X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fevp%2Fe_aes.c;h=c9a5ee8d75a043d54d9bf1486d3b783cbdbbd36b;hb=2c5f3606d1dd86d5ca79bf169d25b366406d196f;hp=51a51a7bbe03e251b87f18e216204e9372e6cb5f;hpb=591ccf586d048e2ca04dba82a439dbab8aded695;p=oweals%2Fopenssl.git

diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 51a51a7bbe..c9a5ee8d75 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -48,107 +48,70 @@
  *
  */
 
+#include <openssl/opensslconf.h>
 #ifndef OPENSSL_NO_AES
 #include <openssl/evp.h>
 #include <openssl/err.h>
 #include <string.h>
 #include <assert.h>
-#include <openssl/rijndael.h>
+#include <openssl/aes.h>
+#include "evp_locl.h"
 
-static int aes_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 					const unsigned char *iv, int enc);
-static int aes_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out,
-				const unsigned char *in, unsigned int inl);
-static int aes_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
-				const unsigned char *in, unsigned int inl);
 
-#define IMPLEMENT_AES_CIPHER(name, ciph_func, keylen, ivlen, mode) \
-static const EVP_CIPHER name##_cipher_st = \
-	{ \
-	NID_##name, \
-	16,keylen,ivlen, \
-	mode, \
-	aes_init, \
-	ciph_func, \
-	NULL, \
-	sizeof(RIJNDAEL_KEY), \
-	EVP_CIPHER_set_asn1_iv, \
-	EVP_CIPHER_get_asn1_iv, \
-	NULL, \
-	NULL \
-	}; \
-const EVP_CIPHER * EVP_##name(void) \
-	{ \
-	return &name##_cipher_st; \
-	}
+typedef struct
+	{
+	AES_KEY ks;
+	} EVP_AES_KEY;
+
+#define data(ctx)	EVP_C_DATA(EVP_AES_KEY,ctx)
+
+IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY,
+		       NID_aes_128, 16, 16, 16, 128,
+		       EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1,
+		       aes_init_key,
+		       NULL, NULL, NULL, NULL)
+IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY,
+		       NID_aes_192, 16, 24, 16, 128,
+		       EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1,
+		       aes_init_key,
+		       NULL, NULL, NULL, NULL)
+IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
+		       NID_aes_256, 16, 32, 16, 128,
+		       EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1,
+		       aes_init_key,
+		       NULL, NULL, NULL, NULL)
 
-IMPLEMENT_AES_CIPHER(aes_128_ecb, aes_ecb, 16, 0, EVP_CIPH_ECB_MODE)
-IMPLEMENT_AES_CIPHER(aes_192_ecb, aes_ecb, 24, 0, EVP_CIPH_ECB_MODE)
-IMPLEMENT_AES_CIPHER(aes_256_ecb, aes_ecb, 32, 0, EVP_CIPH_ECB_MODE)
+#define IMPLEMENT_AES_CFBR(ksize,cbits,flags)	IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,flags)
 
-IMPLEMENT_AES_CIPHER(aes_128_cbc, aes_cbc, 16, 16, EVP_CIPH_CBC_MODE)
-IMPLEMENT_AES_CIPHER(aes_192_cbc, aes_cbc, 24, 16, EVP_CIPH_CBC_MODE)
-IMPLEMENT_AES_CIPHER(aes_256_cbc, aes_cbc, 32, 16, EVP_CIPH_CBC_MODE)
+IMPLEMENT_AES_CFBR(128,1,EVP_CIPH_FLAG_FIPS)
+IMPLEMENT_AES_CFBR(192,1,EVP_CIPH_FLAG_FIPS)
+IMPLEMENT_AES_CFBR(256,1,EVP_CIPH_FLAG_FIPS)
 
-static int aes_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+IMPLEMENT_AES_CFBR(128,8,EVP_CIPH_FLAG_FIPS)
+IMPLEMENT_AES_CFBR(192,8,EVP_CIPH_FLAG_FIPS)
+IMPLEMENT_AES_CFBR(256,8,EVP_CIPH_FLAG_FIPS)
+
+static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 		   const unsigned char *iv, int enc)
 	{
-	RIJNDAEL_KEY *k=ctx->cipher_data;
-	if (enc) 
-		k->rounds = rijndaelKeySetupEnc(k->rd_key, key, ctx->key_len * 8);
-	else
-		k->rounds = rijndaelKeySetupDec(k->rd_key, key, ctx->key_len * 8);
+	int ret;
 
-	return 1;
-	}
+	if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE
+	    || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE
+	    || enc) 
+		ret=AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
+	else
+		ret=AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
 
-static int aes_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			 const unsigned char *in, unsigned int inl)
-	{
-	RIJNDAEL_KEY *k=ctx->cipher_data;
-	while(inl > 0)
+	if(ret < 0)
 		{
-		if(ctx->encrypt)
-	    		rijndaelEncrypt(k->rd_key,k->rounds, in, out);
-		else
-	    		rijndaelDecrypt(k->rd_key,k->rounds, in, out);
-		inl-=16;
-		in+=16;
-		out+=16;
+		EVPerr(EVP_F_AES_INIT_KEY,EVP_R_AES_KEY_SETUP_FAILED);
+		return 0;
 		}
-	assert(inl == 0);
 
 	return 1;
 	}
 
-static int aes_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			 const unsigned char *in, unsigned int inl)
-	{
-	int n;
-	unsigned char tmp[16];
-	RIJNDAEL_KEY *k=ctx->cipher_data;
-	while(inl > 0)
-		{
-		if(ctx->encrypt)
-			{
-			for(n=0 ; n < 16 ; n++)
-				tmp[n] = in[n] ^ ctx->iv[n];
-			rijndaelEncrypt(k->rd_key,k->rounds, tmp, out);
-			memcpy(ctx->iv,out,16);
-			}
-		else
-			{
-			memcpy(tmp, in, 16);
-			rijndaelDecrypt(k->rd_key,k->rounds, in, out);
-			for(n=0 ; n < 16 ; n++)
-				out[n] ^= ctx->iv[n];
-			memcpy(ctx->iv,tmp,16);
-			}
-		inl-=16;
-		in+=16;
-		out+=16;
-		}
-	assert(inl == 0);
-	return 1;
-	}
 #endif