From e2ced802b4a00e41bd260cc375b2dd4f20fb4184 Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Mon, 28 Jul 2003 15:08:00 +0000 Subject: [PATCH] Add support for partial CFB modes, make tests work, update dependencies. --- Makefile.org | 6 +- crypto/aes/aes.h | 3 + crypto/aes/aes_cfb.c | 19 +++++ crypto/dsa/Makefile.ssl | 5 +- crypto/err/Makefile.ssl | 33 ++++----- crypto/evp/e_aes.c | 8 +++ crypto/evp/e_des.c | 2 +- crypto/evp/e_des3.c | 4 +- crypto/evp/evp.h | 39 +++++++--- crypto/evp/evp_locl.h | 4 +- crypto/objects/obj_dat.h | 15 ++-- crypto/objects/obj_mac.h | 5 ++ crypto/objects/obj_mac.num | 1 + crypto/objects/objects.txt | 4 ++ fips/Makefile.ssl | 7 ++ fips/aes/Makefile.ssl | 24 ++++++- fips/aes/fips_aesavs.c | 10 ++- test/Makefile.ssl | 144 ++++++++++++++++++++++++++----------- 18 files changed, 248 insertions(+), 85 deletions(-) diff --git a/Makefile.org b/Makefile.org index 486db65952..ec9c4eefb8 100644 --- a/Makefile.org +++ b/Makefile.org @@ -202,7 +202,7 @@ ONEDIRS=out tmp EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep VMS WDIRS= windows LIBS= libcrypto.a libssl.a -SIGS= libcrypto.a.sha1 libcrypto$(SHLIBEXT).sha1 +SIGS= libcrypto.sha1 SHARED_CRYPTO=libcrypto$(SHLIB_EXT) SHARED_SSL=libssl$(SHLIB_EXT) SHARED_LIBS= @@ -222,6 +222,10 @@ HEADER= e_os.h all: Makefile.ssl sub_all openssl.pc sigs +sigs: + fips/sha1/fips_standalone_sha1 libcrypto.a > libcrypto.sha1 + if [ "$(SHLIBEXT)" != "" ]; then fips/sha1/fips_standalone_sha1 libcrypto$(SHLIBEXT) >> libcrypto.sha1; fi + sub_all: @for i in $(DIRS); \ do \ diff --git a/crypto/aes/aes.h b/crypto/aes/aes.h index 9ba4e61a21..4ac943e9a8 100644 --- a/crypto/aes/aes.h +++ b/crypto/aes/aes.h @@ -95,6 +95,9 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, const unsigned long length, const AES_KEY *key, unsigned char *ivec, int *num, const int enc); +void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, + const unsigned long length, const AES_KEY *key, + unsigned char *ivec, int *num, const int enc); void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out, const int nbits,const AES_KEY *key, unsigned char *ivec,const int enc); diff --git a/crypto/aes/aes_cfb.c b/crypto/aes/aes_cfb.c index 209a346748..dd99bc9acf 100644 --- a/crypto/aes/aes_cfb.c +++ b/crypto/aes/aes_cfb.c @@ -212,3 +212,22 @@ void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out, } /* it is not necessary to cleanse ovec, since the IV is not secret */ } + +/* N.B. This expects the input to be packed, LS bit first */ +void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, + const unsigned long length, const AES_KEY *key, + unsigned char *ivec, int *num, const int enc) + { + unsigned int n; + unsigned char c[1],d[1]; + assert(in && out && key && ivec && num); + assert(*num == 0); + + for(n=0 ; n < length ; ++n) + { + c[0]=!!(in[n/8]&(1 << (n%8))); + AES_cfbr_encrypt_block(c,d,1,key,ivec,enc); + out[n/8]=(out[n/8]&~(1 << (n%8)))|((d[0]&1) << (n%8)); + } + } + diff --git a/crypto/dsa/Makefile.ssl b/crypto/dsa/Makefile.ssl index 045d302ce8..821217767b 100644 --- a/crypto/dsa/Makefile.ssl +++ b/crypto/dsa/Makefile.ssl @@ -157,8 +157,9 @@ dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/fips.h dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h +dsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +dsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h dsa_sign.o: ../cryptlib.h dsa_sign.c dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h diff --git a/crypto/err/Makefile.ssl b/crypto/err/Makefile.ssl index 390bde1f16..258f7fc9d6 100644 --- a/crypto/err/Makefile.ssl +++ b/crypto/err/Makefile.ssl @@ -94,22 +94,23 @@ err_all.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h err_all.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h err_all.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h err_all.o: ../../include/openssl/engine.h ../../include/openssl/err.h -err_all.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -err_all.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -err_all.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -err_all.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -err_all.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h -err_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -err_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem2.h -err_all.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -err_all.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -err_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -err_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -err_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -err_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -err_all.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -err_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -err_all.o: ../../include/openssl/x509v3.h err_all.c +err_all.o: ../../include/openssl/evp.h ../../include/openssl/fips.h +err_all.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +err_all.o: ../../include/openssl/md2.h ../../include/openssl/md4.h +err_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +err_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +err_all.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h +err_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +err_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h +err_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h +err_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +err_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +err_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +err_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +err_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +err_all.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +err_all.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +err_all.o: err_all.c err_prn.o: ../../e_os.h ../../include/openssl/bio.h err_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 581e8f7fa2..542240f7eb 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -84,6 +84,14 @@ IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY, EVP_CIPHER_get_asn1_iv, NULL) +BLOCK_CIPHER_func_cfb(aes_128,AES,1,EVP_AES_KEY,ks) +BLOCK_CIPHER_def_cfb(aes_128,EVP_AES_KEY, + NID_aes_128, 16, 16, 1, + 0, aes_init_key, NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL) + static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c index 105266a4b3..f7d4d619bc 100644 --- a/crypto/evp/e_des.c +++ b/crypto/evp/e_des.c @@ -92,7 +92,7 @@ static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, return 1; } -static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, +static int des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) { DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data, diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index 95a9d68ac7..6e3d8d57c0 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -121,7 +121,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, return 1; } -static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, +static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) { DES_ede3_cfb64_encrypt(in, out, (long)inl, @@ -136,7 +136,7 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, EVP_CIPHER_get_asn1_iv, NULL) -#define des_ede3_cfb_cipher des_ede_cfb_cipher +#define des_ede3_cfb64_cipher des_ede_cfb64_cipher #define des_ede3_ofb_cipher des_ede_ofb_cipher #define des_ede3_cbc_cipher des_ede_cbc_cipher #define des_ede3_ecb_cipher des_ede_ecb_cipher diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index daf181ff8f..2f482a4e30 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -638,9 +638,12 @@ const EVP_CIPHER *EVP_des_ede(void); const EVP_CIPHER *EVP_des_ede3(void); const EVP_CIPHER *EVP_des_ede_ecb(void); const EVP_CIPHER *EVP_des_ede3_ecb(void); -const EVP_CIPHER *EVP_des_cfb(void); -const EVP_CIPHER *EVP_des_ede_cfb(void); -const EVP_CIPHER *EVP_des_ede3_cfb(void); +const EVP_CIPHER *EVP_des_cfb64(void); +# define EVP_des_cfb EVP_des_cfb64 +const EVP_CIPHER *EVP_des_ede_cfb64(void); +# define EVP_des_ede_cfb EVP_des_ede_cfb64 +const EVP_CIPHER *EVP_des_ede3_cfb64(void); +# define EVP_des_ede3_cfb EVP_des_ede3_cfb64 const EVP_CIPHER *EVP_des_ofb(void); const EVP_CIPHER *EVP_des_ede_ofb(void); const EVP_CIPHER *EVP_des_ede3_ofb(void); @@ -664,7 +667,8 @@ const EVP_CIPHER *EVP_rc4_40(void); #endif #ifndef OPENSSL_NO_IDEA const EVP_CIPHER *EVP_idea_ecb(void); -const EVP_CIPHER *EVP_idea_cfb(void); +const EVP_CIPHER *EVP_idea_cfb64(void); +# define EVP_idea_cfb EVP_idea_cfb64 const EVP_CIPHER *EVP_idea_ofb(void); const EVP_CIPHER *EVP_idea_cbc(void); #endif @@ -673,45 +677,58 @@ const EVP_CIPHER *EVP_rc2_ecb(void); const EVP_CIPHER *EVP_rc2_cbc(void); const EVP_CIPHER *EVP_rc2_40_cbc(void); const EVP_CIPHER *EVP_rc2_64_cbc(void); -const EVP_CIPHER *EVP_rc2_cfb(void); +const EVP_CIPHER *EVP_rc2_cfb64(void); +# define EVP_rc2_cfb EVP_rc2_cfb64 const EVP_CIPHER *EVP_rc2_ofb(void); #endif #ifndef OPENSSL_NO_BF const EVP_CIPHER *EVP_bf_ecb(void); const EVP_CIPHER *EVP_bf_cbc(void); -const EVP_CIPHER *EVP_bf_cfb(void); +const EVP_CIPHER *EVP_bf_cfb64(void); +# define EVP_bf_cfb EVP_bf_cfb64 const EVP_CIPHER *EVP_bf_ofb(void); #endif #ifndef OPENSSL_NO_CAST const EVP_CIPHER *EVP_cast5_ecb(void); const EVP_CIPHER *EVP_cast5_cbc(void); -const EVP_CIPHER *EVP_cast5_cfb(void); +const EVP_CIPHER *EVP_cast5_cfb64(void); +# define EVP_cast5_cfb EVP_cast5_cfb64 const EVP_CIPHER *EVP_cast5_ofb(void); #endif #ifndef OPENSSL_NO_RC5 const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void); const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void); -const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void); +const EVP_CIPHER *EVP_rc5_32_12_16_cfb64(void); +# define EVP_rc5_32_12_16_cfb EVP_rc5_32_12_16_cfb64 const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void); #endif #ifndef OPENSSL_NO_AES const EVP_CIPHER *EVP_aes_128_ecb(void); const EVP_CIPHER *EVP_aes_128_cbc(void); -const EVP_CIPHER *EVP_aes_128_cfb(void); +const EVP_CIPHER *EVP_aes_128_cfb1(void); +const EVP_CIPHER *EVP_aes_128_cfb8(void); +const EVP_CIPHER *EVP_aes_128_cfb128(void); +# define EVP_aes_128_cfb EVP_aes_128_cfb128 const EVP_CIPHER *EVP_aes_128_ofb(void); #if 0 const EVP_CIPHER *EVP_aes_128_ctr(void); #endif const EVP_CIPHER *EVP_aes_192_ecb(void); const EVP_CIPHER *EVP_aes_192_cbc(void); -const EVP_CIPHER *EVP_aes_192_cfb(void); +const EVP_CIPHER *EVP_aes_192_cfb1(void); +const EVP_CIPHER *EVP_aes_192_cfb8(void); +const EVP_CIPHER *EVP_aes_192_cfb128(void); +# define EVP_aes_192_cfb EVP_aes_192_cfb128 const EVP_CIPHER *EVP_aes_192_ofb(void); #if 0 const EVP_CIPHER *EVP_aes_192_ctr(void); #endif const EVP_CIPHER *EVP_aes_256_ecb(void); const EVP_CIPHER *EVP_aes_256_cbc(void); -const EVP_CIPHER *EVP_aes_256_cfb(void); +const EVP_CIPHER *EVP_aes_256_cfb1(void); +const EVP_CIPHER *EVP_aes_256_cfb8(void); +const EVP_CIPHER *EVP_aes_256_cfb128(void); +# define EVP_aes_256_cfb EVP_aes_256_cfb128 const EVP_CIPHER *EVP_aes_256_ofb(void); #if 0 const EVP_CIPHER *EVP_aes_256_ctr(void); diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h index 4d81a3bf4c..e4981d401b 100644 --- a/crypto/evp/evp_locl.h +++ b/crypto/evp/evp_locl.h @@ -90,7 +90,7 @@ static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const uns } #define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ -static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ +static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ {\ cprefix##_cfb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ return 1;\ @@ -127,7 +127,7 @@ BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \ #define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \ iv_len, cbits, flags, init_key, cleanup, \ set_asn1, get_asn1, ctrl) \ -BLOCK_CIPHER_def1(cname, cfb##cbits, cfb, CFB, kstruct, nid, 1, \ +BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \ key_len, iv_len, flags, init_key, cleanup, set_asn1, \ get_asn1, ctrl) diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 969b18a341..e83a9abc46 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -62,12 +62,12 @@ * [including the GNU Public Licence.] */ -#define NUM_NID 650 -#define NUM_SN 643 -#define NUM_LN 643 -#define NUM_OBJ 617 +#define NUM_NID 651 +#define NUM_SN 644 +#define NUM_LN 644 +#define NUM_OBJ 618 -static unsigned char lvalues[4455]={ +static unsigned char lvalues[4461]={ 0x00, /* [ 0] OBJ_undef */ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ @@ -685,6 +685,7 @@ static unsigned char lvalues[4455]={ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4425] OBJ_rsaOAEPEncryptionSET */ 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4434] OBJ_ms_smartcard_login */ 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4444] OBJ_ms_upn */ +0x29,0x01,0x01,0x85,0x1A,0x03, /* [4454] OBJ_aes_128_cfb1 */ }; static ASN1_OBJECT nid_objs[NUM_NID]={ @@ -1728,12 +1729,14 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ 10,&(lvalues[4434]),0}, {"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10, &(lvalues[4444]),0}, +{"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,6,&(lvalues[4454]),0}, }; static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[364]),/* "AD_DVCS" */ &(nid_objs[419]),/* "AES-128-CBC" */ &(nid_objs[421]),/* "AES-128-CFB" */ +&(nid_objs[650]),/* "AES-128-CFB1" */ &(nid_objs[418]),/* "AES-128-ECB" */ &(nid_objs[420]),/* "AES-128-OFB" */ &(nid_objs[423]),/* "AES-192-CBC" */ @@ -2485,6 +2488,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[606]),/* "additional verification" */ &(nid_objs[419]),/* "aes-128-cbc" */ &(nid_objs[421]),/* "aes-128-cfb" */ +&(nid_objs[650]),/* "aes-128-cfb1" */ &(nid_objs[418]),/* "aes-128-ecb" */ &(nid_objs[420]),/* "aes-128-ofb" */ &(nid_objs[423]),/* "aes-192-cbc" */ @@ -3235,6 +3239,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[642]),/* OBJ_set_brand_Novus 2 23 42 8 6011 */ &(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */ &(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666 2 */ +&(nid_objs[650]),/* OBJ_aes_128_cfb1 1 1 1 1 666 3 */ &(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */ &(nid_objs[185]),/* OBJ_X9cm 1 2 840 10040 4 */ &(nid_objs[127]),/* OBJ_id_pkix 1 3 6 1 5 5 7 */ diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h index 7645012298..a72957276f 100644 --- a/crypto/objects/obj_mac.h +++ b/crypto/objects/obj_mac.h @@ -2009,6 +2009,11 @@ #define NID_aes_256_cfb128 429 #define OBJ_aes_256_cfb128 OBJ_aes,44L +#define SN_aes_128_cfb1 "AES-128-CFB1" +#define LN_aes_128_cfb1 "aes-128-cfb1" +#define NID_aes_128_cfb1 650 +#define OBJ_aes_128_cfb1 1L,1L,1L,1L,666L,3L + #define SN_hold_instruction_code "holdInstructionCode" #define LN_hold_instruction_code "Hold Instruction Code" #define NID_hold_instruction_code 430 diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 9838072b65..932b323c00 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -647,3 +647,4 @@ joint_iso_itu_t 646 international_organizations 647 ms_smartcard_login 648 ms_upn 649 +aes_128_cfb1 650 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 3ba11f65cc..f796c6c7f3 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -681,6 +681,10 @@ aes 43 : AES-256-OFB : aes-256-ofb !Cname aes-256-cfb128 aes 44 : AES-256-CFB : aes-256-cfb +# There are no OIDs for these modes... + +1 1 1 1 666 3 : AES-128-CFB1 : aes-128-cfb1 + # Hold instruction CRL entry extension !Cname hold-instruction-code id-ce 23 : holdInstructionCode : Hold Instruction Code diff --git a/fips/Makefile.ssl b/fips/Makefile.ssl index 53807609dc..6964b29f69 100644 --- a/fips/Makefile.ssl +++ b/fips/Makefile.ssl @@ -153,3 +153,10 @@ fips.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h fips.o: ../include/openssl/safestack.h ../include/openssl/stack.h fips.o: ../include/openssl/symhacks.h ../include/openssl/ui.h fips.o: ../include/openssl/ui_compat.h fips.c +fips_err_wrapper.o: ../include/openssl/bio.h ../include/openssl/crypto.h +fips_err_wrapper.o: ../include/openssl/e_os2.h ../include/openssl/err.h +fips_err_wrapper.o: ../include/openssl/fips.h ../include/openssl/lhash.h +fips_err_wrapper.o: ../include/openssl/opensslconf.h +fips_err_wrapper.o: ../include/openssl/opensslv.h +fips_err_wrapper.o: ../include/openssl/safestack.h ../include/openssl/stack.h +fips_err_wrapper.o: ../include/openssl/symhacks.h fips_err.c fips_err_wrapper.c diff --git a/fips/aes/Makefile.ssl b/fips/aes/Makefile.ssl index 17be33cbf6..6d3181afc2 100644 --- a/fips/aes/Makefile.ssl +++ b/fips/aes/Makefile.ssl @@ -80,7 +80,8 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) + $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) \ + $(LIBSRC) fips_aesavs.c dclean: $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new @@ -93,3 +94,24 @@ clean: fips_aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h fips_aes_core.o: ../../include/openssl/opensslconf.h fips_aes_core.c fips_aes_core.o: fips_aes_locl.h +fips_aesavs.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h +fips_aesavs.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +fips_aesavs.o: ../../include/openssl/bn.h ../../include/openssl/cast.h +fips_aesavs.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +fips_aesavs.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +fips_aesavs.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +fips_aesavs.o: ../../include/openssl/err.h ../../include/openssl/evp.h +fips_aesavs.o: ../../include/openssl/fips.h ../../include/openssl/idea.h +fips_aesavs.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h +fips_aesavs.o: ../../include/openssl/md4.h ../../include/openssl/md5.h +fips_aesavs.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +fips_aesavs.o: ../../include/openssl/objects.h +fips_aesavs.o: ../../include/openssl/opensslconf.h +fips_aesavs.o: ../../include/openssl/opensslv.h +fips_aesavs.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h +fips_aesavs.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +fips_aesavs.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +fips_aesavs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +fips_aesavs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +fips_aesavs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +fips_aesavs.o: fips_aesavs.c diff --git a/fips/aes/fips_aesavs.c b/fips/aes/fips_aesavs.c index 4d1d7edcac..d54018e4b1 100644 --- a/fips/aes/fips_aesavs.c +++ b/fips/aes/fips_aesavs.c @@ -43,10 +43,12 @@ int AESTest(EVP_CIPHER_CTX *ctx, kt = 1000; else if (strcasecmp(amode, "ECB") == 0) kt = 2000; - else if (strncasecmp(amode, "CFB", 3) == 0) + else if (strcasecmp(amode, "CFB128") == 0) kt = 3000; else if (strncasecmp(amode, "OFB", 3) == 0) kt = 4000; + else if(!strcasecmp(amode,"CFB1")) + kt=5000; else { printf("Unknown mode: %s\n", amode); @@ -100,6 +102,12 @@ int AESTest(EVP_CIPHER_CTX *ctx, case 4256: /* OFB 256 */ cipher = EVP_aes_256_ofb(); break; + case 5128: + cipher=EVP_aes_128_cfb1(); + break; + default: + printf("Didn't handle mode %d\n",kt); + exit(1); } if (dir) { /* encrypt */ diff --git a/test/Makefile.ssl b/test/Makefile.ssl index 41e8acde9c..a9d06d4840 100644 --- a/test/Makefile.ssl +++ b/test/Makefile.ssl @@ -142,8 +142,7 @@ alltests: \ test_ss test_ca test_engine test_evp test_ssl fips_test_aes fips_test_aes: - -mkdir rsp - -mkdir rsp/fips_aes_data + -mkdir fips_aes_data/rsp $(SET_SO_PATHS); ./$(FIPS_AESTEST) -d fips_aes_data/list test_evp: @@ -277,7 +276,7 @@ test_ca: else \ echo "Generate and certify a test certificate via the 'ca' program"; \ sh ./testca; \ - fi + fi test_aes: #$(AESTEST) # @echo "test Rijndael" @@ -537,7 +536,7 @@ $(EVPTEST): $(EVPTEST).o $(DLIBCRYPTO) LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ fi - + #$(AESTEST).o: $(AESTEST).c # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c @@ -559,10 +558,8 @@ dummytest: dummytest.o $(DLIBCRYPTO) # DO NOT DELETE THIS LINE -- make depend depends on it. -bftest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h -bftest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h -bftest.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h -bftest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h bftest.c +bftest.o: ../e_os.h ../include/openssl/blowfish.h ../include/openssl/e_os2.h +bftest.o: ../include/openssl/opensslconf.h bftest.c bntest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h bntest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h bntest.o: ../include/openssl/bn.h ../include/openssl/buffer.h @@ -584,24 +581,29 @@ bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h bntest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h bntest.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h bntest.o: ../include/openssl/x509_vfy.h bntest.c -casttest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h -casttest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h -casttest.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h -casttest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h casttest.c +casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h +casttest.o: ../include/openssl/opensslconf.h casttest.c destest.o: ../include/openssl/crypto.h ../include/openssl/des.h destest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h destest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h destest.o: ../include/openssl/safestack.h ../include/openssl/stack.h destest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h destest.o: ../include/openssl/ui_compat.h destest.c -dhtest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h -dhtest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h -dhtest.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h +dhtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h +dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h +dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h +dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h +dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c -dsatest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h -dsatest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h -dsatest.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h -dsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dsatest.c +dsatest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h +dsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h +dsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h +dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h +dsatest.o: ../include/openssl/safestack.h ../include/openssl/stack.h +dsatest.o: ../include/openssl/symhacks.h dsatest.c ectest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ectest.o: ../include/openssl/bn.h ../include/openssl/crypto.h ectest.o: ../include/openssl/dh.h ../include/openssl/dsa.h @@ -612,10 +614,16 @@ ectest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h ectest.o: ../include/openssl/rand.h ../include/openssl/rsa.h ectest.o: ../include/openssl/safestack.h ../include/openssl/stack.h ectest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h ectest.c -enginetest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h -enginetest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h -enginetest.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h -enginetest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +enginetest.o: ../include/openssl/asn1.h ../include/openssl/bio.h +enginetest.o: ../include/openssl/bn.h ../include/openssl/buffer.h +enginetest.o: ../include/openssl/crypto.h ../include/openssl/dh.h +enginetest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +enginetest.o: ../include/openssl/engine.h ../include/openssl/err.h +enginetest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h +enginetest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +enginetest.o: ../include/openssl/rand.h ../include/openssl/rsa.h +enginetest.o: ../include/openssl/safestack.h ../include/openssl/stack.h +enginetest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h enginetest.o: enginetest.c evp_test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h evp_test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h @@ -663,6 +671,19 @@ fips_aesavs.o: ../include/openssl/rsa.h ../include/openssl/safestack.h fips_aesavs.o: ../include/openssl/sha.h ../include/openssl/stack.h fips_aesavs.o: ../include/openssl/symhacks.h ../include/openssl/ui.h fips_aesavs.o: ../include/openssl/ui_compat.h fips_aesavs.c +fips_dsatest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +fips_dsatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h +fips_dsatest.o: ../include/openssl/des.h ../include/openssl/des_old.h +fips_dsatest.o: ../include/openssl/dh.h ../include/openssl/dsa.h +fips_dsatest.o: ../include/openssl/e_os2.h ../include/openssl/engine.h +fips_dsatest.o: ../include/openssl/err.h ../include/openssl/fips.h +fips_dsatest.o: ../include/openssl/fips_rand.h ../include/openssl/lhash.h +fips_dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +fips_dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h +fips_dsatest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +fips_dsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +fips_dsatest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h +fips_dsatest.o: fips_dsatest.c fips_randtest.o: ../e_os.h ../include/openssl/crypto.h ../include/openssl/des.h fips_randtest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h fips_randtest.o: ../include/openssl/fips_rand.h @@ -671,6 +692,8 @@ fips_randtest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h fips_randtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h fips_randtest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h fips_randtest.o: ../include/openssl/ui_compat.h fips_randtest.c +fips_sha1test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h +fips_sha1test.o: ../include/openssl/sha.h fips_sha1test.c hmactest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h hmactest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h hmactest.o: ../include/openssl/bn.h ../include/openssl/cast.h @@ -689,18 +712,42 @@ hmactest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h hmactest.o: ../include/openssl/sha.h ../include/openssl/stack.h hmactest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h hmactest.o: ../include/openssl/ui_compat.h hmactest.c -ideatest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h -ideatest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h -ideatest.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h -ideatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h ideatest.c -md2test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h -md2test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h -md2test.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h -md2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md2test.c -md4test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h -md4test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h -md4test.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h -md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md4test.c +ideatest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/idea.h +ideatest.o: ../include/openssl/opensslconf.h ideatest.c +md2test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h +md2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +md2test.o: ../include/openssl/bn.h ../include/openssl/cast.h +md2test.o: ../include/openssl/crypto.h ../include/openssl/des.h +md2test.o: ../include/openssl/des_old.h ../include/openssl/dh.h +md2test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +md2test.o: ../include/openssl/evp.h ../include/openssl/idea.h +md2test.o: ../include/openssl/md2.h ../include/openssl/md4.h +md2test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +md2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +md2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +md2test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h +md2test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +md2test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +md2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h +md2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +md2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md2test.c +md4test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h +md4test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +md4test.o: ../include/openssl/bn.h ../include/openssl/cast.h +md4test.o: ../include/openssl/crypto.h ../include/openssl/des.h +md4test.o: ../include/openssl/des_old.h ../include/openssl/dh.h +md4test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +md4test.o: ../include/openssl/evp.h ../include/openssl/idea.h +md4test.o: ../include/openssl/md2.h ../include/openssl/md4.h +md4test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +md4test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +md4test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +md4test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h +md4test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +md4test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +md4test.o: ../include/openssl/safestack.h ../include/openssl/sha.h +md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +md4test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md4test.c md5test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h md5test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h md5test.o: ../include/openssl/bn.h ../include/openssl/cast.h @@ -718,10 +765,23 @@ md5test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h md5test.o: ../include/openssl/safestack.h ../include/openssl/sha.h md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md5test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md5test.c -mdc2test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h -mdc2test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h -mdc2test.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h -mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h mdc2test.c +mdc2test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h +mdc2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +mdc2test.o: ../include/openssl/bn.h ../include/openssl/cast.h +mdc2test.o: ../include/openssl/crypto.h ../include/openssl/des.h +mdc2test.o: ../include/openssl/des_old.h ../include/openssl/dh.h +mdc2test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +mdc2test.o: ../include/openssl/evp.h ../include/openssl/idea.h +mdc2test.o: ../include/openssl/md2.h ../include/openssl/md4.h +mdc2test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +mdc2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +mdc2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +mdc2test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h +mdc2test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h +mdc2test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +mdc2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h +mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +mdc2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h mdc2test.c randtest.o: ../e_os.h ../include/openssl/e_os2.h randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h randtest.o: ../include/openssl/rand.h randtest.c @@ -729,10 +789,8 @@ rc2test.o: ../e_os.h ../include/openssl/e_os2.h rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c rc4test.o: ../e_os.h ../include/openssl/e_os2.h rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h rc4test.c -rc5test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h -rc5test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h -rc5test.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h -rc5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h rc5test.c +rc5test.o: ../e_os.h ../include/openssl/e_os2.h +rc5test.o: ../include/openssl/opensslconf.h ../include/openssl/rc5.h rc5test.c rmdtest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h rmdtest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h rmdtest.o: ../include/openssl/bn.h ../include/openssl/cast.h -- 2.25.1