IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY,
NID_aes_128, 16, 16, 16, 128,
- EVP_CIPH_FLAG_FIPS, aes_init_key, NULL,
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL)
+ EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1,
+ aes_init_key,
+ NULL, NULL, NULL, NULL)
IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY,
NID_aes_192, 16, 24, 16, 128,
- EVP_CIPH_FLAG_FIPS, aes_init_key, NULL,
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL)
+ EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1,
+ aes_init_key,
+ NULL, NULL, NULL, NULL)
IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
NID_aes_256, 16, 32, 16, 128,
- EVP_CIPH_FLAG_FIPS, aes_init_key, NULL,
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL)
+ EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1,
+ aes_init_key,
+ NULL, NULL, NULL, NULL)
#define IMPLEMENT_AES_CFBR(ksize,cbits,flags) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,flags)
/*-----------------------------------------------*/
-typedef struct
- {
- AES_KEY ks;
- unsigned char tiv[AES_BLOCK_SIZE];
- int dir, cmode, cbits, num;
- } AES_CTX;
-
-int AES_Cipher(AES_CTX *ctx,
- unsigned char *out,
- unsigned char *in,
- int inl)
- {
-
- unsigned long len = inl;
+int AESTest(EVP_CIPHER_CTX *ctx,
+ char *amode, int akeysz, unsigned char *aKey,
+ unsigned char *iVec,
+ int dir, /* 0 = decrypt, 1 = encrypt */
+ unsigned char *plaintext, unsigned char *ciphertext, int len)
+ {
+ const EVP_CIPHER *cipher = NULL;
- switch(ctx->cmode)
+ if (strcasecmp(amode, "CBC") == 0)
+ {
+ switch (akeysz)
{
- case EVP_CIPH_ECB_MODE:
- while (len > 0)
- {
- AES_ecb_encrypt(in, out, &ctx->ks, ctx->dir);
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- len -= AES_BLOCK_SIZE;
- }
+ case 128:
+ cipher = EVP_aes_128_cbc();
break;
- case EVP_CIPH_CBC_MODE:
- AES_cbc_encrypt(in, out, len, &ctx->ks, ctx->tiv, ctx->dir);
+ case 192:
+ cipher = EVP_aes_192_cbc();
break;
- case EVP_CIPH_CFB_MODE:
- if (ctx->cbits == 1)
- AES_cfb1_encrypt(in, out, len, &ctx->ks, ctx->tiv,
- &ctx->num, ctx->dir);
- else if (ctx->cbits == 8)
- AES_cfb8_encrypt(in, out, len, &ctx->ks, ctx->tiv,
- &ctx->num, ctx->dir);
- else if (ctx->cbits == 128)
- AES_cfb128_encrypt(in, out, len, &ctx->ks, ctx->tiv,
- &ctx->num, ctx->dir);
+ case 256:
+ cipher = EVP_aes_256_cbc();
break;
+ }
- case EVP_CIPH_OFB_MODE:
- AES_ofb128_encrypt(in, out, len, &ctx->ks, ctx->tiv,
- &ctx->num);
-
+ }
+ else if (strcasecmp(amode, "ECB") == 0)
+ {
+ switch (akeysz)
+ {
+ case 128:
+ cipher = EVP_aes_128_ecb();
break;
- default:
- return 0;
+ case 192:
+ cipher = EVP_aes_192_ecb();
+ break;
+ case 256:
+ cipher = EVP_aes_256_ecb();
+ break;
}
-
- return 1;
-
}
+ else if (strcasecmp(amode, "CFB128") == 0)
+ {
+ switch (akeysz)
+ {
+ case 128:
+ cipher = EVP_aes_128_cfb128();
+ break;
+ case 192:
+ cipher = EVP_aes_192_cfb128();
+ break;
+ case 256:
+ cipher = EVP_aes_256_cfb128();
+ break;
+ }
-int AESTest(AES_CTX *ctx,
- char *amode, int akeysz, unsigned char *aKey,
- unsigned char *iVec,
- int dir, /* 0 = decrypt, 1 = encrypt */
- unsigned char *plaintext, unsigned char *ciphertext, int len)
- {
- int ret = 1;
-
- ctx->cmode = -1;
- ctx->cbits = -1;
- ctx->dir = dir;
- ctx->num = 0;
- if (strcasecmp(amode, "CBC") == 0)
- ctx->cmode = EVP_CIPH_CBC_MODE;
- else if (strcasecmp(amode, "ECB") == 0)
- ctx->cmode = EVP_CIPH_ECB_MODE;
- else if (strcasecmp(amode, "CFB128") == 0)
- {
- ctx->cbits = 128;
- ctx->cmode = EVP_CIPH_CFB_MODE;
}
else if (strncasecmp(amode, "OFB", 3) == 0)
- ctx->cmode = EVP_CIPH_OFB_MODE;
+ {
+ switch (akeysz)
+ {
+ case 128:
+ cipher = EVP_aes_128_ofb();
+ break;
+
+ case 192:
+ cipher = EVP_aes_192_ofb();
+ break;
+
+ case 256:
+ cipher = EVP_aes_256_ofb();
+ break;
+ }
+ }
else if(!strcasecmp(amode,"CFB1"))
{
- ctx->cbits = 1;
- ctx->cmode = EVP_CIPH_CFB_MODE;
+ switch (akeysz)
+ {
+ case 128:
+ cipher = EVP_aes_128_cfb1();
+ break;
+
+ case 192:
+ cipher = EVP_aes_192_cfb1();
+ break;
+
+ case 256:
+ cipher = EVP_aes_256_cfb1();
+ break;
+ }
}
else if(!strcasecmp(amode,"CFB8"))
{
- ctx->cbits = 8;
- ctx->cmode = EVP_CIPH_CFB_MODE;
+ switch (akeysz)
+ {
+ case 128:
+ cipher = EVP_aes_128_cfb8();
+ break;
+
+ case 192:
+ cipher = EVP_aes_192_cfb8();
+ break;
+
+ case 256:
+ cipher = EVP_aes_256_cfb8();
+ break;
+ }
}
else
{
printf("Unknown mode: %s\n", amode);
- EXIT(1);
+ return 0;
}
- if (ret)
+ if (!cipher)
{
- if ((akeysz != 128) && (akeysz != 192) && (akeysz != 256))
- {
- printf("Invalid key size: %d\n", akeysz);
- ret = 0;
- }
- if (ctx->dir
- || (ctx->cmode == EVP_CIPH_CFB_MODE)
- || (ctx->cmode == EVP_CIPH_OFB_MODE))
- AES_set_encrypt_key(aKey, akeysz, &ctx->ks);
- else
- AES_set_decrypt_key(aKey, akeysz, &ctx->ks);
- if (iVec)
- memcpy(ctx->tiv, iVec, AES_BLOCK_SIZE);
- if (ctx->dir)
- AES_Cipher(ctx, ciphertext, plaintext, len);
- else
- AES_Cipher(ctx, plaintext, ciphertext, len);
+ printf("Invalid key size: %d\n", akeysz);
+ return 0;
}
- return ret;
+ if (EVP_CipherInit_ex(ctx, cipher, NULL, aKey, iVec, dir) <= 0)
+ return 0;
+ if (dir)
+ EVP_Cipher(ctx, ciphertext, plaintext, len);
+ else
+ EVP_Cipher(ctx, plaintext, ciphertext, len);
+ return 1;
}
/*-----------------------------------------------*/
unsigned char ciphertext[64+4];
int i, j, n, n1, n2;
int imode = 0, nkeysz = akeysz/8;
- AES_CTX ctx;
+ EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX_init(&ctx);
if (len > 32)
{
{
if (dir == XENCRYPT)
{
- AES_Cipher(&ctx, ctext[j], ptext[j], len);
+ EVP_Cipher(&ctx, ctext[j], ptext[j], len);
memcpy(ptext[j+1], ctext[j], len);
}
else
{
- AES_Cipher(&ctx, ptext[j], ctext[j], len);
+ EVP_Cipher(&ctx, ptext[j], ctext[j], len);
memcpy(ctext[j+1], ptext[j], len);
}
}
{
if (dir == XENCRYPT)
{
- AES_Cipher(&ctx, ctext[j], ptext[j], len);
+ EVP_Cipher(&ctx, ctext[j], ptext[j], len);
memcpy(ptext[j+1], ctext[j-1], len);
}
else
{
- AES_Cipher(&ctx, ptext[j], ctext[j], len);
+ EVP_Cipher(&ctx, ptext[j], ctext[j], len);
memcpy(ctext[j+1], ptext[j-1], len);
}
}
else
{
if (dir == XENCRYPT)
- AES_Cipher(&ctx, ctext[j], ptext[j], len);
+ EVP_Cipher(&ctx, ctext[j], ptext[j], len);
else
- AES_Cipher(&ctx, ptext[j], ctext[j], len);
+ EVP_Cipher(&ctx, ptext[j], ctext[j], len);
}
if (dir == XENCRYPT)
{
/* compensate for wrong endianness of input file */
if(i == 0)
ptext[0][0]<<=7;
- ret=AESTest(&ctx,amode,akeysz,key[i],iv[i],dir,
+ ret = AESTest(&ctx,amode,akeysz,key[i],iv[i],dir,
ptext[j], ctext[j], len);
}
else
{
if (dir == XENCRYPT)
- AES_Cipher(&ctx, ctext[j], ptext[j], len);
+ EVP_Cipher(&ctx, ctext[j], ptext[j], len);
else
- AES_Cipher(&ctx, ptext[j], ctext[j], len);
+ EVP_Cipher(&ctx, ptext[j], ctext[j], len);
}
if(dir == XENCRYPT)
unsigned char plaintext[2048];
unsigned char ciphertext[2048];
char *rp;
- AES_CTX ctx;
+ EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX_init(&ctx);
if (!rqfile || !(*rqfile))
{
projects / oweals / openssl.git / commitdiff