Vendor import of OpenSSL 0.9.8d.

This commit is contained in:
Simon L. B. Nielsen 2006-10-01 07:38:44 +00:00
parent 3b4e3dcb9f
commit ed5d4f9a94
98 changed files with 6053 additions and 511 deletions

View File

@ -2,6 +2,108 @@
OpenSSL CHANGES
_______________
Changes between 0.9.8c and 0.9.8d [28 Sep 2006]
*) Introduce limits to prevent malicious keys being able to
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
*) Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service. (CVE-2006-2937) [Steve Henson]
*) Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
*) Fix SSL client code which could crash if connecting to a
malicious SSLv2 server. (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
*) Since 0.9.8b, ciphersuite strings naming explicit ciphersuites
match only those. Before that, "AES256-SHA" would be interpreted
as a pattern and match "AES128-SHA" too (since AES128-SHA got
the same strength classification in 0.9.7h) as we currently only
have a single AES bit in the ciphersuite description bitmap.
That change, however, also applied to ciphersuite strings such as
"RC4-MD5" that intentionally matched multiple ciphersuites --
namely, SSL 2.0 ciphersuites in addition to the more common ones
from SSL 3.0/TLS 1.0.
So we change the selection algorithm again: Naming an explicit
ciphersuite selects this one ciphersuite, and any other similar
ciphersuite (same bitmap) from *other* protocol versions.
Thus, "RC4-MD5" again will properly select both the SSL 2.0
ciphersuite and the SSL 3.0/TLS 1.0 ciphersuite.
Since SSL 2.0 does not have any ciphersuites for which the
128/256 bit distinction would be relevant, this works for now.
The proper fix will be to use different bits for AES128 and
AES256, which would have avoided the problems from the beginning;
however, bits are scarce, so we can only do this in a new release
(not just a patchlevel) when we can change the SSL_CIPHER
definition to split the single 'unsigned long mask' bitmap into
multiple values to extend the available space.
[Bodo Moeller]
Changes between 0.9.8b and 0.9.8c [05 Sep 2006]
*) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
(CVE-2006-4339) [Ben Laurie and Google Security Team]
*) Add AES IGE and biIGE modes.
[Ben Laurie]
*) Change the Unix randomness entropy gathering to use poll() when
possible instead of select(), since the latter has some
undesirable limitations.
[Darryl Miles via Richard Levitte and Bodo Moeller]
*) Disable "ECCdraft" ciphersuites more thoroughly. Now special
treatment in ssl/ssl_ciph.s makes sure that these ciphersuites
cannot be implicitly activated as part of, e.g., the "AES" alias.
However, please upgrade to OpenSSL 0.9.9[-dev] for
non-experimental use of the ECC ciphersuites to get TLS extension
support, which is required for curve and point format negotiation
to avoid potential handshake problems.
[Bodo Moeller]
*) Disable rogue ciphersuites:
- SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")
- SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5")
- SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5")
The latter two were purportedly from
draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
appear there.
Also deactive the remaining ciphersuites from
draft-ietf-tls-56-bit-ciphersuites-01.txt. These are just as
unofficial, and the ID has long expired.
[Bodo Moeller]
*) Fix RSA blinding Heisenbug (problems sometimes occured on
dual-core machines) and other potential thread-safety issues.
[Bodo Moeller]
*) Add the symmetric cipher Camellia (128-bit, 192-bit, 256-bit key
versions), which is now available for royalty-free use
(see http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html).
Also, add Camellia TLS ciphersuites from RFC 4132.
To minimize changes between patchlevels in the OpenSSL 0.9.8
series, Camellia remains excluded from compilation unless OpenSSL
is configured with 'enable-camellia'.
[NTT]
*) Disable the padding bug check when compression is in use. The padding
bug check assumes the first packet is of even length, this is not
necessarily true if compresssion is enabled and can result in false
positives causing handshake failure. The actual bug test is ancient
code so it is hoped that implementations will either have fixed it by
now or any which still have the bug do not support compression.
[Steve Henson]
Changes between 0.9.8a and 0.9.8b [04 May 2006]
*) When applying a cipher rule check to see if string match is an explicit
@ -84,6 +186,9 @@
Changes between 0.9.7h and 0.9.8 [05 Jul 2005]
[NB: OpenSSL 0.9.7i and later 0.9.7 patch levels were released after
OpenSSL 0.9.8.]
*) Add libcrypto.pc and libssl.pc for those who feel they need them.
[Richard Levitte]
@ -901,6 +1006,61 @@
differing sizes.
[Richard Levitte]
Changes between 0.9.7k and 0.9.7l [xx XXX xxxx]
*) Change ciphersuite string processing so that an explicit
ciphersuite selects this one ciphersuite (so that "AES256-SHA"
will no longer include "AES128-SHA"), and any other similar
ciphersuite (same bitmap) from *other* protocol versions (so that
"RC4-MD5" will still include both the SSL 2.0 ciphersuite and the
SSL 3.0/TLS 1.0 ciphersuite). This is a backport combining
changes from 0.9.8b and 0.9.8d.
[Bodo Moeller]
Changes between 0.9.7j and 0.9.7k [05 Sep 2006]
*) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
(CVE-2006-4339) [Ben Laurie and Google Security Team]
*) Change the Unix randomness entropy gathering to use poll() when
possible instead of select(), since the latter has some
undesirable limitations.
[Darryl Miles via Richard Levitte and Bodo Moeller]
*) Disable rogue ciphersuites:
- SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")
- SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5")
- SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5")
The latter two were purportedly from
draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
appear there.
Also deactive the remaining ciphersuites from
draft-ietf-tls-56-bit-ciphersuites-01.txt. These are just as
unofficial, and the ID has long expired.
[Bodo Moeller]
*) Fix RSA blinding Heisenbug (problems sometimes occured on
dual-core machines) and other potential thread-safety issues.
[Bodo Moeller]
Changes between 0.9.7i and 0.9.7j [04 May 2006]
*) Adapt fipsld and the build system to link against the validated FIPS
module in FIPS mode.
[Steve Henson]
*) Fixes for VC++ 2005 build under Windows.
[Steve Henson]
*) Add new Windows build target VC-32-GMAKE for VC++. This uses GNU make
from a Windows bash shell such as MSYS. It is autodetected from the
"config" script when run from a VC++ environment. Modify standard VC++
build to use fipscanister.o from the GNU make build.
[Steve Henson]
Changes between 0.9.7h and 0.9.7i [14 Oct 2005]
*) Wrapped the definition of EVP_MAX_MD_SIZE in a #ifdef OPENSSL_FIPS.

View File

@ -155,7 +155,7 @@ my %table=(
"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
"debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -march=i486 -pedantic -Wshadow -Wall::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
"debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared",
"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -march=i486 -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared",
"debug-steve-linux-pseudo64", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT:${no_asm}:dlfcn:linux-shared",
"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -195,7 +195,7 @@ my %table=(
#### Solaris x86 with Sun C setups
"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${no_asm}:dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### SPARC Solaris with GNU C setups
"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -285,7 +285,7 @@ my %table=(
# with debugging of the following config.
"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# GCC builds...
"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT::bn-ia64.o::aes-ia64.o:::sha256-ia64.o sha512-ia64.o::rc4-ia64.o:::dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# Legacy HPUX 9.X configs...
@ -600,6 +600,7 @@ my $perl;
# All of the following is disabled by default (RC5 was enabled before 0.9.8):
my %disabled = ( # "what" => "comment"
"camellia" => "default",
"gmp" => "default",
"mdc2" => "default",
"rc5" => "default",
@ -613,7 +614,7 @@ my %disabled = ( # "what" => "comment"
# For symmetry, "disable-..." is a synonym for "no-...".
# This is what $depflags will look like with the above default:
my $default_depflags = "-DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 ";
my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 ";
my $no_sse2=0;
@ -918,7 +919,7 @@ foreach (sort (keys %disabled))
my $IsMK1MF=scalar grep /^$target$/,@MK1MF_Builds;
$IsMK1MF=1 if ($target eq "mingw" && $^O ne "cygwin");
$IsMK1MF=1 if ($target eq "mingw" && $^O ne "cygwin" && !is_msys());
$exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target eq "mingw");
$exe_ext=".pm" if ($target =~ /vos/);
@ -1806,3 +1807,11 @@ sub test_sanity
print STDERR "No sanity errors detected!\n" if $errorcnt == 0;
return $errorcnt;
}
# Attempt to detect MSYS environment
sub is_msys
{
return 1 if (exists $ENV{"TERM"} && $ENV{"TERM"} eq "msys");
return 0;
}

View File

@ -74,7 +74,7 @@ OpenSSL - Frequently Asked Questions
* Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>.
OpenSSL 0.9.8b was released on May 4th, 2006.
OpenSSL 0.9.8d was released on September 28th, 2006.
In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL:
@ -679,8 +679,9 @@ libraries. If your platform is not one of these, consult the INSTALL
file.
Multi-threaded applications must provide two callback functions to
OpenSSL. This is described in the threads(3) manpage.
OpenSSL by calling CRYPTO_set_locking_callback() and
CRYPTO_set_id_callback(). This is described in the threads(3)
manpage.
* I've compiled a program under Windows and it crashes: why?

View File

@ -12,7 +12,7 @@
---------------
/* ====================================================================
* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions

View File

@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
VERSION=0.9.8b
VERSION=0.9.8d
MAJOR=0
MINOR=9.8
SHLIB_VERSION_NUMBER=0.9.8
@ -13,7 +13,7 @@ SHLIB_MAJOR=0
SHLIB_MINOR=9.8
SHLIB_EXT=
PLATFORM=dist
OPTIONS= no-gmp no-krb5 no-mdc2 no-rc5 no-shared no-zlib no-zlib-dynamic
OPTIONS= no-camellia no-gmp no-krb5 no-mdc2 no-rc5 no-shared no-zlib no-zlib-dynamic
CONFIGURE_ARGS=dist
SHLIB_TARGET=
@ -61,14 +61,14 @@ OPENSSLDIR=/usr/local/ssl
CC= cc
CFLAG= -O
DEPFLAG= -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5
DEPFLAG= -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5
PEX_LIBS=
EX_LIBS=
EXE_EXT=
ARFLAGS=
AR=ar $(ARFLAGS) r
RANLIB= /usr/bin/ranlib
PERL= /usr/bin/perl
PERL= /usr/local/bin/perl
TAR= tar
TARFLAGS= --no-recursion
MAKEDEPPROG=makedepend

View File

@ -111,7 +111,7 @@ SHLIBDIRS= crypto ssl
SDIRS= \
objects \
md2 md4 md5 sha mdc2 hmac ripemd \
des aes rc2 rc4 rc5 idea bf cast \
des aes rc2 rc4 rc5 idea bf cast camellia \
bn ec rsa dsa ecdsa dh ecdh dso engine \
buffer bio stack lhash rand err \
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \

View File

@ -455,7 +455,7 @@ link_o.hpux:
@if ${DETECT_GNU_LD}; then $(DO_GNU_SO); else \
$(CALC_VERSIONS); \
SHLIB=lib$(LIBNAME).sl; \
expr "$(CFLAGS)" : 'DSO_DLFCN' > /dev/null && SHLIB=lib$(LIBNAME).so; \
expr "$(CFLAGS)" : '.*DSO_DLFCN' > /dev/null && SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=; \
ALLSYMSFLAGS='-Wl,-Fl'; \
NOALLSYMSFLAGS=''; \

View File

@ -5,6 +5,17 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.8d:
o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
o Changes to ciphersuite selection algorithm
Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c:
o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
o New cipher Camellia
Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b:
o Cipher string fixes.
@ -17,7 +28,7 @@
Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a:
o Fix potential SSL 2.0 rollback, CAN-2005-2969
o Fix potential SSL 2.0 rollback, CVE-2005-2969
o Extended Windows CE support
Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8:
@ -94,6 +105,10 @@
o Added initial support for Win64.
o Added alternate pkg-config files.
Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k:
o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j:
o Visual C++ 2005 fixes.
@ -105,7 +120,7 @@
Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h:
o Fix SSL 2.0 Rollback, CAN-2005-2969
o Fix SSL 2.0 Rollback, CVE-2005-2969
o Allow use of fixed-length exponent on DSA signing
o Default fixed-window RSA, DSA, DH private-key operations

View File

@ -1,7 +1,7 @@
OpenSSL 0.9.8b 04 May 2006
OpenSSL 0.9.8d 28 Sep 2006
Copyright (c) 1998-2005 The OpenSSL Project
Copyright (c) 1998-2006 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
All rights reserved.
@ -113,6 +113,10 @@
The MDC2 algorithm is patented by IBM.
NTT and Mitsubishi have patents and pending patents on the Camellia
algorithm, but allow use at no charge without requiring an explicit
licensing agreement: http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
INSTALLATION
------------

View File

@ -1,4 +1,4 @@
#!/usr/bin/perl
#!/usr/local/bin/perl
#
# CA - wrapper around ca to make it easier to use ... basically ca requires
# some setup stuff to be done before you can use it and this makes

View File

@ -84,6 +84,9 @@
* -aes128 - encrypt output if PEM format
* -aes192 - encrypt output if PEM format
* -aes256 - encrypt output if PEM format
* -camellia128 - encrypt output if PEM format
* -camellia192 - encrypt output if PEM format
* -camellia256 - encrypt output if PEM format
* -text - print a text version
* -modulus - print the DSA public key
*/
@ -211,6 +214,10 @@ int MAIN(int argc, char **argv)
#ifndef OPENSSL_NO_AES
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
#endif
#ifndef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
BIO_printf(bio_err," encrypt PEM output with cbc camellia\n");
#endif
BIO_printf(bio_err," -text print the key in text\n");
BIO_printf(bio_err," -noout don't print key out\n");

View File

@ -340,7 +340,7 @@ int MAIN(int argc, char **argv)
}
/* It must be large enough for a base64 encoded line */
if (n < 80) n=80;
if (base64 && n < 80) n=80;
bsize=(int)n;
if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize);
@ -370,7 +370,11 @@ int MAIN(int argc, char **argv)
}
if (inf == NULL)
{
if (bufsize != NULL)
setvbuf(stdin, (char *)NULL, _IONBF, 0);
BIO_set_fp(in,stdin,BIO_NOCLOSE);
}
else
{
if (BIO_read_filename(in,inf) <= 0)
@ -421,6 +425,8 @@ int MAIN(int argc, char **argv)
if (outf == NULL)
{
BIO_set_fp(out,stdout,BIO_NOCLOSE);
if (bufsize != NULL)
setvbuf(stdout, (char *)NULL, _IONBF, 0);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());

View File

@ -147,6 +147,14 @@ int MAIN(int argc, char **argv)
enc=EVP_aes_192_cbc();
else if (strcmp(*argv,"-aes256") == 0)
enc=EVP_aes_256_cbc();
#endif
#ifndef OPENSSL_NO_CAMELLIA
else if (strcmp(*argv,"-camellia128") == 0)
enc=EVP_camellia_128_cbc();
else if (strcmp(*argv,"-camellia192") == 0)
enc=EVP_camellia_192_cbc();
else if (strcmp(*argv,"-camellia256") == 0)
enc=EVP_camellia_256_cbc();
#endif
else if (**argv != '-' && dsaparams == NULL)
{
@ -174,6 +182,10 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
#endif
#ifndef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
BIO_printf(bio_err," encrypt PEM output with cbc camellia\n");
#endif
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
#endif

View File

@ -167,6 +167,14 @@ int MAIN(int argc, char **argv)
enc=EVP_aes_192_cbc();
else if (strcmp(*argv,"-aes256") == 0)
enc=EVP_aes_256_cbc();
#endif
#ifndef OPENSSL_NO_CAMELLIA
else if (strcmp(*argv,"-camellia128") == 0)
enc=EVP_camellia_128_cbc();
else if (strcmp(*argv,"-camellia192") == 0)
enc=EVP_camellia_192_cbc();
else if (strcmp(*argv,"-camellia256") == 0)
enc=EVP_camellia_256_cbc();
#endif
else if (strcmp(*argv,"-passout") == 0)
{
@ -190,6 +198,10 @@ int MAIN(int argc, char **argv)
#ifndef OPENSSL_NO_AES
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
#endif
#ifndef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
BIO_printf(bio_err," encrypt PEM output with cbc camellia\n");
#endif
BIO_printf(bio_err," -out file output the key to 'file\n");
BIO_printf(bio_err," -passout arg output file pass phrase source\n");

View File

@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -445,7 +445,11 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
for (fp=functions; fp->name != NULL; fp++)
{
nl=0;
#ifdef OPENSSL_NO_CAMELLIA
if (((i++) % 5) == 0)
#else
if (((i++) % 4) == 0)
#endif
{
BIO_printf(bio_err,"\n");
nl=1;
@ -466,7 +470,11 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
BIO_printf(bio_err,"\nCipher commands (see the `enc' command for more details)\n");
}
}
#ifdef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err,"%-15s",fp->name);
#else
BIO_printf(bio_err,"%-18s",fp->name);
#endif
}
BIO_printf(bio_err,"\n\n");
ret=0;

View File

@ -3,7 +3,7 @@
* project.
*/
/* ====================================================================
* Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -161,6 +161,11 @@ int MAIN(int argc, char **argv)
else if (!strcmp(*args,"-aes128")) enc=EVP_aes_128_cbc();
else if (!strcmp(*args,"-aes192")) enc=EVP_aes_192_cbc();
else if (!strcmp(*args,"-aes256")) enc=EVP_aes_256_cbc();
#endif
#ifndef OPENSSL_NO_CAMELLIA
else if (!strcmp(*args,"-camellia128")) enc=EVP_camellia_128_cbc();
else if (!strcmp(*args,"-camellia192")) enc=EVP_camellia_192_cbc();
else if (!strcmp(*args,"-camellia256")) enc=EVP_camellia_256_cbc();
#endif
else if (!strcmp (*args, "-noiter")) iter = 1;
else if (!strcmp (*args, "-maciter"))
@ -175,7 +180,8 @@ int MAIN(int argc, char **argv)
args++;
if (!strcmp(*args, "NONE"))
cert_pbe = -1;
cert_pbe=OBJ_txt2nid(*args);
else
cert_pbe=OBJ_txt2nid(*args);
if(cert_pbe == NID_undef) {
BIO_printf(bio_err,
"Unknown PBE algorithm %s\n", *args);
@ -303,6 +309,10 @@ int MAIN(int argc, char **argv)
#ifndef OPENSSL_NO_AES
BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
BIO_printf (bio_err, " encrypt PEM output with cbc aes\n");
#endif
#ifndef OPENSSL_NO_CAMELLIA
BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n");
BIO_printf (bio_err, " encrypt PEM output with cbc camellia\n");
#endif
BIO_printf (bio_err, "-nodes don't encrypt private keys\n");
BIO_printf (bio_err, "-noiter don't use encryption iteration\n");
@ -825,12 +835,14 @@ int alg_print (BIO *x, X509_ALGOR *alg)
PBEPARAM *pbe;
const unsigned char *p;
p = alg->parameter->value.sequence->data;
pbe = d2i_PBEPARAM (NULL, &p, alg->parameter->value.sequence->length);
pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
if (!pbe)
return 1;
BIO_printf (bio_err, "%s, Iteration %ld\n",
OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)),
ASN1_INTEGER_get(pbe->iter));
PBEPARAM_free (pbe);
return 0;
return 1;
}
/* Load all certificates from a given file */

View File

@ -165,6 +165,24 @@ FUNCTION functions[] = {
#endif
#ifndef OPENSSL_NO_AES
{FUNC_TYPE_CIPHER,"aes-256-ecb",enc_main},
#endif
#ifndef OPENSSL_NO_CAMELLIA
{FUNC_TYPE_CIPHER,"camellia-128-cbc",enc_main},
#endif
#ifndef OPENSSL_NO_CAMELLIA
{FUNC_TYPE_CIPHER,"camellia-128-ecb",enc_main},
#endif
#ifndef OPENSSL_NO_CAMELLIA
{FUNC_TYPE_CIPHER,"camellia-192-cbc",enc_main},
#endif
#ifndef OPENSSL_NO_CAMELLIA
{FUNC_TYPE_CIPHER,"camellia-192-ecb",enc_main},
#endif
#ifndef OPENSSL_NO_CAMELLIA
{FUNC_TYPE_CIPHER,"camellia-256-cbc",enc_main},
#endif
#ifndef OPENSSL_NO_CAMELLIA
{FUNC_TYPE_CIPHER,"camellia-256-ecb",enc_main},
#endif
{FUNC_TYPE_CIPHER,"base64",enc_main},
#ifndef OPENSSL_NO_DES

View File

@ -57,6 +57,9 @@ foreach (
"aes-128-cbc", "aes-128-ecb",
"aes-192-cbc", "aes-192-ecb",
"aes-256-cbc", "aes-256-ecb",
"camellia-128-cbc", "camellia-128-ecb",
"camellia-192-cbc", "camellia-192-ecb",
"camellia-256-cbc", "camellia-256-ecb",
"base64",
"des", "des3", "desx", "idea", "rc4", "rc4-40",
"rc2", "bf", "cast", "rc5",
@ -75,6 +78,7 @@ foreach (
$t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
if ($_ =~ /des/) { $t="#ifndef OPENSSL_NO_DES\n${t}#endif\n"; }
elsif ($_ =~ /aes/) { $t="#ifndef OPENSSL_NO_AES\n${t}#endif\n"; }
elsif ($_ =~ /camellia/) { $t="#ifndef OPENSSL_NO_CAMELLIA\n${t}#endif\n"; }
elsif ($_ =~ /idea/) { $t="#ifndef OPENSSL_NO_IDEA\n${t}#endif\n"; }
elsif ($_ =~ /rc4/) { $t="#ifndef OPENSSL_NO_RC4\n${t}#endif\n"; }
elsif ($_ =~ /rc2/) { $t="#ifndef OPENSSL_NO_RC2\n${t}#endif\n"; }

View File

@ -84,6 +84,9 @@
* -aes128 - encrypt output if PEM format
* -aes192 - encrypt output if PEM format
* -aes256 - encrypt output if PEM format
* -camellia128 - encrypt output if PEM format
* -camellia192 - encrypt output if PEM format
* -camellia256 - encrypt output if PEM format
* -text - print a text version
* -modulus - print the RSA key modulus
* -check - verify key consistency
@ -211,6 +214,10 @@ int MAIN(int argc, char **argv)
#ifndef OPENSSL_NO_AES
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
#endif
#ifndef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
BIO_printf(bio_err," encrypt PEM output with cbc camellia\n");
#endif
BIO_printf(bio_err," -text print the key in text\n");
BIO_printf(bio_err," -noout don't print key out\n");

View File

@ -160,6 +160,14 @@ int MAIN(int argc, char **argv)
cipher = EVP_aes_192_cbc();
else if (!strcmp(*args,"-aes256"))
cipher = EVP_aes_256_cbc();
#endif
#ifndef OPENSSL_NO_CAMELLIA
else if (!strcmp(*args,"-camellia128"))
cipher = EVP_camellia_128_cbc();
else if (!strcmp(*args,"-camellia192"))
cipher = EVP_camellia_192_cbc();
else if (!strcmp(*args,"-camellia256"))
cipher = EVP_camellia_256_cbc();
#endif
else if (!strcmp (*args, "-text"))
flags |= PKCS7_TEXT;
@ -423,6 +431,10 @@ int MAIN(int argc, char **argv)
#ifndef OPENSSL_NO_AES
BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
BIO_printf (bio_err, " encrypt PEM output with cbc aes\n");
#endif
#ifndef OPENSSL_NO_CAMELLIA
BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n");
BIO_printf (bio_err, " encrypt PEM output with cbc camellia\n");
#endif
BIO_printf (bio_err, "-nointern don't search certificates in message for signer\n");
BIO_printf (bio_err, "-nosigs don't verify message signature\n");
@ -638,12 +650,6 @@ int MAIN(int argc, char **argv)
if ((flags & PKCS7_DETACHED) && (outformat == FORMAT_SMIME))
flags |= PKCS7_STREAM;
p7 = PKCS7_sign(signer, key, other, in, flags);
/* Don't need to rewind for partial signing */
if (!(flags & PKCS7_STREAM) && (BIO_reset(in) != 0))
{
BIO_printf(bio_err, "Can't rewind input file\n");
goto end;
}
}
else
{

View File

@ -164,6 +164,9 @@
#ifndef OPENSSL_NO_AES
#include <openssl/aes.h>
#endif
#ifndef OPENSSL_NO_CAMELLIA
#include <openssl/camellia.h>
#endif
#ifndef OPENSSL_NO_MD2
#include <openssl/md2.h>
#endif
@ -269,7 +272,7 @@ static void print_result(int alg,int run_no,int count,double time_used);
static int do_multi(int multi);
#endif
#define ALGOR_NUM 21
#define ALGOR_NUM 24
#define SIZE_NUM 5
#define RSA_NUM 4
#define DSA_NUM 3
@ -281,7 +284,9 @@ static const char *names[ALGOR_NUM]={
"md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4",
"des cbc","des ede3","idea cbc",
"rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc",
"aes-128 cbc","aes-192 cbc","aes-256 cbc","evp","sha256","sha512"};
"aes-128 cbc","aes-192 cbc","aes-256 cbc",
"camellia-128 cbc","camellia-192 cbc","camellia-256 cbc",
"evp","sha256","sha512"};
static double results[ALGOR_NUM][SIZE_NUM];
static int lengths[SIZE_NUM]={16,64,256,1024,8*1024};
static double rsa_results[RSA_NUM][2];
@ -548,6 +553,17 @@ int MAIN(int argc, char **argv)
0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,
0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,0x56};
#endif
#ifndef OPENSSL_NO_CAMELLIA
static const unsigned char ckey24[24]=
{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,
0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
static const unsigned char ckey32[32]=
{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,
0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,
0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,0x56};
#endif
#ifndef OPENSSL_NO_AES
#define MAX_BLOCK_SIZE 128
#else
@ -567,6 +583,9 @@ int MAIN(int argc, char **argv)
#ifndef OPENSSL_NO_AES
AES_KEY aes_ks1, aes_ks2, aes_ks3;
#endif
#ifndef OPENSSL_NO_CAMELLIA
CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
#endif
#define D_MD2 0
#define D_MDC2 1
#define D_MD4 2
@ -585,9 +604,12 @@ int MAIN(int argc, char **argv)
#define D_CBC_128_AES 15
#define D_CBC_192_AES 16
#define D_CBC_256_AES 17
#define D_EVP 18
#define D_SHA256 19
#define D_SHA512 20
#define D_CBC_128_CML 18
#define D_CBC_192_CML 19
#define D_CBC_256_CML 20
#define D_EVP 21
#define D_SHA256 22
#define D_SHA512 23
double d=0.0;
long c[ALGOR_NUM][SIZE_NUM];
#define R_DSA_512 0
@ -930,6 +952,12 @@ int MAIN(int argc, char **argv)
else if (strcmp(*argv,"aes-256-cbc") == 0) doit[D_CBC_256_AES]=1;
else
#endif
#ifndef OPENSSL_NO_CAMELLIA
if (strcmp(*argv,"camellia-128-cbc") == 0) doit[D_CBC_128_CML]=1;
else if (strcmp(*argv,"camellia-192-cbc") == 0) doit[D_CBC_192_CML]=1;
else if (strcmp(*argv,"camellia-256-cbc") == 0) doit[D_CBC_256_CML]=1;
else
#endif
#ifndef OPENSSL_NO_RSA
#if 0 /* was: #ifdef RSAref */
if (strcmp(*argv,"rsaref") == 0)
@ -1000,6 +1028,15 @@ int MAIN(int argc, char **argv)
}
else
#endif
#ifndef OPENSSL_NO_CAMELLIA
if (strcmp(*argv,"camellia") == 0)
{
doit[D_CBC_128_CML]=1;
doit[D_CBC_192_CML]=1;
doit[D_CBC_256_CML]=1;
}
else
#endif
#ifndef OPENSSL_NO_RSA
if (strcmp(*argv,"rsa") == 0)
{
@ -1126,6 +1163,10 @@ int MAIN(int argc, char **argv)
#ifndef OPENSSL_NO_AES
BIO_printf(bio_err,"aes-128-cbc aes-192-cbc aes-256-cbc ");
#endif
#ifndef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err,"\n");
BIO_printf(bio_err,"camellia-128-cbc camellia-192-cbc camellia-256-cbc ");
#endif
#ifndef OPENSSL_NO_RC4
BIO_printf(bio_err,"rc4");
#endif
@ -1163,6 +1204,9 @@ int MAIN(int argc, char **argv)
#ifndef OPENSSL_NO_AES
BIO_printf(bio_err,"aes ");
#endif
#ifndef OPENSSL_NO_CAMELLIA
BIO_printf(bio_err,"camellia ");
#endif
#ifndef OPENSSL_NO_RSA
BIO_printf(bio_err,"rsa ");
#endif
@ -1171,7 +1215,8 @@ int MAIN(int argc, char **argv)
#endif
#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_RC2) || \
!defined(OPENSSL_NO_DES) || !defined(OPENSSL_NO_RSA) || \
!defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_AES)
!defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_AES) || \
!defined(OPENSSL_NO_CAMELLIA)
BIO_printf(bio_err,"\n");
#endif
@ -1265,6 +1310,11 @@ int MAIN(int argc, char **argv)
AES_set_encrypt_key(key24,192,&aes_ks2);
AES_set_encrypt_key(key32,256,&aes_ks3);
#endif
#ifndef OPENSSL_NO_CAMELLIA
Camellia_set_key(key16,128,&camellia_ks1);
Camellia_set_key(ckey24,192,&camellia_ks2);
Camellia_set_key(ckey32,256,&camellia_ks3);
#endif
#ifndef OPENSSL_NO_IDEA
idea_set_encrypt_key(key16,&idea_ks);
#endif
@ -1318,6 +1368,9 @@ int MAIN(int argc, char **argv)
c[D_CBC_128_AES][0]=count;
c[D_CBC_192_AES][0]=count;
c[D_CBC_256_AES][0]=count;
c[D_CBC_128_CML][0]=count;
c[D_CBC_192_CML][0]=count;
c[D_CBC_256_CML][0]=count;
c[D_SHA256][0]=count;
c[D_SHA512][0]=count;
@ -1350,6 +1403,9 @@ int MAIN(int argc, char **argv)
c[D_CBC_128_AES][i]=c[D_CBC_128_AES][i-1]*l0/l1;
c[D_CBC_192_AES][i]=c[D_CBC_192_AES][i-1]*l0/l1;
c[D_CBC_256_AES][i]=c[D_CBC_256_AES][i-1]*l0/l1;
c[D_CBC_128_CML][i]=c[D_CBC_128_CML][i-1]*l0/l1;
c[D_CBC_192_CML][i]=c[D_CBC_192_CML][i-1]*l0/l1;
c[D_CBC_256_CML][i]=c[D_CBC_256_CML][i-1]*l0/l1;
}
#ifndef OPENSSL_NO_RSA
rsa_c[R_RSA_512][0]=count/2000;
@ -1743,6 +1799,51 @@ int MAIN(int argc, char **argv)
}
}
#endif
#ifndef OPENSSL_NO_CAMELLIA
if (doit[D_CBC_128_CML])
{
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_CBC_128_CML],c[D_CBC_128_CML][j],lengths[j]);
Time_F(START);
for (count=0,run=1; COND(c[D_CBC_128_CML][j]); count++)
Camellia_cbc_encrypt(buf,buf,
(unsigned long)lengths[j],&camellia_ks1,
iv,CAMELLIA_ENCRYPT);
d=Time_F(STOP);
print_result(D_CBC_128_CML,j,count,d);
}
}
if (doit[D_CBC_192_CML])
{
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_CBC_192_CML],c[D_CBC_192_CML][j],lengths[j]);
Time_F(START);
for (count=0,run=1; COND(c[D_CBC_192_CML][j]); count++)
Camellia_cbc_encrypt(buf,buf,
(unsigned long)lengths[j],&camellia_ks2,
iv,CAMELLIA_ENCRYPT);
d=Time_F(STOP);
print_result(D_CBC_192_CML,j,count,d);
}
}
if (doit[D_CBC_256_CML])
{
for (j=0; j<SIZE_NUM; j++)
{
print_message(names[D_CBC_256_CML],c[D_CBC_256_CML][j],lengths[j]);
Time_F(START);
for (count=0,run=1; COND(c[D_CBC_256_CML][j]); count++)
Camellia_cbc_encrypt(buf,buf,
(unsigned long)lengths[j],&camellia_ks3,
iv,CAMELLIA_ENCRYPT);
d=Time_F(STOP);
print_result(D_CBC_256_CML,j,count,d);
}
}
#endif
#ifndef OPENSSL_NO_IDEA
if (doit[D_CBC_IDEA])

View File

@ -717,9 +717,9 @@ case "$GUESSOS" in
fi
fi
elif [ $CPU_VERSION -ge 528 ]; then # PA-RISC 1.1+ CPU
OUT="hpux-parisc-${CC}
OUT="hpux-parisc-${CC}"
elif [ $CPU_VERSION -ge 523 ]; then # PA-RISC 1.0 CPU
OUT="hpux-parisc-${CC}
OUT="hpux-parisc-${CC}"
else # Motorola(?) CPU
OUT="hpux-$CC"
fi
@ -794,7 +794,7 @@ case "$GUESSOS" in
i386-*) options="$options 386" ;;
esac
for i in bf cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 aes ripemd rsa sha
for i in aes bf camellia cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 ripemd rsa sha
do
if [ ! -d crypto/$i ]
then

View File

@ -23,8 +23,10 @@ TEST=
APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c aes_ctr.c
LIBOBJ=aes_misc.o aes_ecb.o aes_cfb.o aes_ofb.o aes_ctr.o $(AES_ASM_OBJ)
LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c \
aes_ctr.c aes_ige.c
LIBOBJ=aes_misc.o aes_ecb.o aes_cfb.o aes_ofb.o aes_ctr.o aes_ige.o \
$(AES_ASM_OBJ)
SRC= $(LIBSRC)

View File

@ -119,6 +119,17 @@ void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
unsigned char ecount_buf[AES_BLOCK_SIZE],
unsigned int *num);
/* For IGE, see also http://www.links.org/files/openssl-ige.pdf */
/* NB: the IV is _two_ blocks long */
void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
unsigned char *ivec, const int enc);
/* NB: the IV is _four_ blocks long */
void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
const AES_KEY *key2, const unsigned char *ivec,
const int enc);
#ifdef __cplusplus
}

View File

@ -44,22 +44,14 @@ Te0[x] = S [x].[02, 01, 01, 03];
Te1[x] = S [x].[03, 02, 01, 01];
Te2[x] = S [x].[01, 03, 02, 01];
Te3[x] = S [x].[01, 01, 03, 02];
Te4[x] = S [x].[01, 01, 01, 01];
Td0[x] = Si[x].[0e, 09, 0d, 0b];
Td1[x] = Si[x].[0b, 0e, 09, 0d];
Td2[x] = Si[x].[0d, 0b, 0e, 09];
Td3[x] = Si[x].[09, 0d, 0b, 0e];
Td4[x] = Si[x].[01, 01, 01, 01];
Td4[x] = Si[x].[01];
*/
#ifdef AES_ASM
extern const u32 AES_Te[5][256];
#define Te0 AES_Te[0]
#define Te1 AES_Te[1]
#define Te2 AES_Te[2]
#define Te3 AES_Te[3]
#else
static const u32 Te0[256] = {
0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
@ -324,81 +316,7 @@ static const u32 Te3[256] = {
0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
};
#endif
static const u32 Te4[256] = {
0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
};
#ifdef AES_ASM
extern const u32 AES_Td[5][256];
#define Td0 AES_Td[0]
#define Td1 AES_Td[1]
#define Td2 AES_Td[2]
#define Td3 AES_Td[3]
#else
static const u32 Td0[256] = {
0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
@ -663,72 +581,39 @@ static const u32 Td3[256] = {
0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
};
#endif
static const u32 Td4[256] = {
0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU,
0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU,
0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U,
0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U,
0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U,
0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU,
0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U,
0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU,
0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU,
0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU,
0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U,
0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U,
0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U,
0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U,
0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U,
0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U,
0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU,
0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U,
0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U,
0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU,
0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U,
0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U,
0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U,
0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU,
0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U,
0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U,
0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU,
0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U,
0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U,
0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU,
0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU,
static const u8 Td4[256] = {
0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU,
};
static const u32 rcon[] = {
0x01000000, 0x02000000, 0x04000000, 0x08000000,
@ -768,10 +653,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
while (1) {
temp = rk[3];
rk[4] = rk[0] ^
(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
(Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
(Te4[(temp ) & 0xff] & 0x0000ff00) ^
(Te4[(temp >> 24) ] & 0x000000ff) ^
(Te2[(temp >> 16) & 0xff] & 0xff000000) ^
(Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
(Te0[(temp ) & 0xff] & 0x0000ff00) ^
(Te1[(temp >> 24) ] & 0x000000ff) ^
rcon[i];
rk[5] = rk[1] ^ rk[4];
rk[6] = rk[2] ^ rk[5];
@ -788,10 +673,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
while (1) {
temp = rk[ 5];
rk[ 6] = rk[ 0] ^
(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
(Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
(Te4[(temp ) & 0xff] & 0x0000ff00) ^
(Te4[(temp >> 24) ] & 0x000000ff) ^
(Te2[(temp >> 16) & 0xff] & 0xff000000) ^
(Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
(Te0[(temp ) & 0xff] & 0x0000ff00) ^
(Te1[(temp >> 24) ] & 0x000000ff) ^
rcon[i];
rk[ 7] = rk[ 1] ^ rk[ 6];
rk[ 8] = rk[ 2] ^ rk[ 7];
@ -810,10 +695,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
while (1) {
temp = rk[ 7];
rk[ 8] = rk[ 0] ^
(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
(Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
(Te4[(temp ) & 0xff] & 0x0000ff00) ^
(Te4[(temp >> 24) ] & 0x000000ff) ^
(Te2[(temp >> 16) & 0xff] & 0xff000000) ^
(Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
(Te0[(temp ) & 0xff] & 0x0000ff00) ^
(Te1[(temp >> 24) ] & 0x000000ff) ^
rcon[i];
rk[ 9] = rk[ 1] ^ rk[ 8];
rk[10] = rk[ 2] ^ rk[ 9];
@ -823,10 +708,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
}
temp = rk[11];
rk[12] = rk[ 4] ^
(Te4[(temp >> 24) ] & 0xff000000) ^
(Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^
(Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^
(Te4[(temp ) & 0xff] & 0x000000ff);
(Te2[(temp >> 24) ] & 0xff000000) ^
(Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^
(Te0[(temp >> 8) & 0xff] & 0x0000ff00) ^
(Te1[(temp ) & 0xff] & 0x000000ff);
rk[13] = rk[ 5] ^ rk[12];
rk[14] = rk[ 6] ^ rk[13];
rk[15] = rk[ 7] ^ rk[14];
@ -865,25 +750,25 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
for (i = 1; i < (key->rounds); i++) {
rk += 4;
rk[0] =
Td0[Te4[(rk[0] >> 24) ] & 0xff] ^
Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^
Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^
Td3[Te4[(rk[0] ) & 0xff] & 0xff];
Td0[Te1[(rk[0] >> 24) ] & 0xff] ^
Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^
Td2[Te1[(rk[0] >> 8) & 0xff] & 0xff] ^
Td3[Te1[(rk[0] ) & 0xff] & 0xff];
rk[1] =
Td0[Te4[(rk[1] >> 24) ] & 0xff] ^
Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^
Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^
Td3[Te4[(rk[1] ) & 0xff] & 0xff];
Td0[Te1[(rk[1] >> 24) ] & 0xff] ^
Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^
Td2[Te1[(rk[1] >> 8) & 0xff] & 0xff] ^
Td3[Te1[(rk[1] ) & 0xff] & 0xff];
rk[2] =
Td0[Te4[(rk[2] >> 24) ] & 0xff] ^
Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^
Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^
Td3[Te4[(rk[2] ) & 0xff] & 0xff];
Td0[Te1[(rk[2] >> 24) ] & 0xff] ^
Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^
Td2[Te1[(rk[2] >> 8) & 0xff] & 0xff] ^
Td3[Te1[(rk[2] ) & 0xff] & 0xff];
rk[3] =
Td0[Te4[(rk[3] >> 24) ] & 0xff] ^
Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^
Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^
Td3[Te4[(rk[3] ) & 0xff] & 0xff];
Td0[Te1[(rk[3] >> 24) ] & 0xff] ^
Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^
Td2[Te1[(rk[3] >> 8) & 0xff] & 0xff] ^
Td3[Te1[(rk[3] ) & 0xff] & 0xff];
}
return 0;
}
@ -1051,31 +936,31 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
* map cipher state to byte array block:
*/
s0 =
(Te4[(t0 >> 24) ] & 0xff000000) ^
(Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
(Te4[(t2 >> 8) & 0xff] & 0x0000ff00) ^
(Te4[(t3 ) & 0xff] & 0x000000ff) ^
(Te2[(t0 >> 24) ] & 0xff000000) ^
(Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^
(Te0[(t2 >> 8) & 0xff] & 0x0000ff00) ^
(Te1[(t3 ) & 0xff] & 0x000000ff) ^
rk[0];
PUTU32(out , s0);
s1 =
(Te4[(t1 >> 24) ] & 0xff000000) ^
(Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
(Te4[(t3 >> 8) & 0xff] & 0x0000ff00) ^
(Te4[(t0 ) & 0xff] & 0x000000ff) ^
(Te2[(t1 >> 24) ] & 0xff000000) ^
(Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^
(Te0[(t3 >> 8) & 0xff] & 0x0000ff00) ^
(Te1[(t0 ) & 0xff] & 0x000000ff) ^
rk[1];
PUTU32(out + 4, s1);
s2 =
(Te4[(t2 >> 24) ] & 0xff000000) ^
(Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
(Te4[(t0 >> 8) & 0xff] & 0x0000ff00) ^
(Te4[(t1 ) & 0xff] & 0x000000ff) ^
(Te2[(t2 >> 24) ] & 0xff000000) ^
(Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^
(Te0[(t0 >> 8) & 0xff] & 0x0000ff00) ^
(Te1[(t1 ) & 0xff] & 0x000000ff) ^
rk[2];
PUTU32(out + 8, s2);
s3 =
(Te4[(t3 >> 24) ] & 0xff000000) ^
(Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
(Te4[(t1 >> 8) & 0xff] & 0x0000ff00) ^
(Te4[(t2 ) & 0xff] & 0x000000ff) ^
(Te2[(t3 >> 24) ] & 0xff000000) ^
(Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^
(Te0[(t1 >> 8) & 0xff] & 0x0000ff00) ^
(Te1[(t2 ) & 0xff] & 0x000000ff) ^
rk[3];
PUTU32(out + 12, s3);
}
@ -1242,31 +1127,31 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
* map cipher state to byte array block:
*/
s0 =
(Td4[(t0 >> 24) ] & 0xff000000) ^
(Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
(Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^
(Td4[(t1 ) & 0xff] & 0x000000ff) ^
(Td4[(t0 >> 24) ] << 24) ^
(Td4[(t3 >> 16) & 0xff] << 16) ^
(Td4[(t2 >> 8) & 0xff] << 8) ^
(Td4[(t1 ) & 0xff]) ^
rk[0];
PUTU32(out , s0);
s1 =
(Td4[(t1 >> 24) ] & 0xff000000) ^
(Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
(Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^
(Td4[(t2 ) & 0xff] & 0x000000ff) ^
(Td4[(t1 >> 24) ] << 24) ^
(Td4[(t0 >> 16) & 0xff] << 16) ^
(Td4[(t3 >> 8) & 0xff] << 8) ^
(Td4[(t2 ) & 0xff]) ^
rk[1];
PUTU32(out + 4, s1);
s2 =
(Td4[(t2 >> 24) ] & 0xff000000) ^
(Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
(Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^
(Td4[(t3 ) & 0xff] & 0x000000ff) ^
(Td4[(t2 >> 24) ] << 24) ^
(Td4[(t1 >> 16) & 0xff] << 16) ^
(Td4[(t0 >> 8) & 0xff] << 8) ^
(Td4[(t3 ) & 0xff]) ^
rk[2];
PUTU32(out + 8, s2);
s3 =
(Td4[(t3 >> 24) ] & 0xff000000) ^
(Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
(Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^
(Td4[(t0 ) & 0xff] & 0x000000ff) ^
(Td4[(t3 >> 24) ] << 24) ^
(Td4[(t2 >> 16) & 0xff] << 16) ^
(Td4[(t1 >> 8) & 0xff] << 8) ^
(Td4[(t0 ) & 0xff]) ^
rk[3];
PUTU32(out + 12, s3);
}

View File

@ -0,0 +1,283 @@
/* crypto/aes/aes_ige.c -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include "cryptlib.h"
#include <openssl/aes.h>
#include "aes_locl.h"
/*
static void hexdump(FILE *f,const char *title,const unsigned char *s,int l)
{
int n=0;
fprintf(f,"%s",title);
for( ; n < l ; ++n)
{
if((n%16) == 0)
fprintf(f,"\n%04x",n);
fprintf(f," %02x",s[n]);
}
fprintf(f,"\n");
}
*/
/* N.B. The IV for this mode is _twice_ the block size */
void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
unsigned char *ivec, const int enc)
{
unsigned long n;
unsigned long len = length;
unsigned char tmp[AES_BLOCK_SIZE];
unsigned char tmp2[AES_BLOCK_SIZE];
unsigned char prev[AES_BLOCK_SIZE];
const unsigned char *iv = ivec;
const unsigned char *iv2 = ivec + AES_BLOCK_SIZE;
OPENSSL_assert(in && out && key && ivec);
OPENSSL_assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
OPENSSL_assert((length%AES_BLOCK_SIZE) == 0);
if (AES_ENCRYPT == enc)
{
/* XXX: Do a separate case for when in != out (strictly should
check for overlap, too) */
while (len >= AES_BLOCK_SIZE)
{
/* hexdump(stdout, "in", in, AES_BLOCK_SIZE); */
/* hexdump(stdout, "iv", iv, AES_BLOCK_SIZE); */
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
out[n] = in[n] ^ iv[n];
/* hexdump(stdout, "in ^ iv", out, AES_BLOCK_SIZE); */
AES_encrypt(out, out, key);
/* hexdump(stdout,"enc", out, AES_BLOCK_SIZE); */
/* hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE); */
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
out[n] ^= iv2[n];
/* hexdump(stdout,"out", out, AES_BLOCK_SIZE); */
iv = out;
memcpy(prev, in, AES_BLOCK_SIZE);
iv2 = prev;
len -= AES_BLOCK_SIZE;
in += AES_BLOCK_SIZE;
out += AES_BLOCK_SIZE;
}
memcpy(ivec, iv, AES_BLOCK_SIZE);
memcpy(ivec + AES_BLOCK_SIZE, iv2, AES_BLOCK_SIZE);
}
else
{
while (len >= AES_BLOCK_SIZE)
{
memcpy(tmp, in, AES_BLOCK_SIZE);
memcpy(tmp2, in, AES_BLOCK_SIZE);
/* hexdump(stdout, "in", in, AES_BLOCK_SIZE); */
/* hexdump(stdout, "iv2", iv2, AES_BLOCK_SIZE); */
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
tmp[n] ^= iv2[n];
/* hexdump(stdout, "in ^ iv2", tmp, AES_BLOCK_SIZE); */
AES_decrypt(tmp, out, key);
/* hexdump(stdout, "dec", out, AES_BLOCK_SIZE); */
/* hexdump(stdout, "iv", ivec, AES_BLOCK_SIZE); */
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
out[n] ^= ivec[n];
/* hexdump(stdout, "out", out, AES_BLOCK_SIZE); */
memcpy(ivec, tmp2, AES_BLOCK_SIZE);
iv2 = out;
len -= AES_BLOCK_SIZE;
in += AES_BLOCK_SIZE;
out += AES_BLOCK_SIZE;
}
memcpy(ivec + AES_BLOCK_SIZE, iv2, AES_BLOCK_SIZE);
}
}
/*
* Note that its effectively impossible to do biIGE in anything other
* than a single pass, so no provision is made for chaining.
*/
/* N.B. The IV for this mode is _four times_ the block size */
void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
const AES_KEY *key2, const unsigned char *ivec,
const int enc)
{
unsigned long n;
unsigned long len = length;
unsigned char tmp[AES_BLOCK_SIZE];
unsigned char tmp2[AES_BLOCK_SIZE];
unsigned char tmp3[AES_BLOCK_SIZE];
unsigned char prev[AES_BLOCK_SIZE];
const unsigned char *iv;
const unsigned char *iv2;
OPENSSL_assert(in && out && key && ivec);
OPENSSL_assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
OPENSSL_assert((length%AES_BLOCK_SIZE) == 0);
if (AES_ENCRYPT == enc)
{
/* XXX: Do a separate case for when in != out (strictly should
check for overlap, too) */
/* First the forward pass */
iv = ivec;
iv2 = ivec + AES_BLOCK_SIZE;
while (len >= AES_BLOCK_SIZE)
{
/* hexdump(stdout, "in", in, AES_BLOCK_SIZE); */
/* hexdump(stdout, "iv", iv, AES_BLOCK_SIZE); */
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
out[n] = in[n] ^ iv[n];
/* hexdump(stdout, "in ^ iv", out, AES_BLOCK_SIZE); */
AES_encrypt(out, out, key);
/* hexdump(stdout,"enc", out, AES_BLOCK_SIZE); */
/* hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE); */
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
out[n] ^= iv2[n];
/* hexdump(stdout,"out", out, AES_BLOCK_SIZE); */
iv = out;
memcpy(prev, in, AES_BLOCK_SIZE);
iv2 = prev;
len -= AES_BLOCK_SIZE;
in += AES_BLOCK_SIZE;
out += AES_BLOCK_SIZE;
}
/* And now backwards */
iv = ivec + AES_BLOCK_SIZE*2;
iv2 = ivec + AES_BLOCK_SIZE*3;
len = length;
while(len >= AES_BLOCK_SIZE)
{
out -= AES_BLOCK_SIZE;
/* hexdump(stdout, "intermediate", out, AES_BLOCK_SIZE); */
/* hexdump(stdout, "iv", iv, AES_BLOCK_SIZE); */
/* XXX: reduce copies by alternating between buffers */
memcpy(tmp, out, AES_BLOCK_SIZE);
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
out[n] ^= iv[n];
/* hexdump(stdout, "out ^ iv", out, AES_BLOCK_SIZE); */
AES_encrypt(out, out, key);
/* hexdump(stdout,"enc", out, AES_BLOCK_SIZE); */
/* hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE); */
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
out[n] ^= iv2[n];
/* hexdump(stdout,"out", out, AES_BLOCK_SIZE); */
iv = out;
memcpy(prev, tmp, AES_BLOCK_SIZE);
iv2 = prev;
len -= AES_BLOCK_SIZE;
}
}
else
{
/* First backwards */
iv = ivec + AES_BLOCK_SIZE*2;
iv2 = ivec + AES_BLOCK_SIZE*3;
in += length;
out += length;
while (len >= AES_BLOCK_SIZE)
{
in -= AES_BLOCK_SIZE;
out -= AES_BLOCK_SIZE;
memcpy(tmp, in, AES_BLOCK_SIZE);
memcpy(tmp2, in, AES_BLOCK_SIZE);
/* hexdump(stdout, "in", in, AES_BLOCK_SIZE); */
/* hexdump(stdout, "iv2", iv2, AES_BLOCK_SIZE); */
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
tmp[n] ^= iv2[n];
/* hexdump(stdout, "in ^ iv2", tmp, AES_BLOCK_SIZE); */
AES_decrypt(tmp, out, key);
/* hexdump(stdout, "dec", out, AES_BLOCK_SIZE); */
/* hexdump(stdout, "iv", iv, AES_BLOCK_SIZE); */
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
out[n] ^= iv[n];
/* hexdump(stdout, "out", out, AES_BLOCK_SIZE); */
memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
iv = tmp3;
iv2 = out;
len -= AES_BLOCK_SIZE;
}
/* And now forwards */
iv = ivec;
iv2 = ivec + AES_BLOCK_SIZE;
len = length;
while (len >= AES_BLOCK_SIZE)
{
memcpy(tmp, out, AES_BLOCK_SIZE);
memcpy(tmp2, out, AES_BLOCK_SIZE);
/* hexdump(stdout, "intermediate", out, AES_BLOCK_SIZE); */
/* hexdump(stdout, "iv2", iv2, AES_BLOCK_SIZE); */
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
tmp[n] ^= iv2[n];
/* hexdump(stdout, "out ^ iv2", tmp, AES_BLOCK_SIZE); */
AES_decrypt(tmp, out, key);
/* hexdump(stdout, "dec", out, AES_BLOCK_SIZE); */
/* hexdump(stdout, "iv", ivec, AES_BLOCK_SIZE); */
for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
out[n] ^= iv[n];
/* hexdump(stdout, "out", out, AES_BLOCK_SIZE); */
memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
iv = tmp3;
iv2 = out;
len -= AES_BLOCK_SIZE;
in += AES_BLOCK_SIZE;
out += AES_BLOCK_SIZE;
}
}
}

View File

@ -6,7 +6,7 @@
# forms are granted according to the OpenSSL license.
# ====================================================================
#
# Version 3.4.
# Version 3.6.
#
# You might fail to appreciate this module performance from the first
# try. If compared to "vanilla" linux-ia32-icc target, i.e. considered
@ -66,6 +66,13 @@
# stack. This unfortunately has rather strong impact on small block CBC
# performance, ~2x deterioration on 16-byte block if compared to 3.3.
#
# Version 3.5 checks if there is L1 cache aliasing between user-supplied
# key schedule and S-boxes and abstains from copying the former if
# there is no. This allows end-user to consciously retain small block
# performance by aligning key schedule in specific manner.
#
# Version 3.6 compresses Td4 to 256 bytes and prefetches it in ECB.
#
# Current ECB performance numbers for 128-bit key in CPU cycles per
# processed byte [measure commonly used by AES benchmarkers] are:
#
@ -505,28 +512,27 @@ sub declast()
if($i==3) { &mov ($key,&DWP(12,"esp")); }
else { &mov ($out,$s[0]); }
&and ($out,0xFF);
&mov ($out,&DWP(2048,$td,$out,4));
&and ($out,0x000000ff);
&movz ($out,&DWP(2048,$td,$out,1));
if ($i==3) { $tmp=$s[1]; }
&movz ($tmp,&HB($s[1]));
&mov ($tmp,&DWP(2048,$td,$tmp,4));
&and ($tmp,0x0000ff00);
&movz ($tmp,&DWP(2048,$td,$tmp,1));
&shl ($tmp,8);
&xor ($out,$tmp);
if ($i==3) { $tmp=$s[2]; &mov ($s[1],$acc); }
else { mov ($tmp,$s[2]); }
&shr ($tmp,16);
&and ($tmp,0xFF);
&mov ($tmp,&DWP(2048,$td,$tmp,4));
&and ($tmp,0x00ff0000);
&movz ($tmp,&DWP(2048,$td,$tmp,1));
&shl ($tmp,16);
&xor ($out,$tmp);
if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); }
else { &mov ($tmp,$s[3]); }
&shr ($tmp,24);
&mov ($tmp,&DWP(2048,$td,$tmp,4));
&and ($tmp,0xff000000);
&movz ($tmp,&DWP(2048,$td,$tmp,1));
&shl ($tmp,24);
&xor ($out,$tmp);
if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); }
if ($i==3) { &mov ($s[3],&DWP(4,"esp")); }
@ -687,70 +693,38 @@ sub declast()
&_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664);
&_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0);
#Td4:
&data_word(0x52525252, 0x09090909, 0x6a6a6a6a, 0xd5d5d5d5);
&data_word(0x30303030, 0x36363636, 0xa5a5a5a5, 0x38383838);
&data_word(0xbfbfbfbf, 0x40404040, 0xa3a3a3a3, 0x9e9e9e9e);
&data_word(0x81818181, 0xf3f3f3f3, 0xd7d7d7d7, 0xfbfbfbfb);
&data_word(0x7c7c7c7c, 0xe3e3e3e3, 0x39393939, 0x82828282);
&data_word(0x9b9b9b9b, 0x2f2f2f2f, 0xffffffff, 0x87878787);
&data_word(0x34343434, 0x8e8e8e8e, 0x43434343, 0x44444444);
&data_word(0xc4c4c4c4, 0xdededede, 0xe9e9e9e9, 0xcbcbcbcb);
&data_word(0x54545454, 0x7b7b7b7b, 0x94949494, 0x32323232);
&data_word(0xa6a6a6a6, 0xc2c2c2c2, 0x23232323, 0x3d3d3d3d);
&data_word(0xeeeeeeee, 0x4c4c4c4c, 0x95959595, 0x0b0b0b0b);
&data_word(0x42424242, 0xfafafafa, 0xc3c3c3c3, 0x4e4e4e4e);
&data_word(0x08080808, 0x2e2e2e2e, 0xa1a1a1a1, 0x66666666);
&data_word(0x28282828, 0xd9d9d9d9, 0x24242424, 0xb2b2b2b2);
&data_word(0x76767676, 0x5b5b5b5b, 0xa2a2a2a2, 0x49494949);
&data_word(0x6d6d6d6d, 0x8b8b8b8b, 0xd1d1d1d1, 0x25252525);
&data_word(0x72727272, 0xf8f8f8f8, 0xf6f6f6f6, 0x64646464);
&data_word(0x86868686, 0x68686868, 0x98989898, 0x16161616);
&data_word(0xd4d4d4d4, 0xa4a4a4a4, 0x5c5c5c5c, 0xcccccccc);
&data_word(0x5d5d5d5d, 0x65656565, 0xb6b6b6b6, 0x92929292);
&data_word(0x6c6c6c6c, 0x70707070, 0x48484848, 0x50505050);
&data_word(0xfdfdfdfd, 0xedededed, 0xb9b9b9b9, 0xdadadada);
&data_word(0x5e5e5e5e, 0x15151515, 0x46464646, 0x57575757);
&data_word(0xa7a7a7a7, 0x8d8d8d8d, 0x9d9d9d9d, 0x84848484);
&data_word(0x90909090, 0xd8d8d8d8, 0xabababab, 0x00000000);
&data_word(0x8c8c8c8c, 0xbcbcbcbc, 0xd3d3d3d3, 0x0a0a0a0a);
&data_word(0xf7f7f7f7, 0xe4e4e4e4, 0x58585858, 0x05050505);
&data_word(0xb8b8b8b8, 0xb3b3b3b3, 0x45454545, 0x06060606);
&data_word(0xd0d0d0d0, 0x2c2c2c2c, 0x1e1e1e1e, 0x8f8f8f8f);
&data_word(0xcacacaca, 0x3f3f3f3f, 0x0f0f0f0f, 0x02020202);
&data_word(0xc1c1c1c1, 0xafafafaf, 0xbdbdbdbd, 0x03030303);
&data_word(0x01010101, 0x13131313, 0x8a8a8a8a, 0x6b6b6b6b);
&data_word(0x3a3a3a3a, 0x91919191, 0x11111111, 0x41414141);
&data_word(0x4f4f4f4f, 0x67676767, 0xdcdcdcdc, 0xeaeaeaea);
&data_word(0x97979797, 0xf2f2f2f2, 0xcfcfcfcf, 0xcececece);
&data_word(0xf0f0f0f0, 0xb4b4b4b4, 0xe6e6e6e6, 0x73737373);
&data_word(0x96969696, 0xacacacac, 0x74747474, 0x22222222);
&data_word(0xe7e7e7e7, 0xadadadad, 0x35353535, 0x85858585);
&data_word(0xe2e2e2e2, 0xf9f9f9f9, 0x37373737, 0xe8e8e8e8);
&data_word(0x1c1c1c1c, 0x75757575, 0xdfdfdfdf, 0x6e6e6e6e);
&data_word(0x47474747, 0xf1f1f1f1, 0x1a1a1a1a, 0x71717171);
&data_word(0x1d1d1d1d, 0x29292929, 0xc5c5c5c5, 0x89898989);
&data_word(0x6f6f6f6f, 0xb7b7b7b7, 0x62626262, 0x0e0e0e0e);
&data_word(0xaaaaaaaa, 0x18181818, 0xbebebebe, 0x1b1b1b1b);
&data_word(0xfcfcfcfc, 0x56565656, 0x3e3e3e3e, 0x4b4b4b4b);
&data_word(0xc6c6c6c6, 0xd2d2d2d2, 0x79797979, 0x20202020);
&data_word(0x9a9a9a9a, 0xdbdbdbdb, 0xc0c0c0c0, 0xfefefefe);
&data_word(0x78787878, 0xcdcdcdcd, 0x5a5a5a5a, 0xf4f4f4f4);
&data_word(0x1f1f1f1f, 0xdddddddd, 0xa8a8a8a8, 0x33333333);
&data_word(0x88888888, 0x07070707, 0xc7c7c7c7, 0x31313131);
&data_word(0xb1b1b1b1, 0x12121212, 0x10101010, 0x59595959);
&data_word(0x27272727, 0x80808080, 0xecececec, 0x5f5f5f5f);
&data_word(0x60606060, 0x51515151, 0x7f7f7f7f, 0xa9a9a9a9);
&data_word(0x19191919, 0xb5b5b5b5, 0x4a4a4a4a, 0x0d0d0d0d);
&data_word(0x2d2d2d2d, 0xe5e5e5e5, 0x7a7a7a7a, 0x9f9f9f9f);
&data_word(0x93939393, 0xc9c9c9c9, 0x9c9c9c9c, 0xefefefef);
&data_word(0xa0a0a0a0, 0xe0e0e0e0, 0x3b3b3b3b, 0x4d4d4d4d);
&data_word(0xaeaeaeae, 0x2a2a2a2a, 0xf5f5f5f5, 0xb0b0b0b0);
&data_word(0xc8c8c8c8, 0xebebebeb, 0xbbbbbbbb, 0x3c3c3c3c);
&data_word(0x83838383, 0x53535353, 0x99999999, 0x61616161);
&data_word(0x17171717, 0x2b2b2b2b, 0x04040404, 0x7e7e7e7e);
&data_word(0xbabababa, 0x77777777, 0xd6d6d6d6, 0x26262626);
&data_word(0xe1e1e1e1, 0x69696969, 0x14141414, 0x63636363);
&data_word(0x55555555, 0x21212121, 0x0c0c0c0c, 0x7d7d7d7d);
&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
&function_end_B("_x86_AES_decrypt");
# void AES_decrypt (const void *inp,void *out,const AES_KEY *key);
@ -770,6 +744,18 @@ sub declast()
&blindpop("ebp");
&lea ("ebp",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp"));
# prefetch Td4
&lea ("ebp",&DWP(2048+128,"ebp"));
&mov ($s0,&DWP(0-128,"ebp"));
&mov ($s1,&DWP(32-128,"ebp"));
&mov ($s2,&DWP(64-128,"ebp"));
&mov ($s3,&DWP(96-128,"ebp"));
&mov ($s0,&DWP(128-128,"ebp"));
&mov ($s1,&DWP(160-128,"ebp"));
&mov ($s2,&DWP(192-128,"ebp"));
&mov ($s3,&DWP(224-128,"ebp"));
&lea ("ebp",&DWP(-2048-128,"ebp"));
&mov ($s0,&DWP(0,$acc)); # load input data
&mov ($s1,&DWP(4,$acc));
&mov ($s2,&DWP(8,$acc));
@ -805,6 +791,7 @@ my $_ivp=&DWP(36,"esp"); #copy of wparam(4)
my $_tmp=&DWP(40,"esp"); #volatile variable
my $ivec=&DWP(44,"esp"); #ivec[16]
my $aes_key=&DWP(60,"esp"); #copy of aes_key
my $mark=&DWP(60+240,"esp"); #copy of aes_key->rounds
&public_label("AES_Te");
&public_label("AES_Td");
@ -865,18 +852,27 @@ my $aes_key=&DWP(60,"esp"); #copy of aes_key
&mov ($_key,$s3); # save copy of key
&mov ($_ivp,$acc); # save copy of ivp
&mov ($mark,0); # copy of aes_key->rounds = 0;
if ($compromise) {
&cmp ($s2,$compromise);
&jb (&label("skip_ecopy"));
}
# copy key schedule to stack
&mov ("ecx",244/4);
# do we copy key schedule to stack?
&mov ($s1 eq "ebx" ? $s1 : "",$s3);
&mov ($s2 eq "ecx" ? $s2 : "",244/4);
&sub ($s1,"ebp");
&mov ("esi",$s3);
&and ($s1,0xfff);
&lea ("edi",$aes_key);
&mov ($_key,"edi");
&cmp ($s1,2048);
&jb (&label("do_ecopy"));
&cmp ($s1,4096-244);
&jb (&label("skip_ecopy"));
&align (4);
&data_word(0xF689A5F3); # rep movsd
&set_label("skip_ecopy") if ($compromise);
&set_label("do_ecopy");
&mov ($_key,"edi");
&data_word(0xA5F3F689); # rep movsd
&set_label("skip_ecopy");
&mov ($acc,$s0);
&mov ($key,16);
@ -942,18 +938,16 @@ my $aes_key=&DWP(60,"esp"); #copy of aes_key
&mov (&DWP(8,$acc),$s2);
&mov (&DWP(12,$acc),$s3);
&cmp ($mark,0); # was the key schedule copied?
&mov ("edi",$_key);
&mov ("esp",$_esp);
if ($compromise) {
&cmp (&wparam(2),$compromise);
&jb (&label("skip_ezero"));
}
&je (&label("skip_ezero"));
# zero copy of key schedule
&mov ("ecx",240/4);
&xor ("eax","eax");
&align (4);
&data_word(0xF689ABF3); # rep stosd
&set_label("skip_ezero") if ($compromise);
&data_word(0xABF3F689); # rep stosd
&set_label("skip_ezero")
&popf ();
&set_label("enc_out");
&function_end_A();
@ -968,7 +962,7 @@ my $aes_key=&DWP(60,"esp"); #copy of aes_key
&cmp ($key,$acc); # compare with inp
&je (&label("enc_in_place"));
&align (4);
&data_word(0xF689A4F3); # rep movsb # copy input
&data_word(0xA4F3F689); # rep movsb # copy input
&jmp (&label("enc_skip_in_place"));
&set_label("enc_in_place");
&lea ($key,&DWP(0,$key,$s2));
@ -976,7 +970,7 @@ my $aes_key=&DWP(60,"esp"); #copy of aes_key
&mov ($s2,$s1);
&xor ($s0,$s0);
&align (4);
&data_word(0xF689AAF3); # rep stosb # zero tail
&data_word(0xAAF3F689); # rep stosb # zero tail
&pop ($key); # pop ivp
&mov ($acc,$_out); # output as input
@ -996,10 +990,10 @@ my $aes_key=&DWP(60,"esp"); #copy of aes_key
# ... and make sure it doesn't alias with AES_Td modulo 4096
&mov ($s0,"ebp");
&lea ($s1,&DWP(3072,"ebp"));
&lea ($s1,&DWP(2048+256,"ebp"));
&mov ($s3,$key);
&and ($s0,0xfff); # s = %ebp&0xfff
&and ($s1,0xfff); # e = (%ebp+3072)&0xfff
&and ($s1,0xfff); # e = (%ebp+2048+256)&0xfff
&and ($s3,0xfff); # p = %esp&0xfff
&cmp ($s3,$s1); # if (p>=e) %esp =- (p-e);
@ -1030,21 +1024,30 @@ my $aes_key=&DWP(60,"esp"); #copy of aes_key
&mov ($_key,$s3); # save copy of key
&mov ($_ivp,$acc); # save copy of ivp
&mov ($mark,0); # copy of aes_key->rounds = 0;
if ($compromise) {
&cmp ($s2,$compromise);
&jb (&label("skip_dcopy"));
}
# copy key schedule to stack
&mov ("ecx",244/4);
# do we copy key schedule to stack?
&mov ($s1 eq "ebx" ? $s1 : "",$s3);
&mov ($s2 eq "ecx" ? $s2 : "",244/4);
&sub ($s1,"ebp");
&mov ("esi",$s3);
&and ($s1,0xfff);
&lea ("edi",$aes_key);
&mov ($_key,"edi");
&cmp ($s1,2048+256);
&jb (&label("do_dcopy"));
&cmp ($s1,4096-244);
&jb (&label("skip_dcopy"));
&align (4);
&data_word(0xF689A5F3); # rep movsd
&set_label("skip_dcopy") if ($compromise);
&set_label("do_dcopy");
&mov ($_key,"edi");
&data_word(0xA5F3F689); # rep movsd
&set_label("skip_dcopy");
&mov ($acc,$s0);
&mov ($key,24);
&mov ($key,18);
&align (4);
&set_label("prefetch_td");
&mov ($s0,&DWP(0,"ebp"));
@ -1054,7 +1057,7 @@ my $aes_key=&DWP(60,"esp"); #copy of aes_key
&lea ("ebp",&DWP(128,"ebp"));
&dec ($key);
&jnz (&label("prefetch_td"));
&sub ("ebp",3072);
&sub ("ebp",2048+256);
&cmp ($acc,$_out);
&je (&label("dec_in_place")); # in-place processing...
@ -1121,7 +1124,7 @@ my $aes_key=&DWP(60,"esp"); #copy of aes_key
&lea ($s2 eq "ecx" ? $s2 : "",&DWP(16,$acc));
&mov ($acc eq "esi" ? $acc : "",$key);
&mov ($key eq "edi" ? $key : "",$_out); # load out
&data_word(0xF689A4F3); # rep movsb # copy output
&data_word(0xA4F3F689); # rep movsb # copy output
&mov ($key,$_inp); # use inp as temp ivp
&jmp (&label("dec_end"));
@ -1188,22 +1191,20 @@ my $aes_key=&DWP(60,"esp"); #copy of aes_key
&lea ($key,&DWP(0,$key,$s2));
&lea ($acc,&DWP(16,$acc,$s2));
&neg ($s2 eq "ecx" ? $s2 : "");
&data_word(0xF689A4F3); # rep movsb # restore tail
&data_word(0xA4F3F689); # rep movsb # restore tail
&align (4);
&set_label("dec_out");
&cmp ($mark,0); # was the key schedule copied?
&mov ("edi",$_key);
&mov ("esp",$_esp);
if ($compromise) {
&cmp (&wparam(2),$compromise);
&jb (&label("skip_dzero"));
}
&je (&label("skip_dzero"));
# zero copy of key schedule
&mov ("ecx",240/4);
&xor ("eax","eax");
&align (4);
&data_word(0xF689ABF3); # rep stosd
&set_label("skip_dzero") if ($compromise);
&data_word(0xABF3F689); # rep stosd
&set_label("skip_dzero")
&popf ();
&function_end("AES_cbc_encrypt");
}

View File

@ -832,6 +832,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
}
else if (ret == -1)
return -1;
ret = 0;
/* SEQUENCE, SET and "OTHER" are left in encoded form */
if ((utype == V_ASN1_SEQUENCE)
|| (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER))
@ -878,7 +879,10 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
* for UNIVERSAL class and ignore the tag.
*/
if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL))
{
free_cont = 1;
goto err;
}
len = buf.length;
/* Append a final null to string */
if (!BUF_MEM_grow_clean(&buf, len + 1))

View File

@ -102,7 +102,7 @@ ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = {
IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO)
ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_INFO) = {
ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_REQ) = {
ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO),
ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR),
ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING)

View File

@ -1,3 +1,6 @@
#ifdef __SUNPRO_C
# include "../bn_asm.c" /* kind of dirty hack for Sun Studio */
#else
/*
* x86_64 BIGNUM accelerator version 0.1, December 2002.
*
@ -591,3 +594,4 @@ void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
r[6]=c1;
r[7]=c2;
}
#endif

View File

@ -55,6 +55,59 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/*
* Details about Montgomery multiplication algorithms can be found at
@ -353,18 +406,32 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from)
BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
const BIGNUM *mod, BN_CTX *ctx)
{
if (*pmont)
return *pmont;
CRYPTO_w_lock(lock);
int got_write_lock = 0;
BN_MONT_CTX *ret;
CRYPTO_r_lock(lock);
if (!*pmont)
{
BN_MONT_CTX *mtmp;
mtmp = BN_MONT_CTX_new();
if (mtmp && !BN_MONT_CTX_set(mtmp, mod, ctx))
BN_MONT_CTX_free(mtmp);
else
*pmont = mtmp;
CRYPTO_r_unlock(lock);
CRYPTO_w_lock(lock);
got_write_lock = 1;
if (!*pmont)
{
ret = BN_MONT_CTX_new();
if (ret && !BN_MONT_CTX_set(ret, mod, ctx))
BN_MONT_CTX_free(ret);
else
*pmont = ret;
}
}
CRYPTO_w_unlock(lock);
return *pmont;
ret = *pmont;
if (got_write_lock)
CRYPTO_w_unlock(lock);
else
CRYPTO_r_unlock(lock);
return ret;
}

View File

@ -378,13 +378,14 @@ static int probable_prime(BIGNUM *rnd, int bits)
{
int i;
BN_ULONG mods[NUMPRIMES];
BN_ULONG delta,d;
BN_ULONG delta,maxdelta;
again:
if (!BN_rand(rnd,bits,1,1)) return(0);
/* we now have a random number 'rand' to test. */
for (i=1; i<NUMPRIMES; i++)
mods[i]=BN_mod_word(rnd,(BN_ULONG)primes[i]);
maxdelta=BN_MASK2 - primes[NUMPRIMES-1];
delta=0;
loop: for (i=1; i<NUMPRIMES; i++)
{
@ -392,12 +393,8 @@ static int probable_prime(BIGNUM *rnd, int bits)
* that gcd(rnd-1,primes) == 1 (except for 2) */
if (((mods[i]+delta)%primes[i]) <= 1)
{
d=delta;
delta+=2;
/* perhaps need to check for overflow of
* delta (but delta can be up to 2^32)
* 21-May-98 eay - added overflow check */
if (delta < d) goto again;
if (delta > maxdelta) goto again;
goto loop;
}
}

View File

@ -0,0 +1,103 @@
#
# crypto/camellia/Makefile
#
DIR= camellia
TOP= ../..
CC= cc
CPP= $(CC) -E
INCLUDES=
CFLAG=-g
MAKEFILE= Makefile
AR= ar r
CAMELLIA_ASM_OBJ=
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
AFLAGS= $(ASFLAGS)
GENERAL=Makefile
#TEST=camelliatest.c
APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC=camellia.c cmll_misc.c cmll_ecb.c cmll_cbc.c cmll_ofb.c \
cmll_cfb.c cmll_ctr.c
LIBOBJ= camellia.o cmll_misc.o cmll_ecb.o cmll_cbc.o cmll_ofb.o \
cmll_cfb.o cmll_ctr.o $(CAMELLIA_ASM_OBJ)
SRC= $(LIBSRC)
EXHEADER= camellia.h
HEADER= cmll_locl.h $(EXHEADER)
ALL= $(GENERAL) $(SRC) $(HEADER)
top:
(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
all: lib
lib: $(LIBOBJ)
$(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
$(LIBOBJ): $(LIBSRC)
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
links:
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
tags:
ctags $(SRC)
tests:
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
clean:
rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.
camellia.o: ../../include/openssl/opensslconf.h camellia.c camellia.h
camellia.o: cmll_locl.h
cmll_cbc.o: ../../include/openssl/camellia.h
cmll_cbc.o: ../../include/openssl/opensslconf.h cmll_cbc.c cmll_locl.h
cmll_cfb.o: ../../e_os.h ../../include/openssl/camellia.h
cmll_cfb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
cmll_cfb.o: cmll_cfb.c cmll_locl.h
cmll_ctr.o: ../../include/openssl/camellia.h
cmll_ctr.o: ../../include/openssl/opensslconf.h cmll_ctr.c cmll_locl.h
cmll_ecb.o: ../../include/openssl/camellia.h
cmll_ecb.o: ../../include/openssl/opensslconf.h cmll_ecb.c cmll_locl.h
cmll_misc.o: ../../include/openssl/camellia.h
cmll_misc.o: ../../include/openssl/opensslconf.h
cmll_misc.o: ../../include/openssl/opensslv.h cmll_locl.h cmll_misc.c
cmll_ofb.o: ../../include/openssl/camellia.h
cmll_ofb.o: ../../include/openssl/opensslconf.h cmll_locl.h cmll_ofb.c

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,129 @@
/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef HEADER_CAMELLIA_H
#define HEADER_CAMELLIA_H
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_CAMELLIA
#error CAMELLIA is disabled.
#endif
#define CAMELLIA_ENCRYPT 1
#define CAMELLIA_DECRYPT 0
/* Because array size can't be a const in C, the following two are macros.
Both sizes are in bytes. */
#ifdef __cplusplus
extern "C" {
#endif
/* This should be a hidden type, but EVP requires that the size be known */
#define CAMELLIA_BLOCK_SIZE 16
#define CAMELLIA_TABLE_BYTE_LEN 272
#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
/* to match with WORD */
typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN];
struct camellia_key_st
{
KEY_TABLE_TYPE rd_key;
int bitLength;
void (*enc)(const unsigned int *subkey, unsigned int *io);
void (*dec)(const unsigned int *subkey, unsigned int *io);
};
typedef struct camellia_key_st CAMELLIA_KEY;
int Camellia_set_key(const unsigned char *userKey, const int bits,
CAMELLIA_KEY *key);
void Camellia_encrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key);
void Camellia_decrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key);
void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key, const int enc);
void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const CAMELLIA_KEY *key,
unsigned char *ivec, const int enc);
void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const CAMELLIA_KEY *key,
unsigned char *ivec, int *num, const int enc);
void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const CAMELLIA_KEY *key,
unsigned char *ivec, int *num, const int enc);
void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const CAMELLIA_KEY *key,
unsigned char *ivec, int *num, const int enc);
void Camellia_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
const int nbits,const CAMELLIA_KEY *key,
unsigned char *ivec,const int enc);
void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const CAMELLIA_KEY *key,
unsigned char *ivec, int *num);
void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const CAMELLIA_KEY *key,
unsigned char ivec[CAMELLIA_BLOCK_SIZE],
unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
unsigned int *num);
#ifdef __cplusplus
}
#endif
#endif /* !HEADER_Camellia_H */

View File

@ -0,0 +1,234 @@
/* crypto/camellia/camellia_cbc.c -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef CAMELLIA_DEBUG
# ifndef NDEBUG
# define NDEBUG
# endif
#endif
#include <assert.h>
#include <stdio.h>
#include <string.h>
#include <openssl/camellia.h>
#include "cmll_locl.h"
void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const CAMELLIA_KEY *key,
unsigned char *ivec, const int enc) {
unsigned long n;
unsigned long len = length;
unsigned char tmp[CAMELLIA_BLOCK_SIZE];
const unsigned char *iv = ivec;
uint32_t t32[UNITSIZE];
assert(in && out && key && ivec);
assert((CAMELLIA_ENCRYPT == enc)||(CAMELLIA_DECRYPT == enc));
if(((size_t)in) % ALIGN == 0
&& ((size_t)out) % ALIGN == 0
&& ((size_t)ivec) % ALIGN == 0)
{
if (CAMELLIA_ENCRYPT == enc)
{
while (len >= CAMELLIA_BLOCK_SIZE)
{
XOR4WORD2((uint32_t *)out,
(uint32_t *)in, (uint32_t *)iv);
key->enc(key->rd_key, (uint32_t *)out);
iv = out;
len -= CAMELLIA_BLOCK_SIZE;
in += CAMELLIA_BLOCK_SIZE;
out += CAMELLIA_BLOCK_SIZE;
}
if (len)
{
for(n=0; n < len; ++n)
out[n] = in[n] ^ iv[n];
for(n=len; n < CAMELLIA_BLOCK_SIZE; ++n)
out[n] = iv[n];
key->enc(key->rd_key, (uint32_t *)out);
iv = out;
}
memcpy(ivec,iv,CAMELLIA_BLOCK_SIZE);
}
else if (in != out)
{
while (len >= CAMELLIA_BLOCK_SIZE)
{
memcpy(out,in,CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key,(uint32_t *)out);
XOR4WORD((uint32_t *)out, (uint32_t *)iv);
iv = in;
len -= CAMELLIA_BLOCK_SIZE;
in += CAMELLIA_BLOCK_SIZE;
out += CAMELLIA_BLOCK_SIZE;
}
if (len)
{
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key, (uint32_t *)tmp);
for(n=0; n < len; ++n)
out[n] = tmp[n] ^ iv[n];
iv = in;
}
memcpy(ivec,iv,CAMELLIA_BLOCK_SIZE);
}
else /* in == out */
{
while (len >= CAMELLIA_BLOCK_SIZE)
{
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key, (uint32_t *)out);
XOR4WORD((uint32_t *)out, (uint32_t *)ivec);
memcpy(ivec, tmp, CAMELLIA_BLOCK_SIZE);
len -= CAMELLIA_BLOCK_SIZE;
in += CAMELLIA_BLOCK_SIZE;
out += CAMELLIA_BLOCK_SIZE;
}
if (len)
{
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key,(uint32_t *)out);
for(n=0; n < len; ++n)
out[n] ^= ivec[n];
for(n=len; n < CAMELLIA_BLOCK_SIZE; ++n)
out[n] = tmp[n];
memcpy(ivec, tmp, CAMELLIA_BLOCK_SIZE);
}
}
}
else /* no aligned */
{
if (CAMELLIA_ENCRYPT == enc)
{
while (len >= CAMELLIA_BLOCK_SIZE)
{
for(n=0; n < CAMELLIA_BLOCK_SIZE; ++n)
out[n] = in[n] ^ iv[n];
memcpy(t32, out, CAMELLIA_BLOCK_SIZE);
key->enc(key->rd_key, t32);
memcpy(out, t32, CAMELLIA_BLOCK_SIZE);
iv = out;
len -= CAMELLIA_BLOCK_SIZE;
in += CAMELLIA_BLOCK_SIZE;
out += CAMELLIA_BLOCK_SIZE;
}
if (len)
{
for(n=0; n < len; ++n)
out[n] = in[n] ^ iv[n];
for(n=len; n < CAMELLIA_BLOCK_SIZE; ++n)
out[n] = iv[n];
key->enc(key->rd_key, (uint32_t *)out);
iv = out;
}
memcpy(ivec,iv,CAMELLIA_BLOCK_SIZE);
}
else if (in != out)
{
while (len >= CAMELLIA_BLOCK_SIZE)
{
memcpy(t32,in,CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key,t32);
memcpy(out,t32,CAMELLIA_BLOCK_SIZE);
for(n=0; n < CAMELLIA_BLOCK_SIZE; ++n)
out[n] ^= iv[n];
iv = in;
len -= CAMELLIA_BLOCK_SIZE;
in += CAMELLIA_BLOCK_SIZE;
out += CAMELLIA_BLOCK_SIZE;
}
if (len)
{
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
memcpy(t32, in, CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key, t32);
memcpy(out, t32, CAMELLIA_BLOCK_SIZE);
for(n=0; n < len; ++n)
out[n] = tmp[n] ^ iv[n];
iv = in;
}
memcpy(ivec,iv,CAMELLIA_BLOCK_SIZE);
}
else
{
while (len >= CAMELLIA_BLOCK_SIZE)
{
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
memcpy(t32, in, CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key, t32);
memcpy(out, t32, CAMELLIA_BLOCK_SIZE);
for(n=0; n < CAMELLIA_BLOCK_SIZE; ++n)
out[n] ^= ivec[n];
memcpy(ivec, tmp, CAMELLIA_BLOCK_SIZE);
len -= CAMELLIA_BLOCK_SIZE;
in += CAMELLIA_BLOCK_SIZE;
out += CAMELLIA_BLOCK_SIZE;
}
if (len)
{
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
memcpy(t32, in, CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key,t32);
memcpy(out, t32, CAMELLIA_BLOCK_SIZE);
for(n=0; n < len; ++n)
out[n] ^= ivec[n];
for(n=len; n < CAMELLIA_BLOCK_SIZE; ++n)
out[n] = tmp[n];
memcpy(ivec, tmp, CAMELLIA_BLOCK_SIZE);
}
}
}
}

View File

@ -0,0 +1,235 @@
/* crypto/camellia/camellia_cfb.c -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#ifndef CAMELLIA_DEBUG
# ifndef NDEBUG
# define NDEBUG
# endif
#endif
#include <assert.h>
#include <string.h>
#include <openssl/camellia.h>
#include "cmll_locl.h"
#include "e_os.h"
/* The input and output encrypted as though 128bit cfb mode is being
* used. The extra state information to record how much of the
* 128bit block we have used is contained in *num;
*/
void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const CAMELLIA_KEY *key,
unsigned char *ivec, int *num, const int enc)
{
unsigned int n;
unsigned long l = length;
unsigned char c;
assert(in && out && key && ivec && num);
n = *num;
if (enc)
{
while (l--)
{
if (n == 0)
{
Camellia_encrypt(ivec, ivec, key);
}
ivec[n] = *(out++) = *(in++) ^ ivec[n];
n = (n+1) % CAMELLIA_BLOCK_SIZE;
}
}
else
{
while (l--)
{
if (n == 0)
{
Camellia_encrypt(ivec, ivec, key);
}
c = *(in);
*(out++) = *(in++) ^ ivec[n];
ivec[n] = c;
n = (n+1) % CAMELLIA_BLOCK_SIZE;
}
}
*num=n;
}
/* This expects a single block of size nbits for both in and out. Note that
it corrupts any extra bits in the last byte of out */
void Camellia_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
const int nbits,const CAMELLIA_KEY *key,
unsigned char *ivec,const int enc)
{
int n,rem,num;
unsigned char ovec[CAMELLIA_BLOCK_SIZE*2];
if (nbits<=0 || nbits>128) return;
/* fill in the first half of the new IV with the current IV */
memcpy(ovec,ivec,CAMELLIA_BLOCK_SIZE);
/* construct the new IV */
Camellia_encrypt(ivec,ivec,key);
num = (nbits+7)/8;
if (enc) /* encrypt the input */
for(n=0 ; n < num ; ++n)
out[n] = (ovec[CAMELLIA_BLOCK_SIZE+n] = in[n] ^ ivec[n]);
else /* decrypt the input */
for(n=0 ; n < num ; ++n)
out[n] = (ovec[CAMELLIA_BLOCK_SIZE+n] = in[n]) ^ ivec[n];
/* shift ovec left... */
rem = nbits%8;
num = nbits/8;
if(rem==0)
memcpy(ivec,ovec+num,CAMELLIA_BLOCK_SIZE);
else
for(n=0 ; n < CAMELLIA_BLOCK_SIZE ; ++n)
ivec[n] = ovec[n+num]<<rem | ovec[n+num+1]>>(8-rem);
/* it is not necessary to cleanse ovec, since the IV is not secret */
}
/* N.B. This expects the input to be packed, MS bit first */
void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const CAMELLIA_KEY *key,
unsigned char *ivec, int *num, const int enc)
{
unsigned int n;
unsigned char c[1],d[1];
assert(in && out && key && ivec && num);
assert(*num == 0);
memset(out,0,(length+7)/8);
for(n=0 ; n < length ; ++n)
{
c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
Camellia_cfbr_encrypt_block(c,d,1,key,ivec,enc);
out[n/8]=(out[n/8]&~(1 << (7-n%8)))|((d[0]&0x80) >> (n%8));
}
}
void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const CAMELLIA_KEY *key,
unsigned char *ivec, int *num, const int enc)
{
unsigned int n;
assert(in && out && key && ivec && num);
assert(*num == 0);
for(n=0 ; n < length ; ++n)
Camellia_cfbr_encrypt_block(&in[n],&out[n],8,key,ivec,enc);
}

View File

@ -0,0 +1,143 @@
/* crypto/camellia/camellia_ctr.c -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef CAMELLIA_DEBUG
# ifndef NDEBUG
# define NDEBUG
# endif
#endif
#include <assert.h>
#include <openssl/camellia.h>
#include "cmll_locl.h"
/* NOTE: the IV/counter CTR mode is big-endian. The rest of the Camellia code
* is endian-neutral. */
/* increment counter (128-bit int) by 1 */
static void Camellia_ctr128_inc(unsigned char *counter)
{
unsigned long c;
/* Grab bottom dword of counter and increment */
c = GETU32(counter + 12);
c++; c &= 0xFFFFFFFF;
PUTU32(counter + 12, c);
/* if no overflow, we're done */
if (c)
return;
/* Grab 1st dword of counter and increment */
c = GETU32(counter + 8);
c++; c &= 0xFFFFFFFF;
PUTU32(counter + 8, c);
/* if no overflow, we're done */
if (c)
return;
/* Grab 2nd dword of counter and increment */
c = GETU32(counter + 4);
c++; c &= 0xFFFFFFFF;
PUTU32(counter + 4, c);
/* if no overflow, we're done */
if (c)
return;
/* Grab top dword of counter and increment */
c = GETU32(counter + 0);
c++; c &= 0xFFFFFFFF;
PUTU32(counter + 0, c);
}
/* The input encrypted as though 128bit counter mode is being
* used. The extra state information to record how much of the
* 128bit block we have used is contained in *num, and the
* encrypted counter is kept in ecount_buf. Both *num and
* ecount_buf must be initialised with zeros before the first
* call to Camellia_ctr128_encrypt().
*
* This algorithm assumes that the counter is in the x lower bits
* of the IV (ivec), and that the application has full control over
* overflow and the rest of the IV. This implementation takes NO
* responsability for checking that the counter doesn't overflow
* into the rest of the IV when incremented.
*/
void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const CAMELLIA_KEY *key,
unsigned char ivec[CAMELLIA_BLOCK_SIZE],
unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
unsigned int *num)
{
unsigned int n;
unsigned long l=length;
assert(in && out && key && counter && num);
assert(*num < CAMELLIA_BLOCK_SIZE);
n = *num;
while (l--)
{
if (n == 0)
{
Camellia_encrypt(ivec, ecount_buf, key);
Camellia_ctr128_inc(ivec);
}
*(out++) = *(in++) ^ ecount_buf[n];
n = (n+1) % CAMELLIA_BLOCK_SIZE;
}
*num=n;
}

View File

@ -0,0 +1,74 @@
/* crypto/camellia/camellia_ecb.c -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef CAMELLIA_DEBUG
# ifndef NDEBUG
# define NDEBUG
# endif
#endif
#include <assert.h>
#include <openssl/camellia.h>
#include "cmll_locl.h"
void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key, const int enc)
{
assert(in && out && key);
assert((CAMELLIA_ENCRYPT == enc)||(CAMELLIA_DECRYPT == enc));
if (CAMELLIA_ENCRYPT == enc)
Camellia_encrypt(in, out, key);
else
Camellia_decrypt(in, out, key);
}

View File

@ -0,0 +1,178 @@
/* crypto/camellia/camellia_locl.h -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
* ALL RIGHTS RESERVED.
*
* Intellectual Property information for Camellia:
* http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
*
* News Release for Announcement of Camellia open source:
* http://www.ntt.co.jp/news/news06e/0604/060413a.html
*
* The Camellia Code included herein is developed by
* NTT (Nippon Telegraph and Telephone Corporation), and is contributed
* to the OpenSSL project.
*
* The Camellia Code is licensed pursuant to the OpenSSL open source
* license provided below.
*/
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#ifndef HEADER_CAMELLIA_LOCL_H
#define HEADER_CAMELLIA_LOCL_H
#include "openssl/e_os2.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#if defined(_MSC_VER)
typedef unsigned char uint8_t;
typedef unsigned int uint32_t;
typedef unsigned __int64 uint64_t;
#else
#include <inttypes.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
#define ALIGN 4
#define UNITSIZE 4
#if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
# define SWAP(x) ( _lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00 )
# define GETU32(p) SWAP(*((uint32_t *)(p)))
# define PUTU32(ct, st) { *((uint32_t *)(ct)) = SWAP((st)); }
# define CAMELLIA_SWAP4(x) (x = ( _lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) )
#else /* not windows */
# define GETU32(pt) (((uint32_t)(pt)[0] << 24) \
^ ((uint32_t)(pt)[1] << 16) \
^ ((uint32_t)(pt)[2] << 8) \
^ ((uint32_t)(pt)[3]))
# define PUTU32(ct, st) { (ct)[0] = (uint8_t)((st) >> 24); \
(ct)[1] = (uint8_t)((st) >> 16); \
(ct)[2] = (uint8_t)((st) >> 8); \
(ct)[3] = (uint8_t)(st); }
#ifdef L_ENDIAN
#if (defined (__GNUC__) && !defined(i386))
#define CAMELLIA_SWAP4(x) \
do{\
asm("bswap %1" : "+r" (x));\
}while(0)
#else /* not gcc */
#define CAMELLIA_SWAP4(x) \
do{\
x = ((uint32_t)x << 16) + ((uint32_t)x >> 16);\
x = (((uint32_t)x & 0xff00ff) << 8) + (((uint32_t)x >> 8) & 0xff00ff);\
} while(0)
#endif /* not gcc */
#else /* big endian */
#define CAMELLIA_SWAP4(x)
#endif /* L_ENDIAN */
#endif
#define COPY4WORD(dst, src) \
do \
{ \
(dst)[0]=(src)[0]; \
(dst)[1]=(src)[1]; \
(dst)[2]=(src)[2]; \
(dst)[3]=(src)[3]; \
}while(0)
#define SWAP4WORD(word) \
do \
{ \
CAMELLIA_SWAP4((word)[0]); \
CAMELLIA_SWAP4((word)[1]); \
CAMELLIA_SWAP4((word)[2]); \
CAMELLIA_SWAP4((word)[3]); \
}while(0)
#define XOR4WORD(a, b)/* a = a ^ b */ \
do \
{ \
(a)[0]^=(b)[0]; \
(a)[1]^=(b)[1]; \
(a)[2]^=(b)[2]; \
(a)[3]^=(b)[3]; \
}while(0)
#define XOR4WORD2(a, b, c)/* a = b ^ c */ \
do \
{ \
(a)[0]=(b)[0]^(c)[0]; \
(a)[1]=(b)[1]^(c)[1]; \
(a)[2]=(b)[2]^(c)[2]; \
(a)[3]=(b)[3]^(c)[3]; \
}while(0)
void camellia_setup128(const unsigned char *key, uint32_t *subkey);
void camellia_setup192(const unsigned char *key, uint32_t *subkey);
void camellia_setup256(const unsigned char *key, uint32_t *subkey);
void camellia_encrypt128(const uint32_t *subkey, uint32_t *io);
void camellia_decrypt128(const uint32_t *subkey, uint32_t *io);
void camellia_encrypt256(const uint32_t *subkey, uint32_t *io);
void camellia_decrypt256(const uint32_t *subkey, uint32_t *io);
#ifdef __cplusplus
}
#endif
#endif /* #ifndef HEADER_CAMELLIA_LOCL_H */

View File

@ -0,0 +1,110 @@
/* crypto/camellia/camellia_misc.c -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <openssl/opensslv.h>
#include <openssl/camellia.h>
#include "cmll_locl.h"
const char *CAMELLIA_version="CAMELLIA" OPENSSL_VERSION_PTEXT;
int Camellia_set_key(const unsigned char *userKey, const int bits,
CAMELLIA_KEY *key)
{
if (!userKey || !key)
{
return -1;
}
switch(bits)
{
case 128:
camellia_setup128(userKey, (unsigned int *)key->rd_key);
key->enc = camellia_encrypt128;
key->dec = camellia_decrypt128;
break;
case 192:
camellia_setup192(userKey, (unsigned int *)key->rd_key);
key->enc = camellia_encrypt256;
key->dec = camellia_decrypt256;
break;
case 256:
camellia_setup256(userKey, (unsigned int *)key->rd_key);
key->enc = camellia_encrypt256;
key->dec = camellia_decrypt256;
break;
default:
return -2;
}
key->bitLength = bits;
return 0;
}
void Camellia_encrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key)
{
uint32_t tmp[UNITSIZE];
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
key->enc(key->rd_key, tmp);
memcpy(out, tmp, CAMELLIA_BLOCK_SIZE);
}
void Camellia_decrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key)
{
uint32_t tmp[UNITSIZE];
memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
key->dec(key->rd_key, tmp);
memcpy(out, tmp, CAMELLIA_BLOCK_SIZE);
}

View File

@ -0,0 +1,141 @@
/* crypto/camellia/camellia_ofb.c -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#ifndef CAMELLIA_DEBUG
# ifndef NDEBUG
# define NDEBUG
# endif
#endif
#include <assert.h>
#include <openssl/camellia.h>
#include "cmll_locl.h"
/* The input and output encrypted as though 128bit ofb mode is being
* used. The extra state information to record how much of the
* 128bit block we have used is contained in *num;
*/
void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const CAMELLIA_KEY *key,
unsigned char *ivec, int *num) {
unsigned int n;
unsigned long l=length;
assert(in && out && key && ivec && num);
n = *num;
while (l--) {
if (n == 0) {
Camellia_encrypt(ivec, ivec, key);
}
*(out++) = *(in++) ^ ivec[n];
n = (n+1) % CAMELLIA_BLOCK_SIZE;
}
*num=n;
}

View File

@ -73,6 +73,10 @@
#include <openssl/bn.h>
#endif
#ifndef OPENSSL_DH_MAX_MODULUS_BITS
# define OPENSSL_DH_MAX_MODULUS_BITS 10000
#endif
#define DH_FLAG_CACHE_MONT_P 0x01
#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
* implementation now uses constant time
@ -221,6 +225,7 @@ void ERR_load_DH_strings(void);
/* Reason codes. */
#define DH_R_BAD_GENERATOR 101
#define DH_R_INVALID_PUBKEY 102
#define DH_R_MODULUS_TOO_LARGE 103
#define DH_R_NO_PRIVATE_VALUE 100
#ifdef __cplusplus

View File

@ -84,6 +84,7 @@ static ERR_STRING_DATA DH_str_reasons[]=
{
{ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"},
{ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"},
{ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"},
{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"},
{0,NULL}
};

View File

@ -179,6 +179,12 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
int ret= -1;
int check_result;
if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
{
DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
goto err;
}
ctx = BN_CTX_new();
if (ctx == NULL) goto err;
BN_CTX_start(ctx);

View File

@ -84,6 +84,10 @@
#endif
#endif
#ifndef OPENSSL_DSA_MAX_MODULUS_BITS
# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
#endif
#define DSA_FLAG_CACHE_MONT_P 0x01
#define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA
* implementation now uses constant time
@ -270,8 +274,10 @@ void ERR_load_DSA_strings(void);
#define DSA_F_SIG_CB 114
/* Reason codes. */
#define DSA_R_BAD_Q_VALUE 102
#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
#define DSA_R_MISSING_PARAMETERS 101
#define DSA_R_MODULUS_TOO_LARGE 103
#ifdef __cplusplus
}

View File

@ -89,8 +89,10 @@ static ERR_STRING_DATA DSA_str_functs[]=
static ERR_STRING_DATA DSA_str_reasons[]=
{
{ERR_REASON(DSA_R_BAD_Q_VALUE) ,"bad q value"},
{ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
{ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"},
{ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"},
{0,NULL}
};

View File

@ -304,6 +304,18 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
return -1;
}
if (BN_num_bits(dsa->q) != 160)
{
DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_BAD_Q_VALUE);
return -1;
}
if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS)
{
DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE);
return -1;
}
BN_init(&u1);
BN_init(&u2);
BN_init(&t1);

View File

@ -93,6 +93,10 @@ extern "C" {
#endif
#ifndef OPENSSL_ECC_MAX_FIELD_BITS
# define OPENSSL_ECC_MAX_FIELD_BITS 661
#endif
typedef enum {
/* values as defined in X9.62 (ECDSA) and elsewhere */
POINT_CONVERSION_COMPRESSED = 2,
@ -482,6 +486,7 @@ void ERR_load_EC_strings(void);
#define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
#define EC_R_DISCRIMINANT_IS_ZERO 118
#define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
#define EC_R_FIELD_TOO_LARGE 138
#define EC_R_GROUP2PKPARAMETERS_FAILURE 120
#define EC_R_I2D_ECPKPARAMETERS_FAILURE 121
#define EC_R_INCOMPATIBLE_OBJECTS 101
@ -492,7 +497,9 @@ void ERR_load_EC_strings(void);
#define EC_R_INVALID_FIELD 103
#define EC_R_INVALID_FORM 104
#define EC_R_INVALID_GROUP_ORDER 122
#define EC_R_INVALID_PENTANOMIAL_BASIS 132
#define EC_R_INVALID_PRIVATE_KEY 123
#define EC_R_INVALID_TRINOMIAL_BASIS 137
#define EC_R_MISSING_PARAMETERS 124
#define EC_R_MISSING_PRIVATE_KEY 125
#define EC_R_NOT_A_NIST_PRIME 135

View File

@ -741,6 +741,7 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
EC_GROUP *ret = NULL;
BIGNUM *p = NULL, *a = NULL, *b = NULL;
EC_POINT *point=NULL;
long field_bits;
if (!params->fieldID || !params->fieldID->fieldType ||
!params->fieldID->p.ptr)
@ -779,6 +780,13 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
char_two = params->fieldID->p.char_two;
field_bits = char_two->m;
if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS)
{
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
goto err;
}
if ((p = BN_new()) == NULL)
{
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE);
@ -799,6 +807,13 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
}
tmp_long = ASN1_INTEGER_get(char_two->p.tpBasis);
if (!(char_two->m > tmp_long && tmp_long > 0))
{
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_TRINOMIAL_BASIS);
goto err;
}
/* create the polynomial */
if (!BN_set_bit(p, (int)char_two->m))
goto err;
@ -817,6 +832,13 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
goto err;
}
if (!(char_two->m > penta->k3 && penta->k3 > penta->k2 && penta->k2 > penta->k1 && penta->k1 > 0))
{
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_PENTANOMIAL_BASIS);
goto err;
}
/* create the polynomial */
if (!BN_set_bit(p, (int)char_two->m)) goto err;
if (!BN_set_bit(p, (int)penta->k1)) goto err;
@ -853,6 +875,20 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
goto err;
}
if (BN_is_negative(p) || BN_is_zero(p))
{
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
goto err;
}
field_bits = BN_num_bits(p);
if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS)
{
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
goto err;
}
/* create the EC_GROUP structure */
ret = EC_GROUP_new_curve_GFp(p, a, b, NULL);
}
@ -910,6 +946,16 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
goto err;
}
if (BN_is_negative(a) || BN_is_zero(a))
{
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
goto err;
}
if (BN_num_bits(a) > (int)field_bits + 1) /* Hasse bound */
{
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
goto err;
}
/* extract the cofactor (optional) */
if (params->cofactor == NULL)

View File

@ -188,6 +188,7 @@ static ERR_STRING_DATA EC_str_reasons[]=
{ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE),"d2i ecpkparameters failure"},
{ERR_REASON(EC_R_DISCRIMINANT_IS_ZERO) ,"discriminant is zero"},
{ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE),"ec group new by name failure"},
{ERR_REASON(EC_R_FIELD_TOO_LARGE) ,"field too large"},
{ERR_REASON(EC_R_GROUP2PKPARAMETERS_FAILURE),"group2pkparameters failure"},
{ERR_REASON(EC_R_I2D_ECPKPARAMETERS_FAILURE),"i2d ecpkparameters failure"},
{ERR_REASON(EC_R_INCOMPATIBLE_OBJECTS) ,"incompatible objects"},
@ -198,7 +199,9 @@ static ERR_STRING_DATA EC_str_reasons[]=
{ERR_REASON(EC_R_INVALID_FIELD) ,"invalid field"},
{ERR_REASON(EC_R_INVALID_FORM) ,"invalid form"},
{ERR_REASON(EC_R_INVALID_GROUP_ORDER) ,"invalid group order"},
{ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS),"invalid pentanomial basis"},
{ERR_REASON(EC_R_INVALID_PRIVATE_KEY) ,"invalid private key"},
{ERR_REASON(EC_R_INVALID_TRINOMIAL_BASIS),"invalid trinomial basis"},
{ERR_REASON(EC_R_MISSING_PARAMETERS) ,"missing parameters"},
{ERR_REASON(EC_R_MISSING_PRIVATE_KEY) ,"missing private key"},
{ERR_REASON(EC_R_NOT_A_NIST_PRIME) ,"not a NIST prime"},

View File

@ -548,9 +548,20 @@ static void build_SYS_str_reasons(void)
int i;
static int init = 1;
if (!init) return;
CRYPTO_r_lock(CRYPTO_LOCK_ERR);
if (!init)
{
CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
return;
}
CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
CRYPTO_w_lock(CRYPTO_LOCK_ERR);
if (!init)
{
CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
return;
}
for (i = 1; i <= NUM_SYS_STR_REASONS; i++)
{

View File

@ -19,7 +19,7 @@ APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
e_des.c e_bf.c e_idea.c e_des3.c \
e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
e_rc4.c e_aes.c names.c \
e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \
@ -31,7 +31,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
e_old.c
LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \
e_des.o e_bf.o e_idea.o e_des3.o \
e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
e_rc4.o e_aes.o names.o \
e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \
@ -195,6 +195,7 @@ e_bf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
e_bf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
e_bf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
e_bf.o: ../../include/openssl/symhacks.h ../cryptlib.h e_bf.c evp_locl.h
e_camellia.o: ../../include/openssl/opensslconf.h e_camellia.c
e_cast.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_cast.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
e_cast.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h

View File

@ -183,6 +183,34 @@ void OpenSSL_add_all_ciphers(void)
EVP_add_cipher_alias(SN_aes_256_cbc,"AES256");
EVP_add_cipher_alias(SN_aes_256_cbc,"aes256");
#endif
#ifndef OPENSSL_NO_CAMELLIA
EVP_add_cipher(EVP_camellia_128_ecb());
EVP_add_cipher(EVP_camellia_128_cbc());
EVP_add_cipher(EVP_camellia_128_cfb());
EVP_add_cipher(EVP_camellia_128_cfb1());
EVP_add_cipher(EVP_camellia_128_cfb8());
EVP_add_cipher(EVP_camellia_128_ofb());
EVP_add_cipher_alias(SN_camellia_128_cbc,"CAMELLIA128");
EVP_add_cipher_alias(SN_camellia_128_cbc,"camellia128");
EVP_add_cipher(EVP_camellia_192_ecb());
EVP_add_cipher(EVP_camellia_192_cbc());
EVP_add_cipher(EVP_camellia_192_cfb());
EVP_add_cipher(EVP_camellia_192_cfb1());
EVP_add_cipher(EVP_camellia_192_cfb8());
EVP_add_cipher(EVP_camellia_192_ofb());
EVP_add_cipher_alias(SN_camellia_192_cbc,"CAMELLIA192");
EVP_add_cipher_alias(SN_camellia_192_cbc,"camellia192");
EVP_add_cipher(EVP_camellia_256_ecb());
EVP_add_cipher(EVP_camellia_256_cbc());
EVP_add_cipher(EVP_camellia_256_cfb());
EVP_add_cipher(EVP_camellia_256_cfb1());
EVP_add_cipher(EVP_camellia_256_cfb8());
EVP_add_cipher(EVP_camellia_256_ofb());
EVP_add_cipher_alias(SN_camellia_256_cbc,"CAMELLIA256");
EVP_add_cipher_alias(SN_camellia_256_cbc,"camellia256");
#endif
PKCS12_PBE_add();
PKCS5_PBE_add();
}

View File

@ -0,0 +1,131 @@
/* crypto/evp/e_camellia.c -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_CAMELLIA
#include <openssl/evp.h>
#include <openssl/err.h>
#include <string.h>
#include <assert.h>
#include <openssl/camellia.h>
#include "evp_locl.h"
static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
/* Camellia subkey Structure */
typedef struct
{
CAMELLIA_KEY ks;
} EVP_CAMELLIA_KEY;
/* Attribute operation for Camellia */
#define data(ctx) EVP_C_DATA(EVP_CAMELLIA_KEY,ctx)
IMPLEMENT_BLOCK_CIPHER(camellia_128, ks, Camellia, EVP_CAMELLIA_KEY,
NID_camellia_128, 16, 16, 16, 128,
0, camellia_init_key, NULL,
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
NULL)
IMPLEMENT_BLOCK_CIPHER(camellia_192, ks, Camellia, EVP_CAMELLIA_KEY,
NID_camellia_192, 16, 24, 16, 128,
0, camellia_init_key, NULL,
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
NULL)
IMPLEMENT_BLOCK_CIPHER(camellia_256, ks, Camellia, EVP_CAMELLIA_KEY,
NID_camellia_256, 16, 32, 16, 128,
0, camellia_init_key, NULL,
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
NULL)
#define IMPLEMENT_CAMELLIA_CFBR(ksize,cbits) IMPLEMENT_CFBR(camellia,Camellia,EVP_CAMELLIA_KEY,ks,ksize,cbits,16)
IMPLEMENT_CAMELLIA_CFBR(128,1)
IMPLEMENT_CAMELLIA_CFBR(192,1)
IMPLEMENT_CAMELLIA_CFBR(256,1)
IMPLEMENT_CAMELLIA_CFBR(128,8)
IMPLEMENT_CAMELLIA_CFBR(192,8)
IMPLEMENT_CAMELLIA_CFBR(256,8)
/* The subkey for Camellia is generated. */
static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
int ret;
ret=Camellia_set_key(key, ctx->key_len * 8, ctx->cipher_data);
if(ret < 0)
{
EVPerr(EVP_F_CAMELLIA_INIT_KEY,EVP_R_CAMELLIA_KEY_SETUP_FAILED);
return 0;
}
return 1;
}
#else
# ifdef PEDANTIC
static void *dummy=&dummy;
# endif
#endif

View File

@ -738,6 +738,29 @@ const EVP_CIPHER *EVP_aes_256_ofb(void);
const EVP_CIPHER *EVP_aes_256_ctr(void);
#endif
#endif
#ifndef OPENSSL_NO_CAMELLIA
const EVP_CIPHER *EVP_camellia_128_ecb(void);
const EVP_CIPHER *EVP_camellia_128_cbc(void);
const EVP_CIPHER *EVP_camellia_128_cfb1(void);
const EVP_CIPHER *EVP_camellia_128_cfb8(void);
const EVP_CIPHER *EVP_camellia_128_cfb128(void);
# define EVP_camellia_128_cfb EVP_camellia_128_cfb128
const EVP_CIPHER *EVP_camellia_128_ofb(void);
const EVP_CIPHER *EVP_camellia_192_ecb(void);
const EVP_CIPHER *EVP_camellia_192_cbc(void);
const EVP_CIPHER *EVP_camellia_192_cfb1(void);
const EVP_CIPHER *EVP_camellia_192_cfb8(void);
const EVP_CIPHER *EVP_camellia_192_cfb128(void);
# define EVP_camellia_192_cfb EVP_camellia_192_cfb128
const EVP_CIPHER *EVP_camellia_192_ofb(void);
const EVP_CIPHER *EVP_camellia_256_ecb(void);
const EVP_CIPHER *EVP_camellia_256_cbc(void);
const EVP_CIPHER *EVP_camellia_256_cfb1(void);
const EVP_CIPHER *EVP_camellia_256_cfb8(void);
const EVP_CIPHER *EVP_camellia_256_cfb128(void);
# define EVP_camellia_256_cfb EVP_camellia_256_cfb128
const EVP_CIPHER *EVP_camellia_256_ofb(void);
#endif
void OPENSSL_add_all_algorithms_noconf(void);
void OPENSSL_add_all_algorithms_conf(void);
@ -854,6 +877,7 @@ void ERR_load_EVP_strings(void);
/* Function codes. */
#define EVP_F_AES_INIT_KEY 133
#define EVP_F_CAMELLIA_INIT_KEY 159
#define EVP_F_D2I_PKEY 100
#define EVP_F_DSAPKEY2PKCS8 134
#define EVP_F_DSA_PKEY2PKCS8 135
@ -897,6 +921,7 @@ void ERR_load_EVP_strings(void);
#define EVP_R_BAD_KEY_LENGTH 137
#define EVP_R_BN_DECODE_ERROR 112
#define EVP_R_BN_PUBKEY_ERROR 113
#define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157
#define EVP_R_CIPHER_PARAMETER_ERROR 122
#define EVP_R_CTRL_NOT_IMPLEMENTED 132
#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133

View File

@ -71,6 +71,7 @@
static ERR_STRING_DATA EVP_str_functs[]=
{
{ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
{ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"},
{ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
{ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"},
{ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"},
@ -117,6 +118,7 @@ static ERR_STRING_DATA EVP_str_reasons[]=
{ERR_REASON(EVP_R_BAD_KEY_LENGTH) ,"bad key length"},
{ERR_REASON(EVP_R_BN_DECODE_ERROR) ,"bn decode error"},
{ERR_REASON(EVP_R_BN_PUBKEY_ERROR) ,"bn pubkey error"},
{ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED),"camellia key setup failed"},
{ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR),"cipher parameter error"},
{ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) ,"ctrl not implemented"},
{ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),"ctrl operation not implemented"},

View File

@ -416,6 +416,13 @@ int main(int argc,char **argv)
fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
continue;
}
#endif
#ifdef OPENSSL_NO_CAMELLIA
if (strstr(cipher, "CAMELLIA") == cipher)
{
fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
continue;
}
#endif
fprintf(stderr,"Can't find %s\n",cipher);
EXIT(3);

View File

@ -181,3 +181,132 @@ RC4:00000000000000000000000000000000::0000000000000000:de188941a3375d3a
RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858
RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf
RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61
# Camellia tests from RFC3713
# For all ECB encrypts and decrypts, the transformed sequence is
# CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec
CAMELLIA-128-ECB:0123456789abcdeffedcba9876543210::0123456789abcdeffedcba9876543210:67673138549669730857065648eabe43
CAMELLIA-192-ECB:0123456789abcdeffedcba98765432100011223344556677::0123456789abcdeffedcba9876543210:b4993401b3e996f84ee5cee7d79b09b9
CAMELLIA-256-ECB:0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff::0123456789abcdeffedcba9876543210:9acc237dff16d76c20ef7c919e3a7509
# ECB-CAMELLIA128.Encrypt
CAMELLIA-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:77CF412067AF8270613529149919546F:1
CAMELLIA-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:B22F3C36B72D31329EEE8ADDC2906C68:1
CAMELLIA-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:2EDF1F3418D53B88841FC8985FB1ECF2:1
# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt
CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:432FC5DCD628115B7C388D770B270C96
CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:0BE1F14023782A22E8384C5ABB7FAB2B
CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:A0A1ABCD1893AB6FE0FE5B65DF5F8636
CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:E61925E0D5DFAA9BB29F815B3076E51A
# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt
CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:CCCC6C4E138B45848514D48D0D3439D3
CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:5713C62C14B2EC0F8393B6AFD6F5785A
CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:B40ED2B60EB54D09D030CF511FEEF366
CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:909DBD95799096748CB27357E73E1D26
# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt
CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:BEFD219B112FA00098919CD101C9CCFA
CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:C91D3A8F1AEA08A9386CF4B66C0169EA
CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:A623D711DC5F25A51BB8A80D56397D28
CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:7960109FB6DC42947FCFE59EA3C5EB6B
# For all CBC encrypts and decrypts, the transformed sequence is
# CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt
CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:1607CF494B36BBF00DAEB0B503C831AB
CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:1607CF494B36BBF00DAEB0B503C831AB:AE2D8A571E03AC9C9EB76FAC45AF8E51:A2F2CF671629EF7840C5A5DFB5074887
CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:A2F2CF671629EF7840C5A5DFB5074887:30C81C46A35CE411E5FBC1191A0A52EF:0F06165008CF8B8B5A63586362543E54
CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:36A84CDAFD5F9A85ADA0F0A993D6D577:F69F2445DF4F9B17AD2B417BE66C3710:74C64268CDB8B8FAF5B34E8AF3732980
# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt
CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:2A4830AB5AC4A1A2405955FD2195CF93
CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2A4830AB5AC4A1A2405955FD2195CF93:AE2D8A571E03AC9C9EB76FAC45AF8E51:5D5A869BD14CE54264F892A6DD2EC3D5
CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:5D5A869BD14CE54264F892A6DD2EC3D5:30C81C46A35CE411E5FBC1191A0A52EF:37D359C3349836D884E310ADDF68C449
CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:37D359C3349836D884E310ADDF68C449:F69F2445DF4F9B17AD2B417BE66C3710:01FAAA930B4AB9916E9668E1428C6B08
# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt
CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:E6CFA35FC02B134A4D2C0B6737AC3EDA
CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E6CFA35FC02B134A4D2C0B6737AC3EDA:AE2D8A571E03AC9C9EB76FAC45AF8E51:36CBEB73BD504B4070B1B7DE2B21EB50
CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:36CBEB73BD504B4070B1B7DE2B21EB50:30C81C46A35CE411E5FBC1191A0A52EF:E31A6055297D96CA3330CDF1B1860A83
CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E31A6055297D96CA3330CDF1B1860A83:F69F2445DF4F9B17AD2B417BE66C3710:5D563F6D1CCCF236051C0C5C1C58F28F
# We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt
# For all CFB128 encrypts and decrypts, the transformed sequence is
# CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
# CFB128-CAMELLIA128.Encrypt
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:1
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:1
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:1
# CFB128-CAMELLIA128.Decrypt
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:0
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:0
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:0
# CFB128-CAMELLIA192.Encrypt
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:1
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:1
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:1
# CFB128-CAMELLIA192.Decrypt
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:0
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:0
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:0
# CFB128-CAMELLIA256.Encrypt
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:1
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:1
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:1
# CFB128-CAMELLIA256.Decrypt
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:0
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:0
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:0
# For all OFB encrypts and decrypts, the transformed sequence is
# CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec
# OFB-CAMELLIA128.Encrypt
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:1
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:1
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:1
# OFB-CAMELLIA128.Decrypt
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:0
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:0
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:0
# OFB-CAMELLIA192.Encrypt
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:1
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:1
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:1
# OFB-CAMELLIA192.Decrypt
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:0
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:0
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:0
# OFB-CAMELLIA256.Encrypt
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:1
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:1
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:1
# OFB-CAMELLIA256.Decrypt
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:0
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:0
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:0

View File

@ -62,12 +62,12 @@
* [including the GNU Public Licence.]
*/
#define NUM_NID 751
#define NUM_SN 747
#define NUM_LN 747
#define NUM_OBJ 709
#define NUM_NID 769
#define NUM_SN 765
#define NUM_LN 765
#define NUM_OBJ 721
static unsigned char lvalues[5002]={
static unsigned char lvalues[5107]={
0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
@ -777,6 +777,18 @@ static unsigned char lvalues[5002]={
0x55,0x1D,0x20,0x00, /* [4991] OBJ_any_policy */
0x55,0x1D,0x21, /* [4995] OBJ_policy_mappings */
0x55,0x1D,0x36, /* [4998] OBJ_inhibit_any_policy */
0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [5001] OBJ_camellia_128_cbc */
0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5012] OBJ_camellia_192_cbc */
0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5023] OBJ_camellia_256_cbc */
0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01, /* [5034] OBJ_camellia_128_ecb */
0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15, /* [5042] OBJ_camellia_192_ecb */
0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29, /* [5050] OBJ_camellia_256_ecb */
0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04, /* [5058] OBJ_camellia_128_cfb128 */
0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18, /* [5066] OBJ_camellia_192_cfb128 */
0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C, /* [5074] OBJ_camellia_256_cfb128 */
0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03, /* [5082] OBJ_camellia_128_ofb128 */
0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17, /* [5090] OBJ_camellia_192_ofb128 */
0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B, /* [5098] OBJ_camellia_256_ofb128 */
};
static ASN1_OBJECT nid_objs[NUM_NID]={
@ -1945,6 +1957,36 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
NID_inhibit_any_policy,3,&(lvalues[4998]),0},
{"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL,0},
{"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL,0},
{"CAMELLIA-128-CBC","camellia-128-cbc",NID_camellia_128_cbc,11,
&(lvalues[5001]),0},
{"CAMELLIA-192-CBC","camellia-192-cbc",NID_camellia_192_cbc,11,
&(lvalues[5012]),0},
{"CAMELLIA-256-CBC","camellia-256-cbc",NID_camellia_256_cbc,11,
&(lvalues[5023]),0},
{"CAMELLIA-128-ECB","camellia-128-ecb",NID_camellia_128_ecb,8,
&(lvalues[5034]),0},
{"CAMELLIA-192-ECB","camellia-192-ecb",NID_camellia_192_ecb,8,
&(lvalues[5042]),0},
{"CAMELLIA-256-ECB","camellia-256-ecb",NID_camellia_256_ecb,8,
&(lvalues[5050]),0},
{"CAMELLIA-128-CFB","camellia-128-cfb",NID_camellia_128_cfb128,8,
&(lvalues[5058]),0},
{"CAMELLIA-192-CFB","camellia-192-cfb",NID_camellia_192_cfb128,8,
&(lvalues[5066]),0},
{"CAMELLIA-256-CFB","camellia-256-cfb",NID_camellia_256_cfb128,8,
&(lvalues[5074]),0},
{"CAMELLIA-128-CFB1","camellia-128-cfb1",NID_camellia_128_cfb1,0,NULL,0},
{"CAMELLIA-192-CFB1","camellia-192-cfb1",NID_camellia_192_cfb1,0,NULL,0},
{"CAMELLIA-256-CFB1","camellia-256-cfb1",NID_camellia_256_cfb1,0,NULL,0},
{"CAMELLIA-128-CFB8","camellia-128-cfb8",NID_camellia_128_cfb8,0,NULL,0},
{"CAMELLIA-192-CFB8","camellia-192-cfb8",NID_camellia_192_cfb8,0,NULL,0},
{"CAMELLIA-256-CFB8","camellia-256-cfb8",NID_camellia_256_cfb8,0,NULL,0},
{"CAMELLIA-128-OFB","camellia-128-ofb",NID_camellia_128_ofb128,8,
&(lvalues[5082]),0},
{"CAMELLIA-192-OFB","camellia-192-ofb",NID_camellia_192_ofb128,8,
&(lvalues[5090]),0},
{"CAMELLIA-256-OFB","camellia-256-ofb",NID_camellia_256_ofb128,8,
&(lvalues[5098]),0},
};
static ASN1_OBJECT *sn_objs[NUM_SN]={
@ -1972,6 +2014,24 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[92]),/* "BF-ECB" */
&(nid_objs[94]),/* "BF-OFB" */
&(nid_objs[14]),/* "C" */
&(nid_objs[751]),/* "CAMELLIA-128-CBC" */
&(nid_objs[757]),/* "CAMELLIA-128-CFB" */
&(nid_objs[760]),/* "CAMELLIA-128-CFB1" */
&(nid_objs[763]),/* "CAMELLIA-128-CFB8" */
&(nid_objs[754]),/* "CAMELLIA-128-ECB" */
&(nid_objs[766]),/* "CAMELLIA-128-OFB" */
&(nid_objs[752]),/* "CAMELLIA-192-CBC" */
&(nid_objs[758]),/* "CAMELLIA-192-CFB" */
&(nid_objs[761]),/* "CAMELLIA-192-CFB1" */
&(nid_objs[764]),/* "CAMELLIA-192-CFB8" */
&(nid_objs[755]),/* "CAMELLIA-192-ECB" */
&(nid_objs[767]),/* "CAMELLIA-192-OFB" */
&(nid_objs[753]),/* "CAMELLIA-256-CBC" */
&(nid_objs[759]),/* "CAMELLIA-256-CFB" */
&(nid_objs[762]),/* "CAMELLIA-256-CFB1" */
&(nid_objs[765]),/* "CAMELLIA-256-CFB8" */
&(nid_objs[756]),/* "CAMELLIA-256-ECB" */
&(nid_objs[768]),/* "CAMELLIA-256-OFB" */
&(nid_objs[108]),/* "CAST5-CBC" */
&(nid_objs[110]),/* "CAST5-CFB" */
&(nid_objs[109]),/* "CAST5-ECB" */
@ -2863,6 +2923,24 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[701]),/* "c2tnb359v1" */
&(nid_objs[703]),/* "c2tnb431r1" */
&(nid_objs[483]),/* "cNAMERecord" */
&(nid_objs[751]),/* "camellia-128-cbc" */
&(nid_objs[757]),/* "camellia-128-cfb" */
&(nid_objs[760]),/* "camellia-128-cfb1" */
&(nid_objs[763]),/* "camellia-128-cfb8" */
&(nid_objs[754]),/* "camellia-128-ecb" */
&(nid_objs[766]),/* "camellia-128-ofb" */
&(nid_objs[752]),/* "camellia-192-cbc" */
&(nid_objs[758]),/* "camellia-192-cfb" */
&(nid_objs[761]),/* "camellia-192-cfb1" */
&(nid_objs[764]),/* "camellia-192-cfb8" */
&(nid_objs[755]),/* "camellia-192-ecb" */
&(nid_objs[767]),/* "camellia-192-ofb" */
&(nid_objs[753]),/* "camellia-256-cbc" */
&(nid_objs[759]),/* "camellia-256-cfb" */
&(nid_objs[762]),/* "camellia-256-cfb1" */
&(nid_objs[765]),/* "camellia-256-cfb8" */
&(nid_objs[756]),/* "camellia-256-ecb" */
&(nid_objs[768]),/* "camellia-256-ofb" */
&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */
&(nid_objs[108]),/* "cast5-cbc" */
&(nid_objs[110]),/* "cast5-cfb" */
@ -3755,6 +3833,15 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[507]),/* OBJ_id_hex_partial_message 1 3 6 1 7 1 1 1 */
&(nid_objs[508]),/* OBJ_id_hex_multipart_message 1 3 6 1 7 1 1 2 */
&(nid_objs[57]),/* OBJ_netscape 2 16 840 1 113730 */
&(nid_objs[754]),/* OBJ_camellia_128_ecb 0 3 4401 5 3 1 9 1 */
&(nid_objs[766]),/* OBJ_camellia_128_ofb128 0 3 4401 5 3 1 9 3 */
&(nid_objs[757]),/* OBJ_camellia_128_cfb128 0 3 4401 5 3 1 9 4 */
&(nid_objs[755]),/* OBJ_camellia_192_ecb 0 3 4401 5 3 1 9 21 */
&(nid_objs[767]),/* OBJ_camellia_192_ofb128 0 3 4401 5 3 1 9 23 */
&(nid_objs[758]),/* OBJ_camellia_192_cfb128 0 3 4401 5 3 1 9 24 */
&(nid_objs[756]),/* OBJ_camellia_256_ecb 0 3 4401 5 3 1 9 41 */
&(nid_objs[768]),/* OBJ_camellia_256_ofb128 0 3 4401 5 3 1 9 43 */
&(nid_objs[759]),/* OBJ_camellia_256_cfb128 0 3 4401 5 3 1 9 44 */
&(nid_objs[437]),/* OBJ_pilot 0 9 2342 19200300 100 */
&(nid_objs[186]),/* OBJ_pkcs1 1 2 840 113549 1 1 */
&(nid_objs[27]),/* OBJ_pkcs3 1 2 840 113549 1 3 */
@ -4089,6 +4176,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[138]),/* OBJ_ms_efs 1 3 6 1 4 1 311 10 3 4 */
&(nid_objs[648]),/* OBJ_ms_smartcard_login 1 3 6 1 4 1 311 20 2 2 */
&(nid_objs[649]),/* OBJ_ms_upn 1 3 6 1 4 1 311 20 2 3 */
&(nid_objs[751]),/* OBJ_camellia_128_cbc 1 2 392 200011 61 1 1 1 2 */
&(nid_objs[752]),/* OBJ_camellia_192_cbc 1 2 392 200011 61 1 1 1 3 */
&(nid_objs[753]),/* OBJ_camellia_256_cbc 1 2 392 200011 61 1 1 1 4 */
&(nid_objs[196]),/* OBJ_id_smime_mod_cms 1 2 840 113549 1 9 16 0 1 */
&(nid_objs[197]),/* OBJ_id_smime_mod_ess 1 2 840 113549 1 9 16 0 2 */
&(nid_objs[198]),/* OBJ_id_smime_mod_oid 1 2 840 113549 1 9 16 0 3 */

View File

@ -3303,3 +3303,91 @@
#define LN_ipsec4 "ipsec4"
#define NID_ipsec4 750
#define SN_camellia_128_cbc "CAMELLIA-128-CBC"
#define LN_camellia_128_cbc "camellia-128-cbc"
#define NID_camellia_128_cbc 751
#define OBJ_camellia_128_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,2L
#define SN_camellia_192_cbc "CAMELLIA-192-CBC"
#define LN_camellia_192_cbc "camellia-192-cbc"
#define NID_camellia_192_cbc 752
#define OBJ_camellia_192_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,3L
#define SN_camellia_256_cbc "CAMELLIA-256-CBC"
#define LN_camellia_256_cbc "camellia-256-cbc"
#define NID_camellia_256_cbc 753
#define OBJ_camellia_256_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,4L
#define OBJ_ntt_ds 0L,3L,4401L,5L
#define OBJ_camellia OBJ_ntt_ds,3L,1L,9L
#define SN_camellia_128_ecb "CAMELLIA-128-ECB"
#define LN_camellia_128_ecb "camellia-128-ecb"
#define NID_camellia_128_ecb 754
#define OBJ_camellia_128_ecb OBJ_camellia,1L
#define SN_camellia_128_ofb128 "CAMELLIA-128-OFB"
#define LN_camellia_128_ofb128 "camellia-128-ofb"
#define NID_camellia_128_ofb128 766
#define OBJ_camellia_128_ofb128 OBJ_camellia,3L
#define SN_camellia_128_cfb128 "CAMELLIA-128-CFB"
#define LN_camellia_128_cfb128 "camellia-128-cfb"
#define NID_camellia_128_cfb128 757
#define OBJ_camellia_128_cfb128 OBJ_camellia,4L
#define SN_camellia_192_ecb "CAMELLIA-192-ECB"
#define LN_camellia_192_ecb "camellia-192-ecb"
#define NID_camellia_192_ecb 755
#define OBJ_camellia_192_ecb OBJ_camellia,21L
#define SN_camellia_192_ofb128 "CAMELLIA-192-OFB"
#define LN_camellia_192_ofb128 "camellia-192-ofb"
#define NID_camellia_192_ofb128 767
#define OBJ_camellia_192_ofb128 OBJ_camellia,23L
#define SN_camellia_192_cfb128 "CAMELLIA-192-CFB"
#define LN_camellia_192_cfb128 "camellia-192-cfb"
#define NID_camellia_192_cfb128 758
#define OBJ_camellia_192_cfb128 OBJ_camellia,24L
#define SN_camellia_256_ecb "CAMELLIA-256-ECB"
#define LN_camellia_256_ecb "camellia-256-ecb"
#define NID_camellia_256_ecb 756
#define OBJ_camellia_256_ecb OBJ_camellia,41L
#define SN_camellia_256_ofb128 "CAMELLIA-256-OFB"
#define LN_camellia_256_ofb128 "camellia-256-ofb"
#define NID_camellia_256_ofb128 768
#define OBJ_camellia_256_ofb128 OBJ_camellia,43L
#define SN_camellia_256_cfb128 "CAMELLIA-256-CFB"
#define LN_camellia_256_cfb128 "camellia-256-cfb"
#define NID_camellia_256_cfb128 759
#define OBJ_camellia_256_cfb128 OBJ_camellia,44L
#define SN_camellia_128_cfb1 "CAMELLIA-128-CFB1"
#define LN_camellia_128_cfb1 "camellia-128-cfb1"
#define NID_camellia_128_cfb1 760
#define SN_camellia_192_cfb1 "CAMELLIA-192-CFB1"
#define LN_camellia_192_cfb1 "camellia-192-cfb1"
#define NID_camellia_192_cfb1 761
#define SN_camellia_256_cfb1 "CAMELLIA-256-CFB1"
#define LN_camellia_256_cfb1 "camellia-256-cfb1"
#define NID_camellia_256_cfb1 762
#define SN_camellia_128_cfb8 "CAMELLIA-128-CFB8"
#define LN_camellia_128_cfb8 "camellia-128-cfb8"
#define NID_camellia_128_cfb8 763
#define SN_camellia_192_cfb8 "CAMELLIA-192-CFB8"
#define LN_camellia_192_cfb8 "camellia-192-cfb8"
#define NID_camellia_192_cfb8 764
#define SN_camellia_256_cfb8 "CAMELLIA-256-CFB8"
#define LN_camellia_256_cfb8 "camellia-256-cfb8"
#define NID_camellia_256_cfb8 765

View File

@ -748,3 +748,21 @@ policy_mappings 747
inhibit_any_policy 748
ipsec3 749
ipsec4 750
camellia_128_cbc 751
camellia_192_cbc 752
camellia_256_cbc 753
camellia_128_ecb 754
camellia_192_ecb 755
camellia_256_ecb 756
camellia_128_cfb128 757
camellia_192_cfb128 758
camellia_256_cfb128 759
camellia_128_cfb1 760
camellia_192_cfb1 761
camellia_256_cfb1 762
camellia_128_cfb8 763
camellia_192_cfb8 764
camellia_256_cfb8 765
camellia_128_ofb128 766
camellia_192_ofb128 767
camellia_256_ofb128 768

View File

@ -1047,3 +1047,41 @@ rsadsi 1 1 6 : rsaOAEPEncryptionSET
: Oakley-EC2N-3 : ipsec3
: Oakley-EC2N-4 : ipsec4
# Definitions for Camellia cipher - CBC MODE
1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc
1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC : camellia-192-cbc
1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC : camellia-256-cbc
# Definitions for Camellia cipher - ECB, CFB, OFB MODE
!Alias ntt-ds 0 3 4401 5
!Alias camellia ntt-ds 3 1 9
camellia 1 : CAMELLIA-128-ECB : camellia-128-ecb
!Cname camellia-128-ofb128
camellia 3 : CAMELLIA-128-OFB : camellia-128-ofb
!Cname camellia-128-cfb128
camellia 4 : CAMELLIA-128-CFB : camellia-128-cfb
camellia 21 : CAMELLIA-192-ECB : camellia-192-ecb
!Cname camellia-192-ofb128
camellia 23 : CAMELLIA-192-OFB : camellia-192-ofb
!Cname camellia-192-cfb128
camellia 24 : CAMELLIA-192-CFB : camellia-192-cfb
camellia 41 : CAMELLIA-256-ECB : camellia-256-ecb
!Cname camellia-256-ofb128
camellia 43 : CAMELLIA-256-OFB : camellia-256-ofb
!Cname camellia-256-cfb128
camellia 44 : CAMELLIA-256-CFB : camellia-256-cfb
# There are no OIDs for these modes...
: CAMELLIA-128-CFB1 : camellia-128-cfb1
: CAMELLIA-192-CFB1 : camellia-192-cfb1
: CAMELLIA-256-CFB1 : camellia-256-cfb1
: CAMELLIA-128-CFB8 : camellia-128-cfb8
: CAMELLIA-192-CFB8 : camellia-192-cfb8
: CAMELLIA-256-CFB8 : camellia-256-cfb8

View File

@ -4,6 +4,9 @@
/* OpenSSL was configured with the following options: */
#ifndef OPENSSL_DOING_MAKEDEPEND
#ifndef OPENSSL_NO_CAMELLIA
# define OPENSSL_NO_CAMELLIA
#endif
#ifndef OPENSSL_NO_GMP
# define OPENSSL_NO_GMP
#endif
@ -27,6 +30,9 @@
who haven't had the time to do the appropriate changes in their
applications. */
#ifdef OPENSSL_ALGORITHM_DEFINES
# if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA)
# define NO_CAMELLIA
# endif
# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
# define NO_GMP
# endif

View File

@ -25,11 +25,11 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
#define OPENSSL_VERSION_NUMBER 0x0090802fL
#define OPENSSL_VERSION_NUMBER 0x0090804f
#ifdef OPENSSL_FIPS
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8b-fips 04 May 2006"
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8d-fips 28 Sep 2006"
#else
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8b 04 May 2006"
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8d 28 Sep 2006"
#endif
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT

View File

@ -69,7 +69,7 @@ int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
{
const EVP_MD *md_type;
HMAC_CTX hmac;
unsigned char key[PKCS12_MAC_KEY_LENGTH], *salt;
unsigned char key[EVP_MAX_MD_SIZE], *salt;
int saltlen, iter;
if (!PKCS7_type_is_data(p12->authsafes))
@ -88,12 +88,12 @@ int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
return 0;
}
if(!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
PKCS12_MAC_KEY_LENGTH, key, md_type)) {
EVP_MD_size(md_type), key, md_type)) {
PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_KEY_GEN_ERROR);
return 0;
}
HMAC_CTX_init(&hmac);
HMAC_Init_ex(&hmac, key, PKCS12_MAC_KEY_LENGTH, md_type, NULL);
HMAC_Init_ex(&hmac, key, EVP_MD_size(md_type), md_type, NULL);
HMAC_Update(&hmac, p12->authsafes->d.data->data,
p12->authsafes->d.data->length);
HMAC_Final(&hmac, mac, maclen);

View File

@ -127,9 +127,12 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
}
}
if(flags & PKCS7_DETACHED)PKCS7_set_detached(p7, 1);
if (flags & PKCS7_STREAM)
return p7;
if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
PKCS7_free(p7);
@ -138,7 +141,6 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
SMIME_crlf_copy(data, p7bio, flags);
if(flags & PKCS7_DETACHED)PKCS7_set_detached(p7, 1);
if (!PKCS7_dataFinal(p7,p7bio)) {
PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_DATASIGN);

View File

@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -116,7 +116,7 @@
#include <openssl/rand.h>
#include "rand_lcl.h"
#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))
#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))
#include <sys/types.h>
#include <sys/time.h>
@ -125,6 +125,13 @@
#include <fcntl.h>
#include <unistd.h>
#include <time.h>
#if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually everywhere */
# include <poll.h>
#endif
#include <limits.h>
#ifndef FD_SETSIZE
# define FD_SETSIZE (8*sizeof(fd_set))
#endif
#ifdef __OpenBSD__
int RAND_poll(void)
@ -143,7 +150,7 @@ int RAND_poll(void)
return 1;
}
#else
#else /* !defined(__OpenBSD__) */
int RAND_poll(void)
{
unsigned long l;
@ -184,11 +191,9 @@ int RAND_poll(void)
#endif
)) >= 0)
{
struct timeval t = { 0, 10*1000 }; /* Spend 10ms on
each file. */
int usec = 10*1000; /* spend 10ms on each file */
int r;
size_t j;
fd_set fset;
struct stat *st=&randomstats[i];
/* Avoid using same input... Used to be O_NOFOLLOW
@ -204,35 +209,75 @@ int RAND_poll(void)
do
{
FD_ZERO(&fset);
FD_SET(fd, &fset);
r = -1;
int try_read = 0;
if (select(fd+1,&fset,NULL,NULL,&t) < 0)
t.tv_usec=0;
else if (FD_ISSET(fd, &fset))
#if defined(OPENSSL_SYS_LINUX)
/* use poll() */
struct pollfd pset;
pset.fd = fd;
pset.events = POLLIN;
pset.revents = 0;
if (poll(&pset, 1, usec / 1000) < 0)
usec = 0;
else
try_read = (pset.revents & POLLIN) != 0;
#else
/* use select() */
fd_set fset;
struct timeval t;
t.tv_sec = 0;
t.tv_usec = usec;
if (FD_SETSIZE > 0 && fd >= FD_SETSIZE)
{
r=read(fd,(unsigned char *)tmpbuf+n,
ENTROPY_NEEDED-n);
/* can't use select, so just try to read once anyway */
try_read = 1;
}
else
{
FD_ZERO(&fset);
FD_SET(fd, &fset);
if (select(fd+1,&fset,NULL,NULL,&t) >= 0)
{
usec = t.tv_usec;
if (FD_ISSET(fd, &fset))
try_read = 1;
}
else
usec = 0;
}
#endif
if (try_read)
{
r = read(fd,(unsigned char *)tmpbuf+n, ENTROPY_NEEDED-n);
if (r > 0)
n += r;
}
/* Some Unixen will update t, some
won't. For those who won't, give
up here, otherwise, we will do
else
r = -1;
/* Some Unixen will update t in select(), some
won't. For those who won't, or if we
didn't use select() in the first place,
give up here, otherwise, we will do
this once again for the remaining
time. */
if (t.tv_usec == 10*1000)
t.tv_usec=0;
if (usec == 10*1000)
usec = 0;
}
while ((r > 0 || (errno == EINTR || errno == EAGAIN))
&& t.tv_usec != 0 && n < ENTROPY_NEEDED);
while ((r > 0 ||
(errno == EINTR || errno == EAGAIN)) && usec != 0 && n < ENTROPY_NEEDED);
close(fd);
}
}
#endif
#endif /* defined(DEVRANDOM) */
#ifdef DEVRANDOM_EGD
/* Use an EGD socket to read entropy from an EGD or PRNGD entropy
@ -247,7 +292,7 @@ int RAND_poll(void)
if (r > 0)
n += r;
}
#endif
#endif /* defined(DEVRANDOM_EGD) */
#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
if (n > 0)
@ -273,12 +318,13 @@ int RAND_poll(void)
#endif
}
#endif
#endif
#endif /* defined(__OpenBSD__) */
#endif /* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */
#if defined(OPENSSL_SYS_VXWORKS)
int RAND_poll(void)
{
return 0;
}
{
return 0;
}
#endif

View File

@ -159,6 +159,17 @@ struct rsa_st
BN_BLINDING *mt_blinding;
};
#ifndef OPENSSL_RSA_MAX_MODULUS_BITS
# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
#endif
#ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
#endif
#ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
# define OPENSSL_RSA_MAX_PUBEXP_BITS 64 /* exponent limit enforced for "large" modulus only */
#endif
#define RSA_3 0x3L
#define RSA_F4 0x10001L
@ -407,6 +418,7 @@ void ERR_load_RSA_strings(void);
#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
#define RSA_R_KEY_SIZE_TOO_SMALL 120
#define RSA_R_LAST_OCTET_INVALID 134
#define RSA_R_MODULUS_TOO_LARGE 105
#define RSA_R_NO_PUBLIC_EXPONENT 140
#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127

View File

@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -168,6 +168,28 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
return -1;
}
if (BN_ucmp(rsa->n, rsa->e) <= 0)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
return -1;
}
/* for large moduli, enforce exponent limit */
if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS)
{
if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
return -1;
}
}
if ((ctx=BN_CTX_new()) == NULL) goto err;
BN_CTX_start(ctx);
f = BN_CTX_get(ctx);
@ -238,40 +260,63 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
return(r);
}
static BN_BLINDING *rsa_get_blinding(RSA *rsa, BIGNUM **r, int *local, BN_CTX *ctx)
static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx)
{
BN_BLINDING *ret;
int got_write_lock = 0;
CRYPTO_r_lock(CRYPTO_LOCK_RSA);
if (rsa->blinding == NULL)
{
CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
CRYPTO_w_lock(CRYPTO_LOCK_RSA);
got_write_lock = 1;
if (rsa->blinding == NULL)
{
CRYPTO_w_lock(CRYPTO_LOCK_RSA);
if (rsa->blinding == NULL)
rsa->blinding = RSA_setup_blinding(rsa, ctx);
CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
}
rsa->blinding = RSA_setup_blinding(rsa, ctx);
}
ret = rsa->blinding;
if (ret == NULL)
return NULL;
goto err;
if (BN_BLINDING_get_thread_id(ret) != CRYPTO_thread_id())
if (BN_BLINDING_get_thread_id(ret) == CRYPTO_thread_id())
{
*local = 0;
/* rsa->blinding is ours! */
*local = 1;
}
else
{
/* resort to rsa->mt_blinding instead */
*local = 0; /* instructs rsa_blinding_convert(), rsa_blinding_invert()
* that the BN_BLINDING is shared, meaning that accesses
* require locks, and that the blinding factor must be
* stored outside the BN_BLINDING
*/
if (rsa->mt_blinding == NULL)
{
CRYPTO_w_lock(CRYPTO_LOCK_RSA);
if (!got_write_lock)
{
CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
CRYPTO_w_lock(CRYPTO_LOCK_RSA);
got_write_lock = 1;
}
if (rsa->mt_blinding == NULL)
rsa->mt_blinding = RSA_setup_blinding(rsa, ctx);
CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
}
ret = rsa->mt_blinding;
}
else
*local = 1;
err:
if (got_write_lock)
CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
else
CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
return ret;
}
@ -358,7 +403,7 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
if (!(rsa->flags & RSA_FLAG_NO_BLINDING))
{
blinding = rsa_get_blinding(rsa, &br, &local_blinding, ctx);
blinding = rsa_get_blinding(rsa, &local_blinding, ctx);
if (blinding == NULL)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR);
@ -479,7 +524,7 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
if (!(rsa->flags & RSA_FLAG_NO_BLINDING))
{
blinding = rsa_get_blinding(rsa, &br, &local_blinding, ctx);
blinding = rsa_get_blinding(rsa, &local_blinding, ctx);
if (blinding == NULL)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR);
@ -574,6 +619,28 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE);
return -1;
}
if (BN_ucmp(rsa->n, rsa->e) <= 0)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
return -1;
}
/* for large moduli, enforce exponent limit */
if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS)
{
if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
return -1;
}
}
if((ctx = BN_CTX_new()) == NULL) goto err;
BN_CTX_start(ctx);
f = BN_CTX_get(ctx);

View File

@ -137,6 +137,7 @@ static ERR_STRING_DATA RSA_str_reasons[]=
{ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"},
{ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"},
{ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"},
{ERR_REASON(RSA_R_MODULUS_TOO_LARGE) ,"modulus too large"},
{ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"},
{ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"},
{ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"},

View File

@ -185,6 +185,23 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
sig=d2i_X509_SIG(NULL,&p,(long)i);
if (sig == NULL) goto err;
/* Excess data can be used to create forgeries */
if(p != s+i)
{
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
goto err;
}
/* Parameters to the signature algorithm can also be used to
create forgeries */
if(sig->algor->parameter
&& ASN1_TYPE_get(sig->algor->parameter) != V_ASN1_NULL)
{
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
goto err;
}
sigtype=OBJ_obj2nid(sig->algor->algorithm);

View File

@ -125,11 +125,11 @@ the cipher suites not enabled by B<ALL>, currently being B<eNULL>.
=item B<HIGH>
"high" encryption cipher suites. This currently means those with key lengths larger
than 128 bits.
than 128 bits, and some cipher suites with 128-bit keys.
=item B<MEDIUM>
"medium" encryption cipher suites, currently those using 128 bit encryption.
"medium" encryption cipher suites, currently some of those using 128 bit encryption.
=item B<LOW>
@ -235,6 +235,10 @@ cipher suites using MD5.
cipher suites using SHA1.
=item B<Camellia>
cipher suites using Camellia.
=back
=head1 CIPHER SUITE NAMES
@ -330,6 +334,24 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
TLS_DH_anon_WITH_AES_128_CBC_SHA ADH-AES128-SHA
TLS_DH_anon_WITH_AES_256_CBC_SHA ADH-AES256-SHA
=head2 Camellia ciphersuites from RFC4132, extending TLS v1.0
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA CAMELLIA128-SHA
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA CAMELLIA256-SHA
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA Not implemented.
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA Not implemented.
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA Not implemented.
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA Not implemented.
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA DHE-DSS-CAMELLIA128-SHA
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA DHE-DSS-CAMELLIA256-SHA
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA DHE-RSA-CAMELLIA128-SHA
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA DHE-RSA-CAMELLIA256-SHA
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA ADH-CAMELLIA128-SHA
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA ADH-CAMELLIA256-SHA
=head2 Additional Export 1024 and other cipher suites
Note: these ciphers can also be used in SSL v3.

View File

@ -20,6 +20,9 @@ B<openssl> B<smime>
[B<-aes128>]
[B<-aes192>]
[B<-aes256>]
[B<-camellia128>]
[B<-camellia192>]
[B<-camellia256>]
[B<-in file>]
[B<-certfile file>]
[B<-signer file>]
@ -129,10 +132,10 @@ B<-verify>. This directory must be a standard certificate directory: that
is a hash of each subject name (using B<x509 -hash>) should be linked
to each certificate.
=item B<-des -des3 -rc2-40 -rc2-64 -rc2-128 -aes128 -aes192 -aes256>
=item B<-des -des3 -rc2-40 -rc2-64 -rc2-128 -aes128 -aes192 -aes256 -camellia128 -camellia192 -camellia256>
the encryption algorithm to use. DES (56 bits), triple DES (168 bits),
40, 64 or 128 bit RC2 or 128, 192 or 256 bit AES respectively. If not
40, 64 or 128 bit RC2, 128, 192 or 256 bit AES, or 128, 192 or 256 bit Camellia respectively. If not
specified 40 bit RC2 is used. Only used with B<-encrypt>.
=item B<-nointern>
@ -354,6 +357,10 @@ alternatively you can base64 decode the signature and use
openssl smime -verify -inform DER -in signature.der -content content.txt
Create an encrypted message using 128 bit Camellia:
openssl smime -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem
=head1 BUGS
The MIME parser isn't very clever: it seems to handle most messages that I've thrown

View File

@ -88,10 +88,17 @@ PKCS#12: Personal Information Exchange Syntax Standard, version 1.0.
(Format: TXT=143173 bytes) (Obsoletes RFC2437) (Status:
INFORMATIONAL)
3713 A Description of the Camellia Encryption Algorithm. M. Matsui,
J. Nakajima, S. Moriai. April 2004. (Format: TXT=25031 bytes)
(Status: INFORMATIONAL)
3820 Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate
Profile. S. Tuecke, V. Welch, D. Engert, L. Pearlman, M. Thompson.
June 2004. (Format: TXT=86374 bytes) (Status: PROPOSED STANDARD)
4132 Addition of Camellia Cipher Suites to Transport Layer Security
(TLS). S. Moriai, A. Kato, M. Kanda. July 2005. (Format: TXT=13590
bytes) (Status: PROPOSED STANDARD)
Related:
--------
@ -250,7 +257,11 @@ STARTTLS documents.
Protocol. A. Jungmaier, E. Rescorla, M. Tuexen. December 2002.
(Format: TXT=16333 bytes) (Status: PROPOSED STANDARD)
"Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt>
3657 Use of the Camellia Encryption Algorithm in Cryptographic
Message Syntax (CMS). S. Moriai, A. Kato. January 2004.
(Format: TXT=26282 bytes) (Status: PROPOSED STANDARD)
"Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt>
To be implemented:

View File

@ -1,7 +1,7 @@
%define libmaj 0
%define libmin 9
%define librel 8
%define librev b
%define librev d
Release: 1
%define openssldir /var/ssl

View File

@ -796,8 +796,14 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
dest = s->d1->alert_fragment;
dest_len = &s->d1->alert_fragment_len;
}
else /* else it's a CCS message */
OPENSSL_assert(rr->type == SSL3_RT_CHANGE_CIPHER_SPEC);
/* else it's a CCS message, or it's wrong */
else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC)
{
/* Not certain if this is the right error handling */
al=SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
goto f_err;
}
if (dest_maxlen > 0)

View File

@ -520,7 +520,8 @@ static int get_server_hello(SSL *s)
CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
}
if (s->session->peer != s->session->sess_cert->peer_key->x509)
if (s->session->sess_cert == NULL
|| s->session->peer != s->session->sess_cert->peer_key->x509)
/* can't happen */
{
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);

View File

@ -178,7 +178,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
SSL_ALL_STRENGTHS,
},
/* RC4_64_WITH_MD5 */
#if 1
#if 0
{
1,
SSL2_TXT_RC4_64_WITH_MD5,

View File

@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -902,8 +902,92 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
#ifndef OPENSSL_NO_CAMELLIA
/* Camellia ciphersuites from RFC4132 (128-bit portion) */
/* Cipher 41 */
{
1,
TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
SSL_kRSA|SSL_aRSA|SSL_CAMELLIA|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS
},
/* Cipher 42 */
{
0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
SSL_kDHd|SSL_aDH|SSL_CAMELLIA|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS
},
/* Cipher 43 */
{
0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
SSL_kDHr|SSL_aDH|SSL_CAMELLIA|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS
},
/* Cipher 44 */
{
1,
TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
SSL_kEDH|SSL_aDSS|SSL_CAMELLIA|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS
},
/* Cipher 45 */
{
1,
TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
SSL_kEDH|SSL_aRSA|SSL_CAMELLIA|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS
},
/* Cipher 46 */
{
1,
TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
SSL_kEDH|SSL_aNULL|SSL_CAMELLIA|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS
},
#endif /* OPENSSL_NO_CAMELLIA */
#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
/* New TLS Export CipherSuites */
/* New TLS Export CipherSuites from expired ID */
#if 0
/* Cipher 60 */
{
1,
@ -930,6 +1014,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
#endif
/* Cipher 62 */
{
1,
@ -996,6 +1081,90 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS
},
#endif
#ifndef OPENSSL_NO_CAMELLIA
/* Camellia ciphersuites from RFC4132 (256-bit portion) */
/* Cipher 84 */
{
1,
TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
SSL_kRSA|SSL_aRSA|SSL_CAMELLIA|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
256,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS
},
/* Cipher 85 */
{
0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
SSL_kDHd|SSL_aDH|SSL_CAMELLIA|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
256,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS
},
/* Cipher 86 */
{
0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
SSL_kDHr|SSL_aDH|SSL_CAMELLIA|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
256,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS
},
/* Cipher 87 */
{
1,
TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
SSL_kEDH|SSL_aDSS|SSL_CAMELLIA|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
256,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS
},
/* Cipher 88 */
{
1,
TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
SSL_kEDH|SSL_aRSA|SSL_CAMELLIA|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
256,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS
},
/* Cipher 89 */
{
1,
TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
SSL_kEDH|SSL_aNULL|SSL_CAMELLIA|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
256,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS
},
#endif /* OPENSSL_NO_CAMELLIA */
#ifndef OPENSSL_NO_ECDH
/* Cipher C001 */
{
@ -1348,6 +1517,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
},
#endif /* OPENSSL_NO_ECDH */
/* end of list */
};

View File

@ -2003,7 +2003,7 @@ int ssl3_get_client_key_exchange(SSL *s)
if (kssl_ctx->client_princ)
{
int len = strlen(kssl_ctx->client_princ);
size_t len = strlen(kssl_ctx->client_princ);
if ( len < SSL_MAX_KRB5_PRINCIPAL_LENGTH )
{
s->session->krb5_client_princ_len = len;

View File

@ -109,7 +109,7 @@
*
*/
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -282,6 +282,7 @@ extern "C" {
#define SSL_TXT_RC2 "RC2"
#define SSL_TXT_IDEA "IDEA"
#define SSL_TXT_AES "AES"
#define SSL_TXT_CAMELLIA "CAMELLIA"
#define SSL_TXT_MD5 "MD5"
#define SSL_TXT_SHA1 "SHA1"
#define SSL_TXT_SHA "SHA"
@ -315,7 +316,11 @@ extern "C" {
/* The following cipher list is used by default.
* It also is substituted when an application-defined cipher list string
* starts with 'DEFAULT'. */
#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
#ifdef OPENSSL_NO_CAMELLIA
# define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
#else
# define SSL_DEFAULT_CIPHER_LIST "AES:CAMELLIA:-ECCdraft:ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
#endif
/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
#define SSL_SENT_SHUTDOWN 1

View File

@ -82,6 +82,15 @@ int SSL_library_init(void)
EVP_add_cipher(EVP_aes_192_cbc());
EVP_add_cipher(EVP_aes_256_cbc());
#endif
/* The Camellia algorithm is registered in the management table of EVP. */
#ifndef OPENSSL_NO_CAMELLIA
EVP_add_cipher(EVP_camellia_128_cbc());
EVP_add_cipher(EVP_camellia_256_cbc());
#endif
#ifndef OPENSSL_NO_MD2
EVP_add_digest(EVP_md2());
#endif

View File

@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -73,12 +73,12 @@
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
@ -87,7 +87,7 @@
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
@ -102,6 +102,11 @@
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
@ -130,21 +135,28 @@
int SSL_get_ex_data_X509_STORE_CTX_idx(void)
{
static volatile int ssl_x509_store_ctx_idx= -1;
int got_write_lock = 0;
CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
if (ssl_x509_store_ctx_idx < 0)
{
/* any write lock will do; usually this branch
* will only be taken once anyway */
CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
got_write_lock = 1;
if (ssl_x509_store_ctx_idx < 0)
{
ssl_x509_store_ctx_idx=X509_STORE_CTX_get_ex_new_index(
0,"SSL for verify callback",NULL,NULL,NULL);
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
}
if (got_write_lock)
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
else
CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
return ssl_x509_store_ctx_idx;
}

View File

@ -55,6 +55,59 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
* ECC cipher suite support in OpenSSL originally developed by
@ -75,6 +128,11 @@
#define SSL_ENC_AES128_IDX 7
#define SSL_ENC_AES256_IDX 8
#define SSL_ENC_NUM_IDX 9
#define SSL_ENC_CAMELLIA128_IDX 9
#define SSL_ENC_CAMELLIA256_IDX 10
#undef SSL_ENC_NUM_IDX
#define SSL_ENC_NUM_IDX 11
static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
NULL,NULL,NULL,NULL,NULL,NULL,
@ -141,6 +199,7 @@ static const SSL_CIPHER cipher_aliases[]={
{0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_AES, 0,SSL_AES, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_CAMELLIA, 0,SSL_CAMELLIA, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0},
{0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0},
@ -185,6 +244,10 @@ void ssl_load_ciphers(void)
EVP_get_cipherbyname(SN_aes_128_cbc);
ssl_cipher_methods[SSL_ENC_AES256_IDX]=
EVP_get_cipherbyname(SN_aes_256_cbc);
ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX]=
EVP_get_cipherbyname(SN_camellia_128_cbc);
ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX]=
EVP_get_cipherbyname(SN_camellia_256_cbc);
ssl_digest_methods[SSL_MD_MD5_IDX]=
EVP_get_digestbyname(SN_md5);
@ -203,36 +266,46 @@ static int sk_comp_cmp(const SSL_COMP * const *a,
static void load_builtin_compressions(void)
{
if (ssl_comp_methods != NULL)
return;
int got_write_lock = 0;
CRYPTO_w_lock(CRYPTO_LOCK_SSL);
CRYPTO_r_lock(CRYPTO_LOCK_SSL);
if (ssl_comp_methods == NULL)
{
SSL_COMP *comp = NULL;
MemCheck_off();
ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
if (ssl_comp_methods != NULL)
CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
CRYPTO_w_lock(CRYPTO_LOCK_SSL);
got_write_lock = 1;
if (ssl_comp_methods == NULL)
{
comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
if (comp != NULL)
SSL_COMP *comp = NULL;
MemCheck_off();
ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
if (ssl_comp_methods != NULL)
{
comp->method=COMP_zlib();
if (comp->method
&& comp->method->type == NID_undef)
OPENSSL_free(comp);
else
comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
if (comp != NULL)
{
comp->id=SSL_COMP_ZLIB_IDX;
comp->name=comp->method->name;
sk_SSL_COMP_push(ssl_comp_methods,comp);
comp->method=COMP_zlib();
if (comp->method
&& comp->method->type == NID_undef)
OPENSSL_free(comp);
else
{
comp->id=SSL_COMP_ZLIB_IDX;
comp->name=comp->method->name;
sk_SSL_COMP_push(ssl_comp_methods,comp);
}
}
}
MemCheck_on();
}
MemCheck_on();
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
if (got_write_lock)
CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
else
CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
}
#endif
@ -293,6 +366,15 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
default: i=-1; break;
}
break;
case SSL_CAMELLIA:
switch(c->alg_bits)
{
case 128: i=SSL_ENC_CAMELLIA128_IDX; break;
case 256: i=SSL_ENC_CAMELLIA256_IDX; break;
default: i=-1; break;
}
break;
default:
i= -1;
break;
@ -381,6 +463,7 @@ static unsigned long ssl_cipher_get_disabled(void)
mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0;
mask |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES:0;
mask |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA:0;
mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
@ -482,7 +565,7 @@ static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list,
*ca_curr = NULL; /* end of list */
}
static void ssl_cipher_apply_rule(unsigned long cipher_id,
static void ssl_cipher_apply_rule(unsigned long cipher_id, unsigned long ssl_version,
unsigned long algorithms, unsigned long mask,
unsigned long algo_strength, unsigned long mask_strength,
int rule, int strength_bits, CIPHER_ORDER *co_list,
@ -509,9 +592,10 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id,
cp = curr->cipher;
/* If explicit cipher suite match that one only */
/* If explicit cipher suite, match only that one for its own protocol version.
* Usual selection criteria will be used for similar ciphersuites from other version! */
if (cipher_id)
if (cipher_id && (cp->algorithms & SSL_SSL_MASK) == ssl_version)
{
if (cp->id != cipher_id)
continue;
@ -552,8 +636,22 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id,
{
if (!curr->active)
{
ll_append_tail(&head, curr, &tail);
curr->active = 1;
int add_this_cipher = 1;
if (((cp->algorithms & (SSL_kECDHE|SSL_kECDH|SSL_aECDSA)) != 0))
{
/* Make sure "ECCdraft" ciphersuites are activated only if
* *explicitly* requested, but not implicitly (such as
* as part of the "AES" alias). */
add_this_cipher = (mask & (SSL_kECDHE|SSL_kECDH|SSL_aECDSA)) != 0 || cipher_id != 0;
}
if (add_this_cipher)
{
ll_append_tail(&head, curr, &tail);
curr->active = 1;
}
}
}
/* Move the added cipher to this location */
@ -634,7 +732,7 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER *co_list,
*/
for (i = max_strength_bits; i >= 0; i--)
if (number_uses[i] > 0)
ssl_cipher_apply_rule(0, 0, 0, 0, 0, CIPHER_ORD, i,
ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, CIPHER_ORD, i,
co_list, head_p, tail_p);
OPENSSL_free(number_uses);
@ -648,7 +746,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
unsigned long algorithms, mask, algo_strength, mask_strength;
const char *l, *start, *buf;
int j, multi, found, rule, retval, ok, buflen;
unsigned long cipher_id;
unsigned long cipher_id = 0, ssl_version = 0;
char ch;
retval = 1;
@ -739,6 +837,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
*/
j = found = 0;
cipher_id = 0;
ssl_version = 0;
while (ca_list[j])
{
if (!strncmp(buf, ca_list[j]->name, buflen) &&
@ -753,12 +852,6 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
if (!found)
break; /* ignore this entry */
if (ca_list[j]->valid)
{
cipher_id = ca_list[j]->id;
break;
}
/* New algorithms:
* 1 - any old restrictions apply outside new mask
* 2 - any new restrictions apply outside old mask
@ -773,6 +866,14 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
(algo_strength & ca_list[j]->algo_strength);
mask_strength |= ca_list[j]->mask_strength;
/* explicit ciphersuite found */
if (ca_list[j]->valid)
{
cipher_id = ca_list[j]->id;
ssl_version = ca_list[j]->algorithms & SSL_SSL_MASK;
break;
}
if (!multi) break;
}
@ -802,7 +903,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
}
else if (found)
{
ssl_cipher_apply_rule(cipher_id, algorithms, mask,
ssl_cipher_apply_rule(cipher_id, ssl_version, algorithms, mask,
algo_strength, mask_strength, rule, -1,
co_list, head_p, tail_p);
}
@ -1067,6 +1168,15 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
default: enc="AES(?""?""?)"; break;
}
break;
case SSL_CAMELLIA:
switch(cipher->strength_bits)
{
case 128: enc="Camellia(128)"; break;
case 256: enc="Camellia(256)"; break;
default: enc="Camellia(?""?""?)"; break;
}
break;
default:
enc="unknown";
break;

View File

@ -1219,7 +1219,7 @@ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
c=sk_SSL_CIPHER_value(sk,i);
for (cp=c->name; *cp; )
{
if (len-- == 0)
if (len-- <= 0)
{
*p='\0';
return(buf);

View File

@ -278,7 +278,7 @@
#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA)
#define SSL_KRB5 (SSL_kKRB5|SSL_aKRB5)
#define SSL_ENC_MASK 0x043F8000L
#define SSL_ENC_MASK 0x0C3F8000L
#define SSL_DES 0x00008000L
#define SSL_3DES 0x00010000L
#define SSL_RC4 0x00020000L
@ -287,6 +287,7 @@
#define SSL_eFZA 0x00100000L
#define SSL_eNULL 0x00200000L
#define SSL_AES 0x04000000L
#define SSL_CAMELLIA 0x08000000L
#define SSL_MAC_MASK 0x00c00000L
#define SSL_MD5 0x00400000L
@ -298,7 +299,7 @@
#define SSL_SSLV3 0x02000000L
#define SSL_TLSV1 SSL_SSLV3 /* for now */
/* we have used 07ffffff - 5 bits left to go. */
/* we have used 0fffffff - 4 bits left to go. */
/*
* Export and cipher strength information. For each cipher we have to decide

View File

@ -628,7 +628,15 @@ int tls1_enc(SSL *s, int send)
{
ii=i=rec->data[l-1]; /* padding_length */
i++;
if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
/* NB: if compression is in operation the first packet
* may not be of even length so the padding bug check
* cannot be performed. This bug workaround has been
* around since SSLeay so hopefully it is either fixed
* now or no buggy implementation supports compression
* [steve]
*/
if ( (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
&& !s->expand)
{
/* First packet is even in size, so check */
if ((memcmp(s->s3->read_sequence,

View File

@ -78,7 +78,7 @@
extern "C" {
#endif
#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1
#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0
#define TLS1_VERSION 0x0301
#define TLS1_VERSION_MAJOR 0x03
@ -125,6 +125,21 @@ extern "C" {
#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
#define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
/* Camellia ciphersuites from RFC4132 */
#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041
#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042
#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000043
#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000044
#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045
#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046
#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084
#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085
#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086
#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000087
#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088
#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089
/* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in draft 13 */
#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
@ -217,6 +232,22 @@ extern "C" {
#define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA"
#define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA"
/* Camellia ciphersuites form RFC4132 */
#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA "DH-RSA-CAMELLIA128-SHA"
#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA "DHE-DSS-CAMELLIA128-SHA"
#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA "DHE-RSA-CAMELLIA128-SHA"
#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA "ADH-CAMELLIA128-SHA"
#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA "CAMELLIA256-SHA"
#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA "DH-DSS-CAMELLIA256-SHA"
#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA "DH-RSA-CAMELLIA256-SHA"
#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA "DHE-DSS-CAMELLIA256-SHA"
#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
#define TLS_CT_RSA_SIGN 1
#define TLS_CT_DSS_SIGN 2
#define TLS_CT_RSA_FIXED_DH 3

View File

@ -58,6 +58,7 @@ SSLTEST= ssltest
RSATEST= rsa_test
ENGINETEST= enginetest
EVPTEST= evp_test
IGETEST= igetest
TESTS= alltests
@ -68,7 +69,7 @@ EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)
$(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \
$(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \
$(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \
$(EVPTEST)$(EXE_EXT)
$(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT)
# $(METHTEST)$(EXE_EXT)
@ -80,7 +81,7 @@ OBJ= $(BNTEST).o $(ECTEST).o $(ECDSATEST).o $(ECDHTEST).o $(IDEATEST).o \
$(MDC2TEST).o $(RMDTEST).o \
$(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
$(BFTEST).o $(SSLTEST).o $(DSATEST).o $(EXPTEST).o $(RSATEST).o \
$(EVPTEST).o
$(EVPTEST).o $(IGETEST).o
SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
$(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \
$(HMACTEST).c \
@ -88,7 +89,7 @@ SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
$(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
$(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
$(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \
$(EVPTEST).c
$(EVPTEST).c $(IGETEST).c
EXHEADER=
HEADER= $(EXHEADER)
@ -130,7 +131,7 @@ alltests: \
test_rand test_bn test_ec test_ecdsa test_ecdh \
test_enc test_x509 test_rsa test_crl test_sid \
test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
test_ss test_ca test_engine test_evp test_ssl
test_ss test_ca test_engine test_evp test_ssl test_ige
test_evp:
../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
@ -282,6 +283,10 @@ test_aes: #$(AESTEST)
# @echo "test Rijndael"
# ../util/shlib_wrap.sh ./$(AESTEST)
test_ige: $(IGETEST)$(EXE_EXT)
@echo "Test IGE mode"
../util/shlib_wrap.sh ./$(IGETEST)
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
@ -408,6 +413,9 @@ $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
$(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
@target=$(ECDHTEST); $(BUILD_CMD)
$(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
@target=$(IGETEST); $(BUILD_CMD)
#$(AESTEST).o: $(AESTEST).c
# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c

View File

@ -181,3 +181,132 @@ RC4:00000000000000000000000000000000::0000000000000000:de188941a3375d3a
RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858
RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf
RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61
# Camellia tests from RFC3713
# For all ECB encrypts and decrypts, the transformed sequence is
# CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec
CAMELLIA-128-ECB:0123456789abcdeffedcba9876543210::0123456789abcdeffedcba9876543210:67673138549669730857065648eabe43
CAMELLIA-192-ECB:0123456789abcdeffedcba98765432100011223344556677::0123456789abcdeffedcba9876543210:b4993401b3e996f84ee5cee7d79b09b9
CAMELLIA-256-ECB:0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff::0123456789abcdeffedcba9876543210:9acc237dff16d76c20ef7c919e3a7509
# ECB-CAMELLIA128.Encrypt
CAMELLIA-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:77CF412067AF8270613529149919546F:1
CAMELLIA-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:B22F3C36B72D31329EEE8ADDC2906C68:1
CAMELLIA-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:2EDF1F3418D53B88841FC8985FB1ECF2:1
# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt
CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:432FC5DCD628115B7C388D770B270C96
CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:0BE1F14023782A22E8384C5ABB7FAB2B
CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:A0A1ABCD1893AB6FE0FE5B65DF5F8636
CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:E61925E0D5DFAA9BB29F815B3076E51A
# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt
CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:CCCC6C4E138B45848514D48D0D3439D3
CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:5713C62C14B2EC0F8393B6AFD6F5785A
CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:B40ED2B60EB54D09D030CF511FEEF366
CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:909DBD95799096748CB27357E73E1D26
# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt
CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:BEFD219B112FA00098919CD101C9CCFA
CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:C91D3A8F1AEA08A9386CF4B66C0169EA
CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:A623D711DC5F25A51BB8A80D56397D28
CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:7960109FB6DC42947FCFE59EA3C5EB6B
# For all CBC encrypts and decrypts, the transformed sequence is
# CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt
CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:1607CF494B36BBF00DAEB0B503C831AB
CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:1607CF494B36BBF00DAEB0B503C831AB:AE2D8A571E03AC9C9EB76FAC45AF8E51:A2F2CF671629EF7840C5A5DFB5074887
CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:A2F2CF671629EF7840C5A5DFB5074887:30C81C46A35CE411E5FBC1191A0A52EF:0F06165008CF8B8B5A63586362543E54
CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:36A84CDAFD5F9A85ADA0F0A993D6D577:F69F2445DF4F9B17AD2B417BE66C3710:74C64268CDB8B8FAF5B34E8AF3732980
# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt
CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:2A4830AB5AC4A1A2405955FD2195CF93
CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2A4830AB5AC4A1A2405955FD2195CF93:AE2D8A571E03AC9C9EB76FAC45AF8E51:5D5A869BD14CE54264F892A6DD2EC3D5
CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:5D5A869BD14CE54264F892A6DD2EC3D5:30C81C46A35CE411E5FBC1191A0A52EF:37D359C3349836D884E310ADDF68C449
CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:37D359C3349836D884E310ADDF68C449:F69F2445DF4F9B17AD2B417BE66C3710:01FAAA930B4AB9916E9668E1428C6B08
# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt
CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:E6CFA35FC02B134A4D2C0B6737AC3EDA
CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E6CFA35FC02B134A4D2C0B6737AC3EDA:AE2D8A571E03AC9C9EB76FAC45AF8E51:36CBEB73BD504B4070B1B7DE2B21EB50
CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:36CBEB73BD504B4070B1B7DE2B21EB50:30C81C46A35CE411E5FBC1191A0A52EF:E31A6055297D96CA3330CDF1B1860A83
CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E31A6055297D96CA3330CDF1B1860A83:F69F2445DF4F9B17AD2B417BE66C3710:5D563F6D1CCCF236051C0C5C1C58F28F
# We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt
# For all CFB128 encrypts and decrypts, the transformed sequence is
# CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
# CFB128-CAMELLIA128.Encrypt
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:1
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:1
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:1
# CFB128-CAMELLIA128.Decrypt
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:0
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:0
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:0
# CFB128-CAMELLIA192.Encrypt
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:1
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:1
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:1
# CFB128-CAMELLIA192.Decrypt
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:0
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:0
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:0
# CFB128-CAMELLIA256.Encrypt
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:1
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:1
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:1
# CFB128-CAMELLIA256.Decrypt
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:0
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:0
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:0
# For all OFB encrypts and decrypts, the transformed sequence is
# CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec
# OFB-CAMELLIA128.Encrypt
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:1
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:1
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:1
# OFB-CAMELLIA128.Decrypt
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:0
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:0
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:0
# OFB-CAMELLIA192.Encrypt
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:1
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:1
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:1
# OFB-CAMELLIA192.Decrypt
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:0
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:0
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:0
# OFB-CAMELLIA256.Encrypt
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:1
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:1
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:1
# OFB-CAMELLIA256.Decrypt
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:0
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:0
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:0

View File

@ -0,0 +1,486 @@
/* test/igetest.c -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <openssl/aes.h>
#include <openssl/rand.h>
#include <stdio.h>
#include <string.h>
#include <assert.h>
#define TEST_SIZE 128
#define BIG_TEST_SIZE 10240
static void hexdump(FILE *f,const char *title,const unsigned char *s,int l)
{
int n=0;
fprintf(f,"%s",title);
for( ; n < l ; ++n)
{
if((n%16) == 0)
fprintf(f,"\n%04x",n);
fprintf(f," %02x",s[n]);
}
fprintf(f,"\n");
}
#define MAX_VECTOR_SIZE 64
struct ige_test
{
const unsigned char key[16];
const unsigned char iv[32];
const unsigned char in[MAX_VECTOR_SIZE];
const unsigned char out[MAX_VECTOR_SIZE];
const size_t length;
const int encrypt;
};
static struct ige_test const ige_test_vectors[] = {
{ { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, /* key */
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, /* iv */
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, /* in */
{ 0x1a, 0x85, 0x19, 0xa6, 0x55, 0x7b, 0xe6, 0x52,
0xe9, 0xda, 0x8e, 0x43, 0xda, 0x4e, 0xf4, 0x45,
0x3c, 0xf4, 0x56, 0xb4, 0xca, 0x48, 0x8a, 0xa3,
0x83, 0xc7, 0x9c, 0x98, 0xb3, 0x47, 0x97, 0xcb }, /* out */
32, AES_ENCRYPT }, /* test vector 0 */
{ { 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
0x61, 0x6e, 0x20, 0x69, 0x6d, 0x70, 0x6c, 0x65 }, /* key */
{ 0x6d, 0x65, 0x6e, 0x74, 0x61, 0x74, 0x69, 0x6f,
0x6e, 0x20, 0x6f, 0x66, 0x20, 0x49, 0x47, 0x45,
0x20, 0x6d, 0x6f, 0x64, 0x65, 0x20, 0x66, 0x6f,
0x72, 0x20, 0x4f, 0x70, 0x65, 0x6e, 0x53, 0x53 }, /* iv */
{ 0x4c, 0x2e, 0x20, 0x4c, 0x65, 0x74, 0x27, 0x73,
0x20, 0x68, 0x6f, 0x70, 0x65, 0x20, 0x42, 0x65,
0x6e, 0x20, 0x67, 0x6f, 0x74, 0x20, 0x69, 0x74,
0x20, 0x72, 0x69, 0x67, 0x68, 0x74, 0x21, 0x0a }, /* in */
{ 0x99, 0x70, 0x64, 0x87, 0xa1, 0xcd, 0xe6, 0x13,
0xbc, 0x6d, 0xe0, 0xb6, 0xf2, 0x4b, 0x1c, 0x7a,
0xa4, 0x48, 0xc8, 0xb9, 0xc3, 0x40, 0x3e, 0x34,
0x67, 0xa8, 0xca, 0xd8, 0x93, 0x40, 0xf5, 0x3b }, /* out */
32, AES_DECRYPT }, /* test vector 1 */
};
struct bi_ige_test
{
const unsigned char key1[32];
const unsigned char key2[32];
const unsigned char iv[64];
const unsigned char in[MAX_VECTOR_SIZE];
const unsigned char out[MAX_VECTOR_SIZE];
const size_t keysize;
const size_t length;
const int encrypt;
};
static struct bi_ige_test const bi_ige_test_vectors[] = {
{ { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, /* key1 */
{ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, /* key2 */
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f }, /* iv */
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, /* in */
{ 0x14, 0x40, 0x6f, 0xae, 0xa2, 0x79, 0xf2, 0x56,
0x1f, 0x86, 0xeb, 0x3b, 0x7d, 0xff, 0x53, 0xdc,
0x4e, 0x27, 0x0c, 0x03, 0xde, 0x7c, 0xe5, 0x16,
0x6a, 0x9c, 0x20, 0x33, 0x9d, 0x33, 0xfe, 0x12 }, /* out */
16, 32, AES_ENCRYPT }, /* test vector 0 */
{ { 0x58, 0x0a, 0x06, 0xe9, 0x97, 0x07, 0x59, 0x5c,
0x9e, 0x19, 0xd2, 0xa7, 0xbb, 0x40, 0x2b, 0x7a,
0xc7, 0xd8, 0x11, 0x9e, 0x4c, 0x51, 0x35, 0x75,
0x64, 0x28, 0x0f, 0x23, 0xad, 0x74, 0xac, 0x37 }, /* key1 */
{ 0xd1, 0x80, 0xa0, 0x31, 0x47, 0xa3, 0x11, 0x13,
0x86, 0x26, 0x9e, 0x6d, 0xff, 0xaf, 0x72, 0x74,
0x5b, 0xa2, 0x35, 0x81, 0xd2, 0xa6, 0x3d, 0x21,
0x67, 0x7b, 0x58, 0xa8, 0x18, 0xf9, 0x72, 0xe4 }, /* key2 */
{ 0x80, 0x3d, 0xbd, 0x4c, 0xe6, 0x7b, 0x06, 0xa9,
0x53, 0x35, 0xd5, 0x7e, 0x71, 0xc1, 0x70, 0x70,
0x74, 0x9a, 0x00, 0x28, 0x0c, 0xbf, 0x6c, 0x42,
0x9b, 0xa4, 0xdd, 0x65, 0x11, 0x77, 0x7c, 0x67,
0xfe, 0x76, 0x0a, 0xf0, 0xd5, 0xc6, 0x6e, 0x6a,
0xe7, 0x5e, 0x4c, 0xf2, 0x7e, 0x9e, 0xf9, 0x20,
0x0e, 0x54, 0x6f, 0x2d, 0x8a, 0x8d, 0x7e, 0xbd,
0x48, 0x79, 0x37, 0x99, 0xff, 0x27, 0x93, 0xa3 }, /* iv */
{ 0xf1, 0x54, 0x3d, 0xca, 0xfe, 0xb5, 0xef, 0x1c,
0x4f, 0xa6, 0x43, 0xf6, 0xe6, 0x48, 0x57, 0xf0,
0xee, 0x15, 0x7f, 0xe3, 0xe7, 0x2f, 0xd0, 0x2f,
0x11, 0x95, 0x7a, 0x17, 0x00, 0xab, 0xa7, 0x0b,
0xbe, 0x44, 0x09, 0x9c, 0xcd, 0xac, 0xa8, 0x52,
0xa1, 0x8e, 0x7b, 0x75, 0xbc, 0xa4, 0x92, 0x5a,
0xab, 0x46, 0xd3, 0x3a, 0xa0, 0xd5, 0x35, 0x1c,
0x55, 0xa4, 0xb3, 0xa8, 0x40, 0x81, 0xa5, 0x0b}, /* in */
{ 0x42, 0xe5, 0x28, 0x30, 0x31, 0xc2, 0xa0, 0x23,
0x68, 0x49, 0x4e, 0xb3, 0x24, 0x59, 0x92, 0x79,
0xc1, 0xa5, 0xcc, 0xe6, 0x76, 0x53, 0xb1, 0xcf,
0x20, 0x86, 0x23, 0xe8, 0x72, 0x55, 0x99, 0x92,
0x0d, 0x16, 0x1c, 0x5a, 0x2f, 0xce, 0xcb, 0x51,
0xe2, 0x67, 0xfa, 0x10, 0xec, 0xcd, 0x3d, 0x67,
0xa5, 0xe6, 0xf7, 0x31, 0x26, 0xb0, 0x0d, 0x76,
0x5e, 0x28, 0xdc, 0x7f, 0x01, 0xc5, 0xa5, 0x4c}, /* out */
32, 64, AES_ENCRYPT }, /* test vector 1 */
};
static int run_test_vectors(void)
{
int n;
int errs = 0;
for(n=0 ; n < sizeof(ige_test_vectors)/sizeof(ige_test_vectors[0]) ; ++n)
{
const struct ige_test * const v = &ige_test_vectors[n];
AES_KEY key;
unsigned char buf[MAX_VECTOR_SIZE];
unsigned char iv[AES_BLOCK_SIZE*2];
assert(v->length <= MAX_VECTOR_SIZE);
if(v->encrypt == AES_ENCRYPT)
AES_set_encrypt_key(v->key, 8*sizeof v->key, &key);
else
AES_set_decrypt_key(v->key, 8*sizeof v->key, &key);
memcpy(iv, v->iv, sizeof iv);
AES_ige_encrypt(v->in, buf, v->length, &key, iv, v->encrypt);
if(memcmp(v->out, buf, v->length))
{
printf("IGE test vector %d failed\n", n);
hexdump(stdout, "key", v->key, sizeof v->key);
hexdump(stdout, "iv", v->iv, sizeof v->iv);
hexdump(stdout, "in", v->in, v->length);
hexdump(stdout, "expected", v->out, v->length);
hexdump(stdout, "got", buf, v->length);
++errs;
}
}
for(n=0 ; n < sizeof(bi_ige_test_vectors)/sizeof(bi_ige_test_vectors[0])
; ++n)
{
const struct bi_ige_test * const v = &bi_ige_test_vectors[n];
AES_KEY key1;
AES_KEY key2;
unsigned char buf[MAX_VECTOR_SIZE];
assert(v->length <= MAX_VECTOR_SIZE);
if(v->encrypt == AES_ENCRYPT)
{
AES_set_encrypt_key(v->key1, 8*v->keysize, &key1);
AES_set_encrypt_key(v->key2, 8*v->keysize, &key2);
}
else
{
AES_set_decrypt_key(v->key1, 8*v->keysize, &key1);
AES_set_decrypt_key(v->key2, 8*v->keysize, &key2);
}
AES_bi_ige_encrypt(v->in, buf, v->length, &key1, &key2, v->iv,
v->encrypt);
if(memcmp(v->out, buf, v->length))
{
printf("Bidirectional IGE test vector %d failed\n", n);
hexdump(stdout, "key 1", v->key1, sizeof v->key1);
hexdump(stdout, "key 2", v->key2, sizeof v->key2);
hexdump(stdout, "iv", v->iv, sizeof v->iv);
hexdump(stdout, "in", v->in, v->length);
hexdump(stdout, "expected", v->out, v->length);
hexdump(stdout, "got", buf, v->length);
++errs;
}
}
return errs;
}
int main(int argc, char **argv)
{
unsigned char rkey[16];
unsigned char rkey2[16];
AES_KEY key;
AES_KEY key2;
unsigned char plaintext[BIG_TEST_SIZE];
unsigned char ciphertext[BIG_TEST_SIZE];
unsigned char checktext[BIG_TEST_SIZE];
unsigned char iv[AES_BLOCK_SIZE*4];
unsigned char saved_iv[AES_BLOCK_SIZE*4];
int err = 0;
int n;
unsigned matches;
assert(BIG_TEST_SIZE >= TEST_SIZE);
RAND_pseudo_bytes(rkey, sizeof rkey);
RAND_pseudo_bytes(plaintext, sizeof plaintext);
RAND_pseudo_bytes(iv, sizeof iv);
memcpy(saved_iv, iv, sizeof saved_iv);
/* Forward IGE only... */
/* Straight encrypt/decrypt */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, iv,
AES_ENCRYPT);
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
memcpy(iv, saved_iv, sizeof iv);
AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv,
AES_DECRYPT);
if(memcmp(checktext, plaintext, TEST_SIZE))
{
printf("Encrypt+decrypt doesn't match\n");
hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
hexdump(stdout, "Checktext", checktext, TEST_SIZE);
++err;
}
/* Now check encrypt chaining works */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
memcpy(iv, saved_iv, sizeof iv);
AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE/2, &key, iv,
AES_ENCRYPT);
AES_ige_encrypt(plaintext+TEST_SIZE/2,
ciphertext+TEST_SIZE/2, TEST_SIZE/2,
&key, iv, AES_ENCRYPT);
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
memcpy(iv, saved_iv, sizeof iv);
AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv,
AES_DECRYPT);
if(memcmp(checktext, plaintext, TEST_SIZE))
{
printf("Chained encrypt+decrypt doesn't match\n");
hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
hexdump(stdout, "Checktext", checktext, TEST_SIZE);
++err;
}
/* And check decrypt chaining */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
memcpy(iv, saved_iv, sizeof iv);
AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE/2, &key, iv,
AES_ENCRYPT);
AES_ige_encrypt(plaintext+TEST_SIZE/2,
ciphertext+TEST_SIZE/2, TEST_SIZE/2,
&key, iv, AES_ENCRYPT);
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
memcpy(iv, saved_iv, sizeof iv);
AES_ige_encrypt(ciphertext, checktext, TEST_SIZE/2, &key, iv,
AES_DECRYPT);
AES_ige_encrypt(ciphertext+TEST_SIZE/2,
checktext+TEST_SIZE/2, TEST_SIZE/2, &key, iv,
AES_DECRYPT);
if(memcmp(checktext, plaintext, TEST_SIZE))
{
printf("Chained encrypt+chained decrypt doesn't match\n");
hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
hexdump(stdout, "Checktext", checktext, TEST_SIZE);
++err;
}
/* make sure garble extends forwards only */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
memcpy(iv, saved_iv, sizeof iv);
AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
AES_ENCRYPT);
/* corrupt halfway through */
++ciphertext[sizeof ciphertext/2];
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
memcpy(iv, saved_iv, sizeof iv);
AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
AES_DECRYPT);
matches=0;
for(n=0 ; n < sizeof checktext ; ++n)
if(checktext[n] == plaintext[n])
++matches;
if(matches > sizeof checktext/2+sizeof checktext/100)
{
printf("More than 51%% matches after garbling\n");
++err;
}
if(matches < sizeof checktext/2)
{
printf("Garble extends backwards!\n");
++err;
}
/* Bi-directional IGE */
/* Note that we don't have to recover the IV, because chaining isn't */
/* possible with biIGE, so the IV is not updated. */
RAND_pseudo_bytes(rkey2, sizeof rkey2);
/* Straight encrypt/decrypt */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_bi_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, &key2, iv,
AES_ENCRYPT);
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_bi_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, &key2, iv,
AES_DECRYPT);
if(memcmp(checktext, plaintext, TEST_SIZE))
{
printf("Encrypt+decrypt doesn't match\n");
hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
hexdump(stdout, "Checktext", checktext, TEST_SIZE);
++err;
}
/* make sure garble extends both ways */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
AES_ENCRYPT);
/* corrupt halfway through */
++ciphertext[sizeof ciphertext/2];
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
AES_DECRYPT);
matches=0;
for(n=0 ; n < sizeof checktext ; ++n)
if(checktext[n] == plaintext[n])
++matches;
if(matches > sizeof checktext/100)
{
printf("More than 1%% matches after bidirectional garbling\n");
++err;
}
/* make sure garble extends both ways (2) */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
AES_ENCRYPT);
/* corrupt right at the end */
++ciphertext[sizeof ciphertext-1];
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
AES_DECRYPT);
matches=0;
for(n=0 ; n < sizeof checktext ; ++n)
if(checktext[n] == plaintext[n])
++matches;
if(matches > sizeof checktext/100)
{
printf("More than 1%% matches after bidirectional garbling (2)\n");
++err;
}
/* make sure garble extends both ways (3) */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
AES_ENCRYPT);
/* corrupt right at the start */
++ciphertext[0];
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
AES_DECRYPT);
matches=0;
for(n=0 ; n < sizeof checktext ; ++n)
if(checktext[n] == plaintext[n])
++matches;
if(matches > sizeof checktext/100)
{
printf("More than 1%% matches after bidirectional garbling (3)\n");
++err;
}
err += run_test_vectors();
return err;
}

View File

@ -1,4 +1,4 @@
#!/usr/bin/perl
#!/usr/local/bin/perl
# Perl c_rehash script, scan all files in a directory

View File

@ -3380,3 +3380,32 @@ get_rfc2409_prime_768 3780 EXIST::FUNCTION:
X509_VERIFY_PARAM_get_flags 3781 EXIST::FUNCTION:
EVP_CIPHER_CTX_new 3782 EXIST::FUNCTION:
EVP_CIPHER_CTX_free 3783 EXIST::FUNCTION:
Camellia_cbc_encrypt 3784 EXIST::FUNCTION:CAMELLIA
Camellia_cfb128_encrypt 3785 EXIST::FUNCTION:CAMELLIA
Camellia_cfb1_encrypt 3786 EXIST::FUNCTION:CAMELLIA
Camellia_cfb8_encrypt 3787 EXIST::FUNCTION:CAMELLIA
Camellia_ctr128_encrypt 3788 EXIST::FUNCTION:CAMELLIA
Camellia_cfbr_encrypt_block 3789 EXIST::FUNCTION:CAMELLIA
Camellia_decrypt 3790 EXIST::FUNCTION:CAMELLIA
Camellia_ecb_encrypt 3791 EXIST::FUNCTION:CAMELLIA
Camellia_encrypt 3792 EXIST::FUNCTION:CAMELLIA
Camellia_ofb128_encrypt 3793 EXIST::FUNCTION:CAMELLIA
Camellia_set_key 3794 EXIST::FUNCTION:CAMELLIA
EVP_camellia_128_cbc 3795 EXIST::FUNCTION:CAMELLIA
EVP_camellia_128_cfb128 3796 EXIST::FUNCTION:CAMELLIA
EVP_camellia_128_cfb1 3797 EXIST::FUNCTION:CAMELLIA
EVP_camellia_128_cfb8 3798 EXIST::FUNCTION:CAMELLIA
EVP_camellia_128_ecb 3799 EXIST::FUNCTION:CAMELLIA
EVP_camellia_128_ofb 3800 EXIST::FUNCTION:CAMELLIA
EVP_camellia_192_cbc 3801 EXIST::FUNCTION:CAMELLIA
EVP_camellia_192_cfb128 3802 EXIST::FUNCTION:CAMELLIA
EVP_camellia_192_cfb1 3803 EXIST::FUNCTION:CAMELLIA
EVP_camellia_192_cfb8 3804 EXIST::FUNCTION:CAMELLIA
EVP_camellia_192_ecb 3805 EXIST::FUNCTION:CAMELLIA
EVP_camellia_192_ofb 3806 EXIST::FUNCTION:CAMELLIA
EVP_camellia_256_cbc 3807 EXIST::FUNCTION:CAMELLIA
EVP_camellia_256_cfb128 3808 EXIST::FUNCTION:CAMELLIA
EVP_camellia_256_cfb1 3809 EXIST::FUNCTION:CAMELLIA
EVP_camellia_256_cfb8 3810 EXIST::FUNCTION:CAMELLIA
EVP_camellia_256_ecb 3811 EXIST::FUNCTION:CAMELLIA
EVP_camellia_256_ofb 3812 EXIST::FUNCTION:CAMELLIA

View File

@ -63,7 +63,7 @@ and [options] can be one of
no-md2 no-md4 no-md5 no-sha no-mdc2 - Skip this digest
no-ripemd
no-rc2 no-rc4 no-rc5 no-idea no-des - Skip this symetric cipher
no-bf no-cast no-aes
no-bf no-cast no-aes no-camellia
no-rsa no-dsa no-dh - Skip this public key cipher
no-ssl2 no-ssl3 - Skip this version of SSL
just-ssl - remove all non-ssl keys/digest
@ -197,6 +197,7 @@ $cflags= "$xcflags$cflags" if $xcflags ne "";
$cflags.=" -DOPENSSL_NO_IDEA" if $no_idea;
$cflags.=" -DOPENSSL_NO_AES" if $no_aes;
$cflags.=" -DOPENSSL_NO_CAMELLIA" if $no_camellia;
$cflags.=" -DOPENSSL_NO_RC2" if $no_rc2;
$cflags.=" -DOPENSSL_NO_RC4" if $no_rc4;
$cflags.=" -DOPENSSL_NO_RC5" if $no_rc5;
@ -413,6 +414,8 @@ SHA1_ASM_OBJ=$sha1_asm_obj
SHA1_ASM_SRC=$sha1_asm_src
RMD160_ASM_OBJ=$rmd160_asm_obj
RMD160_ASM_SRC=$rmd160_asm_src
CPUID_ASM_OBJ=$cpuid_asm_obj
CPUID_ASM_SRC=$cpuid_asm_src
# The output directory for everything intersting
OUT_D=$out_dir
@ -656,6 +659,11 @@ foreach (values %lib_nam)
$lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/;
$rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src);
}
if (($cpuid_asm_obj ne "") && ($_ eq "CRYPTO"))
{
$lib_obj =~ s/\s(\S*\/cversion\S*)/ $1 \$(CPUID_ASM_OBJ)/;
$rules.=&do_asm_rule($cpuid_asm_obj,$cpuid_asm_src);
}
$defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj);
$lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)";
$rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib);
@ -721,6 +729,7 @@ sub var_add
return("") if $no_hw && $dir =~ /\/hw/;
return("") if $no_idea && $dir =~ /\/idea/;
return("") if $no_aes && $dir =~ /\/aes/;
return("") if $no_camellia && $dir =~ /\/camellia/;
return("") if $no_rc2 && $dir =~ /\/rc2/;
return("") if $no_rc4 && $dir =~ /\/rc4/;
return("") if $no_rc5 && $dir =~ /\/rc5/;
@ -754,6 +763,7 @@ sub var_add
@a=grep(!/^e_.*_bf$/,@a) if $no_bf;
@a=grep(!/^e_.*_c$/,@a) if $no_cast;
@a=grep(!/^e_rc4$/,@a) if $no_rc4;
@a=grep(!/^e_camellia$/,@a) if $no_camellia;
@a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
@a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
@ -838,6 +848,7 @@ sub do_defs
elsif ($_ =~ /MD5_ASM/) { $t="$_ "; }
elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; }
elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; }
elsif ($_ =~ /CPUID_ASM/){ $t="$_ "; }
else { $t="$location${o}$_$pf "; }
$Vars{$var}.="$t ";
@ -964,6 +975,7 @@ sub read_options
"no-rc5" => \$no_rc5,
"no-idea" => \$no_idea,
"no-aes" => \$no_aes,
"no-camellia" => \$no_camellia,
"no-des" => \$no_des,
"no-bf" => \$no_bf,
"no-cast" => \$no_cast,
@ -981,6 +993,7 @@ sub read_options
"no-dh" => \$no_dh,
"no-hmac" => \$no_hmac,
"no-aes" => \$no_aes,
"no-camellia" => \$no_camellia,
"no-asm" => \$no_asm,
"nasm" => \$nasm,
"nw-nasm" => \$nw_nasm,
@ -1000,7 +1013,7 @@ sub read_options
[\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
\$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
\$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5,
\$no_aes],
\$no_aes, \$no_camellia],
"rsaref" => 0,
"gcc" => \$gcc,
"debug" => \$debug,

View File

@ -84,7 +84,7 @@ my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
"SHA256", "SHA512", "RIPEMD",
"MDC2", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "HMAC", "AES",
"MDC2", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "HMAC", "AES", "CAMELLIA",
# Envelope "algorithms"
"EVP", "X509", "ASN1_TYPEDEFS",
# Helper "algorithms"
@ -111,7 +111,7 @@ my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf;
my $no_cast;
my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2;
my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw; my $no_camellia;
my $no_fp_api; my $no_static_engine; my $no_gmp; my $no_deprecated;
@ -175,6 +175,7 @@ foreach (@ARGV, split(/ /, $options))
elsif (/^no-ecdh$/) { $no_ecdh=1; }
elsif (/^no-hmac$/) { $no_hmac=1; }
elsif (/^no-aes$/) { $no_aes=1; }
elsif (/^no-camellia$/) { $no_camellia=1; }
elsif (/^no-evp$/) { $no_evp=1; }
elsif (/^no-lhash$/) { $no_lhash=1; }
elsif (/^no-stack$/) { $no_stack=1; }
@ -240,6 +241,7 @@ $crypto.=" crypto/mdc2/mdc2.h" ; # unless $no_mdc2;
$crypto.=" crypto/sha/sha.h" ; # unless $no_sha;
$crypto.=" crypto/ripemd/ripemd.h" ; # unless $no_ripemd;
$crypto.=" crypto/aes/aes.h" ; # unless $no_aes;
$crypto.=" crypto/camellia/camellia.h" ; # unless $no_camellia;
$crypto.=" crypto/bn/bn.h";
$crypto.=" crypto/rsa/rsa.h" ; # unless $no_rsa;
@ -1089,6 +1091,7 @@ sub is_valid
if ($keyword eq "ECDH" && $no_ecdh) { return 0; }
if ($keyword eq "HMAC" && $no_hmac) { return 0; }
if ($keyword eq "AES" && $no_aes) { return 0; }
if ($keyword eq "CAMELLIA" && $no_camellia) { return 0; }
if ($keyword eq "EVP" && $no_evp) { return 0; }
if ($keyword eq "LHASH" && $no_lhash) { return 0; }
if ($keyword eq "STACK" && $no_stack) { return 0; }

View File

@ -24,6 +24,7 @@ my @dirs = (
"crypto/bf",
"crypto/cast",
"crypto/aes",
"crypto/camellia",
"crypto/bn",
"crypto/rsa",
"crypto/dsa",

View File

@ -19,7 +19,7 @@ $cc='gcc';
if ($debug)
{ $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; }
else
{ $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -mcpu=i486 -Wall"; }
{ $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -march=i486 -Wall"; }
if ($gaswin and !$no_asm)
{
@ -43,6 +43,8 @@ if ($gaswin and !$no_asm)
$rmd160_asm_src='crypto/ripemd/asm/rm-win32.s';
$sha1_asm_obj='$(OBJ_D)\s1-win32.o';
$sha1_asm_src='crypto/sha/asm/s1-win32.s';
$cpuid_asm_obj='$(OBJ_D)\cpu-win32.o';
$cpuid_asm_src='crypto/cpu-win32.s';
$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS";
}