if (cipher != NULL)
{
+ /* Note that str is NULL if a key was passed on the command
+ * line, so we get no salt in that case. Is this a bug?
+ */
if (str != NULL)
{
/* Salt handling: if encrypting generate a salt and
#ifndef NO_RIJNDAEL
for(i=0 ; i < 3 ; ++i)
for(j=0 ; j < 3 ; ++j)
+ {
EVP_add_cipher(EVP_rijndael_ecb(i,j));
+ EVP_add_cipher(EVP_rijndael_cbc(i,j));
+ }
#endif
PKCS12_PBE_add();
PKCS5_PBE_add();
static EVP_CIPHER rd_cipher[3][3];
static int anSizes[]={16,24,32};
-static int anNIDs[3][3]=
+static int anECBNIDs[3][3]=
{
{ NID_rijndael_ecb_k128_b128,NID_rijndael_ecb_k192_b128,NID_rijndael_ecb_k256_b128 },
{ NID_rijndael_ecb_k128_b192,NID_rijndael_ecb_k192_b192,NID_rijndael_ecb_k256_b192 },
{ NID_rijndael_ecb_k128_b256,NID_rijndael_ecb_k192_b256,NID_rijndael_ecb_k256_b256 }
};
-static int rd_init_ecb(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
+static int anCBCNIDs[3][3]=
+ {
+ { NID_rd128_cbc_b128,NID_rd192_cbc_b128,NID_rd256_cbc_b128 },
+ { NID_rd128_cbc_b192,NID_rd192_cbc_b192,NID_rd256_cbc_b192 },
+ { NID_rd128_cbc_b256,NID_rd192_cbc_b256,NID_rd256_cbc_b256 }
+ };
+
+static int rd_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
{
RIJNDAEL_KEY *k=&ctx->c.rijndael;
return 1;
}
+static int rd_cipher_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, unsigned int inl)
+ {
+ int n;
+ unsigned char tmp[16];
+
+ while(inl > 0)
+ {
+ if(ctx->c.rijndael.enc)
+ {
+ for(n=0 ; n < 16 ; ++n)
+ tmp[n]=in[n]^ctx->c.rijndael.iv[n];
+ rijndaelEncrypt(tmp,out,ctx->c.rijndael.keySched,
+ ctx->c.rijndael.rounds);
+ memcpy(ctx->c.rijndael.iv,out,16);
+ }
+ else
+ {
+ rijndaelDecrypt(in,out,ctx->c.rijndael.keySched,
+ ctx->c.rijndael.rounds);
+ for(n=0 ; n < 16 ; ++n)
+ out[n]^=ctx->c.rijndael.iv[n];
+ memcpy(ctx->c.rijndael.iv,in,16);
+ }
+ inl-=16;
+ in+=16;
+ out+=16;
+ }
+ assert(inl == 0);
+
+ return 1;
+ }
+
EVP_CIPHER *EVP_rijndael_ecb(int nBlockLength,int nKeyLength)
{
EVP_CIPHER *c;
memset(c,'\0',sizeof *c);
- c->nid=anNIDs[nBlockLength][nKeyLength];
+ c->nid=anECBNIDs[nBlockLength][nKeyLength];
c->block_size=anSizes[nBlockLength];
c->key_len=anSizes[nKeyLength];
c->iv_len=16;
c->flags=EVP_CIPH_ECB_MODE;
- c->init=rd_init_ecb;
+ c->init=rd_init;
c->do_cipher=rd_cipher_ecb;
c->ctx_size=sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
sizeof((((EVP_CIPHER_CTX *)NULL)->c.rijndael));
return c;
}
+
+EVP_CIPHER *EVP_rijndael_cbc(int nBlockLength,int nKeyLength)
+ {
+ EVP_CIPHER *c;
+
+ if(nBlockLength < 0 || nBlockLength > 2)
+ {
+ EVPerr(EVP_F_EVP_RIJNDAEL,EVP_R_BAD_BLOCK_LENGTH);
+ return NULL;
+ }
+ if(nKeyLength < 0 || nKeyLength > 2)
+ {
+ EVPerr(EVP_F_EVP_RIJNDAEL,EVP_R_BAD_KEY_LENGTH);
+ return NULL;
+ }
+
+ c=&rd_cipher[nKeyLength][nBlockLength];
+
+ memset(c,'\0',sizeof *c);
+
+ c->nid=anCBCNIDs[nBlockLength][nKeyLength];
+ c->block_size=anSizes[nBlockLength];
+ c->key_len=anSizes[nKeyLength];
+ c->iv_len=16;
+ c->flags=EVP_CIPH_CBC_MODE;
+ c->init=rd_init;
+ c->do_cipher=rd_cipher_cbc;
+ c->ctx_size=sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+ sizeof((((EVP_CIPHER_CTX *)NULL)->c.rijndael));
+
+ return c;
+ }
#endif
#ifndef NO_RIJNDAEL
EVP_CIPHER *EVP_rijndael_ecb(int nBlockLength,int nKeyLength);
+EVP_CIPHER *EVP_rijndael_cbc(int nBlockLength,int nKeyLength);
#endif
void OpenSSL_add_all_algorithms(void);
* perl obj_dat.pl objects.h obj_dat.h
*/
-#define NUM_NID 405
-#define NUM_SN 401
-#define NUM_LN 401
+#define NUM_NID 417
+#define NUM_SN 410
+#define NUM_LN 410
#define NUM_OBJ 366
static unsigned char lvalues[2896]={
NID_rijndael_ecb_k192_b256,0,NULL},
{"RIJNDAEL-ECB-K256-B256","rijndael-ecb-k256-b256",
NID_rijndael_ecb_k256_b256,0,NULL},
+{NULL,NULL,NID_undef,0,NULL},
+{NULL,NULL,NID_undef,0,NULL},
+{NULL,NULL,NID_undef,0,NULL},
+{"RD128-CBC-B128","rd128-cbc-b128",NID_rd128_cbc_b128,0,NULL},
+{"RD192-CBC-B128","rd192-cbc-b128",NID_rd192_cbc_b128,0,NULL},
+{"RD256-CBC-B128","rd256-cbc-b128",NID_rd256_cbc_b128,0,NULL},
+{"RD128-CBC-B192","rd128-cbc-b192",NID_rd128_cbc_b192,0,NULL},
+{"RD192-CBC-B192","rd192-cbc-b192",NID_rd192_cbc_b192,0,NULL},
+{"RD256-CBC-B192","rd256-cbc-b192",NID_rd256_cbc_b192,0,NULL},
+{"RD128-CBC-B256","rd128-cbc-b256",NID_rd128_cbc_b256,0,NULL},
+{"RD192-CBC-B256","rd192-cbc-b256",NID_rd192_cbc_b256,0,NULL},
+{"RD256-CBC-B256","rd256-cbc-b256",NID_rd256_cbc_b256,0,NULL},
};
static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[122]),/* "RC5-CFB" */
&(nid_objs[121]),/* "RC5-ECB" */
&(nid_objs[123]),/* "RC5-OFB" */
+&(nid_objs[408]),/* "RD128-CBC-B128" */
+&(nid_objs[411]),/* "RD128-CBC-B192" */
+&(nid_objs[414]),/* "RD128-CBC-B256" */
+&(nid_objs[409]),/* "RD192-CBC-B128" */
+&(nid_objs[412]),/* "RD192-CBC-B192" */
+&(nid_objs[415]),/* "RD192-CBC-B256" */
+&(nid_objs[410]),/* "RD256-CBC-B128" */
+&(nid_objs[413]),/* "RD256-CBC-B192" */
+&(nid_objs[416]),/* "RD256-CBC-B256" */
&(nid_objs[396]),/* "RIJNDAEL-ECB-K128-B128" */
&(nid_objs[399]),/* "RIJNDAEL-ECB-K128-B192" */
&(nid_objs[402]),/* "RIJNDAEL-ECB-K128-B256" */
&(nid_objs[122]),/* "rc5-cfb" */
&(nid_objs[121]),/* "rc5-ecb" */
&(nid_objs[123]),/* "rc5-ofb" */
+&(nid_objs[408]),/* "rd128-cbc-b128" */
+&(nid_objs[411]),/* "rd128-cbc-b192" */
+&(nid_objs[414]),/* "rd128-cbc-b256" */
+&(nid_objs[409]),/* "rd192-cbc-b128" */
+&(nid_objs[412]),/* "rd192-cbc-b192" */
+&(nid_objs[415]),/* "rd192-cbc-b256" */
+&(nid_objs[410]),/* "rd256-cbc-b128" */
+&(nid_objs[413]),/* "rd256-cbc-b192" */
+&(nid_objs[416]),/* "rd256-cbc-b256" */
&(nid_objs[396]),/* "rijndael-ecb-k128-b128" */
&(nid_objs[399]),/* "rijndael-ecb-k128-b192" */
&(nid_objs[402]),/* "rijndael-ecb-k128-b256" */
#define LN_rijndael_ecb_k256_b256 "rijndael-ecb-k256-b256"
#define NID_rijndael_ecb_k256_b256 404
+#define SN_rd128_cbc_b128 "RD128-CBC-B128"
+#define LN_rd128_cbc_b128 "rd128-cbc-b128"
+#define NID_rd128_cbc_b128 408
+
+#define SN_rd192_cbc_b128 "RD192-CBC-B128"
+#define LN_rd192_cbc_b128 "rd192-cbc-b128"
+#define NID_rd192_cbc_b128 409
+
+#define SN_rd256_cbc_b128 "RD256-CBC-B128"
+#define LN_rd256_cbc_b128 "rd256-cbc-b128"
+#define NID_rd256_cbc_b128 410
+
+#define SN_rd128_cbc_b192 "RD128-CBC-B192"
+#define LN_rd128_cbc_b192 "rd128-cbc-b192"
+#define NID_rd128_cbc_b192 411
+
+#define SN_rd192_cbc_b192 "RD192-CBC-B192"
+#define LN_rd192_cbc_b192 "rd192-cbc-b192"
+#define NID_rd192_cbc_b192 412
+
+#define SN_rd256_cbc_b192 "RD256-CBC-B192"
+#define LN_rd256_cbc_b192 "rd256-cbc-b192"
+#define NID_rd256_cbc_b192 413
+
+#define SN_rd128_cbc_b256 "RD128-CBC-B256"
+#define LN_rd128_cbc_b256 "rd128-cbc-b256"
+#define NID_rd128_cbc_b256 414
+
+#define SN_rd192_cbc_b256 "RD192-CBC-B256"
+#define LN_rd192_cbc_b256 "rd192-cbc-b256"
+#define NID_rd192_cbc_b256 415
+
+#define SN_rd256_cbc_b256 "RD256-CBC-B256"
+#define LN_rd256_cbc_b256 "rd256-cbc-b256"
+#define NID_rd256_cbc_b256 416
+
rijndael_ecb_k128_b256 402
rijndael_ecb_k192_b256 403
rijndael_ecb_k256_b256 404
+rd128_cbc 405
+rd192_cbc 406
+rd256_cbc 407
+rd128_cbc_b128 408
+rd192_cbc_b128 409
+rd256_cbc_b128 410
+rd128_cbc_b192 411
+rd192_cbc_b192 412
+rd256_cbc_b192 413
+rd128_cbc_b256 414
+rd192_cbc_b256 415
+rd256_cbc_b256 416
: RIJNDAEL-ECB-K128-B256: rijndael-ecb-k128-b256
: RIJNDAEL-ECB-K192-B256: rijndael-ecb-k192-b256
: RIJNDAEL-ECB-K256-B256: rijndael-ecb-k256-b256
+ : RD128-CBC-B128 : rd128-cbc-b128
+ : RD192-CBC-B128 : rd192-cbc-b128
+ : RD256-CBC-B128 : rd256-cbc-b128
+ : RD128-CBC-B192 : rd128-cbc-b192
+ : RD192-CBC-B192 : rd192-cbc-b192
+ : RD256-CBC-B192 : rd256-cbc-b192
+ : RD128-CBC-B256 : rd128-cbc-b256
+ : RD192-CBC-B256 : rd192-cbc-b256
+ : RD256-CBC-B256 : rd256-cbc-b256
# or use
#DES_ENC= bx86-elf.o
-CFLAGS= $(INCLUDES) $(CFLAG) -DINTERMEDIATE_VALUE_KAT -DBINARY_KEY_MATERIAL
+CFLAGS= -mpentiumpro $(INCLUDES) $(CFLAG) -DINTERMEDIATE_VALUE_KAT -DBINARY_KEY_MATERIAL -O3 -fexpensive-optimizations -funroll-loops -fforce-addr
GENERAL=Makefile
#TEST=rijndael-test-fst.c table.128 table.192 table.256
$(RANLIB) $(LIB)
@touch lib
+$(LIBOBJ): $(LIBSRC)
+
files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS
},
+ /* Cipher ?? */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_RD_128_SHA,
+ TLS1_CK_RSA_WITH_RD_128_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_RD|SSL_SHA |SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ 0,
+ 128,
+ 128,
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
+ },
#endif
/* end of list */
#define SSL_TXT_RC4 "RC4"
#define SSL_TXT_RC2 "RC2"
#define SSL_TXT_IDEA "IDEA"
+#define SSL_TXT_RD "RD"
#define SSL_TXT_MD5 "MD5"
#define SSL_TXT_SHA1 "SHA1"
#define SSL_TXT_SHA "SHA"
int SSL_library_init(void)
{
+ int k;
+
#ifndef NO_DES
EVP_add_cipher(EVP_des_cbc());
EVP_add_cipher(EVP_des_ede3_cbc());
#endif
#ifndef NO_RC2
EVP_add_cipher(EVP_rc2_cbc());
-#endif
+#endif
+ for(k=0 ; k < 2 ; ++k)
+ EVP_add_cipher(EVP_rijndael_cbc(0,k));
#ifndef NO_MD2
EVP_add_digest(EVP_md2());
EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
#endif
-
/* If you want support for phased out ciphers, add the following */
#if 0
EVP_add_digest(EVP_sha());
#define SSL_ENC_IDEA_IDX 4
#define SSL_ENC_eFZA_IDX 5
#define SSL_ENC_NULL_IDX 6
-#define SSL_ENC_NUM_IDX 7
+#define SSL_ENC_RD128_IDX 7
+#define SSL_ENC_RD192_IDX 8
+#define SSL_ENC_RD256_IDX 9
+#define SSL_ENC_NUM_IDX 10
static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
NULL,NULL,NULL,NULL,NULL,NULL,
{0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0},
+ {0,SSL_TXT_RD, 0,SSL_RD, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0},
{0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0},
EVP_get_cipherbyname(SN_rc2_cbc);
ssl_cipher_methods[SSL_ENC_IDEA_IDX]=
EVP_get_cipherbyname(SN_idea_cbc);
+ ssl_cipher_methods[SSL_ENC_RD128_IDX]=
+ EVP_get_cipherbyname(SN_rd128_cbc_b128);
+ ssl_cipher_methods[SSL_ENC_RD192_IDX]=
+ EVP_get_cipherbyname(SN_rd192_cbc_b128);
+ ssl_cipher_methods[SSL_ENC_RD256_IDX]=
+ EVP_get_cipherbyname(SN_rd256_cbc_b128);
ssl_digest_methods[SSL_MD_MD5_IDX]=
EVP_get_digestbyname(SN_md5);
case SSL_eNULL:
i=SSL_ENC_NULL_IDX;
break;
+ case SSL_RD:
+ switch(c->alg_bits)
+ {
+ case 128: i=SSL_ENC_RD128_IDX; break;
+ case 192: i=SSL_ENC_RD192_IDX; break;
+ case 256: i=SSL_ENC_RD256_IDX; break;
+ default: i=-1; break;
+ }
+ break;
default:
i= -1;
break;
mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0;
+ mask |= (ssl_cipher_methods[SSL_ENC_RD128_IDX] == NULL) ? SSL_RD:0;
mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
case SSL_eNULL:
enc="None";
break;
+ case SSL_RD:
+ switch(cipher->strength_bits == 128)
+ {
+ case 128: enc="Rijndael(128)"; break;
+ case 192: enc="Rijndael(192)"; break;
+ case 256: enc="Rijndael(256)"; break;
+ default: enc="Rijndael(???)"; break;
+ }
+ break;
default:
enc="unknown";
break;
#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA)
#define SSL_KRB5 (SSL_kKRB5|SSL_aKRB5)
-#define SSL_ENC_MASK 0x0007F000L
+#define SSL_ENC_MASK 0x0087F000L
#define SSL_DES 0x00001000L
#define SSL_3DES 0x00002000L
#define SSL_RC4 0x00004000L
#define SSL_IDEA 0x00010000L
#define SSL_eFZA 0x00020000L
#define SSL_eNULL 0x00040000L
+#define SSL_RD 0x00800000L
#define SSL_MAC_MASK 0x00180000L
#define SSL_MD5 0x00080000L
#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064
#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065
#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066
+ /* not yet real */
+#define TLS1_CK_RSA_WITH_RD_128_SHA 0x03000067
/* XXX
* Inconsistency alert:
#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA"
#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA"
#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
+ /* Not yet real */
+#define TLS1_TXT_RSA_WITH_RD_128_SHA "RD128-SHA"
#define TLS_CT_RSA_SIGN 1
projects / openssl.git / commitdiff