From 15094852deb096cdd7b7e32ba65dd0d982ebdb35 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 14 Sep 2011 13:25:48 +0000 Subject: [PATCH] new function to lookup FIPS supported ciphers by NID --- CHANGES | 4 ++ fips/fips.h | 2 + fips/utl/fips_enc.c | 128 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 134 insertions(+) diff --git a/CHANGES b/CHANGES index 8fa3e54366..c4e8639122 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,10 @@ Changes between 1.0.1 and 1.1.0 [xx XXX xxxx] + *) New function FIPS_get_cipherbynid() to lookup FIPS supported ciphers + based on NID. + [Steve Henson] + *) More extensive health check for DRBG checking many more failure modes. New function FIPS_selftest_drbg_all() to handle every possible DRBG combination: call this in fips_test_suite. diff --git a/fips/fips.h b/fips/fips.h index 17dd066643..27242f1599 100644 --- a/fips/fips.h +++ b/fips/fips.h @@ -193,6 +193,8 @@ int fips_cipher_test(int id, struct evp_cipher_ctx_st *ctx, const struct env_md_st *FIPS_get_digestbynid(int nid); +const struct evp_cipher_st *FIPS_get_cipherbynid(int nid); + struct rsa_st *FIPS_rsa_new(void); void FIPS_rsa_free(struct rsa_st *r); int FIPS_rsa_sign_ctx(struct rsa_st *rsa, struct env_md_ctx_st *ctx, diff --git a/fips/utl/fips_enc.c b/fips/utl/fips_enc.c index fcff5ece87..9ed9dbf35a 100644 --- a/fips/utl/fips_enc.c +++ b/fips/utl/fips_enc.c @@ -338,3 +338,131 @@ int FIPS_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } return ctx->cipher->do_cipher(ctx,out,in,inl); } + +const EVP_CIPHER *FIPS_get_cipherbynid(int nid) + { + switch (nid) + { + case NID_aes_128_cbc: + return FIPS_evp_aes_128_cbc(); + + case NID_aes_128_ccm: + return FIPS_evp_aes_128_ccm(); + + case NID_aes_128_cfb1: + return FIPS_evp_aes_128_cfb1(); + + case NID_aes_128_cfb128: + return FIPS_evp_aes_128_cfb128(); + + case NID_aes_128_cfb8: + return FIPS_evp_aes_128_cfb8(); + + case NID_aes_128_ctr: + return FIPS_evp_aes_128_ctr(); + + case NID_aes_128_ecb: + return FIPS_evp_aes_128_ecb(); + + case NID_aes_128_gcm: + return FIPS_evp_aes_128_gcm(); + + case NID_aes_128_ofb128: + return FIPS_evp_aes_128_ofb(); + + case NID_aes_128_xts: + return FIPS_evp_aes_128_xts(); + + case NID_aes_192_cbc: + return FIPS_evp_aes_192_cbc(); + + case NID_aes_192_ccm: + return FIPS_evp_aes_192_ccm(); + + case NID_aes_192_cfb1: + return FIPS_evp_aes_192_cfb1(); + + case NID_aes_192_cfb128: + return FIPS_evp_aes_192_cfb128(); + + case NID_aes_192_cfb8: + return FIPS_evp_aes_192_cfb8(); + + case NID_aes_192_ctr: + return FIPS_evp_aes_192_ctr(); + + case NID_aes_192_ecb: + return FIPS_evp_aes_192_ecb(); + + case NID_aes_192_gcm: + return FIPS_evp_aes_192_gcm(); + + case NID_aes_192_ofb128: + return FIPS_evp_aes_192_ofb(); + + case NID_aes_256_cbc: + return FIPS_evp_aes_256_cbc(); + + case NID_aes_256_ccm: + return FIPS_evp_aes_256_ccm(); + + case NID_aes_256_cfb1: + return FIPS_evp_aes_256_cfb1(); + + case NID_aes_256_cfb128: + return FIPS_evp_aes_256_cfb128(); + + case NID_aes_256_cfb8: + return FIPS_evp_aes_256_cfb8(); + + case NID_aes_256_ctr: + return FIPS_evp_aes_256_ctr(); + + case NID_aes_256_ecb: + return FIPS_evp_aes_256_ecb(); + + case NID_aes_256_gcm: + return FIPS_evp_aes_256_gcm(); + + case NID_aes_256_ofb128: + return FIPS_evp_aes_256_ofb(); + + case NID_aes_256_xts: + return FIPS_evp_aes_256_xts(); + + case NID_des_ede_ecb: + return FIPS_evp_des_ede(); + + case NID_des_ede3_ecb: + return FIPS_evp_des_ede3(); + + case NID_des_ede3_cbc: + return FIPS_evp_des_ede3_cbc(); + + case NID_des_ede3_cfb1: + return FIPS_evp_des_ede3_cfb1(); + + case NID_des_ede3_cfb64: + return FIPS_evp_des_ede3_cfb64(); + + case NID_des_ede3_cfb8: + return FIPS_evp_des_ede3_cfb8(); + + case NID_des_ede3_ofb64: + return FIPS_evp_des_ede3_ofb(); + + case NID_des_ede_cbc: + return FIPS_evp_des_ede_cbc(); + + case NID_des_ede_cfb64: + return FIPS_evp_des_ede_cfb64(); + + case NID_des_ede_ofb64: + return FIPS_evp_des_ede_ofb(); + + default: + return NULL; + + } + } + -- 2.25.1