Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
8a97a330
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
10
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
8a97a330
编写于
5月 13, 2013
作者:
A
Andy Polyakov
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add AES-SHA256 stitch.
上级
22de0e65
变更
13
展开全部
隐藏空白更改
内联
并排
Showing
13 changed file
with
2026 addition
and
23 deletion
+2026
-23
Configure
Configure
+1
-1
TABLE
TABLE
+16
-16
crypto/aes/Makefile
crypto/aes/Makefile
+2
-0
crypto/aes/asm/aesni-sha256-x86_64.pl
crypto/aes/asm/aesni-sha256-x86_64.pl
+1358
-0
crypto/evp/Makefile
crypto/evp/Makefile
+2
-2
crypto/evp/c_allc.c
crypto/evp/c_allc.c
+4
-0
crypto/evp/e_aes_cbc_hmac_sha256.c
crypto/evp/e_aes_cbc_hmac_sha256.c
+598
-0
crypto/objects/obj_dat.h
crypto/objects/obj_dat.h
+15
-3
crypto/objects/obj_mac.h
crypto/objects/obj_mac.h
+12
-0
crypto/objects/obj_mac.num
crypto/objects/obj_mac.num
+3
-0
crypto/objects/objects.txt
crypto/objects/objects.txt
+3
-0
ssl/ssl_algs.c
ssl/ssl_algs.c
+4
-1
ssl/ssl_ciph.c
ssl/ssl_ciph.c
+8
-0
未找到文件。
Configure
浏览文件 @
8a97a330
...
...
@@ -128,7 +128,7 @@ my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o x86-gf2m.o:des-586.o crypt5
my $x86_elf_asm="$x86_asm:elf";
my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o::aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o rc4-md5-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:ghash-x86_64.o aesni-gcm-x86_64.o:e_padlock-x86_64.o";
my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o::aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o rc4-md5-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:ghash-x86_64.o aesni-gcm-x86_64.o:e_padlock-x86_64.o";
my $ia64_asm="ia64cpuid.o:bn-ia64.o ia64-mont.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o:::::ghash-ia64.o::void";
my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o vis3-mont.o sparct4-mont.o sparcv9-gf2m.o:des_enc-sparc.o fcrypt_b.o dest4-sparcv9.o:aes_core.o aes_cbc.o aes-sparcv9.o aest4-sparcv9.o::md5-sparcv9.o:sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o::::::camellia.o cmll_misc.o cmll_cbc.o cmllt4-sparcv9.o:ghash-sparcv9.o::void";
my $sparcv8_asm=":sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::::::void";
...
...
TABLE
浏览文件 @
8a97a330
...
...
@@ -308,7 +308,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
@@ -803,7 +803,7 @@ $bn_ops = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN
$cpuid_obj = x86_64cpuid.o
$bn_obj = bn_asm.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
@@ -1496,7 +1496,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
@@ -1661,7 +1661,7 @@ $bn_ops = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN
$cpuid_obj = x86_64cpuid.o
$bn_obj = bn_asm.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
@@ -1760,7 +1760,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
@@ -1826,7 +1826,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
@@ -2024,7 +2024,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
@@ -2552,7 +2552,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
@@ -2750,7 +2750,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
@@ -2816,7 +2816,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
@@ -4466,7 +4466,7 @@ $bn_ops = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
@@ -4499,7 +4499,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
@@ -4532,7 +4532,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
@@ -4730,7 +4730,7 @@ $bn_ops = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
@@ -5720,7 +5720,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
@@ -5753,7 +5753,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
$des_obj =
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
$aes_obj = aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
aesni-sha256-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
...
...
crypto/aes/Makefile
浏览文件 @
8a97a330
...
...
@@ -65,6 +65,8 @@ aesni-x86_64.s: asm/aesni-x86_64.pl
$(PERL)
asm/aesni-x86_64.pl
$(PERLASM_SCHEME)
>
$@
aesni-sha1-x86_64.s
:
asm/aesni-sha1-x86_64.pl
$(PERL)
asm/aesni-sha1-x86_64.pl
$(PERLASM_SCHEME)
>
$@
aesni-sha256-x86_64.s
:
asm/aesni-sha256-x86_64.pl
$(PERL)
asm/aesni-sha256-x86_64.pl
$(PERLASM_SCHEME)
>
$@
aes-sparcv9.s
:
asm/aes-sparcv9.pl
$(PERL)
asm/aes-sparcv9.pl
$(CFLAGS)
>
$@
...
...
crypto/aes/asm/aesni-sha256-x86_64.pl
0 → 100644
浏览文件 @
8a97a330
此差异已折叠。
点击以展开。
crypto/evp/Makefile
浏览文件 @
8a97a330
...
...
@@ -29,7 +29,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c
\
evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c
\
e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c
\
e_aes_cbc_hmac_sha1.c e_rc4_hmac_md5.c
e_aes_cbc_hmac_sha1.c e_
aes_cbc_hmac_sha256.c e_
rc4_hmac_md5.c
LIBOBJ
=
encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o
\
e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o
\
...
...
@@ -42,7 +42,7 @@ LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o
\
evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o
\
e_old.o pmeth_lib.o pmeth_fn.o pmeth_gn.o m_sigver.o
\
e_aes_cbc_hmac_sha1.o e_rc4_hmac_md5.o
e_aes_cbc_hmac_sha1.o e_
aes_cbc_hmac_sha256.o e_
rc4_hmac_md5.o
SRC
=
$(LIBSRC)
...
...
crypto/evp/c_allc.c
浏览文件 @
8a97a330
...
...
@@ -202,6 +202,10 @@ void OpenSSL_add_all_ciphers(void)
EVP_add_cipher
(
EVP_aes_128_cbc_hmac_sha1
());
EVP_add_cipher
(
EVP_aes_256_cbc_hmac_sha1
());
#endif
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
EVP_add_cipher
(
EVP_aes_128_cbc_hmac_sha256
());
EVP_add_cipher
(
EVP_aes_256_cbc_hmac_sha256
());
#endif
#endif
#ifndef OPENSSL_NO_CAMELLIA
...
...
crypto/evp/e_aes_cbc_hmac_sha256.c
0 → 100644
浏览文件 @
8a97a330
/* ====================================================================
* Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <openssl/opensslconf.h>
#include <stdio.h>
#include <string.h>
#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA256)
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/aes.h>
#include <openssl/sha.h>
#ifndef EVP_CIPH_FLAG_AEAD_CIPHER
#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
#define EVP_CTRL_AEAD_TLS1_AAD 0x16
#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
#endif
#if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1)
#define EVP_CIPH_FLAG_DEFAULT_ASN1 0
#endif
#define TLS1_1_VERSION 0x0302
typedef
struct
{
AES_KEY
ks
;
SHA256_CTX
head
,
tail
,
md
;
size_t
payload_length
;
/* AAD length in decrypt case */
union
{
unsigned
int
tls_ver
;
unsigned
char
tls_aad
[
16
];
/* 13 used */
}
aux
;
}
EVP_AES_HMAC_SHA256
;
#define NO_PAYLOAD_LENGTH ((size_t)-1)
#if defined(AES_ASM) && ( \
defined(__x86_64) || defined(__x86_64__) || \
defined(_M_AMD64) || defined(_M_X64) || \
defined(__INTEL__) )
#if defined(__GNUC__) && __GNUC__>=2 && !defined(PEDANTIC)
# define BSWAP(x) ({ unsigned int r=(x); asm ("bswapl %0":"=r"(r):"0"(r)); r; })
#endif
extern
unsigned
int
OPENSSL_ia32cap_P
[
3
];
#define AESNI_AVX_CAPABLE (1<<(57-32)|1<<(60-32))
int
aesni_set_encrypt_key
(
const
unsigned
char
*
userKey
,
int
bits
,
AES_KEY
*
key
);
int
aesni_set_decrypt_key
(
const
unsigned
char
*
userKey
,
int
bits
,
AES_KEY
*
key
);
void
aesni_cbc_encrypt
(
const
unsigned
char
*
in
,
unsigned
char
*
out
,
size_t
length
,
const
AES_KEY
*
key
,
unsigned
char
*
ivec
,
int
enc
);
int
aesni_cbc_sha256_enc
(
const
void
*
inp
,
void
*
out
,
size_t
blocks
,
const
AES_KEY
*
key
,
unsigned
char
iv
[
16
],
SHA256_CTX
*
ctx
,
const
void
*
in0
);
#define data(ctx) ((EVP_AES_HMAC_SHA256 *)(ctx)->cipher_data)
static
int
aesni_cbc_hmac_sha256_init_key
(
EVP_CIPHER_CTX
*
ctx
,
const
unsigned
char
*
inkey
,
const
unsigned
char
*
iv
,
int
enc
)
{
EVP_AES_HMAC_SHA256
*
key
=
data
(
ctx
);
int
ret
;
if
(
enc
)
memset
(
&
key
->
ks
,
0
,
sizeof
(
key
->
ks
.
rd_key
)),
ret
=
aesni_set_encrypt_key
(
inkey
,
ctx
->
key_len
*
8
,
&
key
->
ks
);
else
ret
=
aesni_set_decrypt_key
(
inkey
,
ctx
->
key_len
*
8
,
&
key
->
ks
);
SHA256_Init
(
&
key
->
head
);
/* handy when benchmarking */
key
->
tail
=
key
->
head
;
key
->
md
=
key
->
head
;
key
->
payload_length
=
NO_PAYLOAD_LENGTH
;
return
ret
<
0
?
0
:
1
;
}
#define STITCHED_CALL
#if !defined(STITCHED_CALL)
#define aes_off 0
#endif
void
sha256_block_data_order
(
void
*
c
,
const
void
*
p
,
size_t
len
);
static
void
sha256_update
(
SHA256_CTX
*
c
,
const
void
*
data
,
size_t
len
)
{
const
unsigned
char
*
ptr
=
data
;
size_t
res
;
if
((
res
=
c
->
num
))
{
res
=
SHA256_CBLOCK
-
res
;
if
(
len
<
res
)
res
=
len
;
SHA256_Update
(
c
,
ptr
,
res
);
ptr
+=
res
;
len
-=
res
;
}
res
=
len
%
SHA256_CBLOCK
;
len
-=
res
;
if
(
len
)
{
sha256_block_data_order
(
c
,
ptr
,
len
/
SHA256_CBLOCK
);
ptr
+=
len
;
c
->
Nh
+=
len
>>
29
;
c
->
Nl
+=
len
<<=
3
;
if
(
c
->
Nl
<
(
unsigned
int
)
len
)
c
->
Nh
++
;
}
if
(
res
)
SHA256_Update
(
c
,
ptr
,
res
);
}
#ifdef SHA256_Update
#undef SHA256_Update
#endif
#define SHA256_Update sha256_update
static
int
aesni_cbc_hmac_sha256_cipher
(
EVP_CIPHER_CTX
*
ctx
,
unsigned
char
*
out
,
const
unsigned
char
*
in
,
size_t
len
)
{
EVP_AES_HMAC_SHA256
*
key
=
data
(
ctx
);
unsigned
int
l
;
size_t
plen
=
key
->
payload_length
,
iv
=
0
,
/* explicit IV in TLS 1.1 and later */
sha_off
=
0
;
#if defined(STITCHED_CALL)
size_t
aes_off
=
0
,
blocks
;
sha_off
=
SHA256_CBLOCK
-
key
->
md
.
num
;
#endif
key
->
payload_length
=
NO_PAYLOAD_LENGTH
;
if
(
len
%
AES_BLOCK_SIZE
)
return
0
;
if
(
ctx
->
encrypt
)
{
if
(
plen
==
NO_PAYLOAD_LENGTH
)
plen
=
len
;
else
if
(
len
!=
((
plen
+
SHA256_DIGEST_LENGTH
+
AES_BLOCK_SIZE
)
&-
AES_BLOCK_SIZE
))
return
0
;
else
if
(
key
->
aux
.
tls_ver
>=
TLS1_1_VERSION
)
iv
=
AES_BLOCK_SIZE
;
#if defined(STITCHED_CALL)
if
(
plen
>
(
sha_off
+
iv
)
&&
(
blocks
=
(
plen
-
(
sha_off
+
iv
))
/
SHA256_CBLOCK
))
{
SHA256_Update
(
&
key
->
md
,
in
+
iv
,
sha_off
);
(
void
)
aesni_cbc_sha256_enc
(
in
,
out
,
blocks
,
&
key
->
ks
,
ctx
->
iv
,
&
key
->
md
,
in
+
iv
+
sha_off
);
blocks
*=
SHA256_CBLOCK
;
aes_off
+=
blocks
;
sha_off
+=
blocks
;
key
->
md
.
Nh
+=
blocks
>>
29
;
key
->
md
.
Nl
+=
blocks
<<=
3
;
if
(
key
->
md
.
Nl
<
(
unsigned
int
)
blocks
)
key
->
md
.
Nh
++
;
}
else
{
sha_off
=
0
;
}
#endif
sha_off
+=
iv
;
SHA256_Update
(
&
key
->
md
,
in
+
sha_off
,
plen
-
sha_off
);
if
(
plen
!=
len
)
{
/* "TLS" mode of operation */
if
(
in
!=
out
)
memcpy
(
out
+
aes_off
,
in
+
aes_off
,
plen
-
aes_off
);
/* calculate HMAC and append it to payload */
SHA256_Final
(
out
+
plen
,
&
key
->
md
);
key
->
md
=
key
->
tail
;
SHA256_Update
(
&
key
->
md
,
out
+
plen
,
SHA256_DIGEST_LENGTH
);
SHA256_Final
(
out
+
plen
,
&
key
->
md
);
/* pad the payload|hmac */
plen
+=
SHA256_DIGEST_LENGTH
;
for
(
l
=
len
-
plen
-
1
;
plen
<
len
;
plen
++
)
out
[
plen
]
=
l
;
/* encrypt HMAC|padding at once */
aesni_cbc_encrypt
(
out
+
aes_off
,
out
+
aes_off
,
len
-
aes_off
,
&
key
->
ks
,
ctx
->
iv
,
1
);
}
else
{
aesni_cbc_encrypt
(
in
+
aes_off
,
out
+
aes_off
,
len
-
aes_off
,
&
key
->
ks
,
ctx
->
iv
,
1
);
}
}
else
{
union
{
unsigned
int
u
[
SHA256_DIGEST_LENGTH
/
sizeof
(
unsigned
int
)];
unsigned
char
c
[
64
+
SHA256_DIGEST_LENGTH
];
}
mac
,
*
pmac
;
/* arrange cache line alignment */
pmac
=
(
void
*
)(((
size_t
)
mac
.
c
+
63
)
&
((
size_t
)
0
-
64
));
/* decrypt HMAC|padding at once */
aesni_cbc_encrypt
(
in
,
out
,
len
,
&
key
->
ks
,
ctx
->
iv
,
0
);
if
(
plen
)
{
/* "TLS" mode of operation */
size_t
inp_len
,
mask
,
j
,
i
;
unsigned
int
res
,
maxpad
,
pad
,
bitlen
;
int
ret
=
1
;
union
{
unsigned
int
u
[
SHA_LBLOCK
];
unsigned
char
c
[
SHA256_CBLOCK
];
}
*
data
=
(
void
*
)
key
->
md
.
data
;
if
((
key
->
aux
.
tls_aad
[
plen
-
4
]
<<
8
|
key
->
aux
.
tls_aad
[
plen
-
3
])
>=
TLS1_1_VERSION
)
iv
=
AES_BLOCK_SIZE
;
if
(
len
<
(
iv
+
SHA256_DIGEST_LENGTH
+
1
))
return
0
;
/* omit explicit iv */
out
+=
iv
;
len
-=
iv
;
/* figure out payload length */
pad
=
out
[
len
-
1
];
maxpad
=
len
-
(
SHA256_DIGEST_LENGTH
+
1
);
maxpad
|=
(
255
-
maxpad
)
>>
(
sizeof
(
maxpad
)
*
8
-
8
);
maxpad
&=
255
;
inp_len
=
len
-
(
SHA256_DIGEST_LENGTH
+
pad
+
1
);
mask
=
(
0
-
((
inp_len
-
len
)
>>
(
sizeof
(
inp_len
)
*
8
-
1
)));
inp_len
&=
mask
;
ret
&=
(
int
)
mask
;
key
->
aux
.
tls_aad
[
plen
-
2
]
=
inp_len
>>
8
;
key
->
aux
.
tls_aad
[
plen
-
1
]
=
inp_len
;
/* calculate HMAC */
key
->
md
=
key
->
head
;
SHA256_Update
(
&
key
->
md
,
key
->
aux
.
tls_aad
,
plen
);
#if 1
len
-=
SHA256_DIGEST_LENGTH
;
/* amend mac */
if
(
len
>=
(
256
+
SHA256_CBLOCK
))
{
j
=
(
len
-
(
256
+
SHA256_CBLOCK
))
&
(
0
-
SHA256_CBLOCK
);
j
+=
SHA256_CBLOCK
-
key
->
md
.
num
;
SHA256_Update
(
&
key
->
md
,
out
,
j
);
out
+=
j
;
len
-=
j
;
inp_len
-=
j
;
}
/* but pretend as if we hashed padded payload */
bitlen
=
key
->
md
.
Nl
+
(
inp_len
<<
3
);
/* at most 18 bits */
#ifdef BSWAP
bitlen
=
BSWAP
(
bitlen
);
#else
mac
.
c
[
0
]
=
0
;
mac
.
c
[
1
]
=
(
unsigned
char
)(
bitlen
>>
16
);
mac
.
c
[
2
]
=
(
unsigned
char
)(
bitlen
>>
8
);
mac
.
c
[
3
]
=
(
unsigned
char
)
bitlen
;
bitlen
=
mac
.
u
[
0
];
#endif
pmac
->
u
[
0
]
=
0
;
pmac
->
u
[
1
]
=
0
;
pmac
->
u
[
2
]
=
0
;
pmac
->
u
[
3
]
=
0
;
pmac
->
u
[
4
]
=
0
;
pmac
->
u
[
5
]
=
0
;
pmac
->
u
[
6
]
=
0
;
pmac
->
u
[
7
]
=
0
;
for
(
res
=
key
->
md
.
num
,
j
=
0
;
j
<
len
;
j
++
)
{
size_t
c
=
out
[
j
];
mask
=
(
j
-
inp_len
)
>>
(
sizeof
(
j
)
*
8
-
8
);
c
&=
mask
;
c
|=
0x80
&~
mask
&~
((
inp_len
-
j
)
>>
(
sizeof
(
j
)
*
8
-
8
));
data
->
c
[
res
++
]
=
(
unsigned
char
)
c
;
if
(
res
!=
SHA256_CBLOCK
)
continue
;
/* j is not incremented yet */
mask
=
0
-
((
inp_len
+
7
-
j
)
>>
(
sizeof
(
j
)
*
8
-
1
));
data
->
u
[
SHA_LBLOCK
-
1
]
|=
bitlen
&
mask
;
sha256_block_data_order
(
&
key
->
md
,
data
,
1
);
mask
&=
0
-
((
j
-
inp_len
-
72
)
>>
(
sizeof
(
j
)
*
8
-
1
));
pmac
->
u
[
0
]
|=
key
->
md
.
h
[
0
]
&
mask
;
pmac
->
u
[
1
]
|=
key
->
md
.
h
[
1
]
&
mask
;
pmac
->
u
[
2
]
|=
key
->
md
.
h
[
2
]
&
mask
;
pmac
->
u
[
3
]
|=
key
->
md
.
h
[
3
]
&
mask
;
pmac
->
u
[
4
]
|=
key
->
md
.
h
[
4
]
&
mask
;
pmac
->
u
[
5
]
|=
key
->
md
.
h
[
5
]
&
mask
;
pmac
->
u
[
6
]
|=
key
->
md
.
h
[
6
]
&
mask
;
pmac
->
u
[
7
]
|=
key
->
md
.
h
[
7
]
&
mask
;
res
=
0
;
}
for
(
i
=
res
;
i
<
SHA256_CBLOCK
;
i
++
,
j
++
)
data
->
c
[
i
]
=
0
;
if
(
res
>
SHA256_CBLOCK
-
8
)
{
mask
=
0
-
((
inp_len
+
8
-
j
)
>>
(
sizeof
(
j
)
*
8
-
1
));
data
->
u
[
SHA_LBLOCK
-
1
]
|=
bitlen
&
mask
;
sha256_block_data_order
(
&
key
->
md
,
data
,
1
);
mask
&=
0
-
((
j
-
inp_len
-
73
)
>>
(
sizeof
(
j
)
*
8
-
1
));
pmac
->
u
[
0
]
|=
key
->
md
.
h
[
0
]
&
mask
;
pmac
->
u
[
1
]
|=
key
->
md
.
h
[
1
]
&
mask
;
pmac
->
u
[
2
]
|=
key
->
md
.
h
[
2
]
&
mask
;
pmac
->
u
[
3
]
|=
key
->
md
.
h
[
3
]
&
mask
;
pmac
->
u
[
4
]
|=
key
->
md
.
h
[
4
]
&
mask
;
pmac
->
u
[
5
]
|=
key
->
md
.
h
[
5
]
&
mask
;
pmac
->
u
[
6
]
|=
key
->
md
.
h
[
6
]
&
mask
;
pmac
->
u
[
7
]
|=
key
->
md
.
h
[
7
]
&
mask
;
memset
(
data
,
0
,
SHA256_CBLOCK
);
j
+=
64
;
}
data
->
u
[
SHA_LBLOCK
-
1
]
=
bitlen
;
sha256_block_data_order
(
&
key
->
md
,
data
,
1
);
mask
=
0
-
((
j
-
inp_len
-
73
)
>>
(
sizeof
(
j
)
*
8
-
1
));
pmac
->
u
[
0
]
|=
key
->
md
.
h
[
0
]
&
mask
;
pmac
->
u
[
1
]
|=
key
->
md
.
h
[
1
]
&
mask
;
pmac
->
u
[
2
]
|=
key
->
md
.
h
[
2
]
&
mask
;
pmac
->
u
[
3
]
|=
key
->
md
.
h
[
3
]
&
mask
;
pmac
->
u
[
4
]
|=
key
->
md
.
h
[
4
]
&
mask
;
pmac
->
u
[
5
]
|=
key
->
md
.
h
[
5
]
&
mask
;
pmac
->
u
[
6
]
|=
key
->
md
.
h
[
6
]
&
mask
;
pmac
->
u
[
7
]
|=
key
->
md
.
h
[
7
]
&
mask
;
#ifdef BSWAP
pmac
->
u
[
0
]
=
BSWAP
(
pmac
->
u
[
0
]);
pmac
->
u
[
1
]
=
BSWAP
(
pmac
->
u
[
1
]);
pmac
->
u
[
2
]
=
BSWAP
(
pmac
->
u
[
2
]);
pmac
->
u
[
3
]
=
BSWAP
(
pmac
->
u
[
3
]);
pmac
->
u
[
4
]
=
BSWAP
(
pmac
->
u
[
4
]);
pmac
->
u
[
5
]
=
BSWAP
(
pmac
->
u
[
5
]);
pmac
->
u
[
6
]
=
BSWAP
(
pmac
->
u
[
6
]);
pmac
->
u
[
7
]
=
BSWAP
(
pmac
->
u
[
7
]);
#else
for
(
i
=
0
;
i
<
8
;;
i
++
)
{
res
=
pmac
->
u
[
i
];
pmac
->
c
[
4
*
i
+
0
]
=
(
unsigned
char
)(
res
>>
24
);
pmac
->
c
[
4
*
i
+
1
]
=
(
unsigned
char
)(
res
>>
16
);
pmac
->
c
[
4
*
i
+
2
]
=
(
unsigned
char
)(
res
>>
8
);
pmac
->
c
[
4
*
i
+
3
]
=
(
unsigned
char
)
res
;
}
#endif
len
+=
SHA256_DIGEST_LENGTH
;
#else
SHA256_Update
(
&
key
->
md
,
out
,
inp_len
);
res
=
key
->
md
.
num
;
SHA256_Final
(
pmac
->
c
,
&
key
->
md
);
{
unsigned
int
inp_blocks
,
pad_blocks
;
/* but pretend as if we hashed padded payload */
inp_blocks
=
1
+
((
SHA256_CBLOCK
-
9
-
res
)
>>
(
sizeof
(
res
)
*
8
-
1
));
res
+=
(
unsigned
int
)(
len
-
inp_len
);
pad_blocks
=
res
/
SHA256_CBLOCK
;
res
%=
SHA256_CBLOCK
;
pad_blocks
+=
1
+
((
SHA256_CBLOCK
-
9
-
res
)
>>
(
sizeof
(
res
)
*
8
-
1
));
for
(;
inp_blocks
<
pad_blocks
;
inp_blocks
++
)
sha1_block_data_order
(
&
key
->
md
,
data
,
1
);
}
#endif
key
->
md
=
key
->
tail
;
SHA256_Update
(
&
key
->
md
,
pmac
->
c
,
SHA256_DIGEST_LENGTH
);
SHA256_Final
(
pmac
->
c
,
&
key
->
md
);
/* verify HMAC */
out
+=
inp_len
;
len
-=
inp_len
;
#if 1
{
unsigned
char
*
p
=
out
+
len
-
1
-
maxpad
-
SHA256_DIGEST_LENGTH
;
size_t
off
=
out
-
p
;
unsigned
int
c
,
cmask
;
maxpad
+=
SHA256_DIGEST_LENGTH
;
for
(
res
=
0
,
i
=
0
,
j
=
0
;
j
<
maxpad
;
j
++
)
{
c
=
p
[
j
];
cmask
=
((
int
)(
j
-
off
-
SHA256_DIGEST_LENGTH
))
>>
(
sizeof
(
int
)
*
8
-
1
);
res
|=
(
c
^
pad
)
&~
cmask
;
/* ... and padding */
cmask
&=
((
int
)(
off
-
1
-
j
))
>>
(
sizeof
(
int
)
*
8
-
1
);
res
|=
(
c
^
pmac
->
c
[
i
])
&
cmask
;
i
+=
1
&
cmask
;
}
maxpad
-=
SHA256_DIGEST_LENGTH
;
res
=
0
-
((
0
-
res
)
>>
(
sizeof
(
res
)
*
8
-
1
));
ret
&=
(
int
)
~
res
;
}
#else
for
(
res
=
0
,
i
=
0
;
i
<
SHA256_DIGEST_LENGTH
;
i
++
)
res
|=
out
[
i
]
^
pmac
->
c
[
i
];
res
=
0
-
((
0
-
res
)
>>
(
sizeof
(
res
)
*
8
-
1
));
ret
&=
(
int
)
~
res
;
/* verify padding */
pad
=
(
pad
&~
res
)
|
(
maxpad
&
res
);
out
=
out
+
len
-
1
-
pad
;
for
(
res
=
0
,
i
=
0
;
i
<
pad
;
i
++
)
res
|=
out
[
i
]
^
pad
;
res
=
(
0
-
res
)
>>
(
sizeof
(
res
)
*
8
-
1
);
ret
&=
(
int
)
~
res
;
#endif
return
ret
;
}
else
{
SHA256_Update
(
&
key
->
md
,
out
,
len
);
}
}
return
1
;
}
static
int
aesni_cbc_hmac_sha256_ctrl
(
EVP_CIPHER_CTX
*
ctx
,
int
type
,
int
arg
,
void
*
ptr
)
{
EVP_AES_HMAC_SHA256
*
key
=
data
(
ctx
);
switch
(
type
)
{
case
EVP_CTRL_AEAD_SET_MAC_KEY
:
{
unsigned
int
i
;
unsigned
char
hmac_key
[
64
];
memset
(
hmac_key
,
0
,
sizeof
(
hmac_key
));
if
(
arg
>
(
int
)
sizeof
(
hmac_key
))
{
SHA256_Init
(
&
key
->
head
);
SHA256_Update
(
&
key
->
head
,
ptr
,
arg
);
SHA256_Final
(
hmac_key
,
&
key
->
head
);
}
else
{
memcpy
(
hmac_key
,
ptr
,
arg
);
}
for
(
i
=
0
;
i
<
sizeof
(
hmac_key
);
i
++
)
hmac_key
[
i
]
^=
0x36
;
/* ipad */
SHA256_Init
(
&
key
->
head
);
SHA256_Update
(
&
key
->
head
,
hmac_key
,
sizeof
(
hmac_key
));
for
(
i
=
0
;
i
<
sizeof
(
hmac_key
);
i
++
)
hmac_key
[
i
]
^=
0x36
^
0x5c
;
/* opad */
SHA256_Init
(
&
key
->
tail
);
SHA256_Update
(
&
key
->
tail
,
hmac_key
,
sizeof
(
hmac_key
));
OPENSSL_cleanse
(
hmac_key
,
sizeof
(
hmac_key
));
return
1
;
}
case
EVP_CTRL_AEAD_TLS1_AAD
:
{
unsigned
char
*
p
=
ptr
;
unsigned
int
len
=
p
[
arg
-
2
]
<<
8
|
p
[
arg
-
1
];
if
(
ctx
->
encrypt
)
{
key
->
payload_length
=
len
;
if
((
key
->
aux
.
tls_ver
=
p
[
arg
-
4
]
<<
8
|
p
[
arg
-
3
])
>=
TLS1_1_VERSION
)
{
len
-=
AES_BLOCK_SIZE
;
p
[
arg
-
2
]
=
len
>>
8
;
p
[
arg
-
1
]
=
len
;
}
key
->
md
=
key
->
head
;
SHA256_Update
(
&
key
->
md
,
p
,
arg
);
return
(
int
)(((
len
+
SHA256_DIGEST_LENGTH
+
AES_BLOCK_SIZE
)
&-
AES_BLOCK_SIZE
)
-
len
);
}
else
{
if
(
arg
>
13
)
arg
=
13
;
memcpy
(
key
->
aux
.
tls_aad
,
ptr
,
arg
);
key
->
payload_length
=
arg
;
return
SHA256_DIGEST_LENGTH
;
}
}
default:
return
-
1
;
}
}
static
EVP_CIPHER
aesni_128_cbc_hmac_sha256_cipher
=
{
#ifdef NID_aes_128_cbc_hmac_sha256
NID_aes_128_cbc_hmac_sha256
,
#else
NID_undef
,
#endif
16
,
16
,
16
,
EVP_CIPH_CBC_MODE
|
EVP_CIPH_FLAG_DEFAULT_ASN1
|
EVP_CIPH_FLAG_AEAD_CIPHER
,
aesni_cbc_hmac_sha256_init_key
,
aesni_cbc_hmac_sha256_cipher
,
NULL
,
sizeof
(
EVP_AES_HMAC_SHA256
),
EVP_CIPH_FLAG_DEFAULT_ASN1
?
NULL
:
EVP_CIPHER_set_asn1_iv
,
EVP_CIPH_FLAG_DEFAULT_ASN1
?
NULL
:
EVP_CIPHER_get_asn1_iv
,
aesni_cbc_hmac_sha256_ctrl
,
NULL
};
static
EVP_CIPHER
aesni_256_cbc_hmac_sha256_cipher
=
{
#ifdef NID_aes_256_cbc_hmac_sha256
NID_aes_256_cbc_hmac_sha256
,
#else
NID_undef
,
#endif
16
,
32
,
16
,
EVP_CIPH_CBC_MODE
|
EVP_CIPH_FLAG_DEFAULT_ASN1
|
EVP_CIPH_FLAG_AEAD_CIPHER
,
aesni_cbc_hmac_sha256_init_key
,
aesni_cbc_hmac_sha256_cipher
,
NULL
,
sizeof
(
EVP_AES_HMAC_SHA256
),
EVP_CIPH_FLAG_DEFAULT_ASN1
?
NULL
:
EVP_CIPHER_set_asn1_iv
,
EVP_CIPH_FLAG_DEFAULT_ASN1
?
NULL
:
EVP_CIPHER_get_asn1_iv
,
aesni_cbc_hmac_sha256_ctrl
,
NULL
};
const
EVP_CIPHER
*
EVP_aes_128_cbc_hmac_sha256
(
void
)
{
return
((
OPENSSL_ia32cap_P
[
1
]
&
AESNI_AVX_CAPABLE
)
==
AESNI_AVX_CAPABLE
&&
aesni_cbc_sha256_enc
(
NULL
,
NULL
,
0
,
NULL
,
NULL
,
NULL
,
NULL
)
?
&
aesni_128_cbc_hmac_sha256_cipher
:
NULL
);
}
const
EVP_CIPHER
*
EVP_aes_256_cbc_hmac_sha256
(
void
)
{
return
((
OPENSSL_ia32cap_P
[
1
]
&
AESNI_AVX_CAPABLE
)
==
AESNI_AVX_CAPABLE
&&
aesni_cbc_sha256_enc
(
NULL
,
NULL
,
0
,
NULL
,
NULL
,
NULL
,
NULL
)
?
&
aesni_256_cbc_hmac_sha256_cipher
:
NULL
);
}
#else
const
EVP_CIPHER
*
EVP_aes_128_cbc_hmac_sha256
(
void
)
{
return
NULL
;
}
const
EVP_CIPHER
*
EVP_aes_256_cbc_hmac_sha256
(
void
)
{
return
NULL
;
}
#endif
#endif
crypto/objects/obj_dat.h
浏览文件 @
8a97a330
...
...
@@ -62,9 +62,9 @@
* [including the GNU Public Licence.]
*/
#define NUM_NID 93
5
#define NUM_SN 9
28
#define NUM_LN 9
28
#define NUM_NID 93
8
#define NUM_SN 9
31
#define NUM_LN 9
31
#define NUM_OBJ 872
static
const
unsigned
char
lvalues
[
6113
]
=
{
...
...
@@ -2450,12 +2450,19 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
&
(
lvalues
[
6094
]),
0
},
{
"brainpoolP512t1"
,
"brainpoolP512t1"
,
NID_brainpoolP512t1
,
9
,
&
(
lvalues
[
6103
]),
0
},
{
"AES-128-CBC-HMAC-SHA256"
,
"aes-128-cbc-hmac-sha256"
,
NID_aes_128_cbc_hmac_sha256
,
0
,
NULL
,
0
},
{
"AES-192-CBC-HMAC-SHA256"
,
"aes-192-cbc-hmac-sha256"
,
NID_aes_192_cbc_hmac_sha256
,
0
,
NULL
,
0
},
{
"AES-256-CBC-HMAC-SHA256"
,
"aes-256-cbc-hmac-sha256"
,
NID_aes_256_cbc_hmac_sha256
,
0
,
NULL
,
0
},
};
static
const
unsigned
int
sn_objs
[
NUM_SN
]
=
{
364
,
/* "AD_DVCS" */
419
,
/* "AES-128-CBC" */
916
,
/* "AES-128-CBC-HMAC-SHA1" */
935
,
/* "AES-128-CBC-HMAC-SHA256" */
421
,
/* "AES-128-CFB" */
650
,
/* "AES-128-CFB1" */
653
,
/* "AES-128-CFB8" */
...
...
@@ -2465,6 +2472,7 @@ static const unsigned int sn_objs[NUM_SN]={
913
,
/* "AES-128-XTS" */
423
,
/* "AES-192-CBC" */
917
,
/* "AES-192-CBC-HMAC-SHA1" */
936
,
/* "AES-192-CBC-HMAC-SHA256" */
425
,
/* "AES-192-CFB" */
651
,
/* "AES-192-CFB1" */
654
,
/* "AES-192-CFB8" */
...
...
@@ -2473,6 +2481,7 @@ static const unsigned int sn_objs[NUM_SN]={
424
,
/* "AES-192-OFB" */
427
,
/* "AES-256-CBC" */
918
,
/* "AES-256-CBC-HMAC-SHA1" */
937
,
/* "AES-256-CBC-HMAC-SHA256" */
429
,
/* "AES-256-CFB" */
652
,
/* "AES-256-CFB1" */
655
,
/* "AES-256-CFB8" */
...
...
@@ -3530,6 +3539,7 @@ static const unsigned int ln_objs[NUM_LN]={
606
,
/* "additional verification" */
419
,
/* "aes-128-cbc" */
916
,
/* "aes-128-cbc-hmac-sha1" */
935
,
/* "aes-128-cbc-hmac-sha256" */
896
,
/* "aes-128-ccm" */
421
,
/* "aes-128-cfb" */
650
,
/* "aes-128-cfb1" */
...
...
@@ -3541,6 +3551,7 @@ static const unsigned int ln_objs[NUM_LN]={
913
,
/* "aes-128-xts" */
423
,
/* "aes-192-cbc" */
917
,
/* "aes-192-cbc-hmac-sha1" */
936
,
/* "aes-192-cbc-hmac-sha256" */
899
,
/* "aes-192-ccm" */
425
,
/* "aes-192-cfb" */
651
,
/* "aes-192-cfb1" */
...
...
@@ -3551,6 +3562,7 @@ static const unsigned int ln_objs[NUM_LN]={
424
,
/* "aes-192-ofb" */
427
,
/* "aes-256-cbc" */
918
,
/* "aes-256-cbc-hmac-sha1" */
937
,
/* "aes-256-cbc-hmac-sha256" */
902
,
/* "aes-256-ccm" */
429
,
/* "aes-256-cfb" */
652
,
/* "aes-256-cfb1" */
...
...
crypto/objects/obj_mac.h
浏览文件 @
8a97a330
...
...
@@ -4030,6 +4030,18 @@
#define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1"
#define NID_aes_256_cbc_hmac_sha1 918
#define SN_aes_128_cbc_hmac_sha256 "AES-128-CBC-HMAC-SHA256"
#define LN_aes_128_cbc_hmac_sha256 "aes-128-cbc-hmac-sha256"
#define NID_aes_128_cbc_hmac_sha256 935
#define SN_aes_192_cbc_hmac_sha256 "AES-192-CBC-HMAC-SHA256"
#define LN_aes_192_cbc_hmac_sha256 "aes-192-cbc-hmac-sha256"
#define NID_aes_192_cbc_hmac_sha256 936
#define SN_aes_256_cbc_hmac_sha256 "AES-256-CBC-HMAC-SHA256"
#define LN_aes_256_cbc_hmac_sha256 "aes-256-cbc-hmac-sha256"
#define NID_aes_256_cbc_hmac_sha256 937
#define SN_dhpublicnumber "dhpublicnumber"
#define LN_dhpublicnumber "X9.42 DH"
#define NID_dhpublicnumber 920
...
...
crypto/objects/obj_mac.num
浏览文件 @
8a97a330
...
...
@@ -932,3 +932,6 @@ brainpoolP384r1 931
brainpoolP384t1 932
brainpoolP512r1 933
brainpoolP512t1 934
aes_128_cbc_hmac_sha256 935
aes_192_cbc_hmac_sha256 936
aes_256_cbc_hmac_sha256 937
crypto/objects/objects.txt
浏览文件 @
8a97a330
...
...
@@ -1290,6 +1290,9 @@ kisa 1 6 : SEED-OFB : seed-ofb
: AES-128-CBC-HMAC-SHA1 : aes-128-cbc-hmac-sha1
: AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1
: AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1
: AES-128-CBC-HMAC-SHA256 : aes-128-cbc-hmac-sha256
: AES-192-CBC-HMAC-SHA256 : aes-192-cbc-hmac-sha256
: AES-256-CBC-HMAC-SHA256 : aes-256-cbc-hmac-sha256
ISO-US 10046 2 1 : dhpublicnumber : X9.42 DH
...
...
ssl/ssl_algs.c
浏览文件 @
8a97a330
...
...
@@ -94,7 +94,10 @@ int SSL_library_init(void)
EVP_add_cipher
(
EVP_aes_128_cbc_hmac_sha1
());
EVP_add_cipher
(
EVP_aes_256_cbc_hmac_sha1
());
#endif
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
EVP_add_cipher
(
EVP_aes_128_cbc_hmac_sha256
());
EVP_add_cipher
(
EVP_aes_256_cbc_hmac_sha256
());
#endif
#endif
#ifndef OPENSSL_NO_CAMELLIA
EVP_add_cipher
(
EVP_camellia_128_cbc
());
...
...
ssl/ssl_ciph.c
浏览文件 @
8a97a330
...
...
@@ -638,6 +638,14 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
c
->
algorithm_mac
==
SSL_SHA1
&&
(
evp
=
EVP_get_cipherbyname
(
"AES-256-CBC-HMAC-SHA1"
)))
*
enc
=
evp
,
*
md
=
NULL
;
else
if
(
c
->
algorithm_enc
==
SSL_AES128
&&
c
->
algorithm_mac
==
SSL_SHA256
&&
(
evp
=
EVP_get_cipherbyname
(
"AES-128-CBC-HMAC-SHA256"
)))
*
enc
=
evp
,
*
md
=
NULL
;
else
if
(
c
->
algorithm_enc
==
SSL_AES256
&&
c
->
algorithm_mac
==
SSL_SHA256
&&
(
evp
=
EVP_get_cipherbyname
(
"AES-256-CBC-HMAC-SHA256"
)))
*
enc
=
evp
,
*
md
=
NULL
;
return
(
1
);
}
else
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录