Add AES counter mode to EVP.
authorAndy Polyakov <appro@openssl.org>
Tue, 23 Feb 2010 16:48:41 +0000 (16:48 +0000)
committerAndy Polyakov <appro@openssl.org>
Tue, 23 Feb 2010 16:48:41 +0000 (16:48 +0000)
crypto/evp/c_allc.c
crypto/evp/e_aes.c
crypto/evp/evp.h
crypto/evp/evp_err.c
crypto/evp/evptests.txt

index c5f9268..b262ac0 100644 (file)
@@ -166,9 +166,7 @@ void OpenSSL_add_all_ciphers(void)
        EVP_add_cipher(EVP_aes_128_cfb1());
        EVP_add_cipher(EVP_aes_128_cfb8());
        EVP_add_cipher(EVP_aes_128_ofb());
-#if 0
        EVP_add_cipher(EVP_aes_128_ctr());
-#endif
        EVP_add_cipher_alias(SN_aes_128_cbc,"AES128");
        EVP_add_cipher_alias(SN_aes_128_cbc,"aes128");
        EVP_add_cipher(EVP_aes_192_ecb());
@@ -177,9 +175,7 @@ void OpenSSL_add_all_ciphers(void)
        EVP_add_cipher(EVP_aes_192_cfb1());
        EVP_add_cipher(EVP_aes_192_cfb8());
        EVP_add_cipher(EVP_aes_192_ofb());
-#if 0
        EVP_add_cipher(EVP_aes_192_ctr());
-#endif
        EVP_add_cipher_alias(SN_aes_192_cbc,"AES192");
        EVP_add_cipher_alias(SN_aes_192_cbc,"aes192");
        EVP_add_cipher(EVP_aes_256_ecb());
@@ -188,9 +184,7 @@ void OpenSSL_add_all_ciphers(void)
        EVP_add_cipher(EVP_aes_256_cfb1());
        EVP_add_cipher(EVP_aes_256_cfb8());
        EVP_add_cipher(EVP_aes_256_ofb());
-#if 0
        EVP_add_cipher(EVP_aes_256_ctr());
-#endif
        EVP_add_cipher_alias(SN_aes_256_cbc,"AES256");
        EVP_add_cipher_alias(SN_aes_256_cbc,"aes256");
 #endif
index bd6c0a3..afc802b 100644 (file)
@@ -96,17 +96,77 @@ IMPLEMENT_AES_CFBR(128,8)
 IMPLEMENT_AES_CFBR(192,8)
 IMPLEMENT_AES_CFBR(256,8)
 
+static int aes_counter (EVP_CIPHER_CTX *ctx, unsigned char *out,
+               const unsigned char *in, size_t len)
+{
+       AES_ctr128_encrypt (in,out,len,
+               &((EVP_AES_KEY *)ctx->cipher_data)->ks,
+               ctx->iv,ctx->buf,&ctx->num);
+       return 1;
+}
+
+static const EVP_CIPHER aes_128_ctr_cipher=
+       {
+       NID_aes_128_ctr,1,16,16,
+       EVP_CIPH_VARIABLE_LENGTH|EVP_CIPH_CUSTOM_IV,
+       aes_init_key,
+       aes_counter,
+       NULL,
+       sizeof(EVP_AES_KEY),
+       NULL,
+       NULL,
+       NULL,
+       NULL
+       };
+
+const EVP_CIPHER *EVP_aes_128_ctr (void)
+{      return &aes_128_ctr_cipher;     }
+
+static const EVP_CIPHER aes_192_ctr_cipher=
+       {
+       NID_aes_192_ctr,1,24,16,
+       EVP_CIPH_VARIABLE_LENGTH|EVP_CIPH_CUSTOM_IV,
+       aes_init_key,
+       aes_counter,
+       NULL,
+       sizeof(EVP_AES_KEY),
+       NULL,
+       NULL,
+       NULL,
+       NULL
+       };
+
+const EVP_CIPHER *EVP_aes_192_ctr (void)
+{      return &aes_192_ctr_cipher;     }
+
+static const EVP_CIPHER aes_256_ctr_cipher=
+       {
+       NID_aes_256_ctr,1,32,16,
+       EVP_CIPH_VARIABLE_LENGTH|EVP_CIPH_CUSTOM_IV,
+       aes_init_key,
+       aes_counter,
+       NULL,
+       sizeof(EVP_AES_KEY),
+       NULL,
+       NULL,
+       NULL,
+       NULL
+       };
+
+const EVP_CIPHER *EVP_aes_256_ctr (void)
+{      return &aes_256_ctr_cipher;     }
+
 static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                   const unsigned char *iv, int enc)
        {
        int ret;
 
-       if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE
-           || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE
-           || enc) 
-               ret=AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
-       else
+       if (((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_ECB_MODE
+           || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CBC_MODE)
+           && !enc) 
                ret=AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
+       else
+               ret=AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
 
        if(ret < 0)
                {
@@ -114,6 +174,16 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                return 0;
                }
 
+       if (ctx->cipher->flags&EVP_CIPH_CUSTOM_IV)
+               {
+               if (iv!=NULL)
+                       memcpy (ctx->iv,iv,ctx->cipher->iv_len);
+               else    {
+                       EVPerr(EVP_F_AES_INIT_KEY,EVP_R_AES_IV_SETUP_FAILED);
+                       return 0;
+                       }
+               }
+
        return 1;
        }
 
index 2fa1141..50f2241 100644 (file)
@@ -741,9 +741,7 @@ const EVP_CIPHER *EVP_aes_128_cfb8(void);
 const EVP_CIPHER *EVP_aes_128_cfb128(void);
 # define EVP_aes_128_cfb EVP_aes_128_cfb128
 const EVP_CIPHER *EVP_aes_128_ofb(void);
-#if 0
 const EVP_CIPHER *EVP_aes_128_ctr(void);
-#endif
 const EVP_CIPHER *EVP_aes_192_ecb(void);
 const EVP_CIPHER *EVP_aes_192_cbc(void);
 const EVP_CIPHER *EVP_aes_192_cfb1(void);
@@ -751,9 +749,7 @@ const EVP_CIPHER *EVP_aes_192_cfb8(void);
 const EVP_CIPHER *EVP_aes_192_cfb128(void);
 # define EVP_aes_192_cfb EVP_aes_192_cfb128
 const EVP_CIPHER *EVP_aes_192_ofb(void);
-#if 0
 const EVP_CIPHER *EVP_aes_192_ctr(void);
-#endif
 const EVP_CIPHER *EVP_aes_256_ecb(void);
 const EVP_CIPHER *EVP_aes_256_cbc(void);
 const EVP_CIPHER *EVP_aes_256_cfb1(void);
@@ -761,10 +757,8 @@ const EVP_CIPHER *EVP_aes_256_cfb8(void);
 const EVP_CIPHER *EVP_aes_256_cfb128(void);
 # define EVP_aes_256_cfb EVP_aes_256_cfb128
 const EVP_CIPHER *EVP_aes_256_ofb(void);
-#if 0
 const EVP_CIPHER *EVP_aes_256_ctr(void);
 #endif
-#endif
 #ifndef OPENSSL_NO_CAMELLIA
 const EVP_CIPHER *EVP_camellia_128_ecb(void);
 const EVP_CIPHER *EVP_camellia_128_cbc(void);
@@ -1263,6 +1257,7 @@ void ERR_load_EVP_strings(void);
 #define EVP_F_RC5_CTRL                                  125
 
 /* Reason codes. */
+#define EVP_R_AES_IV_SETUP_FAILED                       162
 #define EVP_R_AES_KEY_SETUP_FAILED                      143
 #define EVP_R_ASN1_LIB                                  140
 #define EVP_R_BAD_BLOCK_LENGTH                          136
index 794b86c..64a96d6 100644 (file)
@@ -1,6 +1,6 @@
 /* crypto/evp/evp_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2009 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2010 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -140,6 +140,7 @@ static ERR_STRING_DATA EVP_str_functs[]=
 
 static ERR_STRING_DATA EVP_str_reasons[]=
        {
+{ERR_REASON(EVP_R_AES_IV_SETUP_FAILED)   ,"aes iv setup failed"},
 {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED)  ,"aes key setup failed"},
 {ERR_REASON(EVP_R_ASN1_LIB)              ,"asn1 lib"},
 {ERR_REASON(EVP_R_BAD_BLOCK_LENGTH)      ,"bad block length"},
index beb1214..c273707 100644 (file)
@@ -158,6 +158,19 @@ AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7B
 AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0
 AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0
 
+# AES Counter test vectors from RFC3686
+aes-128-ctr:AE6852F8121067CC4BF7A5765577F39E:00000030000000000000000000000001:53696E676C6520626C6F636B206D7367:E4095D4FB7A7B3792D6175A3261311B8:1
+aes-128-ctr:7E24067817FAE0D743D6CE1F32539163:006CB6DBC0543B59DA48D90B00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28:1
+aes-128-ctr:7691BE035E5020A8AC6E618529F9A0DC:00E0017B27777F3F4A1786F000000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F:1
+
+aes-192-ctr:16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515:0000004836733C147D6D93CB00000001:53696E676C6520626C6F636B206D7367:4B55384FE259C9C84E7935A003CBE928:1
+aes-192-ctr:7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A:0096B03B020C6EADC2CB500D00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:453243FC609B23327EDFAAFA7131CD9F8490701C5AD4A79CFC1FE0FF42F4FB00:1
+aes-192-ctr:02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE:0007BDFD5CBD60278DCC091200000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:96893FC55E5C722F540B7DD1DDF7E758D288BC95C69165884536C811662F2188ABEE0935:1
+
+aes-256-ctr:776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104:00000060DB5672C97AA8F0B200000001:53696E676C6520626C6F636B206D7367:145AD01DBF824EC7560863DC71E3E0C0:1
+aes-256-ctr:F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884:00FAAC24C1585EF15A43D87500000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C:1
+aes-256-ctr:FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D:001CC5B751A51D70A1C1114800000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8:1
+
 # DES ECB tests (from destest)
 
 DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7