#include <stdio.h>
#include <string.h>
-#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1)
+#if !defined(OPENSSL_NO_AES)
# include <openssl/evp.h>
# include <openssl/objects.h>
# include <openssl/sha.h>
# include <openssl/rand.h>
# include "modes_lcl.h"
+# include "internal/evp_int.h"
# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
defined(_M_AMD64) || defined(_M_X64) || \
defined(__INTEL__) )
-extern unsigned int OPENSSL_ia32cap_P[3];
+extern unsigned int OPENSSL_ia32cap_P[];
# define AESNI_CAPABLE (1<<(57-32))
int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
const AES_KEY *key, unsigned char iv[16],
SHA_CTX *ctx, const void *in0);
-# define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data)
+# define data(ctx) ((EVP_AES_HMAC_SHA1 *)EVP_CIPHER_CTX_get_cipher_data(ctx))
static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx,
const unsigned char *inkey,
int ret;
if (enc)
- ret = aesni_set_encrypt_key(inkey, ctx->key_len * 8, &key->ks);
+ ret = aesni_set_encrypt_key(inkey,
+ EVP_CIPHER_CTX_key_length(ctx) * 8,
+ &key->ks);
else
- ret = aesni_set_decrypt_key(inkey, ctx->key_len * 8, &key->ks);
+ ret = aesni_set_decrypt_key(inkey,
+ EVP_CIPHER_CTX_key_length(ctx) * 8,
+ &key->ks);
SHA1_Init(&key->head); /* handy when benchmarking */
key->tail = key->head;
if (len % AES_BLOCK_SIZE)
return 0;
- if (ctx->encrypt) {
+ if (EVP_CIPHER_CTX_encrypting(ctx)) {
if (plen == NO_PAYLOAD_LENGTH)
plen = len;
else if (len !=
SHA1_Update(&key->md, in + iv, sha_off);
aesni_cbc_sha1_enc(in, out, blocks, &key->ks,
- ctx->iv, &key->md, in + iv + sha_off);
+ EVP_CIPHER_CTX_iv_noconst(ctx),
+ &key->md, in + iv + sha_off);
blocks *= SHA_CBLOCK;
aes_off += blocks;
sha_off += blocks;
out[plen] = l;
/* encrypt HMAC|padding at once */
aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off,
- &key->ks, ctx->iv, 1);
+ &key->ks, EVP_CIPHER_CTX_iv_noconst(ctx), 1);
} else {
aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off,
- &key->ks, ctx->iv, 1);
+ &key->ks, EVP_CIPHER_CTX_iv_noconst(ctx), 1);
}
} else {
union {
return 0;
/* omit explicit iv */
- memcpy(ctx->iv, in, AES_BLOCK_SIZE);
+ memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), in, AES_BLOCK_SIZE);
+
in += AES_BLOCK_SIZE;
out += AES_BLOCK_SIZE;
len -= AES_BLOCK_SIZE;
} else
# endif
/* decrypt HMAC|padding at once */
- aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0);
+ aesni_cbc_encrypt(in, out, len, &key->ks,
+ EVP_CIPHER_CTX_iv_noconst(ctx), 0);
/* figure out payload length */
pad = out[len - 1];
} else
# endif
/* decrypt HMAC|padding at once */
- aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0);
+ aesni_cbc_encrypt(in, out, len, &key->ks,
+ EVP_CIPHER_CTX_iv_noconst(ctx), 0);
SHA1_Update(&key->md, out, len);
}
case EVP_CTRL_AEAD_TLS1_AAD:
{
unsigned char *p = ptr;
- unsigned int len = p[arg - 2] << 8 | p[arg - 1];
+ unsigned int len;
+
+ if (arg != EVP_AEAD_TLS1_AAD_LEN)
+ return -1;
+
+ len = p[arg - 2] << 8 | p[arg - 1];
- if (ctx->encrypt) {
+ if (EVP_CIPHER_CTX_encrypting(ctx)) {
key->payload_length = len;
if ((key->aux.tls_ver =
p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)
- len);
} else {
- if (arg > 13)
- arg = 13;
memcpy(key->aux.tls_aad, ptr, arg);
key->payload_length = arg;
inp_len = param->inp[11] << 8 | param->inp[12];
- if (ctx->encrypt) {
+ if (EVP_CIPHER_CTX_encrypting(ctx)) {
if ((param->inp[9] << 8 | param->inp[10]) < TLS1_1_VERSION)
return -1;
# else
NID_undef,
# endif
- 16, 16, 16,
+ AES_BLOCK_SIZE, 16, AES_BLOCK_SIZE,
EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK,
aesni_cbc_hmac_sha1_init_key,
# else
NID_undef,
# endif
- 16, 32, 16,
+ AES_BLOCK_SIZE, 32, AES_BLOCK_SIZE,
EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK,
aesni_cbc_hmac_sha1_init_key,