X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fevp%2Fe_aes.c;h=c9a5ee8d75a043d54d9bf1486d3b783cbdbbd36b;hb=2c5f3606d1dd86d5ca79bf169d25b366406d196f;hp=9d91533a9e53d2db2a31ba2532675d6810c8c54e;hpb=6f9079fd505c28961049a732e33e662530bdad21;p=oweals%2Fopenssl.git

diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 9d91533a9e..c9a5ee8d75 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -48,6 +48,7 @@
  *
  */
 
+#include <openssl/opensslconf.h>
 #ifndef OPENSSL_NO_AES
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -66,44 +67,51 @@ typedef struct
 
 #define data(ctx)	EVP_C_DATA(EVP_AES_KEY,ctx)
 
-#define IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(cname, ksched, cprefix, kstruct, \
-			  nid, block_size, key_len, iv_len, flags, \
-			  init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
-BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
-BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
-		     init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, 0, flags, \
-		     init_key, cleanup, set_asn1, get_asn1, ctrl)
+IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY,
+		       NID_aes_128, 16, 16, 16, 128,
+		       EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1,
+		       aes_init_key,
+		       NULL, NULL, NULL, NULL)
+IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY,
+		       NID_aes_192, 16, 24, 16, 128,
+		       EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1,
+		       aes_init_key,
+		       NULL, NULL, NULL, NULL)
+IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
+		       NID_aes_256, 16, 32, 16, 128,
+		       EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1,
+		       aes_init_key,
+		       NULL, NULL, NULL, NULL)
 
-IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(aes_128, ks, AES, EVP_AES_KEY,
-				   NID_aes_128, 16, 16, 16,
-				   0, aes_init_key, NULL, 
-				   EVP_CIPHER_set_asn1_iv,
-				   EVP_CIPHER_get_asn1_iv,
-				   NULL)
-IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(aes_192, ks, AES, EVP_AES_KEY,
-				   NID_aes_192, 16, 24, 16,
-				   0, aes_init_key, NULL, 
-				   EVP_CIPHER_set_asn1_iv,
-				   EVP_CIPHER_get_asn1_iv,
-				   NULL)
-IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(aes_256, ks, AES, EVP_AES_KEY,
-				   NID_aes_256, 16, 32, 16,
-				   0, aes_init_key, NULL, 
-				   EVP_CIPHER_set_asn1_iv,
-				   EVP_CIPHER_get_asn1_iv,
-				   NULL)
+#define IMPLEMENT_AES_CFBR(ksize,cbits,flags)	IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,flags)
+
+IMPLEMENT_AES_CFBR(128,1,EVP_CIPH_FLAG_FIPS)
+IMPLEMENT_AES_CFBR(192,1,EVP_CIPH_FLAG_FIPS)
+IMPLEMENT_AES_CFBR(256,1,EVP_CIPH_FLAG_FIPS)
+
+IMPLEMENT_AES_CFBR(128,8,EVP_CIPH_FLAG_FIPS)
+IMPLEMENT_AES_CFBR(192,8,EVP_CIPH_FLAG_FIPS)
+IMPLEMENT_AES_CFBR(256,8,EVP_CIPH_FLAG_FIPS)
 
 static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-		   const unsigned char *iv, int enc) {
+		   const unsigned char *iv, int enc)
+	{
+	int ret;
 
-	if (enc) 
-		AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
+	if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE
+	    || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE
+	    || enc) 
+		ret=AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
 	else
-		AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
+		ret=AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
+
+	if(ret < 0)
+		{
+		EVPerr(EVP_F_AES_INIT_KEY,EVP_R_AES_KEY_SETUP_FAILED);
+		return 0;
+		}
 
 	return 1;
-}
+	}
 
 #endif