From 8276a469abc0da1b26b05737d49f752756088b27 Mon Sep 17 00:00:00 2001 From: Love Hornquist Astrand Date: Mon, 10 Aug 2009 09:07:37 +0200 Subject: [PATCH] Add CommonCrypto support, split out all hcrypto specific code to hcrypto module --- lib/hcrypto/Makefile.am | 3 + lib/hcrypto/evp-aes-cts.c | 1 + lib/hcrypto/evp-cc.c | 557 +++++++++++++++++++++++++++++++++ lib/hcrypto/evp-cc.h | 91 ++++++ lib/hcrypto/evp-hcrypto.c | 534 +++++++++++++++++++++++++++++++ lib/hcrypto/evp-hcrypto.h | 99 ++++++ lib/hcrypto/evp.c | 411 +++--------------------- lib/hcrypto/evp.h | 34 +- lib/hcrypto/test_cipher.c | 11 + lib/hcrypto/version-script.map | 33 +- 10 files changed, 1376 insertions(+), 398 deletions(-) create mode 100644 lib/hcrypto/evp-cc.c create mode 100644 lib/hcrypto/evp-cc.h create mode 100644 lib/hcrypto/evp-hcrypto.h diff --git a/lib/hcrypto/Makefile.am b/lib/hcrypto/Makefile.am index 2166f4ff3..3e105bb12 100644 --- a/lib/hcrypto/Makefile.am +++ b/lib/hcrypto/Makefile.am @@ -25,6 +25,8 @@ hcryptoinclude_HEADERS = \ ecdsa.h \ engine.h \ evp.h \ + evp-hcrypto.h \ + evp-cc.h \ hmac.h \ md2.h \ md4.h \ @@ -109,6 +111,7 @@ libhcrypto_la_SOURCES = \ evp.h \ evp-hcrypto.c \ evp-aes-cts.c \ + evp-cc.c \ engine.c \ engine.h \ hash.h \ diff --git a/lib/hcrypto/evp-aes-cts.c b/lib/hcrypto/evp-aes-cts.c index 66f87982c..dd95ccd25 100644 --- a/lib/hcrypto/evp-aes-cts.c +++ b/lib/hcrypto/evp-aes-cts.c @@ -58,6 +58,7 @@ const EVP_CIPHER * _krb5_EVP_hcrypto_aes_256_cts(void); #else #include +#include #include #define _hc_EVP_hcrypto_aes_128_cts hc_EVP_hcrypto_aes_128_cts diff --git a/lib/hcrypto/evp-cc.c b/lib/hcrypto/evp-cc.c new file mode 100644 index 000000000..335852a78 --- /dev/null +++ b/lib/hcrypto/evp-cc.c @@ -0,0 +1,557 @@ +/* + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* CommonCrypto provider */ + +#ifdef __APPLE__ + +#include "config.h" + +#include +#include +#include +#include +#include + +#include +#include + +#include +#include + +/* + * + */ + +struct cc_key { + CCCryptorRef href; +}; + +static int +cc_do_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + unsigned int size) +{ + struct cc_key *cc = ctx->cipher_data; + CCCryptorStatus ret; + size_t moved; + + memcpy(out, in, size); + + ret = CCCryptorUpdate(cc->href, in, size, out, size, &moved); + if (ret) + return 0; + + if (moved != size) + return 0; + + return 1; +} + +static int +cc_cleanup(EVP_CIPHER_CTX *ctx) +{ + struct cc_key *cc = ctx->cipher_data; + if (cc->href) + CCCryptorRelease(cc->href); + return 1; +} + +static int +init_cc_key(int encp, CCAlgorithm alg, const void *key, + size_t keylen, const void *iv, CCCryptorRef *ref) +{ + CCOperation op = encp ? kCCEncrypt : kCCDecrypt; + CCCryptorStatus ret; + + ret = CCCryptorCreate(op, alg, 0, key, keylen, iv, ref); + if (ret) + return 0; + return 1; +} + +static int +cc_des_ede3_cbc_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + struct cc_key *cc = ctx->cipher_data; + return init_cc_key(encp, kCCAlgorithm3DES, key, kCCKeySize3DES, iv, &cc->href); +} + +/** + * The tripple DES cipher type (Apple CommonCrypto provider) + * + * @return the DES-EDE3-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_des_ede3_cbc(void) +{ + static const EVP_CIPHER des_ede3_cbc = { + 0, + 8, + 24, + 8, + EVP_CIPH_CBC_MODE, + cc_des_ede3_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &des_ede3_cbc; +} + +/* + * + */ + +static int +cc_des_cbc_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + struct cc_key *cc = ctx->cipher_data; + return init_cc_key(encp, kCCAlgorithmDES, key, kCCBlockSizeDES, iv, &cc->href); +} + +/** + * The DES cipher type (Apple CommonCrypto provider) + * + * @return the DES-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_des_cbc(void) +{ + static const EVP_CIPHER des_ede3_cbc = { + 0, + kCCBlockSizeDES, + kCCBlockSizeDES, + kCCBlockSizeDES, + EVP_CIPH_CBC_MODE, + cc_des_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &des_ede3_cbc; +} + + + +/* + * + */ + +static int +cc_aes_cbc_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + struct cc_key *cc = ctx->cipher_data; + return init_cc_key(encp, kCCAlgorithmAES128, key, ctx->cipher->key_len, iv, &cc->href); +} + +/** + * The AES-128 cipher type (Apple CommonCrypto provider) + * + * @return the AES-128-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_aes_128_cbc(void) +{ + static const EVP_CIPHER c = { + 0, + kCCBlockSizeAES128, + kCCKeySizeAES128, + kCCBlockSizeAES128, + EVP_CIPH_CBC_MODE, + cc_aes_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &c; +} + +/** + * The AES-192 cipher type (Apple CommonCrypto provider) + * + * @return the AES-192-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_aes_192_cbc(void) +{ + static const EVP_CIPHER c = { + 0, + kCCBlockSizeAES128, + kCCKeySizeAES192, + kCCBlockSizeAES128, + EVP_CIPH_CBC_MODE, + cc_aes_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &c; +} + +/** + * The AES-256 cipher type (Apple CommonCrypto provider) + * + * @return the AES-256-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_aes_256_cbc(void) +{ + static const EVP_CIPHER c = { + 0, + kCCBlockSizeAES128, + kCCKeySizeAES256, + kCCBlockSizeAES128, + EVP_CIPH_CBC_MODE, + cc_aes_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &c; +} + +/* + * + */ + +static int +cc_rc2_cbc_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + struct cc_key *cc = ctx->cipher_data; + return init_cc_key(encp, kCCAlgorithmRC2, key, ctx->cipher->key_len, iv, &cc->href); +} + +/** + * The RC2 cipher type - common crypto + * + * @return the RC2 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + + +const EVP_CIPHER * +EVP_cc_rc2_cbc(void) +{ + static const EVP_CIPHER rc2_cbc = { + 0, + kCCBlockSizeRC2, + 16, + kCCBlockSizeRC2, + EVP_CIPH_CBC_MODE, + cc_rc2_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &rc2_cbc; +} + +/** + * The RC2-40 cipher type - common crypto + * + * @return the RC2-40 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + + +const EVP_CIPHER * +EVP_cc_rc2_40_cbc(void) +{ + static const EVP_CIPHER rc2_40_cbc = { + 0, + kCCBlockSizeRC2, + 5, + kCCBlockSizeRC2, + EVP_CIPH_CBC_MODE, + cc_rc2_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &rc2_40_cbc; +} + + +/** + * The RC2-64 cipher type - common crypto + * + * @return the RC2-64 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + + +const EVP_CIPHER * +EVP_cc_rc2_64_cbc(void) +{ + static const EVP_CIPHER rc2_64_cbc = { + 0, + kCCBlockSizeRC2, + 8, + kCCBlockSizeRC2, + EVP_CIPH_CBC_MODE, + cc_rc2_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &rc2_64_cbc; +} + + +/** + * The RC4 cipher type (Apple CommonCrypto provider) + * + * @return the RC4 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_rc4(void) +{ + abort(); +} + +/** + * The CommonCrypto md2 provider + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_cc_md2(void) +{ + static const struct hc_evp_md md2 = { + CC_MD2_DIGEST_LENGTH, + CC_MD2_BLOCK_BYTES, + sizeof(CC_MD2_CTX), + (hc_evp_md_init)CC_MD2_Init, + (hc_evp_md_update)CC_MD2_Update, + (hc_evp_md_final)CC_MD2_Final, + (hc_evp_md_cleanup)NULL + }; + return &md2; +} + +/** + * The CommonCrypto md4 provider + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_cc_md4(void) +{ + static const struct hc_evp_md md4 = { + CC_MD4_DIGEST_LENGTH, + CC_MD4_BLOCK_BYTES, + sizeof(CC_MD4_CTX), + (hc_evp_md_init)CC_MD4_Init, + (hc_evp_md_update)CC_MD4_Update, + (hc_evp_md_final)CC_MD4_Final, + (hc_evp_md_cleanup)NULL + }; + return &md4; +} + +/** + * The CommonCrypto md5 provider + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_cc_md5(void) +{ + static const struct hc_evp_md md5 = { + CC_MD5_DIGEST_LENGTH, + CC_MD5_BLOCK_BYTES, + sizeof(CC_MD5_CTX), + (hc_evp_md_init)CC_MD5_Init, + (hc_evp_md_update)CC_MD5_Update, + (hc_evp_md_final)CC_MD5_Final, + (hc_evp_md_cleanup)NULL + }; + return &md5; +} + +/** + * The CommonCrypto sha1 provider + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_cc_sha1(void) +{ + static const struct hc_evp_md sha1 = { + CC_SHA1_DIGEST_LENGTH, + CC_SHA1_BLOCK_BYTES, + sizeof(CC_SHA1_CTX), + (hc_evp_md_init)CC_SHA1_Init, + (hc_evp_md_update)CC_SHA1_Update, + (hc_evp_md_final)CC_SHA1_Final, + (hc_evp_md_cleanup)NULL + }; + return &sha1; +} + +/** + * The CommonCrypto sha256 provider + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_cc_sha256(void) +{ + static const struct hc_evp_md sha256 = { + CC_SHA256_DIGEST_LENGTH, + CC_SHA256_BLOCK_BYTES, + sizeof(CC_SHA256_CTX), + (hc_evp_md_init)CC_SHA256_Init, + (hc_evp_md_update)CC_SHA256_Update, + (hc_evp_md_final)CC_SHA256_Final, + (hc_evp_md_cleanup)NULL + }; + return &sha256; +} + +/** + * The Camellia-128 cipher type - CommonCrypto + * + * @return the Camellia-128 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_camellia_128_cbc(void) +{ + return NULL; +} + +/** + * The Camellia-198 cipher type - CommonCrypto + * + * @return the Camellia-198 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_camellia_192_cbc(void) +{ + return NULL; +} + +/** + * The Camellia-256 cipher type - CommonCrypto + * + * @return the Camellia-256 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_camellia_256_cbc(void) +{ + return NULL; +} + +#endif /* __APPLE__ */ + diff --git a/lib/hcrypto/evp-cc.h b/lib/hcrypto/evp-cc.h new file mode 100644 index 000000000..d2df771bc --- /dev/null +++ b/lib/hcrypto/evp-cc.h @@ -0,0 +1,91 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef HEIM_EVP_CC_H +#define HEIM_EVP_CC_H 1 + +/* symbol renaming */ +#define EVP_cc_md2 hc_EVP_cc_md2 +#define EVP_cc_md4 hc_EVP_cc_md4 +#define EVP_cc_md5 hc_EVP_cc_md5 +#define EVP_cc_sha1 hc_EVP_cc_sha1 +#define EVP_cc_sha256 hc_EVP__cc_sha256 +#define EVP_cc_des_cbc hc_EVP_cc_des_cbc +#define EVP_cc_des_ede3_cbc hc_EVP_cc_des_ede3_cbc +#define EVP_cc_aes_128_cbc hc_EVP_cc_aes_128_cbc +#define EVP_cc_aes_192_cbc hc_EVP_cc_aes_192_cbc +#define EVP_cc_aes_256_cbc hc_EVP_cc_aes_256_cbc +#define EVP_cc_rc4 hc_EVP_cc_rc4 +#define EVP_cc_rc4_40 hc_EVP_cc_rc4_40 +#define EVP_cc_rc2_40_cbc hc_EVP_cc_rc2_40_cbc +#define EVP_cc_rc2_64_cbc hc_EVP_cc_rc2_64_cbc +#define EVP_cc_rc2_cbc hc_EVP_cc_rc2_cbc +#define EVP_cc_camellia_128_cbc hc_EVP_cc_camellia_128_cbc +#define EVP_cc_camellia_192_cbc hc_EVP_cc_camellia_192_cbc +#define EVP_cc_camellia_256_cbc hc_EVP_cc_camellia_256_cbc + +/* + * + */ + +HC_CPP_BEGIN + +const EVP_MD * EVP_cc_md2(void); +const EVP_MD * EVP_cc_md4(void); +const EVP_MD * EVP_cc_md5(void); +const EVP_MD * EVP_cc_sha1(void); +const EVP_MD * EVP_cc_sha256(void); + +const EVP_CIPHER * EVP_cc_rc2_cbc(void); +const EVP_CIPHER * EVP_cc_rc2_40_cbc(void); +const EVP_CIPHER * EVP_cc_rc2_64_cbc(void); + +const EVP_CIPHER * EVP_cc_rc4(void); +const EVP_CIPHER * EVP_cc_rc4_40(void); + +const EVP_CIPHER * EVP_cc_des_cbc(void); +const EVP_CIPHER * EVP_cc_des_ede3_cbc(void); + +const EVP_CIPHER * EVP_cc_aes_128_cbc(void); +const EVP_CIPHER * EVP_cc_aes_192_cbc(void); +const EVP_CIPHER * EVP_cc_aes_256_cbc(void); + +const EVP_CIPHER * EVP_cc_camellia_128_cbc(void); +const EVP_CIPHER * EVP_cc_camellia_192_cbc(void); +const EVP_CIPHER * EVP_cc_camellia_256_cbc(void); + +HC_CPP_END + +#endif /* HEIM_EVP_CC_H */ diff --git a/lib/hcrypto/evp-hcrypto.c b/lib/hcrypto/evp-hcrypto.c index d176e2edf..c6bc87322 100644 --- a/lib/hcrypto/evp-hcrypto.c +++ b/lib/hcrypto/evp-hcrypto.c @@ -42,11 +42,22 @@ #include #include +#include #include +#include +#include "camellia.h" #include +#include +#include + +#include +#include +#include +#include + /* * */ @@ -170,3 +181,526 @@ EVP_hcrypto_aes_256_cbc(void) }; return &aes_256_cbc; } + +/** + * The message digest SHA256 - hcrypto + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_hcrypto_sha256(void) +{ + static const struct hc_evp_md sha256 = { + 32, + 64, + sizeof(SHA256_CTX), + (hc_evp_md_init)SHA256_Init, + (hc_evp_md_update)SHA256_Update, + (hc_evp_md_final)SHA256_Final, + NULL + }; + return &sha256; +} + +/** + * The message digest SHA1 - hcrypto + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_hcrypto_sha1(void) +{ + static const struct hc_evp_md sha1 = { + 20, + 64, + sizeof(SHA_CTX), + (hc_evp_md_init)SHA1_Init, + (hc_evp_md_update)SHA1_Update, + (hc_evp_md_final)SHA1_Final, + NULL + }; + return &sha1; +} + +/** + * The message digest MD5 - hcrypto + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_hcrypto_md5(void) +{ + static const struct hc_evp_md md5 = { + 16, + 64, + sizeof(MD5_CTX), + (hc_evp_md_init)MD5_Init, + (hc_evp_md_update)MD5_Update, + (hc_evp_md_final)MD5_Final, + NULL + }; + return &md5; +} + +/** + * The message digest MD4 - hcrypto + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_hcrypto_md4(void) +{ + static const struct hc_evp_md md4 = { + 16, + 64, + sizeof(MD4_CTX), + (hc_evp_md_init)MD4_Init, + (hc_evp_md_update)MD4_Update, + (hc_evp_md_final)MD4_Final, + NULL + }; + return &md4; +} + +/** + * The message digest MD2 - hcrypto + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_hcrypto_md2(void) +{ + static const struct hc_evp_md md2 = { + 16, + 16, + sizeof(MD2_CTX), + (hc_evp_md_init)MD2_Init, + (hc_evp_md_update)MD2_Update, + (hc_evp_md_final)MD2_Final, + NULL + }; + return &md2; +} + +const EVP_CIPHER * +EVP_hcrypto_rc4(void) +{ + printf("evp rc4\n"); + abort(); + return NULL; +} + +const EVP_CIPHER * +EVP_hcrypto_rc4_40(void) +{ + printf("evp rc4_40\n"); + abort(); + return NULL; +} + +/* + * + */ + +static int +des_cbc_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + DES_key_schedule *k = ctx->cipher_data; + DES_cblock deskey; + memcpy(&deskey, key, sizeof(deskey)); + DES_set_key_unchecked(&deskey, k); + return 1; +} + +static int +des_cbc_do_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + unsigned int size) +{ + DES_key_schedule *k = ctx->cipher_data; + DES_cbc_encrypt(in, out, size, + k, (DES_cblock *)ctx->iv, ctx->encrypt); + return 1; +} + +static int +des_cbc_cleanup(EVP_CIPHER_CTX *ctx) +{ + memset(ctx->cipher_data, 0, sizeof(struct DES_key_schedule)); + return 1; +} + +/** + * The DES cipher type + * + * @return the DES-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_des_cbc(void) +{ + static const EVP_CIPHER des_cbc = { + 0, + 8, + 8, + 8, + EVP_CIPH_CBC_MODE, + des_cbc_init, + des_cbc_do_cipher, + des_cbc_cleanup, + sizeof(DES_key_schedule), + NULL, + NULL, + NULL, + NULL + }; + return &des_cbc; +} + +/* + * + */ + +struct des_ede3_cbc { + DES_key_schedule ks[3]; +}; + +static int +des_ede3_cbc_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + struct des_ede3_cbc *k = ctx->cipher_data; + DES_cblock deskey; + + memcpy(&deskey, key, sizeof(deskey)); + DES_set_odd_parity(&deskey); + DES_set_key_unchecked(&deskey, &k->ks[0]); + + memcpy(&deskey, key + 8, sizeof(deskey)); + DES_set_odd_parity(&deskey); + DES_set_key_unchecked(&deskey, &k->ks[1]); + + memcpy(&deskey, key + 16, sizeof(deskey)); + DES_set_odd_parity(&deskey); + DES_set_key_unchecked(&deskey, &k->ks[2]); + + return 1; +} + +static int +des_ede3_cbc_do_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + unsigned int size) +{ + struct des_ede3_cbc *k = ctx->cipher_data; + DES_ede3_cbc_encrypt(in, out, size, + &k->ks[0], &k->ks[1], &k->ks[2], + (DES_cblock *)ctx->iv, ctx->encrypt); + return 1; +} + +static int +des_ede3_cbc_cleanup(EVP_CIPHER_CTX *ctx) +{ + memset(ctx->cipher_data, 0, sizeof(struct des_ede3_cbc)); + return 1; +} + +/** + * The tripple DES cipher type - hcrypto + * + * @return the DES-EDE3-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_des_ede3_cbc(void) +{ + static const EVP_CIPHER des_ede3_cbc = { + 0, + 8, + 24, + 8, + EVP_CIPH_CBC_MODE, + des_ede3_cbc_init, + des_ede3_cbc_do_cipher, + des_ede3_cbc_cleanup, + sizeof(struct des_ede3_cbc), + NULL, + NULL, + NULL, + NULL + }; + return &des_ede3_cbc; +} + +/* + * + */ + +struct rc2_cbc { + unsigned int maximum_effective_key; + RC2_KEY key; +}; + +static int +rc2_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + struct rc2_cbc *k = ctx->cipher_data; + k->maximum_effective_key = EVP_CIPHER_CTX_key_length(ctx) * 8; + RC2_set_key(&k->key, + EVP_CIPHER_CTX_key_length(ctx), + key, + k->maximum_effective_key); + return 1; +} + +static int +rc2_do_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + unsigned int size) +{ + struct rc2_cbc *k = ctx->cipher_data; + RC2_cbc_encrypt(in, out, size, &k->key, ctx->iv, ctx->encrypt); + return 1; +} + +static int +rc2_cleanup(EVP_CIPHER_CTX *ctx) +{ + memset(ctx->cipher_data, 0, sizeof(struct rc2_cbc)); + return 1; +} + +/** + * The RC2 cipher type - hcrypto + * + * @return the RC2 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_rc2_cbc(void) +{ + static const EVP_CIPHER rc2_cbc = { + 0, + RC2_BLOCK_SIZE, + RC2_KEY_LENGTH, + RC2_BLOCK_SIZE, + EVP_CIPH_CBC_MODE, + rc2_init, + rc2_do_cipher, + rc2_cleanup, + sizeof(struct rc2_cbc), + NULL, + NULL, + NULL, + NULL + }; + return &rc2_cbc; +} + +/** + * The RC2-40 cipher type + * + * @return the RC2-40 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_rc2_40_cbc(void) +{ + static const EVP_CIPHER rc2_40_cbc = { + 0, + RC2_BLOCK_SIZE, + 5, + RC2_BLOCK_SIZE, + EVP_CIPH_CBC_MODE, + rc2_init, + rc2_do_cipher, + rc2_cleanup, + sizeof(struct rc2_cbc), + NULL, + NULL, + NULL, + NULL + }; + return &rc2_40_cbc; +} + +/** + * The RC2-64 cipher type + * + * @return the RC2-64 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_rc2_64_cbc(void) +{ + static const EVP_CIPHER rc2_64_cbc = { + 0, + RC2_BLOCK_SIZE, + 8, + RC2_BLOCK_SIZE, + EVP_CIPH_CBC_MODE, + rc2_init, + rc2_do_cipher, + rc2_cleanup, + sizeof(struct rc2_cbc), + NULL, + NULL, + NULL, + NULL + }; + return &rc2_64_cbc; +} + +static int +camellia_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + CAMELLIA_KEY *k = ctx->cipher_data; + k->bits = ctx->cipher->key_len * 8; + CAMELLIA_set_key(key, ctx->cipher->key_len * 8, k); + return 1; +} + +static int +camellia_do_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + unsigned int size) +{ + CAMELLIA_KEY *k = ctx->cipher_data; + CAMELLIA_cbc_encrypt(in, out, size, k, ctx->iv, ctx->encrypt); + return 1; +} + +static int +camellia_cleanup(EVP_CIPHER_CTX *ctx) +{ + memset(ctx->cipher_data, 0, sizeof(CAMELLIA_KEY)); + return 1; +} + +/** + * The Camellia-128 cipher type - hcrypto + * + * @return the Camellia-128 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_camellia_128_cbc(void) +{ + static const EVP_CIPHER cipher = { + 0, + 16, + 16, + 16, + EVP_CIPH_CBC_MODE, + camellia_init, + camellia_do_cipher, + camellia_cleanup, + sizeof(CAMELLIA_KEY), + NULL, + NULL, + NULL, + NULL + }; + return &cipher; +} + +/** + * The Camellia-198 cipher type - hcrypto + * + * @return the Camellia-198 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_camellia_192_cbc(void) +{ + static const EVP_CIPHER cipher = { + 0, + 16, + 24, + 16, + EVP_CIPH_CBC_MODE, + camellia_init, + camellia_do_cipher, + camellia_cleanup, + sizeof(CAMELLIA_KEY), + NULL, + NULL, + NULL, + NULL + }; + return &cipher; +} + +/** + * The Camellia-256 cipher type - hcrypto + * + * @return the Camellia-256 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_camellia_256_cbc(void) +{ + static const EVP_CIPHER cipher = { + 0, + 16, + 32, + 16, + EVP_CIPH_CBC_MODE, + camellia_init, + camellia_do_cipher, + camellia_cleanup, + sizeof(CAMELLIA_KEY), + NULL, + NULL, + NULL, + NULL + }; + return &cipher; +} diff --git a/lib/hcrypto/evp-hcrypto.h b/lib/hcrypto/evp-hcrypto.h new file mode 100644 index 000000000..f6880e194 --- /dev/null +++ b/lib/hcrypto/evp-hcrypto.h @@ -0,0 +1,99 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef HEIM_EVP_HCRYPTO_H +#define HEIM_EVP_HCRYPTO_H 1 + +/* symbol renaming */ +#define EVP_hcrypto_md2 hc_EVP_hcrypto_md2 +#define EVP_hcrypto_md4 hc_EVP_hcrypto_md4 +#define EVP_hcrypto_md5 hc_EVP_hcrypto_md5 +#define EVP_hcrypto_sha1 hc_EVP_hcrypto_sha1 +#define EVP_hcrypto_sha256 hc_EVP_hcrypto_sha256 +#define EVP_hcrypto_des_cbc hc_EVP_hcrypto_des_cbc +#define EVP_hcrypto_des_ede3_cbc hc_EVP_hcrypto_des_ede3_cbc +#define EVP_hcrypto_aes_128_cbc hc_EVP_hcrypto_aes_128_cbc +#define EVP_hcrypto_aes_192_cbc hc_EVP_hcrypto_aes_192_cbc +#define EVP_hcrypto_aes_256_cbc hc_EVP_hcrypto_aes_256_cbc +#define EVP_hcrypto_aes_128_cts hc_EVP_hcrypto_aes_128_cts +#define EVP_hcrypto_aes_192_cts hc_EVP_hcrypto_aes_192_cts +#define EVP_hcrypto_aes_256_cts hc_EVP_hcrypto_aes_256_cts +#define EVP_hcrypto_rc4 hc_EVP_hcrypto_rc4 +#define EVP_hcrypto_rc4_40 hc_EVP_hcrypto_rc4_40 +#define EVP_hcrypto_rc2_40_cbc hc_EVP_hcrypto_rc2_40_cbc +#define EVP_hcrypto_rc2_64_cbc hc_EVP_hcrypto_rc2_64_cbc +#define EVP_hcrypto_rc2_cbc hc_EVP_hcrypto_rc2_cbc +#define EVP_hcrypto_camellia_128_cbc hc_EVP_hcrypto_camellia_128_cbc +#define EVP_hcrypto_camellia_192_cbc hc_EVP_hcrypto_camellia_192_cbc +#define EVP_hcrypto_camellia_256_cbc hc_EVP_hcrypto_camellia_256_cbc + +/* + * + */ + +HC_CPP_BEGIN + +const EVP_MD * EVP_hcrypto_md2(void); +const EVP_MD * EVP_hcrypto_md4(void); +const EVP_MD * EVP_hcrypto_md5(void); +const EVP_MD * EVP_hcrypto_sha1(void); +const EVP_MD * EVP_hcrypto_sha256(void); + +const EVP_CIPHER * EVP_hcrypto_rc4(void); +const EVP_CIPHER * EVP_hcrypto_rc4_40(void); + +const EVP_CIPHER * EVP_hcrypto_rc2_cbc(void); +const EVP_CIPHER * EVP_hcrypto_rc2_40_cbc(void); +const EVP_CIPHER * EVP_hcrypto_rc2_64_cbc(void); + +const EVP_CIPHER * EVP_hcrypto_des_cbc(void); +const EVP_CIPHER * EVP_hcrypto_des_ede3_cbc(void); + +const EVP_CIPHER * EVP_hcrypto_aes_128_cbc(void); +const EVP_CIPHER * EVP_hcrypto_aes_192_cbc(void); +const EVP_CIPHER * EVP_hcrypto_aes_256_cbc(void); + +const EVP_CIPHER * EVP_hcrypto_aes_128_cts(void); +const EVP_CIPHER * EVP_hcrypto_aes_192_cts(void); +const EVP_CIPHER * EVP_hcrypto_aes_256_cts(void); + +const EVP_CIPHER * EVP_hcrypto_camellia_128_cbc(void); +const EVP_CIPHER * EVP_hcrypto_camellia_192_cbc(void); +const EVP_CIPHER * EVP_hcrypto_camellia_256_cbc(void); + + +HC_CPP_END + +#endif /* HEIM_EVP_HCRYPTO_H */ diff --git a/lib/hcrypto/evp.c b/lib/hcrypto/evp.c index ac6cac972..8d9b2e601 100644 --- a/lib/hcrypto/evp.c +++ b/lib/hcrypto/evp.c @@ -45,17 +45,19 @@ #include #include +#include +#include #include -#include "camellia.h" -#include -#include -#include -#include -#include -#include -#include +#ifndef DEF_PROVIDER +#define DEF_PROVIDER hcrypto +#endif + +#define HC_CONCAT4(x,y,z,aa) x ## y ## z ## aa + + +#define EVP_DEF_OP(_prov,_op) HC_CONCAT4(EVP_,_prov,_,_op)() /** * @page page_evp EVP - generic crypto interface @@ -138,8 +140,8 @@ EVP_MD_CTX_create(void) * @ingroup hcrypto_evp */ -void HC_DEPRECATED -EVP_MD_CTX_init(EVP_MD_CTX *ctx) +void +EVP_MD_CTX_init(EVP_MD_CTX *ctx) HC_DEPRECATED { memset(ctx, 0, sizeof(*ctx)); } @@ -169,8 +171,8 @@ EVP_MD_CTX_destroy(EVP_MD_CTX *ctx) * @ingroup hcrypto_evp */ -int HC_DEPRECATED -EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) +int +EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) HC_DEPRECATED { if (ctx->md && ctx->md->cleanup) (ctx->md->cleanup)(ctx); @@ -351,28 +353,9 @@ EVP_Digest(const void *data, size_t dsize, void *hash, unsigned int *hsize, const EVP_MD * EVP_sha256(void) { - static const struct hc_evp_md sha256 = { - 32, - 64, - sizeof(SHA256_CTX), - (hc_evp_md_init)SHA256_Init, - (hc_evp_md_update)SHA256_Update, - (hc_evp_md_final)SHA256_Final, - NULL - }; - return &sha256; + return EVP_DEF_OP(DEF_PROVIDER, sha256); } -static const struct hc_evp_md sha1 = { - 20, - 64, - sizeof(SHA_CTX), - (hc_evp_md_init)SHA1_Init, - (hc_evp_md_update)SHA1_Update, - (hc_evp_md_final)SHA1_Final, - NULL -}; - /** * The message digest SHA1 * @@ -384,7 +367,7 @@ static const struct hc_evp_md sha1 = { const EVP_MD * EVP_sha1(void) { - return &sha1; + return EVP_DEF_OP(DEF_PROVIDER, sha1); } /** @@ -396,9 +379,10 @@ EVP_sha1(void) */ const EVP_MD * -EVP_sha(void) +EVP_sha(void) HC_DEPRECATED + { - return &sha1; + return EVP_sha1(); } /** @@ -410,18 +394,9 @@ EVP_sha(void) */ const EVP_MD * -EVP_md5(void) +EVP_md5(void) HC_DEPRECATED_CRYPTO { - static const struct hc_evp_md md5 = { - 16, - 64, - sizeof(MD5_CTX), - (hc_evp_md_init)MD5_Init, - (hc_evp_md_update)MD5_Update, - (hc_evp_md_final)MD5_Final, - NULL - }; - return &md5; + return EVP_DEF_OP(DEF_PROVIDER, md5); } /** @@ -433,18 +408,9 @@ EVP_md5(void) */ const EVP_MD * -EVP_md4(void) +EVP_md4(void) HC_DEPRECATED_CRYPTO { - static const struct hc_evp_md md4 = { - 16, - 64, - sizeof(MD4_CTX), - (hc_evp_md_init)MD4_Init, - (hc_evp_md_update)MD4_Update, - (hc_evp_md_final)MD4_Final, - NULL - }; - return &md4; + return EVP_DEF_OP(DEF_PROVIDER, md4); } /** @@ -456,18 +422,9 @@ EVP_md4(void) */ const EVP_MD * -EVP_md2(void) +EVP_md2(void) HC_DEPRECATED_CRYPTO { - static const struct hc_evp_md md2 = { - 16, - 16, - sizeof(MD2_CTX), - (hc_evp_md_init)MD2_Init, - (hc_evp_md_update)MD2_Update, - (hc_evp_md_final)MD2_Final, - NULL - }; - return &md2; + return EVP_DEF_OP(DEF_PROVIDER, md2); } /* @@ -1005,48 +962,6 @@ EVP_enc_null(void) return &enc_null; } -/* - * - */ - -struct rc2_cbc { - unsigned int maximum_effective_key; - RC2_KEY key; -}; - -static int -rc2_init(EVP_CIPHER_CTX *ctx, - const unsigned char * key, - const unsigned char * iv, - int encp) -{ - struct rc2_cbc *k = ctx->cipher_data; - k->maximum_effective_key = EVP_CIPHER_CTX_key_length(ctx) * 8; - RC2_set_key(&k->key, - EVP_CIPHER_CTX_key_length(ctx), - key, - k->maximum_effective_key); - return 1; -} - -static int -rc2_do_cipher(EVP_CIPHER_CTX *ctx, - unsigned char *out, - const unsigned char *in, - unsigned int size) -{ - struct rc2_cbc *k = ctx->cipher_data; - RC2_cbc_encrypt(in, out, size, &k->key, ctx->iv, ctx->encrypt); - return 1; -} - -static int -rc2_cleanup(EVP_CIPHER_CTX *ctx) -{ - memset(ctx->cipher_data, 0, sizeof(struct rc2_cbc)); - return 1; -} - /** * The RC2 cipher type * @@ -1058,28 +973,13 @@ rc2_cleanup(EVP_CIPHER_CTX *ctx) const EVP_CIPHER * EVP_rc2_cbc(void) { - static const EVP_CIPHER rc2_cbc = { - 0, - RC2_BLOCK_SIZE, - RC2_KEY_LENGTH, - RC2_BLOCK_SIZE, - EVP_CIPH_CBC_MODE, - rc2_init, - rc2_do_cipher, - rc2_cleanup, - sizeof(struct rc2_cbc), - NULL, - NULL, - NULL, - NULL - }; - return &rc2_cbc; + return EVP_DEF_OP(DEF_PROVIDER, rc2_cbc); } /** - * The RC2-40 cipher type + * The RC2 cipher type * - * @return the RC2-40 EVP_CIPHER pointer. + * @return the RC2 EVP_CIPHER pointer. * * @ingroup hcrypto_evp */ @@ -1087,28 +987,13 @@ EVP_rc2_cbc(void) const EVP_CIPHER * EVP_rc2_40_cbc(void) { - static const EVP_CIPHER rc2_40_cbc = { - 0, - RC2_BLOCK_SIZE, - 5, - RC2_BLOCK_SIZE, - EVP_CIPH_CBC_MODE, - rc2_init, - rc2_do_cipher, - rc2_cleanup, - sizeof(struct rc2_cbc), - NULL, - NULL, - NULL, - NULL - }; - return &rc2_40_cbc; + return EVP_DEF_OP(DEF_PROVIDER, rc2_40_cbc); } /** - * The RC2-64 cipher type + * The RC2 cipher type * - * @return the RC2-64 EVP_CIPHER pointer. + * @return the RC2 EVP_CIPHER pointer. * * @ingroup hcrypto_evp */ @@ -1116,22 +1001,7 @@ EVP_rc2_40_cbc(void) const EVP_CIPHER * EVP_rc2_64_cbc(void) { - static const EVP_CIPHER rc2_64_cbc = { - 0, - RC2_BLOCK_SIZE, - 8, - RC2_BLOCK_SIZE, - EVP_CIPH_CBC_MODE, - rc2_init, - rc2_do_cipher, - rc2_cleanup, - sizeof(struct rc2_cbc), - NULL, - NULL, - NULL, - NULL - }; - return &rc2_64_cbc; + return EVP_DEF_OP(DEF_PROVIDER, rc2_64_cbc); } /** @@ -1145,9 +1015,7 @@ EVP_rc2_64_cbc(void) const EVP_CIPHER * EVP_rc4(void) { - printf("evp rc4\n"); - abort(); - return NULL; + return EVP_DEF_OP(DEF_PROVIDER, rc4); } /** @@ -1161,45 +1029,7 @@ EVP_rc4(void) const EVP_CIPHER * EVP_rc4_40(void) { - printf("evp rc4_40\n"); - abort(); - return NULL; -} - -/* - * - */ - -static int -des_cbc_init(EVP_CIPHER_CTX *ctx, - const unsigned char * key, - const unsigned char * iv, - int encp) -{ - DES_key_schedule *k = ctx->cipher_data; - DES_cblock deskey; - memcpy(&deskey, key, sizeof(deskey)); - DES_set_key_unchecked(&deskey, k); - return 1; -} - -static int -des_cbc_do_cipher(EVP_CIPHER_CTX *ctx, - unsigned char *out, - const unsigned char *in, - unsigned int size) -{ - DES_key_schedule *k = ctx->cipher_data; - DES_cbc_encrypt(in, out, size, - k, (DES_cblock *)ctx->iv, ctx->encrypt); - return 1; -} - -static int -des_cbc_cleanup(EVP_CIPHER_CTX *ctx) -{ - memset(ctx->cipher_data, 0, sizeof(struct DES_key_schedule)); - return 1; + return EVP_DEF_OP(DEF_PROVIDER, rc4_40); } /** @@ -1213,74 +1043,7 @@ des_cbc_cleanup(EVP_CIPHER_CTX *ctx) const EVP_CIPHER * EVP_des_cbc(void) { - static const EVP_CIPHER des_ede3_cbc = { - 0, - 8, - 8, - 8, - EVP_CIPH_CBC_MODE, - des_cbc_init, - des_cbc_do_cipher, - des_cbc_cleanup, - sizeof(DES_key_schedule), - NULL, - NULL, - NULL, - NULL - }; - return &des_ede3_cbc; -} - -/* - * - */ - -struct des_ede3_cbc { - DES_key_schedule ks[3]; -}; - -static int -des_ede3_cbc_init(EVP_CIPHER_CTX *ctx, - const unsigned char * key, - const unsigned char * iv, - int encp) -{ - struct des_ede3_cbc *k = ctx->cipher_data; - DES_cblock deskey; - - memcpy(&deskey, key, sizeof(deskey)); - DES_set_odd_parity(&deskey); - DES_set_key_unchecked(&deskey, &k->ks[0]); - - memcpy(&deskey, key + 8, sizeof(deskey)); - DES_set_odd_parity(&deskey); - DES_set_key_unchecked(&deskey, &k->ks[1]); - - memcpy(&deskey, key + 16, sizeof(deskey)); - DES_set_odd_parity(&deskey); - DES_set_key_unchecked(&deskey, &k->ks[2]); - - return 1; -} - -static int -des_ede3_cbc_do_cipher(EVP_CIPHER_CTX *ctx, - unsigned char *out, - const unsigned char *in, - unsigned int size) -{ - struct des_ede3_cbc *k = ctx->cipher_data; - DES_ede3_cbc_encrypt(in, out, size, - &k->ks[0], &k->ks[1], &k->ks[2], - (DES_cblock *)ctx->iv, ctx->encrypt); - return 1; -} - -static int -des_ede3_cbc_cleanup(EVP_CIPHER_CTX *ctx) -{ - memset(ctx->cipher_data, 0, sizeof(struct des_ede3_cbc)); - return 1; + return EVP_DEF_OP(DEF_PROVIDER, des_cbc); } /** @@ -1294,22 +1057,7 @@ des_ede3_cbc_cleanup(EVP_CIPHER_CTX *ctx) const EVP_CIPHER * EVP_des_ede3_cbc(void) { - static const EVP_CIPHER des_ede3_cbc = { - 0, - 8, - 24, - 8, - EVP_CIPH_CBC_MODE, - des_ede3_cbc_init, - des_ede3_cbc_do_cipher, - des_ede3_cbc_cleanup, - sizeof(struct des_ede3_cbc), - NULL, - NULL, - NULL, - NULL - }; - return &des_ede3_cbc; + return EVP_DEF_OP(DEF_PROVIDER, des_ede3_cbc); } /** @@ -1323,7 +1071,7 @@ EVP_des_ede3_cbc(void) const EVP_CIPHER * EVP_aes_128_cbc(void) { - return EVP_hcrypto_aes_128_cbc(); + return EVP_DEF_OP(DEF_PROVIDER, aes_128_cbc); } /** @@ -1337,7 +1085,7 @@ EVP_aes_128_cbc(void) const EVP_CIPHER * EVP_aes_192_cbc(void) { - return EVP_hcrypto_aes_192_cbc(); + return EVP_DEF_OP(DEF_PROVIDER, aes_192_cbc); } /** @@ -1351,37 +1099,7 @@ EVP_aes_192_cbc(void) const EVP_CIPHER * EVP_aes_256_cbc(void) { - return EVP_hcrypto_aes_256_cbc(); -} - -static int -camellia_init(EVP_CIPHER_CTX *ctx, - const unsigned char * key, - const unsigned char * iv, - int encp) -{ - CAMELLIA_KEY *k = ctx->cipher_data; - k->bits = ctx->cipher->key_len * 8; - CAMELLIA_set_key(key, ctx->cipher->key_len * 8, k); - return 1; -} - -static int -camellia_do_cipher(EVP_CIPHER_CTX *ctx, - unsigned char *out, - const unsigned char *in, - unsigned int size) -{ - CAMELLIA_KEY *k = ctx->cipher_data; - CAMELLIA_cbc_encrypt(in, out, size, k, ctx->iv, ctx->encrypt); - return 1; -} - -static int -camellia_cleanup(EVP_CIPHER_CTX *ctx) -{ - memset(ctx->cipher_data, 0, sizeof(CAMELLIA_KEY)); - return 1; + return EVP_DEF_OP(DEF_PROVIDER, aes_256_cbc); } /** @@ -1395,22 +1113,7 @@ camellia_cleanup(EVP_CIPHER_CTX *ctx) const EVP_CIPHER * EVP_camellia_128_cbc(void) { - static const EVP_CIPHER cipher = { - 0, - 16, - 16, - 16, - EVP_CIPH_CBC_MODE, - camellia_init, - camellia_do_cipher, - camellia_cleanup, - sizeof(CAMELLIA_KEY), - NULL, - NULL, - NULL, - NULL - }; - return &cipher; + return EVP_DEF_OP(DEF_PROVIDER, camellia_128_cbc); } /** @@ -1424,22 +1127,7 @@ EVP_camellia_128_cbc(void) const EVP_CIPHER * EVP_camellia_192_cbc(void) { - static const EVP_CIPHER cipher = { - 0, - 16, - 24, - 16, - EVP_CIPH_CBC_MODE, - camellia_init, - camellia_do_cipher, - camellia_cleanup, - sizeof(CAMELLIA_KEY), - NULL, - NULL, - NULL, - NULL - }; - return &cipher; + return EVP_DEF_OP(DEF_PROVIDER, camellia_192_cbc); } /** @@ -1453,22 +1141,7 @@ EVP_camellia_192_cbc(void) const EVP_CIPHER * EVP_camellia_256_cbc(void) { - static const EVP_CIPHER cipher = { - 0, - 16, - 32, - 16, - EVP_CIPH_CBC_MODE, - camellia_init, - camellia_do_cipher, - camellia_cleanup, - sizeof(CAMELLIA_KEY), - NULL, - NULL, - NULL, - NULL - }; - return &cipher; + return EVP_DEF_OP(DEF_PROVIDER, camellia_256_cbc); } /* diff --git a/lib/hcrypto/evp.h b/lib/hcrypto/evp.h index 0086a0696..3c8c1b904 100644 --- a/lib/hcrypto/evp.h +++ b/lib/hcrypto/evp.h @@ -74,12 +74,7 @@ #define EVP_aes_128_cbc hc_EVP_aes_128_cbc #define EVP_aes_192_cbc hc_EVP_aes_192_cbc #define EVP_aes_256_cbc hc_EVP_aes_256_cbc -#define EVP_hcrypto_aes_128_cbc hc_EVP_hcrypto_aes_128_cbc -#define EVP_hcrypto_aes_192_cbc hc_EVP_hcrypto_aes_192_cbc -#define EVP_hcrypto_aes_256_cbc hc_EVP_hcrypto_aes_256_cbc -#define EVP_hcrypto_aes_128_cts hc_EVP_hcrypto_aes_128_cts -#define EVP_hcrypto_aes_192_cts hc_EVP_hcrypto_aes_192_cts -#define EVP_hcrypto_aes_256_cts hc_EVP_hcrypto_aes_256_cts + #define EVP_des_cbc hc_EVP_des_cbc #define EVP_des_ede3_cbc hc_EVP_des_ede3_cbc #define EVP_enc_null hc_EVP_enc_null @@ -203,11 +198,16 @@ struct hc_evp_md { #define HC_DEPRECATED_CRYPTO HC_DEPRECATED #endif - -#ifdef __cplusplus -extern "C" { +#ifdef __cplusplus +#define HC_CPP_BEGIN extern "C" { +#define HC_CPP_END } +#else +#define HC_CPP_BEGIN +#define HC_CPP_END #endif +HC_CPP_BEGIN + /* * Avaible crypto algs */ @@ -216,19 +216,13 @@ const EVP_MD *EVP_md_null(void); const EVP_MD *EVP_md2(void) HC_DEPRECATED_CRYPTO; const EVP_MD *EVP_md4(void) HC_DEPRECATED_CRYPTO; const EVP_MD *EVP_md5(void) HC_DEPRECATED_CRYPTO; -const EVP_MD *EVP_sha(void); +const EVP_MD *EVP_sha(void) HC_DEPRECATED; const EVP_MD *EVP_sha1(void); const EVP_MD *EVP_sha256(void); const EVP_CIPHER * EVP_aes_128_cbc(void); const EVP_CIPHER * EVP_aes_192_cbc(void); const EVP_CIPHER * EVP_aes_256_cbc(void); -const EVP_CIPHER * EVP_hcrypto_aes_128_cbc(void); -const EVP_CIPHER * EVP_hcrypto_aes_192_cbc(void); -const EVP_CIPHER * EVP_hcrypto_aes_256_cbc(void); -const EVP_CIPHER * EVP_hcrypto_aes_128_cts(void); -const EVP_CIPHER * EVP_hcrypto_aes_192_cts(void); -const EVP_CIPHER * EVP_hcrypto_aes_256_cts(void); const EVP_CIPHER * EVP_des_cbc(void) HC_DEPRECATED_CRYPTO; const EVP_CIPHER * EVP_des_ede3_cbc(void); const EVP_CIPHER * EVP_enc_null(void); @@ -241,10 +235,6 @@ const EVP_CIPHER * EVP_camellia_128_cbc(void); const EVP_CIPHER * EVP_camellia_192_cbc(void); const EVP_CIPHER * EVP_camellia_256_cbc(void); -/* - * - */ - size_t EVP_MD_size(const EVP_MD *); size_t EVP_MD_block_size(const EVP_MD *); @@ -318,8 +308,6 @@ void OpenSSL_add_all_algorithms(void); void OpenSSL_add_all_algorithms_conf(void); void OpenSSL_add_all_algorithms_noconf(void); -#ifdef __cplusplus -} -#endif +HC_CPP_END #endif /* HEIM_EVP_H */ diff --git a/lib/hcrypto/test_cipher.c b/lib/hcrypto/test_cipher.c index a5bb45b6d..465559829 100644 --- a/lib/hcrypto/test_cipher.c +++ b/lib/hcrypto/test_cipher.c @@ -44,6 +44,8 @@ #include #include +#include +#include #include #include @@ -359,6 +361,11 @@ test_cipher(int i, const EVP_CIPHER *c, struct tests *t) EVP_CIPHER_CTX dctx; void *d; + if (c == NULL) { + printf("%s not supported\n", t->name); + return 0; + } + EVP_CIPHER_CTX_init(&ectx); EVP_CIPHER_CTX_init(&dctx); @@ -445,6 +452,10 @@ main(int argc, char **argv) ret += test_cipher(i, EVP_hcrypto_aes_256_cts(), &aes_256_cts_tests[i]); for (i = 0; i < sizeof(aes_tests)/sizeof(aes_tests[0]); i++) ret += test_cipher(i, EVP_aes_256_cbc(), &aes_tests[i]); +#ifdef __APPLE__ + for (i = 0; i < sizeof(aes_tests)/sizeof(aes_tests[0]); i++) + ret += test_cipher(i, EVP_cc_aes_256_cbc(), &aes_tests[i]); +#endif for (i = 0; i < sizeof(rc2_40_tests)/sizeof(rc2_40_tests[0]); i++) ret += test_cipher(i, EVP_rc2_40_cbc(), &rc2_40_tests[i]); for (i = 0; i < sizeof(des_ede3_tests)/sizeof(des_ede3_tests[0]); i++) diff --git a/lib/hcrypto/version-script.map b/lib/hcrypto/version-script.map index ba13a2f16..c1a66bafc 100644 --- a/lib/hcrypto/version-script.map +++ b/lib/hcrypto/version-script.map @@ -141,12 +141,6 @@ HEIMDAL_CRYPTO_1.0 { hc_EVP_aes_128_cbc; hc_EVP_aes_192_cbc; hc_EVP_aes_256_cbc; - hc_EVP_hcrypto_aes_128_cbc; - hc_EVP_hcrypto_aes_192_cbc; - hc_EVP_hcrypto_aes_256_cbc; - hc_EVP_hcrypto_aes_cts_128_cbc; - hc_EVP_hcrypto_aes_cts_192_cbc; - hc_EVP_hcrypto_aes_cts_256_cbc; hc_EVP_des_cbc; hc_EVP_des_ede3_cbc; hc_EVP_camellia_128_cbc; @@ -166,6 +160,33 @@ HEIMDAL_CRYPTO_1.0 { hc_EVP_sha; hc_EVP_sha1; hc_EVP_sha256; + + hc_EVP_cc_md2; + hc_EVP_cc_md4; + hc_EVP_cc_md5; + hc_EVP_cc_sha1; + hc_EVP_cc_sha256; + hc_EVP_cc_des_ede3_cbc; + hc_EVP_cc_aes_128_cbc; + hc_EVP_cc_aes_192_cbc; + hc_EVP_cc_aes_256_cbc; + + hc_EVP_hcrypto_md2; + hc_EVP_hcrypto_md4; + hc_EVP_hcrypto_md5; + hc_EVP_hcrypto_sha1; + hc_EVP_hcrypto_sha256; + hc_EVP_hcrypto_des_ede3_cbc; + hc_EVP_hcrypto_aes_128_cbc; + hc_EVP_hcrypto_aes_192_cbc; + hc_EVP_hcrypto_aes_256_cbc; + hc_EVP_hcrypto_rc4; + hc_EVP_hcrypto_rc4_40; + + hc_EVP_hcrypto_aes_cts_128_cbc; + hc_EVP_hcrypto_aes_cts_192_cbc; + hc_EVP_hcrypto_aes_cts_256_cbc; + hc_HMAC; hc_HMAC_CTX_cleanup; hc_HMAC_CTX_init;