From 3feb63054a981528e77a4a8f58a822c8dff4f4c5 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Sun, 7 Dec 2014 23:53:22 +0000 Subject: [PATCH] Added OPENSSL_NO_OCB guards Reviewed-by: Tim Hudson --- crypto/evp/c_allc.c | 6 ++++++ crypto/evp/e_aes.c | 12 ++++++++---- crypto/evp/evp.h | 6 ++++++ crypto/evp/evp_test.c | 4 ++++ crypto/modes/modes.h | 2 ++ crypto/modes/modes_lcl.h | 7 +++++-- crypto/modes/ocb128.c | 4 ++++ 7 files changed, 35 insertions(+), 6 deletions(-) diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index 29207d2b03..b95e7810c2 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -172,7 +172,9 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher(EVP_aes_128_ofb()); EVP_add_cipher(EVP_aes_128_ctr()); EVP_add_cipher(EVP_aes_128_gcm()); +#ifndef OPENSSL_NO_OCB EVP_add_cipher(EVP_aes_128_ocb()); +#endif EVP_add_cipher(EVP_aes_128_xts()); EVP_add_cipher(EVP_aes_128_ccm()); EVP_add_cipher(EVP_aes_128_wrap()); @@ -187,7 +189,9 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher(EVP_aes_192_ofb()); EVP_add_cipher(EVP_aes_192_ctr()); EVP_add_cipher(EVP_aes_192_gcm()); +#ifndef OPENSSL_NO_OCB EVP_add_cipher(EVP_aes_192_ocb()); +#endif EVP_add_cipher(EVP_aes_192_ccm()); EVP_add_cipher(EVP_aes_192_wrap()); EVP_add_cipher(EVP_aes_192_wrap_pad()); @@ -201,7 +205,9 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher(EVP_aes_256_ofb()); EVP_add_cipher(EVP_aes_256_ctr()); EVP_add_cipher(EVP_aes_256_gcm()); +#ifndef OPENSSL_NO_OCB EVP_add_cipher(EVP_aes_256_ocb()); +#endif EVP_add_cipher(EVP_aes_256_xts()); EVP_add_cipher(EVP_aes_256_ccm()); EVP_add_cipher(EVP_aes_256_wrap()); diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index ae1a2b961c..2222188849 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -107,7 +107,7 @@ typedef struct ccm128_f str; } EVP_AES_CCM_CTX; - +#ifndef OPENSSL_NO_OCB typedef struct { AES_KEY ksenc; /* AES key schedule to use for encryption */ @@ -124,6 +124,7 @@ typedef struct int ivlen; /* IV length */ int taglen; } EVP_AES_OCB_CTX; +#endif #define MAXBITCHUNK ((size_t)1<<(sizeof(size_t)*8-4)) @@ -469,6 +470,7 @@ static int aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, static int aesni_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); +#ifndef OPENSSL_NO_OCB static int aesni_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { @@ -519,7 +521,7 @@ static int aesni_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, #define aesni_ocb_cipher aes_ocb_cipher static int aesni_ocb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); - +#endif /* OPENSSL_NO_OCB */ #define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \ static const EVP_CIPHER aesni_##keylen##_##mode = { \ @@ -907,7 +909,7 @@ static int aes_t4_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, static int aes_t4_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); - +#ifndef OPENSSL_NO_OCB static int aes_t4_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { @@ -958,7 +960,7 @@ static int aes_t4_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, #define aes_t4_ocb_cipher aes_ocb_cipher static int aes_t4_ocb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); - +#endif /* OPENSSL_NO_OCB */ #define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \ static const EVP_CIPHER aes_t4_##keylen##_##mode = { \ @@ -2361,6 +2363,7 @@ const EVP_CIPHER *EVP_aes_256_wrap_pad(void) return &aes_256_wrap_pad; } +#ifndef OPENSSL_NO_OCB static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) { EVP_AES_OCB_CTX *octx = c->cipher_data; @@ -2645,5 +2648,6 @@ static int aes_ocb_cleanup(EVP_CIPHER_CTX *c) BLOCK_CIPHER_custom(NID_aes,128,16,12,ocb,OCB,CUSTOM_FLAGS) BLOCK_CIPHER_custom(NID_aes,192,16,12,ocb,OCB,CUSTOM_FLAGS) BLOCK_CIPHER_custom(NID_aes,256,16,12,ocb,OCB,CUSTOM_FLAGS) +#endif /* OPENSSL_NO_OCB */ #endif diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 544e05d4d5..757b7968da 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -857,7 +857,9 @@ const EVP_CIPHER *EVP_aes_128_gcm(void); const EVP_CIPHER *EVP_aes_128_xts(void); const EVP_CIPHER *EVP_aes_128_wrap(void); const EVP_CIPHER *EVP_aes_128_wrap_pad(void); +#ifndef OPENSSL_NO_OCB const EVP_CIPHER *EVP_aes_128_ocb(void); +#endif const EVP_CIPHER *EVP_aes_192_ecb(void); const EVP_CIPHER *EVP_aes_192_cbc(void); const EVP_CIPHER *EVP_aes_192_cfb1(void); @@ -870,7 +872,9 @@ const EVP_CIPHER *EVP_aes_192_ccm(void); const EVP_CIPHER *EVP_aes_192_gcm(void); const EVP_CIPHER *EVP_aes_192_wrap(void); const EVP_CIPHER *EVP_aes_192_wrap_pad(void); +#ifndef OPENSSL_NO_OCB const EVP_CIPHER *EVP_aes_192_ocb(void); +#endif const EVP_CIPHER *EVP_aes_256_ecb(void); const EVP_CIPHER *EVP_aes_256_cbc(void); const EVP_CIPHER *EVP_aes_256_cfb1(void); @@ -884,7 +888,9 @@ const EVP_CIPHER *EVP_aes_256_gcm(void); const EVP_CIPHER *EVP_aes_256_xts(void); const EVP_CIPHER *EVP_aes_256_wrap(void); const EVP_CIPHER *EVP_aes_256_wrap_pad(void); +#ifndef OPENSSL_NO_OCB const EVP_CIPHER *EVP_aes_256_ocb(void); +#endif # if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void); const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void); diff --git a/crypto/evp/evp_test.c b/crypto/evp/evp_test.c index a12f912470..2b70c59417 100644 --- a/crypto/evp/evp_test.c +++ b/crypto/evp/evp_test.c @@ -462,6 +462,10 @@ static int test_cipher(const char *cipher,const unsigned char *key,int kn, { const EVP_CIPHER *c; +#ifdef OPENSSL_NO_OCB + if(strstr(cipher, "ocb") != NULL) + return 1; +#endif c=EVP_get_cipherbyname(cipher); if(!c) return 0; diff --git a/crypto/modes/modes.h b/crypto/modes/modes.h index e1ebd45a36..3fb1b4b58b 100644 --- a/crypto/modes/modes.h +++ b/crypto/modes/modes.h @@ -152,6 +152,7 @@ size_t CRYPTO_128_unwrap_pad(void *key, const unsigned char *icv, unsigned char *out, const unsigned char *in, size_t inlen, block128_f block); +#ifndef OPENSSL_NO_OCB typedef struct ocb128_context OCB128_CONTEXT; OCB128_CONTEXT *CRYPTO_ocb128_new(void *keyenc, void *keydec, block128_f encrypt, block128_f decrypt); @@ -172,6 +173,7 @@ int CRYPTO_ocb128_finish(OCB128_CONTEXT *ctx,const unsigned char *tag, size_t len); int CRYPTO_ocb128_tag(OCB128_CONTEXT *ctx, unsigned char *tag, size_t len); void CRYPTO_ocb128_cleanup(OCB128_CONTEXT *ctx); +#endif /* OPENSSL_NO_ECB */ #ifdef __cplusplus } diff --git a/crypto/modes/modes_lcl.h b/crypto/modes/modes_lcl.h index 181382510d..1d8315554d 100644 --- a/crypto/modes/modes_lcl.h +++ b/crypto/modes/modes_lcl.h @@ -136,20 +136,22 @@ struct ccm128_context { void *key; }; +#ifndef OPENSSL_NO_OCB + #ifdef STRICT_ALIGNMENT typedef struct { unsigned char a[16]; } OCB_BLOCK; # define ocb_block16_xor(in1,in2,out) \ ocb_block_xor((in1)->a,(in2)->a,16,(out)->a) -#else +#else /* STRICT_ALIGNMENT */ typedef struct { u64 a; u64 b; } OCB_BLOCK; # define ocb_block16_xor(in1,in2,out) \ (out)->a=(in1)->a^(in2)->a; (out)->b=(in1)->b^(in2)->b; -#endif +#endif /* STRICT_ALIGNMENT */ struct ocb128_context { /* Need both encrypt and decrypt key schedules for decryption */ @@ -175,3 +177,4 @@ struct ocb128_context { OCB_BLOCK checksum; }; +#endif /* OPENSSL_NO_OCB */ diff --git a/crypto/modes/ocb128.c b/crypto/modes/ocb128.c index eca12d7152..ef8b2f4b66 100644 --- a/crypto/modes/ocb128.c +++ b/crypto/modes/ocb128.c @@ -51,6 +51,8 @@ #include #include "modes_lcl.h" +#ifndef OPENSSL_NO_OCB + union ublock { unsigned char *chrblk; OCB_BLOCK *ocbblk; @@ -585,3 +587,5 @@ void CRYPTO_ocb128_cleanup(OCB128_CONTEXT * ctx) OPENSSL_cleanse(ctx, sizeof(*ctx)); } } + +#endif /* OPENSSL_NO_OCB */ -- 2.34.1