提交 6f9079fd 编写于 作者: R Richard Levitte

Because Rijndael is more known as AES, use crypto/aes instead of

crypto/rijndael.  Additionally, I applied the AES integration patch
from Stephen Sprunk <stephen@sprunk.org> and fiddled it to work
properly with the normal EVP constructs (and incidently work the same
way as all other symmetric cipher implementations).

This results in an API that looks a lot like the rest of the OpenSSL
cipher suite.
上级 c938563a
......@@ -12,6 +12,11 @@
*) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
+) applies to 0.9.7 only
+) Change the AES code to follow the same name structure as all other
symmetric ciphers, and behave the same way. Move everything to
the directory crypto/aes, thereby obsoleting crypto/rijndael.
[Stephen Sprunk <stephen@sprunk.org> and Richard Levitte]
*) Fix ssl3_read_bytes (ssl/s3_pkt.c): To ignore messages of unknown
type, we must throw them away by setting rr->length to 0.
[D P Chang <dpc@qualys.com>]
......
......@@ -166,7 +166,7 @@ SHLIBDIRS= crypto ssl
SDIRS= \
md2 md4 md5 sha mdc2 hmac ripemd \
des rc2 rc4 rc5 idea bf cast \
bn ec rsa dsa dh dso engine rijndael \
bn ec rsa dsa dh dso engine aes \
buffer bio stack lhash rand err objects \
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
......
......@@ -28,7 +28,7 @@ LIBS=
SDIRS= md2 md5 sha mdc2 hmac ripemd \
des rc2 rc4 rc5 idea bf cast \
bn ec rsa dsa dh dso engine rijndael \
bn ec rsa dsa dh dso engine aes \
buffer bio stack lhash rand err objects \
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
......
#
# crypto/aes/Makefile
#
DIR= aes
TOP= ../..
CC= cc
CPP= $(CC) -E
INCLUDES=
CFLAG=-g
INSTALL_PREFIX=
OPENSSLDIR= /usr/local/ssl
INSTALLTOP= /usr/local/ssl
MAKE= make -f Makefile.ssl
MAKEDEPPROG= makedepend
MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
MAKEFILE= Makefile.ssl
AR= ar r
# CFLAGS= -mpentiumpro $(INCLUDES) $(CFLAG) -O3 -fexpensive-optimizations -funroll-loops -fforce-addr
CFLAGS= $(INCLUDES) $(CFLAG)
GENERAL=Makefile
TEST=aestest.c
APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c
LIBOBJ=aes_core.o aes_misc.o aes_ecb.o aes_cbc.o
SRC= $(LIBSRC)
EXHEADER= aes.h
HEADER= aes_locl.h $(EXHEADER)
ALL= $(GENERAL) $(SRC) $(HEADER)
top:
(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
all: lib
lib: $(LIBOBJ)
$(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
$(LIBOBJ): $(LIBSRC)
files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install: installs
installs:
@for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
tags:
ctags $(SRC)
tests:
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
depend:
$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
clean:
rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.
aes_cbc.o: ../../include/openssl/aes.h aes_cbc.c aes_locl.h
aes_core.o: ../../include/openssl/aes.h aes_core.c aes_locl.h
aes_ecb.o: ../../include/openssl/aes.h aes_ecb.c aes_locl.h
aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/opensslv.h
aes_misc.o: aes_locl.h aes_misc.c
This is an OpenSSL-compatible version of AES (also called Rijndael).
aes_core.c is basically the same as rijndael-alg-fst.c but with an
API that looks like the rest of the OpenSSL symmetric cipher suite.
/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef HEADER_AES_H
#define HEADER_AES_H
#ifdef OPENSSL_NO_AES
#error AES is disabled.
#endif
static const int AES_DECRYPT = 0;
static const int AES_ENCRYPT = 1;
#define AES_MAXNR 14 /* array size can't be a const in C */
static const int AES_BLOCK_SIZE = 16; /* bytes */
#ifdef __cplusplus
extern "C" {
#endif
/* This should be a hidden type, but EVP requires that the size be known */
struct aes_key_st {
unsigned long rd_key[4 *(AES_MAXNR + 1)];
int rounds;
};
typedef struct aes_key_st AES_KEY;
const char *AES_options(void);
int AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key);
int AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key);
void AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key);
void AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key);
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key, const int enc);
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
unsigned char *ivec, const int enc);
#ifdef __cplusplus
}
#endif
#endif /* !HEADER_AES_H */
/* crypto/aes/aes_cbc.c -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <assert.h>
#include <openssl/aes.h>
#include "aes_locl.h"
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
unsigned char *ivec, const int enc) {
int n;
unsigned long len = length;
unsigned char tmp[16];
assert(in && out && key && ivec);
assert(length % AES_BLOCK_SIZE == 0);
assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
if (AES_ENCRYPT == enc)
while (len > 0) {
for(n=0; n < 16; ++n)
tmp[n] = in[n] ^ ivec[n];
AES_encrypt(tmp, out, key);
memcpy(ivec, out, 16);
len -= 16;
in += 16;
out += 16;
}
else
while (len > 0) {
memcpy(tmp, in, 16);
AES_decrypt(in, out, key);
for(n=0; n < 16; ++n)
out[n] ^= ivec[n];
memcpy(ivec, tmp, 16);
len -= 16;
in += 16;
out += 16;
}
}
此差异已折叠。
/* crypto/aes/aes_ecb.c -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <assert.h>
#include <openssl/aes.h>
#include "aes_locl.h"
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key, const int enc) {
assert(in && out && key);
assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
if (AES_ENCRYPT == enc)
AES_encrypt(in, out, key);
else
AES_decrypt(in, out, key);
}
/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef HEADER_AES_LOCL_H
#define HEADER_AES_LOCL_H
#ifdef OPENSSL_NO_AES
#error AES is disabled.
#endif
typedef unsigned long u32;
typedef unsigned short u16;
typedef unsigned char u8;
#define MAXKC (256/32)
#define MAXKB (256/8)
#define MAXNR 14
/* This controls loop-unrolling in aes_core.c */
#undef FULL_UNROLL
#endif /* !HEADER_AES_LOCL_H */
/* crypto/aes/aes_misc.c -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <openssl/opensslv.h>
#include <openssl/aes.h>
#include "aes_locl.h"
const char *AES_version="AES" OPENSSL_VERSION_PTEXT;
const char *AES_options(void) {
#ifdef FULL_UNROLL
return "aes(full)";
#else
return "aes(partial)";
#endif
}
......@@ -186,15 +186,15 @@ digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
digest.o: ../../include/openssl/ui.h ../cryptlib.h digest.c
e_aes.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_aes.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
e_aes.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
e_aes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
e_aes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rd_fst.h
e_aes.o: ../../include/openssl/rijndael.h ../../include/openssl/safestack.h
e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h e_aes.c
e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
e_aes.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
e_aes.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
e_aes.o: ../../include/openssl/err.h ../../include/openssl/evp.h
e_aes.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
e_aes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
e_aes.o: ../../include/openssl/symhacks.h e_aes.c evp_locl.h
e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
e_bf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
......
......@@ -53,102 +53,57 @@
#include <openssl/err.h>
#include <string.h>
#include <assert.h>
#include <openssl/rijndael.h>
#include <openssl/aes.h>
#include "evp_locl.h"
static int aes_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
static int aes_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl);
static int aes_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl);
#define IMPLEMENT_AES_CIPHER(name, ciph_func, keylen, ivlen, mode) \
static const EVP_CIPHER name##_cipher_st = \
{ \
NID_##name, \
16,keylen,ivlen, \
mode, \
aes_init, \
ciph_func, \
NULL, \
sizeof(RIJNDAEL_KEY), \
EVP_CIPHER_set_asn1_iv, \
EVP_CIPHER_get_asn1_iv, \
NULL, \
NULL \
}; \
const EVP_CIPHER * EVP_##name(void) \
{ \
return &name##_cipher_st; \
}
typedef struct
{
AES_KEY ks;
} EVP_AES_KEY;
IMPLEMENT_AES_CIPHER(aes_128_ecb, aes_ecb, 16, 0, EVP_CIPH_ECB_MODE)
IMPLEMENT_AES_CIPHER(aes_192_ecb, aes_ecb, 24, 0, EVP_CIPH_ECB_MODE)
IMPLEMENT_AES_CIPHER(aes_256_ecb, aes_ecb, 32, 0, EVP_CIPH_ECB_MODE)
#define data(ctx) EVP_C_DATA(EVP_AES_KEY,ctx)
IMPLEMENT_AES_CIPHER(aes_128_cbc, aes_cbc, 16, 16, EVP_CIPH_CBC_MODE)
IMPLEMENT_AES_CIPHER(aes_192_cbc, aes_cbc, 24, 16, EVP_CIPH_CBC_MODE)
IMPLEMENT_AES_CIPHER(aes_256_cbc, aes_cbc, 32, 16, EVP_CIPH_CBC_MODE)
#define IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(cname, ksched, cprefix, kstruct, \
nid, block_size, key_len, iv_len, flags, \
init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, 0, flags, \
init_key, cleanup, set_asn1, get_asn1, ctrl)
static int aes_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
RIJNDAEL_KEY *k=ctx->cipher_data;
if (enc)
k->rounds = rijndaelKeySetupEnc(k->rd_key, key, ctx->key_len * 8);
else
k->rounds = rijndaelKeySetupDec(k->rd_key, key, ctx->key_len * 8);
IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(aes_128, ks, AES, EVP_AES_KEY,
NID_aes_128, 16, 16, 16,
0, aes_init_key, NULL,
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
NULL)
IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(aes_192, ks, AES, EVP_AES_KEY,
NID_aes_192, 16, 24, 16,
0, aes_init_key, NULL,
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
NULL)
IMPLEMENT_BLOCK_CIPHER_def_ecb_cbc(aes_256, ks, AES, EVP_AES_KEY,
NID_aes_256, 16, 32, 16,
0, aes_init_key, NULL,
EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,
NULL)
return 1;
}
static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc) {
static int aes_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl)
{
RIJNDAEL_KEY *k=ctx->cipher_data;
while(inl > 0)
{
if(ctx->encrypt)
rijndaelEncrypt(k->rd_key,k->rounds, in, out);
else
rijndaelDecrypt(k->rd_key,k->rounds, in, out);
inl-=16;
in+=16;
out+=16;
}
assert(inl == 0);
if (enc)
AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
else
AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
return 1;
}
}
static int aes_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl)
{
int n;
unsigned char tmp[16];
RIJNDAEL_KEY *k=ctx->cipher_data;
while(inl > 0)
{
if(ctx->encrypt)
{
for(n=0 ; n < 16 ; n++)
tmp[n] = in[n] ^ ctx->iv[n];
rijndaelEncrypt(k->rd_key,k->rounds, tmp, out);
memcpy(ctx->iv,out,16);
}
else
{
memcpy(tmp, in, 16);
rijndaelDecrypt(k->rd_key,k->rounds, in, out);
for(n=0 ; n < 16 ; n++)
out[n] ^= ctx->iv[n];
memcpy(ctx->iv,tmp,16);
}
inl-=16;
in+=16;
out+=16;
}
assert(inl == 0);
return 1;
}
#endif
......@@ -34,7 +34,7 @@ $ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN -
$
$ SDIRS := ,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,-
DES,RC2,RC4,RC5,IDEA,BF,CAST,-
BN,EC,RSA,DSA,DH,DSO,ENGINE,RIJNDAEL,-
BN,EC,RSA,DSA,DH,DSO,ENGINE,AES,-
BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,-
EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,-
UI,KRB5
......@@ -61,7 +61,7 @@ $ EXHEADER_DSA := dsa.h
$ EXHEADER_DH := dh.h
$ EXHEADER_DSO := dso.h
$ EXHEADER_ENGINE := engine.h
$ EXHEADER_RIJNDAEL := rd_fst.h,rijndael.h
$ EXHEADER_AES := aes.h
$ EXHEADER_BUFFER := buffer.h
$ EXHEADER_BIO := bio.h
$ EXHEADER_STACK := stack.h,safestack.h
......
......@@ -430,7 +430,7 @@ $! Copy All The ".H" Files From The [.CRYPTO] Directory Tree.
$!
$ SDIRS := ,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,-
DES,RC2,RC4,RC5,IDEA,BF,CAST,-
BN,EC,RSA,DSA,DH,DSO,ENGINE,RIJNDAEL,-
BN,EC,RSA,DSA,DH,DSO,ENGINE,AES,-
BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,-
EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5
$ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,symhacks.h,-
......@@ -456,7 +456,7 @@ $ EXHEADER_DSA := dsa.h
$ EXHEADER_DH := dh.h
$ EXHEADER_DSO := dso.h
$ EXHEADER_ENGINE := engine.h
$ EXHEADER_RIJNDAEL := rd_fst.h,rijndael.h
$ EXHEADER_AES := aes.h
$ EXHEADER_BUFFER := buffer.h
$ EXHEADER_BIO := bio.h
$ EXHEADER_STACK := stack.h,safestack.h
......
......@@ -92,7 +92,7 @@ $no_mdc2=1 if ($no_des);
$no_ssl3=1 if ($no_md5 || $no_sha);
$no_ssl3=1 if ($no_rsa && $no_dh);
$no_ssl2=1 if ($no_md5 || $no_rsa);
$no_ssl2=1 if ($no_md5);
$no_ssl2=1 if ($no_rsa);
$out_def="out";
......@@ -873,7 +873,7 @@ sub read_options
elsif (/^no-dsa$/) { $no_dsa=1; }
elsif (/^no-dh$/) { $no_dh=1; }
elsif (/^no-hmac$/) { $no_hmac=1; }
elsif (/^no-rijndael$/) { $no_rijndael=1; }
elsif (/^no-aes$/) { $no_aes=1; }
elsif (/^no-asm$/) { $no_asm=1; }
elsif (/^nasm$/) { $nasm=1; }
elsif (/^gaswin$/) { $gaswin=1; }
......
......@@ -208,8 +208,7 @@ $crypto.=" crypto/md5/md5.h" ; # unless $no_md5;
$crypto.=" crypto/mdc2/mdc2.h" ; # unless $no_mdc2;
$crypto.=" crypto/sha/sha.h" ; # unless $no_sha;
$crypto.=" crypto/ripemd/ripemd.h" ; # unless $no_ripemd;
$crypto.=" crypto/rijndael/rijndael.h" ; # unless $no_aes;
$crypto.=" crypto/rijndael/rd_fst.h" ; # unless $no_aes;
$crypto.=" crypto/aes/aes.h" ; # unless $no_aes;
$crypto.=" crypto/bn/bn.h";
$crypto.=" crypto/rsa/rsa.h" ; # unless $no_rsa;
......
......@@ -23,7 +23,7 @@ my @dirs = (
"crypto/idea",
"crypto/bf",
"crypto/cast",
"crypto/rijndael",
"crypto/aes",
"crypto/bn",
"crypto/rsa",
"crypto/dsa",
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册