Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
06b7e5a0
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
10
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
06b7e5a0
编写于
13年前
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add algorithm driver for XTS mode. Fix several bugs in EVP XTS implementation.
上级
706735ae
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
100 addition
and
11 deletion
+100
-11
CHANGES
CHANGES
+4
-3
crypto/evp/e_aes.c
crypto/evp/e_aes.c
+15
-7
fips/aes/fips_gcmtest.c
fips/aes/fips_gcmtest.c
+81
-1
未找到文件。
CHANGES
浏览文件 @
06b7e5a0
...
...
@@ -9,9 +9,10 @@
to use callback. Always run all selftests even if one fails.
[Steve Henson]
*) Provisional XTS support. Note: this does increase the maximum key
length from 32 to 64 bytes but there should be no binary compatibility
issues as existing applications will never use XTS mode.
*) XTS support including algorithm test driver in the fips_gcmtest program.
Note: this does increase the maximum key length from 32 to 64 bytes but
there should be no binary compatibility issues as existing applications
will never use XTS mode.
[Steve Henson]
*) Extensive reorganisation of FIPS PRNG behaviour. Remove all dependencies
...
...
This diff is collapsed.
Click to expand it.
crypto/evp/e_aes.c
浏览文件 @
06b7e5a0
...
...
@@ -471,8 +471,6 @@ static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
/* key1 and key2 are used as an indicator both key and IV are set */
xctx
->
xts
.
key1
=
NULL
;
xctx
->
xts
.
key2
=
NULL
;
xctx
->
xts
.
block1
=
(
block128_f
)
AES_encrypt
;
xctx
->
xts
.
block2
=
(
block128_f
)
AES_encrypt
;
return
1
;
}
...
...
@@ -485,13 +483,23 @@ static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
if
(
key
)
{
AES_set_encrypt_key
(
key
,
ctx
->
key_len
*
8
,
&
xctx
->
ks1
);
AES_set_encrypt_key
(
key
+
ctx
->
key_len
,
ctx
->
key_len
*
8
,
&
xctx
->
ks2
);
/* key_len is two AES keys */
if
(
ctx
->
encrypt
)
{
AES_set_encrypt_key
(
key
,
ctx
->
key_len
*
4
,
&
xctx
->
ks1
);
xctx
->
xts
.
block1
=
(
block128_f
)
AES_encrypt
;
}
else
{
AES_set_decrypt_key
(
key
,
ctx
->
key_len
*
4
,
&
xctx
->
ks1
);
xctx
->
xts
.
block1
=
(
block128_f
)
AES_decrypt
;
}
xctx
->
xts
.
key1
=
&
xctx
->
ks1
;
xctx
->
xts
.
block1
=
(
block128_f
)
AES_encrypt
;
AES_set_encrypt_key
(
key
+
ctx
->
key_len
/
2
,
ctx
->
key_len
*
4
,
&
xctx
->
ks2
)
;
xctx
->
xts
.
block2
=
(
block128_f
)
AES_encrypt
;
xctx
->
xts
.
key1
=
&
xctx
->
ks1
;
}
if
(
iv
)
...
...
This diff is collapsed.
Click to expand it.
fips/aes/fips_gcmtest.c
浏览文件 @
06b7e5a0
...
...
@@ -263,9 +263,84 @@ static void gcmtest(FILE *in, FILE *out, int encrypt)
}
}
static
void
xtstest
(
FILE
*
in
,
FILE
*
out
)
{
char
buf
[
2048
];
char
lbuf
[
2048
];
char
*
keyword
,
*
value
;
int
inlen
;
int
encrypt
=
0
;
int
rv
;
long
l
;
unsigned
char
*
key
=
NULL
,
*
iv
=
NULL
;
unsigned
char
*
inbuf
=
NULL
,
*
outbuf
=
NULL
;
EVP_CIPHER_CTX
ctx
;
const
EVP_CIPHER
*
xts
=
NULL
;
FIPS_cipher_ctx_init
(
&
ctx
);
while
(
fgets
(
buf
,
sizeof
buf
,
in
)
!=
NULL
)
{
fputs
(
buf
,
out
);
if
(
buf
[
0
]
==
'['
&&
strlen
(
buf
)
>=
9
)
{
if
(
!
strncmp
(
buf
,
"[ENCRYPT]"
,
9
))
encrypt
=
1
;
else
if
(
!
strncmp
(
buf
,
"[DECRYPT]"
,
9
))
encrypt
=
0
;
}
if
(
!
parse_line
(
&
keyword
,
&
value
,
lbuf
,
buf
))
continue
;
else
if
(
!
strcmp
(
keyword
,
"Key"
))
{
key
=
hex2bin_m
(
value
,
&
l
);
if
(
l
==
32
)
xts
=
EVP_aes_128_xts
();
else
if
(
l
==
64
)
xts
=
EVP_aes_256_xts
();
else
{
fprintf
(
stderr
,
"Inconsistent Key length
\n
"
);
exit
(
1
);
}
}
else
if
(
!
strcmp
(
keyword
,
"i"
))
{
iv
=
hex2bin_m
(
value
,
&
l
);
if
(
l
!=
16
)
{
fprintf
(
stderr
,
"Inconsistent i length
\n
"
);
exit
(
1
);
}
}
else
if
(
encrypt
&&
!
strcmp
(
keyword
,
"PT"
))
{
inbuf
=
hex2bin_m
(
value
,
&
l
);
inlen
=
l
;
}
else
if
(
!
encrypt
&&
!
strcmp
(
keyword
,
"CT"
))
{
inbuf
=
hex2bin_m
(
value
,
&
l
);
inlen
=
l
;
}
if
(
inbuf
)
{
FIPS_cipherinit
(
&
ctx
,
xts
,
key
,
iv
,
encrypt
);
outbuf
=
OPENSSL_malloc
(
inlen
);
rv
=
FIPS_cipher
(
&
ctx
,
outbuf
,
inbuf
,
inlen
);
OutputValue
(
encrypt
?
"CT"
:
"PT"
,
outbuf
,
inlen
,
out
,
0
);
OPENSSL_free
(
inbuf
);
OPENSSL_free
(
outbuf
);
OPENSSL_free
(
key
);
OPENSSL_free
(
iv
);
iv
=
key
=
inbuf
=
outbuf
=
NULL
;
}
}
}
int
main
(
int
argc
,
char
**
argv
)
{
int
encrypt
;
int
xts
=
0
;
FILE
*
in
,
*
out
;
if
(
argc
==
4
)
{
...
...
@@ -299,13 +374,18 @@ int main(int argc,char **argv)
encrypt
=
2
;
else
if
(
!
strcmp
(
argv
[
1
],
"-decrypt"
))
encrypt
=
0
;
else
if
(
!
strcmp
(
argv
[
1
],
"-xts"
))
xts
=
1
;
else
{
fprintf
(
stderr
,
"Don't know how to %s.
\n
"
,
argv
[
1
]);
exit
(
1
);
}
gcmtest
(
in
,
out
,
encrypt
);
if
(
xts
)
xtstest
(
in
,
out
);
else
gcmtest
(
in
,
out
,
encrypt
);
if
(
argc
==
4
)
{
...
...
This diff is collapsed.
Click to expand it.
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录
新手
引导
客服
返回
顶部