X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fevp%2Fe_aes.c;h=7b4d84f58d8155aabfbdc4382f292b72503c1a2a;hb=33b188a8e82df57208ec8263c263f8b6f47e8255;hp=8b31388690e62c9f042fbcaef0013a52ea255d12;hpb=0f113f3ee4d629ef9a4a30911b22b224772085e5;p=oweals%2Fopenssl.git diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 8b31388690..7b4d84f58d 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -115,8 +115,14 @@ typedef struct { # ifndef OPENSSL_NO_OCB typedef struct { - AES_KEY ksenc; /* AES key schedule to use for encryption */ - AES_KEY ksdec; /* AES key schedule to use for decryption */ + union { + double align; + AES_KEY ks; + } ksenc; /* AES key schedule to use for encryption */ + union { + double align; + AES_KEY ks; + } ksdec; /* AES key schedule to use for decryption */ int key_set; /* Set if key initialised */ int iv_set; /* Set if an iv is set */ OCB128_CONTEXT ocb; @@ -466,9 +472,10 @@ static int aesni_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, * needs both. We could possibly optimise to remove setting the * decrypt for an encryption operation. */ - aesni_set_encrypt_key(key, ctx->key_len * 8, &octx->ksenc); - aesni_set_decrypt_key(key, ctx->key_len * 8, &octx->ksdec); - if (!CRYPTO_ocb128_init(&octx->ocb, &octx->ksenc, &octx->ksdec, + aesni_set_encrypt_key(key, ctx->key_len * 8, &octx->ksenc.ks); + aesni_set_decrypt_key(key, ctx->key_len * 8, &octx->ksdec.ks); + if (!CRYPTO_ocb128_init(&octx->ocb, + &octx->ksenc.ks, &octx->ksdec.ks, (block128_f) aesni_encrypt, (block128_f) aesni_decrypt)) return 0; @@ -778,11 +785,6 @@ static int aes_t4_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, case 128: xctx->stream = aes128_t4_xts_encrypt; break; -# if 0 /* not yet */ - case 192: - xctx->stream = aes192_t4_xts_encrypt; - break; -# endif case 256: xctx->stream = aes256_t4_xts_encrypt; break; @@ -796,11 +798,6 @@ static int aes_t4_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, case 128: xctx->stream = aes128_t4_xts_decrypt; break; -# if 0 /* not yet */ - case 192: - xctx->stream = aes192_t4_xts_decrypt; - break; -# endif case 256: xctx->stream = aes256_t4_xts_decrypt; break; @@ -839,24 +836,7 @@ static int aes_t4_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, aes_t4_set_encrypt_key(key, bits, &cctx->ks.ks); CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L, &cctx->ks, (block128_f) aes_t4_encrypt); -# if 0 /* not yet */ - switch (bits) { - case 128: - cctx->str = enc ? (ccm128_f) aes128_t4_ccm64_encrypt : - (ccm128_f) ae128_t4_ccm64_decrypt; - break; - case 192: - cctx->str = enc ? (ccm128_f) aes192_t4_ccm64_encrypt : - (ccm128_f) ae192_t4_ccm64_decrypt; - break; - case 256: - cctx->str = enc ? (ccm128_f) aes256_t4_ccm64_encrypt : - (ccm128_f) ae256_t4_ccm64_decrypt; - break; - default: - return 0; - } -# endif + cctx->str = NULL; cctx->key_set = 1; } if (iv) { @@ -884,9 +864,10 @@ static int aes_t4_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, * needs both. We could possibly optimise to remove setting the * decrypt for an encryption operation. */ - aes_t4_set_encrypt_key(key, ctx->key_len * 8, &octx->ksenc); - aes_t4_set_decrypt_key(key, ctx->key_len * 8, &octx->ksdec); - if (!CRYPTO_ocb128_init(&octx->ocb, &octx->ksenc, &octx->ksdec, + aes_t4_set_encrypt_key(key, ctx->key_len * 8, &octx->ksenc.ks); + aes_t4_set_decrypt_key(key, ctx->key_len * 8, &octx->ksdec.ks); + if (!CRYPTO_ocb128_init(&octx->ocb, + &octx->ksenc.ks, &octx->ksdec.ks, (block128_f) aes_t4_encrypt, (block128_f) aes_t4_decrypt)) return 0; @@ -999,6 +980,9 @@ const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \ # if defined(BSAES_ASM) # define BSAES_CAPABLE (OPENSSL_armcap_P & ARMV7_NEON) # endif +# if defined(VPAES_ASM) +# define VPAES_CAPABLE (OPENSSL_armcap_P & ARMV7_NEON) +# endif # define HWAES_CAPABLE (OPENSSL_armcap_P & ARMV8_AES) # define HWAES_set_encrypt_key aes_v8_set_encrypt_key # define HWAES_set_decrypt_key aes_v8_set_decrypt_key @@ -1271,7 +1255,7 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) gctx->tls_aad_len = -1; return 1; - case EVP_CTRL_GCM_SET_IVLEN: + case EVP_CTRL_AEAD_SET_IVLEN: if (arg <= 0) return 0; /* Allocate memory for IV if needed */ @@ -1285,14 +1269,14 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) gctx->ivlen = arg; return 1; - case EVP_CTRL_GCM_SET_TAG: + case EVP_CTRL_AEAD_SET_TAG: if (arg <= 0 || arg > 16 || c->encrypt) return 0; memcpy(c->buf, ptr, arg); gctx->taglen = arg; return 1; - case EVP_CTRL_GCM_GET_TAG: + case EVP_CTRL_AEAD_GET_TAG: if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0) return 0; memcpy(ptr, c->buf, arg); @@ -1870,7 +1854,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->len_set = 0; return 1; - case EVP_CTRL_CCM_SET_IVLEN: + case EVP_CTRL_AEAD_SET_IVLEN: arg = 15 - arg; case EVP_CTRL_CCM_SET_L: if (arg < 2 || arg > 8) @@ -1878,7 +1862,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->L = arg; return 1; - case EVP_CTRL_CCM_SET_TAG: + case EVP_CTRL_AEAD_SET_TAG: if ((arg & 1) || arg < 4 || arg > 16) return 0; if ((c->encrypt && ptr) || (!c->encrypt && !ptr)) @@ -1890,7 +1874,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->M = arg; return 1; - case EVP_CTRL_CCM_GET_TAG: + case EVP_CTRL_AEAD_GET_TAG: if (!c->encrypt || !cctx->tag_set) return 0; if (!CRYPTO_ccm128_tag(&cctx->ccm, ptr, (size_t)arg)) @@ -2217,7 +2201,7 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) octx->aad_buf_len = 0; return 1; - case EVP_CTRL_SET_IVLEN: + case EVP_CTRL_AEAD_SET_IVLEN: /* IV len must be 1 to 15 */ if (arg <= 0 || arg > 15) return 0; @@ -2225,21 +2209,21 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) octx->ivlen = arg; return 1; - case EVP_CTRL_OCB_SET_TAGLEN: - /* Tag len must be 0 to 16 */ - if (arg < 0 || arg > 16) - return 0; - - octx->taglen = arg; - return 1; + case EVP_CTRL_AEAD_SET_TAG: + if (!ptr) { + /* Tag len must be 0 to 16 */ + if (arg < 0 || arg > 16) + return 0; - case EVP_CTRL_SET_TAG: + octx->taglen = arg; + return 1; + } if (arg != octx->taglen || c->encrypt) return 0; memcpy(octx->tag, ptr, arg); return 1; - case EVP_CTRL_GET_TAG: + case EVP_CTRL_AEAD_GET_TAG: if (arg != octx->taglen || !c->encrypt) return 0; @@ -2250,7 +2234,8 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) newc = (EVP_CIPHER_CTX *)ptr; new_octx = newc->cipher_data; return CRYPTO_ocb128_copy_ctx(&new_octx->ocb, &octx->ocb, - &new_octx->ksenc, &new_octx->ksdec); + &new_octx->ksenc.ks, + &new_octx->ksdec.ks); default: return -1; @@ -2273,18 +2258,20 @@ static int aes_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, */ # ifdef VPAES_CAPABLE if (VPAES_CAPABLE) { - vpaes_set_encrypt_key(key, ctx->key_len * 8, &octx->ksenc); - vpaes_set_decrypt_key(key, ctx->key_len * 8, &octx->ksdec); - if (!CRYPTO_ocb128_init - (&octx->ocb, &octx->ksenc, &octx->ksdec, - (block128_f) vpaes_encrypt, (block128_f) vpaes_decrypt)) + vpaes_set_encrypt_key(key, ctx->key_len * 8, &octx->ksenc.ks); + vpaes_set_decrypt_key(key, ctx->key_len * 8, &octx->ksdec.ks); + if (!CRYPTO_ocb128_init(&octx->ocb, + &octx->ksenc.ks, &octx->ksdec.ks, + (block128_f) vpaes_encrypt, + (block128_f) vpaes_decrypt)) return 0; break; } # endif - AES_set_encrypt_key(key, ctx->key_len * 8, &octx->ksenc); - AES_set_decrypt_key(key, ctx->key_len * 8, &octx->ksdec); - if (!CRYPTO_ocb128_init(&octx->ocb, &octx->ksenc, &octx->ksdec, + AES_set_encrypt_key(key, ctx->key_len * 8, &octx->ksenc.ks); + AES_set_decrypt_key(key, ctx->key_len * 8, &octx->ksdec.ks); + if (!CRYPTO_ocb128_init(&octx->ocb, + &octx->ksenc.ks, &octx->ksdec.ks, (block128_f) AES_encrypt, (block128_f) AES_decrypt)) return 0;