X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=engines%2Fe_padlock.c;h=af5ac24a21da8c49c718e7fc934552ef88aa0abf;hp=daf8c94ceb5e044684a3d3c4b199138ba4c4b5a4;hb=33388b44b67145af2181b1e9528c381c8ea0d1b6;hpb=ab3fa1c0ad5f01c8c86495227efb61c20c7972fa diff --git a/engines/e_padlock.c b/engines/e_padlock.c index daf8c94ceb..af5ac24a21 100644 --- a/engines/e_padlock.c +++ b/engines/e_padlock.c @@ -1,5 +1,5 @@ /* - * Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2004-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * This file uses the low level AES functions (which are deprecated for + * non-internal use) in order to implement the padlock engine AES ciphers. + */ +#define OPENSSL_SUPPRESS_DEPRECATED + #include #include @@ -19,40 +25,39 @@ #include #include -#ifndef OPENSSL_NO_HW -# ifndef OPENSSL_NO_HW_PADLOCK +#ifndef OPENSSL_NO_PADLOCKENG /* * VIA PadLock AES is available *ONLY* on some x86 CPUs. Not only that it * doesn't exist elsewhere, but it even can't be compiled on other platforms! */ -# undef COMPILE_HW_PADLOCK -# if !defined(I386_ONLY) && defined(PADLOCK_ASM) -# define COMPILE_HW_PADLOCK -# ifdef OPENSSL_NO_DYNAMIC_ENGINE +# undef COMPILE_PADLOCKENG +# if defined(PADLOCK_ASM) +# define COMPILE_PADLOCKENG +# ifdef OPENSSL_NO_DYNAMIC_ENGINE static ENGINE *ENGINE_padlock(void); -# endif # endif +# endif -# ifdef OPENSSL_NO_DYNAMIC_ENGINE +# ifdef OPENSSL_NO_DYNAMIC_ENGINE void engine_load_padlock_int(void); void engine_load_padlock_int(void) { /* On non-x86 CPUs it just returns. */ -# ifdef COMPILE_HW_PADLOCK +# ifdef COMPILE_PADLOCKENG ENGINE *toadd = ENGINE_padlock(); if (!toadd) return; ENGINE_add(toadd); ENGINE_free(toadd); ERR_clear_error(); -# endif +# endif } -# endif +# endif -# ifdef COMPILE_HW_PADLOCK +# ifdef COMPILE_PADLOCKENG /* Function for ENGINE detection and control */ static int padlock_available(void); @@ -106,7 +111,7 @@ static int padlock_bind_helper(ENGINE *e) return 1; } -# ifdef OPENSSL_NO_DYNAMIC_ENGINE +# ifdef OPENSSL_NO_DYNAMIC_ENGINE /* Constructor */ static ENGINE *ENGINE_padlock(void) { @@ -123,7 +128,7 @@ static ENGINE *ENGINE_padlock(void) return eng; } -# endif +# endif /* Check availability of the engine */ static int padlock_init(ENGINE *e) @@ -135,7 +140,7 @@ static int padlock_init(ENGINE *e) * This stuff is needed if this ENGINE is being compiled into a * self-contained shared-library. */ -# ifdef DYNAMIC_ENGINE +# ifndef OPENSSL_NO_DYNAMIC_ENGINE static int padlock_bind_fn(ENGINE *e, const char *id) { if (id && (strcmp(id, padlock_id) != 0)) { @@ -151,14 +156,14 @@ static int padlock_bind_fn(ENGINE *e, const char *id) IMPLEMENT_DYNAMIC_CHECK_FN() IMPLEMENT_DYNAMIC_BIND_FN(padlock_bind_fn) -# endif /* DYNAMIC_ENGINE */ +# endif /* !OPENSSL_NO_DYNAMIC_ENGINE */ /* ===== Here comes the "real" engine ===== */ /* Some AES-related constants */ -# define AES_BLOCK_SIZE 16 -# define AES_KEY_SIZE_128 16 -# define AES_KEY_SIZE_192 24 -# define AES_KEY_SIZE_256 32 +# define AES_BLOCK_SIZE 16 +# define AES_KEY_SIZE_128 16 +# define AES_KEY_SIZE_192 24 +# define AES_KEY_SIZE_256 32 /* * Here we store the status information relevant to the current context. */ @@ -224,29 +229,29 @@ static int padlock_available(void) /* ===== AES encryption/decryption ===== */ -# if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb) -# define NID_aes_128_cfb NID_aes_128_cfb128 -# endif +# if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb) +# define NID_aes_128_cfb NID_aes_128_cfb128 +# endif -# if defined(NID_aes_128_ofb128) && ! defined (NID_aes_128_ofb) -# define NID_aes_128_ofb NID_aes_128_ofb128 -# endif +# if defined(NID_aes_128_ofb128) && ! defined (NID_aes_128_ofb) +# define NID_aes_128_ofb NID_aes_128_ofb128 +# endif -# if defined(NID_aes_192_cfb128) && ! defined (NID_aes_192_cfb) -# define NID_aes_192_cfb NID_aes_192_cfb128 -# endif +# if defined(NID_aes_192_cfb128) && ! defined (NID_aes_192_cfb) +# define NID_aes_192_cfb NID_aes_192_cfb128 +# endif -# if defined(NID_aes_192_ofb128) && ! defined (NID_aes_192_ofb) -# define NID_aes_192_ofb NID_aes_192_ofb128 -# endif +# if defined(NID_aes_192_ofb128) && ! defined (NID_aes_192_ofb) +# define NID_aes_192_ofb NID_aes_192_ofb128 +# endif -# if defined(NID_aes_256_cfb128) && ! defined (NID_aes_256_cfb) -# define NID_aes_256_cfb NID_aes_256_cfb128 -# endif +# if defined(NID_aes_256_cfb128) && ! defined (NID_aes_256_cfb) +# define NID_aes_256_cfb NID_aes_256_cfb128 +# endif -# if defined(NID_aes_256_ofb128) && ! defined (NID_aes_256_ofb) -# define NID_aes_256_ofb NID_aes_256_ofb128 -# endif +# if defined(NID_aes_256_ofb128) && ! defined (NID_aes_256_ofb) +# define NID_aes_256_ofb NID_aes_256_ofb128 +# endif /* List of supported ciphers. */ static const int padlock_cipher_nids[] = { @@ -276,9 +281,9 @@ static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids) / static int padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc); -# define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) + \ +# define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) + \ ( (0x10 - ((size_t)(ptr) & 0x0F)) & 0x0F ) ) -# define ALIGNED_CIPHER_DATA(ctx) ((struct padlock_cipher_data *)\ +# define ALIGNED_CIPHER_DATA(ctx) ((struct padlock_cipher_data *)\ NEAREST_ALIGNED(EVP_CIPHER_CTX_get_cipher_data(ctx))) static int @@ -453,17 +458,17 @@ padlock_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, return 1; } -# define EVP_CIPHER_block_size_ECB AES_BLOCK_SIZE -# define EVP_CIPHER_block_size_CBC AES_BLOCK_SIZE -# define EVP_CIPHER_block_size_OFB 1 -# define EVP_CIPHER_block_size_CFB 1 -# define EVP_CIPHER_block_size_CTR 1 +# define EVP_CIPHER_block_size_ECB AES_BLOCK_SIZE +# define EVP_CIPHER_block_size_CBC AES_BLOCK_SIZE +# define EVP_CIPHER_block_size_OFB 1 +# define EVP_CIPHER_block_size_CFB 1 +# define EVP_CIPHER_block_size_CTR 1 /* * Declaring so many ciphers by hand would be a pain. Instead introduce a bit * of preprocessor magic :-) */ -# define DECLARE_AES_EVP(ksize,lmode,umode) \ +# define DECLARE_AES_EVP(ksize,lmode,umode) \ static EVP_CIPHER *_hidden_aes_##ksize##_##lmode = NULL; \ static const EVP_CIPHER *padlock_aes_##ksize##_##lmode(void) \ { \ @@ -626,12 +631,12 @@ padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, AES_set_decrypt_key(key, key_len, &cdata->ks); else AES_set_encrypt_key(key, key_len, &cdata->ks); -# ifndef AES_ASM +# ifndef AES_ASM /* * OpenSSL C functions use byte-swapped extended key. */ padlock_key_bswap(&cdata->ks); -# endif +# endif cdata->cword.b.keygen = 1; break; @@ -714,12 +719,10 @@ static RAND_METHOD padlock_rand = { padlock_rand_status, /* rand status */ }; -# endif /* COMPILE_HW_PADLOCK */ -# endif /* !OPENSSL_NO_HW_PADLOCK */ -#endif /* !OPENSSL_NO_HW */ +# endif /* COMPILE_PADLOCKENG */ +#endif /* !OPENSSL_NO_PADLOCKENG */ -#if defined(OPENSSL_NO_HW) || defined(OPENSSL_NO_HW_PADLOCK) \ - || !defined(COMPILE_HW_PADLOCK) +#if defined(OPENSSL_NO_PADLOCKENG) || !defined(COMPILE_PADLOCKENG) # ifndef OPENSSL_NO_DYNAMIC_ENGINE OPENSSL_EXPORT int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns);