From c473d53898da052330f515f0126e85d4c5931fdb Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Tue, 29 Jul 2003 13:24:27 +0000 Subject: [PATCH] The rest of the keysizes for CFB1, working AES AVS test for CFB1. --- crypto/evp/e_aes.c | 14 ++++++++++ crypto/objects/obj_dat.h | 20 ++++++++++---- crypto/objects/obj_mac.h | 10 +++++++ crypto/objects/obj_mac.num | 2 ++ crypto/objects/objects.txt | 2 ++ fips/aes/Makefile.ssl | 2 +- fips/aes/fips_aesavs.c | 53 ++++++++++++++++++++++++-------------- 7 files changed, 78 insertions(+), 25 deletions(-) diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 542240f7eb..3d994c9b98 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -84,6 +84,19 @@ IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY, EVP_CIPHER_get_asn1_iv, NULL) +#define IMPLEMENT_CFBR(keysize,cbits) \ + BLOCK_CIPHER_func_cfb(aes_##keysize,AES,cbits,EVP_AES_KEY,ks) \ + BLOCK_CIPHER_def_cfb(aes_##keysize,EVP_AES_KEY, \ + NID_aes_##keysize, keysize/8, 16, cbits, \ + 0, aes_init_key, NULL, \ + EVP_CIPHER_set_asn1_iv, \ + EVP_CIPHER_get_asn1_iv, \ + NULL) + +IMPLEMENT_CFBR(128,1) +IMPLEMENT_CFBR(192,1) +IMPLEMENT_CFBR(256,1) + /* BLOCK_CIPHER_func_cfb(aes_128,AES,1,EVP_AES_KEY,ks) BLOCK_CIPHER_def_cfb(aes_128,EVP_AES_KEY, NID_aes_128, 16, 16, 1, @@ -91,6 +104,7 @@ BLOCK_CIPHER_def_cfb(aes_128,EVP_AES_KEY, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) + */ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index e83a9abc46..0b2bd2af1d 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -62,12 +62,12 @@ * [including the GNU Public Licence.] */ -#define NUM_NID 651 -#define NUM_SN 644 -#define NUM_LN 644 -#define NUM_OBJ 618 +#define NUM_NID 653 +#define NUM_SN 646 +#define NUM_LN 646 +#define NUM_OBJ 620 -static unsigned char lvalues[4461]={ +static unsigned char lvalues[4473]={ 0x00, /* [ 0] OBJ_undef */ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ @@ -686,6 +686,8 @@ static unsigned char lvalues[4461]={ 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4434] OBJ_ms_smartcard_login */ 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4444] OBJ_ms_upn */ 0x29,0x01,0x01,0x85,0x1A,0x03, /* [4454] OBJ_aes_128_cfb1 */ +0x29,0x01,0x01,0x85,0x1A,0x04, /* [4460] OBJ_aes_192_cfb1 */ +0x29,0x01,0x01,0x85,0x1A,0x05, /* [4466] OBJ_aes_256_cfb1 */ }; static ASN1_OBJECT nid_objs[NUM_NID]={ @@ -1730,6 +1732,8 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ {"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10, &(lvalues[4444]),0}, {"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,6,&(lvalues[4454]),0}, +{"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,6,&(lvalues[4460]),0}, +{"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,6,&(lvalues[4466]),0}, }; static ASN1_OBJECT *sn_objs[NUM_SN]={ @@ -1741,10 +1745,12 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[420]),/* "AES-128-OFB" */ &(nid_objs[423]),/* "AES-192-CBC" */ &(nid_objs[425]),/* "AES-192-CFB" */ +&(nid_objs[651]),/* "AES-192-CFB1" */ &(nid_objs[422]),/* "AES-192-ECB" */ &(nid_objs[424]),/* "AES-192-OFB" */ &(nid_objs[427]),/* "AES-256-CBC" */ &(nid_objs[429]),/* "AES-256-CFB" */ +&(nid_objs[652]),/* "AES-256-CFB1" */ &(nid_objs[426]),/* "AES-256-ECB" */ &(nid_objs[428]),/* "AES-256-OFB" */ &(nid_objs[91]),/* "BF-CBC" */ @@ -2493,10 +2499,12 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[420]),/* "aes-128-ofb" */ &(nid_objs[423]),/* "aes-192-cbc" */ &(nid_objs[425]),/* "aes-192-cfb" */ +&(nid_objs[651]),/* "aes-192-cfb1" */ &(nid_objs[422]),/* "aes-192-ecb" */ &(nid_objs[424]),/* "aes-192-ofb" */ &(nid_objs[427]),/* "aes-256-cbc" */ &(nid_objs[429]),/* "aes-256-cfb" */ +&(nid_objs[652]),/* "aes-256-cfb1" */ &(nid_objs[426]),/* "aes-256-ecb" */ &(nid_objs[428]),/* "aes-256-ofb" */ &(nid_objs[376]),/* "algorithm" */ @@ -3240,6 +3248,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */ &(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666 2 */ &(nid_objs[650]),/* OBJ_aes_128_cfb1 1 1 1 1 666 3 */ +&(nid_objs[651]),/* OBJ_aes_192_cfb1 1 1 1 1 666 4 */ +&(nid_objs[652]),/* OBJ_aes_256_cfb1 1 1 1 1 666 5 */ &(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */ &(nid_objs[185]),/* OBJ_X9cm 1 2 840 10040 4 */ &(nid_objs[127]),/* OBJ_id_pkix 1 3 6 1 5 5 7 */ diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h index a72957276f..ee967a74d4 100644 --- a/crypto/objects/obj_mac.h +++ b/crypto/objects/obj_mac.h @@ -2014,6 +2014,16 @@ #define NID_aes_128_cfb1 650 #define OBJ_aes_128_cfb1 1L,1L,1L,1L,666L,3L +#define SN_aes_192_cfb1 "AES-192-CFB1" +#define LN_aes_192_cfb1 "aes-192-cfb1" +#define NID_aes_192_cfb1 651 +#define OBJ_aes_192_cfb1 1L,1L,1L,1L,666L,4L + +#define SN_aes_256_cfb1 "AES-256-CFB1" +#define LN_aes_256_cfb1 "aes-256-cfb1" +#define NID_aes_256_cfb1 652 +#define OBJ_aes_256_cfb1 1L,1L,1L,1L,666L,5L + #define SN_hold_instruction_code "holdInstructionCode" #define LN_hold_instruction_code "Hold Instruction Code" #define NID_hold_instruction_code 430 diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 932b323c00..d0e3f1a4fc 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -648,3 +648,5 @@ international_organizations 647 ms_smartcard_login 648 ms_upn 649 aes_128_cfb1 650 +aes_192_cfb1 651 +aes_256_cfb1 652 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index f796c6c7f3..94c29fc972 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -684,6 +684,8 @@ aes 44 : AES-256-CFB : aes-256-cfb # There are no OIDs for these modes... 1 1 1 1 666 3 : AES-128-CFB1 : aes-128-cfb1 +1 1 1 1 666 4 : AES-192-CFB1 : aes-192-cfb1 +1 1 1 1 666 5 : AES-256-CFB1 : aes-256-cfb1 # Hold instruction CRL entry extension !Cname hold-instruction-code diff --git a/fips/aes/Makefile.ssl b/fips/aes/Makefile.ssl index 6d3181afc2..f96ee99c17 100644 --- a/fips/aes/Makefile.ssl +++ b/fips/aes/Makefile.ssl @@ -67,7 +67,7 @@ tags: tests: -fips_aesavs: fips_aesavs.o +fips_aesavs: fips_aesavs.o ../../libcrypto.a $(CC) $(CFLAGS) -o fips_aesavs fips_aesavs.o ../../libcrypto.a fips_test: top diff --git a/fips/aes/fips_aesavs.c b/fips/aes/fips_aesavs.c index d54018e4b1..6cec69d408 100644 --- a/fips/aes/fips_aesavs.c +++ b/fips/aes/fips_aesavs.c @@ -105,6 +105,12 @@ int AESTest(EVP_CIPHER_CTX *ctx, case 5128: cipher=EVP_aes_128_cfb1(); break; + case 5192: + cipher=EVP_aes_192_cfb1(); + break; + case 5256: + cipher=EVP_aes_256_cfb1(); + break; default: printf("Didn't handle mode %d\n",kt); exit(1); @@ -207,16 +213,22 @@ void PrintValue(char *tag, unsigned char *val, int len) #endif } -void OutputValue(char *tag, unsigned char *val, int len, FILE *rfp) -{ - char obuf[2048]; - int olen; - olen = bin2hex(val, len, obuf); - fprintf(rfp, "%s = %.*s\n", tag, olen, obuf); +void OutputValue(char *tag, unsigned char *val, int len, FILE *rfp,int bitmode) + { + char obuf[2048]; + int olen; + + if(bitmode) + fprintf(rfp,"%s = %d\n",tag,val[0] ? 1 : 0); + else + { + olen = bin2hex(val, len, obuf); + fprintf(rfp, "%s = %.*s\n", tag, olen, obuf); + } #if VERBOSE - printf("%s = %.*s\n", tag, olen, obuf); + printf("%s = %.*s\n", tag, olen, obuf); #endif -} + } /*-----------------------------------------------*/ char *t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"}; @@ -276,11 +288,12 @@ int do_mct(char *amode, /* printf("Iteration %d\n", i); */ if (i > 0) { - OutputValue("KEY", key[i], nkeysz, rfp); + OutputValue("KEY",key[i],nkeysz,rfp,0); if (imode != ECB) /* ECB */ - OutputValue("IV", iv[i], AES_BLOCK_SIZE, rfp); + OutputValue("IV",iv[i],AES_BLOCK_SIZE,rfp,0); /* Output Ciphertext | Plaintext */ - OutputValue(t_tag[dir^1], (dir)? ptext[0]: ctext[0], len, rfp); + OutputValue(t_tag[dir^1],dir ? ptext[0] : ctext[0],len,rfp, + imode == CFB1); } for (j = 0; j < 1000; ++j) { @@ -373,6 +386,9 @@ int do_mct(char *amode, case CFB1: if(j == 0) { + /* compensate for wrong endianness of input file */ + if(i == 0) + ptext[0][0]<<=7; ret=AESTest(&ctx,amode,akeysz,key[i],iv[i],dir, (char*)ptext[j], ctext[j], len); } @@ -403,10 +419,8 @@ int do_mct(char *amode, } --j; /* reset to last of range */ /* Output Ciphertext | Plaintext */ - if(imode == CFB1) - fprintf(rfp,"%s = %d\n",t_tag[dir],(dir?ctext[j]:ptext[j])[0]&1); - else - OutputValue(t_tag[dir], (dir)?ctext[j]:ptext[j], len, rfp); + OutputValue(t_tag[dir],dir ? ctext[j] : ptext[j],len,rfp, + imode == CFB1); fprintf(rfp, "\n"); /* add separator */ /* Compute next KEY */ @@ -493,7 +507,7 @@ int do_mct(char *amode, case CFB1: for(n1=0,n2=127 ; n1 < 128 ; ++n1,--n2) sb(iv[i+1],n1,gb(ctext[j-n2],0)); - ptext[0][0]=ctext[j-128][0]&1; + ptext[0][0]=ctext[j-128][0]&0x80; break; } } @@ -518,7 +532,7 @@ int do_mct(char *amode, case CFB1: for(n1=0,n2=127 ; n1 < 128 ; ++n1,--n2) sb(iv[i+1],n1,gb(ptext[j-n2],0)); - ctext[0][0]=ptext[j-128][0]&1; + ctext[0][0]=ptext[j-128][0]&0x80; break; } } @@ -759,7 +773,7 @@ int proc_file(char *rqfile) ret = AESTest(&ctx, amode, akeysz, aKey, iVec, dir, /* 0 = decrypt, 1 = encrypt */ plaintext, ciphertext, len); - OutputValue("CIPHERTEXT", ciphertext, len, rfp); + OutputValue("CIPHERTEXT",ciphertext,len,rfp,0); } step = 6; } @@ -793,7 +807,8 @@ int proc_file(char *rqfile) ret = AESTest(&ctx, amode, akeysz, aKey, iVec, dir, /* 0 = decrypt, 1 = encrypt */ plaintext, ciphertext, len); - OutputValue("PLAINTEXT", (unsigned char*)plaintext, len, rfp); + OutputValue("PLAINTEXT",(unsigned char *)plaintext,len,rfp, + 0); } step = 6; } -- 2.25.1