in || len < (EVP_CCM_TLS_EXPLICIT_IV_LEN + (size_t)cctx->M)) - return -1; - /* If encrypting set explicit IV from sequence number (start of AAD) */ - if (EVP_CIPHER_CTX_encrypting(ctx)) - memcpy(out, EVP_CIPHER_CTX_buf_noconst(ctx), - EVP_CCM_TLS_EXPLICIT_IV_LEN); - /* Get rest of IV from explicit IV */ - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx) + EVP_CCM_TLS_FIXED_IV_LEN, in, - EVP_CCM_TLS_EXPLICIT_IV_LEN); - /* Correct length value */ - len -= EVP_CCM_TLS_EXPLICIT_IV_LEN + cctx->M; - if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx), 15 - cctx->L, - len)) - return -1; - /* Use saved AAD */ - CRYPTO_ccm128_aad(ccm, EVP_CIPHER_CTX_buf_noconst(ctx), cctx->tls_aad_len); - /* Fix buffer to point to payload */ - in += EVP_CCM_TLS_EXPLICIT_IV_LEN; - out += EVP_CCM_TLS_EXPLICIT_IV_LEN; - if (EVP_CIPHER_CTX_encrypting(ctx)) { - if (cctx->str ? CRYPTO_ccm128_encrypt_ccm64(ccm, in, out, len, - cctx->str) : - CRYPTO_ccm128_encrypt(ccm, in, out, len)) - return -1; - if (!CRYPTO_ccm128_tag(ccm, out + len, cctx->M)) - return -1; - return len + EVP_CCM_TLS_EXPLICIT_IV_LEN + cctx->M; - } else { - if (cctx->str ? !CRYPTO_ccm128_decrypt_ccm64(ccm, in, out, len, - cctx->str) : - !CRYPTO_ccm128_decrypt(ccm, in, out, len)) { - unsigned char tag[16]; - if (CRYPTO_ccm128_tag(ccm, tag, cctx->M)) { - if (!CRYPTO_memcmp(tag, in + len, cctx->M)) - return len; - } - } - OPENSSL_cleanse(out, len); - return -1; - } -} - static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - EVP_AES_CCM_CTX *cctx = EVP_C_DATA(EVP_AES_CCM_CTX,ctx); + EVP_AES_CCM_CTX *cctx = ctx->cipher_data; CCM128_CONTEXT *ccm = &cctx->ccm; /* If not set up, return error */ - if (!cctx->key_set) + if (!cctx->iv_set && !cctx->key_set) return -1; - - if (cctx->tls_aad_len >= 0) - return aes_ccm_tls_cipher(ctx, out, in, len); - - if (!cctx->iv_set) - return -1; - - if (!EVP_CIPHER_CTX_encrypting(ctx) && !cctx->tag_set) + if (!ctx->encrypt && !cctx->tag_set) return -1; if (!out) { if (!in) { - if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx), - 15 - cctx->L, len)) + if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len)) return -1; cctx->len_set = 1; return len; @@ -2153,12 +1878,11 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, return 0; /* If not set length yet do it */ if (!cctx->len_set) { - if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx), - 15 - cctx->L, len)) + if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len)) return -1; cctx->len_set = 1; } - if (EVP_CIPHER_CTX_encrypting(ctx)) { + if (ctx->encrypt) { if (cctx->str ? CRYPTO_ccm128_encrypt_ccm64(ccm, in, out, len, cctx->str) : CRYPTO_ccm128_encrypt(ccm, in, out, len)) @@ -2172,8 +1896,7 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, !CRYPTO_ccm128_decrypt(ccm, in, out, len)) { unsigned char tag[16]; if (CRYPTO_ccm128_tag(ccm, tag, cctx->M)) { - if (!CRYPTO_memcmp(tag, EVP_CIPHER_CTX_buf_noconst(ctx), - cctx->M)) + if (!CRYPTO_memcmp(tag, ctx->buf, cctx->M)) rv = len; } } @@ -2184,17 +1907,18 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, cctx->len_set = 0; return rv; } + } -#define aes_ccm_cleanup NULL +# define aes_ccm_cleanup NULL BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, ccm, CCM, - EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) + EVP_CIPH_FLAG_FIPS | CUSTOM_FLAGS) BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, ccm, CCM, - EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) + EVP_CIPH_FLAG_FIPS | CUSTOM_FLAGS) BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, ccm, CCM, - EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) - + EVP_CIPH_FLAG_FIPS | CUSTOM_FLAGS) +#endif typedef struct { union { double align; @@ -2207,22 +1931,20 @@ typedef struct { static int aes_wrap_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - EVP_AES_WRAP_CTX *wctx = EVP_C_DATA(EVP_AES_WRAP_CTX,ctx); + EVP_AES_WRAP_CTX *wctx = ctx->cipher_data; if (!iv && !key) return 1; if (key) { - if (EVP_CIPHER_CTX_encrypting(ctx)) - AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &wctx->ks.ks); + if (ctx->encrypt) + AES_set_encrypt_key(key, ctx->key_len * 8, &wctx->ks.ks); else - AES_set_decrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &wctx->ks.ks); + AES_set_decrypt_key(key, ctx->key_len * 8, &wctx->ks.ks); if (!iv) wctx->iv = NULL; } if (iv) { - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, EVP_CIPHER_CTX_iv_length(ctx)); - wctx->iv = EVP_CIPHER_CTX_iv_noconst(ctx); + memcpy(ctx->iv, iv, 8); + wctx->iv = ctx->iv; } return 1; } @@ -2230,59 +1952,28 @@ static int aes_wrap_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, static int aes_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inlen) { - EVP_AES_WRAP_CTX *wctx = EVP_C_DATA(EVP_AES_WRAP_CTX,ctx); + EVP_AES_WRAP_CTX *wctx = ctx->cipher_data; size_t rv; - /* AES wrap with padding has IV length of 4, without padding 8 */ - int pad = EVP_CIPHER_CTX_iv_length(ctx) == 4; - /* No final operation so always return zero length */ if (!in) return 0; - /* Input length must always be non-zero */ - if (!inlen) + if (inlen % 8) return -1; - /* If decrypting need at least 16 bytes and multiple of 8 */ - if (!EVP_CIPHER_CTX_encrypting(ctx) && (inlen < 16 || inlen & 0x7)) + if (ctx->encrypt && inlen < 8) return -1; - /* If not padding input must be multiple of 8 */ - if (!pad && inlen & 0x7) + if (!ctx->encrypt && inlen < 16) return -1; - if (is_partially_overlapping(out, in, inlen)) { - EVPerr(EVP_F_AES_WRAP_CIPHER, EVP_R_PARTIALLY_OVERLAPPING); - return 0; - } if (!out) { - if (EVP_CIPHER_CTX_encrypting(ctx)) { - /* If padding round up to multiple of 8 */ - if (pad) - inlen = (inlen + 7) / 8 * 8; - /* 8 byte prefix */ + if (ctx->encrypt) return inlen + 8; - } else { - /* - * If not padding output will be exactly 8 bytes smaller than - * input. If padding it will be at least 8 bytes smaller but we - * don't know how much. - */ - return inlen - 8; - } - } - if (pad) { - if (EVP_CIPHER_CTX_encrypting(ctx)) - rv = CRYPTO_128_wrap_pad(&wctx->ks.ks, wctx->iv, - out, in, inlen, - (block128_f) AES_encrypt); else - rv = CRYPTO_128_unwrap_pad(&wctx->ks.ks, wctx->iv, - out, in, inlen, - (block128_f) AES_decrypt); - } else { - if (EVP_CIPHER_CTX_encrypting(ctx)) - rv = CRYPTO_128_wrap(&wctx->ks.ks, wctx->iv, - out, in, inlen, (block128_f) AES_encrypt); - else - rv = CRYPTO_128_unwrap(&wctx->ks.ks, wctx->iv, - out, in, inlen, (block128_f) AES_decrypt); + return inlen - 8; } + if (ctx->encrypt) + rv = CRYPTO_128_wrap(&wctx->ks.ks, wctx->iv, out, in, inlen, + (block128_f) AES_encrypt); + else + rv = CRYPTO_128_unwrap(&wctx->ks.ks, wctx->iv, out, in, inlen, + (block128_f) AES_decrypt); return rv ? (int)rv : -1; } @@ -2331,372 +2022,3 @@ const EVP_CIPHER *EVP_aes_256_wrap(void) { return &aes_256_wrap; } - -static const EVP_CIPHER aes_128_wrap_pad = { - NID_id_aes128_wrap_pad, - 8, 16, 4, WRAP_FLAGS, - aes_wrap_init_key, aes_wrap_cipher, - NULL, - sizeof(EVP_AES_WRAP_CTX), - NULL, NULL, NULL, NULL -}; - -const EVP_CIPHER *EVP_aes_128_wrap_pad(void) -{ - return &aes_128_wrap_pad; -} - -static const EVP_CIPHER aes_192_wrap_pad = { - NID_id_aes192_wrap_pad, - 8, 24, 4, WRAP_FLAGS, - aes_wrap_init_key, aes_wrap_cipher, - NULL, - sizeof(EVP_AES_WRAP_CTX), - NULL, NULL, NULL, NULL -}; - -const EVP_CIPHER *EVP_aes_192_wrap_pad(void) -{ - return &aes_192_wrap_pad; -} - -static const EVP_CIPHER aes_256_wrap_pad = { - NID_id_aes256_wrap_pad, - 8, 32, 4, WRAP_FLAGS, - aes_wrap_init_key, aes_wrap_cipher, - NULL, - sizeof(EVP_AES_WRAP_CTX), - NULL, NULL, NULL, NULL -}; - -const EVP_CIPHER *EVP_aes_256_wrap_pad(void) -{ - return &aes_256_wrap_pad; -} - -#ifndef OPENSSL_NO_OCB -static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) -{ - EVP_AES_OCB_CTX *octx = EVP_C_DATA(EVP_AES_OCB_CTX,c); - EVP_CIPHER_CTX *newc; - EVP_AES_OCB_CTX *new_octx; - - switch (type) { - case EVP_CTRL_INIT: - octx->key_set = 0; - octx->iv_set = 0; - octx->ivlen = EVP_CIPHER_CTX_iv_length(c); - octx->iv = EVP_CIPHER_CTX_iv_noconst(c); - octx->taglen = 16; - octx->data_buf_len = 0; - octx->aad_buf_len = 0; - return 1; - - case EVP_CTRL_AEAD_SET_IVLEN: - /* IV len must be 1 to 15 */ - if (arg <= 0 || arg > 15) - return 0; - - octx->ivlen = arg; - return 1; - - case EVP_CTRL_AEAD_SET_TAG: - if (!ptr) { - /* Tag len must be 0 to 16 */ - if (arg < 0 || arg > 16) - return 0; - - octx->taglen = arg; - return 1; - } - if (arg != octx->taglen || EVP_CIPHER_CTX_encrypting(c)) - return 0; - memcpy(octx->tag, ptr, arg); - return 1; - - case EVP_CTRL_AEAD_GET_TAG: - if (arg != octx->taglen || !EVP_CIPHER_CTX_encrypting(c)) - return 0; - - memcpy(ptr, octx->tag, arg); - return 1; - - case EVP_CTRL_COPY: - newc = (EVP_CIPHER_CTX *)ptr; - new_octx = EVP_C_DATA(EVP_AES_OCB_CTX,newc); - return CRYPTO_ocb128_copy_ctx(&new_octx->ocb, &octx->ocb, - &new_octx->ksenc.ks, - &new_octx->ksdec.ks); - - default: - return -1; - - } -} - -# ifdef HWAES_CAPABLE -# ifdef HWAES_ocb_encrypt -void HWAES_ocb_encrypt(const unsigned char *in, unsigned char *out, - size_t blocks, const void *key, - size_t start_block_num, - unsigned char offset_i[16], - const unsigned char L_[][16], - unsigned char checksum[16]); -# else -# define HWAES_ocb_encrypt ((ocb128_f)NULL) -# endif -# ifdef HWAES_ocb_decrypt -void HWAES_ocb_decrypt(const unsigned char *in, unsigned char *out, - size_t blocks, const void *key, - size_t start_block_num, - unsigned char offset_i[16], - const unsigned char L_[][16], - unsigned char checksum[16]); -# else -# define HWAES_ocb_decrypt ((ocb128_f)NULL) -# endif -# endif - -static int aes_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - EVP_AES_OCB_CTX *octx = EVP_C_DATA(EVP_AES_OCB_CTX,ctx); - if (!iv && !key) - return 1; - if (key) { - do { - /* - * We set both the encrypt and decrypt key here because decrypt - * needs both. We could possibly optimise to remove setting the - * decrypt for an encryption operation. - */ -# ifdef HWAES_CAPABLE - if (HWAES_CAPABLE) { - HWAES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &octx->ksenc.ks); - HWAES_set_decrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &octx->ksdec.ks); - if (!CRYPTO_ocb128_init(&octx->ocb, - &octx->ksenc.ks, &octx->ksdec.ks, - (block128_f) HWAES_encrypt, - (block128_f) HWAES_decrypt, - enc ? HWAES_ocb_encrypt - : HWAES_ocb_decrypt)) - return 0; - break; - } -# endif -# ifdef VPAES_CAPABLE - if (VPAES_CAPABLE) { - vpaes_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &octx->ksenc.ks); - vpaes_set_decrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &octx->ksdec.ks); - if (!CRYPTO_ocb128_init(&octx->ocb, - &octx->ksenc.ks, &octx->ksdec.ks, - (block128_f) vpaes_encrypt, - (block128_f) vpaes_decrypt, - NULL)) - return 0; - break; - } -# endif - AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &octx->ksenc.ks); - AES_set_decrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, - &octx->ksdec.ks); - if (!CRYPTO_ocb128_init(&octx->ocb, - &octx->ksenc.ks, &octx->ksdec.ks, - (block128_f) AES_encrypt, - (block128_f) AES_decrypt, - NULL)) - return 0; - } - while (0); - - /* - * If we have an iv we can set it directly, otherwise use saved IV. - */ - if (iv == NULL && octx->iv_set) - iv = octx->iv; - if (iv) { - if (CRYPTO_ocb128_setiv(&octx->ocb, iv, octx->ivlen, octx->taglen) - != 1) - return 0; - octx->iv_set = 1; - } - octx->key_set = 1; - } else { - /* If key set use IV, otherwise copy */ - if (octx->key_set) - CRYPTO_ocb128_setiv(&octx->ocb, iv, octx->ivlen, octx->taglen); - else - memcpy(octx->iv, iv, octx->ivlen); - octx->iv_set = 1; - } - return 1; -} - -static int aes_ocb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - unsigned char *buf; - int *buf_len; - int written_len = 0; - size_t trailing_len; - EVP_AES_OCB_CTX *octx = EVP_C_DATA(EVP_AES_OCB_CTX,ctx); - - /* If IV or Key not set then return error */ - if (!octx->iv_set) - return -1; - - if (!octx->key_set) - return -1; - - if (in != NULL) { - /* - * Need to ensure we are only passing full blocks to low level OCB - * routines. We do it here rather than in EVP_EncryptUpdate/ - * EVP_DecryptUpdate because we need to pass full blocks of AAD too - * and those routines don't support that - */ - - /* Are we dealing with AAD or normal data here? */ - if (out == NULL) { - buf = octx->aad_buf; - buf_len = &(octx->aad_buf_len); - } else { - buf = octx->data_buf; - buf_len = &(octx->data_buf_len); - - if (is_partially_overlapping(out + *buf_len, in, len)) { - EVPerr(EVP_F_AES_OCB_CIPHER, EVP_R_PARTIALLY_OVERLAPPING); - return 0; - } - } - - /* - * If we've got a partially filled buffer from a previous call then - * use that data first - */ - if (*buf_len > 0) { - unsigned int remaining; - - remaining = AES_BLOCK_SIZE - (*buf_len); - if (remaining > len) { - memcpy(buf + (*buf_len), in, len); - *(buf_len) += len; - return 0; - } - memcpy(buf + (*buf_len), in, remaining); - - /* - * If we get here we've filled the buffer, so process it - */ - len -= remaining; - in += remaining; - if (out == NULL) { - if (!CRYPTO_ocb128_aad(&octx->ocb, buf, AES_BLOCK_SIZE)) - return -1; - } else if (EVP_CIPHER_CTX_encrypting(ctx)) { - if (!CRYPTO_ocb128_encrypt(&octx->ocb, buf, out, - AES_BLOCK_SIZE)) - return -1; - } else { - if (!CRYPTO_ocb128_decrypt(&octx->ocb, buf, out, - AES_BLOCK_SIZE)) - return -1; - } - written_len = AES_BLOCK_SIZE; - *buf_len = 0; - if (out != NULL) - out += AES_BLOCK_SIZE; - } - - /* Do we have a partial block to handle at the end? */ - trailing_len = len % AES_BLOCK_SIZE; - - /* - * If we've got some full blocks to handle, then process these first - */ - if (len != trailing_len) { - if (out == NULL) { - if (!CRYPTO_ocb128_aad(&octx->ocb, in, len - trailing_len)) - return -1; - } else if (EVP_CIPHER_CTX_encrypting(ctx)) { - if (!CRYPTO_ocb128_encrypt - (&octx->ocb, in, out, len - trailing_len)) - return -1; - } else { - if (!CRYPTO_ocb128_decrypt - (&octx->ocb, in, out, len - trailing_len)) - return -1; - } - written_len += len - trailing_len; - in += len - trailing_len; - } - - /* Handle any trailing partial block */ - if (trailing_len > 0) { - memcpy(buf, in, trailing_len); - *buf_len = trailing_len; - } - - return written_len; - } else { - /* - * First of all empty the buffer of any partial block that we might - * have been provided - both for data and AAD - */ - if (octx->data_buf_len > 0) { - if (EVP_CIPHER_CTX_encrypting(ctx)) { - if (!CRYPTO_ocb128_encrypt(&octx->ocb, octx->data_buf, out, - octx->data_buf_len)) - return -1; - } else { - if (!CRYPTO_ocb128_decrypt(&octx->ocb, octx->data_buf, out, - octx->data_buf_len)) - return -1; - } - written_len = octx->data_buf_len; - octx->data_buf_len = 0; - } - if (octx->aad_buf_len > 0) { - if (!CRYPTO_ocb128_aad - (&octx->ocb, octx->aad_buf, octx->aad_buf_len)) - return -1; - octx->aad_buf_len = 0; - } - /* If decrypting then verify */ - if (!EVP_CIPHER_CTX_encrypting(ctx)) { - if (octx->taglen < 0) - return -1; - if (CRYPTO_ocb128_finish(&octx->ocb, - octx->tag, octx->taglen) != 0) - return -1; - octx->iv_set = 0; - return written_len; - } - /* If encrypting then just get the tag */ - if (CRYPTO_ocb128_tag(&octx->ocb, octx->tag, 16) != 1) - return -1; - /* Don't reuse the IV */ - octx->iv_set = 0; - return written_len; - } -} - -static int aes_ocb_cleanup(EVP_CIPHER_CTX *c) -{ - EVP_AES_OCB_CTX *octx = EVP_C_DATA(EVP_AES_OCB_CTX,c); - CRYPTO_ocb128_cleanup(&octx->ocb); - return 1; -} - -BLOCK_CIPHER_custom(NID_aes, 128, 16, 12, ocb, OCB, - EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) -BLOCK_CIPHER_custom(NID_aes, 192, 16, 12, ocb, OCB, - EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) -BLOCK_CIPHER_custom(NID_aes, 256, 16, 12, ocb, OCB, - EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) -#endif /* OPENSSL_NO_OCB */ diff --git a/Cryptlib/OpenSSL/crypto/evp/e_aes_cbc_hmac_sha1.c b/Cryptlib/OpenSSL/crypto/evp/e_aes_cbc_hmac_sha1.c index 52c7c744..6dfd590a 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_aes_cbc_hmac_sha1.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_aes_cbc_hmac_sha1.c @@ -1,10 +1,50 @@ -/* - * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved. +/* ==================================================================== + * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== */ #include <openssl/opensslconf.h> @@ -12,14 +52,31 @@ #include <stdio.h> #include <string.h> -#include <openssl/evp.h> -#include <openssl/objects.h> -#include <openssl/aes.h> -#include <openssl/sha.h> -#include <openssl/rand.h> -#include "modes_lcl.h" -#include "internal/evp_int.h" -#include "internal/constant_time_locl.h" +#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1) + +# include <openssl/evp.h> +# include <openssl/objects.h> +# include <openssl/aes.h> +# include <openssl/sha.h> +# include <openssl/rand.h> +# include "modes_lcl.h" +# include "constant_time_locl.h" + +# ifndef EVP_CIPH_FLAG_AEAD_CIPHER +# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000 +# define EVP_CTRL_AEAD_TLS1_AAD 0x16 +# define EVP_CTRL_AEAD_SET_MAC_KEY 0x17 +# endif + +# if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1) +# define EVP_CIPH_FLAG_DEFAULT_ASN1 0 +# endif + +# if !defined(EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK) +# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0 +# endif + +# define TLS1_1_VERSION 0x0302 typedef struct { AES_KEY ks; @@ -31,14 +88,15 @@ typedef struct { } aux; } EVP_AES_HMAC_SHA1; -#define NO_PAYLOAD_LENGTH ((size_t)-1) +# define NO_PAYLOAD_LENGTH ((size_t)-1) -#if defined(AES_ASM) && ( \ +# if defined(AES_ASM) && ( \ defined(__x86_64) || defined(__x86_64__) || \ - defined(_M_AMD64) || defined(_M_X64) ) + defined(_M_AMD64) || defined(_M_X64) || \ + defined(__INTEL__) ) extern unsigned int OPENSSL_ia32cap_P[]; -# define AESNI_CAPABLE (1<<(57-32)) +# define AESNI_CAPABLE (1<<(57-32)) int aesni_set_encrypt_key(const unsigned char *userKey, int bits, AES_KEY *key); @@ -58,7 +116,7 @@ void aesni256_cbc_sha1_dec(const void *inp, void *out, size_t blocks, const AES_KEY *key, unsigned char iv[16], SHA_CTX *ctx, const void *in0); -# define data(ctx) ((EVP_AES_HMAC_SHA1 *)EVP_CIPHER_CTX_get_cipher_data(ctx)) +# define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data) static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *inkey, @@ -68,13 +126,9 @@ static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, int ret; if (enc) - ret = aesni_set_encrypt_key(inkey, - EVP_CIPHER_CTX_key_length(ctx) * 8, - &key->ks); + ret = aesni_set_encrypt_key(inkey, ctx->key_len * 8, &key->ks); else - ret = aesni_set_decrypt_key(inkey, - EVP_CIPHER_CTX_key_length(ctx) * 8, - &key->ks); + ret = aesni_set_decrypt_key(inkey, ctx->key_len * 8, &key->ks); SHA1_Init(&key->head); /* handy when benchmarking */ key->tail = key->head; @@ -85,12 +139,12 @@ static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, return ret < 0 ? 0 : 1; } -# define STITCHED_CALL -# undef STITCHED_DECRYPT_CALL +# define STITCHED_CALL +# undef STITCHED_DECRYPT_CALL -# if !defined(STITCHED_CALL) -# define aes_off 0 -# endif +# if !defined(STITCHED_CALL) +# define aes_off 0 +# endif void sha1_block_data_order(void *c, const void *p, size_t len); @@ -125,12 +179,12 @@ static void sha1_update(SHA_CTX *c, const void *data, size_t len) SHA1_Update(c, ptr, res); } -# ifdef SHA1_Update -# undef SHA1_Update -# endif -# define SHA1_Update sha1_update +# ifdef SHA1_Update +# undef SHA1_Update +# endif +# define SHA1_Update sha1_update -# if !defined(OPENSSL_NO_MULTIBLOCK) +# if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK typedef struct { unsigned int A[8], B[8], C[8], D[8], E[8]; @@ -169,9 +223,9 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA1 *key, 0; size_t ret = 0; u8 *IVs; -# if defined(BSWAP8) +# if defined(BSWAP8) u64 seqnum; -# endif +# endif /* ask for IVs in bulk */ if (RAND_bytes((IVs = blocks[0].c), 16 * x4) <= 0) @@ -205,15 +259,15 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA1 *key, IVs += 16; } -# if defined(BSWAP8) +# if defined(BSWAP8) memcpy(blocks[0].c, key->md.data, 8); seqnum = BSWAP8(blocks[0].q[0]); -# endif +# endif for (i = 0; i < x4; i++) { unsigned int len = (i == (x4 - 1) ? last : frag); -# if !defined(BSWAP8) +# if !defined(BSWAP8) unsigned int carry, j; -# endif +# endif ctx->A[i] = key->md.h0; ctx->B[i] = key->md.h1; @@ -222,14 +276,14 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA1 *key, ctx->E[i] = key->md.h4; /* fix seqnum */ -# if defined(BSWAP8) +# if defined(BSWAP8) blocks[i].q[0] = BSWAP8(seqnum + i); -# else +# else for (carry = i, j = 8; j--;) { blocks[i].c[j] = ((u8 *)key->md.data)[j] + carry; carry = (blocks[i].c[j] - carry) >> (sizeof(carry) * 8 - 1); } -# endif +# endif blocks[i].c[8] = ((u8 *)key->md.data)[8]; blocks[i].c[9] = ((u8 *)key->md.data)[9]; blocks[i].c[10] = ((u8 *)key->md.data)[10]; @@ -248,10 +302,10 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA1 *key, /* hash 13-byte headers and first 64-13 bytes of inputs */ sha1_multi_block(ctx, edges, n4x); /* hash bulk inputs */ -# define MAXCHUNKSIZE 2048 -# if MAXCHUNKSIZE%64 -# error "MAXCHUNKSIZE is not divisible by 64" -# elif MAXCHUNKSIZE +# define MAXCHUNKSIZE 2048 +# if MAXCHUNKSIZE%64 +# error "MAXCHUNKSIZE is not divisible by 64" +# elif MAXCHUNKSIZE /* * goal is to minimize pressure on L1 cache by moving in shorter steps, * so that hashed data is still in the cache by the time we encrypt it @@ -280,8 +334,8 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA1 *key, minblocks -= MAXCHUNKSIZE / 64; } while (minblocks > MAXCHUNKSIZE / 64); } -# endif -# undef MAXCHUNKSIZE +# endif +# undef MAXCHUNKSIZE sha1_multi_block(ctx, hash_d, n4x); memset(blocks, 0, sizeof(blocks)); @@ -296,18 +350,18 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA1 *key, len += 64 + 13; /* 64 is HMAC header */ len *= 8; /* convert to bits */ if (off < (64 - 8)) { -# ifdef BSWAP4 +# ifdef BSWAP4 blocks[i].d[15] = BSWAP4(len); -# else +# else PUTU32(blocks[i].c + 60, len); -# endif +# endif edges[i].blocks = 1; } else { -# ifdef BSWAP4 +# ifdef BSWAP4 blocks[i].d[31] = BSWAP4(len); -# else +# else PUTU32(blocks[i].c + 124, len); -# endif +# endif edges[i].blocks = 2; } edges[i].ptr = blocks[i].c; @@ -318,7 +372,7 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA1 *key, memset(blocks, 0, sizeof(blocks)); for (i = 0; i < x4; i++) { -# ifdef BSWAP4 +# ifdef BSWAP4 blocks[i].d[0] = BSWAP4(ctx->A[i]); ctx->A[i] = key->tail.h0; blocks[i].d[1] = BSWAP4(ctx->B[i]); @@ -331,7 +385,7 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA1 *key, ctx->E[i] = key->tail.h4; blocks[i].c[20] = 0x80; blocks[i].d[15] = BSWAP4((64 + 20) * 8); -# else +# else PUTU32(blocks[i].c + 0, ctx->A[i]); ctx->A[i] = key->tail.h0; PUTU32(blocks[i].c + 4, ctx->B[i]); @@ -344,7 +398,7 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA1 *key, ctx->E[i] = key->tail.h4; blocks[i].c[20] = 0x80; PUTU32(blocks[i].c + 60, (64 + 20) * 8); -# endif +# endif edges[i].ptr = blocks[i].c; edges[i].blocks = 1; } @@ -397,7 +451,7 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA1 *key, return ret; } -# endif +# endif static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) @@ -407,18 +461,18 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, size_t plen = key->payload_length, iv = 0, /* explicit IV in TLS 1.1 and * later */ sha_off = 0; -# if defined(STITCHED_CALL) +# if defined(STITCHED_CALL) size_t aes_off = 0, blocks; sha_off = SHA_CBLOCK - key->md.num; -# endif +# endif key->payload_length = NO_PAYLOAD_LENGTH; if (len % AES_BLOCK_SIZE) return 0; - if (EVP_CIPHER_CTX_encrypting(ctx)) { + if (ctx->encrypt) { if (plen == NO_PAYLOAD_LENGTH) plen = len; else if (len != @@ -428,14 +482,13 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, else if (key->aux.tls_ver >= TLS1_1_VERSION) iv = AES_BLOCK_SIZE; -# if defined(STITCHED_CALL) +# if defined(STITCHED_CALL) if (plen > (sha_off + iv) && (blocks = (plen - (sha_off + iv)) / SHA_CBLOCK)) { SHA1_Update(&key->md, in + iv, sha_off); aesni_cbc_sha1_enc(in, out, blocks, &key->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), - &key->md, in + iv + sha_off); + ctx->iv, &key->md, in + iv + sha_off); blocks *= SHA_CBLOCK; aes_off += blocks; sha_off += blocks; @@ -446,7 +499,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } else { sha_off = 0; } -# endif +# endif sha_off += iv; SHA1_Update(&key->md, in + sha_off, plen - sha_off); @@ -466,10 +519,10 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, out[plen] = l; /* encrypt HMAC|padding at once */ aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off, - &key->ks, EVP_CIPHER_CTX_iv_noconst(ctx), 1); + &key->ks, ctx->iv, 1); } else { aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off, - &key->ks, EVP_CIPHER_CTX_iv_noconst(ctx), 1); + &key->ks, ctx->iv, 1); } } else { union { @@ -488,10 +541,10 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned int u[SHA_LBLOCK]; unsigned char c[SHA_CBLOCK]; } *data = (void *)key->md.data; -# if defined(STITCHED_DECRYPT_CALL) +# if defined(STITCHED_DECRYPT_CALL) unsigned char tail_iv[AES_BLOCK_SIZE]; int stitch = 0; -# endif +# endif if ((key->aux.tls_aad[plen - 4] << 8 | key->aux.tls_aad[plen - 3]) >= TLS1_1_VERSION) { @@ -499,15 +552,14 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, return 0; /* omit explicit iv */ - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), in, AES_BLOCK_SIZE); - + memcpy(ctx->iv, in, AES_BLOCK_SIZE); in += AES_BLOCK_SIZE; out += AES_BLOCK_SIZE; len -= AES_BLOCK_SIZE; } else if (len < (SHA_DIGEST_LENGTH + 1)) return 0; -# if defined(STITCHED_DECRYPT_CALL) +# if defined(STITCHED_DECRYPT_CALL) if (len >= 1024 && ctx->key_len == 32) { /* decrypt last block */ memcpy(tail_iv, in + len - 2 * AES_BLOCK_SIZE, @@ -517,10 +569,9 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, &key->ks, tail_iv, 0); stitch = 1; } else -# endif +# endif /* decrypt HMAC|padding at once */ - aesni_cbc_encrypt(in, out, len, &key->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), 0); + aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0); /* figure out payload length */ pad = out[len - 1]; @@ -542,7 +593,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, key->md = key->head; SHA1_Update(&key->md, key->aux.tls_aad, plen); -# if defined(STITCHED_DECRYPT_CALL) +# if defined(STITCHED_DECRYPT_CALL) if (stitch) { blocks = (len - (256 + 32 + SHA_CBLOCK)) / SHA_CBLOCK; aes_off = len - AES_BLOCK_SIZE - blocks * SHA_CBLOCK; @@ -563,9 +614,9 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, key->md.Nl += (blocks << 3); /* at most 18 bits */ memcpy(ctx->iv, tail_iv, AES_BLOCK_SIZE); } -# endif +# endif -# if 1 +# if 1 len -= SHA_DIGEST_LENGTH; /* amend mac */ if (len >= (256 + SHA_CBLOCK)) { j = (len - (256 + SHA_CBLOCK)) & (0 - SHA_CBLOCK); @@ -578,15 +629,15 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, /* but pretend as if we hashed padded payload */ bitlen = key->md.Nl + (inp_len << 3); /* at most 18 bits */ -# ifdef BSWAP4 +# ifdef BSWAP4 bitlen = BSWAP4(bitlen); -# else +# else mac.c[0] = 0; mac.c[1] = (unsigned char)(bitlen >> 16); mac.c[2] = (unsigned char)(bitlen >> 8); mac.c[3] = (unsigned char)bitlen; bitlen = mac.u[0]; -# endif +# endif pmac->u[0] = 0; pmac->u[1] = 0; @@ -643,13 +694,13 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, pmac->u[3] |= key->md.h3 & mask; pmac->u[4] |= key->md.h4 & mask; -# ifdef BSWAP4 +# ifdef BSWAP4 pmac->u[0] = BSWAP4(pmac->u[0]); pmac->u[1] = BSWAP4(pmac->u[1]); pmac->u[2] = BSWAP4(pmac->u[2]); pmac->u[3] = BSWAP4(pmac->u[3]); pmac->u[4] = BSWAP4(pmac->u[4]); -# else +# else for (i = 0; i < 5; i++) { res = pmac->u[i]; pmac->c[4 * i + 0] = (unsigned char)(res >> 24); @@ -657,9 +708,9 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, pmac->c[4 * i + 2] = (unsigned char)(res >> 8); pmac->c[4 * i + 3] = (unsigned char)res; } -# endif +# endif len += SHA_DIGEST_LENGTH; -# else +# else SHA1_Update(&key->md, out, inp_len); res = key->md.num; SHA1_Final(pmac->c, &key->md); @@ -678,7 +729,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, for (; inp_blocks < pad_blocks; inp_blocks++) sha1_block_data_order(&key->md, data, 1); } -# endif +# endif key->md = key->tail; SHA1_Update(&key->md, pmac->c, SHA_DIGEST_LENGTH); SHA1_Final(pmac->c, &key->md); @@ -686,7 +737,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, /* verify HMAC */ out += inp_len; len -= inp_len; -# if 1 +# if 1 { unsigned char *p = out + len - 1 - maxpad - SHA_DIGEST_LENGTH; size_t off = out - p; @@ -708,7 +759,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1)); ret &= (int)~res; } -# else +# else for (res = 0, i = 0; i < SHA_DIGEST_LENGTH; i++) res |= out[i] ^ pmac->c[i]; res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1)); @@ -722,10 +773,10 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, res = (0 - res) >> (sizeof(res) * 8 - 1); ret &= (int)~res; -# endif +# endif return ret; } else { -# if defined(STITCHED_DECRYPT_CALL) +# if defined(STITCHED_DECRYPT_CALL) if (len >= 1024 && ctx->key_len == 32) { if (sha_off %= SHA_CBLOCK) blocks = (len - 3 * SHA_CBLOCK) / SHA_CBLOCK; @@ -748,10 +799,9 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, if (key->md.Nl < (unsigned int)blocks) key->md.Nh++; } else -# endif +# endif /* decrypt HMAC|padding at once */ - aesni_cbc_encrypt(in, out, len, &key->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), 0); + aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0); SHA1_Update(&key->md, out, len); } @@ -802,10 +852,10 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, if (arg != EVP_AEAD_TLS1_AAD_LEN) return -1; - + len = p[arg - 2] << 8 | p[arg - 1]; - if (EVP_CIPHER_CTX_encrypting(ctx)) { + if (ctx->encrypt) { key->payload_length = len; if ((key->aux.tls_ver = p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) { @@ -826,7 +876,7 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, return SHA_DIGEST_LENGTH; } } -# if !defined(OPENSSL_NO_MULTIBLOCK) +# if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE: return (int)(5 + 16 + ((arg + 20 + 16) & -16)); case EVP_CTRL_TLS1_1_MULTIBLOCK_AAD: @@ -841,7 +891,7 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, inp_len = param->inp[11] << 8 | param->inp[12]; - if (EVP_CIPHER_CTX_encrypting(ctx)) { + if (ctx->encrypt) { if ((param->inp[9] << 8 | param->inp[10]) < TLS1_1_VERSION) return -1; @@ -889,19 +939,19 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, param->interleave / 4); } case EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT: -# endif +# endif default: return -1; } } static EVP_CIPHER aesni_128_cbc_hmac_sha1_cipher = { -# ifdef NID_aes_128_cbc_hmac_sha1 +# ifdef NID_aes_128_cbc_hmac_sha1 NID_aes_128_cbc_hmac_sha1, -# else +# else NID_undef, -# endif - AES_BLOCK_SIZE, 16, AES_BLOCK_SIZE, +# endif + 16, 16, 16, EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK, aesni_cbc_hmac_sha1_init_key, @@ -915,12 +965,12 @@ static EVP_CIPHER aesni_128_cbc_hmac_sha1_cipher = { }; static EVP_CIPHER aesni_256_cbc_hmac_sha1_cipher = { -# ifdef NID_aes_256_cbc_hmac_sha1 +# ifdef NID_aes_256_cbc_hmac_sha1 NID_aes_256_cbc_hmac_sha1, -# else +# else NID_undef, -# endif - AES_BLOCK_SIZE, 32, AES_BLOCK_SIZE, +# endif + 16, 32, 16, EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK, aesni_cbc_hmac_sha1_init_key, @@ -944,7 +994,7 @@ const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void) return (OPENSSL_ia32cap_P[1] & AESNI_CAPABLE ? &aesni_256_cbc_hmac_sha1_cipher : NULL); } -#else +# else const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void) { return NULL; @@ -954,4 +1004,5 @@ const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void) { return NULL; } +# endif #endif diff --git a/Cryptlib/OpenSSL/crypto/evp/e_aes_cbc_hmac_sha256.c b/Cryptlib/OpenSSL/crypto/evp/e_aes_cbc_hmac_sha256.c index 5a92e0b8..46c9d033 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_aes_cbc_hmac_sha256.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_aes_cbc_hmac_sha256.c @@ -1,10 +1,50 @@ -/* - * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved. +/* ==================================================================== + * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== */ #include <openssl/opensslconf.h> @@ -12,15 +52,31 @@ #include <stdio.h> #include <string.h> +#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA256) + +# include <openssl/evp.h> +# include <openssl/objects.h> +# include <openssl/aes.h> +# include <openssl/sha.h> +# include <openssl/rand.h> +# include "modes_lcl.h" +# include "constant_time_locl.h" -#include <openssl/evp.h> -#include <openssl/objects.h> -#include <openssl/aes.h> -#include <openssl/sha.h> -#include <openssl/rand.h> -#include "modes_lcl.h" -#include "internal/constant_time_locl.h" -#include "internal/evp_int.h" +# ifndef EVP_CIPH_FLAG_AEAD_CIPHER +# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000 +# define EVP_CTRL_AEAD_TLS1_AAD 0x16 +# define EVP_CTRL_AEAD_SET_MAC_KEY 0x17 +# endif + +# if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1) +# define EVP_CIPH_FLAG_DEFAULT_ASN1 0 +# endif + +# if !defined(EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK) +# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0 +# endif + +# define TLS1_1_VERSION 0x0302 typedef struct { AES_KEY ks; @@ -34,12 +90,13 @@ typedef struct { # define NO_PAYLOAD_LENGTH ((size_t)-1) -#if defined(AES_ASM) && ( \ +# if defined(AES_ASM) && ( \ defined(__x86_64) || defined(__x86_64__) || \ - defined(_M_AMD64) || defined(_M_X64) ) + defined(_M_AMD64) || defined(_M_X64) || \ + defined(__INTEL__) ) extern unsigned int OPENSSL_ia32cap_P[]; -# define AESNI_CAPABLE (1<<(57-32)) +# define AESNI_CAPABLE (1<<(57-32)) int aesni_set_encrypt_key(const unsigned char *userKey, int bits, AES_KEY *key); @@ -55,7 +112,7 @@ int aesni_cbc_sha256_enc(const void *inp, void *out, size_t blocks, const AES_KEY *key, unsigned char iv[16], SHA256_CTX *ctx, const void *in0); -# define data(ctx) ((EVP_AES_HMAC_SHA256 *)EVP_CIPHER_CTX_get_cipher_data(ctx)) +# define data(ctx) ((EVP_AES_HMAC_SHA256 *)(ctx)->cipher_data) static int aesni_cbc_hmac_sha256_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *inkey, @@ -65,13 +122,10 @@ static int aesni_cbc_hmac_sha256_init_key(EVP_CIPHER_CTX *ctx, int ret; if (enc) - ret = aesni_set_encrypt_key(inkey, - EVP_CIPHER_CTX_key_length(ctx) * 8, - &key->ks); + memset(&key->ks, 0, sizeof(key->ks.rd_key)), + ret = aesni_set_encrypt_key(inkey, ctx->key_len * 8, &key->ks); else - ret = aesni_set_decrypt_key(inkey, - EVP_CIPHER_CTX_key_length(ctx) * 8, - &key->ks); + ret = aesni_set_decrypt_key(inkey, ctx->key_len * 8, &key->ks); SHA256_Init(&key->head); /* handy when benchmarking */ key->tail = key->head; @@ -82,11 +136,11 @@ static int aesni_cbc_hmac_sha256_init_key(EVP_CIPHER_CTX *ctx, return ret < 0 ? 0 : 1; } -# define STITCHED_CALL +# define STITCHED_CALL -# if !defined(STITCHED_CALL) -# define aes_off 0 -# endif +# if !defined(STITCHED_CALL) +# define aes_off 0 +# endif void sha256_block_data_order(void *c, const void *p, size_t len); @@ -121,12 +175,12 @@ static void sha256_update(SHA256_CTX *c, const void *data, size_t len) SHA256_Update(c, ptr, res); } -# ifdef SHA256_Update -# undef SHA256_Update -# endif -# define SHA256_Update sha256_update +# ifdef SHA256_Update +# undef SHA256_Update +# endif +# define SHA256_Update sha256_update -# if !defined(OPENSSL_NO_MULTIBLOCK) +# if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK typedef struct { unsigned int A[8], B[8], C[8], D[8], E[8], F[8], G[8], H[8]; @@ -165,9 +219,9 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key, 0; size_t ret = 0; u8 *IVs; -# if defined(BSWAP8) +# if defined(BSWAP8) u64 seqnum; -# endif +# endif /* ask for IVs in bulk */ if (RAND_bytes((IVs = blocks[0].c), 16 * x4) <= 0) @@ -202,15 +256,15 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key, IVs += 16; } -# if defined(BSWAP8) +# if defined(BSWAP8) memcpy(blocks[0].c, key->md.data, 8); seqnum = BSWAP8(blocks[0].q[0]); -# endif +# endif for (i = 0; i < x4; i++) { unsigned int len = (i == (x4 - 1) ? last : frag); -# if !defined(BSWAP8) +# if !defined(BSWAP8) unsigned int carry, j; -# endif +# endif ctx->A[i] = key->md.h[0]; ctx->B[i] = key->md.h[1]; @@ -222,14 +276,14 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key, ctx->H[i] = key->md.h[7]; /* fix seqnum */ -# if defined(BSWAP8) +# if defined(BSWAP8) blocks[i].q[0] = BSWAP8(seqnum + i); -# else +# else for (carry = i, j = 8; j--;) { blocks[i].c[j] = ((u8 *)key->md.data)[j] + carry; carry = (blocks[i].c[j] - carry) >> (sizeof(carry) * 8 - 1); } -# endif +# endif blocks[i].c[8] = ((u8 *)key->md.data)[8]; blocks[i].c[9] = ((u8 *)key->md.data)[9]; blocks[i].c[10] = ((u8 *)key->md.data)[10]; @@ -248,10 +302,10 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key, /* hash 13-byte headers and first 64-13 bytes of inputs */ sha256_multi_block(ctx, edges, n4x); /* hash bulk inputs */ -# define MAXCHUNKSIZE 2048 -# if MAXCHUNKSIZE%64 -# error "MAXCHUNKSIZE is not divisible by 64" -# elif MAXCHUNKSIZE +# define MAXCHUNKSIZE 2048 +# if MAXCHUNKSIZE%64 +# error "MAXCHUNKSIZE is not divisible by 64" +# elif MAXCHUNKSIZE /* * goal is to minimize pressure on L1 cache by moving in shorter steps, * so that hashed data is still in the cache by the time we encrypt it @@ -280,8 +334,8 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key, minblocks -= MAXCHUNKSIZE / 64; } while (minblocks > MAXCHUNKSIZE / 64); } -# endif -# undef MAXCHUNKSIZE +# endif +# undef MAXCHUNKSIZE sha256_multi_block(ctx, hash_d, n4x); memset(blocks, 0, sizeof(blocks)); @@ -296,18 +350,18 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key, len += 64 + 13; /* 64 is HMAC header */ len *= 8; /* convert to bits */ if (off < (64 - 8)) { -# ifdef BSWAP4 +# ifdef BSWAP4 blocks[i].d[15] = BSWAP4(len); -# else +# else PUTU32(blocks[i].c + 60, len); -# endif +# endif edges[i].blocks = 1; } else { -# ifdef BSWAP4 +# ifdef BSWAP4 blocks[i].d[31] = BSWAP4(len); -# else +# else PUTU32(blocks[i].c + 124, len); -# endif +# endif edges[i].blocks = 2; } edges[i].ptr = blocks[i].c; @@ -318,7 +372,7 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key, memset(blocks, 0, sizeof(blocks)); for (i = 0; i < x4; i++) { -# ifdef BSWAP4 +# ifdef BSWAP4 blocks[i].d[0] = BSWAP4(ctx->A[i]); ctx->A[i] = key->tail.h[0]; blocks[i].d[1] = BSWAP4(ctx->B[i]); @@ -337,7 +391,7 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key, ctx->H[i] = key->tail.h[7]; blocks[i].c[32] = 0x80; blocks[i].d[15] = BSWAP4((64 + 32) * 8); -# else +# else PUTU32(blocks[i].c + 0, ctx->A[i]); ctx->A[i] = key->tail.h[0]; PUTU32(blocks[i].c + 4, ctx->B[i]); @@ -356,7 +410,7 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key, ctx->H[i] = key->tail.h[7]; blocks[i].c[32] = 0x80; PUTU32(blocks[i].c + 60, (64 + 32) * 8); -# endif +# endif edges[i].ptr = blocks[i].c; edges[i].blocks = 1; } @@ -412,7 +466,7 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key, return ret; } -# endif +# endif static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, @@ -423,18 +477,18 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, size_t plen = key->payload_length, iv = 0, /* explicit IV in TLS 1.1 and * later */ sha_off = 0; -# if defined(STITCHED_CALL) +# if defined(STITCHED_CALL) size_t aes_off = 0, blocks; sha_off = SHA256_CBLOCK - key->md.num; -# endif +# endif key->payload_length = NO_PAYLOAD_LENGTH; if (len % AES_BLOCK_SIZE) return 0; - if (EVP_CIPHER_CTX_encrypting(ctx)) { + if (ctx->encrypt) { if (plen == NO_PAYLOAD_LENGTH) plen = len; else if (len != @@ -444,7 +498,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, else if (key->aux.tls_ver >= TLS1_1_VERSION) iv = AES_BLOCK_SIZE; -# if defined(STITCHED_CALL) +# if defined(STITCHED_CALL) /* * Assembly stitch handles AVX-capable processors, but its * performance is not optimal on AMD Jaguar, ~40% worse, for @@ -462,8 +516,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, SHA256_Update(&key->md, in + iv, sha_off); (void)aesni_cbc_sha256_enc(in, out, blocks, &key->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), - &key->md, in + iv + sha_off); + ctx->iv, &key->md, in + iv + sha_off); blocks *= SHA256_CBLOCK; aes_off += blocks; sha_off += blocks; @@ -474,7 +527,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, } else { sha_off = 0; } -# endif +# endif sha_off += iv; SHA256_Update(&key->md, in + sha_off, plen - sha_off); @@ -494,10 +547,10 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, out[plen] = l; /* encrypt HMAC|padding at once */ aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off, - &key->ks, EVP_CIPHER_CTX_iv_noconst(ctx), 1); + &key->ks, ctx->iv, 1); } else { aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off, - &key->ks, EVP_CIPHER_CTX_iv_noconst(ctx), 1); + &key->ks, ctx->iv, 1); } } else { union { @@ -509,8 +562,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, pmac = (void *)(((size_t)mac.c + 63) & ((size_t)0 - 64)); /* decrypt HMAC|padding at once */ - aesni_cbc_encrypt(in, out, len, &key->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), 0); + aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0); if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */ size_t inp_len, mask, j, i; @@ -552,7 +604,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, key->md = key->head; SHA256_Update(&key->md, key->aux.tls_aad, plen); -# if 1 +# if 1 len -= SHA256_DIGEST_LENGTH; /* amend mac */ if (len >= (256 + SHA256_CBLOCK)) { j = (len - (256 + SHA256_CBLOCK)) & (0 - SHA256_CBLOCK); @@ -565,15 +617,15 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, /* but pretend as if we hashed padded payload */ bitlen = key->md.Nl + (inp_len << 3); /* at most 18 bits */ -# ifdef BSWAP4 +# ifdef BSWAP4 bitlen = BSWAP4(bitlen); -# else +# else mac.c[0] = 0; mac.c[1] = (unsigned char)(bitlen >> 16); mac.c[2] = (unsigned char)(bitlen >> 8); mac.c[3] = (unsigned char)bitlen; bitlen = mac.u[0]; -# endif +# endif pmac->u[0] = 0; pmac->u[1] = 0; @@ -642,7 +694,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, pmac->u[6] |= key->md.h[6] & mask; pmac->u[7] |= key->md.h[7] & mask; -# ifdef BSWAP4 +# ifdef BSWAP4 pmac->u[0] = BSWAP4(pmac->u[0]); pmac->u[1] = BSWAP4(pmac->u[1]); pmac->u[2] = BSWAP4(pmac->u[2]); @@ -651,7 +703,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, pmac->u[5] = BSWAP4(pmac->u[5]); pmac->u[6] = BSWAP4(pmac->u[6]); pmac->u[7] = BSWAP4(pmac->u[7]); -# else +# else for (i = 0; i < 8; i++) { res = pmac->u[i]; pmac->c[4 * i + 0] = (unsigned char)(res >> 24); @@ -659,9 +711,9 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, pmac->c[4 * i + 2] = (unsigned char)(res >> 8); pmac->c[4 * i + 3] = (unsigned char)res; } -# endif +# endif len += SHA256_DIGEST_LENGTH; -# else +# else SHA256_Update(&key->md, out, inp_len); res = key->md.num; SHA256_Final(pmac->c, &key->md); @@ -680,7 +732,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, for (; inp_blocks < pad_blocks; inp_blocks++) sha1_block_data_order(&key->md, data, 1); } -# endif +# endif key->md = key->tail; SHA256_Update(&key->md, pmac->c, SHA256_DIGEST_LENGTH); SHA256_Final(pmac->c, &key->md); @@ -688,7 +740,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, /* verify HMAC */ out += inp_len; len -= inp_len; -# if 1 +# if 1 { unsigned char *p = out + len - 1 - maxpad - SHA256_DIGEST_LENGTH; @@ -711,7 +763,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1)); ret &= (int)~res; } -# else +# else for (res = 0, i = 0; i < SHA256_DIGEST_LENGTH; i++) res |= out[i] ^ pmac->c[i]; res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1)); @@ -725,7 +777,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, res = (0 - res) >> (sizeof(res) * 8 - 1); ret &= (int)~res; -# endif +# endif return ret; } else { SHA256_Update(&key->md, out, len); @@ -739,7 +791,6 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) { EVP_AES_HMAC_SHA256 *key = data(ctx); - unsigned int u_arg = (unsigned int)arg; switch (type) { case EVP_CTRL_AEAD_SET_MAC_KEY: @@ -749,10 +800,7 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, memset(hmac_key, 0, sizeof(hmac_key)); - if (arg < 0) - return -1; - - if (u_arg > sizeof(hmac_key)) { + if (arg > (int)sizeof(hmac_key)) { SHA256_Init(&key->head); SHA256_Update(&key->head, ptr, arg); SHA256_Final(hmac_key, &key->head); @@ -782,7 +830,7 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, if (arg != EVP_AEAD_TLS1_AAD_LEN) return -1; - if (EVP_CIPHER_CTX_encrypting(ctx)) { + if (ctx->encrypt) { key->payload_length = len; if ((key->aux.tls_ver = p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) { @@ -803,7 +851,7 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, return SHA256_DIGEST_LENGTH; } } -# if !defined(OPENSSL_NO_MULTIBLOCK) +# if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE: return (int)(5 + 16 + ((arg + 32 + 16) & -16)); case EVP_CTRL_TLS1_1_MULTIBLOCK_AAD: @@ -813,15 +861,12 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, unsigned int n4x = 1, x4; unsigned int frag, last, packlen, inp_len; - if (arg < 0) - return -1; - - if (u_arg < sizeof(EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM)) + if (arg < (int)sizeof(EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM)) return -1; inp_len = param->inp[11] << 8 | param->inp[12]; - if (EVP_CIPHER_CTX_encrypting(ctx)) { + if (ctx->encrypt) { if ((param->inp[9] << 8 | param->inp[10]) < TLS1_1_VERSION) return -1; @@ -869,19 +914,19 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, param->interleave / 4); } case EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT: -# endif +# endif default: return -1; } } static EVP_CIPHER aesni_128_cbc_hmac_sha256_cipher = { -# ifdef NID_aes_128_cbc_hmac_sha256 +# ifdef NID_aes_128_cbc_hmac_sha256 NID_aes_128_cbc_hmac_sha256, -# else +# else NID_undef, -# endif - AES_BLOCK_SIZE, 16, AES_BLOCK_SIZE, +# endif + 16, 16, 16, EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK, aesni_cbc_hmac_sha256_init_key, @@ -895,12 +940,12 @@ static EVP_CIPHER aesni_128_cbc_hmac_sha256_cipher = { }; static EVP_CIPHER aesni_256_cbc_hmac_sha256_cipher = { -# ifdef NID_aes_256_cbc_hmac_sha256 +# ifdef NID_aes_256_cbc_hmac_sha256 NID_aes_256_cbc_hmac_sha256, -# else +# else NID_undef, -# endif - AES_BLOCK_SIZE, 32, AES_BLOCK_SIZE, +# endif + 16, 32, 16, EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK, aesni_cbc_hmac_sha256_init_key, @@ -926,7 +971,7 @@ const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void) aesni_cbc_sha256_enc(NULL, NULL, 0, NULL, NULL, NULL, NULL) ? &aesni_256_cbc_hmac_sha256_cipher : NULL); } -#else +# else const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void) { return NULL; @@ -936,4 +981,5 @@ const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void) { return NULL; } +# endif #endif diff --git a/Cryptlib/OpenSSL/crypto/evp/e_bf.c b/Cryptlib/OpenSSL/crypto/evp/e_bf.c index dc386905..d6a01782 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_bf.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_bf.c @@ -1,17 +1,66 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/e_bf.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #ifndef OPENSSL_NO_BF # include <openssl/evp.h> -# include "internal/evp_int.h" +# include "evp_locl.h" # include <openssl/objects.h> # include <openssl/blowfish.h> diff --git a/Cryptlib/OpenSSL/crypto/evp/e_camellia.c b/Cryptlib/OpenSSL/crypto/evp/e_camellia.c index b50fa0b9..f273f9c9 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_camellia.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_camellia.c @@ -1,23 +1,66 @@ -/* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/e_camellia.c */ +/* ==================================================================== + * Copyright (c) 2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ #include <openssl/opensslconf.h> -#ifdef OPENSSL_NO_CAMELLIA -NON_EMPTY_TRANSLATION_UNIT -#else - +#ifndef OPENSSL_NO_CAMELLIA # include <openssl/evp.h> # include <openssl/err.h> # include <string.h> # include <assert.h> # include <openssl/camellia.h> -# include "internal/evp_int.h" +# include "evp_locl.h" # include "modes_lcl.h" static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, @@ -76,11 +119,10 @@ static int cmll_t4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { int ret, mode, bits; - EVP_CAMELLIA_KEY *dat = - (EVP_CAMELLIA_KEY *)EVP_CIPHER_CTX_get_cipher_data(ctx); + EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data; - mode = EVP_CIPHER_CTX_mode(ctx); - bits = EVP_CIPHER_CTX_key_length(ctx) * 8; + mode = ctx->cipher->flags & EVP_CIPH_MODE; + bits = ctx->key_len * 8; cmll_t4_set_key(key, bits, &dat->ks); @@ -206,23 +248,24 @@ const EVP_CIPHER *EVP_camellia_##keylen##_##mode(void) \ BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \ BLOCK_CIPHER_generic(nid,keylen,1,16,cfb128,cfb,CFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \ BLOCK_CIPHER_generic(nid,keylen,1,16,cfb1,cfb1,CFB,flags) \ - BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags) - + BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags) +# if 0 /* not yet, missing NID */ +BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags) +# endif /* The subkey for Camellia is generated. */ static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { int ret, mode; - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx); + EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data; - ret = Camellia_set_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, &dat->ks); + ret = Camellia_set_key(key, ctx->key_len * 8, &dat->ks); if (ret < 0) { EVPerr(EVP_F_CAMELLIA_INIT_KEY, EVP_R_CAMELLIA_KEY_SETUP_FAILED); return 0; } - mode = EVP_CIPHER_CTX_mode(ctx); + mode = ctx->cipher->flags & EVP_CIPH_MODE; if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) && !enc) { dat->block = (block128_f) Camellia_decrypt; @@ -240,18 +283,14 @@ static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, static int camellia_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx); + EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data; if (dat->stream.cbc) - (*dat->stream.cbc) (in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_encrypting(ctx)); - else if (EVP_CIPHER_CTX_encrypting(ctx)) - CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), dat->block); + (*dat->stream.cbc) (in, out, len, &dat->ks, ctx->iv, ctx->encrypt); + else if (ctx->encrypt) + CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv, dat->block); else - CRYPTO_cbc128_decrypt(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), dat->block); + CRYPTO_cbc128_decrypt(in, out, len, &dat->ks, ctx->iv, dat->block); return 1; } @@ -259,9 +298,9 @@ static int camellia_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, static int camellia_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - size_t bl = EVP_CIPHER_CTX_block_size(ctx); + size_t bl = ctx->cipher->block_size; size_t i; - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx); + EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data; if (len < bl) return 1; @@ -275,90 +314,81 @@ static int camellia_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, static int camellia_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx); + EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data; - int num = EVP_CIPHER_CTX_num(ctx); CRYPTO_ofb128_encrypt(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), &num, dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); + ctx->iv, &ctx->num, dat->block); return 1; } static int camellia_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx); + EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data; - int num = EVP_CIPHER_CTX_num(ctx); CRYPTO_cfb128_encrypt(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); + ctx->iv, &ctx->num, ctx->encrypt, dat->block); return 1; } static int camellia_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx); + EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data; - int num = EVP_CIPHER_CTX_num(ctx); CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); + ctx->iv, &ctx->num, ctx->encrypt, dat->block); return 1; } static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx); + EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data; - if (EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS)) { - int num = EVP_CIPHER_CTX_num(ctx); + if (ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) { CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); + ctx->iv, &ctx->num, ctx->encrypt, dat->block); return 1; } while (len >= MAXBITCHUNK) { - int num = EVP_CIPHER_CTX_num(ctx); CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block); + ctx->iv, &ctx->num, ctx->encrypt, dat->block); len -= MAXBITCHUNK; - EVP_CIPHER_CTX_set_num(ctx, num); } - if (len) { - int num = EVP_CIPHER_CTX_num(ctx); + if (len) CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); - } + ctx->iv, &ctx->num, ctx->encrypt, dat->block); return 1; } +# if 0 /* not yet, missing NID */ static int camellia_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - unsigned int num = EVP_CIPHER_CTX_num(ctx); - EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx); + unsigned int num = ctx->num; + EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data; if (dat->stream.ctr) CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_buf_noconst(ctx), &num, - dat->stream.ctr); + ctx->iv, ctx->buf, &num, dat->stream.ctr); else CRYPTO_ctr128_encrypt(in, out, len, &dat->ks, - EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_buf_noconst(ctx), &num, - dat->block); - EVP_CIPHER_CTX_set_num(ctx, num); + ctx->iv, ctx->buf, &num, dat->block); + ctx->num = (size_t)num; return 1; } +# endif BLOCK_CIPHER_generic_pack(NID_camellia, 128, 0) BLOCK_CIPHER_generic_pack(NID_camellia, 192, 0) BLOCK_CIPHER_generic_pack(NID_camellia, 256, 0) +#else + +# ifdef PEDANTIC +static void *dummy = &dummy; +# endif + #endif diff --git a/Cryptlib/OpenSSL/crypto/evp/e_cast.c b/Cryptlib/OpenSSL/crypto/evp/e_cast.c index 259d4405..3f745485 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_cast.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_cast.c @@ -1,19 +1,68 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/e_cast.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #ifndef OPENSSL_NO_CAST # include <openssl/evp.h> # include <openssl/objects.h> -# include "internal/evp_int.h" +# include "evp_locl.h" # include <openssl/cast.h> static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, diff --git a/Cryptlib/OpenSSL/crypto/evp/e_chacha20_poly1305.c b/Cryptlib/OpenSSL/crypto/evp/e_chacha20_poly1305.c deleted file mode 100644 index 7fd4f8df..00000000 --- a/Cryptlib/OpenSSL/crypto/evp/e_chacha20_poly1305.c +++ /dev/null @@ -1,454 +0,0 @@ -/* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <stdio.h> -#include "internal/cryptlib.h" - -#ifndef OPENSSL_NO_CHACHA - -# include <openssl/evp.h> -# include <openssl/objects.h> -# include "evp_locl.h" -# include "internal/evp_int.h" -# include "internal/chacha.h" - -typedef struct { - union { - double align; /* this ensures even sizeof(EVP_CHACHA_KEY)%8==0 */ - unsigned int d[CHACHA_KEY_SIZE / 4]; - } key; - unsigned int counter[CHACHA_CTR_SIZE / 4]; - unsigned char buf[CHACHA_BLK_SIZE]; - unsigned int partial_len; -} EVP_CHACHA_KEY; - -#define data(ctx) ((EVP_CHACHA_KEY *)(ctx)->cipher_data) - -static int chacha_init_key(EVP_CIPHER_CTX *ctx, - const unsigned char user_key[CHACHA_KEY_SIZE], - const unsigned char iv[CHACHA_CTR_SIZE], int enc) -{ - EVP_CHACHA_KEY *key = data(ctx); - unsigned int i; - - if (user_key) - for (i = 0; i < CHACHA_KEY_SIZE; i+=4) { - key->key.d[i/4] = CHACHA_U8TOU32(user_key+i); - } - - if (iv) - for (i = 0; i < CHACHA_CTR_SIZE; i+=4) { - key->counter[i/4] = CHACHA_U8TOU32(iv+i); - } - - key->partial_len = 0; - - return 1; -} - -static int chacha_cipher(EVP_CIPHER_CTX * ctx, unsigned char *out, - const unsigned char *inp, size_t len) -{ - EVP_CHACHA_KEY *key = data(ctx); - unsigned int n, rem, ctr32; - - if ((n = key->partial_len)) { - while (len && n < CHACHA_BLK_SIZE) { - *out++ = *inp++ ^ key->buf[n++]; - len--; - } - key->partial_len = n; - - if (len == 0) - return 1; - - if (n == CHACHA_BLK_SIZE) { - key->partial_len = 0; - key->counter[0]++; - if (key->counter[0] == 0) - key->counter[1]++; - } - } - - rem = (unsigned int)(len % CHACHA_BLK_SIZE); - len -= rem; - ctr32 = key->counter[0]; - while (len >= CHACHA_BLK_SIZE) { - size_t blocks = len / CHACHA_BLK_SIZE; - /* - * 1<<28 is just a not-so-small yet not-so-large number... - * Below condition is practically never met, but it has to - * be checked for code correctness. - */ - if (sizeof(size_t)>sizeof(unsigned int) && blocks>(1U<<28)) - blocks = (1U<<28); - - /* - * As ChaCha20_ctr32 operates on 32-bit counter, caller - * has to handle overflow. 'if' below detects the - * overflow, which is then handled by limiting the - * amount of blocks to the exact overflow point... - */ - ctr32 += (unsigned int)blocks; - if (ctr32 < blocks) { - blocks -= ctr32; - ctr32 = 0; - } - blocks *= CHACHA_BLK_SIZE; - ChaCha20_ctr32(out, inp, blocks, key->key.d, key->counter); - len -= blocks; - inp += blocks; - out += blocks; - - key->counter[0] = ctr32; - if (ctr32 == 0) key->counter[1]++; - } - - if (rem) { - memset(key->buf, 0, sizeof(key->buf)); - ChaCha20_ctr32(key->buf, key->buf, CHACHA_BLK_SIZE, - key->key.d, key->counter); - for (n = 0; n < rem; n++) - out[n] = inp[n] ^ key->buf[n]; - key->partial_len = rem; - } - - return 1; -} - -static const EVP_CIPHER chacha20 = { - NID_chacha20, - 1, /* block_size */ - CHACHA_KEY_SIZE, /* key_len */ - CHACHA_CTR_SIZE, /* iv_len, 128-bit counter in the context */ - EVP_CIPH_CUSTOM_IV | EVP_CIPH_ALWAYS_CALL_INIT, - chacha_init_key, - chacha_cipher, - NULL, - sizeof(EVP_CHACHA_KEY), - NULL, - NULL, - NULL, - NULL -}; - -const EVP_CIPHER *EVP_chacha20(void) -{ - return (&chacha20); -} - -# ifndef OPENSSL_NO_POLY1305 -# include "internal/poly1305.h" - -typedef struct { - EVP_CHACHA_KEY key; - unsigned int nonce[12/4]; - unsigned char tag[POLY1305_BLOCK_SIZE]; - struct { uint64_t aad, text; } len; - int aad, mac_inited, tag_len, nonce_len; - size_t tls_payload_length; -} EVP_CHACHA_AEAD_CTX; - -# define NO_TLS_PAYLOAD_LENGTH ((size_t)-1) -# define aead_data(ctx) ((EVP_CHACHA_AEAD_CTX *)(ctx)->cipher_data) -# define POLY1305_ctx(actx) ((POLY1305 *)(actx + 1)) - -static int chacha20_poly1305_init_key(EVP_CIPHER_CTX *ctx, - const unsigned char *inkey, - const unsigned char *iv, int enc) -{ - EVP_CHACHA_AEAD_CTX *actx = aead_data(ctx); - - if (!inkey && !iv) - return 1; - - actx->len.aad = 0; - actx->len.text = 0; - actx->aad = 0; - actx->mac_inited = 0; - actx->tls_payload_length = NO_TLS_PAYLOAD_LENGTH; - - if (iv != NULL) { - unsigned char temp[CHACHA_CTR_SIZE] = { 0 }; - - /* pad on the left */ - if (actx->nonce_len <= CHACHA_CTR_SIZE) - memcpy(temp + CHACHA_CTR_SIZE - actx->nonce_len, iv, actx->nonce_len); - - chacha_init_key(ctx, inkey, temp, enc); - - actx->nonce[0] = actx->key.counter[1]; - actx->nonce[1] = actx->key.counter[2]; - actx->nonce[2] = actx->key.counter[3]; - } else { - chacha_init_key(ctx, inkey, NULL, enc); - } - - return 1; -} - -static int chacha20_poly1305_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_CHACHA_AEAD_CTX *actx = aead_data(ctx); - size_t rem, plen = actx->tls_payload_length; - static const unsigned char zero[POLY1305_BLOCK_SIZE] = { 0 }; - - if (!actx->mac_inited) { - actx->key.counter[0] = 0; - memset(actx->key.buf, 0, sizeof(actx->key.buf)); - ChaCha20_ctr32(actx->key.buf, actx->key.buf, CHACHA_BLK_SIZE, - actx->key.key.d, actx->key.counter); - Poly1305_Init(POLY1305_ctx(actx), actx->key.buf); - actx->key.counter[0] = 1; - actx->key.partial_len = 0; - actx->len.aad = actx->len.text = 0; - actx->mac_inited = 1; - } - - if (in) { /* aad or text */ - if (out == NULL) { /* aad */ - Poly1305_Update(POLY1305_ctx(actx), in, len); - actx->len.aad += len; - actx->aad = 1; - return len; - } else { /* plain- or ciphertext */ - if (actx->aad) { /* wrap up aad */ - if ((rem = (size_t)actx->len.aad % POLY1305_BLOCK_SIZE)) - Poly1305_Update(POLY1305_ctx(actx), zero, - POLY1305_BLOCK_SIZE - rem); - actx->aad = 0; - } - - actx->tls_payload_length = NO_TLS_PAYLOAD_LENGTH; - if (plen == NO_TLS_PAYLOAD_LENGTH) - plen = len; - else if (len != plen + POLY1305_BLOCK_SIZE) - return -1; - - if (ctx->encrypt) { /* plaintext */ - chacha_cipher(ctx, out, in, plen); - Poly1305_Update(POLY1305_ctx(actx), out, plen); - in += plen; - out += plen; - actx->len.text += plen; - } else { /* ciphertext */ - Poly1305_Update(POLY1305_ctx(actx), in, plen); - chacha_cipher(ctx, out, in, plen); - in += plen; - out += plen; - actx->len.text += plen; - } - } - } - if (in == NULL /* explicit final */ - || plen != len) { /* or tls mode */ - const union { - long one; - char little; - } is_endian = { 1 }; - unsigned char temp[POLY1305_BLOCK_SIZE]; - - if (actx->aad) { /* wrap up aad */ - if ((rem = (size_t)actx->len.aad % POLY1305_BLOCK_SIZE)) - Poly1305_Update(POLY1305_ctx(actx), zero, - POLY1305_BLOCK_SIZE - rem); - actx->aad = 0; - } - - if ((rem = (size_t)actx->len.text % POLY1305_BLOCK_SIZE)) - Poly1305_Update(POLY1305_ctx(actx), zero, - POLY1305_BLOCK_SIZE - rem); - - if (is_endian.little) { - Poly1305_Update(POLY1305_ctx(actx), - (unsigned char *)&actx->len, POLY1305_BLOCK_SIZE); - } else { - temp[0] = (unsigned char)(actx->len.aad); - temp[1] = (unsigned char)(actx->len.aad>>8); - temp[2] = (unsigned char)(actx->len.aad>>16); - temp[3] = (unsigned char)(actx->len.aad>>24); - temp[4] = (unsigned char)(actx->len.aad>>32); - temp[5] = (unsigned char)(actx->len.aad>>40); - temp[6] = (unsigned char)(actx->len.aad>>48); - temp[7] = (unsigned char)(actx->len.aad>>56); - - temp[8] = (unsigned char)(actx->len.text); - temp[9] = (unsigned char)(actx->len.text>>8); - temp[10] = (unsigned char)(actx->len.text>>16); - temp[11] = (unsigned char)(actx->len.text>>24); - temp[12] = (unsigned char)(actx->len.text>>32); - temp[13] = (unsigned char)(actx->len.text>>40); - temp[14] = (unsigned char)(actx->len.text>>48); - temp[15] = (unsigned char)(actx->len.text>>56); - - Poly1305_Update(POLY1305_ctx(actx), temp, POLY1305_BLOCK_SIZE); - } - Poly1305_Final(POLY1305_ctx(actx), ctx->encrypt ? actx->tag - : temp); - actx->mac_inited = 0; - - if (in != NULL && len != plen) { /* tls mode */ - if (ctx->encrypt) { - memcpy(out, actx->tag, POLY1305_BLOCK_SIZE); - } else { - if (CRYPTO_memcmp(temp, in, POLY1305_BLOCK_SIZE)) { - memset(out - plen, 0, plen); - return -1; - } - } - } - else if (!ctx->encrypt) { - if (CRYPTO_memcmp(temp, actx->tag, actx->tag_len)) - return -1; - } - } - return len; -} - -static int chacha20_poly1305_cleanup(EVP_CIPHER_CTX *ctx) -{ - EVP_CHACHA_AEAD_CTX *actx = aead_data(ctx); - if (actx) - OPENSSL_cleanse(ctx->cipher_data, sizeof(*actx) + Poly1305_ctx_size()); - return 1; -} - -static int chacha20_poly1305_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, - void *ptr) -{ - EVP_CHACHA_AEAD_CTX *actx = aead_data(ctx); - - switch(type) { - case EVP_CTRL_INIT: - if (actx == NULL) - actx = ctx->cipher_data - = OPENSSL_zalloc(sizeof(*actx) + Poly1305_ctx_size()); - if (actx == NULL) { - EVPerr(EVP_F_CHACHA20_POLY1305_CTRL, EVP_R_INITIALIZATION_ERROR); - return 0; - } - actx->len.aad = 0; - actx->len.text = 0; - actx->aad = 0; - actx->mac_inited = 0; - actx->tag_len = 0; - actx->nonce_len = 12; - actx->tls_payload_length = NO_TLS_PAYLOAD_LENGTH; - return 1; - - case EVP_CTRL_COPY: - if (actx) { - EVP_CIPHER_CTX *dst = (EVP_CIPHER_CTX *)ptr; - - dst->cipher_data = - OPENSSL_memdup(actx, sizeof(*actx) + Poly1305_ctx_size()); - if (dst->cipher_data == NULL) { - EVPerr(EVP_F_CHACHA20_POLY1305_CTRL, EVP_R_COPY_ERROR); - return 0; - } - } - return 1; - - case EVP_CTRL_AEAD_SET_IVLEN: - if (arg <= 0 || arg > CHACHA_CTR_SIZE) - return 0; - actx->nonce_len = arg; - return 1; - - case EVP_CTRL_AEAD_SET_IV_FIXED: - if (arg != 12) - return 0; - actx->nonce[0] = actx->key.counter[1] - = CHACHA_U8TOU32((unsigned char *)ptr); - actx->nonce[1] = actx->key.counter[2] - = CHACHA_U8TOU32((unsigned char *)ptr+4); - actx->nonce[2] = actx->key.counter[3] - = CHACHA_U8TOU32((unsigned char *)ptr+8); - return 1; - - case EVP_CTRL_AEAD_SET_TAG: - if (arg <= 0 || arg > POLY1305_BLOCK_SIZE) - return 0; - if (ptr != NULL) { - memcpy(actx->tag, ptr, arg); - actx->tag_len = arg; - } - return 1; - - case EVP_CTRL_AEAD_GET_TAG: - if (arg <= 0 || arg > POLY1305_BLOCK_SIZE || !ctx->encrypt) - return 0; - memcpy(ptr, actx->tag, arg); - return 1; - - case EVP_CTRL_AEAD_TLS1_AAD: - if (arg != EVP_AEAD_TLS1_AAD_LEN) - return 0; - { - unsigned int len; - unsigned char *aad = ptr, temp[POLY1305_BLOCK_SIZE]; - - len = aad[EVP_AEAD_TLS1_AAD_LEN - 2] << 8 | - aad[EVP_AEAD_TLS1_AAD_LEN - 1]; - if (!ctx->encrypt) { - if (len < POLY1305_BLOCK_SIZE) - return 0; - len -= POLY1305_BLOCK_SIZE; /* discount attached tag */ - memcpy(temp, aad, EVP_AEAD_TLS1_AAD_LEN - 2); - aad = temp; - temp[EVP_AEAD_TLS1_AAD_LEN - 2] = (unsigned char)(len >> 8); - temp[EVP_AEAD_TLS1_AAD_LEN - 1] = (unsigned char)len; - } - actx->tls_payload_length = len; - - /* - * merge record sequence number as per RFC7905 - */ - actx->key.counter[1] = actx->nonce[0]; - actx->key.counter[2] = actx->nonce[1] ^ CHACHA_U8TOU32(aad); - actx->key.counter[3] = actx->nonce[2] ^ CHACHA_U8TOU32(aad+4); - actx->mac_inited = 0; - chacha20_poly1305_cipher(ctx, NULL, aad, EVP_AEAD_TLS1_AAD_LEN); - return POLY1305_BLOCK_SIZE; /* tag length */ - } - - case EVP_CTRL_AEAD_SET_MAC_KEY: - /* no-op */ - return 1; - - default: - return -1; - } -} - -static EVP_CIPHER chacha20_poly1305 = { - NID_chacha20_poly1305, - 1, /* block_size */ - CHACHA_KEY_SIZE, /* key_len */ - 12, /* iv_len, 96-bit nonce in the context */ - EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_CUSTOM_IV | - EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT | - EVP_CIPH_CUSTOM_COPY | EVP_CIPH_FLAG_CUSTOM_CIPHER, - chacha20_poly1305_init_key, - chacha20_poly1305_cipher, - chacha20_poly1305_cleanup, - 0, /* 0 moves context-specific structure allocation to ctrl */ - NULL, /* set_asn1_parameters */ - NULL, /* get_asn1_parameters */ - chacha20_poly1305_ctrl, - NULL /* app_data */ -}; - -const EVP_CIPHER *EVP_chacha20_poly1305(void) -{ - return(&chacha20_poly1305); -} -# endif -#endif diff --git a/Cryptlib/OpenSSL/crypto/evp/e_des.c b/Cryptlib/OpenSSL/crypto/evp/e_des.c index 9b2facfe..8ca65cd0 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_des.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_des.c @@ -1,18 +1,67 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/e_des.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #ifndef OPENSSL_NO_DES # include <openssl/evp.h> # include <openssl/objects.h> -# include "internal/evp_int.h" +# include "evp_locl.h" # include <openssl/des.h> # include <openssl/rand.h> @@ -57,8 +106,7 @@ static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, { BLOCK_CIPHER_ecb_loop() DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), - EVP_CIPHER_CTX_get_cipher_data(ctx), - EVP_CIPHER_CTX_encrypting(ctx)); + ctx->cipher_data, ctx->encrypt); return 1; } @@ -66,49 +114,37 @@ static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) { while (inl >= EVP_MAXCHUNK) { - int num = EVP_CIPHER_CTX_num(ctx); - DES_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), &num); - EVP_CIPHER_CTX_set_num(ctx, num); + DES_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data, + (DES_cblock *)ctx->iv, &ctx->num); inl -= EVP_MAXCHUNK; in += EVP_MAXCHUNK; out += EVP_MAXCHUNK; } - if (inl) { - int num = EVP_CIPHER_CTX_num(ctx); - DES_ofb64_encrypt(in, out, (long)inl, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), &num); - EVP_CIPHER_CTX_set_num(ctx, num); - } + if (inl) + DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data, + (DES_cblock *)ctx->iv, &ctx->num); return 1; } static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) { - EVP_DES_KEY *dat = (EVP_DES_KEY *) EVP_CIPHER_CTX_get_cipher_data(ctx); + EVP_DES_KEY *dat = (EVP_DES_KEY *) ctx->cipher_data; if (dat->stream.cbc != NULL) { - (*dat->stream.cbc) (in, out, inl, &dat->ks.ks, - EVP_CIPHER_CTX_iv_noconst(ctx)); + (*dat->stream.cbc) (in, out, inl, &dat->ks.ks, ctx->iv); return 1; } while (inl >= EVP_MAXCHUNK) { - DES_ncbc_encrypt(in, out, (long)EVP_MAXCHUNK, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_encrypting(ctx)); + DES_ncbc_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data, + (DES_cblock *)ctx->iv, ctx->encrypt); inl -= EVP_MAXCHUNK; in += EVP_MAXCHUNK; out += EVP_MAXCHUNK; } if (inl) - DES_ncbc_encrypt(in, out, (long)inl, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_encrypting(ctx)); + DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data, + (DES_cblock *)ctx->iv, ctx->encrypt); return 1; } @@ -116,24 +152,15 @@ static int des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) { while (inl >= EVP_MAXCHUNK) { - int num = EVP_CIPHER_CTX_num(ctx); - DES_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), &num, - EVP_CIPHER_CTX_encrypting(ctx)); - EVP_CIPHER_CTX_set_num(ctx, num); + DES_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data, + (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt); inl -= EVP_MAXCHUNK; in += EVP_MAXCHUNK; out += EVP_MAXCHUNK; } - if (inl) { - int num = EVP_CIPHER_CTX_num(ctx); - DES_cfb64_encrypt(in, out, (long)inl, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), &num, - EVP_CIPHER_CTX_encrypting(ctx)); - EVP_CIPHER_CTX_set_num(ctx, num); - } + if (inl) + DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data, + (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt); return 1; } @@ -153,9 +180,8 @@ static int des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, while (inl && inl >= chunk) { for (n = 0; n < chunk * 8; ++n) { c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0; - DES_cfb_encrypt(c, d, 1, 1, EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_encrypting(ctx)); + DES_cfb_encrypt(c, d, 1, 1, ctx->cipher_data, + (DES_cblock *)ctx->iv, ctx->encrypt); out[n / 8] = (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) | ((d[0] & 0x80) >> (unsigned int)(n % 8)); @@ -174,19 +200,15 @@ static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) { while (inl >= EVP_MAXCHUNK) { - DES_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_encrypting(ctx)); + DES_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK, ctx->cipher_data, + (DES_cblock *)ctx->iv, ctx->encrypt); inl -= EVP_MAXCHUNK; in += EVP_MAXCHUNK; out += EVP_MAXCHUNK; } if (inl) - DES_cfb_encrypt(in, out, 8, (long)inl, - EVP_CIPHER_CTX_get_cipher_data(ctx), - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_encrypting(ctx)); + DES_cfb_encrypt(in, out, 8, (long)inl, ctx->cipher_data, + (DES_cblock *)ctx->iv, ctx->encrypt); return 1; } @@ -206,12 +228,12 @@ static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { DES_cblock *deskey = (DES_cblock *)key; - EVP_DES_KEY *dat = (EVP_DES_KEY *) EVP_CIPHER_CTX_get_cipher_data(ctx); + EVP_DES_KEY *dat = (EVP_DES_KEY *) ctx->cipher_data; dat->stream.cbc = NULL; # if defined(SPARC_DES_CAPABLE) if (SPARC_DES_CAPABLE) { - int mode = EVP_CIPHER_CTX_mode(ctx); + int mode = ctx->cipher->flags & EVP_CIPH_MODE; if (mode == EVP_CIPH_CBC_MODE) { des_t4_key_expand(key, &dat->ks.ks); @@ -220,7 +242,12 @@ static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, } } # endif - DES_set_key_unchecked(deskey, EVP_CIPHER_CTX_get_cipher_data(ctx)); +# ifdef EVP_CHECK_DES_KEY + if (DES_set_key_checked(deskey, dat->ks.ks) != 0) + return 0; +# else + DES_set_key_unchecked(deskey, ctx->cipher_data); +# endif return 1; } diff --git a/Cryptlib/OpenSSL/crypto/evp/e_des3.c b/Cryptlib/OpenSSL/crypto/evp/e_des3.c index da77936c..0e910d6d 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_des3.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_des3.c @@ -1,21 +1,73 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/e_des3.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #ifndef OPENSSL_NO_DES # include <openssl/evp.h> # include <openssl/objects.h> -# include "internal/evp_int.h" +# include "evp_locl.h" # include <openssl/des.h> # include <openssl/rand.h> -# include "evp_locl.h" + +/* Block use of implementations in FIPS mode */ +# undef EVP_CIPH_FLAG_FIPS +# define EVP_CIPH_FLAG_FIPS 0 typedef struct { union { @@ -55,7 +107,7 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); -# define data(ctx) EVP_C_DATA(DES_EDE_KEY,ctx) +# define data(ctx) ((DES_EDE_KEY *)(ctx)->cipher_data) /* * Because of various casts and different args can't use @@ -69,7 +121,7 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, DES_ecb3_encrypt((const_DES_cblock *)(in + i), (DES_cblock *)(out + i), &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, EVP_CIPHER_CTX_encrypting(ctx)); + &data(ctx)->ks3, ctx->encrypt); return 1; } @@ -77,26 +129,20 @@ static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) { while (inl >= EVP_MAXCHUNK) { - int num = EVP_CIPHER_CTX_num(ctx); DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - &num); - EVP_CIPHER_CTX_set_num(ctx, num); + &data(ctx)->ks3, (DES_cblock *)ctx->iv, + &ctx->num); inl -= EVP_MAXCHUNK; in += EVP_MAXCHUNK; out += EVP_MAXCHUNK; } - if (inl) { - int num = EVP_CIPHER_CTX_num(ctx); + if (inl) DES_ede3_ofb64_encrypt(in, out, (long)inl, &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - &num); - EVP_CIPHER_CTX_set_num(ctx, num); - } + &data(ctx)->ks3, (DES_cblock *)ctx->iv, + &ctx->num); + return 1; } @@ -105,17 +151,26 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, { DES_EDE_KEY *dat = data(ctx); - if (dat->stream.cbc != NULL) { - (*dat->stream.cbc) (in, out, inl, dat->ks.ks, - EVP_CIPHER_CTX_iv_noconst(ctx)); +# ifdef KSSL_DEBUG + { + int i; + fprintf(stderr, "des_ede_cbc_cipher(ctx=%p, buflen=%d)\n", ctx, + ctx->buf_len); + fprintf(stderr, "\t iv= "); + for (i = 0; i < 8; i++) + fprintf(stderr, "%02X", ctx->iv[i]); + fprintf(stderr, "\n"); + } +# endif /* KSSL_DEBUG */ + if (dat->stream.cbc) { + (*dat->stream.cbc) (in, out, inl, dat->ks.ks, ctx->iv); return 1; } while (inl >= EVP_MAXCHUNK) { DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &dat->ks1, &dat->ks2, &dat->ks3, - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_encrypting(ctx)); + (DES_cblock *)ctx->iv, ctx->encrypt); inl -= EVP_MAXCHUNK; in += EVP_MAXCHUNK; out += EVP_MAXCHUNK; @@ -123,8 +178,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, if (inl) DES_ede3_cbc_encrypt(in, out, (long)inl, &dat->ks1, &dat->ks2, &dat->ks3, - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_encrypting(ctx)); + (DES_cblock *)ctx->iv, ctx->encrypt); return 1; } @@ -132,26 +186,19 @@ static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) { while (inl >= EVP_MAXCHUNK) { - int num = EVP_CIPHER_CTX_num(ctx); DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - &num, EVP_CIPHER_CTX_encrypting(ctx)); - EVP_CIPHER_CTX_set_num(ctx, num); + &data(ctx)->ks3, (DES_cblock *)ctx->iv, + &ctx->num, ctx->encrypt); inl -= EVP_MAXCHUNK; in += EVP_MAXCHUNK; out += EVP_MAXCHUNK; } - if (inl) { - int num = EVP_CIPHER_CTX_num(ctx); + if (inl) DES_ede3_cfb64_encrypt(in, out, (long)inl, &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - &num, EVP_CIPHER_CTX_encrypting(ctx)); - EVP_CIPHER_CTX_set_num(ctx, num); - } + &data(ctx)->ks3, (DES_cblock *)ctx->iv, + &ctx->num, ctx->encrypt); return 1; } @@ -165,15 +212,12 @@ static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, size_t n; unsigned char c[1], d[1]; - if (!EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS)) - inl *= 8; for (n = 0; n < inl; ++n) { c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0; DES_ede3_cfb_encrypt(c, d, 1, 1, &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_encrypting(ctx)); + &data(ctx)->ks3, (DES_cblock *)ctx->iv, + ctx->encrypt); out[n / 8] = (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) | ((d[0] & 0x80) >> (unsigned int)(n % 8)); } @@ -187,9 +231,8 @@ static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, while (inl >= EVP_MAXCHUNK) { DES_ede3_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK, &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_encrypting(ctx)); + &data(ctx)->ks3, (DES_cblock *)ctx->iv, + ctx->encrypt); inl -= EVP_MAXCHUNK; in += EVP_MAXCHUNK; out += EVP_MAXCHUNK; @@ -197,9 +240,8 @@ static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, if (inl) DES_ede3_cfb_encrypt(in, out, 8, (long)inl, &data(ctx)->ks1, &data(ctx)->ks2, - &data(ctx)->ks3, - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_encrypting(ctx)); + &data(ctx)->ks3, (DES_cblock *)ctx->iv, + ctx->encrypt); return 1; } @@ -211,16 +253,19 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, # define des_ede3_cbc_cipher des_ede_cbc_cipher # define des_ede3_ecb_cipher des_ede_ecb_cipher BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, - EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, - des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) + EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS | + EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL, NULL, + des3_ctrl) BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1, - EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, - des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) + EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS | + EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL, + NULL, des3_ctrl) BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8, - EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, - des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) + EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS | + EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL, + NULL, des3_ctrl) static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) @@ -231,7 +276,7 @@ static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, dat->stream.cbc = NULL; # if defined(SPARC_DES_CAPABLE) if (SPARC_DES_CAPABLE) { - int mode = EVP_CIPHER_CTX_mode(ctx); + int mode = ctx->cipher->flags & EVP_CIPH_MODE; if (mode == EVP_CIPH_CBC_MODE) { des_t4_key_expand(&deskey[0], &dat->ks1); @@ -243,8 +288,14 @@ static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, } } # endif +# ifdef EVP_CHECK_DES_KEY + if (DES_set_key_checked(&deskey[0], &dat->ks1) + || DES_set_key_checked(&deskey[1], &dat->ks2)) + return 0; +# else DES_set_key_unchecked(&deskey[0], &dat->ks1); DES_set_key_unchecked(&deskey[1], &dat->ks2); +# endif memcpy(&dat->ks3, &dat->ks1, sizeof(dat->ks1)); return 1; } @@ -255,10 +306,27 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, DES_cblock *deskey = (DES_cblock *)key; DES_EDE_KEY *dat = data(ctx); +# ifdef KSSL_DEBUG + { + int i; + fprintf(stderr, "des_ede3_init_key(ctx=%p)\n", ctx); + fprintf(stderr, "\tKEY= "); + for (i = 0; i < 24; i++) + fprintf(stderr, "%02X", key[i]); + fprintf(stderr, "\n"); + if (iv) { + fprintf(stderr, "\t IV= "); + for (i = 0; i < 8; i++) + fprintf(stderr, "%02X", iv[i]); + fprintf(stderr, "\n"); + } + } +# endif /* KSSL_DEBUG */ + dat->stream.cbc = NULL; # if defined(SPARC_DES_CAPABLE) if (SPARC_DES_CAPABLE) { - int mode = EVP_CIPHER_CTX_mode(ctx); + int mode = ctx->cipher->flags & EVP_CIPH_MODE; if (mode == EVP_CIPH_CBC_MODE) { des_t4_key_expand(&deskey[0], &dat->ks1); @@ -270,25 +338,32 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, } } # endif +# ifdef EVP_CHECK_DES_KEY + if (DES_set_key_checked(&deskey[0], &dat->ks1) + || DES_set_key_checked(&deskey[1], &dat->ks2) + || DES_set_key_checked(&deskey[2], &dat->ks3)) + return 0; +# else DES_set_key_unchecked(&deskey[0], &dat->ks1); DES_set_key_unchecked(&deskey[1], &dat->ks2); DES_set_key_unchecked(&deskey[2], &dat->ks3); +# endif return 1; } -static int des3_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) +static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) { DES_cblock *deskey = ptr; switch (type) { case EVP_CTRL_RAND_KEY: - if (RAND_bytes(ptr, EVP_CIPHER_CTX_key_length(ctx)) <= 0) + if (RAND_bytes(ptr, c->key_len) <= 0) return 0; DES_set_odd_parity(deskey); - if (EVP_CIPHER_CTX_key_length(ctx) >= 16) + if (c->key_len >= 16) DES_set_odd_parity(deskey + 1); - if (EVP_CIPHER_CTX_key_length(ctx) >= 24) + if (c->key_len >= 24) DES_set_odd_parity(deskey + 2); return 1; @@ -307,8 +382,9 @@ const EVP_CIPHER *EVP_des_ede3(void) return &des_ede3_ecb; } +# ifndef OPENSSL_NO_SHA -# include <openssl/sha.h> +# include <openssl/sha.h> static const unsigned char wrap_iv[8] = { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 }; @@ -322,7 +398,7 @@ static int des_ede3_unwrap(EVP_CIPHER_CTX *ctx, unsigned char *out, return -1; if (out == NULL) return inl - 16; - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), wrap_iv, 8); + memcpy(ctx->iv, wrap_iv, 8); /* Decrypt first block which will end up as icv */ des_ede_cbc_cipher(ctx, icv, in, 8); /* Decrypt central blocks */ @@ -340,7 +416,7 @@ static int des_ede3_unwrap(EVP_CIPHER_CTX *ctx, unsigned char *out, /* Reverse order of everything */ BUF_reverse(icv, NULL, 8); BUF_reverse(out, NULL, inl - 16); - BUF_reverse(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 8); + BUF_reverse(ctx->iv, iv, 8); /* Decrypt again using new IV */ des_ede_cbc_cipher(ctx, out, out, inl - 16); des_ede_cbc_cipher(ctx, icv, icv, 8); @@ -352,7 +428,7 @@ static int des_ede3_unwrap(EVP_CIPHER_CTX *ctx, unsigned char *out, OPENSSL_cleanse(icv, 8); OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH); OPENSSL_cleanse(iv, 8); - OPENSSL_cleanse(EVP_CIPHER_CTX_iv_noconst(ctx), 8); + OPENSSL_cleanse(ctx->iv, 8); if (rv == -1) OPENSSL_cleanse(out, inl - 16); @@ -372,13 +448,13 @@ static int des_ede3_wrap(EVP_CIPHER_CTX *ctx, unsigned char *out, memcpy(out + inl + 8, sha1tmp, 8); OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH); /* Generate random IV */ - if (RAND_bytes(EVP_CIPHER_CTX_iv_noconst(ctx), 8) <= 0) + if (RAND_bytes(ctx->iv, 8) <= 0) return -1; - memcpy(out, EVP_CIPHER_CTX_iv_noconst(ctx), 8); + memcpy(out, ctx->iv, 8); /* Encrypt everything after IV in place */ des_ede_cbc_cipher(ctx, out + 8, out + 8, inl + 8); BUF_reverse(out, NULL, inl + 16); - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), wrap_iv, 8); + memcpy(ctx->iv, wrap_iv, 8); des_ede_cbc_cipher(ctx, out, out, inl + 16); return inl + 16; } @@ -393,13 +469,7 @@ static int des_ede3_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, */ if (inl >= EVP_MAXCHUNK || inl % 8) return -1; - - if (is_partially_overlapping(out, in, inl)) { - EVPerr(EVP_F_DES_EDE3_WRAP_CIPHER, EVP_R_PARTIALLY_OVERLAPPING); - return 0; - } - - if (EVP_CIPHER_CTX_encrypting(ctx)) + if (ctx->encrypt) return des_ede3_wrap(ctx, out, in, inl); else return des_ede3_unwrap(ctx, out, in, inl); @@ -421,4 +491,5 @@ const EVP_CIPHER *EVP_des_ede3_wrap(void) return &des3_wrap; } +# endif #endif diff --git a/Cryptlib/OpenSSL/crypto/evp/e_idea.c b/Cryptlib/OpenSSL/crypto/evp/e_idea.c index 93f6a413..cac72b33 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_idea.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_idea.c @@ -1,32 +1,75 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/e_idea.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #ifndef OPENSSL_NO_IDEA # include <openssl/evp.h> # include <openssl/objects.h> -# include "internal/evp_int.h" +# include "evp_locl.h" # include <openssl/idea.h> -/* Can't use IMPLEMENT_BLOCK_CIPHER because IDEA_ecb_encrypt is different */ - -typedef struct { - IDEA_KEY_SCHEDULE ks; -} EVP_IDEA_KEY; - static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc); /* - * NB IDEA_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a + * NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a * special case */ @@ -34,15 +77,21 @@ static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) { BLOCK_CIPHER_ecb_loop() - IDEA_ecb_encrypt(in + i, out + i, &EVP_C_DATA(EVP_IDEA_KEY,ctx)->ks); + idea_ecb_encrypt(in + i, out + i, ctx->cipher_data); return 1; } -BLOCK_CIPHER_func_cbc(idea, IDEA, EVP_IDEA_KEY, ks) -BLOCK_CIPHER_func_ofb(idea, IDEA, 64, EVP_IDEA_KEY, ks) -BLOCK_CIPHER_func_cfb(idea, IDEA, 64, EVP_IDEA_KEY, ks) +/* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */ + +typedef struct { + IDEA_KEY_SCHEDULE ks; +} EVP_IDEA_KEY; + +BLOCK_CIPHER_func_cbc(idea, idea, EVP_IDEA_KEY, ks) + BLOCK_CIPHER_func_ofb(idea, idea, 64, EVP_IDEA_KEY, ks) + BLOCK_CIPHER_func_cfb(idea, idea, 64, EVP_IDEA_KEY, ks) -BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64, + BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64, 0, idea_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) @@ -56,12 +105,12 @@ static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, enc = 1; } if (enc) - IDEA_set_encrypt_key(key, &EVP_C_DATA(EVP_IDEA_KEY,ctx)->ks); + idea_set_encrypt_key(key, ctx->cipher_data); else { IDEA_KEY_SCHEDULE tmp; - IDEA_set_encrypt_key(key, &tmp); - IDEA_set_decrypt_key(&tmp, &EVP_C_DATA(EVP_IDEA_KEY,ctx)->ks); + idea_set_encrypt_key(key, &tmp); + idea_set_decrypt_key(&tmp, ctx->cipher_data); OPENSSL_cleanse((unsigned char *)&tmp, sizeof(IDEA_KEY_SCHEDULE)); } return 1; diff --git a/Cryptlib/OpenSSL/crypto/evp/e_null.c b/Cryptlib/OpenSSL/crypto/evp/e_null.c index 0dfc48ab..599fcb80 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_null.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_null.c @@ -1,17 +1,65 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/e_null.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/evp.h> #include <openssl/objects.h> -#include "internal/evp_int.h" static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc); @@ -19,7 +67,8 @@ static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl); static const EVP_CIPHER n_cipher = { NID_undef, - 1, 0, 0, 0, + 1, 0, 0, + 0, null_init_key, null_cipher, NULL, @@ -38,6 +87,7 @@ const EVP_CIPHER *EVP_enc_null(void) static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { + /* memset(&(ctx->c),0,sizeof(ctx->c)); */ return 1; } @@ -45,6 +95,6 @@ static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) { if (in != out) - memcpy(out, in, inl); + memcpy((char *)out, (const char *)in, inl); return 1; } diff --git a/Cryptlib/OpenSSL/crypto/evp/e_old.c b/Cryptlib/OpenSSL/crypto/evp/e_old.c index 927908f8..a23d143b 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_old.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_old.c @@ -1,15 +1,64 @@ +/* crypto/evp/e_old.c */ /* - * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved. + * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project + * 2004. + */ +/* ==================================================================== + * Copyright (c) 2004 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ -#include <openssl/opensslconf.h> -#if OPENSSL_API_COMPAT >= 0x00908000L -NON_EMPTY_TRANSLATION_UNIT +#ifdef OPENSSL_NO_DEPRECATED +static void *dummy = &dummy; #else # include <openssl/evp.h> @@ -89,25 +138,27 @@ const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void) } # endif -# undef EVP_aes_128_cfb +# ifndef OPENSSL_NO_AES +# undef EVP_aes_128_cfb const EVP_CIPHER *EVP_aes_128_cfb(void); const EVP_CIPHER *EVP_aes_128_cfb(void) { return EVP_aes_128_cfb128(); } -# undef EVP_aes_192_cfb +# undef EVP_aes_192_cfb const EVP_CIPHER *EVP_aes_192_cfb(void); const EVP_CIPHER *EVP_aes_192_cfb(void) { return EVP_aes_192_cfb128(); } -# undef EVP_aes_256_cfb +# undef EVP_aes_256_cfb const EVP_CIPHER *EVP_aes_256_cfb(void); const EVP_CIPHER *EVP_aes_256_cfb(void) { return EVP_aes_256_cfb128(); } +# endif #endif diff --git a/Cryptlib/OpenSSL/crypto/evp/e_rc2.c b/Cryptlib/OpenSSL/crypto/evp/e_rc2.c index ed10bb33..718cc869 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_rc2.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_rc2.c @@ -1,20 +1,69 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/e_rc2.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #ifndef OPENSSL_NO_RC2 # include <openssl/evp.h> # include <openssl/objects.h> -# include "internal/evp_int.h" +# include "evp_locl.h" # include <openssl/rc2.h> static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, @@ -30,7 +79,7 @@ typedef struct { RC2_KEY ks; /* key schedule */ } EVP_RC2_KEY; -# define data(ctx) EVP_C_DATA(EVP_RC2_KEY,ctx) +# define data(ctx) ((EVP_RC2_KEY *)(ctx)->cipher_data) IMPLEMENT_BLOCK_CIPHER(rc2, ks, RC2, EVP_RC2_KEY, NID_rc2, 8, @@ -130,17 +179,16 @@ static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) OPENSSL_assert(l <= sizeof(iv)); i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l); if (i != (int)l) - return -1; + return (-1); key_bits = rc2_magic_to_meth((int)num); if (!key_bits) - return -1; + return (-1); if (i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1)) return -1; EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL); - if (EVP_CIPHER_CTX_set_key_length(c, key_bits / 8) <= 0) - return -1; + EVP_CIPHER_CTX_set_key_length(c, key_bits / 8); } - return i; + return (i); } static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) @@ -151,9 +199,7 @@ static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) if (type != NULL) { num = rc2_meth_to_magic(c); j = EVP_CIPHER_CTX_iv_length(c); - i = ASN1_TYPE_set_int_octetstring(type, num, - (unsigned char *)EVP_CIPHER_CTX_original_iv(c), - j); + i = ASN1_TYPE_set_int_octetstring(type, num, c->oiv, j); } return (i); } diff --git a/Cryptlib/OpenSSL/crypto/evp/e_rc4.c b/Cryptlib/OpenSSL/crypto/evp/e_rc4.c index ea95deab..08e48f39 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_rc4.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_rc4.c @@ -1,28 +1,79 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/e_rc4.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #ifndef OPENSSL_NO_RC4 # include <openssl/evp.h> +# include "evp_locl.h" # include <openssl/objects.h> # include <openssl/rc4.h> -# include "internal/evp_int.h" +/* FIXME: surely this is available elsewhere? */ +# define EVP_RC4_KEY_SIZE 16 typedef struct { RC4_KEY ks; /* working key */ } EVP_RC4_KEY; -# define data(ctx) ((EVP_RC4_KEY *)EVP_CIPHER_CTX_get_cipher_data(ctx)) +# define data(ctx) ((EVP_RC4_KEY *)(ctx)->cipher_data) static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc); diff --git a/Cryptlib/OpenSSL/crypto/evp/e_rc4_hmac_md5.c b/Cryptlib/OpenSSL/crypto/evp/e_rc4_hmac_md5.c index 8ab18c14..93cfe3f1 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_rc4_hmac_md5.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_rc4_hmac_md5.c @@ -1,10 +1,50 @@ -/* - * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved. +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== */ #include <openssl/opensslconf.h> @@ -19,7 +59,15 @@ # include <openssl/objects.h> # include <openssl/rc4.h> # include <openssl/md5.h> -# include "internal/evp_int.h" + +# ifndef EVP_CIPH_FLAG_AEAD_CIPHER +# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000 +# define EVP_CTRL_AEAD_TLS1_AAD 0x16 +# define EVP_CTRL_AEAD_SET_MAC_KEY 0x17 +# endif + +/* FIXME: surely this is available elsewhere? */ +# define EVP_RC4_KEY_SIZE 16 typedef struct { RC4_KEY ks; @@ -32,7 +80,7 @@ typedef struct { void rc4_md5_enc(RC4_KEY *key, const void *in0, void *out, MD5_CTX *ctx, const void *inp, size_t blocks); -# define data(ctx) ((EVP_RC4_HMAC_MD5 *)EVP_CIPHER_CTX_get_cipher_data(ctx)) +# define data(ctx) ((EVP_RC4_HMAC_MD5 *)(ctx)->cipher_data) static int rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *inkey, @@ -53,7 +101,9 @@ static int rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx, # if defined(RC4_ASM) && defined(MD5_ASM) && ( \ defined(__x86_64) || defined(__x86_64__) || \ - defined(_M_AMD64) || defined(_M_X64) ) + defined(_M_AMD64) || defined(_M_X64) || \ + defined(__INTEL__) ) && \ + !(defined(__APPLE__) && defined(__MACH__)) # define STITCHED_CALL # endif @@ -78,7 +128,7 @@ static int rc4_hmac_md5_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, if (plen != NO_PAYLOAD_LENGTH && len != (plen + MD5_DIGEST_LENGTH)) return 0; - if (EVP_CIPHER_CTX_encrypting(ctx)) { + if (ctx->encrypt) { if (plen == NO_PAYLOAD_LENGTH) plen = len; # if defined(STITCHED_CALL) @@ -218,7 +268,7 @@ static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, len = p[arg - 2] << 8 | p[arg - 1]; - if (!EVP_CIPHER_CTX_encrypting(ctx)) { + if (!ctx->encrypt) { if (len < MD5_DIGEST_LENGTH) return -1; len -= MD5_DIGEST_LENGTH; diff --git a/Cryptlib/OpenSSL/crypto/evp/e_rc5.c b/Cryptlib/OpenSSL/crypto/evp/e_rc5.c index f69ba5b2..f17e99d0 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_rc5.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_rc5.c @@ -1,19 +1,67 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/e_rc5.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #ifndef OPENSSL_NO_RC5 # include <openssl/evp.h> -# include <internal/evp_int.h> # include <openssl/objects.h> # include "evp_locl.h" # include <openssl/rc5.h> @@ -54,7 +102,7 @@ static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) return 1; default: - EVPerr(EVP_F_RC5_CTRL, EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS); + EVPerr(EVP_F_RC5_CTRL, EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS); return 0; } diff --git a/Cryptlib/OpenSSL/crypto/evp/e_seed.c b/Cryptlib/OpenSSL/crypto/evp/e_seed.c index 40aec5fc..3d01eaca 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_seed.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_seed.c @@ -1,22 +1,66 @@ -/* - * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/e_seed.c */ +/* ==================================================================== + * Copyright (c) 2007 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ #include <openssl/opensslconf.h> -#ifdef OPENSSL_NO_SEED -NON_EMPTY_TRANSLATION_UNIT -#else +#ifndef OPENSSL_NO_SEED # include <openssl/evp.h> # include <openssl/err.h> # include <string.h> # include <assert.h> # include <openssl/seed.h> -# include "internal/evp_int.h" +# include "evp_locl.h" static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc); @@ -32,7 +76,7 @@ IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed, static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - SEED_set_key(key, &EVP_C_DATA(EVP_SEED_KEY,ctx)->ks); + SEED_set_key(key, ctx->cipher_data); return 1; } diff --git a/Cryptlib/OpenSSL/crypto/evp/e_xcbc_d.c b/Cryptlib/OpenSSL/crypto/evp/e_xcbc_d.c index effaf5cc..3430df9e 100644 --- a/Cryptlib/OpenSSL/crypto/evp/e_xcbc_d.c +++ b/Cryptlib/OpenSSL/crypto/evp/e_xcbc_d.c @@ -1,20 +1,69 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/e_xcbc_d.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #ifndef OPENSSL_NO_DES # include <openssl/evp.h> # include <openssl/objects.h> -# include "internal/evp_int.h" +# include "evp_locl.h" # include <openssl/des.h> static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, @@ -28,7 +77,7 @@ typedef struct { DES_cblock outw; } DESX_CBC_KEY; -# define data(ctx) EVP_C_DATA(DESX_CBC_KEY,ctx) +# define data(ctx) ((DESX_CBC_KEY *)(ctx)->cipher_data) static const EVP_CIPHER d_xcbc_cipher = { NID_desx_cbc, @@ -66,18 +115,16 @@ static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, { while (inl >= EVP_MAXCHUNK) { DES_xcbc_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks, - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - &data(ctx)->inw, &data(ctx)->outw, - EVP_CIPHER_CTX_encrypting(ctx)); + (DES_cblock *)&(ctx->iv[0]), + &data(ctx)->inw, &data(ctx)->outw, ctx->encrypt); inl -= EVP_MAXCHUNK; in += EVP_MAXCHUNK; out += EVP_MAXCHUNK; } if (inl) DES_xcbc_encrypt(in, out, (long)inl, &data(ctx)->ks, - (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), - &data(ctx)->inw, &data(ctx)->outw, - EVP_CIPHER_CTX_encrypting(ctx)); + (DES_cblock *)&(ctx->iv[0]), + &data(ctx)->inw, &data(ctx)->outw, ctx->encrypt); return 1; } #endif diff --git a/Cryptlib/OpenSSL/crypto/evp/encode.c b/Cryptlib/OpenSSL/crypto/evp/encode.c index abb10443..c6c775e0 100644 --- a/Cryptlib/OpenSSL/crypto/evp/encode.c +++ b/Cryptlib/OpenSSL/crypto/evp/encode.c @@ -1,17 +1,65 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/encode.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> #include <limits.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/evp.h> -#include "evp_locl.h" static unsigned char conv_ascii2bin(unsigned char a); #ifndef CHARSET_EBCDIC @@ -55,7 +103,7 @@ abcdefghijklmnopqrstuvwxyz0123456789+/"; #define B64_WS 0xE0 #define B64_ERROR 0xFF #define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3) -#define B64_BASE64(a) (!B64_NOT_BASE64(a)) +#define B64_BASE64(a) !B64_NOT_BASE64(a) static const unsigned char data_ascii2bin[128] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, @@ -93,28 +141,6 @@ static unsigned char conv_ascii2bin(unsigned char a) } #endif -EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void) -{ - return OPENSSL_zalloc(sizeof(EVP_ENCODE_CTX)); -} - -void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx) -{ - OPENSSL_free(ctx); -} - -int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, EVP_ENCODE_CTX *sctx) -{ - memcpy(dctx, sctx, sizeof(EVP_ENCODE_CTX)); - - return 1; -} - -int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx) -{ - return ctx->num; -} - void EVP_EncodeInit(EVP_ENCODE_CTX *ctx) { ctx->length = 48; @@ -122,7 +148,7 @@ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx) ctx->line_num = 0; } -int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, +void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) { int i, j; @@ -130,12 +156,12 @@ int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, *outl = 0; if (inl <= 0) - return 0; + return; OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data)); if (ctx->length - ctx->num > inl) { memcpy(&(ctx->enc_data[ctx->num]), in, inl); ctx->num += inl; - return 1; + return; } if (ctx->num != 0) { i = ctx->length - ctx->num; @@ -161,14 +187,12 @@ int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, if (total > INT_MAX) { /* Too much output data! */ *outl = 0; - return 0; + return; } if (inl != 0) memcpy(&(ctx->enc_data[0]), in, inl); ctx->num = inl; *outl = total; - - return 1; } void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl) @@ -402,3 +426,35 @@ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl) } else return (1); } + +#ifdef undef +int EVP_DecodeValid(unsigned char *buf, int len) +{ + int i, num = 0, bad = 0; + + if (len == 0) + return (-1); + while (conv_ascii2bin(*buf) == B64_WS) { + buf++; + len--; + if (len == 0) + return (-1); + } + + for (i = len; i >= 4; i -= 4) { + if ((conv_ascii2bin(buf[0]) >= 0x40) || + (conv_ascii2bin(buf[1]) >= 0x40) || + (conv_ascii2bin(buf[2]) >= 0x40) || + (conv_ascii2bin(buf[3]) >= 0x40)) + return (-1); + buf += 4; + num += 1 + (buf[2] != '=') + (buf[3] != '='); + } + if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN)) + return (num); + if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) && + (conv_ascii2bin(buf[0]) == B64_EOLN)) + return (num); + return (1); +} +#endif diff --git a/Cryptlib/OpenSSL/crypto/evp/evp_acnf.c b/Cryptlib/OpenSSL/crypto/evp/evp_acnf.c new file mode 100644 index 00000000..9703116e --- /dev/null +++ b/Cryptlib/OpenSSL/crypto/evp/evp_acnf.c @@ -0,0 +1,73 @@ +/* evp_acnf.c */ +/* + * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project + * 2001. + */ +/* ==================================================================== + * Copyright (c) 2001 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include "cryptlib.h" +#include <openssl/evp.h> +#include <openssl/conf.h> + +/* + * Load all algorithms and configure OpenSSL. This function is called + * automatically when OPENSSL_LOAD_CONF is set. + */ + +void OPENSSL_add_all_algorithms_conf(void) +{ + OPENSSL_add_all_algorithms_noconf(); + OPENSSL_config(NULL); +} diff --git a/Cryptlib/OpenSSL/crypto/evp/evp_cnf.c b/Cryptlib/OpenSSL/crypto/evp/evp_cnf.c index 71d13b8d..6fd3a6da 100644 --- a/Cryptlib/OpenSSL/crypto/evp/evp_cnf.c +++ b/Cryptlib/OpenSSL/crypto/evp/evp_cnf.c @@ -1,19 +1,73 @@ +/* evp_cnf.c */ /* - * Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved. + * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project + * 2007. + */ +/* ==================================================================== + * Copyright (c) 2007 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <ctype.h> #include <openssl/crypto.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/conf.h> +#include <openssl/dso.h> #include <openssl/x509.h> #include <openssl/x509v3.h> +#ifdef OPENSSL_FIPS +# include <openssl/fips.h> +#endif /* Algorithm configuration module. */ @@ -23,15 +77,14 @@ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf) const char *oid_section; STACK_OF(CONF_VALUE) *sktmp; CONF_VALUE *oval; - oid_section = CONF_imodule_get_value(md); - if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) { + if (!(sktmp = NCONF_get_section(cnf, oid_section))) { EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION); return 0; } for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { oval = sk_CONF_VALUE_value(sktmp, i); - if (strcmp(oval->name, "fips_mode") == 0) { + if (!strcmp(oval->name, "fips_mode")) { int m; if (!X509V3_get_value_bool(oval, &m)) { EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE); diff --git a/Cryptlib/OpenSSL/crypto/evp/evp_enc.c b/Cryptlib/OpenSSL/crypto/evp/evp_enc.c index f829e8dc..0e40f09f 100644 --- a/Cryptlib/OpenSSL/crypto/evp/evp_enc.c +++ b/Cryptlib/OpenSSL/crypto/evp/evp_enc.c @@ -1,56 +1,101 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/evp_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include <assert.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/evp.h> #include <openssl/err.h> #include <openssl/rand.h> -#include <openssl/engine.h> -#include "internal/evp_int.h" +#ifndef OPENSSL_NO_ENGINE +# include <openssl/engine.h> +#endif +#ifdef OPENSSL_FIPS +# include <openssl/fips.h> +#endif #include "evp_locl.h" -int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *c) -{ - if (c == NULL) - return 1; - if (c->cipher != NULL) { - if (c->cipher->cleanup && !c->cipher->cleanup(c)) - return 0; - /* Cleanse cipher context data */ - if (c->cipher_data && c->cipher->ctx_size) - OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); - } - OPENSSL_free(c->cipher_data); -#ifndef OPENSSL_NO_ENGINE - ENGINE_finish(c->engine); +#ifdef OPENSSL_FIPS +# define M_do_cipher(ctx, out, in, inl) FIPS_cipher(ctx, out, in, inl) +#else +# define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl) #endif - memset(c, 0, sizeof(*c)); - return 1; -} -EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) +const char EVP_version[] = "EVP" OPENSSL_VERSION_PTEXT; + +void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) { - return OPENSSL_zalloc(sizeof(EVP_CIPHER_CTX)); + memset(ctx, 0, sizeof(EVP_CIPHER_CTX)); + /* ctx->cipher=NULL; */ } -void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) +EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) { - EVP_CIPHER_CTX_reset(ctx); - OPENSSL_free(ctx); + EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof *ctx); + if (ctx) + EVP_CIPHER_CTX_init(ctx); + return ctx; } int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, const unsigned char *key, const unsigned char *iv, int enc) { - EVP_CIPHER_CTX_reset(ctx); + if (cipher) + EVP_CIPHER_CTX_init(ctx); return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc); } @@ -70,10 +115,12 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so * this context may already have an ENGINE! Try to avoid releasing the * previous handle, re-querying for an ENGINE, and having a - * reinitialisation, when it may all be unnecessary. + * reinitialisation, when it may all be unecessary. */ - if (ctx->engine && ctx->cipher - && (cipher == NULL || cipher->nid == ctx->cipher->nid)) + if (ctx->engine && ctx->cipher && (!cipher || + (cipher + && (cipher->nid == + ctx->cipher->nid)))) goto skip_to_init; #endif if (cipher) { @@ -84,7 +131,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, */ if (ctx->cipher) { unsigned long flags = ctx->flags; - EVP_CIPHER_CTX_reset(ctx); + EVP_CIPHER_CTX_cleanup(ctx); /* Restore encrypt and flags */ ctx->encrypt = enc; ctx->flags = flags; @@ -105,7 +152,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, /* * One positive side-effect of US's export control history, * is that we should at least be able to avoid using US - * misspellings of "initialisation"? + * mispellings of "initialisation"? */ EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); return 0; @@ -121,11 +168,20 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ctx->engine = NULL; #endif +#ifdef OPENSSL_FIPS + if (FIPS_mode()) { + const EVP_CIPHER *fcipher = NULL; + if (cipher) + fcipher = evp_get_fips_cipher(cipher); + if (fcipher) + cipher = fcipher; + return FIPS_cipherinit(ctx, cipher, key, iv, enc); + } +#endif ctx->cipher = cipher; if (ctx->cipher->ctx_size) { - ctx->cipher_data = OPENSSL_zalloc(ctx->cipher->ctx_size); - if (ctx->cipher_data == NULL) { - ctx->cipher = NULL; + ctx->cipher_data = OPENSSL_malloc(ctx->cipher->ctx_size); + if (!ctx->cipher_data) { EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE); return 0; } @@ -137,7 +193,6 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW; if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { - ctx->cipher = NULL; EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); return 0; } @@ -149,6 +204,10 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, #ifndef OPENSSL_NO_ENGINE skip_to_init: #endif +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + return FIPS_cipherinit(ctx, cipher, key, iv, enc); +#endif /* we assume block size is a power of 2 in *cryptUpdate */ OPENSSL_assert(ctx->cipher->block_size == 1 || ctx->cipher->block_size == 8 @@ -160,7 +219,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, return 0; } - if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_CUSTOM_IV)) { + if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { switch (EVP_CIPHER_CTX_mode(ctx)) { case EVP_CIPH_STREAM_CIPHER: @@ -191,6 +250,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, default: return 0; + break; } } @@ -255,61 +315,13 @@ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0); } -/* - * According to the letter of standard difference between pointers - * is specified to be valid only within same object. This makes - * it formally challenging to determine if input and output buffers - * are not partially overlapping with standard pointer arithmetic. - */ -#ifdef PTRDIFF_T -# undef PTRDIFF_T -#endif -#if defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE==64 -/* - * Then we have VMS that distinguishes itself by adhering to - * sizeof(size_t)==4 even in 64-bit builds, which means that - * difference between two pointers might be truncated to 32 bits. - * In the context one can even wonder how comparison for - * equality is implemented. To be on the safe side we adhere to - * PTRDIFF_T even for comparison for equality. - */ -# define PTRDIFF_T uint64_t -#else -# define PTRDIFF_T size_t -#endif - -int is_partially_overlapping(const void *ptr1, const void *ptr2, int len) -{ - PTRDIFF_T diff = (PTRDIFF_T)ptr1-(PTRDIFF_T)ptr2; - /* - * Check for partially overlapping buffers. [Binary logical - * operations are used instead of boolean to minimize number - * of conditional branches.] - */ - int overlapped = (len > 0) & (diff != 0) & ((diff < (PTRDIFF_T)len) | - (diff > (0 - (PTRDIFF_T)len))); - - return overlapped; -} - int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) { - int i, j, bl, cmpl = inl; - - if (EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS)) - cmpl = (cmpl + 7) / 8; - - bl = ctx->cipher->block_size; + int i, j, bl; if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) { - /* If block size > 1 then the cipher will have to do this check */ - if (bl == 1 && is_partially_overlapping(out, in, cmpl)) { - EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING); - return 0; - } - - i = ctx->cipher->do_cipher(ctx, out, in, inl); + i = M_do_cipher(ctx, out, in, inl); if (i < 0) return 0; else @@ -321,13 +333,9 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, *outl = 0; return inl == 0; } - if (is_partially_overlapping(out + ctx->buf_len, in, cmpl)) { - EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING); - return 0; - } if (ctx->buf_len == 0 && (inl & (ctx->block_mask)) == 0) { - if (ctx->cipher->do_cipher(ctx, out, in, inl)) { + if (M_do_cipher(ctx, out, in, inl)) { *outl = inl; return 1; } else { @@ -336,6 +344,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, } } i = ctx->buf_len; + bl = ctx->cipher->block_size; OPENSSL_assert(bl <= (int)sizeof(ctx->buf)); if (i != 0) { if (bl - i > inl) { @@ -346,10 +355,10 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, } else { j = bl - i; memcpy(&(ctx->buf[i]), in, j); + if (!M_do_cipher(ctx, out, ctx->buf, bl)) + return 0; inl -= j; in += j; - if (!ctx->cipher->do_cipher(ctx, out, ctx->buf, bl)) - return 0; out += bl; *outl = bl; } @@ -358,7 +367,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, i = inl & (bl - 1); inl -= i; if (inl > 0) { - if (!ctx->cipher->do_cipher(ctx, out, in, inl)) + if (!M_do_cipher(ctx, out, in, inl)) return 0; *outl += inl; } @@ -382,7 +391,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) unsigned int i, b, bl; if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) { - ret = ctx->cipher->do_cipher(ctx, out, NULL, 0); + ret = M_do_cipher(ctx, out, NULL, 0); if (ret < 0) return 0; else @@ -410,7 +419,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) n = b - bl; for (i = bl; i < b; i++) ctx->buf[i] = n; - ret = ctx->cipher->do_cipher(ctx, out, ctx->buf, b); + ret = M_do_cipher(ctx, out, ctx->buf, b); if (ret) *outl = b; @@ -421,21 +430,11 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) { - int fix_len, cmpl = inl; + int fix_len; unsigned int b; - b = ctx->cipher->block_size; - - if (EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS)) - cmpl = (cmpl + 7) / 8; - if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) { - if (b == 1 && is_partially_overlapping(out, in, cmpl)) { - EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING); - return 0; - } - - fix_len = ctx->cipher->do_cipher(ctx, out, in, inl); + fix_len = M_do_cipher(ctx, out, in, inl); if (fix_len < 0) { *outl = 0; return 0; @@ -452,15 +451,10 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, if (ctx->flags & EVP_CIPH_NO_PADDING) return EVP_EncryptUpdate(ctx, out, outl, in, inl); + b = ctx->cipher->block_size; OPENSSL_assert(b <= sizeof ctx->final); if (ctx->final_used) { - /* see comment about PTRDIFF_T comparison above */ - if (((PTRDIFF_T)out == (PTRDIFF_T)in) - || is_partially_overlapping(out, in, b)) { - EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING); - return 0; - } memcpy(out, ctx->final, b); out += b; fix_len = 1; @@ -501,7 +495,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) *outl = 0; if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) { - i = ctx->cipher->do_cipher(ctx, out, NULL, 0); + i = M_do_cipher(ctx, out, NULL, 0); if (i < 0) return 0; else @@ -550,6 +544,42 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) return (1); } +void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) +{ + if (ctx) { + EVP_CIPHER_CTX_cleanup(ctx); + OPENSSL_free(ctx); + } +} + +int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) +{ +#ifndef OPENSSL_FIPS + if (c->cipher != NULL) { + if (c->cipher->cleanup && !c->cipher->cleanup(c)) + return 0; + /* Cleanse cipher context data */ + if (c->cipher_data) + OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); + } + if (c->cipher_data) + OPENSSL_free(c->cipher_data); +#endif +#ifndef OPENSSL_NO_ENGINE + if (c->engine) + /* + * The EVP_CIPHER we used belongs to an ENGINE, release the + * functional reference we held for this reason. + */ + ENGINE_finish(c->engine); +#endif +#ifdef OPENSSL_FIPS + FIPS_cipher_ctx_cleanup(c); +#endif + memset(c, 0, sizeof(EVP_CIPHER_CTX)); + return 1; +} + int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) { if (c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH) @@ -618,13 +648,12 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) } #endif - EVP_CIPHER_CTX_reset(out); - memcpy(out, in, sizeof(*out)); + EVP_CIPHER_CTX_cleanup(out); + memcpy(out, in, sizeof *out); if (in->cipher_data && in->cipher->ctx_size) { out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size); - if (out->cipher_data == NULL) { - out->cipher = NULL; + if (!out->cipher_data) { EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE); return 0; } @@ -632,10 +661,6 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) } if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY) - if (!in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out)) { - out->cipher = NULL; - EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INITIALIZATION_ERROR); - return 0; - } + return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out); return 1; } diff --git a/Cryptlib/OpenSSL/crypto/evp/evp_err.c b/Cryptlib/OpenSSL/crypto/evp/evp_err.c index e32a1c01..bcd841eb 100644 --- a/Cryptlib/OpenSSL/crypto/evp/evp_err.c +++ b/Cryptlib/OpenSSL/crypto/evp/evp_err.c @@ -1,11 +1,62 @@ -/* - * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/evp_err.c */ +/* ==================================================================== + * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +/* + * NOTE: this file was auto generated by the mkerr.pl script: any changes + * made to it will be overwritten when the script next updates this file, + * only reason strings will be preserved. */ #include <stdio.h> @@ -19,36 +70,39 @@ # define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason) static ERR_STRING_DATA EVP_str_functs[] = { - {ERR_FUNC(EVP_F_AESNI_INIT_KEY), "aesni_init_key"}, - {ERR_FUNC(EVP_F_AES_INIT_KEY), "aes_init_key"}, - {ERR_FUNC(EVP_F_AES_OCB_CIPHER), "aes_ocb_cipher"}, - {ERR_FUNC(EVP_F_AES_T4_INIT_KEY), "aes_t4_init_key"}, - {ERR_FUNC(EVP_F_AES_WRAP_CIPHER), "aes_wrap_cipher"}, - {ERR_FUNC(EVP_F_ALG_MODULE_INIT), "alg_module_init"}, - {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "camellia_init_key"}, - {ERR_FUNC(EVP_F_CHACHA20_POLY1305_CTRL), "chacha20_poly1305_ctrl"}, - {ERR_FUNC(EVP_F_CMLL_T4_INIT_KEY), "cmll_t4_init_key"}, - {ERR_FUNC(EVP_F_DES_EDE3_WRAP_CIPHER), "des_ede3_wrap_cipher"}, - {ERR_FUNC(EVP_F_DO_SIGVER_INIT), "do_sigver_init"}, + {ERR_FUNC(EVP_F_AESNI_INIT_KEY), "AESNI_INIT_KEY"}, + {ERR_FUNC(EVP_F_AESNI_XTS_CIPHER), "AESNI_XTS_CIPHER"}, + {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"}, + {ERR_FUNC(EVP_F_AES_T4_INIT_KEY), "AES_T4_INIT_KEY"}, + {ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"}, + {ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"}, + {ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"}, + {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"}, + {ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"}, + {ERR_FUNC(EVP_F_CMLL_T4_INIT_KEY), "CMLL_T4_INIT_KEY"}, + {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"}, + {ERR_FUNC(EVP_F_DO_SIGVER_INIT), "DO_SIGVER_INIT"}, + {ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"}, + {ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"}, + {ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"}, + {ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"}, {ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"}, {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"}, {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"}, {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"}, {ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"}, - {ERR_FUNC(EVP_F_EVP_DECRYPTUPDATE), "EVP_DecryptUpdate"}, {ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"}, {ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"}, - {ERR_FUNC(EVP_F_EVP_ENCRYPTUPDATE), "EVP_EncryptUpdate"}, {ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"}, {ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_size"}, {ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"}, {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"}, {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"}, {ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"}, - {ERR_FUNC(EVP_F_EVP_PBE_SCRYPT), "EVP_PBE_scrypt"}, {ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"}, - {ERR_FUNC(EVP_F_EVP_PKEY2PKCS8), "EVP_PKEY2PKCS8"}, + {ERR_FUNC(EVP_F_EVP_PKCS82PKEY_BROKEN), "EVP_PKCS82PKEY_BROKEN"}, + {ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"}, {ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"}, {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"}, {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"}, @@ -62,11 +116,11 @@ static ERR_STRING_DATA EVP_str_functs[] = { {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"}, {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"}, {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"}, - {ERR_FUNC(EVP_F_EVP_PKEY_GET0_DH), "EVP_PKEY_get0_DH"}, - {ERR_FUNC(EVP_F_EVP_PKEY_GET0_DSA), "EVP_PKEY_get0_DSA"}, - {ERR_FUNC(EVP_F_EVP_PKEY_GET0_EC_KEY), "EVP_PKEY_get0_EC_KEY"}, - {ERR_FUNC(EVP_F_EVP_PKEY_GET0_HMAC), "EVP_PKEY_get0_hmac"}, - {ERR_FUNC(EVP_F_EVP_PKEY_GET0_RSA), "EVP_PKEY_get0_RSA"}, + {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"}, + {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"}, + {ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"}, + {ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"}, + {ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"}, {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"}, {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"}, {ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"}, @@ -79,28 +133,42 @@ static ERR_STRING_DATA EVP_str_functs[] = { {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"}, {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT), "EVP_PKEY_verify_recover_init"}, + {ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"}, {ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"}, {ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"}, - {ERR_FUNC(EVP_F_INT_CTX_NEW), "int_ctx_new"}, + {ERR_FUNC(EVP_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"}, + {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_COPY), "FIPS_CIPHER_CTX_COPY"}, + {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"}, + {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH), + "FIPS_CIPHER_CTX_SET_KEY_LENGTH"}, + {ERR_FUNC(EVP_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"}, + {ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY), "FIPS_MD_CTX_COPY"}, + {ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"}, + {ERR_FUNC(EVP_F_INT_CTX_NEW), "INT_CTX_NEW"}, {ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"}, {ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"}, - {ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_v2_PBKDF2_keyivgen"}, - {ERR_FUNC(EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN), "PKCS5_v2_scrypt_keyivgen"}, - {ERR_FUNC(EVP_F_PKEY_SET_TYPE), "pkey_set_type"}, - {ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "rc2_magic_to_meth"}, - {ERR_FUNC(EVP_F_RC5_CTRL), "rc5_ctrl"}, + {ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_V2_PBKDF2_KEYIVGEN"}, + {ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"}, + {ERR_FUNC(EVP_F_PKEY_SET_TYPE), "PKEY_SET_TYPE"}, + {ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"}, + {ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"}, {0, NULL} }; static ERR_STRING_DATA EVP_str_reasons[] = { + {ERR_REASON(EVP_R_AES_IV_SETUP_FAILED), "aes iv setup failed"}, {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED), "aes key setup failed"}, + {ERR_REASON(EVP_R_ASN1_LIB), "asn1 lib"}, + {ERR_REASON(EVP_R_BAD_BLOCK_LENGTH), "bad block length"}, {ERR_REASON(EVP_R_BAD_DECRYPT), "bad decrypt"}, + {ERR_REASON(EVP_R_BAD_KEY_LENGTH), "bad key length"}, + {ERR_REASON(EVP_R_BN_DECODE_ERROR), "bn decode error"}, + {ERR_REASON(EVP_R_BN_PUBKEY_ERROR), "bn pubkey error"}, {ERR_REASON(EVP_R_BUFFER_TOO_SMALL), "buffer too small"}, {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED), "camellia key setup failed"}, {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR), "cipher parameter error"}, {ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED), "command not supported"}, - {ERR_REASON(EVP_R_COPY_ERROR), "copy error"}, {ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED), "ctrl not implemented"}, {ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED), "ctrl operation not implemented"}, @@ -109,16 +177,17 @@ static ERR_STRING_DATA EVP_str_reasons[] = { {ERR_REASON(EVP_R_DECODE_ERROR), "decode error"}, {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES), "different key types"}, {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS), "different parameters"}, + {ERR_REASON(EVP_R_DISABLED_FOR_FIPS), "disabled for fips"}, + {ERR_REASON(EVP_R_ENCODE_ERROR), "encode error"}, {ERR_REASON(EVP_R_ERROR_LOADING_SECTION), "error loading section"}, {ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE), "error setting fips mode"}, - {ERR_REASON(EVP_R_EXPECTING_AN_HMAC_KEY), "expecting an hmac key"}, + {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR), "evp pbe cipherinit error"}, {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY), "expecting an rsa key"}, {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY), "expecting a dh key"}, {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY), "expecting a dsa key"}, + {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY), "expecting a ecdsa key"}, {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY), "expecting a ec key"}, {ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"}, - {ERR_REASON(EVP_R_ILLEGAL_SCRYPT_PARAMETERS), - "illegal scrypt parameters"}, {ERR_REASON(EVP_R_INITIALIZATION_ERROR), "initialization error"}, {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED), "input not initialized"}, {ERR_REASON(EVP_R_INVALID_DIGEST), "invalid digest"}, @@ -126,48 +195,55 @@ static ERR_STRING_DATA EVP_str_reasons[] = { {ERR_REASON(EVP_R_INVALID_KEY), "invalid key"}, {ERR_REASON(EVP_R_INVALID_KEY_LENGTH), "invalid key length"}, {ERR_REASON(EVP_R_INVALID_OPERATION), "invalid operation"}, + {ERR_REASON(EVP_R_IV_TOO_LARGE), "iv too large"}, {ERR_REASON(EVP_R_KEYGEN_FAILURE), "keygen failure"}, - {ERR_REASON(EVP_R_MEMORY_LIMIT_EXCEEDED), "memory limit exceeded"}, {ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL), "message digest is null"}, {ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED), "method not supported"}, {ERR_REASON(EVP_R_MISSING_PARAMETERS), "missing parameters"}, {ERR_REASON(EVP_R_NO_CIPHER_SET), "no cipher set"}, {ERR_REASON(EVP_R_NO_DEFAULT_DIGEST), "no default digest"}, {ERR_REASON(EVP_R_NO_DIGEST_SET), "no digest set"}, + {ERR_REASON(EVP_R_NO_DSA_PARAMETERS), "no dsa parameters"}, {ERR_REASON(EVP_R_NO_KEY_SET), "no key set"}, {ERR_REASON(EVP_R_NO_OPERATION_SET), "no operation set"}, + {ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED), + "no sign function configured"}, + {ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED), + "no verify function configured"}, {ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE), "operation not supported for this keytype"}, {ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"}, - {ERR_REASON(EVP_R_PARTIALLY_OVERLAPPING), - "partially overlapping buffers"}, + {ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE), + "pkcs8 unknown broken type"}, {ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"}, {ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"}, {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"}, + {ERR_REASON(EVP_R_TOO_LARGE), "too large"}, {ERR_REASON(EVP_R_UNKNOWN_CIPHER), "unknown cipher"}, {ERR_REASON(EVP_R_UNKNOWN_DIGEST), "unknown digest"}, {ERR_REASON(EVP_R_UNKNOWN_OPTION), "unknown option"}, {ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM), "unknown pbe algorithm"}, + {ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS), + "unsuported number of rounds"}, {ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM), "unsupported algorithm"}, {ERR_REASON(EVP_R_UNSUPPORTED_CIPHER), "unsupported cipher"}, {ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH), "unsupported keylength"}, {ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION), "unsupported key derivation function"}, {ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE), "unsupported key size"}, - {ERR_REASON(EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS), - "unsupported number of rounds"}, {ERR_REASON(EVP_R_UNSUPPORTED_PRF), "unsupported prf"}, {ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM), "unsupported private key algorithm"}, {ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE), "unsupported salt type"}, {ERR_REASON(EVP_R_WRAP_MODE_NOT_ALLOWED), "wrap mode not allowed"}, {ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH), "wrong final block length"}, + {ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"}, {0, NULL} }; #endif -int ERR_load_EVP_strings(void) +void ERR_load_EVP_strings(void) { #ifndef OPENSSL_NO_ERR @@ -176,5 +252,4 @@ int ERR_load_EVP_strings(void) ERR_load_strings(0, EVP_str_reasons); } #endif - return 1; } diff --git a/Cryptlib/OpenSSL/crypto/evp/evp_key.c b/Cryptlib/OpenSSL/crypto/evp/evp_key.c index 8a4297cf..63c8866e 100644 --- a/Cryptlib/OpenSSL/crypto/evp/evp_key.c +++ b/Cryptlib/OpenSSL/crypto/evp/evp_key.c @@ -1,14 +1,63 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/evp_key.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/x509.h> #include <openssl/objects.h> #include <openssl/evp.h> @@ -76,42 +125,40 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, int datal, int count, unsigned char *key, unsigned char *iv) { - EVP_MD_CTX *c; + EVP_MD_CTX c; unsigned char md_buf[EVP_MAX_MD_SIZE]; int niv, nkey, addmd = 0; unsigned int mds = 0, i; int rv = 0; - nkey = EVP_CIPHER_key_length(type); - niv = EVP_CIPHER_iv_length(type); + nkey = type->key_len; + niv = type->iv_len; OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH); OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH); if (data == NULL) return (nkey); - c = EVP_MD_CTX_new(); - if (c == NULL) - goto err; + EVP_MD_CTX_init(&c); for (;;) { - if (!EVP_DigestInit_ex(c, md, NULL)) + if (!EVP_DigestInit_ex(&c, md, NULL)) goto err; if (addmd++) - if (!EVP_DigestUpdate(c, &(md_buf[0]), mds)) + if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds)) goto err; - if (!EVP_DigestUpdate(c, data, datal)) + if (!EVP_DigestUpdate(&c, data, datal)) goto err; if (salt != NULL) - if (!EVP_DigestUpdate(c, salt, PKCS5_SALT_LEN)) + if (!EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN)) goto err; - if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds)) + if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds)) goto err; for (i = 1; i < (unsigned int)count; i++) { - if (!EVP_DigestInit_ex(c, md, NULL)) + if (!EVP_DigestInit_ex(&c, md, NULL)) goto err; - if (!EVP_DigestUpdate(c, &(md_buf[0]), mds)) + if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds)) goto err; - if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds)) + if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds)) goto err; } i = 0; @@ -142,9 +189,9 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, if ((nkey == 0) && (niv == 0)) break; } - rv = EVP_CIPHER_key_length(type); + rv = type->key_len; err: - EVP_MD_CTX_free(c); + EVP_MD_CTX_cleanup(&c); OPENSSL_cleanse(md_buf, sizeof(md_buf)); return rv; } diff --git a/Cryptlib/OpenSSL/crypto/evp/evp_lib.c b/Cryptlib/OpenSSL/crypto/evp/evp_lib.c index 0c76db5a..7e0bab90 100644 --- a/Cryptlib/OpenSSL/crypto/evp/evp_lib.c +++ b/Cryptlib/OpenSSL/crypto/evp/evp_lib.c @@ -1,18 +1,69 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/evp_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/evp.h> #include <openssl/objects.h> -#include "internal/evp_int.h" -#include "evp_locl.h" +#ifdef OPENSSL_FIPS +# include <openssl/fips.h> +# include "evp_locl.h" +#endif int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) { @@ -31,7 +82,6 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) case EVP_CIPH_GCM_MODE: case EVP_CIPH_CCM_MODE: case EVP_CIPH_XTS_MODE: - case EVP_CIPH_OCB_MODE: ret = -1; break; @@ -59,7 +109,6 @@ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type) case EVP_CIPH_GCM_MODE: case EVP_CIPH_CCM_MODE: case EVP_CIPH_XTS_MODE: - case EVP_CIPH_OCB_MODE: ret = -1; break; @@ -155,7 +204,7 @@ int EVP_CIPHER_type(const EVP_CIPHER *ctx) default: /* Check it has an OID and it is valid */ otmp = OBJ_nid2obj(nid); - if (OBJ_get0_data(otmp) == NULL) + if (!otmp || !otmp->data) nid = NID_undef; ASN1_OBJECT_free(otmp); return nid; @@ -172,11 +221,6 @@ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx) return ctx->cipher->block_size; } -int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e) -{ - return e->ctx_size; -} - int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) { @@ -188,14 +232,24 @@ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx) return ctx->cipher; } -int EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx) +unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher) { - return ctx->encrypt; +#ifdef OPENSSL_FIPS + const EVP_CIPHER *fcipher; + fcipher = evp_get_fips_cipher(cipher); + if (fcipher && fcipher->flags & EVP_CIPH_FLAG_FIPS) + return cipher->flags | EVP_CIPH_FLAG_FIPS; +#endif + return cipher->flags; } -unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher) +unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx) { - return cipher->flags; +#ifdef OPENSSL_FIPS + return EVP_CIPHER_flags(ctx->cipher); +#else + return ctx->cipher->flags; +#endif } void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) @@ -208,21 +262,6 @@ void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data) ctx->app_data = data; } -void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx) -{ - return ctx->cipher_data; -} - -void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data) -{ - void *old_cipher_data; - - old_cipher_data = ctx->cipher_data; - ctx->cipher_data = cipher_data; - - return old_cipher_data; -} - int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher) { return cipher->iv_len; @@ -233,36 +272,6 @@ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) return ctx->cipher->iv_len; } -const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx) -{ - return ctx->oiv; -} - -const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx) -{ - return ctx->iv; -} - -unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx) -{ - return ctx->iv; -} - -unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx) -{ - return ctx->buf; -} - -int EVP_CIPHER_CTX_num(const EVP_CIPHER_CTX *ctx) -{ - return ctx->num; -} - -void EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num) -{ - ctx->num = num; -} - int EVP_CIPHER_key_length(const EVP_CIPHER *cipher) { return cipher->key_len; @@ -307,134 +316,42 @@ int EVP_MD_size(const EVP_MD *md) return md->md_size; } -unsigned long EVP_MD_flags(const EVP_MD *md) -{ - return md->flags; -} +#ifdef OPENSSL_FIPS -EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type) +const EVP_MD *evp_get_fips_md(const EVP_MD *md) { - EVP_MD *md = OPENSSL_zalloc(sizeof(*md)); - - if (md != NULL) { - md->type = md_type; - md->pkey_type = pkey_type; - } - return md; + int nid = EVP_MD_type(md); + if (nid == NID_dsa) + return FIPS_evp_dss1(); + else if (nid == NID_dsaWithSHA) + return FIPS_evp_dss(); + else if (nid == NID_ecdsa_with_SHA1) + return FIPS_evp_ecdsa(); + else + return FIPS_get_digestbynid(nid); } -EVP_MD *EVP_MD_meth_dup(const EVP_MD *md) -{ - EVP_MD *to = EVP_MD_meth_new(md->type, md->pkey_type); - if (to != NULL) - memcpy(to, md, sizeof(*to)); - return to; -} -void EVP_MD_meth_free(EVP_MD *md) -{ - OPENSSL_free(md); -} -int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize) -{ - md->block_size = blocksize; - return 1; -} -int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize) +const EVP_CIPHER *evp_get_fips_cipher(const EVP_CIPHER *cipher) { - md->md_size = resultsize; - return 1; -} -int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize) -{ - md->ctx_size = datasize; - return 1; -} -int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags) -{ - md->flags = flags; - return 1; -} -int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx)) -{ - md->init = init; - return 1; -} -int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx, - const void *data, - size_t count)) -{ - md->update = update; - return 1; -} -int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx, - unsigned char *md)) -{ - md->final = final; - return 1; -} -int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to, - const EVP_MD_CTX *from)) -{ - md->copy = copy; - return 1; -} -int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx)) -{ - md->cleanup = cleanup; - return 1; -} -int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd, - int p1, void *p2)) -{ - md->md_ctrl = ctrl; - return 1; + int nid = cipher->nid; + if (nid == NID_undef) + return FIPS_evp_enc_null(); + else + return FIPS_get_cipherbynid(nid); } -int EVP_MD_meth_get_input_blocksize(const EVP_MD *md) -{ - return md->block_size; -} -int EVP_MD_meth_get_result_size(const EVP_MD *md) -{ - return md->md_size; -} -int EVP_MD_meth_get_app_datasize(const EVP_MD *md) -{ - return md->ctx_size; -} -unsigned long EVP_MD_meth_get_flags(const EVP_MD *md) +#endif + +unsigned long EVP_MD_flags(const EVP_MD *md) { +#ifdef OPENSSL_FIPS + const EVP_MD *fmd; + fmd = evp_get_fips_md(md); + if (fmd && fmd->flags & EVP_MD_FLAG_FIPS) + return md->flags | EVP_MD_FLAG_FIPS; +#endif return md->flags; } -int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx) -{ - return md->init; -} -int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx, - const void *data, - size_t count) -{ - return md->update; -} -int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx, - unsigned char *md) -{ - return md->final; -} -int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to, - const EVP_MD_CTX *from) -{ - return md->copy; -} -int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx) -{ - return md->cleanup; -} -int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd, - int p1, void *p2) -{ - return md->md_ctrl; -} const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx) { @@ -443,29 +360,6 @@ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx) return ctx->digest; } -EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx) -{ - return ctx->pctx; -} - -void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx) -{ - return ctx->md_data; -} - -int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx, - const void *data, size_t count) -{ - return ctx->update; -} - -void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx, - int (*update) (EVP_MD_CTX *ctx, - const void *data, size_t count)) -{ - ctx->update = update; -} - void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags) { ctx->flags |= flags; diff --git a/Cryptlib/OpenSSL/crypto/evp/evp_locl.h b/Cryptlib/OpenSSL/crypto/evp/evp_locl.h index 209577b7..2bb709a0 100644 --- a/Cryptlib/OpenSSL/crypto/evp/evp_locl.h +++ b/Cryptlib/OpenSSL/crypto/evp/evp_locl.h @@ -1,68 +1,373 @@ +/* evp_locl.h */ /* - * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project + * 2000. + */ +/* ==================================================================== + * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ -/* EVP_MD_CTX related stuff */ - -struct evp_md_ctx_st { - const EVP_MD *digest; - ENGINE *engine; /* functional reference if 'digest' is - * ENGINE-provided */ - unsigned long flags; - void *md_data; - /* Public key context for sign/verify */ - EVP_PKEY_CTX *pctx; - /* Update function: usually copied from EVP_MD */ - int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count); -} /* EVP_MD_CTX */ ; - -struct evp_cipher_ctx_st { - const EVP_CIPHER *cipher; - ENGINE *engine; /* functional reference if 'cipher' is - * ENGINE-provided */ - int encrypt; /* encrypt or decrypt */ - int buf_len; /* number we have left */ - unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */ - unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */ - unsigned char buf[EVP_MAX_BLOCK_LENGTH]; /* saved partial block */ - int num; /* used by cfb/ofb/ctr mode */ - /* FIXME: Should this even exist? It appears unused */ - void *app_data; /* application stuff */ - int key_len; /* May change for variable length cipher */ - unsigned long flags; /* Various flags */ - void *cipher_data; /* per EVP data */ - int final_used; - int block_mask; - unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */ -} /* EVP_CIPHER_CTX */ ; +/* Macros to code block cipher wrappers */ + +/* Wrapper functions for each cipher mode */ + +#define BLOCK_CIPHER_ecb_loop() \ + size_t i, bl; \ + bl = ctx->cipher->block_size;\ + if(inl < bl) return 1;\ + inl -= bl; \ + for(i=0; i <= inl; i+=bl) + +#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ +static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ +{\ + BLOCK_CIPHER_ecb_loop() \ + cprefix##_ecb_encrypt(in + i, out + i, &((kstruct *)ctx->cipher_data)->ksched, ctx->encrypt);\ + return 1;\ +} + +#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2)) + +#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \ +static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ +{\ + while(inl>=EVP_MAXCHUNK)\ + {\ + cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\ + inl-=EVP_MAXCHUNK;\ + in +=EVP_MAXCHUNK;\ + out+=EVP_MAXCHUNK;\ + }\ + if (inl)\ + cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\ + return 1;\ +} + +#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \ +static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ +{\ + while(inl>=EVP_MAXCHUNK) \ + {\ + cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\ + inl-=EVP_MAXCHUNK;\ + in +=EVP_MAXCHUNK;\ + out+=EVP_MAXCHUNK;\ + }\ + if (inl)\ + cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\ + return 1;\ +} + +#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ +static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ +{\ + size_t chunk=EVP_MAXCHUNK;\ + if (cbits==1) chunk>>=3;\ + if (inl<chunk) chunk=inl;\ + while(inl && inl>=chunk)\ + {\ + cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ + inl-=chunk;\ + in +=chunk;\ + out+=chunk;\ + if(inl<chunk) chunk=inl;\ + }\ + return 1;\ +} + +#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \ + BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \ + BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ + BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ + BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) + +#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \ + key_len, iv_len, flags, init_key, cleanup, \ + set_asn1, get_asn1, ctrl) \ +static const EVP_CIPHER cname##_##mode = { \ + nid##_##nmode, block_size, key_len, iv_len, \ + flags | EVP_CIPH_##MODE##_MODE, \ + init_key, \ + cname##_##mode##_cipher, \ + cleanup, \ + sizeof(kstruct), \ + set_asn1, get_asn1,\ + ctrl, \ + NULL \ +}; \ +const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; } + +#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \ + iv_len, flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) \ +BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \ + iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl) + +#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \ + iv_len, cbits, flags, init_key, cleanup, \ + set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \ + key_len, iv_len, flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) + +#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \ + iv_len, cbits, flags, init_key, cleanup, \ + set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \ + key_len, iv_len, flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) + +#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \ + flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) \ +BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \ + 0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl) + +#define BLOCK_CIPHER_defs(cname, kstruct, \ + nid, block_size, key_len, iv_len, cbits, flags, \ + init_key, cleanup, set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \ + init_key, cleanup, set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \ + flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \ + flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \ + init_key, cleanup, set_asn1, get_asn1, ctrl) + +/*- +#define BLOCK_CIPHER_defs(cname, kstruct, \ + nid, block_size, key_len, iv_len, flags,\ + init_key, cleanup, set_asn1, get_asn1, ctrl)\ +static const EVP_CIPHER cname##_cbc = {\ + nid##_cbc, block_size, key_len, iv_len, \ + flags | EVP_CIPH_CBC_MODE,\ + init_key,\ + cname##_cbc_cipher,\ + cleanup,\ + sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ + sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ + set_asn1, get_asn1,\ + ctrl, \ + NULL \ +};\ +const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\ +static const EVP_CIPHER cname##_cfb = {\ + nid##_cfb64, 1, key_len, iv_len, \ + flags | EVP_CIPH_CFB_MODE,\ + init_key,\ + cname##_cfb_cipher,\ + cleanup,\ + sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ + sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ + set_asn1, get_asn1,\ + ctrl,\ + NULL \ +};\ +const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\ +static const EVP_CIPHER cname##_ofb = {\ + nid##_ofb64, 1, key_len, iv_len, \ + flags | EVP_CIPH_OFB_MODE,\ + init_key,\ + cname##_ofb_cipher,\ + cleanup,\ + sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ + sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ + set_asn1, get_asn1,\ + ctrl,\ + NULL \ +};\ +const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\ +static const EVP_CIPHER cname##_ecb = {\ + nid##_ecb, block_size, key_len, iv_len, \ + flags | EVP_CIPH_ECB_MODE,\ + init_key,\ + cname##_ecb_cipher,\ + cleanup,\ + sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ + sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ + set_asn1, get_asn1,\ + ctrl,\ + NULL \ +};\ +const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } +*/ + +#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \ + block_size, key_len, iv_len, cbits, \ + flags, init_key, \ + cleanup, set_asn1, get_asn1, ctrl) \ + BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \ + BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \ + cbits, flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) + +#define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data) + +#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \ + BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \ + BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \ + NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \ + 0, cipher##_init_key, NULL, \ + EVP_CIPHER_set_asn1_iv, \ + EVP_CIPHER_get_asn1_iv, \ + NULL) + +struct evp_pkey_ctx_st { + /* Method associated with this operation */ + const EVP_PKEY_METHOD *pmeth; + /* Engine that implements this method or NULL if builtin */ + ENGINE *engine; + /* Key: may be NULL */ + EVP_PKEY *pkey; + /* Peer key for key agreement, may be NULL */ + EVP_PKEY *peerkey; + /* Actual operation */ + int operation; + /* Algorithm specific data */ + void *data; + /* Application specific data */ + void *app_data; + /* Keygen callback */ + EVP_PKEY_gen_cb *pkey_gencb; + /* implementation specific keygen data */ + int *keygen_info; + int keygen_info_count; +} /* EVP_PKEY_CTX */ ; + +#define EVP_PKEY_FLAG_DYNAMIC 1 + +struct evp_pkey_method_st { + int pkey_id; + int flags; + int (*init) (EVP_PKEY_CTX *ctx); + int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src); + void (*cleanup) (EVP_PKEY_CTX *ctx); + int (*paramgen_init) (EVP_PKEY_CTX *ctx); + int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); + int (*keygen_init) (EVP_PKEY_CTX *ctx); + int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); + int (*sign_init) (EVP_PKEY_CTX *ctx); + int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, + const unsigned char *tbs, size_t tbslen); + int (*verify_init) (EVP_PKEY_CTX *ctx); + int (*verify) (EVP_PKEY_CTX *ctx, + const unsigned char *sig, size_t siglen, + const unsigned char *tbs, size_t tbslen); + int (*verify_recover_init) (EVP_PKEY_CTX *ctx); + int (*verify_recover) (EVP_PKEY_CTX *ctx, + unsigned char *rout, size_t *routlen, + const unsigned char *sig, size_t siglen); + int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); + int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, + EVP_MD_CTX *mctx); + int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); + int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, + EVP_MD_CTX *mctx); + int (*encrypt_init) (EVP_PKEY_CTX *ctx); + int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, + const unsigned char *in, size_t inlen); + int (*decrypt_init) (EVP_PKEY_CTX *ctx); + int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, + const unsigned char *in, size_t inlen); + int (*derive_init) (EVP_PKEY_CTX *ctx); + int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); + int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2); + int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value); +} /* EVP_PKEY_METHOD */ ; + +void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx); int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de); -struct evp_Encode_Ctx_st { - /* number saved in a partial encode/decode */ - int num; - /* - * The length is either the output line length (in input bytes) or the - * shortest input line length that is ok. Once decoding begins, the - * length is adjusted up each time a longer line is decoded - */ - int length; - /* data to encode */ - unsigned char enc_data[80]; - /* number read on current line */ - int line_num; - int expect_nl; -}; - -typedef struct evp_pbe_st EVP_PBE_CTL; -DEFINE_STACK_OF(EVP_PBE_CTL) - -int is_partially_overlapping(const void *ptr1, const void *ptr2, int len); +const EVP_MD *evp_get_fips_md(const EVP_MD *md); +const EVP_CIPHER *evp_get_fips_cipher(const EVP_CIPHER *cipher); + +#ifdef OPENSSL_FIPS + +# ifdef OPENSSL_DOING_MAKEDEPEND +# undef SHA1_Init +# undef SHA1_Update +# undef SHA224_Init +# undef SHA256_Init +# undef SHA384_Init +# undef SHA512_Init +# undef DES_set_key_unchecked +# endif + +# define RIPEMD160_Init private_RIPEMD160_Init +# define WHIRLPOOL_Init private_WHIRLPOOL_Init +# define MD5_Init private_MD5_Init +# define MD4_Init private_MD4_Init +# define MD2_Init private_MD2_Init +# define MDC2_Init private_MDC2_Init +# define SHA_Init private_SHA_Init +# define SHA1_Init private_SHA1_Init +# define SHA224_Init private_SHA224_Init +# define SHA256_Init private_SHA256_Init +# define SHA384_Init private_SHA384_Init +# define SHA512_Init private_SHA512_Init + +# define BF_set_key private_BF_set_key +# define CAST_set_key private_CAST_set_key +# define idea_set_encrypt_key private_idea_set_encrypt_key +# define SEED_set_key private_SEED_set_key +# define RC2_set_key private_RC2_set_key +# define RC4_set_key private_RC4_set_key +# define DES_set_key_unchecked private_DES_set_key_unchecked +# define Camellia_set_key private_Camellia_set_key + +#endif diff --git a/Cryptlib/OpenSSL/crypto/evp/evp_pbe.c b/Cryptlib/OpenSSL/crypto/evp/evp_pbe.c index ce7aa2cf..7934c95f 100644 --- a/Cryptlib/OpenSSL/crypto/evp/evp_pbe.c +++ b/Cryptlib/OpenSSL/crypto/evp/evp_pbe.c @@ -1,14 +1,64 @@ +/* evp_pbe.c */ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project + * 1999. + */ +/* ==================================================================== + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/evp.h> #include <openssl/pkcs12.h> #include <openssl/x509.h> @@ -16,17 +66,18 @@ /* Password based encryption (PBE) functions */ +DECLARE_STACK_OF(EVP_PBE_CTL) +static STACK_OF(EVP_PBE_CTL) *pbe_algs; + /* Setup a cipher context from a PBE algorithm */ -struct evp_pbe_st { +typedef struct { int pbe_type; int pbe_nid; int cipher_nid; int md_nid; EVP_PBE_KEYGEN *keygen; -}; - -static STACK_OF(EVP_PBE_CTL) *pbe_algs; +} EVP_PBE_CTL; static const EVP_PBE_CTL builtin_pbe[] = { {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC, @@ -36,7 +87,9 @@ static const EVP_PBE_CTL builtin_pbe[] = { {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC, NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen}, +#ifndef OPENSSL_NO_HMAC {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen}, +#endif {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4, NID_rc4, NID_sha1, PKCS12_PBE_keyivgen}, @@ -51,8 +104,9 @@ static const EVP_PBE_CTL builtin_pbe[] = { {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC, NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen}, +#ifndef OPENSSL_NO_HMAC {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen}, - +#endif {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC, NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen}, {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC, @@ -67,16 +121,33 @@ static const EVP_PBE_CTL builtin_pbe[] = { {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0}, {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0}, {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0}, - {EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_2012_256, -1, - NID_id_GostR3411_2012_256, 0}, - {EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_2012_512, -1, - NID_id_GostR3411_2012_512, 0}, - {EVP_PBE_TYPE_KDF, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen}, -#ifndef OPENSSL_NO_SCRYPT - {EVP_PBE_TYPE_KDF, NID_id_scrypt, -1, -1, PKCS5_v2_scrypt_keyivgen} -#endif }; +#ifdef TEST +int main(int argc, char **argv) +{ + int i, nid_md, nid_cipher; + EVP_PBE_CTL *tpbe, *tpbe2; + /* + * OpenSSL_add_all_algorithms(); + */ + + for (i = 0; i < sizeof(builtin_pbe) / sizeof(EVP_PBE_CTL); i++) { + tpbe = builtin_pbe + i; + fprintf(stderr, "%d %d %s ", tpbe->pbe_type, tpbe->pbe_nid, + OBJ_nid2sn(tpbe->pbe_nid)); + if (EVP_PBE_find(tpbe->pbe_type, tpbe->pbe_nid, + &nid_cipher, &nid_md, 0)) + fprintf(stderr, "Found %s %s\n", + OBJ_nid2sn(nid_cipher), OBJ_nid2sn(nid_md)); + else + fprintf(stderr, "Find ERROR!!\n"); + } + + return 0; +} +#endif + int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de) { @@ -90,7 +161,7 @@ int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, char obj_tmp[80]; EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM); if (!pbe_obj) - OPENSSL_strlcpy(obj_tmp, "NULL", sizeof obj_tmp); + BUF_strlcpy(obj_tmp, "NULL", sizeof obj_tmp); else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj); ERR_add_error_data(2, "TYPE=", obj_tmp); @@ -173,10 +244,7 @@ int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, pbe_tmp->md_nid = md_nid; pbe_tmp->keygen = keygen; - if (!sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp)) { - OPENSSL_free(pbe_tmp); - goto err; - } + sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp); return 1; err: @@ -188,7 +256,6 @@ int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, EVP_PBE_KEYGEN *keygen) { int cipher_nid, md_nid; - if (cipher) cipher_nid = EVP_CIPHER_nid(cipher); else @@ -219,7 +286,8 @@ int EVP_PBE_find(int type, int pbe_nid, pbetmp = sk_EVP_PBE_CTL_value(pbe_algs, i); } if (pbetmp == NULL) { - pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe, OSSL_NELEM(builtin_pbe)); + pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe, + sizeof(builtin_pbe) / sizeof(EVP_PBE_CTL)); } if (pbetmp == NULL) return 0; @@ -234,7 +302,7 @@ int EVP_PBE_find(int type, int pbe_nid, static void free_evp_pbe_ctl(EVP_PBE_CTL *pbe) { - OPENSSL_free(pbe); + OPENSSL_freeFunc(pbe); } void EVP_PBE_cleanup(void) @@ -242,18 +310,3 @@ void EVP_PBE_cleanup(void) sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl); pbe_algs = NULL; } - -int EVP_PBE_get(int *ptype, int *ppbe_nid, size_t num) -{ - const EVP_PBE_CTL *tpbe; - - if (num >= OSSL_NELEM(builtin_pbe)) - return 0; - - tpbe = builtin_pbe + num; - if (ptype) - *ptype = tpbe->pbe_type; - if (ppbe_nid) - *ppbe_nid = tpbe->pbe_nid; - return 1; -} diff --git a/Cryptlib/OpenSSL/crypto/evp/evp_pkey.c b/Cryptlib/OpenSSL/crypto/evp/evp_pkey.c index 81bffa6d..6a456297 100644 --- a/Cryptlib/OpenSSL/crypto/evp/evp_pkey.c +++ b/Cryptlib/OpenSSL/crypto/evp/evp_pkey.c @@ -1,33 +1,81 @@ +/* evp_pkey.c */ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project + * 1999. + */ +/* ==================================================================== + * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <stdlib.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/x509.h> #include <openssl/rand.h> -#include "internal/asn1_int.h" -#include "internal/evp_int.h" -#include "internal/x509_int.h" +#include "asn1_locl.h" /* Extract a private key from a PKCS8 structure */ -EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8) +EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) { EVP_PKEY *pkey = NULL; - const ASN1_OBJECT *algoid; + ASN1_OBJECT *algoid; char obj_tmp[80]; if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8)) return NULL; - if ((pkey = EVP_PKEY_new()) == NULL) { + if (!(pkey = EVP_PKEY_new())) { EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE); return NULL; } @@ -56,37 +104,68 @@ EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8) return NULL; } +PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) +{ + return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK); +} + /* Turn a private key into a PKCS8 structure */ -PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) +PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) { - PKCS8_PRIV_KEY_INFO *p8 = PKCS8_PRIV_KEY_INFO_new(); - if (p8 == NULL) { - EVPerr(EVP_F_EVP_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + PKCS8_PRIV_KEY_INFO *p8; + + if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) { + EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE); return NULL; } + p8->broken = broken; if (pkey->ameth) { if (pkey->ameth->priv_encode) { if (!pkey->ameth->priv_encode(p8, pkey)) { - EVPerr(EVP_F_EVP_PKEY2PKCS8, EVP_R_PRIVATE_KEY_ENCODE_ERROR); + EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, + EVP_R_PRIVATE_KEY_ENCODE_ERROR); goto error; } } else { - EVPerr(EVP_F_EVP_PKEY2PKCS8, EVP_R_METHOD_NOT_SUPPORTED); + EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, EVP_R_METHOD_NOT_SUPPORTED); goto error; } } else { - EVPerr(EVP_F_EVP_PKEY2PKCS8, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); + EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, + EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); goto error; } - RAND_add(p8->pkey->data, p8->pkey->length, 0.0); + RAND_add(p8->pkey->value.octet_string->data, + p8->pkey->value.octet_string->length, 0.0); return p8; error: PKCS8_PRIV_KEY_INFO_free(p8); return NULL; } +PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken) +{ + switch (broken) { + + case PKCS8_OK: + p8->broken = PKCS8_OK; + return p8; + break; + + case PKCS8_NO_OCTET: + p8->broken = PKCS8_NO_OCTET; + p8->pkey->type = V_ASN1_SEQUENCE; + return p8; + break; + + default: + EVPerr(EVP_F_PKCS8_SET_BROKEN, EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE); + return NULL; + } +} + /* EVP_PKEY attribute functions */ int EVP_PKEY_get_attr_count(const EVP_PKEY *key) @@ -99,7 +178,7 @@ int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos) return X509at_get_attr_by_NID(key->attributes, nid, lastpos); } -int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, const ASN1_OBJECT *obj, +int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, int lastpos) { return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos); diff --git a/Cryptlib/OpenSSL/crypto/evp/m_dss.c b/Cryptlib/OpenSSL/crypto/evp/m_dss.c new file mode 100644 index 00000000..14784486 --- /dev/null +++ b/Cryptlib/OpenSSL/crypto/evp/m_dss.c @@ -0,0 +1,104 @@ +/* crypto/evp/m_dss.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "cryptlib.h" +#include <openssl/evp.h> +#include <openssl/objects.h> +#include <openssl/sha.h> +#ifndef OPENSSL_NO_DSA +# include <openssl/dsa.h> +#endif + +#ifndef OPENSSL_NO_SHA + +static int init(EVP_MD_CTX *ctx) +{ + return SHA1_Init(ctx->md_data); +} + +static int update(EVP_MD_CTX *ctx, const void *data, size_t count) +{ + return SHA1_Update(ctx->md_data, data, count); +} + +static int final(EVP_MD_CTX *ctx, unsigned char *md) +{ + return SHA1_Final(md, ctx->md_data); +} + +static const EVP_MD dsa_md = { + NID_dsaWithSHA, + NID_dsaWithSHA, + SHA_DIGEST_LENGTH, + EVP_MD_FLAG_PKEY_DIGEST, + init, + update, + final, + NULL, + NULL, + EVP_PKEY_DSA_method, + SHA_CBLOCK, + sizeof(EVP_MD *) + sizeof(SHA_CTX), +}; + +const EVP_MD *EVP_dss(void) +{ + return (&dsa_md); +} +#endif diff --git a/Cryptlib/OpenSSL/crypto/evp/m_dss1.c b/Cryptlib/OpenSSL/crypto/evp/m_dss1.c new file mode 100644 index 00000000..e36fabff --- /dev/null +++ b/Cryptlib/OpenSSL/crypto/evp/m_dss1.c @@ -0,0 +1,105 @@ +/* crypto/evp/m_dss1.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "cryptlib.h" + +#ifndef OPENSSL_NO_SHA + +# include <openssl/evp.h> +# include <openssl/objects.h> +# include <openssl/sha.h> +# ifndef OPENSSL_NO_DSA +# include <openssl/dsa.h> +# endif + +static int init(EVP_MD_CTX *ctx) +{ + return SHA1_Init(ctx->md_data); +} + +static int update(EVP_MD_CTX *ctx, const void *data, size_t count) +{ + return SHA1_Update(ctx->md_data, data, count); +} + +static int final(EVP_MD_CTX *ctx, unsigned char *md) +{ + return SHA1_Final(md, ctx->md_data); +} + +static const EVP_MD dss1_md = { + NID_dsa, + NID_dsaWithSHA1, + SHA_DIGEST_LENGTH, + EVP_MD_FLAG_PKEY_DIGEST, + init, + update, + final, + NULL, + NULL, + EVP_PKEY_DSA_method, + SHA_CBLOCK, + sizeof(EVP_MD *) + sizeof(SHA_CTX), +}; + +const EVP_MD *EVP_dss1(void) +{ + return (&dss1_md); +} +#endif diff --git a/Cryptlib/OpenSSL/crypto/evp/m_ecdsa.c b/Cryptlib/OpenSSL/crypto/evp/m_ecdsa.c new file mode 100644 index 00000000..803d3149 --- /dev/null +++ b/Cryptlib/OpenSSL/crypto/evp/m_ecdsa.c @@ -0,0 +1,154 @@ +/* crypto/evp/m_ecdsa.c */ +/* ==================================================================== + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "cryptlib.h" +#include <openssl/evp.h> +#include <openssl/objects.h> +#include <openssl/x509.h> + +#ifndef OPENSSL_NO_SHA + +static int init(EVP_MD_CTX *ctx) +{ + return SHA1_Init(ctx->md_data); +} + +static int update(EVP_MD_CTX *ctx, const void *data, size_t count) +{ + return SHA1_Update(ctx->md_data, data, count); +} + +static int final(EVP_MD_CTX *ctx, unsigned char *md) +{ + return SHA1_Final(md, ctx->md_data); +} + +static const EVP_MD ecdsa_md = { + NID_ecdsa_with_SHA1, + NID_ecdsa_with_SHA1, + SHA_DIGEST_LENGTH, + EVP_MD_FLAG_PKEY_DIGEST, + init, + update, + final, + NULL, + NULL, + EVP_PKEY_ECDSA_method, + SHA_CBLOCK, + sizeof(EVP_MD *) + sizeof(SHA_CTX), +}; + +const EVP_MD *EVP_ecdsa(void) +{ + return (&ecdsa_md); +} +#endif diff --git a/Cryptlib/OpenSSL/crypto/evp/m_md2.c b/Cryptlib/OpenSSL/crypto/evp/m_md2.c index c4e28ae1..3c4cd7bf 100644 --- a/Cryptlib/OpenSSL/crypto/evp/m_md2.c +++ b/Cryptlib/OpenSSL/crypto/evp/m_md2.c @@ -1,14 +1,63 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/m_md2.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #ifndef OPENSSL_NO_MD2 @@ -16,23 +65,23 @@ # include <openssl/objects.h> # include <openssl/x509.h> # include <openssl/md2.h> -# include <openssl/rsa.h> - -#include "internal/evp_int.h" +# ifndef OPENSSL_NO_RSA +# include <openssl/rsa.h> +# endif static int init(EVP_MD_CTX *ctx) { - return MD2_Init(EVP_MD_CTX_md_data(ctx)); + return MD2_Init(ctx->md_data); } static int update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return MD2_Update(EVP_MD_CTX_md_data(ctx), data, count); + return MD2_Update(ctx->md_data, data, count); } static int final(EVP_MD_CTX *ctx, unsigned char *md) { - return MD2_Final(md, EVP_MD_CTX_md_data(ctx)); + return MD2_Final(md, ctx->md_data); } static const EVP_MD md2_md = { @@ -45,12 +94,13 @@ static const EVP_MD md2_md = { final, NULL, NULL, + EVP_PKEY_RSA_method, MD2_BLOCK, sizeof(EVP_MD *) + sizeof(MD2_CTX), }; const EVP_MD *EVP_md2(void) { - return &md2_md; + return (&md2_md); } #endif diff --git a/Cryptlib/OpenSSL/crypto/evp/m_md4.c b/Cryptlib/OpenSSL/crypto/evp/m_md4.c index f3decaaf..851de69f 100644 --- a/Cryptlib/OpenSSL/crypto/evp/m_md4.c +++ b/Cryptlib/OpenSSL/crypto/evp/m_md4.c @@ -1,14 +1,63 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/m_md4.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #ifndef OPENSSL_NO_MD4 @@ -16,22 +65,25 @@ # include <openssl/objects.h> # include <openssl/x509.h> # include <openssl/md4.h> -# include <openssl/rsa.h> -# include "internal/evp_int.h" +# ifndef OPENSSL_NO_RSA +# include <openssl/rsa.h> +# endif + +# include "evp_locl.h" static int init(EVP_MD_CTX *ctx) { - return MD4_Init(EVP_MD_CTX_md_data(ctx)); + return MD4_Init(ctx->md_data); } static int update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return MD4_Update(EVP_MD_CTX_md_data(ctx), data, count); + return MD4_Update(ctx->md_data, data, count); } static int final(EVP_MD_CTX *ctx, unsigned char *md) { - return MD4_Final(md, EVP_MD_CTX_md_data(ctx)); + return MD4_Final(md, ctx->md_data); } static const EVP_MD md4_md = { @@ -44,6 +96,7 @@ static const EVP_MD md4_md = { final, NULL, NULL, + EVP_PKEY_RSA_method, MD4_CBLOCK, sizeof(EVP_MD *) + sizeof(MD4_CTX), }; diff --git a/Cryptlib/OpenSSL/crypto/evp/m_md5.c b/Cryptlib/OpenSSL/crypto/evp/m_md5.c index f4dc0c43..e5d5f71b 100644 --- a/Cryptlib/OpenSSL/crypto/evp/m_md5.c +++ b/Cryptlib/OpenSSL/crypto/evp/m_md5.c @@ -1,14 +1,63 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/m_md5.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #ifndef OPENSSL_NO_MD5 @@ -16,22 +65,24 @@ # include <openssl/objects.h> # include <openssl/x509.h> # include <openssl/md5.h> -# include <openssl/rsa.h> -# include "internal/evp_int.h" +# ifndef OPENSSL_NO_RSA +# include <openssl/rsa.h> +# endif +# include "evp_locl.h" static int init(EVP_MD_CTX *ctx) { - return MD5_Init(EVP_MD_CTX_md_data(ctx)); + return MD5_Init(ctx->md_data); } static int update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return MD5_Update(EVP_MD_CTX_md_data(ctx), data, count); + return MD5_Update(ctx->md_data, data, count); } static int final(EVP_MD_CTX *ctx, unsigned char *md) { - return MD5_Final(md, EVP_MD_CTX_md_data(ctx)); + return MD5_Final(md, ctx->md_data); } static const EVP_MD md5_md = { @@ -44,6 +95,7 @@ static const EVP_MD md5_md = { final, NULL, NULL, + EVP_PKEY_RSA_method, MD5_CBLOCK, sizeof(EVP_MD *) + sizeof(MD5_CTX), }; diff --git a/Cryptlib/OpenSSL/crypto/evp/m_md5_sha1.c b/Cryptlib/OpenSSL/crypto/evp/m_md5_sha1.c deleted file mode 100644 index 2d98886b..00000000 --- a/Cryptlib/OpenSSL/crypto/evp/m_md5_sha1.c +++ /dev/null @@ -1,142 +0,0 @@ -/* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#if !defined(OPENSSL_NO_MD5) - -# include <openssl/evp.h> -# include <openssl/objects.h> -# include <openssl/x509.h> -# include <openssl/md5.h> -# include <openssl/sha.h> -# include "internal/cryptlib.h" -# include "internal/evp_int.h" -# include <openssl/rsa.h> - -struct md5_sha1_ctx { - MD5_CTX md5; - SHA_CTX sha1; -}; - -static int init(EVP_MD_CTX *ctx) -{ - struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx); - if (!MD5_Init(&mctx->md5)) - return 0; - return SHA1_Init(&mctx->sha1); -} - -static int update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx); - if (!MD5_Update(&mctx->md5, data, count)) - return 0; - return SHA1_Update(&mctx->sha1, data, count); -} - -static int final(EVP_MD_CTX *ctx, unsigned char *md) -{ - struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx); - if (!MD5_Final(md, &mctx->md5)) - return 0; - return SHA1_Final(md + MD5_DIGEST_LENGTH, &mctx->sha1); -} - -static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms) -{ - unsigned char padtmp[48]; - unsigned char md5tmp[MD5_DIGEST_LENGTH]; - unsigned char sha1tmp[SHA_DIGEST_LENGTH]; - struct md5_sha1_ctx *mctx; - - if (cmd != EVP_CTRL_SSL3_MASTER_SECRET) - return -2; - - if (ctx == NULL) - return 0; - - mctx = EVP_MD_CTX_md_data(ctx); - - /* SSLv3 client auth handling: see RFC-6101 5.6.8 */ - if (mslen != 48) - return 0; - - /* At this point hash contains all handshake messages, update - * with master secret and pad_1. - */ - - if (update(ctx, ms, mslen) <= 0) - return 0; - - /* Set padtmp to pad_1 value */ - memset(padtmp, 0x36, sizeof(padtmp)); - - if (!MD5_Update(&mctx->md5, padtmp, sizeof(padtmp))) - return 0; - - if (!MD5_Final(md5tmp, &mctx->md5)) - return 0; - - if (!SHA1_Update(&mctx->sha1, padtmp, 40)) - return 0; - - if (!SHA1_Final(sha1tmp, &mctx->sha1)) - return 0; - - /* Reinitialise context */ - - if (!init(ctx)) - return 0; - - if (update(ctx, ms, mslen) <= 0) - return 0; - - /* Set padtmp to pad_2 value */ - memset(padtmp, 0x5c, sizeof(padtmp)); - - if (!MD5_Update(&mctx->md5, padtmp, sizeof(padtmp))) - return 0; - - if (!MD5_Update(&mctx->md5, md5tmp, sizeof(md5tmp))) - return 0; - - if (!SHA1_Update(&mctx->sha1, padtmp, 40)) - return 0; - - if (!SHA1_Update(&mctx->sha1, sha1tmp, sizeof(sha1tmp))) - return 0; - - /* Now when ctx is finalised it will return the SSL v3 hash value */ - - OPENSSL_cleanse(md5tmp, sizeof(md5tmp)); - OPENSSL_cleanse(sha1tmp, sizeof(sha1tmp)); - - return 1; - -} - -static const EVP_MD md5_sha1_md = { - NID_md5_sha1, - NID_md5_sha1, - MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, - 0, - init, - update, - final, - NULL, - NULL, - MD5_CBLOCK, - sizeof(EVP_MD *) + sizeof(struct md5_sha1_ctx), - ctrl -}; - -const EVP_MD *EVP_md5_sha1(void) -{ - return &md5_sha1_md; -} -#endif diff --git a/Cryptlib/OpenSSL/crypto/evp/m_mdc2.c b/Cryptlib/OpenSSL/crypto/evp/m_mdc2.c index b7f0fd8c..94e12a6b 100644 --- a/Cryptlib/OpenSSL/crypto/evp/m_mdc2.c +++ b/Cryptlib/OpenSSL/crypto/evp/m_mdc2.c @@ -1,14 +1,63 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/m_mdc2.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #ifndef OPENSSL_NO_MDC2 @@ -16,22 +65,25 @@ # include <openssl/objects.h> # include <openssl/x509.h> # include <openssl/mdc2.h> -# include <openssl/rsa.h> -# include "internal/evp_int.h" +# ifndef OPENSSL_NO_RSA +# include <openssl/rsa.h> +# endif + +# include "evp_locl.h" static int init(EVP_MD_CTX *ctx) { - return MDC2_Init(EVP_MD_CTX_md_data(ctx)); + return MDC2_Init(ctx->md_data); } static int update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return MDC2_Update(EVP_MD_CTX_md_data(ctx), data, count); + return MDC2_Update(ctx->md_data, data, count); } static int final(EVP_MD_CTX *ctx, unsigned char *md) { - return MDC2_Final(md, EVP_MD_CTX_md_data(ctx)); + return MDC2_Final(md, ctx->md_data); } static const EVP_MD mdc2_md = { @@ -44,6 +96,7 @@ static const EVP_MD mdc2_md = { final, NULL, NULL, + EVP_PKEY_RSA_ASN1_OCTET_STRING_method, MDC2_BLOCK, sizeof(EVP_MD *) + sizeof(MDC2_CTX), }; diff --git a/Cryptlib/OpenSSL/crypto/evp/m_null.c b/Cryptlib/OpenSSL/crypto/evp/m_null.c index 6c4daf56..017e1feb 100644 --- a/Cryptlib/OpenSSL/crypto/evp/m_null.c +++ b/Cryptlib/OpenSSL/crypto/evp/m_null.c @@ -1,18 +1,66 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/m_null.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/evp.h> #include <openssl/objects.h> #include <openssl/x509.h> -#include "internal/evp_int.h" static int init(EVP_MD_CTX *ctx) { @@ -39,6 +87,7 @@ static const EVP_MD null_md = { final, NULL, NULL, + EVP_PKEY_NULL_method, 0, sizeof(EVP_MD *), }; diff --git a/Cryptlib/OpenSSL/crypto/evp/m_ripemd.c b/Cryptlib/OpenSSL/crypto/evp/m_ripemd.c index 07b46bd5..81de0ef4 100644 --- a/Cryptlib/OpenSSL/crypto/evp/m_ripemd.c +++ b/Cryptlib/OpenSSL/crypto/evp/m_ripemd.c @@ -1,37 +1,88 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/m_ripemd.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" -#ifndef OPENSSL_NO_RMD160 +#ifndef OPENSSL_NO_RIPEMD # include <openssl/ripemd.h> # include <openssl/evp.h> # include <openssl/objects.h> # include <openssl/x509.h> -# include <openssl/rsa.h> -# include "internal/evp_int.h" +# ifndef OPENSSL_NO_RSA +# include <openssl/rsa.h> +# endif +# include "evp_locl.h" static int init(EVP_MD_CTX *ctx) { - return RIPEMD160_Init(EVP_MD_CTX_md_data(ctx)); + return RIPEMD160_Init(ctx->md_data); } static int update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return RIPEMD160_Update(EVP_MD_CTX_md_data(ctx), data, count); + return RIPEMD160_Update(ctx->md_data, data, count); } static int final(EVP_MD_CTX *ctx, unsigned char *md) { - return RIPEMD160_Final(md, EVP_MD_CTX_md_data(ctx)); + return RIPEMD160_Final(md, ctx->md_data); } static const EVP_MD ripemd160_md = { @@ -44,6 +95,7 @@ static const EVP_MD ripemd160_md = { final, NULL, NULL, + EVP_PKEY_RSA_method, RIPEMD160_CBLOCK, sizeof(EVP_MD *) + sizeof(RIPEMD160_CTX), }; diff --git a/Cryptlib/OpenSSL/crypto/evp/m_sha.c b/Cryptlib/OpenSSL/crypto/evp/m_sha.c new file mode 100644 index 00000000..e1e22e0c --- /dev/null +++ b/Cryptlib/OpenSSL/crypto/evp/m_sha.c @@ -0,0 +1,106 @@ +/* crypto/evp/m_sha.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "cryptlib.h" + +#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) + +# include <openssl/evp.h> +# include <openssl/objects.h> +# include <openssl/x509.h> +# ifndef OPENSSL_NO_RSA +# include <openssl/rsa.h> +# endif +# include "evp_locl.h" + +static int init(EVP_MD_CTX *ctx) +{ + return SHA_Init(ctx->md_data); +} + +static int update(EVP_MD_CTX *ctx, const void *data, size_t count) +{ + return SHA_Update(ctx->md_data, data, count); +} + +static int final(EVP_MD_CTX *ctx, unsigned char *md) +{ + return SHA_Final(md, ctx->md_data); +} + +static const EVP_MD sha_md = { + NID_sha, + NID_shaWithRSAEncryption, + SHA_DIGEST_LENGTH, + 0, + init, + update, + final, + NULL, + NULL, + EVP_PKEY_RSA_method, + SHA_CBLOCK, + sizeof(EVP_MD *) + sizeof(SHA_CTX), +}; + +const EVP_MD *EVP_sha(void) +{ + return (&sha_md); +} +#endif diff --git a/Cryptlib/OpenSSL/crypto/evp/m_sha1.c b/Cryptlib/OpenSSL/crypto/evp/m_sha1.c index 8f30077a..a74e6b77 100644 --- a/Cryptlib/OpenSSL/crypto/evp/m_sha1.c +++ b/Cryptlib/OpenSSL/crypto/evp/m_sha1.c @@ -1,123 +1,118 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/m_sha1.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" -#include <openssl/evp.h> -#include <openssl/objects.h> -#include <openssl/sha.h> -#include <openssl/rsa.h> -#include "internal/evp_int.h" +#ifndef OPENSSL_NO_SHA + +# include <openssl/evp.h> +# include <openssl/objects.h> +# include <openssl/sha.h> +# ifndef OPENSSL_NO_RSA +# include <openssl/rsa.h> +# endif static int init(EVP_MD_CTX *ctx) { - return SHA1_Init(EVP_MD_CTX_md_data(ctx)); + return SHA1_Init(ctx->md_data); } static int update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return SHA1_Update(EVP_MD_CTX_md_data(ctx), data, count); + return SHA1_Update(ctx->md_data, data, count); } static int final(EVP_MD_CTX *ctx, unsigned char *md) { - return SHA1_Final(md, EVP_MD_CTX_md_data(ctx)); -} - -static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms) -{ - unsigned char padtmp[40]; - unsigned char sha1tmp[SHA_DIGEST_LENGTH]; - - SHA_CTX *sha1; - - if (cmd != EVP_CTRL_SSL3_MASTER_SECRET) - return -2; - - if (ctx == NULL) - return 0; - - sha1 = EVP_MD_CTX_md_data(ctx); - - /* SSLv3 client auth handling: see RFC-6101 5.6.8 */ - if (mslen != 48) - return 0; - - /* At this point hash contains all handshake messages, update - * with master secret and pad_1. - */ - - if (SHA1_Update(sha1, ms, mslen) <= 0) - return 0; - - /* Set padtmp to pad_1 value */ - memset(padtmp, 0x36, sizeof(padtmp)); - - if (!SHA1_Update(sha1, padtmp, sizeof(padtmp))) - return 0; - - if (!SHA1_Final(sha1tmp, sha1)) - return 0; - - /* Reinitialise context */ - - if (!SHA1_Init(sha1)) - return 0; - - if (SHA1_Update(sha1, ms, mslen) <= 0) - return 0; - - /* Set padtmp to pad_2 value */ - memset(padtmp, 0x5c, sizeof(padtmp)); - - if (!SHA1_Update(sha1, padtmp, sizeof(padtmp))) - return 0; - - if (!SHA1_Update(sha1, sha1tmp, sizeof(sha1tmp))) - return 0; - - /* Now when ctx is finalised it will return the SSL v3 hash value */ - OPENSSL_cleanse(sha1tmp, sizeof(sha1tmp)); - - return 1; - + return SHA1_Final(md, ctx->md_data); } static const EVP_MD sha1_md = { NID_sha1, NID_sha1WithRSAEncryption, SHA_DIGEST_LENGTH, - EVP_MD_FLAG_DIGALGID_ABSENT, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT, init, update, final, NULL, NULL, + EVP_PKEY_RSA_method, SHA_CBLOCK, sizeof(EVP_MD *) + sizeof(SHA_CTX), - ctrl }; const EVP_MD *EVP_sha1(void) { return (&sha1_md); } +#endif +#ifndef OPENSSL_NO_SHA256 static int init224(EVP_MD_CTX *ctx) { - return SHA224_Init(EVP_MD_CTX_md_data(ctx)); + return SHA224_Init(ctx->md_data); } static int init256(EVP_MD_CTX *ctx) { - return SHA256_Init(EVP_MD_CTX_md_data(ctx)); + return SHA256_Init(ctx->md_data); } /* @@ -127,24 +122,25 @@ static int init256(EVP_MD_CTX *ctx) */ static int update256(EVP_MD_CTX *ctx, const void *data, size_t count) { - return SHA256_Update(EVP_MD_CTX_md_data(ctx), data, count); + return SHA256_Update(ctx->md_data, data, count); } static int final256(EVP_MD_CTX *ctx, unsigned char *md) { - return SHA256_Final(md, EVP_MD_CTX_md_data(ctx)); + return SHA256_Final(md, ctx->md_data); } static const EVP_MD sha224_md = { NID_sha224, NID_sha224WithRSAEncryption, SHA224_DIGEST_LENGTH, - EVP_MD_FLAG_DIGALGID_ABSENT, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT, init224, update256, final256, NULL, NULL, + EVP_PKEY_RSA_method, SHA256_CBLOCK, sizeof(EVP_MD *) + sizeof(SHA256_CTX), }; @@ -158,12 +154,13 @@ static const EVP_MD sha256_md = { NID_sha256, NID_sha256WithRSAEncryption, SHA256_DIGEST_LENGTH, - EVP_MD_FLAG_DIGALGID_ABSENT, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT, init256, update256, final256, NULL, NULL, + EVP_PKEY_RSA_method, SHA256_CBLOCK, sizeof(EVP_MD *) + sizeof(SHA256_CTX), }; @@ -172,38 +169,41 @@ const EVP_MD *EVP_sha256(void) { return (&sha256_md); } +#endif /* ifndef OPENSSL_NO_SHA256 */ +#ifndef OPENSSL_NO_SHA512 static int init384(EVP_MD_CTX *ctx) { - return SHA384_Init(EVP_MD_CTX_md_data(ctx)); + return SHA384_Init(ctx->md_data); } static int init512(EVP_MD_CTX *ctx) { - return SHA512_Init(EVP_MD_CTX_md_data(ctx)); + return SHA512_Init(ctx->md_data); } /* See comment in SHA224/256 section */ static int update512(EVP_MD_CTX *ctx, const void *data, size_t count) { - return SHA512_Update(EVP_MD_CTX_md_data(ctx), data, count); + return SHA512_Update(ctx->md_data, data, count); } static int final512(EVP_MD_CTX *ctx, unsigned char *md) { - return SHA512_Final(md, EVP_MD_CTX_md_data(ctx)); + return SHA512_Final(md, ctx->md_data); } static const EVP_MD sha384_md = { NID_sha384, NID_sha384WithRSAEncryption, SHA384_DIGEST_LENGTH, - EVP_MD_FLAG_DIGALGID_ABSENT, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT, init384, update512, final512, NULL, NULL, + EVP_PKEY_RSA_method, SHA512_CBLOCK, sizeof(EVP_MD *) + sizeof(SHA512_CTX), }; @@ -217,12 +217,13 @@ static const EVP_MD sha512_md = { NID_sha512, NID_sha512WithRSAEncryption, SHA512_DIGEST_LENGTH, - EVP_MD_FLAG_DIGALGID_ABSENT, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT, init512, update512, final512, NULL, NULL, + EVP_PKEY_RSA_method, SHA512_CBLOCK, sizeof(EVP_MD *) + sizeof(SHA512_CTX), }; @@ -231,3 +232,4 @@ const EVP_MD *EVP_sha512(void) { return (&sha512_md); } +#endif /* ifndef OPENSSL_NO_SHA512 */ diff --git a/Cryptlib/OpenSSL/crypto/evp/m_sigver.c b/Cryptlib/OpenSSL/crypto/evp/m_sigver.c index 3b74f722..4492d207 100644 --- a/Cryptlib/OpenSSL/crypto/evp/m_sigver.c +++ b/Cryptlib/OpenSSL/crypto/evp/m_sigver.c @@ -1,18 +1,67 @@ +/* m_sigver.c */ /* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project + * 2006. + */ +/* ==================================================================== + * Copyright (c) 2006,2007 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/evp.h> #include <openssl/objects.h> #include <openssl/x509.h> -#include "internal/evp_int.h" #include "evp_locl.h" static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, @@ -79,20 +128,17 @@ int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen) { - int sctx = 0, r = 0; + int sctx, r = 0; EVP_PKEY_CTX *pctx = ctx->pctx; if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) { + EVP_PKEY_CTX *dctx; if (!sigret) return pctx->pmeth->signctx(pctx, sigret, siglen, ctx); - if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) - r = pctx->pmeth->signctx(pctx, sigret, siglen, ctx); - else { - EVP_PKEY_CTX *dctx = EVP_PKEY_CTX_dup(ctx->pctx); - if (!dctx) - return 0; - r = dctx->pmeth->signctx(dctx, sigret, siglen, ctx); - EVP_PKEY_CTX_free(dctx); - } + dctx = EVP_PKEY_CTX_dup(ctx->pctx); + if (!dctx) + return 0; + r = dctx->pmeth->signctx(dctx, sigret, siglen, ctx); + EVP_PKEY_CTX_free(dctx); return r; } if (pctx->pmeth->signctx) @@ -100,24 +146,18 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, else sctx = 0; if (sigret) { + EVP_MD_CTX tmp_ctx; unsigned char md[EVP_MAX_MD_SIZE]; - unsigned int mdlen = 0; - if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) { - if (sctx) - r = ctx->pctx->pmeth->signctx(ctx->pctx, sigret, siglen, ctx); - else - r = EVP_DigestFinal_ex(ctx, md, &mdlen); - } else { - EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); - if (tmp_ctx == NULL || !EVP_MD_CTX_copy_ex(tmp_ctx, ctx)) - return 0; - if (sctx) - r = tmp_ctx->pctx->pmeth->signctx(tmp_ctx->pctx, - sigret, siglen, tmp_ctx); - else - r = EVP_DigestFinal_ex(tmp_ctx, md, &mdlen); - EVP_MD_CTX_free(tmp_ctx); - } + unsigned int mdlen; + EVP_MD_CTX_init(&tmp_ctx); + if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) + return 0; + if (sctx) + r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx, + sigret, siglen, &tmp_ctx); + else + r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); + EVP_MD_CTX_cleanup(&tmp_ctx); if (sctx || !r) return r; if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0) @@ -138,31 +178,25 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen) { + EVP_MD_CTX tmp_ctx; unsigned char md[EVP_MAX_MD_SIZE]; - int r = 0; - unsigned int mdlen = 0; - int vctx = 0; + int r; + unsigned int mdlen; + int vctx; if (ctx->pctx->pmeth->verifyctx) vctx = 1; else vctx = 0; - if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) { - if (vctx) { - r = ctx->pctx->pmeth->verifyctx(ctx->pctx, sig, siglen, ctx); - } else - r = EVP_DigestFinal_ex(ctx, md, &mdlen); - } else { - EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); - if (tmp_ctx == NULL || !EVP_MD_CTX_copy_ex(tmp_ctx, ctx)) - return -1; - if (vctx) { - r = tmp_ctx->pctx->pmeth->verifyctx(tmp_ctx->pctx, - sig, siglen, tmp_ctx); - } else - r = EVP_DigestFinal_ex(tmp_ctx, md, &mdlen); - EVP_MD_CTX_free(tmp_ctx); - } + EVP_MD_CTX_init(&tmp_ctx); + if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) + return -1; + if (vctx) { + r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx, + sig, siglen, &tmp_ctx); + } else + r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); + EVP_MD_CTX_cleanup(&tmp_ctx); if (vctx || !r) return r; return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen); diff --git a/Cryptlib/OpenSSL/crypto/evp/m_wp.c b/Cryptlib/OpenSSL/crypto/evp/m_wp.c index 94fac226..a890939e 100644 --- a/Cryptlib/OpenSSL/crypto/evp/m_wp.c +++ b/Cryptlib/OpenSSL/crypto/evp/m_wp.c @@ -1,14 +1,7 @@ -/* - * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ +/* crypto/evp/m_wp.c */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #ifndef OPENSSL_NO_WHIRLPOOL @@ -16,21 +9,21 @@ # include <openssl/objects.h> # include <openssl/x509.h> # include <openssl/whrlpool.h> -# include "internal/evp_int.h" +# include "evp_locl.h" static int init(EVP_MD_CTX *ctx) { - return WHIRLPOOL_Init(EVP_MD_CTX_md_data(ctx)); + return WHIRLPOOL_Init(ctx->md_data); } static int update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return WHIRLPOOL_Update(EVP_MD_CTX_md_data(ctx), data, count); + return WHIRLPOOL_Update(ctx->md_data, data, count); } static int final(EVP_MD_CTX *ctx, unsigned char *md) { - return WHIRLPOOL_Final(md, EVP_MD_CTX_md_data(ctx)); + return WHIRLPOOL_Final(md, ctx->md_data); } static const EVP_MD whirlpool_md = { @@ -43,6 +36,7 @@ static const EVP_MD whirlpool_md = { final, NULL, NULL, + EVP_PKEY_NULL_method, WHIRLPOOL_BBLOCK / 8, sizeof(EVP_MD *) + sizeof(WHIRLPOOL_CTX), }; diff --git a/Cryptlib/OpenSSL/crypto/evp/names.c b/Cryptlib/OpenSSL/crypto/evp/names.c index a92be1fe..ff115a31 100644 --- a/Cryptlib/OpenSSL/crypto/evp/names.c +++ b/Cryptlib/OpenSSL/crypto/evp/names.c @@ -1,18 +1,66 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/names.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/evp.h> -#include <internal/objects.h> +#include <openssl/objects.h> #include <openssl/x509.h> -#include "internal/evp_int.h" int EVP_add_cipher(const EVP_CIPHER *c) { @@ -21,10 +69,13 @@ int EVP_add_cipher(const EVP_CIPHER *c) if (c == NULL) return 0; + OPENSSL_init(); + r = OBJ_NAME_add(OBJ_nid2sn(c->nid), OBJ_NAME_TYPE_CIPHER_METH, (const char *)c); if (r == 0) return (0); + check_defer(c->nid); r = OBJ_NAME_add(OBJ_nid2ln(c->nid), OBJ_NAME_TYPE_CIPHER_METH, (const char *)c); return (r); @@ -34,11 +85,13 @@ int EVP_add_digest(const EVP_MD *md) { int r; const char *name; + OPENSSL_init(); name = OBJ_nid2sn(md->type); r = OBJ_NAME_add(name, OBJ_NAME_TYPE_MD_METH, (const char *)md); if (r == 0) return (0); + check_defer(md->type); r = OBJ_NAME_add(OBJ_nid2ln(md->type), OBJ_NAME_TYPE_MD_METH, (const char *)md); if (r == 0) @@ -49,6 +102,7 @@ int EVP_add_digest(const EVP_MD *md) OBJ_NAME_TYPE_MD_METH | OBJ_NAME_ALIAS, name); if (r == 0) return (0); + check_defer(md->pkey_type); r = OBJ_NAME_add(OBJ_nid2ln(md->pkey_type), OBJ_NAME_TYPE_MD_METH | OBJ_NAME_ALIAS, name); } @@ -59,9 +113,6 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name) { const EVP_CIPHER *cp; - if (!OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL)) - return NULL; - cp = (const EVP_CIPHER *)OBJ_NAME_get(name, OBJ_NAME_TYPE_CIPHER_METH); return (cp); } @@ -70,14 +121,11 @@ const EVP_MD *EVP_get_digestbyname(const char *name) { const EVP_MD *cp; - if (!OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)) - return NULL; - cp = (const EVP_MD *)OBJ_NAME_get(name, OBJ_NAME_TYPE_MD_METH); return (cp); } -void evp_cleanup_int(void) +void EVP_cleanup(void) { OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH); OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH); @@ -89,6 +137,10 @@ void evp_cleanup_int(void) OBJ_NAME_cleanup(-1); EVP_PBE_cleanup(); + if (obj_cleanup_defer == 2) { + obj_cleanup_defer = 0; + OBJ_cleanup(); + } OBJ_sigid_free(); } @@ -112,10 +164,6 @@ void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph, void *arg) { struct doall_cipher dc; - - /* Ignore errors */ - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL); - dc.fn = fn; dc.arg = arg; OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc); @@ -126,10 +174,6 @@ void EVP_CIPHER_do_all_sorted(void (*fn) (const EVP_CIPHER *ciph, void *x), void *arg) { struct doall_cipher dc; - - /* Ignore errors */ - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL); - dc.fn = fn; dc.arg = arg; OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc); @@ -155,10 +199,6 @@ void EVP_MD_do_all(void (*fn) (const EVP_MD *md, void *arg) { struct doall_md dc; - - /* Ignore errors */ - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); - dc.fn = fn; dc.arg = arg; OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc); @@ -169,9 +209,6 @@ void EVP_MD_do_all_sorted(void (*fn) (const EVP_MD *md, void *x), void *arg) { struct doall_md dc; - - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); - dc.fn = fn; dc.arg = arg; OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc); diff --git a/Cryptlib/OpenSSL/crypto/evp/p5_crpt.c b/Cryptlib/OpenSSL/crypto/evp/p5_crpt.c index 7e55d0bf..d06ab90a 100644 --- a/Cryptlib/OpenSSL/crypto/evp/p5_crpt.c +++ b/Cryptlib/OpenSSL/crypto/evp/p5_crpt.c @@ -1,15 +1,65 @@ +/* p5_crpt.c */ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project + * 1999. + */ +/* ==================================================================== + * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <stdlib.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/x509.h> #include <openssl/evp.h> @@ -25,15 +75,17 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de) { - EVP_MD_CTX *ctx; + EVP_MD_CTX ctx; unsigned char md_tmp[EVP_MAX_MD_SIZE]; unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; int i; PBEPARAM *pbe; int saltlen, iter; unsigned char *salt; + const unsigned char *pbuf; int mdsize; int rv = 0; + EVP_MD_CTX_init(&ctx); /* Extract useful info from parameter */ if (param == NULL || param->type != V_ASN1_SEQUENCE || @@ -42,8 +94,8 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, return 0; } - pbe = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBEPARAM), param); - if (pbe == NULL) { + pbuf = param->value.sequence->data; + if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); return 0; } @@ -60,30 +112,24 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, else if (passlen == -1) passlen = strlen(pass); - ctx = EVP_MD_CTX_new(); - if (ctx == NULL) { - EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!EVP_DigestInit_ex(ctx, md, NULL)) + if (!EVP_DigestInit_ex(&ctx, md, NULL)) goto err; - if (!EVP_DigestUpdate(ctx, pass, passlen)) + if (!EVP_DigestUpdate(&ctx, pass, passlen)) goto err; - if (!EVP_DigestUpdate(ctx, salt, saltlen)) + if (!EVP_DigestUpdate(&ctx, salt, saltlen)) goto err; PBEPARAM_free(pbe); - if (!EVP_DigestFinal_ex(ctx, md_tmp, NULL)) + if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL)) goto err; mdsize = EVP_MD_size(md); if (mdsize < 0) return 0; for (i = 1; i < iter; i++) { - if (!EVP_DigestInit_ex(ctx, md, NULL)) + if (!EVP_DigestInit_ex(&ctx, md, NULL)) goto err; - if (!EVP_DigestUpdate(ctx, md_tmp, mdsize)) + if (!EVP_DigestUpdate(&ctx, md_tmp, mdsize)) goto err; - if (!EVP_DigestFinal_ex(ctx, md_tmp, NULL)) + if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL)) goto err; } OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp)); @@ -98,6 +144,6 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); rv = 1; err: - EVP_MD_CTX_free(ctx); + EVP_MD_CTX_cleanup(&ctx); return rv; } diff --git a/Cryptlib/OpenSSL/crypto/evp/p5_crpt2.c b/Cryptlib/OpenSSL/crypto/evp/p5_crpt2.c index 2e45aa3b..f2ae1e57 100644 --- a/Cryptlib/OpenSSL/crypto/evp/p5_crpt2.c +++ b/Cryptlib/OpenSSL/crypto/evp/p5_crpt2.c @@ -1,24 +1,74 @@ +/* p5_crpt2.c */ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project + * 1999. + */ +/* ==================================================================== + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ - #include <stdio.h> #include <stdlib.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" +#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA) # include <openssl/x509.h> # include <openssl/evp.h> # include <openssl/hmac.h> # include "evp_locl.h" /* set this to print out info about the keygen algorithm */ -/* #define OPENSSL_DEBUG_PKCS5V2 */ +/* #define DEBUG_PKCS5V2 */ -# ifdef OPENSSL_DEBUG_PKCS5V2 +# ifdef DEBUG_PKCS5V2 static void h__dump(const unsigned char *p, int len); # endif @@ -36,28 +86,21 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; int cplen, j, k, tkeylen, mdlen; unsigned long i = 1; - HMAC_CTX *hctx_tpl = NULL, *hctx = NULL; + HMAC_CTX hctx_tpl, hctx; mdlen = EVP_MD_size(digest); if (mdlen < 0) return 0; - hctx_tpl = HMAC_CTX_new(); - if (hctx_tpl == NULL) - return 0; + HMAC_CTX_init(&hctx_tpl); p = out; tkeylen = keylen; if (!pass) passlen = 0; else if (passlen == -1) passlen = strlen(pass); - if (!HMAC_Init_ex(hctx_tpl, pass, passlen, digest, NULL)) { - HMAC_CTX_free(hctx_tpl); - return 0; - } - hctx = HMAC_CTX_new(); - if (hctx == NULL) { - HMAC_CTX_free(hctx_tpl); + if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) { + HMAC_CTX_cleanup(&hctx_tpl); return 0; } while (tkeylen) { @@ -73,33 +116,31 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, itmp[1] = (unsigned char)((i >> 16) & 0xff); itmp[2] = (unsigned char)((i >> 8) & 0xff); itmp[3] = (unsigned char)(i & 0xff); - if (!HMAC_CTX_copy(hctx, hctx_tpl)) { - HMAC_CTX_free(hctx); - HMAC_CTX_free(hctx_tpl); + if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) { + HMAC_CTX_cleanup(&hctx_tpl); return 0; } - if (!HMAC_Update(hctx, salt, saltlen) - || !HMAC_Update(hctx, itmp, 4) - || !HMAC_Final(hctx, digtmp, NULL)) { - HMAC_CTX_free(hctx); - HMAC_CTX_free(hctx_tpl); + if (!HMAC_Update(&hctx, salt, saltlen) + || !HMAC_Update(&hctx, itmp, 4) + || !HMAC_Final(&hctx, digtmp, NULL)) { + HMAC_CTX_cleanup(&hctx_tpl); + HMAC_CTX_cleanup(&hctx); return 0; } - HMAC_CTX_reset(hctx); + HMAC_CTX_cleanup(&hctx); memcpy(p, digtmp, cplen); for (j = 1; j < iter; j++) { - if (!HMAC_CTX_copy(hctx, hctx_tpl)) { - HMAC_CTX_free(hctx); - HMAC_CTX_free(hctx_tpl); + if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) { + HMAC_CTX_cleanup(&hctx_tpl); return 0; } - if (!HMAC_Update(hctx, digtmp, mdlen) - || !HMAC_Final(hctx, digtmp, NULL)) { - HMAC_CTX_free(hctx); - HMAC_CTX_free(hctx_tpl); + if (!HMAC_Update(&hctx, digtmp, mdlen) + || !HMAC_Final(&hctx, digtmp, NULL)) { + HMAC_CTX_cleanup(&hctx_tpl); + HMAC_CTX_cleanup(&hctx); return 0; } - HMAC_CTX_reset(hctx); + HMAC_CTX_cleanup(&hctx); for (k = 0; k < cplen; k++) p[k] ^= digtmp[k]; } @@ -107,9 +148,8 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, i++; p += cplen; } - HMAC_CTX_free(hctx); - HMAC_CTX_free(hctx_tpl); -# ifdef OPENSSL_DEBUG_PKCS5V2 + HMAC_CTX_cleanup(&hctx_tpl); +# ifdef DEBUG_PKCS5V2 fprintf(stderr, "Password:\n"); h__dump(pass, passlen); fprintf(stderr, "Salt:\n"); @@ -151,21 +191,29 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de) { + const unsigned char *pbuf; + int plen; PBE2PARAM *pbe2 = NULL; const EVP_CIPHER *cipher; - EVP_PBE_KEYGEN *kdf; int rv = 0; - pbe2 = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBE2PARAM), param); - if (pbe2 == NULL) { + if (param == NULL || param->type != V_ASN1_SEQUENCE || + param->value.sequence == NULL) { + EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); + goto err; + } + + pbuf = param->value.sequence->data; + plen = param->value.sequence->length; + if (!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) { EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); goto err; } /* See if we recognise the key derivation function */ - if (!EVP_PBE_find(EVP_PBE_TYPE_KDF, OBJ_obj2nid(pbe2->keyfunc->algorithm), - NULL, NULL, &kdf)) { + + if (OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) { EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION); goto err; @@ -189,7 +237,8 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_CIPHER_PARAMETER_ERROR); goto err; } - rv = kdf(ctx, pass, passlen, pbe2->keyfunc->parameter, NULL, NULL, en_de); + rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen, + pbe2->keyfunc->parameter, c, md, en_de); err: PBE2PARAM_free(pbe2); return rv; @@ -200,7 +249,8 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, const EVP_CIPHER *c, const EVP_MD *md, int en_de) { unsigned char *salt, key[EVP_MAX_KEY_LENGTH]; - int saltlen, iter; + const unsigned char *pbuf; + int saltlen, iter, plen; int rv = 0; unsigned int keylen = 0; int prf_nid, hmac_md_nid; @@ -216,9 +266,15 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, /* Decode parameter */ - kdf = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBKDF2PARAM), param); + if (!param || (param->type != V_ASN1_SEQUENCE)) { + EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR); + goto err; + } + + pbuf = param->value.sequence->data; + plen = param->value.sequence->length; - if (kdf == NULL) { + if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen))) { EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR); goto err; } @@ -267,7 +323,7 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, return rv; } -# ifdef OPENSSL_DEBUG_PKCS5V2 +# ifdef DEBUG_PKCS5V2 static void h__dump(const unsigned char *p, int len) { for (; len--; p++) @@ -275,3 +331,4 @@ static void h__dump(const unsigned char *p, int len) fprintf(stderr, "\n"); } # endif +#endif diff --git a/Cryptlib/OpenSSL/crypto/evp/p_dec.c b/Cryptlib/OpenSSL/crypto/evp/p_dec.c index 6bec4062..225b8b45 100644 --- a/Cryptlib/OpenSSL/crypto/evp/p_dec.c +++ b/Cryptlib/OpenSSL/crypto/evp/p_dec.c @@ -1,15 +1,67 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/p_dec.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" -#include <openssl/rsa.h> +#include "cryptlib.h" +#include <openssl/rand.h> +#ifndef OPENSSL_NO_RSA +# include <openssl/rsa.h> +#endif #include <openssl/evp.h> #include <openssl/objects.h> #include <openssl/x509.h> @@ -20,7 +72,7 @@ int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl, int ret = -1; #ifndef OPENSSL_NO_RSA - if (EVP_PKEY_id(priv) != EVP_PKEY_RSA) { + if (priv->type != EVP_PKEY_RSA) { #endif EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA); #ifndef OPENSSL_NO_RSA @@ -28,8 +80,7 @@ int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl, } ret = - RSA_private_decrypt(ekl, ek, key, EVP_PKEY_get0_RSA(priv), - RSA_PKCS1_PADDING); + RSA_private_decrypt(ekl, ek, key, priv->pkey.rsa, RSA_PKCS1_PADDING); err: #endif return (ret); diff --git a/Cryptlib/OpenSSL/crypto/evp/p_enc.c b/Cryptlib/OpenSSL/crypto/evp/p_enc.c index 3277fbb0..f565f33f 100644 --- a/Cryptlib/OpenSSL/crypto/evp/p_enc.c +++ b/Cryptlib/OpenSSL/crypto/evp/p_enc.c @@ -1,15 +1,67 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/p_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" -#include <openssl/rsa.h> +#include "cryptlib.h" +#include <openssl/rand.h> +#ifndef OPENSSL_NO_RSA +# include <openssl/rsa.h> +#endif #include <openssl/evp.h> #include <openssl/objects.h> #include <openssl/x509.h> @@ -20,14 +72,14 @@ int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, int ret = 0; #ifndef OPENSSL_NO_RSA - if (EVP_PKEY_id(pubk) != EVP_PKEY_RSA) { + if (pubk->type != EVP_PKEY_RSA) { #endif EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA); #ifndef OPENSSL_NO_RSA goto err; } ret = - RSA_public_encrypt(key_len, key, ek, EVP_PKEY_get0_RSA(pubk), + RSA_public_encrypt(key_len, key, ek, pubk->pkey.rsa, RSA_PKCS1_PADDING); err: #endif diff --git a/Cryptlib/OpenSSL/crypto/evp/p_lib.c b/Cryptlib/OpenSSL/crypto/evp/p_lib.c index 98286205..545d04fd 100644 --- a/Cryptlib/OpenSSL/crypto/evp/p_lib.c +++ b/Cryptlib/OpenSSL/crypto/evp/p_lib.c @@ -1,45 +1,94 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/p_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/bn.h> #include <openssl/err.h> #include <openssl/objects.h> #include <openssl/evp.h> +#include <openssl/asn1_mac.h> #include <openssl/x509.h> -#include <openssl/rsa.h> -#include <openssl/dsa.h> -#include <openssl/dh.h> -#include <openssl/engine.h> +#ifndef OPENSSL_NO_RSA +# include <openssl/rsa.h> +#endif +#ifndef OPENSSL_NO_DSA +# include <openssl/dsa.h> +#endif +#ifndef OPENSSL_NO_DH +# include <openssl/dh.h> +#endif -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#ifndef OPENSSL_NO_ENGINE +# include <openssl/engine.h> +#endif + +#include "asn1_locl.h" static void EVP_PKEY_free_it(EVP_PKEY *x); -int EVP_PKEY_bits(const EVP_PKEY *pkey) +int EVP_PKEY_bits(EVP_PKEY *pkey) { if (pkey && pkey->ameth && pkey->ameth->pkey_bits) return pkey->ameth->pkey_bits(pkey); return 0; } -int EVP_PKEY_security_bits(const EVP_PKEY *pkey) -{ - if (pkey == NULL) - return 0; - if (!pkey->ameth || !pkey->ameth->pkey_security_bits) - return -2; - return pkey->ameth->pkey_security_bits(pkey); -} - int EVP_PKEY_size(EVP_PKEY *pkey) { if (pkey && pkey->ameth && pkey->ameth->pkey_size) @@ -72,10 +121,7 @@ int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) { - if (to->type == EVP_PKEY_NONE) { - if (EVP_PKEY_set_type(to, from->type) == 0) - return 0; - } else if (to->type != from->type) { + if (to->type != from->type) { EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_KEY_TYPES); goto err; } @@ -137,35 +183,22 @@ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) EVP_PKEY *EVP_PKEY_new(void) { - EVP_PKEY *ret = OPENSSL_zalloc(sizeof(*ret)); + EVP_PKEY *ret; + ret = (EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY)); if (ret == NULL) { EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE); - return NULL; + return (NULL); } ret->type = EVP_PKEY_NONE; ret->save_type = EVP_PKEY_NONE; ret->references = 1; + ret->ameth = NULL; + ret->engine = NULL; + ret->pkey.ptr = NULL; + ret->attributes = NULL; ret->save_parameters = 1; - ret->lock = CRYPTO_THREAD_lock_new(); - if (ret->lock == NULL) { - EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE); - OPENSSL_free(ret); - return NULL; - } - return ret; -} - -int EVP_PKEY_up_ref(EVP_PKEY *pkey) -{ - int i; - - if (CRYPTO_atomic_add(&pkey->references, 1, &i, pkey->lock) <= 0) - return 0; - - REF_PRINT_COUNT("EVP_PKEY", pkey); - REF_ASSERT_ISNT(i < 2); - return ((i > 1) ? 1 : 0); + return (ret); } /* @@ -188,8 +221,10 @@ static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len) return 1; #ifndef OPENSSL_NO_ENGINE /* If we have an ENGINE release it */ - ENGINE_finish(pkey->engine); - pkey->engine = NULL; + if (pkey->engine) { + ENGINE_finish(pkey->engine); + pkey->engine = NULL; + } #endif } if (str) @@ -197,10 +232,10 @@ static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len) else ameth = EVP_PKEY_asn1_find(&e, type); #ifndef OPENSSL_NO_ENGINE - if (pkey == NULL) + if (!pkey && e) ENGINE_finish(e); #endif - if (ameth == NULL) { + if (!ameth) { EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM); return 0; } @@ -232,23 +267,11 @@ int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) return (key != NULL); } -void *EVP_PKEY_get0(const EVP_PKEY *pkey) +void *EVP_PKEY_get0(EVP_PKEY *pkey) { return pkey->pkey.ptr; } -const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len) -{ - ASN1_OCTET_STRING *os = NULL; - if (pkey->type != EVP_PKEY_HMAC) { - EVPerr(EVP_F_EVP_PKEY_GET0_HMAC, EVP_R_EXPECTING_AN_HMAC_KEY); - return NULL; - } - os = EVP_PKEY_get0(pkey); - *len = os->length; - return os->data; -} - #ifndef OPENSSL_NO_RSA int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) { @@ -258,22 +281,15 @@ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) return ret; } -RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey) +RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_RSA) { - EVPerr(EVP_F_EVP_PKEY_GET0_RSA, EVP_R_EXPECTING_AN_RSA_KEY); + EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY); return NULL; } + RSA_up_ref(pkey->pkey.rsa); return pkey->pkey.rsa; } - -RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) -{ - RSA *ret = EVP_PKEY_get0_RSA(pkey); - if (ret != NULL) - RSA_up_ref(ret); - return ret; -} #endif #ifndef OPENSSL_NO_DSA @@ -285,22 +301,15 @@ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) return ret; } -DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey) +DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_DSA) { - EVPerr(EVP_F_EVP_PKEY_GET0_DSA, EVP_R_EXPECTING_A_DSA_KEY); + EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY); return NULL; } + DSA_up_ref(pkey->pkey.dsa); return pkey->pkey.dsa; } - -DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) -{ - DSA *ret = EVP_PKEY_get0_DSA(pkey); - if (ret != NULL) - DSA_up_ref(ret); - return ret; -} #endif #ifndef OPENSSL_NO_EC @@ -313,22 +322,15 @@ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) return ret; } -EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) +EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_EC) { - EVPerr(EVP_F_EVP_PKEY_GET0_EC_KEY, EVP_R_EXPECTING_A_EC_KEY); + EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY); return NULL; } + EC_KEY_up_ref(pkey->pkey.ec); return pkey->pkey.ec; } - -EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) -{ - EC_KEY *ret = EVP_PKEY_get0_EC_KEY(pkey); - if (ret != NULL) - EC_KEY_up_ref(ret); - return ret; -} #endif #ifndef OPENSSL_NO_DH @@ -341,22 +343,15 @@ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) return ret; } -DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey) +DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_DH && pkey->type != EVP_PKEY_DHX) { - EVPerr(EVP_F_EVP_PKEY_GET0_DH, EVP_R_EXPECTING_A_DH_KEY); + EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY); return NULL; } + DH_up_ref(pkey->pkey.dh); return pkey->pkey.dh; } - -DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) -{ - DH *ret = EVP_PKEY_get0_DH(pkey); - if (ret != NULL) - DH_up_ref(ret); - return ret; -} #endif int EVP_PKEY_type(int type) @@ -370,7 +365,8 @@ int EVP_PKEY_type(int type) else ret = NID_undef; #ifndef OPENSSL_NO_ENGINE - ENGINE_finish(e); + if (e) + ENGINE_finish(e); #endif return ret; } @@ -392,27 +388,35 @@ void EVP_PKEY_free(EVP_PKEY *x) if (x == NULL) return; - CRYPTO_atomic_add(&x->references, -1, &i, x->lock); - REF_PRINT_COUNT("EVP_PKEY", x); + i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_EVP_PKEY); +#ifdef REF_PRINT + REF_PRINT("EVP_PKEY", x); +#endif if (i > 0) return; - REF_ASSERT_ISNT(i < 0); +#ifdef REF_CHECK + if (i < 0) { + fprintf(stderr, "EVP_PKEY_free, bad reference count\n"); + abort(); + } +#endif EVP_PKEY_free_it(x); - CRYPTO_THREAD_lock_free(x->lock); - sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); + if (x->attributes) + sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); OPENSSL_free(x); } static void EVP_PKEY_free_it(EVP_PKEY *x) { - /* internal function; x is never NULL */ if (x->ameth && x->ameth->pkey_free) { x->ameth->pkey_free(x); x->pkey.ptr = NULL; } #ifndef OPENSSL_NO_ENGINE - ENGINE_finish(x->engine); - x->engine = NULL; + if (x->engine) { + ENGINE_finish(x->engine); + x->engine = NULL; + } #endif } @@ -451,34 +455,10 @@ int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, return unsup_alg(out, pkey, indent, "Parameters"); } -static int evp_pkey_asn1_ctrl(EVP_PKEY *pkey, int op, int arg1, void *arg2) -{ - if (pkey->ameth == NULL || pkey->ameth->pkey_ctrl == NULL) - return -2; - return pkey->ameth->pkey_ctrl(pkey, op, arg1, arg2); -} - int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) { - return evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, 0, pnid); -} - -int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey, - const unsigned char *pt, size_t ptlen) -{ - if (ptlen > INT_MAX) - return 0; - if (evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_SET1_TLS_ENCPT, ptlen, - (void *)pt) <= 0) - return 0; - return 1; -} - -size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *pkey, unsigned char **ppt) -{ - int rv; - rv = evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_GET1_TLS_ENCPT, 0, ppt); - if (rv <= 0) - return 0; - return rv; + if (!pkey->ameth || !pkey->ameth->pkey_ctrl) + return -2; + return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, + 0, pnid); } diff --git a/Cryptlib/OpenSSL/crypto/evp/p_open.c b/Cryptlib/OpenSSL/crypto/evp/p_open.c index b65bc74e..229eb641 100644 --- a/Cryptlib/OpenSSL/crypto/evp/p_open.c +++ b/Cryptlib/OpenSSL/crypto/evp/p_open.c @@ -1,18 +1,66 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/p_open.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ -#include "internal/cryptlib.h" -#ifdef OPENSSL_NO_RSA -NON_EMPTY_TRANSLATION_UNIT -#else +#include <stdio.h> +#include "cryptlib.h" + +#ifndef OPENSSL_NO_RSA -# include <stdio.h> # include <openssl/evp.h> # include <openssl/objects.h> # include <openssl/x509.h> @@ -26,7 +74,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, int i, size = 0, ret = 0; if (type) { - EVP_CIPHER_CTX_reset(ctx); + EVP_CIPHER_CTX_init(ctx); if (!EVP_DecryptInit_ex(ctx, type, NULL, NULL, NULL)) return 0; } @@ -34,13 +82,13 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, if (!priv) return 1; - if (EVP_PKEY_id(priv) != EVP_PKEY_RSA) { + if (priv->type != EVP_PKEY_RSA) { EVPerr(EVP_F_EVP_OPENINIT, EVP_R_PUBLIC_KEY_NOT_RSA); goto err; } - size = EVP_PKEY_size(priv); - key = OPENSSL_malloc(size + 2); + size = RSA_size(priv->pkey.rsa); + key = (unsigned char *)OPENSSL_malloc(size + 2); if (key == NULL) { /* ERROR */ EVPerr(EVP_F_EVP_OPENINIT, ERR_R_MALLOC_FAILURE); @@ -57,7 +105,9 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, ret = 1; err: - OPENSSL_clear_free(key, size); + if (key != NULL) + OPENSSL_cleanse(key, size); + OPENSSL_free(key); return (ret); } @@ -70,4 +120,10 @@ int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) i = EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL); return (i); } +#else /* !OPENSSL_NO_RSA */ + +# ifdef PEDANTIC +static void *dummy = &dummy; +# endif + #endif diff --git a/Cryptlib/OpenSSL/crypto/evp/p_seal.c b/Cryptlib/OpenSSL/crypto/evp/p_seal.c index faa24648..ba9dfff2 100644 --- a/Cryptlib/OpenSSL/crypto/evp/p_seal.c +++ b/Cryptlib/OpenSSL/crypto/evp/p_seal.c @@ -1,16 +1,67 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/p_seal.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/rand.h> -#include <openssl/rsa.h> +#ifndef OPENSSL_NO_RSA +# include <openssl/rsa.h> +#endif #include <openssl/evp.h> #include <openssl/objects.h> #include <openssl/x509.h> @@ -23,7 +74,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, int i; if (type) { - EVP_CIPHER_CTX_reset(ctx); + EVP_CIPHER_CTX_init(ctx); if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL)) return 0; } diff --git a/Cryptlib/OpenSSL/crypto/evp/p_sign.c b/Cryptlib/OpenSSL/crypto/evp/p_sign.c index 6cb442e4..1b9ba060 100644 --- a/Cryptlib/OpenSSL/crypto/evp/p_sign.c +++ b/Cryptlib/OpenSSL/crypto/evp/p_sign.c @@ -1,61 +1,133 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/p_sign.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/evp.h> #include <openssl/objects.h> #include <openssl/x509.h> -#include "internal/evp_int.h" + +#ifdef undef +void EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type) +{ + EVP_DigestInit_ex(ctx, type); +} + +void EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data, unsigned int count) +{ + EVP_DigestUpdate(ctx, data, count); +} +#endif int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, EVP_PKEY *pkey) { unsigned char m[EVP_MAX_MD_SIZE]; - unsigned int m_len = 0; - int i = 0; - size_t sltmp; + unsigned int m_len; + int i = 0, ok = 0, v; + EVP_MD_CTX tmp_ctx; EVP_PKEY_CTX *pkctx = NULL; *siglen = 0; - if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_FINALISE)) { - if (!EVP_DigestFinal_ex(ctx, m, &m_len)) + EVP_MD_CTX_init(&tmp_ctx); + if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) + goto err; + if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len)) + goto err; + EVP_MD_CTX_cleanup(&tmp_ctx); + + if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) { + size_t sltmp = (size_t)EVP_PKEY_size(pkey); + i = 0; + pkctx = EVP_PKEY_CTX_new(pkey, NULL); + if (!pkctx) goto err; - } else { - int rv = 0; - EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); - if (tmp_ctx == NULL) { - EVPerr(EVP_F_EVP_SIGNFINAL, ERR_R_MALLOC_FAILURE); - return 0; + if (EVP_PKEY_sign_init(pkctx) <= 0) + goto err; + if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0) + goto err; + if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0) + goto err; + *siglen = sltmp; + i = 1; + err: + EVP_PKEY_CTX_free(pkctx); + return i; + } + + for (i = 0; i < 4; i++) { + v = ctx->digest->required_pkey_type[i]; + if (v == 0) + break; + if (pkey->type == v) { + ok = 1; + break; } - rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx); - if (rv) - rv = EVP_DigestFinal_ex(tmp_ctx, m, &m_len); - EVP_MD_CTX_free(tmp_ctx); - if (!rv) - return 0; + } + if (!ok) { + EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE); + return (0); } - sltmp = (size_t)EVP_PKEY_size(pkey); - i = 0; - pkctx = EVP_PKEY_CTX_new(pkey, NULL); - if (pkctx == NULL) - goto err; - if (EVP_PKEY_sign_init(pkctx) <= 0) - goto err; - if (EVP_PKEY_CTX_set_signature_md(pkctx, EVP_MD_CTX_md(ctx)) <= 0) - goto err; - if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0) - goto err; - *siglen = sltmp; - i = 1; - err: - EVP_PKEY_CTX_free(pkctx); - return i; + if (ctx->digest->sign == NULL) { + EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_NO_SIGN_FUNCTION_CONFIGURED); + return (0); + } + return (ctx->digest->sign(ctx->digest->type, m, m_len, sigret, siglen, + pkey->pkey.ptr)); } diff --git a/Cryptlib/OpenSSL/crypto/evp/p_verify.c b/Cryptlib/OpenSSL/crypto/evp/p_verify.c index 6e8c565d..65e1e216 100644 --- a/Cryptlib/OpenSSL/crypto/evp/p_verify.c +++ b/Cryptlib/OpenSSL/crypto/evp/p_verify.c @@ -1,55 +1,116 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +/* crypto/evp/p_verify.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/evp.h> #include <openssl/objects.h> #include <openssl/x509.h> -#include "internal/evp_int.h" int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey) { unsigned char m[EVP_MAX_MD_SIZE]; - unsigned int m_len = 0; - int i = 0; + unsigned int m_len; + int i = 0, ok = 0, v; + EVP_MD_CTX tmp_ctx; EVP_PKEY_CTX *pkctx = NULL; - if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_FINALISE)) { - if (!EVP_DigestFinal_ex(ctx, m, &m_len)) + EVP_MD_CTX_init(&tmp_ctx); + if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) + goto err; + if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len)) + goto err; + EVP_MD_CTX_cleanup(&tmp_ctx); + + if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) { + i = -1; + pkctx = EVP_PKEY_CTX_new(pkey, NULL); + if (!pkctx) + goto err; + if (EVP_PKEY_verify_init(pkctx) <= 0) + goto err; + if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0) goto err; - } else { - int rv = 0; - EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); - if (tmp_ctx == NULL) { - EVPerr(EVP_F_EVP_VERIFYFINAL, ERR_R_MALLOC_FAILURE); - return 0; + i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len); + err: + EVP_PKEY_CTX_free(pkctx); + return i; + } + + for (i = 0; i < 4; i++) { + v = ctx->digest->required_pkey_type[i]; + if (v == 0) + break; + if (pkey->type == v) { + ok = 1; + break; } - rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx); - if (rv) - rv = EVP_DigestFinal_ex(tmp_ctx, m, &m_len); - EVP_MD_CTX_free(tmp_ctx); - if (!rv) - return 0; + } + if (!ok) { + EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE); + return (-1); + } + if (ctx->digest->verify == NULL) { + EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_NO_VERIFY_FUNCTION_CONFIGURED); + return (0); } - i = -1; - pkctx = EVP_PKEY_CTX_new(pkey, NULL); - if (pkctx == NULL) - goto err; - if (EVP_PKEY_verify_init(pkctx) <= 0) - goto err; - if (EVP_PKEY_CTX_set_signature_md(pkctx, EVP_MD_CTX_md(ctx)) <= 0) - goto err; - i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len); - err: - EVP_PKEY_CTX_free(pkctx); - return i; + return (ctx->digest->verify(ctx->digest->type, m, m_len, + sigbuf, siglen, pkey->pkey.ptr)); } diff --git a/Cryptlib/OpenSSL/crypto/evp/pmeth_fn.c b/Cryptlib/OpenSSL/crypto/evp/pmeth_fn.c index eb638019..727869e3 100644 --- a/Cryptlib/OpenSSL/crypto/evp/pmeth_fn.c +++ b/Cryptlib/OpenSSL/crypto/evp/pmeth_fn.c @@ -1,18 +1,68 @@ +/* pmeth_fn.c */ /* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project + * 2006. + */ +/* ==================================================================== + * Copyright (c) 2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <stdlib.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/objects.h> #include <openssl/evp.h> -#include "internal/evp_int.h" +#include "evp_locl.h" #define M_check_autoarg(ctx, arg, arglen, err) \ if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) { \ @@ -267,7 +317,8 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) return -1; } - EVP_PKEY_free(ctx->peerkey); + if (ctx->peerkey) + EVP_PKEY_free(ctx->peerkey); ctx->peerkey = peer; ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer); @@ -277,7 +328,7 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) return ret; } - EVP_PKEY_up_ref(peer); + CRYPTO_add(&peer->references, 1, CRYPTO_LOCK_EVP_PKEY); return 1; } diff --git a/Cryptlib/OpenSSL/crypto/evp/pmeth_gn.c b/Cryptlib/OpenSSL/crypto/evp/pmeth_gn.c index 6adc3a9c..6a4d3573 100644 --- a/Cryptlib/OpenSSL/crypto/evp/pmeth_gn.c +++ b/Cryptlib/OpenSSL/crypto/evp/pmeth_gn.c @@ -1,19 +1,69 @@ +/* pmeth_gn.c */ /* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project + * 2006. + */ +/* ==================================================================== + * Copyright (c) 2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <stdlib.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/objects.h> #include <openssl/evp.h> -#include "internal/bn_int.h" -#include "internal/evp_int.h" +#include <openssl/bn.h> +#include "evp_locl.h" int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx) { @@ -96,7 +146,7 @@ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) return -1; } - if (ppkey == NULL) + if (!ppkey) return -1; if (*ppkey == NULL) @@ -129,7 +179,7 @@ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx) static int trans_cb(int a, int b, BN_GENCB *gcb) { - EVP_PKEY_CTX *ctx = BN_GENCB_get_arg(gcb); + EVP_PKEY_CTX *ctx = gcb->arg; ctx->keygen_info[0] = a; ctx->keygen_info[1] = b; return ctx->pkey_gencb(ctx); @@ -137,7 +187,7 @@ static int trans_cb(int a, int b, BN_GENCB *gcb) void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx) { - BN_GENCB_set(cb, trans_cb, ctx); + BN_GENCB_set(cb, trans_cb, ctx) } int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx) @@ -159,11 +209,14 @@ EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, return NULL; if (EVP_PKEY_keygen_init(mac_ctx) <= 0) goto merr; - if (EVP_PKEY_CTX_set_mac_key(mac_ctx, key, keylen) <= 0) + if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN, + EVP_PKEY_CTRL_SET_MAC_KEY, + keylen, (void *)key) <= 0) goto merr; if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0) goto merr; merr: - EVP_PKEY_CTX_free(mac_ctx); + if (mac_ctx) + EVP_PKEY_CTX_free(mac_ctx); return mac_key; } diff --git a/Cryptlib/OpenSSL/crypto/evp/pmeth_lib.c b/Cryptlib/OpenSSL/crypto/evp/pmeth_lib.c index b7f06be5..d0668629 100644 --- a/Cryptlib/OpenSSL/crypto/evp/pmeth_lib.c +++ b/Cryptlib/OpenSSL/crypto/evp/pmeth_lib.c @@ -1,25 +1,81 @@ +/* pmeth_lib.c */ /* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project + * 2006. + */ +/* ==================================================================== + * Copyright (c) 2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <stdlib.h> -#include "internal/cryptlib.h" -#include <openssl/engine.h> +#include "cryptlib.h" +#include <openssl/objects.h> #include <openssl/evp.h> -#include <openssl/x509v3.h> -#include "internal/asn1_int.h" -#include "internal/evp_int.h" -#include "internal/numbers.h" +#ifndef OPENSSL_NO_ENGINE +# include <openssl/engine.h> +#endif +#include "asn1_locl.h" +#include "evp_locl.h" typedef int sk_cmp_fn_type(const char *const *a, const char *const *b); -static STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL; +DECLARE_STACK_OF(EVP_PKEY_METHOD) +STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL; + +extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth; +extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth; +extern const EVP_PKEY_METHOD dhx_pkey_meth; static const EVP_PKEY_METHOD *standard_methods[] = { #ifndef OPENSSL_NO_RSA @@ -39,13 +95,8 @@ static const EVP_PKEY_METHOD *standard_methods[] = { &cmac_pkey_meth, #endif #ifndef OPENSSL_NO_DH - &dhx_pkey_meth, + &dhx_pkey_meth #endif - &tls1_prf_pkey_meth, -#ifndef OPENSSL_NO_EC - &ecx25519_pkey_meth, -#endif - &hkdf_pkey_meth }; DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *, @@ -101,7 +152,7 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) e = ENGINE_get_pkey_meth_engine(id); /* - * If an ENGINE handled this method look it up. Otherwise use internal + * If an ENGINE handled this method look it up. Othewise use internal * tables. */ @@ -116,10 +167,11 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) return NULL; } - ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { + ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX)); + if (!ret) { #ifndef OPENSSL_NO_ENGINE - ENGINE_finish(e); + if (e) + ENGINE_finish(e); #endif EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE); return NULL; @@ -128,12 +180,14 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) ret->pmeth = pmeth; ret->operation = EVP_PKEY_OP_UNDEFINED; ret->pkey = pkey; + ret->peerkey = NULL; + ret->pkey_gencb = 0; if (pkey) - EVP_PKEY_up_ref(pkey); + CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); + ret->data = NULL; if (pmeth->init) { if (pmeth->init(ret) <= 0) { - ret->pmeth = NULL; EVP_PKEY_CTX_free(ret); return NULL; } @@ -146,10 +200,12 @@ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags) { EVP_PKEY_METHOD *pmeth; - pmeth = OPENSSL_zalloc(sizeof(*pmeth)); - if (pmeth == NULL) + pmeth = OPENSSL_malloc(sizeof(EVP_PKEY_METHOD)); + if (!pmeth) return NULL; + memset(pmeth, 0, sizeof(EVP_PKEY_METHOD)); + pmeth->pkey_id = id; pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC; return pmeth; @@ -233,8 +289,8 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) return 0; } #endif - rctx = OPENSSL_malloc(sizeof(*rctx)); - if (rctx == NULL) + rctx = OPENSSL_malloc(sizeof(EVP_PKEY_CTX)); + if (!rctx) return NULL; rctx->pmeth = pctx->pmeth; @@ -243,12 +299,12 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) #endif if (pctx->pkey) - EVP_PKEY_up_ref(pctx->pkey); + CRYPTO_add(&pctx->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); rctx->pkey = pctx->pkey; if (pctx->peerkey) - EVP_PKEY_up_ref(pctx->peerkey); + CRYPTO_add(&pctx->peerkey->references, 1, CRYPTO_LOCK_EVP_PKEY); rctx->peerkey = pctx->peerkey; @@ -259,7 +315,6 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) if (pctx->pmeth->copy(rctx, pctx) > 0) return rctx; - rctx->pmeth = NULL; EVP_PKEY_CTX_free(rctx); return NULL; @@ -269,7 +324,7 @@ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth) { if (app_pkey_methods == NULL) { app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp); - if (app_pkey_methods == NULL) + if (!app_pkey_methods) return 0; } if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth)) @@ -284,10 +339,17 @@ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx) return; if (ctx->pmeth && ctx->pmeth->cleanup) ctx->pmeth->cleanup(ctx); - EVP_PKEY_free(ctx->pkey); - EVP_PKEY_free(ctx->peerkey); + if (ctx->pkey) + EVP_PKEY_free(ctx->pkey); + if (ctx->peerkey) + EVP_PKEY_free(ctx->peerkey); #ifndef OPENSSL_NO_ENGINE - ENGINE_finish(ctx->engine); + if (ctx->engine) + /* + * The EVP_PKEY_CTX we used belongs to an ENGINE, release the + * functional reference we held for this reason. + */ + ENGINE_finish(ctx->engine); #endif OPENSSL_free(ctx); } @@ -329,9 +391,9 @@ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED); return -2; } - if (strcmp(name, "digest") == 0) { + if (!strcmp(name, "digest")) { const EVP_MD *md; - if (value == NULL || (md = EVP_get_digestbyname(value)) == NULL) { + if (!value || !(md = EVP_get_digestbyname(value))) { EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, EVP_R_INVALID_DIGEST); return 0; } @@ -340,33 +402,6 @@ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, return ctx->pmeth->ctrl_str(ctx, name, value); } -/* Utility functions to send a string of hex string to a ctrl */ - -int EVP_PKEY_CTX_str2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *str) -{ - size_t len; - - len = strlen(str); - if (len > INT_MAX) - return -1; - return ctx->pmeth->ctrl(ctx, cmd, len, (void *)str); -} - -int EVP_PKEY_CTX_hex2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *hex) -{ - unsigned char *bin; - long binlen; - int rv = -1; - - bin = OPENSSL_hexstr2buf(hex, &binlen); - if (bin == NULL) - return 0; - if (binlen <= INT_MAX) - rv = ctx->pmeth->ctrl(ctx, cmd, binlen, bin); - OPENSSL_free(bin); - return rv; -} - int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx) { return ctx->operation; @@ -552,170 +587,3 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, pmeth->ctrl = ctrl; pmeth->ctrl_str = ctrl_str; } - -void EVP_PKEY_meth_get_init(EVP_PKEY_METHOD *pmeth, - int (**pinit) (EVP_PKEY_CTX *ctx)) -{ - *pinit = pmeth->init; -} - -void EVP_PKEY_meth_get_copy(EVP_PKEY_METHOD *pmeth, - int (**pcopy) (EVP_PKEY_CTX *dst, - EVP_PKEY_CTX *src)) -{ - *pcopy = pmeth->copy; -} - -void EVP_PKEY_meth_get_cleanup(EVP_PKEY_METHOD *pmeth, - void (**pcleanup) (EVP_PKEY_CTX *ctx)) -{ - *pcleanup = pmeth->cleanup; -} - -void EVP_PKEY_meth_get_paramgen(EVP_PKEY_METHOD *pmeth, - int (**pparamgen_init) (EVP_PKEY_CTX *ctx), - int (**pparamgen) (EVP_PKEY_CTX *ctx, - EVP_PKEY *pkey)) -{ - if (pparamgen_init) - *pparamgen_init = pmeth->paramgen_init; - if (pparamgen) - *pparamgen = pmeth->paramgen; -} - -void EVP_PKEY_meth_get_keygen(EVP_PKEY_METHOD *pmeth, - int (**pkeygen_init) (EVP_PKEY_CTX *ctx), - int (**pkeygen) (EVP_PKEY_CTX *ctx, - EVP_PKEY *pkey)) -{ - if (pkeygen_init) - *pkeygen_init = pmeth->keygen_init; - if (pkeygen) - *pkeygen = pmeth->keygen; -} - -void EVP_PKEY_meth_get_sign(EVP_PKEY_METHOD *pmeth, - int (**psign_init) (EVP_PKEY_CTX *ctx), - int (**psign) (EVP_PKEY_CTX *ctx, - unsigned char *sig, size_t *siglen, - const unsigned char *tbs, - size_t tbslen)) -{ - if (psign_init) - *psign_init = pmeth->sign_init; - if (psign) - *psign = pmeth->sign; -} - -void EVP_PKEY_meth_get_verify(EVP_PKEY_METHOD *pmeth, - int (**pverify_init) (EVP_PKEY_CTX *ctx), - int (**pverify) (EVP_PKEY_CTX *ctx, - const unsigned char *sig, - size_t siglen, - const unsigned char *tbs, - size_t tbslen)) -{ - if (pverify_init) - *pverify_init = pmeth->verify_init; - if (pverify) - *pverify = pmeth->verify; -} - -void EVP_PKEY_meth_get_verify_recover(EVP_PKEY_METHOD *pmeth, - int (**pverify_recover_init) (EVP_PKEY_CTX - *ctx), - int (**pverify_recover) (EVP_PKEY_CTX - *ctx, - unsigned char - *sig, - size_t *siglen, - const unsigned - char *tbs, - size_t tbslen)) -{ - if (pverify_recover_init) - *pverify_recover_init = pmeth->verify_recover_init; - if (pverify_recover) - *pverify_recover = pmeth->verify_recover; -} - -void EVP_PKEY_meth_get_signctx(EVP_PKEY_METHOD *pmeth, - int (**psignctx_init) (EVP_PKEY_CTX *ctx, - EVP_MD_CTX *mctx), - int (**psignctx) (EVP_PKEY_CTX *ctx, - unsigned char *sig, - size_t *siglen, - EVP_MD_CTX *mctx)) -{ - if (psignctx_init) - *psignctx_init = pmeth->signctx_init; - if (psignctx) - *psignctx = pmeth->signctx; -} - -void EVP_PKEY_meth_get_verifyctx(EVP_PKEY_METHOD *pmeth, - int (**pverifyctx_init) (EVP_PKEY_CTX *ctx, - EVP_MD_CTX *mctx), - int (**pverifyctx) (EVP_PKEY_CTX *ctx, - const unsigned char *sig, - int siglen, - EVP_MD_CTX *mctx)) -{ - if (pverifyctx_init) - *pverifyctx_init = pmeth->verifyctx_init; - if (pverifyctx) - *pverifyctx = pmeth->verifyctx; -} - -void EVP_PKEY_meth_get_encrypt(EVP_PKEY_METHOD *pmeth, - int (**pencrypt_init) (EVP_PKEY_CTX *ctx), - int (**pencryptfn) (EVP_PKEY_CTX *ctx, - unsigned char *out, - size_t *outlen, - const unsigned char *in, - size_t inlen)) -{ - if (pencrypt_init) - *pencrypt_init = pmeth->encrypt_init; - if (pencryptfn) - *pencryptfn = pmeth->encrypt; -} - -void EVP_PKEY_meth_get_decrypt(EVP_PKEY_METHOD *pmeth, - int (**pdecrypt_init) (EVP_PKEY_CTX *ctx), - int (**pdecrypt) (EVP_PKEY_CTX *ctx, - unsigned char *out, - size_t *outlen, - const unsigned char *in, - size_t inlen)) -{ - if (pdecrypt_init) - *pdecrypt_init = pmeth->decrypt_init; - if (pdecrypt) - *pdecrypt = pmeth->decrypt; -} - -void EVP_PKEY_meth_get_derive(EVP_PKEY_METHOD *pmeth, - int (**pderive_init) (EVP_PKEY_CTX *ctx), - int (**pderive) (EVP_PKEY_CTX *ctx, - unsigned char *key, - size_t *keylen)) -{ - if (pderive_init) - *pderive_init = pmeth->derive_init; - if (pderive) - *pderive = pmeth->derive; -} - -void EVP_PKEY_meth_get_ctrl(EVP_PKEY_METHOD *pmeth, - int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1, - void *p2), - int (**pctrl_str) (EVP_PKEY_CTX *ctx, - const char *type, - const char *value)) -{ - if (pctrl) - *pctrl = pmeth->ctrl; - if (pctrl_str) - *pctrl_str = pmeth->ctrl_str; -} diff --git a/Cryptlib/OpenSSL/crypto/evp/scrypt.c b/Cryptlib/OpenSSL/crypto/evp/scrypt.c deleted file mode 100644 index 101bb1ed..00000000 --- a/Cryptlib/OpenSSL/crypto/evp/scrypt.c +++ /dev/null @@ -1,248 +0,0 @@ -/* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <stddef.h> -#include <stdio.h> -#include <string.h> -#include <openssl/evp.h> -#include <openssl/err.h> -#include <internal/numbers.h> - -#ifndef OPENSSL_NO_SCRYPT - -#define R(a,b) (((a) << (b)) | ((a) >> (32 - (b)))) -static void salsa208_word_specification(uint32_t inout[16]) -{ - int i; - uint32_t x[16]; - memcpy(x, inout, sizeof(x)); - for (i = 8; i > 0; i -= 2) { - x[4] ^= R(x[0] + x[12], 7); - x[8] ^= R(x[4] + x[0], 9); - x[12] ^= R(x[8] + x[4], 13); - x[0] ^= R(x[12] + x[8], 18); - x[9] ^= R(x[5] + x[1], 7); - x[13] ^= R(x[9] + x[5], 9); - x[1] ^= R(x[13] + x[9], 13); - x[5] ^= R(x[1] + x[13], 18); - x[14] ^= R(x[10] + x[6], 7); - x[2] ^= R(x[14] + x[10], 9); - x[6] ^= R(x[2] + x[14], 13); - x[10] ^= R(x[6] + x[2], 18); - x[3] ^= R(x[15] + x[11], 7); - x[7] ^= R(x[3] + x[15], 9); - x[11] ^= R(x[7] + x[3], 13); - x[15] ^= R(x[11] + x[7], 18); - x[1] ^= R(x[0] + x[3], 7); - x[2] ^= R(x[1] + x[0], 9); - x[3] ^= R(x[2] + x[1], 13); - x[0] ^= R(x[3] + x[2], 18); - x[6] ^= R(x[5] + x[4], 7); - x[7] ^= R(x[6] + x[5], 9); - x[4] ^= R(x[7] + x[6], 13); - x[5] ^= R(x[4] + x[7], 18); - x[11] ^= R(x[10] + x[9], 7); - x[8] ^= R(x[11] + x[10], 9); - x[9] ^= R(x[8] + x[11], 13); - x[10] ^= R(x[9] + x[8], 18); - x[12] ^= R(x[15] + x[14], 7); - x[13] ^= R(x[12] + x[15], 9); - x[14] ^= R(x[13] + x[12], 13); - x[15] ^= R(x[14] + x[13], 18); - } - for (i = 0; i < 16; ++i) - inout[i] += x[i]; - OPENSSL_cleanse(x, sizeof(x)); -} - -static void scryptBlockMix(uint32_t *B_, uint32_t *B, uint64_t r) -{ - uint64_t i, j; - uint32_t X[16], *pB; - - memcpy(X, B + (r * 2 - 1) * 16, sizeof(X)); - pB = B; - for (i = 0; i < r * 2; i++) { - for (j = 0; j < 16; j++) - X[j] ^= *pB++; - salsa208_word_specification(X); - memcpy(B_ + (i / 2 + (i & 1) * r) * 16, X, sizeof(X)); - } - OPENSSL_cleanse(X, sizeof(X)); -} - -static void scryptROMix(unsigned char *B, uint64_t r, uint64_t N, - uint32_t *X, uint32_t *T, uint32_t *V) -{ - unsigned char *pB; - uint32_t *pV; - uint64_t i, k; - - /* Convert from little endian input */ - for (pV = V, i = 0, pB = B; i < 32 * r; i++, pV++) { - *pV = *pB++; - *pV |= *pB++ << 8; - *pV |= *pB++ << 16; - *pV |= (uint32_t)*pB++ << 24; - } - - for (i = 1; i < N; i++, pV += 32 * r) - scryptBlockMix(pV, pV - 32 * r, r); - - scryptBlockMix(X, V + (N - 1) * 32 * r, r); - - for (i = 0; i < N; i++) { - uint32_t j; - j = X[16 * (2 * r - 1)] % N; - pV = V + 32 * r * j; - for (k = 0; k < 32 * r; k++) - T[k] = X[k] ^ *pV++; - scryptBlockMix(X, T, r); - } - /* Convert output to little endian */ - for (i = 0, pB = B; i < 32 * r; i++) { - uint32_t xtmp = X[i]; - *pB++ = xtmp & 0xff; - *pB++ = (xtmp >> 8) & 0xff; - *pB++ = (xtmp >> 16) & 0xff; - *pB++ = (xtmp >> 24) & 0xff; - } -} - -#ifndef SIZE_MAX -# define SIZE_MAX ((size_t)-1) -#endif - -/* - * Maximum power of two that will fit in uint64_t: this should work on - * most (all?) platforms. - */ - -#define LOG2_UINT64_MAX (sizeof(uint64_t) * 8 - 1) - -/* - * Maximum value of p * r: - * p <= ((2^32-1) * hLen) / MFLen => - * p <= ((2^32-1) * 32) / (128 * r) => - * p * r <= (2^30-1) - * - */ - -#define SCRYPT_PR_MAX ((1 << 30) - 1) - -/* - * Maximum permitted memory allow this to be overridden with Configuration - * option: e.g. -DSCRYPT_MAX_MEM=0 for maximum possible. - */ - -#ifdef SCRYPT_MAX_MEM -# if SCRYPT_MAX_MEM == 0 -# undef SCRYPT_MAX_MEM -/* - * Although we could theoretically allocate SIZE_MAX memory that would leave - * no memory available for anything else so set limit as half that. - */ -# define SCRYPT_MAX_MEM (SIZE_MAX/2) -# endif -#else -/* Default memory limit: 32 MB */ -# define SCRYPT_MAX_MEM (1024 * 1024 * 32) -#endif - -int EVP_PBE_scrypt(const char *pass, size_t passlen, - const unsigned char *salt, size_t saltlen, - uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, - unsigned char *key, size_t keylen) -{ - int rv = 0; - unsigned char *B; - uint32_t *X, *V, *T; - uint64_t i, Blen, Vlen; - size_t allocsize; - - /* Sanity check parameters */ - /* initial check, r,p must be non zero, N >= 2 and a power of 2 */ - if (r == 0 || p == 0 || N < 2 || (N & (N - 1))) - return 0; - /* Check p * r < SCRYPT_PR_MAX avoiding overflow */ - if (p > SCRYPT_PR_MAX / r) - return 0; - - /* - * Need to check N: if 2^(128 * r / 8) overflows limit this is - * automatically satisfied since N <= UINT64_MAX. - */ - - if (16 * r <= LOG2_UINT64_MAX) { - if (N >= (((uint64_t)1) << (16 * r))) - return 0; - } - - /* Memory checks: check total allocated buffer size fits in uint64_t */ - - /* - * B size in section 5 step 1.S - * Note: we know p * 128 * r < UINT64_MAX because we already checked - * p * r < SCRYPT_PR_MAX - */ - Blen = p * 128 * r; - - /* - * Check 32 * r * (N + 2) * sizeof(uint32_t) fits in - * uint64_t and also size_t (their sizes are unrelated). - * This is combined size V, X and T (section 4) - */ - i = UINT64_MAX / (32 * sizeof(uint32_t)); - if (N + 2 > i / r) - return 0; - Vlen = 32 * r * (N + 2) * sizeof(uint32_t); - - /* check total allocated size fits in uint64_t */ - if (Blen > UINT64_MAX - Vlen) - return 0; - /* check total allocated size fits in size_t */ - if (Blen > SIZE_MAX - Vlen) - return 0; - - allocsize = (size_t)(Blen + Vlen); - - if (maxmem == 0) - maxmem = SCRYPT_MAX_MEM; - - if (allocsize > maxmem) { - EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); - return 0; - } - - /* If no key return to indicate parameters are OK */ - if (key == NULL) - return 1; - - B = OPENSSL_malloc(allocsize); - if (B == NULL) - return 0; - X = (uint32_t *)(B + Blen); - T = X + 32 * r; - V = T + 32 * r; - if (PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, 1, EVP_sha256(), - Blen, B) == 0) - goto err; - - for (i = 0; i < p; i++) - scryptROMix(B + 128 * r * i, r, N, X, T, V); - - if (PKCS5_PBKDF2_HMAC(pass, passlen, B, Blen, 1, EVP_sha256(), - keylen, key) == 0) - goto err; - rv = 1; - err: - OPENSSL_clear_free(B, allocsize); - return rv; -} -#endif |